package net.tirasa.connid.bundles.ad.sync;

import com.sun.jndi.ldap.ctl.DirSyncResponseControl;
import java.util.Collection;
import java.util.HashSet;
import java.util.Set;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.naming.ldap.Control;
import javax.naming.ldap.LdapContext;
import net.tirasa.adsddl.ntsd.controls.DirSyncControl;
import net.tirasa.connid.bundles.ad.ADConfiguration;
import net.tirasa.connid.bundles.ad.ADConnection;
import net.tirasa.connid.bundles.ad.util.ADUtilities;
import net.tirasa.connid.bundles.ad.util.DirSyncUtils;
import net.tirasa.connid.bundles.ldap.search.LdapInternalSearch;
import org.apache.directory.api.ldap.model.constants.SchemaConstants;
import org.identityconnectors.common.StringUtil;
import org.identityconnectors.common.logging.Log;
import org.identityconnectors.framework.common.exceptions.ConnectorException;
import org.identityconnectors.framework.common.objects.ObjectClass;
import org.identityconnectors.framework.common.objects.SyncDelta;
import org.identityconnectors.framework.common.objects.SyncDeltaBuilder;
import org.identityconnectors.framework.common.objects.SyncDeltaType;
import org.identityconnectors.framework.common.objects.SyncResultsHandler;
import org.identityconnectors.framework.common.objects.SyncToken;
import org.identityconnectors.framework.common.objects.Uid;

/* loaded from: input_file:WEB-INF/bundles/net.tirasa.connid.bundles.ad-1.3.6.jar:net/tirasa/connid/bundles/ad/sync/ADSyncStrategy.class */
public class ADSyncStrategy {
    private static final Log LOG = Log.getLog(ADSyncStrategy.class);
    private static final byte[] EMPTY_COOKIE = new byte[0];
    private final transient ADConnection conn;
    private transient SyncToken latestSyncToken;
    private final ADUtilities utils;

    public ADSyncStrategy(ADConnection aDConnection) {
        this.conn = aDConnection;
        this.utils = new ADUtilities(aDConnection);
    }

    private Set<SearchResult> search(LdapContext ldapContext, String str, SearchControls searchControls, boolean z) {
        DirSyncResponseControl[] responseControls;
        HashSet hashSet = new HashSet();
        for (String str2 : this.conn.getConfiguration().getBaseContextsToSynchronize()) {
            if (LOG.isOk()) {
                LOG.ok("Searching from " + str2, new Object[0]);
            }
            try {
                NamingEnumeration search = ldapContext.search(str2, str, searchControls);
                while (search.hasMoreElements()) {
                    hashSet.add(search.nextElement());
                }
                if (z && (responseControls = ldapContext.getResponseControls()) != null) {
                    if (LOG.isOk()) {
                        LOG.ok("Response Controls: {0}", Integer.valueOf(responseControls.length));
                    }
                    for (DirSyncResponseControl dirSyncResponseControl : responseControls) {
                        if (dirSyncResponseControl instanceof DirSyncResponseControl) {
                            this.latestSyncToken = new SyncToken(dirSyncResponseControl.getCookie());
                        }
                    }
                    if (LOG.isOk()) {
                        LOG.ok("Latest sync token set to {0}", this.latestSyncToken);
                    }
                }
            } catch (NamingException e) {
                LOG.error(e, "While searching base context {0} with filter {1} and search controls {2}", str2, str, searchControls);
            }
        }
        return hashSet;
    }

    /* JADX WARN: Removed duplicated region for block: B:11:0x00b5  */
    /* JADX WARN: Removed duplicated region for block: B:14:0x00e1  */
    /* JADX WARN: Removed duplicated region for block: B:17:0x0131  */
    /* JADX WARN: Removed duplicated region for block: B:20:0x0150  */
    /* JADX WARN: Removed duplicated region for block: B:39:0x020c  */
    /* JADX WARN: Removed duplicated region for block: B:42:? A[RETURN, SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:43:0x01ac  */
    /* JADX WARN: Removed duplicated region for block: B:60:0x00c9  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public void sync(org.identityconnectors.framework.common.objects.SyncToken r9, org.identityconnectors.framework.common.objects.SyncResultsHandler r10, org.identityconnectors.framework.common.objects.OperationOptions r11, org.identityconnectors.framework.common.objects.ObjectClass r12) {
        /*
            Method dump skipped, instructions count: 544
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: net.tirasa.connid.bundles.ad.sync.ADSyncStrategy.sync(org.identityconnectors.framework.common.objects.SyncToken, org.identityconnectors.framework.common.objects.SyncResultsHandler, org.identityconnectors.framework.common.objects.OperationOptions, org.identityconnectors.framework.common.objects.ObjectClass):void");
    }

    public SyncToken getLatestSyncToken() {
        SearchControls createDefaultSearchControls = LdapInternalSearch.createDefaultSearchControls();
        createDefaultSearchControls.setSearchScope(2);
        createDefaultSearchControls.setReturningAttributes((String[]) null);
        String str = this.conn.getConfiguration().getBaseContextsToSynchronize()[0];
        try {
            LdapContext syncContext = this.conn.getSyncContext(new Control[]{new DirSyncControl()});
            syncContext.search(str, "(CN=__CONNID-NORES__)", createDefaultSearchControls);
            DirSyncResponseControl[] responseControls = syncContext.getResponseControls();
            if (responseControls != null) {
                for (DirSyncResponseControl dirSyncResponseControl : responseControls) {
                    if (dirSyncResponseControl instanceof DirSyncResponseControl) {
                        this.latestSyncToken = new SyncToken(dirSyncResponseControl.getCookie());
                    }
                }
                if (LOG.isOk()) {
                    LOG.ok("Latest sync token set to {0}", this.latestSyncToken);
                }
            }
        } catch (Exception e) {
            LOG.error(e, "While searching for {0} with filter {1} and controls {2}", str, "(CN=__CONNID-NORES__)", createDefaultSearchControls);
        }
        return this.latestSyncToken;
    }

    /* JADX WARN: Removed duplicated region for block: B:20:0x010f  */
    /* JADX WARN: Removed duplicated region for block: B:41:0x01c1  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private void handleSyncUDelta(javax.naming.ldap.LdapContext r11, javax.naming.directory.SearchResult r12, java.util.Collection<java.lang.String> r13, org.identityconnectors.framework.common.objects.SyncToken r14, org.identityconnectors.framework.common.objects.SyncResultsHandler r15) throws javax.naming.NamingException {
        /*
            Method dump skipped, instructions count: 633
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: net.tirasa.connid.bundles.ad.sync.ADSyncStrategy.handleSyncUDelta(javax.naming.ldap.LdapContext, javax.naming.directory.SearchResult, java.util.Collection, org.identityconnectors.framework.common.objects.SyncToken, org.identityconnectors.framework.common.objects.SyncResultsHandler):void");
    }

    /* JADX WARN: Removed duplicated region for block: B:20:0x00f8  */
    /* JADX WARN: Removed duplicated region for block: B:51:0x025b  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private void handleSyncGDelta(javax.naming.ldap.LdapContext r11, javax.naming.directory.SearchResult r12, java.util.Collection<java.lang.String> r13, org.identityconnectors.framework.common.objects.SyncToken r14, org.identityconnectors.framework.common.objects.SyncResultsHandler r15) throws javax.naming.NamingException {
        /*
            Method dump skipped, instructions count: 621
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: net.tirasa.connid.bundles.ad.sync.ADSyncStrategy.handleSyncGDelta(javax.naming.ldap.LdapContext, javax.naming.directory.SearchResult, java.util.Collection, org.identityconnectors.framework.common.objects.SyncToken, org.identityconnectors.framework.common.objects.SyncResultsHandler):void");
    }

    private SyncDelta getSyncDelta(ObjectClass objectClass, String str, SyncDeltaType syncDeltaType, SyncToken syncToken, Attributes attributes, Collection<String> collection) throws NamingException {
        Attribute attribute;
        SyncDeltaBuilder syncDeltaBuilder = new SyncDeltaBuilder();
        syncDeltaBuilder.setToken(syncToken == null ? new SyncToken(EMPTY_COOKIE) : syncToken);
        syncDeltaBuilder.setDeltaType(syncDeltaType);
        Uid uid = null;
        if (StringUtil.isNotBlank(this.conn.getSchemaMapping().getLdapUidAttribute(objectClass)) && (attribute = attributes.get(this.conn.getSchemaMapping().getLdapUidAttribute(objectClass))) != null) {
            uid = new Uid(attribute.get().toString());
        }
        if (uid == null) {
            throw new ConnectorException("UID attribute not found");
        }
        syncDeltaBuilder.setUid(uid);
        syncDeltaBuilder.setObject(this.utils.createConnectorObject(str, attributes, collection, objectClass));
        return syncDeltaBuilder.build();
    }

    private void handleInOutEntries(LdapContext ldapContext, ObjectClass objectClass, NamingEnumeration<String> namingEnumeration, String str, SyncResultsHandler syncResultsHandler, SyncToken syncToken, ADConfiguration aDConfiguration, Collection<String> collection) throws NamingException {
        while (namingEnumeration.hasMoreElements()) {
            handleEntry(ldapContext, objectClass, (String) namingEnumeration.next(), str, syncResultsHandler, syncToken, aDConfiguration, collection);
        }
    }

    private void handleEntry(LdapContext ldapContext, ObjectClass objectClass, String str, String str2, SyncResultsHandler syncResultsHandler, SyncToken syncToken, ADConfiguration aDConfiguration, Collection<String> collection) throws NamingException {
        SyncDeltaType syncDeltaType;
        Attributes attributes = ldapContext.getAttributes(str);
        Attribute attribute = attributes.get(SchemaConstants.OBJECT_CLASS_AT);
        if ((objectClass.is(ObjectClass.ACCOUNT_NAME) && !attribute.contains("user")) || (objectClass.is(ObjectClass.GROUP_NAME) && !attribute.contains("group"))) {
            LOG.warn("Invalid type: skip object {0}", str);
            return;
        }
        if (DirSyncUtils.verifyFilter(ldapContext, str, str2)) {
            if (LOG.isOk()) {
                LOG.ok("Entry {0} - update", str);
            }
            syncDeltaType = SyncDeltaType.CREATE_OR_UPDATE;
        } else {
            if (LOG.isOk()) {
                LOG.ok("Entry {0} - delete", str);
            }
            syncDeltaType = SyncDeltaType.DELETE;
        }
        if (syncDeltaType != SyncDeltaType.DELETE || ((objectClass.is(ObjectClass.GROUP_NAME) && aDConfiguration.isRetrieveDeletedGroup()) || (objectClass.is(ObjectClass.ACCOUNT_NAME) && aDConfiguration.isRetrieveDeletedUser()))) {
            syncResultsHandler.handle(getSyncDelta(objectClass, str, syncDeltaType, syncToken, attributes, collection));
        }
    }
}
