package org.romaframework.module.users;

import java.util.ArrayList;
import java.util.HashMap;
import java.util.Hashtable;
import java.util.List;
import java.util.Map;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.naming.ldap.Control;
import javax.naming.ldap.InitialLdapContext;
import org.romaframework.aspect.authentication.AuthenticationException;
import org.romaframework.aspect.persistence.QueryByFilter;
import org.romaframework.core.Roma;
import org.romaframework.module.users.domain.BaseAccount;
import org.romaframework.module.users.domain.BaseAccountStatus;

/* loaded from: input_file:org/romaframework/module/users/LdapAuthentication.class */
public class LdapAuthentication extends UsersAuthentication {
    protected List<String> nonLdapUsers = new ArrayList();
    protected String domain;
    protected String ldapHost;
    protected String searchBase;
    protected AccountBinder accountBinder;
    protected List<String> returnedAttributes;

    @Override // org.romaframework.module.users.UsersAuthentication
    public Object authenticate(String str, String str2, Map<String, String> map) throws AuthenticationException {
        if (this.nonLdapUsers != null && this.nonLdapUsers.contains(str)) {
            return super.authenticate(str, str2, map);
        }
        Map<?, ?> authenticateLdap = authenticateLdap(str, str2);
        BaseAccount baseAccount = null;
        AccountBinder accountBinder = this.accountBinder;
        if (accountBinder == null) {
            accountBinder = new SimpleAccountBinder();
        }
        if (authenticateLdap != null) {
            baseAccount = accountBinder.getAccount(str, authenticateLdap);
        }
        if (baseAccount == null) {
            throwException("Authentication failed");
        }
        QueryByFilter queryByFilter = new QueryByFilter(BaseAccountStatus.class);
        queryByFilter.addItem("name", QueryByFilter.FIELD_EQUALS, UsersInfoConstants.STATUS_ACTIVE);
        BaseAccountStatus baseAccountStatus = (BaseAccountStatus) Roma.context().persistence().queryOne(queryByFilter);
        if (baseAccount.getStatus() == null || !baseAccount.getStatus().equals(baseAccountStatus)) {
            throwException("Account " + str + " is not active");
        }
        if (isSingleSessionPerUser()) {
            dropExistingSessions(baseAccount);
        }
        Roma.session().getActiveSessionInfo().setAccount(baseAccount);
        return baseAccount;
    }

    public AccountBinder getAccountBinder() {
        return this.accountBinder;
    }

    public void setAccountBinder(AccountBinder accountBinder) {
        this.accountBinder = accountBinder;
    }

    protected Map<?, ?> authenticateLdap(String str, String str2) {
        String str3 = "(&(objectClass=user)(sAMAccountName=" + str + "))";
        SearchControls searchControls = new SearchControls();
        if (this.returnedAttributes != null && this.returnedAttributes.size() > 0) {
            searchControls.setReturningAttributes((String[]) this.returnedAttributes.toArray(new String[0]));
        }
        searchControls.setSearchScope(2);
        Hashtable hashtable = new Hashtable();
        hashtable.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
        hashtable.put("java.naming.provider.url", this.ldapHost);
        hashtable.put("java.naming.security.authentication", "simple");
        hashtable.put("java.naming.security.principal", str + "@" + this.domain);
        hashtable.put("java.naming.security.credentials", str2);
        try {
            NamingEnumeration search = new InitialLdapContext(hashtable, (Control[]) null).search(this.searchBase, str3, searchControls);
            if (!search.hasMoreElements()) {
                return null;
            }
            Attributes attributes = ((SearchResult) search.next()).getAttributes();
            HashMap hashMap = null;
            if (attributes != null) {
                hashMap = new HashMap();
                NamingEnumeration all = attributes.getAll();
                while (all.hasMore()) {
                    Attribute attribute = (Attribute) all.next();
                    hashMap.put(attribute.getID(), attribute.get());
                }
                all.close();
            }
            return hashMap;
        } catch (NamingException e) {
            e.printStackTrace();
            return null;
        }
    }

    public String getDomain() {
        return this.domain;
    }

    public void setDomain(String str) {
        this.domain = str;
    }

    public String getLdapHost() {
        return this.ldapHost;
    }

    public void setLdapHost(String str) {
        this.ldapHost = str;
    }

    public String getSearchBase() {
        return this.searchBase;
    }

    public void setSearchBase(String str) {
        this.searchBase = str;
    }

    public List<String> getReturnedAttributes() {
        return this.returnedAttributes;
    }

    public void setReturnedAttributes(List<String> list) {
        this.returnedAttributes = list;
    }

    public List<String> getNonLdapUsers() {
        return this.nonLdapUsers;
    }

    public void setNonLdapUsers(List<String> list) {
        this.nonLdapUsers = list;
    }
}
