package org.apache.kerby.has.plugins.server.ldap;

import java.io.IOException;
import org.apache.directory.api.ldap.model.exception.LdapInvalidAttributeValueException;
import org.apache.kerby.has.common.HasException;
import org.apache.kerby.has.server.AbstractHasServerPlugin;
import org.apache.kerby.has.server.HasAuthenException;
import org.apache.kerby.kerberos.kerb.type.base.AuthToken;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/kerby/has/plugins/server/ldap/LDAPServerPlugin.class */
public class LDAPServerPlugin extends AbstractHasServerPlugin {
    public static final Logger LOG = LoggerFactory.getLogger(LDAPServerPlugin.class);

    public String getLoginType() {
        return "LDAP";
    }

    public void doAuthenticate(AuthToken authToken, AuthToken authToken2) throws HasAuthenException {
        String str = (String) authToken.getAttributes().get("ldap_user");
        String str2 = (String) authToken.getAttributes().get("ldap_pwd");
        if (str == null || str2 == null) {
            LOG.error("LDAP: user or pwd is null");
            throw new HasAuthenException("LDAP: user or pwd is null");
        }
        try {
            if (!LDAPUtils.doUserAuth(str, str2)) {
                throw new HasAuthenException("LDAP user auth failed");
            }
            authToken2.setIssuer(authToken.getIssuer());
            authToken2.setSubject(str);
            authToken2.setExpirationTime(authToken.getExpiredTime());
            authToken2.addAttribute("passPhrase", str2);
        } catch (HasException | IOException | LdapInvalidAttributeValueException e) {
            throw new HasAuthenException("LDAP user auth failed. " + e.getMessage());
        }
    }
}
