package net.tirasa.connid.bundles.ad;

import java.util.Arrays;
import java.util.Collections;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import net.tirasa.connid.bundles.ad.authentication.ADAuthenticate;
import net.tirasa.connid.bundles.ad.crud.ADCreate;
import net.tirasa.connid.bundles.ad.crud.ADDelete;
import net.tirasa.connid.bundles.ad.crud.ADUpdate;
import net.tirasa.connid.bundles.ad.search.ADSearch;
import net.tirasa.connid.bundles.ad.sync.ADSyncStrategy;
import net.tirasa.connid.bundles.ldap.LdapConnector;
import net.tirasa.connid.bundles.ldap.commons.LdapConstants;
import net.tirasa.connid.bundles.ldap.search.LdapFilter;
import org.identityconnectors.common.security.GuardedString;
import org.identityconnectors.framework.common.objects.Attribute;
import org.identityconnectors.framework.common.objects.AttributeBuilder;
import org.identityconnectors.framework.common.objects.AttributeUtil;
import org.identityconnectors.framework.common.objects.ObjectClass;
import org.identityconnectors.framework.common.objects.OperationOptions;
import org.identityconnectors.framework.common.objects.OperationalAttributes;
import org.identityconnectors.framework.common.objects.ResultsHandler;
import org.identityconnectors.framework.common.objects.Schema;
import org.identityconnectors.framework.common.objects.SyncResultsHandler;
import org.identityconnectors.framework.common.objects.SyncToken;
import org.identityconnectors.framework.common.objects.Uid;
import org.identityconnectors.framework.spi.Configuration;
import org.identityconnectors.framework.spi.ConnectorClass;

@ConnectorClass(configurationClass = ADConfiguration.class, displayNameKey = "ADConnector")
/* loaded from: input_file:WEB-INF/bundles/net.tirasa.connid.bundles.ad-1.3.6.jar:net/tirasa/connid/bundles/ad/ADConnector.class */
public class ADConnector extends LdapConnector {
    public static final String OBJECTGUID = "objectGUID";
    public static final String OBJECTSID = "objectSID";
    public static final String PRIMARYGROUPID = "primaryGroupID";
    public static final String MEMBEROF = "memberOf";
    public static final String UACCONTROL_ATTR = "userAccountControl";
    public static final String SDDL_ATTR = "ntSecurityDescriptor";
    public static final List<String> ADDS2012_ATTRIBUTES_TO_BE_REMOVED = Arrays.asList("msds-memberOfTransitive", "msDS-parentdistname", "msds-memberTransitive");
    public static final int UF_ACCOUNTDISABLE = 2;
    public static final int UF_PASSWD_NOTREQD = 32;
    public static final int UF_PASSWD_CANT_CHANGE = 64;
    public static final int UF_NORMAL_ACCOUNT = 512;
    public static final int UF_DONT_EXPIRE_PASSWD = 65536;
    public static final int UF_PASSWORD_EXPIRED = 8388608;
    private transient ADConfiguration config;
    private transient ADSyncStrategy syncStrategy;
    private transient ADConnection conn;

    @Override // net.tirasa.connid.bundles.ldap.LdapConnector, org.identityconnectors.framework.spi.Connector
    public Configuration getConfiguration() {
        return this.config;
    }

    @Override // net.tirasa.connid.bundles.ldap.LdapConnector, org.identityconnectors.framework.spi.Connector
    public void init(Configuration configuration) {
        this.config = (ADConfiguration) configuration;
        this.conn = new ADConnection(this.config);
        this.syncStrategy = new ADSyncStrategy(this.conn);
        super.init(configuration);
    }

    @Override // net.tirasa.connid.bundles.ldap.LdapConnector, org.identityconnectors.framework.spi.Connector
    public void dispose() {
        this.conn.close();
        super.dispose();
    }

    @Override // net.tirasa.connid.bundles.ldap.LdapConnector, org.identityconnectors.framework.spi.operations.SearchOp
    public void executeQuery(ObjectClass objectClass, LdapFilter ldapFilter, ResultsHandler resultsHandler, OperationOptions operationOptions) {
        new ADSearch(this.conn, objectClass, ldapFilter, resultsHandler, operationOptions).executeADQuery(resultsHandler);
    }

    @Override // net.tirasa.connid.bundles.ldap.LdapConnector, org.identityconnectors.framework.spi.operations.SyncOp
    public SyncToken getLatestSyncToken(ObjectClass objectClass) {
        return this.syncStrategy.getLatestSyncToken();
    }

    @Override // net.tirasa.connid.bundles.ldap.LdapConnector, org.identityconnectors.framework.spi.operations.SyncOp
    public void sync(ObjectClass objectClass, SyncToken syncToken, SyncResultsHandler syncResultsHandler, OperationOptions operationOptions) {
        this.syncStrategy.sync(syncToken, syncResultsHandler, operationOptions, objectClass);
    }

    @Override // net.tirasa.connid.bundles.ldap.LdapConnector, org.identityconnectors.framework.spi.operations.CreateOp
    public Uid create(ObjectClass objectClass, Set<Attribute> set, OperationOptions operationOptions) {
        if (((ADConfiguration) ADConfiguration.class.cast(this.conn.getConfiguration())).isPwdUpdateOnly()) {
            throw new IllegalStateException("Create operation not permitted");
        }
        HashSet hashSet = new HashSet(set);
        if (objectClass.is(ObjectClass.ACCOUNT_NAME)) {
            Attribute find = AttributeUtil.find(LdapConstants.LDAP_GROUPS_NAME, hashSet);
            HashSet hashSet2 = new HashSet();
            if (find != null) {
                hashSet.remove(find);
                hashSet2.addAll(find.getValue() == null ? Collections.emptyList() : Arrays.asList(find.getValue().toArray(new String[find.getValue().size()])));
            }
            hashSet2.addAll(this.config.getMemberships() == null ? Collections.emptyList() : Arrays.asList(this.config.getMemberships()));
            hashSet.add(AttributeBuilder.build(LdapConstants.LDAP_GROUPS_NAME, hashSet2));
        }
        return new ADCreate(this.conn, objectClass, hashSet, operationOptions).create();
    }

    @Override // net.tirasa.connid.bundles.ldap.LdapConnector, org.identityconnectors.framework.spi.operations.UpdateOp
    public Uid update(ObjectClass objectClass, Uid uid, Set<Attribute> set, OperationOptions operationOptions) {
        Set<Attribute> hashSet = new HashSet<>();
        if (((ADConfiguration) ADConfiguration.class.cast(this.conn.getConfiguration())).isPwdUpdateOnly()) {
            Attribute find = AttributeUtil.find(OperationalAttributes.PASSWORD_NAME, set);
            if (find != null) {
                hashSet.add(find);
            }
        } else {
            hashSet.addAll(set);
            Attribute find2 = AttributeUtil.find(LdapConstants.LDAP_GROUPS_NAME, hashSet);
            if (find2 != null && objectClass.is(ObjectClass.ACCOUNT_NAME)) {
                hashSet.remove(find2);
                HashSet hashSet2 = new HashSet(find2.getValue() == null ? Collections.emptyList() : Arrays.asList(find2.getValue().toArray(new String[find2.getValue().size()])));
                hashSet2.addAll(this.config.getMemberships() == null ? Collections.emptyList() : Arrays.asList(this.config.getMemberships()));
                hashSet.add(AttributeBuilder.build(LdapConstants.LDAP_GROUPS_NAME, hashSet2));
            }
        }
        return new ADUpdate(this.conn, objectClass, uid).update(hashSet);
    }

    @Override // net.tirasa.connid.bundles.ldap.LdapConnector, org.identityconnectors.framework.spi.operations.DeleteOp
    public void delete(ObjectClass objectClass, Uid uid, OperationOptions operationOptions) {
        if (((ADConfiguration) ADConfiguration.class.cast(this.conn.getConfiguration())).isPwdUpdateOnly()) {
            throw new IllegalStateException("Delete operation not permitted");
        }
        new ADDelete(this.conn, objectClass, uid).delete();
    }

    @Override // net.tirasa.connid.bundles.ldap.LdapConnector, org.identityconnectors.framework.spi.operations.SchemaOp
    public Schema schema() {
        return this.conn.getADSchema().getSchema();
    }

    @Override // net.tirasa.connid.bundles.ldap.LdapConnector, org.identityconnectors.framework.spi.operations.AuthenticateOp
    public Uid authenticate(ObjectClass objectClass, String str, GuardedString guardedString, OperationOptions operationOptions) {
        return new ADAuthenticate(this.conn, objectClass, str, operationOptions).authenticate(guardedString);
    }

    @Override // net.tirasa.connid.bundles.ldap.LdapConnector, org.identityconnectors.framework.spi.operations.ResolveUsernameOp
    public Uid resolveUsername(ObjectClass objectClass, String str, OperationOptions operationOptions) {
        return new ADAuthenticate(this.conn, objectClass, str, operationOptions).resolveUsername();
    }

    @Override // net.tirasa.connid.bundles.ldap.LdapConnector, org.identityconnectors.framework.spi.operations.TestOp
    public void test() {
        this.conn.test();
    }

    @Override // net.tirasa.connid.bundles.ldap.LdapConnector, org.identityconnectors.framework.spi.PoolableConnector
    public void checkAlive() {
        this.conn.checkAlive();
    }
}
