package org.apache.archiva.redback.users.ldap.ctl;

import java.util.Collection;
import java.util.HashMap;
import java.util.HashSet;
import java.util.LinkedHashSet;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import javax.annotation.PostConstruct;
import javax.inject.Inject;
import javax.inject.Named;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.BasicAttribute;
import javax.naming.directory.BasicAttributes;
import javax.naming.directory.DirContext;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import org.apache.archiva.redback.common.ldap.MappingException;
import org.apache.archiva.redback.common.ldap.user.LdapUser;
import org.apache.archiva.redback.common.ldap.user.LdapUserMapper;
import org.apache.archiva.redback.common.ldap.user.UserMapper;
import org.apache.archiva.redback.configuration.UserConfiguration;
import org.apache.archiva.redback.configuration.UserConfigurationKeys;
import org.apache.archiva.redback.policy.PasswordEncoder;
import org.apache.archiva.redback.policy.encoders.SHA1PasswordEncoder;
import org.apache.archiva.redback.users.User;
import org.apache.archiva.redback.users.UserManager;
import org.apache.archiva.redback.users.ldap.LdapUserQuery;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Service;

@Service
/* loaded from: input_file:WEB-INF/lib/redback-users-ldap-2.2.jar:org/apache/archiva/redback/users/ldap/ctl/DefaultLdapController.class */
public class DefaultLdapController implements LdapController {

    @Inject
    @Named("userMapper#ldap")
    private UserMapper mapper;

    @Inject
    @Named("userConfiguration#default")
    private UserConfiguration userConf;
    private PasswordEncoder passwordEncoder;
    private String baseDn;
    private String groupsDn;
    private Logger log = LoggerFactory.getLogger(getClass());
    private boolean writableLdap = false;
    private String ldapGroupClass = "groupOfUniqueNames";

    @Override // org.apache.archiva.redback.users.ldap.ctl.LdapController
    @PostConstruct
    public void initialize() {
        this.writableLdap = this.userConf.getBoolean(UserConfigurationKeys.LDAP_WRITABLE, this.writableLdap);
        this.baseDn = this.userConf.getConcatenatedList(UserConfigurationKeys.LDAP_BASEDN, null);
        this.passwordEncoder = new SHA1PasswordEncoder();
        this.groupsDn = this.userConf.getConcatenatedList(UserConfigurationKeys.LDAP_GROUPS_BASEDN, this.groupsDn);
        this.ldapGroupClass = this.userConf.getString(UserConfigurationKeys.LDAP_GROUPS_CLASS, this.ldapGroupClass);
    }

    @Override // org.apache.archiva.redback.users.ldap.ctl.LdapController
    public void removeUser(String str, DirContext dirContext) throws LdapControllerException {
    }

    @Override // org.apache.archiva.redback.users.ldap.ctl.LdapController
    public void updateUser(User user, DirContext dirContext) throws LdapControllerException, MappingException {
    }

    @Override // org.apache.archiva.redback.users.ldap.ctl.LdapController
    public boolean userExists(String str, DirContext dirContext) throws LdapControllerException {
        NamingEnumeration<SearchResult> namingEnumeration = null;
        try {
            try {
                namingEnumeration = searchUsers(str, dirContext);
                boolean hasMoreElements = namingEnumeration.hasMoreElements();
                if (namingEnumeration != null) {
                    try {
                        namingEnumeration.close();
                    } catch (NamingException e) {
                        this.log.warn("Error closing search results", e);
                    }
                }
                return hasMoreElements;
            } catch (NamingException e2) {
                throw new LdapControllerException("Error searching for the existence of user: " + str, e2);
            }
        } catch (Throwable th) {
            if (namingEnumeration != null) {
                try {
                    namingEnumeration.close();
                } catch (NamingException e3) {
                    this.log.warn("Error closing search results", e3);
                }
            }
            throw th;
        }
    }

    protected NamingEnumeration<SearchResult> searchUsers(String str, DirContext dirContext) throws NamingException {
        LdapUserQuery ldapUserQuery = new LdapUserQuery();
        ldapUserQuery.setUsername(str);
        return searchUsers(dirContext, null, ldapUserQuery);
    }

    protected NamingEnumeration<SearchResult> searchUsers(DirContext dirContext) throws NamingException {
        return searchUsers(dirContext, null, null);
    }

    protected NamingEnumeration<SearchResult> searchUsers(DirContext dirContext, String[] strArr) throws NamingException {
        return searchUsers(dirContext, strArr, null);
    }

    protected NamingEnumeration<SearchResult> searchUsers(DirContext dirContext, String[] strArr, LdapUserQuery ldapUserQuery) throws NamingException {
        if (ldapUserQuery == null) {
            ldapUserQuery = new LdapUserQuery();
        }
        SearchControls searchControls = new SearchControls();
        searchControls.setDerefLinkFlag(true);
        searchControls.setSearchScope(2);
        searchControls.setReturningAttributes(this.mapper.getReturningAttributes());
        searchControls.setCountLimit(((LdapUserMapper) this.mapper).getMaxResultCount());
        String str = ("(&(objectClass=" + this.mapper.getUserObjectClass() + ")") + (this.mapper.getUserFilter() != null ? this.mapper.getUserFilter() : "") + (ldapUserQuery.getLdapFilter(this.mapper) + ")");
        this.log.debug("Searching for users with filter: '{}' from base dn: {}", str, this.mapper.getUserBaseDn());
        return dirContext.search(this.mapper.getUserBaseDn(), str, searchControls);
    }

    @Override // org.apache.archiva.redback.users.ldap.ctl.LdapController
    public Collection<User> getUsers(DirContext dirContext) throws LdapControllerException, MappingException {
        NamingEnumeration<SearchResult> namingEnumeration = null;
        try {
            try {
                namingEnumeration = searchUsers(dirContext, null, null);
                LinkedHashSet linkedHashSet = new LinkedHashSet();
                while (namingEnumeration.hasMoreElements()) {
                    linkedHashSet.add(this.mapper.getUser(((SearchResult) namingEnumeration.nextElement()).getAttributes()));
                }
                if (namingEnumeration != null) {
                    try {
                        namingEnumeration.close();
                    } catch (NamingException e) {
                        this.log.warn("failed to close search results", e);
                    }
                }
                return linkedHashSet;
            } catch (NamingException e2) {
                throw new LdapControllerException("Failed to retrieve ldap information for users.", e2);
            }
        } catch (Throwable th) {
            if (namingEnumeration != null) {
                try {
                    namingEnumeration.close();
                } catch (NamingException e3) {
                    this.log.warn("failed to close search results", e3);
                }
            }
            throw th;
        }
    }

    @Override // org.apache.archiva.redback.users.ldap.ctl.LdapController
    public List<User> getUsersByQuery(LdapUserQuery ldapUserQuery, DirContext dirContext) throws LdapControllerException, MappingException {
        NamingEnumeration<SearchResult> namingEnumeration = null;
        try {
            try {
                namingEnumeration = searchUsers(dirContext, null, ldapUserQuery);
                LinkedList linkedList = new LinkedList();
                while (namingEnumeration.hasMoreElements()) {
                    linkedList.add(this.mapper.getUser(((SearchResult) namingEnumeration.nextElement()).getAttributes()));
                }
                if (namingEnumeration != null) {
                    try {
                        namingEnumeration.close();
                    } catch (NamingException e) {
                        this.log.warn("failed to close search results", e);
                    }
                }
                return linkedList;
            } catch (Throwable th) {
                if (namingEnumeration != null) {
                    try {
                        namingEnumeration.close();
                    } catch (NamingException e2) {
                        this.log.warn("failed to close search results", e2);
                    }
                }
                throw th;
            }
        } catch (NamingException e3) {
            throw new LdapControllerException("Failed to retrieve ldap information for users.", e3);
        }
    }

    @Override // org.apache.archiva.redback.users.ldap.ctl.LdapController
    public void createUser(User user, DirContext dirContext, boolean z) throws LdapControllerException, MappingException {
        if (user == null) {
            return;
        }
        if (user.getUsername().equals(UserManager.GUEST_USERNAME)) {
            this.log.warn("skip user '{}' creation");
            return;
        }
        if (userExists(user.getUsername(), dirContext)) {
            this.log.debug("user '{}' exists skip creation", user.getUsername());
        } else if (this.writableLdap) {
            try {
                bindUserObject(dirContext, user);
                this.log.info("user {} created in ldap", user.getUsername());
            } catch (NamingException e) {
                throw new LdapControllerException(e.getMessage(), e);
            }
        }
    }

    private void bindUserObject(DirContext dirContext, User user) throws NamingException {
        BasicAttributes basicAttributes = new BasicAttributes(true);
        BasicAttribute basicAttribute = new BasicAttribute("objectClass");
        basicAttribute.add("top");
        basicAttribute.add("inetOrgPerson");
        basicAttribute.add("person");
        basicAttribute.add("organizationalperson");
        basicAttributes.put(basicAttribute);
        basicAttributes.put("cn", user.getUsername());
        basicAttributes.put("sn", "foo");
        if (StringUtils.isNotEmpty(user.getEmail())) {
            basicAttributes.put("mail", user.getEmail());
        }
        if (this.userConf.getBoolean(UserConfigurationKeys.LDAP_BIND_AUTHENTICATOR_ALLOW_EMPTY_PASSWORDS, false) && StringUtils.isNotEmpty(user.getPassword())) {
            basicAttributes.put("userPassword", this.passwordEncoder.encodePassword(user.getPassword()));
        }
        basicAttributes.put("givenName", "foo");
        dirContext.createSubcontext("cn=" + user.getUsername() + "," + getBaseDn(), basicAttributes);
    }

    @Override // org.apache.archiva.redback.users.ldap.ctl.LdapController
    public LdapUser getUser(String str, DirContext dirContext) throws LdapControllerException, MappingException {
        this.log.debug("Searching for user: {}", str);
        LdapUserQuery ldapUserQuery = new LdapUserQuery();
        ldapUserQuery.setUsername(str);
        NamingEnumeration<SearchResult> namingEnumeration = null;
        try {
            try {
                namingEnumeration = searchUsers(dirContext, null, ldapUserQuery);
                if (!namingEnumeration.hasMoreElements()) {
                    if (namingEnumeration != null) {
                        try {
                            namingEnumeration.close();
                        } catch (NamingException e) {
                            this.log.warn("failed to close search results", e);
                        }
                    }
                    return null;
                }
                SearchResult searchResult = (SearchResult) namingEnumeration.nextElement();
                this.log.info("Found user: {}", str);
                LdapUser user = this.mapper.getUser(searchResult.getAttributes());
                if (namingEnumeration != null) {
                    try {
                        namingEnumeration.close();
                    } catch (NamingException e2) {
                        this.log.warn("failed to close search results", e2);
                    }
                }
                return user;
            } catch (NamingException e3) {
                throw new LdapControllerException("Failed to retrieve information for user: " + str, e3);
            }
        } catch (Throwable th) {
            if (namingEnumeration != null) {
                try {
                    namingEnumeration.close();
                } catch (NamingException e4) {
                    this.log.warn("failed to close search results", e4);
                }
            }
            throw th;
        }
    }

    @Override // org.apache.archiva.redback.users.ldap.ctl.LdapController
    public Map<String, Collection<String>> findUsersWithRoles(DirContext dirContext) throws LdapControllerException {
        HashMap hashMap = new HashMap();
        NamingEnumeration namingEnumeration = null;
        try {
            try {
                SearchControls searchControls = new SearchControls();
                searchControls.setDerefLinkFlag(true);
                searchControls.setSearchScope(2);
                namingEnumeration = dirContext.search(getGroupsDn(), "objectClass=" + getLdapGroupClass(), searchControls);
                while (namingEnumeration.hasMore()) {
                    SearchResult searchResult = (SearchResult) namingEnumeration.next();
                    String substringAfter = StringUtils.substringAfter(searchResult.getName(), "=");
                    Attribute attribute = searchResult.getAttributes().get("uniquemember");
                    if (attribute != null) {
                        NamingEnumeration all = attribute.getAll();
                        while (all.hasMore()) {
                            String substringBefore = StringUtils.substringBefore(StringUtils.substringAfter((String) all.next(), "="), ",");
                            Collection collection = (Collection) hashMap.get(substringBefore);
                            if (collection == null) {
                                collection = new HashSet();
                            }
                            collection.add(substringAfter);
                            hashMap.put(substringBefore, collection);
                        }
                    }
                    this.log.debug("found groupName: '{}' with users: {}", substringAfter);
                }
                if (namingEnumeration != null) {
                    try {
                        namingEnumeration.close();
                    } catch (NamingException e) {
                        this.log.warn("failed to close search results", e);
                    }
                }
                return hashMap;
            } catch (Throwable th) {
                if (namingEnumeration != null) {
                    try {
                        namingEnumeration.close();
                    } catch (NamingException e2) {
                        this.log.warn("failed to close search results", e2);
                    }
                }
                throw th;
            }
        } catch (NamingException e3) {
            throw new LdapControllerException(e3.getMessage(), e3);
        }
    }

    public UserMapper getMapper() {
        return this.mapper;
    }

    public void setMapper(UserMapper userMapper) {
        this.mapper = userMapper;
    }

    public UserConfiguration getUserConf() {
        return this.userConf;
    }

    public void setUserConf(UserConfiguration userConfiguration) {
        this.userConf = userConfiguration;
    }

    public boolean isWritableLdap() {
        return this.writableLdap;
    }

    public void setWritableLdap(boolean z) {
        this.writableLdap = z;
    }

    public PasswordEncoder getPasswordEncoder() {
        return this.passwordEncoder;
    }

    public void setPasswordEncoder(PasswordEncoder passwordEncoder) {
        this.passwordEncoder = passwordEncoder;
    }

    public String getBaseDn() {
        return this.baseDn;
    }

    public void setBaseDn(String str) {
        this.baseDn = str;
    }

    public String getGroupsDn() {
        return this.groupsDn;
    }

    public void setGroupsDn(String str) {
        this.groupsDn = str;
    }

    public String getLdapGroupClass() {
        return this.ldapGroupClass;
    }

    public void setLdapGroupClass(String str) {
        this.ldapGroupClass = str;
    }
}
