package apoc.load;

import apoc.ApocConfig;
import apoc.Extended;
import apoc.util.Util;
import com.unboundid.ldap.sdk.Attribute;
import com.unboundid.ldap.sdk.LDAPConnection;
import com.unboundid.ldap.sdk.LDAPException;
import com.unboundid.ldap.sdk.LDAPURL;
import com.unboundid.ldap.sdk.SearchResult;
import com.unboundid.ldap.sdk.SearchResultEntry;
import com.unboundid.ldap.sdk.SearchScope;
import com.unboundid.ldap.sdk.unboundidds.logs.v2.syntax.DNLogFieldSyntax;
import com.unboundid.util.ssl.SSLUtil;
import com.unboundid.util.ssl.TrustAllTrustManager;
import java.security.GeneralSecurityException;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.stream.Stream;
import javax.net.ssl.SSLSocketFactory;
import org.neo4j.logging.Log;
import org.neo4j.procedure.Context;
import org.neo4j.procedure.Description;
import org.neo4j.procedure.Mode;
import org.neo4j.procedure.Name;
import org.neo4j.procedure.Procedure;

@Extended
/* loaded from: input_file:apoc/load/LoadLdap.class */
public class LoadLdap {

    @Context
    public Log log;

    /* loaded from: input_file:apoc/load/LoadLdap$LDAPManager.class */
    public static class LDAPManager {
        private static final String LDAP_HOST_P = "ldapHost";
        private static final String LDAP_LOGIN_DN_P = "loginDN";
        private static final String LDAP_LOGIN_PW_P = "loginPW";
        private static final String LDAP_SSL = "ssl";
        private static final String SEARCH_BASE_P = "searchBase";
        private static final String SEARCH_SCOPE_P = "searchScope";
        private static final String SEARCH_FILTER_P = "searchFilter";
        private static final String SEARCH_ATTRIBUTES_P = "attributes";
        private static final String SCOPE_BASE = "SCOPE_BASE";
        private static final String SCOPE_ONE = "SCOPE_ONE";
        private static final String SCOPE_SUB = "SCOPE_SUB";
        private int ldapPort;
        private String ldapHost;
        private String loginDN;
        private String password;
        private boolean ssl;
        private LDAPConnection lc;
        private List<String> attributeList;

        public LDAPManager(Map<String, Object> map) {
            String str = (String) map.get(LDAP_HOST_P);
            if (str.indexOf(":") > -1) {
                this.ldapHost = str.substring(0, str.indexOf(":"));
                this.ldapPort = Integer.parseInt(str.substring(str.indexOf(":") + 1));
            } else {
                this.ldapHost = str;
                this.ldapPort = LDAPURL.DEFAULT_LDAP_PORT;
            }
            this.loginDN = (String) map.get(LDAP_LOGIN_DN_P);
            this.password = (String) map.get(LDAP_LOGIN_PW_P);
            this.ssl = Util.toBoolean(map.get(LDAP_SSL));
        }

        public Stream<LDAPResult> executeSearch(Map<String, Object> map) {
            try {
                return (Stream) doSearch(map).getSearchEntries().stream().map(searchResultEntry -> {
                    return getMapFromEntry(searchResultEntry, this.attributeList);
                }).map(LDAPResult::new).onClose(() -> {
                    closeIt(this.lc);
                });
            } catch (Exception e) {
                throw new RuntimeException(e);
            }
        }

        private Map<String, Object> getMapFromEntry(SearchResultEntry searchResultEntry, List<String> list) {
            LinkedHashMap linkedHashMap = new LinkedHashMap(list.size() + 1);
            linkedHashMap.put(DNLogFieldSyntax.SYNTAX_NAME, searchResultEntry.getDN());
            if (list.isEmpty()) {
                searchResultEntry.getAttributes().forEach(attribute -> {
                    linkedHashMap.put(attribute.getName(), readValue(attribute));
                });
            } else {
                for (String str : list) {
                    Object readValue = readValue(searchResultEntry.getAttribute(str));
                    if (readValue != null) {
                        linkedHashMap.put(str, readValue);
                    }
                }
            }
            return linkedHashMap;
        }

        private Object readValue(Attribute attribute) {
            if (attribute == null) {
                return null;
            }
            return attribute.size() == 1 ? attribute.getValue() : attribute.getValues();
        }

        public SearchResult doSearch(Map<String, Object> map) {
            int i;
            String str = (String) map.get(SEARCH_BASE_P);
            String str2 = (String) map.getOrDefault(SEARCH_FILTER_P, "(objectClass=*)");
            String str3 = (String) map.get(SEARCH_SCOPE_P);
            this.attributeList = (List) map.get(SEARCH_ATTRIBUTES_P);
            if (this.attributeList == null) {
                this.attributeList = new ArrayList();
            }
            boolean z = -1;
            switch (str3.hashCode()) {
                case 322974204:
                    if (str3.equals(SCOPE_BASE)) {
                        z = false;
                        break;
                    }
                    break;
                case 564620731:
                    if (str3.equals(SCOPE_ONE)) {
                        z = true;
                        break;
                    }
                    break;
                case 564624789:
                    if (str3.equals(SCOPE_SUB)) {
                        z = 2;
                        break;
                    }
                    break;
            }
            switch (z) {
                case false:
                    i = 0;
                    break;
                case true:
                    i = 1;
                    break;
                case true:
                    i = 2;
                    break;
                default:
                    throw new RuntimeException("Invalid scope:" + str3 + ". value scopes are SCOPE_BASE, SCOPE_ONE and SCOPE_SUB");
            }
            int i2 = i;
            try {
                this.lc = getConnection();
                SearchScope valueOf = SearchScope.valueOf(i2);
                return this.attributeList.isEmpty() ? this.lc.search(str, valueOf, str2, new String[0]) : this.lc.search(str, valueOf, str2, (String[]) this.attributeList.toArray(new String[0]));
            } catch (Exception e) {
                throw new RuntimeException(e);
            }
        }

        public static void closeIt(LDAPConnection lDAPConnection) {
            try {
                lDAPConnection.close();
            } catch (Exception e) {
            }
        }

        private LDAPConnection getConnection() throws GeneralSecurityException, LDAPException {
            this.lc = new LDAPConnection(getSocketFactory());
            this.lc.connect(this.ldapHost, this.ldapPort);
            this.lc.bind(this.loginDN, this.password);
            return this.lc;
        }

        private SSLSocketFactory getSocketFactory() throws GeneralSecurityException {
            if (this.ssl || this.ldapPort == 636) {
                return new SSLUtil(new TrustAllTrustManager()).createSSLSocketFactory();
            }
            return null;
        }
    }

    @Procedure(name = "apoc.load.ldap", mode = Mode.READ)
    @Description("apoc.load.ldap(\"key\" or {connectionMap},{searchMap}) Load entries from an ldap source (yield entry)")
    public Stream<LDAPResult> ldapQuery(@Name("connection") Object obj, @Name("search") Map<String, Object> map) {
        return new LDAPManager(getConnectionMap(obj, this.log)).executeSearch(map);
    }

    public static Map<String, Object> getConnectionMap(Object obj, Log log) {
        if (!(obj instanceof String)) {
            return (Map) obj;
        }
        String formatted = "apoc.loadldap.%s.config".formatted(obj);
        String string = ApocConfig.apocConfig().getString(formatted);
        if (string == null) {
            String formatted2 = "apoc.loadldap%s.config".formatted(obj);
            string = ApocConfig.apocConfig().getString(formatted2);
            if (string != null && log != null) {
                log.warn("Not to cause breaking-change, the current config `%s` is valid,\nbut in future releases it will be removed in favor of `%s` (with dot before `%s`),\nas documented here: https://neo4j.com/labs/apoc/5/database-integration/load-ldap/#_credentials.\n".formatted(formatted2, formatted, obj));
            }
        }
        if (string == null) {
            throw new RuntimeException("No " + formatted + " ldap access configuration specified");
        }
        HashMap hashMap = new HashMap();
        String[] split = string.split(" ");
        hashMap.put("ldapHost", split[0]);
        hashMap.put("loginDN", split[1]);
        hashMap.put("loginPW", split[2]);
        return hashMap;
    }
}
