package net.tirasa.connid.bundles.ad.search;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import javax.naming.InvalidNameException;
import javax.naming.NamingException;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.naming.ldap.LdapName;
import net.tirasa.adsddl.ntsd.utils.GUID;
import net.tirasa.adsddl.ntsd.utils.Hex;
import net.tirasa.connid.bundles.ad.ADConfiguration;
import net.tirasa.connid.bundles.ad.ADConnection;
import net.tirasa.connid.bundles.ad.ADConnector;
import net.tirasa.connid.bundles.ad.util.ADUtilities;
import net.tirasa.connid.bundles.ldap.LdapConnection;
import net.tirasa.connid.bundles.ldap.commons.LdapConstants;
import net.tirasa.connid.bundles.ldap.search.LdapFilter;
import net.tirasa.connid.bundles.ldap.search.LdapInternalSearch;
import net.tirasa.connid.bundles.ldap.search.LdapSearchResultsHandler;
import net.tirasa.connid.bundles.ldap.search.LdapSearchStrategy;
import net.tirasa.connid.bundles.ldap.search.LdapSearches;
import org.identityconnectors.common.StringUtil;
import org.identityconnectors.common.logging.Log;
import org.identityconnectors.framework.common.objects.ObjectClass;
import org.identityconnectors.framework.common.objects.OperationOptions;
import org.identityconnectors.framework.common.objects.QualifiedUid;
import org.identityconnectors.framework.common.objects.ResultsHandler;
import org.identityconnectors.framework.spi.SearchResultsHandler;

/* loaded from: input_file:WEB-INF/bundles/net.tirasa.connid.bundles.ad-1.3.6.jar:net/tirasa/connid/bundles/ad/search/ADSearch.class */
public class ADSearch {
    private final LdapConnection conn;
    private final ResultsHandler handler;
    private final ObjectClass oclass;
    private final LdapFilter filter;
    private final OperationOptions options;
    private final String[] baseDNs;
    private final ADUtilities utils;
    private static final Log LOG;
    static final /* synthetic */ boolean $assertionsDisabled;

    public ADSearch(LdapConnection ldapConnection, ObjectClass objectClass, LdapFilter ldapFilter, ResultsHandler resultsHandler, OperationOptions operationOptions, String[] strArr) {
        this.conn = ldapConnection;
        this.oclass = objectClass;
        this.filter = ldapFilter;
        this.handler = resultsHandler;
        this.options = operationOptions;
        this.baseDNs = strArr;
        this.utils = new ADUtilities((ADConnection) this.conn);
    }

    public ADSearch(LdapConnection ldapConnection, ObjectClass objectClass, LdapFilter ldapFilter, ResultsHandler resultsHandler, OperationOptions operationOptions) {
        this(ldapConnection, objectClass, ldapFilter, resultsHandler, operationOptions, objectClass.is(ObjectClass.ACCOUNT_NAME) ? ((ADConfiguration) ldapConnection.getConfiguration()).getUserBaseContexts() : objectClass.is(ObjectClass.GROUP_NAME) ? ((ADConfiguration) ldapConnection.getConfiguration()).getGroupBaseContexts() : ((ADConfiguration) ldapConnection.getConfiguration()).getBaseContextsToSynchronize());
    }

    public final void executeADQuery(final ResultsHandler resultsHandler) {
        final Set<String> attributesToGet = this.utils.getAttributesToGet(this.options.getAttributesToGet(), this.oclass);
        getInternalSearch(attributesToGet).execute(new LdapSearchResultsHandler() { // from class: net.tirasa.connid.bundles.ad.search.ADSearch.1
            @Override // net.tirasa.connid.bundles.ldap.search.LdapSearchResultsHandler
            public boolean handle(String str, SearchResult searchResult) throws NamingException {
                return resultsHandler.handle(ADSearch.this.utils.createConnectorObject(searchResult.getNameInNamespace(), searchResult, attributesToGet, ADSearch.this.oclass));
            }
        });
    }

    private LdapInternalSearch getInternalSearch(Set<String> set) {
        LdapSearchStrategy newDefaultSearchStrategy;
        List<String> baseDNs;
        int i;
        String entryDN = this.filter == null ? null : this.filter.getEntryDN();
        if (entryDN == null) {
            newDefaultSearchStrategy = getSearchStrategy();
            baseDNs = getBaseDNs();
            i = getLdapSearchScope();
        } else {
            newDefaultSearchStrategy = this.conn.getConfiguration().newDefaultSearchStrategy(true);
            try {
                baseDNs = buildBaseContextFilter(entryDN);
            } catch (InvalidNameException e) {
                LOG.error(e, "Error building entry DN filter starting from '{0}'", entryDN);
                baseDNs = getBaseDNs();
            }
            i = 0;
        }
        SearchControls createDefaultSearchControls = LdapInternalSearch.createDefaultSearchControls();
        Set<String> ldapAttributesToGet = this.utils.getLdapAttributesToGet(set, this.oclass);
        createDefaultSearchControls.setReturningAttributes((String[]) ldapAttributesToGet.toArray(new String[ldapAttributesToGet.size()]));
        createDefaultSearchControls.setSearchScope(i);
        String searchFilter = LdapConstants.getSearchFilter(this.options);
        if (LOG.isOk()) {
            LOG.ok("Options filter: {0} " + searchFilter, new Object[0]);
        }
        String accountSearchFilter = this.oclass.equals(ObjectClass.ACCOUNT) ? this.conn.getConfiguration().getAccountSearchFilter() : ((ADConfiguration) this.conn.getConfiguration()).getGroupSearchFilter();
        if (LOG.isOk()) {
            LOG.ok("Search filter: {0} " + accountSearchFilter, new Object[0]);
        }
        String nativeFilter = this.filter != null ? this.filter.getNativeFilter() : null;
        if (LOG.isOk()) {
            LOG.ok("Native filter: {0} " + nativeFilter, new Object[0]);
        }
        String membershipSearchFilter = this.oclass.equals(ObjectClass.ACCOUNT) ? this.utils.getMembershipSearchFilter((ADConfiguration) this.conn.getConfiguration()) : null;
        if (LOG.isOk()) {
            LOG.ok("Membership filter: {0} " + membershipSearchFilter, new Object[0]);
        }
        return new LdapInternalSearch(this.conn, getSearchFilter(searchFilter, nativeFilter, accountSearchFilter, membershipSearchFilter), baseDNs, newDefaultSearchStrategy, createDefaultSearchControls);
    }

    private List<String> buildBaseContextFilter(String str) throws InvalidNameException {
        LdapName ldapName;
        ArrayList arrayList = new ArrayList();
        try {
            ldapName = new LdapName(str);
        } catch (InvalidNameException e) {
            LOG.info(e, "'{0}' is not am entry DN. Let's try derive it", str);
            ldapName = new LdapName(String.format("CN=%s", str));
        }
        Iterator<String> it = getBaseDNs().iterator();
        while (it.hasNext()) {
            LdapName ldapName2 = new LdapName(it.next());
            if (ldapName.startsWith(ldapName2)) {
                return Collections.singletonList(ldapName.toString());
            }
            arrayList.add(ldapName2.addAll(ldapName).toString());
        }
        return arrayList;
    }

    private String getSearchFilter(String... strArr) {
        StringBuilder sb = new StringBuilder();
        String objectClassFilter = getObjectClassFilter();
        int i = StringUtil.isBlank(objectClassFilter) ? 0 : 1;
        for (String str : strArr) {
            i += StringUtil.isBlank(str) ? 0 : 1;
        }
        if (i > 1) {
            sb.append("(&");
        }
        appendFilter(objectClassFilter, sb);
        for (String str2 : strArr) {
            appendFilter(str2, sb);
        }
        if (i > 1) {
            sb.append(')');
        }
        String sb2 = sb.toString();
        String lowerCase = sb2.toLowerCase();
        String lowerCase2 = ADConnector.OBJECTGUID.toLowerCase();
        StringBuilder sb3 = new StringBuilder();
        int i2 = 0;
        do {
            int indexOf = lowerCase.indexOf(lowerCase2, i2);
            if (indexOf >= 0) {
                indexOf += 11;
                sb3.append(sb2.substring(i2, indexOf));
                i2 += indexOf + 36;
                sb3.append(Hex.getEscaped(GUID.getGuidAsByteArray(sb2.substring(indexOf, i2))));
            } else {
                sb3.append(sb2.substring(i2, sb2.length()));
            }
            if (indexOf < 0) {
                break;
            }
        } while (i2 < sb2.length());
        return sb3.toString();
    }

    private LdapSearchStrategy getSearchStrategy() {
        LdapSearchStrategy newDefaultSearchStrategy;
        if (this.options.getPageSize() == null) {
            newDefaultSearchStrategy = this.conn.getConfiguration().newDefaultSearchStrategy(true);
        } else if (this.conn.getConfiguration().isUseVlvControls() && this.conn.supportsControl("2.16.840.1.113730.3.4.9")) {
            newDefaultSearchStrategy = new ADVlvIndexSearchStrategy(this.conn.getConfiguration().getVlvSortAttribute(), this.options.getPageSize().intValue());
        } else if (this.conn.supportsControl("1.2.840.113556.1.4.319")) {
            newDefaultSearchStrategy = new ADPagedSearchStrategy(this.options.getPageSize().intValue(), this.options.getPagedResultsCookie(), this.options.getPagedResultsOffset(), this.handler instanceof SearchResultsHandler ? (SearchResultsHandler) this.handler : null, this.options.getSortKeys());
        } else {
            newDefaultSearchStrategy = this.conn.getConfiguration().newDefaultSearchStrategy(true);
        }
        return newDefaultSearchStrategy;
    }

    private static void appendFilter(String str, StringBuilder sb) {
        if (StringUtil.isBlank(str)) {
            return;
        }
        String trim = str.trim();
        boolean z = str.charAt(0) != '(';
        if (z) {
            sb.append('(');
        }
        sb.append(trim);
        if (z) {
            sb.append(')');
        }
    }

    private List<String> getBaseDNs() {
        QualifiedUid container = this.options.getContainer();
        List<String> singletonList = container != null ? Collections.singletonList(LdapSearches.findEntryDN(this.conn, container.getObjectClass(), container.getUid())) : Arrays.asList(this.baseDNs);
        if ($assertionsDisabled || singletonList != null) {
            return singletonList;
        }
        throw new AssertionError();
    }

    private String getObjectClassFilter() {
        StringBuilder sb = new StringBuilder();
        List<String> ldapClasses = this.conn.getSchemaMapping().getLdapClasses(this.oclass);
        boolean z = ldapClasses.size() > 1;
        if (z) {
            sb.append("(&");
        }
        for (String str : ldapClasses) {
            sb.append("(objectClass=");
            sb.append(str);
            sb.append(')');
        }
        if (z) {
            sb.append(')');
        }
        return sb.toString();
    }

    private int getLdapSearchScope() {
        String scope = this.options.getScope();
        if (scope == null) {
            scope = this.oclass.is(ObjectClass.ACCOUNT_NAME) ? ((ADConfiguration) this.conn.getConfiguration()).getUserSearchScope() : ((ADConfiguration) this.conn.getConfiguration()).getGroupSearchScope();
        }
        if ("object".equals(scope)) {
            return 0;
        }
        if (OperationOptions.SCOPE_ONE_LEVEL.equals(scope)) {
            return 1;
        }
        if (OperationOptions.SCOPE_SUBTREE.equals(scope) || scope == null) {
            return 2;
        }
        throw new IllegalArgumentException("Invalid search scope " + scope);
    }

    static {
        $assertionsDisabled = !ADSearch.class.desiredAssertionStatus();
        LOG = Log.getLog(ADSearch.class);
    }
}
