package net.tirasa.connid.bundles.ldap.commons;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedHashSet;
import java.util.List;
import java.util.Set;
import java.util.stream.Stream;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.AttributeInUseException;
import javax.naming.directory.BasicAttribute;
import javax.naming.directory.BasicAttributes;
import javax.naming.directory.ModificationItem;
import javax.naming.directory.SearchResult;
import net.tirasa.connid.bundles.ldap.LdapConnection;
import net.tirasa.connid.bundles.ldap.search.LdapSearchResultsHandler;
import net.tirasa.connid.bundles.ldap.search.LdapSearches;
import org.apache.directory.api.ldap.model.constants.SchemaConstants;
import org.hsqldb.Tokens;
import org.identityconnectors.common.logging.Log;
import org.identityconnectors.framework.common.exceptions.ConnectorException;

/* JADX WARN: Classes with same name are omitted:
  input_file:WEB-INF/bundles/net.tirasa.connid.bundles.ad-1.3.7-bundle.jar:lib/net.tirasa.connid.bundles.ldap-1.5.5.jar:net/tirasa/connid/bundles/ldap/commons/GroupHelper.class
 */
/* loaded from: input_file:WEB-INF/bundles/net.tirasa.connid.bundles.ldap-1.5.7-bundle.jar:net/tirasa/connid/bundles/ldap/commons/GroupHelper.class */
public class GroupHelper {
    private static final List<String> OBJECT_CLASSES_WITH_MANDATORY_MEMB_ATTR = Arrays.asList(SchemaConstants.GROUP_OF_NAMES_OC, SchemaConstants.GROUP_OF_UNIQUE_NAMES_OC);
    private static final Log LOG = Log.getLog(GroupHelper.class);
    private final LdapConnection conn;

    /* JADX WARN: Classes with same name are omitted:
      input_file:WEB-INF/bundles/net.tirasa.connid.bundles.ad-1.3.7-bundle.jar:lib/net.tirasa.connid.bundles.ldap-1.5.5.jar:net/tirasa/connid/bundles/ldap/commons/GroupHelper$GroupMembership.class
     */
    /* loaded from: input_file:WEB-INF/bundles/net.tirasa.connid.bundles.ldap-1.5.7-bundle.jar:net/tirasa/connid/bundles/ldap/commons/GroupHelper$GroupMembership.class */
    public static final class GroupMembership {
        private final String memberRef;
        private final String groupDN;

        public GroupMembership(String str, String str2) {
            this.memberRef = str;
            this.groupDN = str2;
        }

        public String getMemberRef() {
            return this.memberRef;
        }

        public String getGroupDN() {
            return this.groupDN;
        }

        public int hashCode() {
            return this.memberRef.hashCode() ^ this.groupDN.hashCode();
        }

        public boolean equals(Object obj) {
            if (!(obj instanceof GroupMembership)) {
                return false;
            }
            GroupMembership groupMembership = (GroupMembership) obj;
            if (this.memberRef.equals(groupMembership.memberRef)) {
                return this.groupDN.equals(groupMembership.groupDN);
            }
            return false;
        }

        public String toString() {
            return "GroupMembership[memberRef: " + this.memberRef + "; groupDN: " + this.groupDN + "]";
        }
    }

    /* JADX WARN: Classes with same name are omitted:
      input_file:WEB-INF/bundles/net.tirasa.connid.bundles.ad-1.3.7-bundle.jar:lib/net.tirasa.connid.bundles.ldap-1.5.5.jar:net/tirasa/connid/bundles/ldap/commons/GroupHelper$Modification.class
     */
    /* loaded from: input_file:WEB-INF/bundles/net.tirasa.connid.bundles.ldap-1.5.7-bundle.jar:net/tirasa/connid/bundles/ldap/commons/GroupHelper$Modification.class */
    public static final class Modification<T> {
        private final Set<T> removed = new LinkedHashSet();
        private final Set<T> added = new LinkedHashSet();
        private Set<T> effectiveAdded;
        private Set<T> effectiveRemoved;

        public void add(T t) {
            this.added.add(t);
            invalidate();
        }

        public void addAll(Collection<? extends T> collection) {
            Iterator<? extends T> it = collection.iterator();
            while (it.hasNext()) {
                this.added.add(it.next());
            }
            invalidate();
        }

        public void clearAdded() {
            this.added.clear();
            invalidate();
        }

        public Set<T> getAdded() {
            if (this.effectiveAdded == null) {
                this.effectiveAdded = new LinkedHashSet(this.added);
                this.effectiveAdded.removeAll(this.removed);
            }
            return this.effectiveAdded;
        }

        public void remove(T t) {
            this.removed.add(t);
            invalidate();
        }

        public void removeAll(Collection<? extends T> collection) {
            Iterator<? extends T> it = collection.iterator();
            while (it.hasNext()) {
                this.removed.add(it.next());
            }
            invalidate();
        }

        public Set<T> getRemoved() {
            if (this.effectiveRemoved == null) {
                this.effectiveRemoved = new LinkedHashSet(this.removed);
                this.effectiveRemoved.removeAll(this.added);
            }
            return this.effectiveRemoved;
        }

        public boolean isEmpty() {
            return this.added.isEmpty() && this.removed.isEmpty();
        }

        private void invalidate() {
            this.effectiveAdded = null;
            this.effectiveRemoved = null;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* JADX WARN: Classes with same name are omitted:
      input_file:WEB-INF/bundles/net.tirasa.connid.bundles.ad-1.3.7-bundle.jar:lib/net.tirasa.connid.bundles.ldap-1.5.5.jar:net/tirasa/connid/bundles/ldap/commons/GroupHelper$ToDNHandler.class
     */
    /* loaded from: input_file:WEB-INF/bundles/net.tirasa.connid.bundles.ldap-1.5.7-bundle.jar:net/tirasa/connid/bundles/ldap/commons/GroupHelper$ToDNHandler.class */
    public static final class ToDNHandler implements LdapSearchResultsHandler {
        private final List<String> results;

        private ToDNHandler() {
            this.results = new ArrayList();
        }

        @Override // net.tirasa.connid.bundles.ldap.search.LdapSearchResultsHandler
        public boolean handle(String str, SearchResult searchResult) throws NamingException {
            this.results.add(LdapEntry.create(str, searchResult).getDN().toString());
            return true;
        }

        public List<String> getResults() {
            return this.results;
        }
    }

    /* JADX WARN: Classes with same name are omitted:
      input_file:WEB-INF/bundles/net.tirasa.connid.bundles.ad-1.3.7-bundle.jar:lib/net.tirasa.connid.bundles.ldap-1.5.5.jar:net/tirasa/connid/bundles/ldap/commons/GroupHelper$ToGroupMembershipHandler.class
     */
    /* loaded from: input_file:WEB-INF/bundles/net.tirasa.connid.bundles.ldap-1.5.7-bundle.jar:net/tirasa/connid/bundles/ldap/commons/GroupHelper$ToGroupMembershipHandler.class */
    private static final class ToGroupMembershipHandler implements LdapSearchResultsHandler {
        private final Set<GroupMembership> results;
        private String memberRef;

        private ToGroupMembershipHandler() {
            this.results = new HashSet();
        }

        public void setMemberRef(String str) {
            this.memberRef = str;
        }

        @Override // net.tirasa.connid.bundles.ldap.search.LdapSearchResultsHandler
        public boolean handle(String str, SearchResult searchResult) throws NamingException {
            this.results.add(new GroupMembership(this.memberRef, LdapEntry.create(str, searchResult).getDN().toString()));
            return true;
        }

        public Set<GroupMembership> getResults() {
            return this.results;
        }
    }

    public GroupHelper(LdapConnection ldapConnection) {
        this.conn = ldapConnection;
    }

    public static String getPosixRefAttribute() {
        return SchemaConstants.UID_AT;
    }

    private String getLdapGroupMemberAttribute() {
        String groupMemberAttribute = this.conn.getConfiguration().getGroupMemberAttribute();
        if (groupMemberAttribute == null) {
            groupMemberAttribute = SchemaConstants.UNIQUE_MEMBER_AT;
        }
        return groupMemberAttribute;
    }

    public List<String> getLdapGroups(String str) {
        LOG.ok("Retrieving LDAP groups for {0}", str);
        String createAttributeFilter = createAttributeFilter(getLdapGroupMemberAttribute(), Collections.singletonList(str));
        ToDNHandler toDNHandler = new ToDNHandler();
        LdapSearches.findEntries(toDNHandler, this.conn, createAttributeFilter, new String[0]);
        return toDNHandler.getResults();
    }

    public Set<GroupMembership> getLdapGroupMemberships(String str) {
        LOG.ok("Retrieving LDAP group memberships for {0}", str);
        String createAttributeFilter = createAttributeFilter(getLdapGroupMemberAttribute(), Collections.singletonList(str));
        ToGroupMembershipHandler toGroupMembershipHandler = new ToGroupMembershipHandler();
        toGroupMembershipHandler.setMemberRef(str);
        LdapSearches.findEntries(toGroupMembershipHandler, this.conn, createAttributeFilter, new String[0]);
        return toGroupMembershipHandler.getResults();
    }

    public void addLdapGroupMemberships(String str, Collection<String> collection) {
        LOG.ok("Adding {0} to LDAP groups {1}", str, collection);
        String ldapGroupMemberAttribute = getLdapGroupMemberAttribute();
        Iterator<String> it = collection.iterator();
        while (it.hasNext()) {
            addMemberToGroup(ldapGroupMemberAttribute, str, it.next());
        }
    }

    public void removeLdapGroupMemberships(String str, Collection<String> collection) {
        LOG.ok("Removing {0} from LDAP groups {1}", str, collection);
        String ldapGroupMemberAttribute = getLdapGroupMemberAttribute();
        Iterator<String> it = collection.iterator();
        while (it.hasNext()) {
            removeMemberFromGroup(ldapGroupMemberAttribute, str, it.next());
        }
    }

    public void modifyLdapGroupMemberships(Modification<GroupMembership> modification) {
        LOG.ok("Modifying LDAP group memberships: removing {0}, adding {1}", modification.getRemoved(), modification.getAdded());
        String ldapGroupMemberAttribute = getLdapGroupMemberAttribute();
        for (GroupMembership groupMembership : modification.getRemoved()) {
            removeMemberFromGroup(ldapGroupMemberAttribute, groupMembership.getMemberRef(), groupMembership.getGroupDN());
        }
        for (GroupMembership groupMembership2 : modification.getAdded()) {
            addMemberToGroup(ldapGroupMemberAttribute, groupMembership2.getMemberRef(), groupMembership2.getGroupDN());
        }
    }

    public List<String> getPosixGroups(Collection<String> collection) {
        LOG.ok("Retrieving POSIX groups for {0}", collection);
        String createAttributeFilter = createAttributeFilter(SchemaConstants.MEMBER_UID_AT, collection);
        ToDNHandler toDNHandler = new ToDNHandler();
        LdapSearches.findEntries(toDNHandler, this.conn, createAttributeFilter, new String[0]);
        return toDNHandler.getResults();
    }

    public Set<GroupMembership> getPosixGroupMemberships(Collection<String> collection) {
        LOG.ok("Retrieving POSIX group memberships for ", collection);
        ToGroupMembershipHandler toGroupMembershipHandler = new ToGroupMembershipHandler();
        for (String str : collection) {
            String createAttributeFilter = createAttributeFilter(SchemaConstants.MEMBER_UID_AT, Collections.singletonList(str));
            toGroupMembershipHandler.setMemberRef(str);
            LdapSearches.findEntries(toGroupMembershipHandler, this.conn, createAttributeFilter, new String[0]);
        }
        return toGroupMembershipHandler.getResults();
    }

    public void addPosixGroupMemberships(String str, Collection<String> collection) {
        LOG.ok("Adding {0} to POSIX groups {1}", str, collection);
        Iterator<String> it = collection.iterator();
        while (it.hasNext()) {
            addMemberToGroup(SchemaConstants.MEMBER_UID_AT, str, it.next());
        }
    }

    public void removePosixGroupMemberships(Set<GroupMembership> set) {
        LOG.ok("Removing POSIX group memberships {0}", set);
        for (GroupMembership groupMembership : set) {
            removeMemberFromGroup(SchemaConstants.MEMBER_UID_AT, groupMembership.getMemberRef(), groupMembership.getGroupDN());
        }
    }

    public void modifyPosixGroupMemberships(Modification<GroupMembership> modification) {
        LOG.ok("Modifying POSIX group memberships: removing {0}, adding {1}", modification.getRemoved(), modification.getAdded());
        for (GroupMembership groupMembership : modification.getRemoved()) {
            removeMemberFromGroup(SchemaConstants.MEMBER_UID_AT, groupMembership.getMemberRef(), groupMembership.getGroupDN());
        }
        for (GroupMembership groupMembership2 : modification.getAdded()) {
            addMemberToGroup(SchemaConstants.MEMBER_UID_AT, groupMembership2.getMemberRef(), groupMembership2.getGroupDN());
        }
    }

    public void addMemberAttributeIfMissing(BasicAttributes basicAttributes) {
        if (this.conn.getConfiguration().isAddPrincipalToNewGroups() && !Arrays.stream(this.conn.getConfiguration().getGroupObjectClasses()).noneMatch(str -> {
            Stream<String> stream = OBJECT_CLASSES_WITH_MANDATORY_MEMB_ATTR.stream();
            str.getClass();
            return stream.anyMatch(str::equalsIgnoreCase);
        })) {
            Attribute attribute = null;
            NamingEnumeration all = basicAttributes.getAll();
            while (all.hasMoreElements()) {
                Attribute attribute2 = (Attribute) all.nextElement();
                if (this.conn.getConfiguration().getGroupMemberAttribute().equals(attribute2.getID())) {
                    attribute = attribute2;
                }
            }
            if (attribute == null) {
                attribute = new BasicAttribute(this.conn.getConfiguration().getGroupMemberAttribute());
                basicAttributes.put(attribute);
            }
            if (attribute.size() == 0) {
                attribute.add(this.conn.getConfiguration().getPrincipal());
            }
        }
    }

    private String createAttributeFilter(String str, Collection<?> collection) {
        StringBuilder sb = new StringBuilder();
        boolean z = collection.size() > 1;
        if (z) {
            sb.append("(|");
        }
        for (Object obj : collection) {
            sb.append('(');
            sb.append(str);
            sb.append('=');
            LdapUtil.escapeAttrValue(obj, sb);
            sb.append(')');
        }
        if (z) {
            sb.append(Tokens.T_CLOSEBRACKET);
        }
        return sb.toString();
    }

    private void addMemberToGroup(String str, String str2, String str3) {
        try {
            this.conn.getInitialContext().modifyAttributes(str3, new ModificationItem[]{new ModificationItem(1, new BasicAttribute(str, str2))});
        } catch (NamingException e) {
            throw new ConnectorException((Throwable) e);
        } catch (AttributeInUseException e2) {
            throw new ConnectorException(this.conn.format("memberAlreadyInGroup", null, str2, str3), e2);
        }
    }

    private void removeMemberFromGroup(String str, String str2, String str3) {
        try {
            this.conn.getInitialContext().modifyAttributes(str3, new ModificationItem[]{new ModificationItem(3, new BasicAttribute(str, str2))});
        } catch (NamingException e) {
            throw new ConnectorException((Throwable) e);
        }
    }
}
