package net.tirasa.connid.bundles.ldap.search;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.List;
import java.util.Optional;
import java.util.Set;
import java.util.SortedSet;
import javax.naming.NamingException;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import net.tirasa.connid.bundles.ldap.LdapConnection;
import net.tirasa.connid.bundles.ldap.commons.GroupHelper;
import net.tirasa.connid.bundles.ldap.commons.LdapConstants;
import net.tirasa.connid.bundles.ldap.commons.LdapEntry;
import net.tirasa.connid.bundles.ldap.commons.LdapUtil;
import net.tirasa.connid.bundles.ldap.commons.StatusManagement;
import net.tirasa.connid.bundles.ldap.schema.LdapSchemaMapping;
import org.identityconnectors.common.CollectionUtil;
import org.identityconnectors.common.StringUtil;
import org.identityconnectors.common.logging.Log;
import org.identityconnectors.common.security.GuardedString;
import org.identityconnectors.framework.common.objects.Attribute;
import org.identityconnectors.framework.common.objects.AttributeBuilder;
import org.identityconnectors.framework.common.objects.AttributeInfo;
import org.identityconnectors.framework.common.objects.ConnectorObject;
import org.identityconnectors.framework.common.objects.ConnectorObjectBuilder;
import org.identityconnectors.framework.common.objects.Name;
import org.identityconnectors.framework.common.objects.ObjectClass;
import org.identityconnectors.framework.common.objects.ObjectClassInfo;
import org.identityconnectors.framework.common.objects.OperationOptions;
import org.identityconnectors.framework.common.objects.OperationalAttributes;
import org.identityconnectors.framework.common.objects.QualifiedUid;
import org.identityconnectors.framework.common.objects.ResultsHandler;
import org.identityconnectors.framework.common.objects.Uid;
import org.identityconnectors.framework.spi.SearchResultsHandler;

/* JADX WARN: Classes with same name are omitted:
  input_file:WEB-INF/classes/bundles/net.tirasa.connid.bundles.ad-1.3.8-bundle.jar:lib/net.tirasa.connid.bundles.ldap-1.5.5.jar:net/tirasa/connid/bundles/ldap/search/LdapSearch.class
 */
/* loaded from: input_file:WEB-INF/classes/bundles/net.tirasa.connid.bundles.ldap-1.5.7-bundle.jar:net/tirasa/connid/bundles/ldap/search/LdapSearch.class */
public class LdapSearch {
    private static final Log LOG;
    private final LdapConnection conn;
    private final ObjectClass oclass;
    private final LdapFilter filter;
    private final OperationOptions options;
    private final GroupHelper groupHelper;
    private final String[] baseDNs;
    private final ResultsHandler handler;
    static final /* synthetic */ boolean $assertionsDisabled;

    public static Set<String> getAttributesReturnedByDefault(LdapConnection ldapConnection, ObjectClass objectClass) {
        if (objectClass.equals(LdapSchemaMapping.ANY_OBJECT_CLASS)) {
            return CollectionUtil.newSet(Name.NAME);
        }
        SortedSet<String> newCaseInsensitiveSet = CollectionUtil.newCaseInsensitiveSet();
        ObjectClassInfo findObjectClassInfo = ldapConnection.getSchemaMapping().schema().findObjectClassInfo(objectClass.getObjectClassValue());
        if (findObjectClassInfo != null) {
            for (AttributeInfo attributeInfo : findObjectClassInfo.getAttributeInfo()) {
                if (attributeInfo.isReturnedByDefault()) {
                    newCaseInsensitiveSet.add(attributeInfo.getName());
                }
            }
        }
        return newCaseInsensitiveSet;
    }

    public LdapSearch(LdapConnection ldapConnection, ObjectClass objectClass, LdapFilter ldapFilter, ResultsHandler resultsHandler, OperationOptions operationOptions) {
        this(ldapConnection, objectClass, ldapFilter, resultsHandler, operationOptions, ldapConnection.getConfiguration().getBaseContexts());
    }

    public LdapSearch(LdapConnection ldapConnection, ObjectClass objectClass, LdapFilter ldapFilter, ResultsHandler resultsHandler, OperationOptions operationOptions, String... strArr) {
        this.conn = ldapConnection;
        this.oclass = objectClass;
        this.filter = ldapFilter;
        this.options = operationOptions;
        this.baseDNs = strArr;
        this.groupHelper = new GroupHelper(ldapConnection);
        this.handler = resultsHandler;
    }

    public final void execute() {
        final String[] attributesToGet = this.options.getAttributesToGet();
        final Set<String> attributesToGet2 = getAttributesToGet(attributesToGet);
        getInternalSearch(attributesToGet2).execute(new LdapSearchResultsHandler() { // from class: net.tirasa.connid.bundles.ldap.search.LdapSearch.1
            @Override // net.tirasa.connid.bundles.ldap.search.LdapSearchResultsHandler
            public boolean handle(String str, SearchResult searchResult) throws NamingException {
                return LdapSearch.this.handler.handle(LdapSearch.this.createConnectorObject(str, searchResult, attributesToGet2, attributesToGet != null));
            }
        });
    }

    public final ConnectorObject getSingleResult() {
        final String[] attributesToGet = this.options.getAttributesToGet();
        final Set<String> attributesToGet2 = getAttributesToGet(attributesToGet);
        final ConnectorObject[] connectorObjectArr = {null};
        getInternalSearch(attributesToGet2).execute(new LdapSearchResultsHandler() { // from class: net.tirasa.connid.bundles.ldap.search.LdapSearch.2
            @Override // net.tirasa.connid.bundles.ldap.search.LdapSearchResultsHandler
            public boolean handle(String str, SearchResult searchResult) throws NamingException {
                connectorObjectArr[0] = LdapSearch.this.createConnectorObject(str, searchResult, attributesToGet2, attributesToGet != null);
                return false;
            }
        });
        return connectorObjectArr[0];
    }

    private LdapInternalSearch getInternalSearch(Set<String> set) {
        LdapSearchStrategy newDefaultSearchStrategy;
        List<String> singletonList;
        int i;
        String entryDN = this.filter == null ? null : this.filter.getEntryDN();
        if (entryDN == null) {
            newDefaultSearchStrategy = getSearchStrategy();
            singletonList = getBaseDNs();
            i = getLdapSearchScope();
        } else {
            newDefaultSearchStrategy = this.conn.getConfiguration().newDefaultSearchStrategy(true);
            singletonList = Collections.singletonList(entryDN);
            i = 0;
        }
        SearchControls createDefaultSearchControls = LdapInternalSearch.createDefaultSearchControls();
        Set<String> ldapAttributesToGet = getLdapAttributesToGet(set);
        createDefaultSearchControls.setReturningAttributes((String[]) ldapAttributesToGet.toArray(new String[ldapAttributesToGet.size()]));
        createDefaultSearchControls.setSearchScope(i);
        String searchFilter = LdapConstants.getSearchFilter(this.options);
        String str = null;
        if (this.oclass.equals(ObjectClass.ACCOUNT)) {
            str = this.conn.getConfiguration().getAccountSearchFilter();
        } else if (this.oclass.equals(ObjectClass.GROUP)) {
            str = this.conn.getConfiguration().getGroupSearchFilter();
        }
        return new LdapInternalSearch(this.conn, getSearchFilter(searchFilter, this.filter == null ? null : this.filter.getNativeFilter(), str), singletonList, newDefaultSearchStrategy, createDefaultSearchControls);
    }

    private Set<String> getLdapAttributesToGet(Set<String> set) {
        SortedSet<String> newCaseInsensitiveSet = CollectionUtil.newCaseInsensitiveSet();
        newCaseInsensitiveSet.addAll(set);
        newCaseInsensitiveSet.remove(LdapConstants.LDAP_GROUPS_NAME);
        boolean remove = newCaseInsensitiveSet.remove(LdapConstants.POSIX_GROUPS_NAME);
        Set<String> ldapAttributes = this.conn.getSchemaMapping().getLdapAttributes(this.oclass, newCaseInsensitiveSet, true);
        if (remove) {
            ldapAttributes.add(GroupHelper.getPosixRefAttribute());
        }
        ldapAttributes.addAll(StatusManagement.getInstance(this.conn.getConfiguration().getStatusManagementClass()).getOperationalAttributes());
        ldapAttributes.removeAll(LdapEntry.ENTRY_DN_ATTRS);
        return ldapAttributes;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public ConnectorObject createConnectorObject(String str, SearchResult searchResult, Set<String> set, boolean z) {
        Attribute createAttribute;
        LdapEntry create = LdapEntry.create(str, searchResult);
        ConnectorObjectBuilder connectorObjectBuilder = new ConnectorObjectBuilder();
        connectorObjectBuilder.setObjectClass(this.oclass);
        connectorObjectBuilder.setUid(this.conn.getSchemaMapping().createUid(this.oclass, create));
        connectorObjectBuilder.setName(this.conn.getSchemaMapping().createName(this.oclass, create));
        ArrayList arrayList = new ArrayList();
        ArrayList arrayList2 = new ArrayList();
        for (String str2 : set) {
            if (LdapConstants.isLdapGroups(str2)) {
                arrayList.addAll(this.groupHelper.getLdapGroups(create.getDN().toString()));
                createAttribute = AttributeBuilder.build(LdapConstants.LDAP_GROUPS_NAME, arrayList);
            } else if (LdapConstants.isPosixGroups(str2)) {
                arrayList2.addAll(this.groupHelper.getPosixGroups(LdapUtil.getStringAttrValues(create.getAttributes(), GroupHelper.getPosixRefAttribute())));
                createAttribute = AttributeBuilder.build(LdapConstants.POSIX_GROUPS_NAME, arrayList2);
            } else {
                createAttribute = (!LdapConstants.PASSWORD.is(str2) || this.conn.getConfiguration().getRetrievePasswordsWithSearch()) ? this.conn.getSchemaMapping().createAttribute(this.oclass, str2, create, z) : AttributeBuilder.build(str2, new GuardedString());
            }
            if (createAttribute != null) {
                connectorObjectBuilder.addAttribute(createAttribute);
            }
        }
        Optional.ofNullable(StatusManagement.getInstance(this.conn.getConfiguration().getStatusManagementClass()).getStatus(searchResult.getAttributes())).ifPresent(bool -> {
            connectorObjectBuilder.addAttribute(AttributeBuilder.buildEnabled(bool.booleanValue()));
        });
        return connectorObjectBuilder.build();
    }

    private String getSearchFilter(String... strArr) {
        StringBuilder sb = new StringBuilder();
        String objectClassFilter = getObjectClassFilter();
        int i = StringUtil.isBlank(objectClassFilter) ? 0 : 1;
        for (String str : strArr) {
            i += StringUtil.isBlank(str) ? 0 : 1;
        }
        if (i > 1) {
            sb.append("(&");
        }
        appendFilter(objectClassFilter, sb);
        for (String str2 : strArr) {
            appendFilter(str2, sb);
        }
        if (i > 1) {
            sb.append(')');
        }
        return sb.toString();
    }

    private String getObjectClassFilter() {
        StringBuilder sb = new StringBuilder();
        List<String> ldapClasses = this.conn.getSchemaMapping().getLdapClasses(this.oclass);
        boolean z = ldapClasses.size() > 1;
        if (z) {
            sb.append("(&");
        }
        for (String str : ldapClasses) {
            sb.append("(objectClass=");
            sb.append(str);
            sb.append(')');
        }
        if (z) {
            sb.append(')');
        }
        return sb.toString();
    }

    private static void appendFilter(String str, StringBuilder sb) {
        if (StringUtil.isBlank(str)) {
            return;
        }
        String trim = str.trim();
        boolean z = str.charAt(0) != '(';
        if (z) {
            sb.append('(');
        }
        sb.append(trim);
        if (z) {
            sb.append(')');
        }
    }

    private List<String> getBaseDNs() {
        QualifiedUid container = this.options.getContainer();
        List<String> singletonList = container != null ? Collections.singletonList(LdapSearches.findEntryDN(this.conn, container.getObjectClass(), container.getUid())) : Arrays.asList(this.baseDNs);
        if ($assertionsDisabled || singletonList != null) {
            return singletonList;
        }
        throw new AssertionError();
    }

    private LdapSearchStrategy getSearchStrategy() {
        LdapSearchStrategy newDefaultSearchStrategy = this.conn.getConfiguration().newDefaultSearchStrategy(false);
        if (this.options.getPageSize() != null) {
            if (this.conn.getConfiguration().isUseVlvControls() && this.conn.supportsControl("2.16.840.1.113730.3.4.9")) {
                newDefaultSearchStrategy = new VlvIndexSearchStrategy(this.conn.getConfiguration().getVlvSortAttribute(), this.options.getPageSize().intValue());
            } else if (this.conn.supportsControl("1.2.840.113556.1.4.319")) {
                newDefaultSearchStrategy = new PagedSearchStrategy(this.options.getPageSize().intValue(), this.options.getPagedResultsCookie(), this.options.getPagedResultsOffset(), this.handler instanceof SearchResultsHandler ? (SearchResultsHandler) this.handler : null, this.options.getSortKeys());
            }
        }
        return newDefaultSearchStrategy;
    }

    private Set<String> getAttributesToGet(String[] strArr) {
        Set<String> attributesReturnedByDefault;
        if (strArr != null) {
            attributesReturnedByDefault = CollectionUtil.newCaseInsensitiveSet();
            attributesReturnedByDefault.addAll(Arrays.asList(strArr));
            removeNonReadableAttributes(attributesReturnedByDefault);
            attributesReturnedByDefault.add(Name.NAME);
        } else {
            attributesReturnedByDefault = getAttributesReturnedByDefault(this.conn, this.oclass);
        }
        attributesReturnedByDefault.add(Uid.NAME);
        if (!this.conn.getConfiguration().getRetrievePasswordsWithSearch() && attributesReturnedByDefault.contains(OperationalAttributes.PASSWORD_NAME)) {
            LOG.warn("Reading passwords not supported", new Object[0]);
        }
        return attributesReturnedByDefault;
    }

    private void removeNonReadableAttributes(Set<String> set) {
        boolean remove = set.remove(LdapConstants.LDAP_GROUPS_NAME);
        boolean remove2 = set.remove(LdapConstants.POSIX_GROUPS_NAME);
        this.conn.getSchemaMapping().removeNonReadableAttributes(this.oclass, set);
        if (remove) {
            set.add(LdapConstants.LDAP_GROUPS_NAME);
        }
        if (remove2) {
            set.add(LdapConstants.POSIX_GROUPS_NAME);
        }
    }

    private int getLdapSearchScope() {
        String scope = this.options.getScope();
        if ("object".equals(scope)) {
            return 0;
        }
        if (OperationOptions.SCOPE_ONE_LEVEL.equals(scope)) {
            return 1;
        }
        if (OperationOptions.SCOPE_SUBTREE.equals(scope) || scope == null) {
            return 2;
        }
        throw new IllegalArgumentException("Invalid search scope " + scope);
    }

    static {
        $assertionsDisabled = !LdapSearch.class.desiredAssertionStatus();
        LOG = Log.getLog(LdapSearch.class);
    }
}
