package com.yammer.dropwizard.authenticator;

import com.google.common.base.Preconditions;
import com.yammer.dropwizard.auth.AuthenticationException;
import com.yammer.dropwizard.auth.basic.BasicCredentials;
import com.yammer.metrics.Metrics;
import com.yammer.metrics.core.Timer;
import com.yammer.metrics.core.TimerContext;
import java.util.Hashtable;
import javax.naming.NamingException;
import javax.naming.directory.InitialDirContext;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/yammer/dropwizard/authenticator/LdapAuthenticator.class */
public class LdapAuthenticator {
    private static final Logger LOG = LoggerFactory.getLogger(LdapAuthenticator.class);
    private static final Timer LDAP_AUTHENTICATION_TIMER = Metrics.defaultRegistry().newTimer(LdapAuthenticator.class, "authenticate");
    protected final LdapConfiguration configuration;

    public LdapAuthenticator(LdapConfiguration ldapConfiguration) {
        this.configuration = (LdapConfiguration) Preconditions.checkNotNull(ldapConfiguration);
    }

    public boolean canAuthenticate() {
        try {
            new InitialDirContext(contextConfiguration()).close();
            return true;
        } catch (Exception e) {
            return false;
        }
    }

    public boolean authenticate(BasicCredentials basicCredentials) throws AuthenticationException {
        TimerContext time = LDAP_AUTHENTICATION_TIMER.time();
        try {
            String sanitizeUsername = sanitizeUsername(basicCredentials.getUsername());
            Hashtable<String, String> contextConfiguration = contextConfiguration();
            contextConfiguration.put("java.naming.security.principal", String.format(this.configuration.getSecurityPrincipal(), sanitizeUsername));
            contextConfiguration.put("java.naming.security.credentials", sanitizeUsername);
            try {
                new InitialDirContext(contextConfiguration).close();
                time.stop();
                return true;
            } catch (NamingException e) {
                throw new AuthenticationException(String.format("LDAP Authentication failure (username: %s)", sanitizeUsername), e);
            } catch (javax.naming.AuthenticationException e2) {
                LOG.debug("{} failed to authenticate. {}", sanitizeUsername, e2);
                time.stop();
                return false;
            }
        } catch (Throwable th) {
            time.stop();
            throw th;
        }
    }

    private Hashtable<String, String> contextConfiguration() {
        Hashtable<String, String> hashtable = new Hashtable<>();
        hashtable.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
        hashtable.put("java.naming.provider.url", this.configuration.getUri().toString());
        hashtable.put("com.sun.jndi.ldap.connect.timeout", String.valueOf(this.configuration.getConnectTimeout().toMilliseconds()));
        hashtable.put("com.sun.jndi.ldap.read.timeout", String.valueOf(this.configuration.getReadTimeout().toMilliseconds()));
        hashtable.put("com.sun.jndi.ldap.connect.pool", "true");
        return hashtable;
    }

    private static String sanitizeUsername(String str) {
        return str.replaceAll("[^A-Za-z0-9-_.]", "");
    }
}
