package org.apache.kerby.has.plugins.server.ldap;

import java.io.IOException;
import org.apache.directory.api.ldap.model.entry.Entry;
import org.apache.directory.api.ldap.model.exception.LdapException;
import org.apache.directory.api.ldap.model.exception.LdapInvalidAttributeValueException;
import org.apache.directory.api.ldap.model.exception.LdapInvalidDnException;
import org.apache.directory.api.ldap.model.name.Dn;
import org.apache.directory.api.ldap.model.name.Rdn;
import org.apache.directory.api.ldap.model.password.PasswordUtil;
import org.apache.directory.ldap.client.api.LdapNetworkConnection;
import org.apache.kerby.has.common.HasException;
import org.apache.kerby.has.plugins.server.ldap.conf.LDAPServerConf;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/kerby/has/plugins/server/ldap/LDAPUtils.class */
public class LDAPUtils {
    public static final Logger LOG = LoggerFactory.getLogger(LDAPUtils.class);
    private static String ldapServerConfDir = "/etc/has/";
    private static LDAPServerConf ldapServerConf;

    /* JADX WARN: Finally extract failed */
    public static boolean doUserAuth(String str, String str2) throws HasException, IOException, LdapInvalidAttributeValueException {
        LdapNetworkConnection ldapNetworkConnection = new LdapNetworkConnection(ldapServerConf.getHost(), Integer.parseInt(ldapServerConf.getPort()));
        try {
            ldapNetworkConnection.bind(ldapServerConf.getBindDN(), ldapServerConf.getBindPwd());
            try {
                try {
                    try {
                        Entry lookup = ldapNetworkConnection.lookup(new Dn(new Rdn(ldapServerConf.getUserNameAttr(), str), new Dn(new String[]{ldapServerConf.getBaseDN()})));
                        ldapNetworkConnection.close();
                        if (lookup == null) {
                            throw new HasException("Please check your user name: " + str);
                        }
                        try {
                            if (PasswordUtil.compareCredentials(str2.getBytes(), lookup.get("userpassword").getBytes())) {
                                return true;
                            }
                            throw new HasException("Wrong user password.");
                        } catch (LdapInvalidAttributeValueException e) {
                            throw new HasException(e.getMessage());
                        }
                    } catch (LdapException e2) {
                        throw new HasException(e2.getMessage());
                    }
                } catch (Throwable th) {
                    ldapNetworkConnection.close();
                    throw th;
                }
            } catch (LdapInvalidDnException e3) {
                ldapNetworkConnection.close();
                throw new HasException(e3.getMessage());
            }
        } catch (LdapException e4) {
            ldapNetworkConnection.close();
            throw new HasException("Failed to bind. " + e4.getMessage());
        }
    }

    static {
        ldapServerConf = null;
        try {
            ldapServerConf = new LDAPServerConf(ldapServerConfDir);
        } catch (Exception e) {
            LOG.error("load conf failed,", e);
        }
    }
}
