package org.apache.geode.security.generator;

import java.security.Principal;
import java.util.Properties;
import java.util.Random;
import org.apache.geode.internal.logging.LogService;
import org.apache.geode.security.generator.CredentialGenerator;
import org.apache.geode.security.templates.LdapUserAuthenticator;
import org.apache.geode.security.templates.UserPasswordAuthInit;
import org.apache.geode.test.dunit.Assert;
import org.apache.geode.util.test.TestUtil;
import org.apache.logging.log4j.Logger;

/* loaded from: input_file:org/apache/geode/security/generator/LdapUserCredentialGenerator.class */
public class LdapUserCredentialGenerator extends CredentialGenerator {
    private static final String USER_PREFIX = "gemfire";
    private boolean serverAuthEnabled;
    private static final Logger logger = LogService.getLogger();
    private static final Random RANDOM = new Random();
    private static final String[] CIPHERS = {"", "DESede", "AES:128", "Blowfish:128"};
    private static boolean enableServerAuthentication = false;

    public LdapUserCredentialGenerator() {
        this.serverAuthEnabled = false;
        enableServerAuthentication = !enableServerAuthentication;
        this.serverAuthEnabled = enableServerAuthentication;
    }

    @Override // org.apache.geode.security.generator.CredentialGenerator
    protected Properties initialize() throws IllegalArgumentException {
        String property = System.getProperty("gf.ldap.server", "ldap");
        String property2 = System.getProperty("gf.ldap.basedn", "ou=ldapTesting,dc=pune,dc=gemstone,dc=com");
        String property3 = System.getProperty("gf.ldap.usessl");
        Properties properties = new Properties();
        properties.setProperty(LdapUserAuthenticator.LDAP_SERVER_NAME, property);
        properties.setProperty(LdapUserAuthenticator.LDAP_BASEDN_NAME, property2);
        if (property3 != null && property3.length() > 0) {
            properties.setProperty(LdapUserAuthenticator.LDAP_SSL_NAME, property3);
        }
        if (this.serverAuthEnabled) {
            properties.setProperty("security-server-kspath", TestUtil.getResourcePath(LdapUserCredentialGenerator.class, PKCSCredentialGenerator.keyStoreDir + "/gemfire1.keystore"));
            properties.setProperty("security-server-ksalias", "gemfire.");
            properties.setProperty("security-server-kspasswd", USER_PREFIX);
        }
        Assert.assertNotNull(properties.getProperty(LdapUserAuthenticator.LDAP_BASEDN_NAME));
        logger.info("Generating LdapUserCredentialGenerator with {}", properties);
        return properties;
    }

    @Override // org.apache.geode.security.generator.CredentialGenerator
    public CredentialGenerator.ClassCode classCode() {
        return CredentialGenerator.ClassCode.LDAP;
    }

    @Override // org.apache.geode.security.generator.CredentialGenerator
    public String getAuthInit() {
        return UserPasswordAuthInit.class.getName() + ".create";
    }

    @Override // org.apache.geode.security.generator.CredentialGenerator
    public String getAuthenticator() {
        return LdapUserAuthenticator.class.getName() + ".create";
    }

    @Override // org.apache.geode.security.generator.CredentialGenerator
    public Properties getValidCredentials(int i) {
        Properties properties = new Properties();
        properties.setProperty("security-username", USER_PREFIX + ((i % 10) + 1));
        properties.setProperty("security-password", USER_PREFIX + ((i % 10) + 1));
        properties.setProperty("security-client-dhalgo", CIPHERS[RANDOM.nextInt(CIPHERS.length)]);
        if (this.serverAuthEnabled) {
            properties.setProperty("security-client-kspath", TestUtil.getResourcePath(PKCSCredentialGenerator.class, PKCSCredentialGenerator.keyStoreDir + "/publickeyfile"));
            properties.setProperty("security-client-kspasswd", USER_PREFIX);
        }
        return properties;
    }

    @Override // org.apache.geode.security.generator.CredentialGenerator
    public Properties getValidCredentials(Principal principal) {
        boolean z;
        Properties properties = null;
        String name = principal.getName();
        if (name != null && name.startsWith(USER_PREFIX)) {
            try {
                int parseInt = Integer.parseInt(name.substring(USER_PREFIX.length()));
                z = parseInt >= 1 && parseInt <= 10;
            } catch (Exception e) {
                z = false;
            }
            if (z) {
                properties = new Properties();
                properties.setProperty("security-username", name);
                properties.setProperty("security-password", name);
            }
        }
        if (properties == null) {
            throw new IllegalArgumentException("LDAP: [" + name + "] not a valid user");
        }
        properties.setProperty("security-client-dhalgo", CIPHERS[RANDOM.nextInt(CIPHERS.length)]);
        if (this.serverAuthEnabled) {
            properties.setProperty("security-client-kspath", TestUtil.getResourcePath(PKCSCredentialGenerator.class, PKCSCredentialGenerator.keyStoreDir + "/publickeyfile"));
            properties.setProperty("security-client-kspasswd", USER_PREFIX);
        }
        return properties;
    }

    @Override // org.apache.geode.security.generator.CredentialGenerator
    public Properties getInvalidCredentials(int i) {
        Properties properties = new Properties();
        properties.setProperty("security-username", "invalid" + i);
        properties.setProperty("security-password", "none");
        properties.setProperty("security-client-dhalgo", CIPHERS[RANDOM.nextInt(CIPHERS.length)]);
        if (this.serverAuthEnabled) {
            properties.setProperty("security-client-kspath", TestUtil.getResourcePath(PKCSCredentialGenerator.class, PKCSCredentialGenerator.keyStoreDir + "/publickeyfile"));
            properties.setProperty("security-client-kspasswd", USER_PREFIX);
        }
        return properties;
    }
}
