package technology.openpool.ldap.adapter;

import java.nio.charset.StandardCharsets;
import org.apache.directory.api.ldap.model.constants.AuthenticationLevel;
import org.apache.directory.api.ldap.model.exception.LdapAuthenticationException;
import org.apache.directory.api.ldap.model.exception.LdapException;
import org.apache.directory.api.ldap.model.exception.LdapInvalidDnException;
import org.apache.directory.api.ldap.model.schema.SchemaManager;
import org.apache.directory.server.core.api.LdapPrincipal;
import org.apache.directory.server.core.api.interceptor.context.BindOperationContext;
import org.apache.directory.server.core.authn.AbstractAuthenticator;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import technology.openpool.ldap.adapter.api.LdapUtils;
import technology.openpool.ldap.adapter.api.directory.DirectoryBackend;
import technology.openpool.ldap.adapter.api.directory.exception.DirectoryAccessFailureException;
import technology.openpool.ldap.adapter.api.directory.exception.EntityNotFoundException;
import technology.openpool.ldap.adapter.api.directory.exception.SecurityProblemException;
import technology.openpool.ldap.adapter.api.exception.InternalServerException;

/* loaded from: input_file:technology/openpool/ldap/adapter/CommonAuthenticator.class */
public class CommonAuthenticator extends AbstractAuthenticator {
    private final Logger logger;
    private final DirectoryBackendFactory directoryBackendFactory;
    private final SchemaManager schemaManager;

    public CommonAuthenticator(DirectoryBackendFactory directoryBackendFactory, SchemaManager schemaManager) {
        super(AuthenticationLevel.SIMPLE);
        this.logger = LoggerFactory.getLogger(CommonAuthenticator.class);
        this.directoryBackendFactory = directoryBackendFactory;
        this.schemaManager = schemaManager;
    }

    public LdapPrincipal authenticate(BindOperationContext bindOperationContext) throws LdapException {
        DirectoryBackend permanentDirectory = this.directoryBackendFactory.getPermanentDirectory();
        try {
            String userIdFromDn = LdapUtils.getUserIdFromDn(this.schemaManager, bindOperationContext.getDn().getName(), permanentDirectory.getId());
            if (userIdFromDn == null) {
                throw new LdapInvalidDnException("Cannot handle unexpected DN=" + bindOperationContext.getDn());
            }
            this.logger.info("[{}] - The user {} with DN={} has been successfully authenticated.", new Object[]{bindOperationContext.getIoSession().getRemoteAddress(), permanentDirectory.getAuthenticatedUser(userIdFromDn, new String(bindOperationContext.getCredentials(), StandardCharsets.UTF_8)).getId(), bindOperationContext.getDn()});
            return new LdapPrincipal(this.schemaManager, bindOperationContext.getDn(), AuthenticationLevel.SIMPLE);
        } catch (DirectoryAccessFailureException | EntityNotFoundException | SecurityProblemException e) {
            this.logger.info("[{}] - Authentication with DN={} could not be performed.", bindOperationContext.getIoSession().getRemoteAddress(), bindOperationContext.getDn());
            this.logger.debug("Authentication failed.", e);
            throw new LdapAuthenticationException(e.getMessage());
        } catch (Exception e2) {
            this.logger.error("The authenticator caught an exception.", e2);
            throw new InternalServerException("The authenticator has detected an internal server error.");
        } catch (LdapInvalidDnException e3) {
            this.logger.info("[{}] - Authentication with incorrect DN={} could not be performed.", bindOperationContext.getIoSession().getRemoteAddress(), bindOperationContext.getDn());
            this.logger.debug("Authentication failed.", e3);
            throw new LdapAuthenticationException(e3.getMessage());
        }
    }
}
