package org.apache.jackrabbit.oak.security.authentication.ldap;

import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.List;
import javax.naming.ldap.Control;
import javax.naming.ldap.InitialLdapContext;
import javax.naming.ldap.LdapContext;
import org.apache.commons.io.FileUtils;
import org.apache.directory.api.ldap.model.entry.DefaultEntry;
import org.apache.directory.api.ldap.model.entry.Entry;
import org.apache.directory.api.ldap.model.exception.LdapException;
import org.apache.directory.api.ldap.model.ldif.LdifEntry;
import org.apache.directory.api.ldap.model.ldif.LdifReader;
import org.apache.directory.api.ldap.model.name.Dn;
import org.apache.directory.api.ldap.schema.manager.impl.DefaultSchemaManager;
import org.apache.directory.server.core.DefaultDirectoryService;
import org.apache.directory.server.core.api.CacheService;
import org.apache.directory.server.core.api.CoreSession;
import org.apache.directory.server.core.api.DirectoryService;
import org.apache.directory.server.core.api.InstanceLayout;
import org.apache.directory.server.core.api.schema.SchemaPartition;
import org.apache.directory.server.core.jndi.CoreContextFactory;
import org.apache.directory.server.core.partition.impl.avl.AvlPartition;
import org.apache.directory.server.core.shared.DefaultDnFactory;
import org.apache.directory.server.ldap.LdapServer;
import org.apache.directory.server.ldap.handlers.extended.StartTlsHandler;
import org.apache.directory.server.ldap.handlers.extended.StoredProcedureExtendedOperationHandler;
import org.apache.directory.server.ldap.handlers.sasl.cramMD5.CramMd5MechanismHandler;
import org.apache.directory.server.ldap.handlers.sasl.digestMD5.DigestMd5MechanismHandler;
import org.apache.directory.server.ldap.handlers.sasl.gssapi.GssapiMechanismHandler;
import org.apache.directory.server.ldap.handlers.sasl.ntlm.NtlmMechanismHandler;
import org.apache.directory.server.ldap.handlers.sasl.plain.PlainMechanismHandler;
import org.apache.directory.server.protocol.shared.transport.TcpTransport;
import org.apache.directory.server.protocol.shared.transport.Transport;
import org.apache.mina.util.AvailablePortFinder;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/jackrabbit/oak/security/authentication/ldap/AbstractServer.class */
public abstract class AbstractServer {
    public static final String EXAMPLE_DN = "dc=example,dc=com";
    private static final Logger LOG = LoggerFactory.getLogger(AbstractServer.class);
    private static final List<LdifEntry> EMPTY_LIST = Collections.unmodifiableList(new ArrayList(0));
    private static final String CTX_FACTORY = "com.sun.jndi.ldap.LdapCtxFactory";
    protected CoreSession rootDSE;
    protected boolean doDelete = true;
    protected int port = -1;
    protected CacheService cacheService;
    protected DirectoryService directoryService;
    protected LdapServer ldapServer;

    /* JADX INFO: Access modifiers changed from: protected */
    public List<LdifEntry> loadLdif(InputStream inputStream) throws Exception {
        return inputStream == null ? EMPTY_LIST : loadLdif(new LdifReader(inputStream));
    }

    protected List<LdifEntry> loadLdif(LdifReader ldifReader) throws Exception {
        ArrayList arrayList = new ArrayList();
        Iterator it = ldifReader.iterator();
        while (it.hasNext()) {
            LdifEntry ldifEntry = (LdifEntry) it.next();
            Dn dn = ldifEntry.getDn();
            if (ldifEntry.isEntry()) {
                this.rootDSE.add(new DefaultEntry(this.directoryService.getSchemaManager(), ldifEntry.getEntry()));
                LOG.info("Added entry {}", dn);
                arrayList.add(ldifEntry);
            }
        }
        return arrayList;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void addEntry(String str) throws Exception {
        loadLdif(new LdifReader(new ByteArrayInputStream(str.getBytes("utf-8"))));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public LdapContext getWiredContext() throws Exception {
        return getWiredContext("uid=admin,ou=system", InternalLdapServer.ADMIN_PW);
    }

    protected LdapContext getWiredContext(String str, String str2) throws Exception {
        Hashtable hashtable = new Hashtable();
        hashtable.put("java.naming.factory.initial", CTX_FACTORY);
        hashtable.put("java.naming.provider.url", "ldap://localhost:" + this.port);
        hashtable.put("java.naming.security.principal", str);
        hashtable.put("java.naming.security.credentials", str2);
        hashtable.put("java.naming.security.authentication", "simple");
        return new InitialLdapContext(hashtable, (Control[]) null);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void setUp() throws Exception {
        File file = new File("target", "apacheds");
        doDelete(file);
        this.directoryService = new DefaultDirectoryService();
        this.directoryService.setShutdownHookEnabled(false);
        this.directoryService.setInstanceLayout(new InstanceLayout(file));
        this.cacheService = new CacheService();
        this.cacheService.initialize(this.directoryService.getInstanceLayout());
        this.directoryService.setSchemaManager(new DefaultSchemaManager());
        this.directoryService.setDnFactory(new DefaultDnFactory(this.directoryService.getSchemaManager(), this.cacheService.getCache("dnCache")));
        AvlPartition avlPartition = new AvlPartition(this.directoryService.getSchemaManager(), this.directoryService.getDnFactory());
        avlPartition.setId("schema");
        avlPartition.setSuffixDn(this.directoryService.getDnFactory().create("cn=schema"));
        SchemaPartition schemaPartition = new SchemaPartition(this.directoryService.getSchemaManager());
        schemaPartition.setWrappedPartition(avlPartition);
        this.directoryService.setSchemaPartition(schemaPartition);
        AvlPartition avlPartition2 = new AvlPartition(this.directoryService.getSchemaManager(), this.directoryService.getDnFactory());
        avlPartition2.setId("system");
        avlPartition2.setSuffixDn(this.directoryService.getDnFactory().create("ou=system"));
        this.directoryService.setSystemPartition(avlPartition2);
        AvlPartition avlPartition3 = new AvlPartition(this.directoryService.getSchemaManager(), this.directoryService.getDnFactory());
        avlPartition3.setId("example");
        avlPartition3.setSuffixDn(this.directoryService.getDnFactory().create(EXAMPLE_DN));
        avlPartition3.setCacheService(this.cacheService);
        this.directoryService.addPartition(avlPartition3);
        this.port = AvailablePortFinder.getNextAvailable(1024);
        this.ldapServer = new LdapServer();
        setupLdapServer();
        setupSaslMechanisms();
        this.directoryService.startup();
        setupExamplePartition();
        this.ldapServer.start();
        setContexts("uid=admin,ou=system", InternalLdapServer.ADMIN_PW);
    }

    protected void setupLdapServer() throws Exception {
        this.ldapServer.setTransports(new Transport[]{new TcpTransport(this.port)});
        this.ldapServer.setDirectoryService(this.directoryService);
        this.ldapServer.addExtendedOperationHandler(new StartTlsHandler());
        this.ldapServer.addExtendedOperationHandler(new StoredProcedureExtendedOperationHandler());
    }

    protected void setupExamplePartition() throws Exception {
        try {
            this.directoryService.getAdminSession().lookup(new Dn(new String[]{EXAMPLE_DN}), new String[0]);
        } catch (LdapException e) {
            Entry newEntry = this.directoryService.newEntry(new Dn(new String[]{EXAMPLE_DN}));
            newEntry.add("objectClass", new String[]{"top", "domain", "extensibleObject"});
            newEntry.add("dc", new String[]{"example"});
            newEntry.add("administrativeRole", new String[]{"accessControlSpecificArea"});
            this.directoryService.getAdminSession().add(newEntry);
            Entry newEntry2 = this.directoryService.newEntry(new Dn(new String[]{"cn=enableSearchForAllUsers,dc=example,dc=com"}));
            newEntry2.add("objectClass", new String[]{"top", "subentry", "accessControlSubentry"});
            newEntry2.add("cn", new String[]{"enableSearchForAllUsers"});
            newEntry2.add("subtreeSpecification", new String[]{"{}"});
            newEntry2.add("prescriptiveACI", new String[]{"{ \n  identificationTag \"enableSearchForAllUsers\",\n  precedence 14,\n  authenticationLevel simple,\n  itemOrUserFirst userFirst: \n  { \n    userClasses { allUsers }, \n    userPermissions \n    { \n      {\n        protectedItems {entry, allUserAttributeTypesAndValues}, \n        grantsAndDenials { grantRead, grantReturnDN, grantBrowse } \n      }\n    } \n  } \n}"});
            this.directoryService.getAdminSession().add(newEntry2);
            this.directoryService.sync();
        }
    }

    public void setMaxSizeLimit(long j) {
        this.ldapServer.setMaxSizeLimit(j);
    }

    private void setupSaslMechanisms() {
        HashMap hashMap = new HashMap();
        hashMap.put("PLAIN", new PlainMechanismHandler());
        hashMap.put("CRAM-MD5", new CramMd5MechanismHandler());
        hashMap.put("DIGEST-MD5", new DigestMd5MechanismHandler());
        hashMap.put("GSSAPI", new GssapiMechanismHandler());
        NtlmMechanismHandler ntlmMechanismHandler = new NtlmMechanismHandler();
        hashMap.put("NTLM", ntlmMechanismHandler);
        hashMap.put("GSS-SPNEGO", ntlmMechanismHandler);
        this.ldapServer.setSaslMechanismHandlers(hashMap);
    }

    protected void doDelete(File file) throws IOException {
        if (this.doDelete) {
            if (file.exists()) {
                FileUtils.deleteDirectory(file);
            }
            if (file.exists()) {
                throw new IOException("Failed to delete: " + file);
            }
        }
    }

    protected void setContexts(String str, String str2) throws Exception {
        Hashtable<String, Object> hashtable = new Hashtable<>();
        hashtable.put(DirectoryService.JNDI_KEY, this.directoryService);
        hashtable.put("java.naming.security.principal", str);
        hashtable.put("java.naming.security.credentials", str2);
        hashtable.put("java.naming.security.authentication", "simple");
        hashtable.put("java.naming.factory.initial", CoreContextFactory.class.getName());
        setContexts(hashtable);
    }

    protected void setContexts(Hashtable<String, Object> hashtable) throws Exception {
        new Hashtable(hashtable).put("java.naming.provider.url", "");
        this.rootDSE = this.directoryService.getAdminSession();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void tearDown() throws Exception {
        if (this.ldapServer != null) {
            this.ldapServer.stop();
        }
        try {
            this.directoryService.shutdown();
        } catch (Exception e) {
        }
        if (this.cacheService != null) {
            this.cacheService.destroy();
        }
    }
}
