package net.tirasa.connid.bundles.ldap.schema;

import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.SortedSet;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attributes;
import javax.naming.directory.BasicAttribute;
import javax.naming.directory.BasicAttributes;
import javax.naming.directory.ModificationItem;
import javax.naming.ldap.LdapName;
import net.tirasa.connid.bundles.ldap.LdapConnection;
import net.tirasa.connid.bundles.ldap.commons.LdapEntry;
import net.tirasa.connid.bundles.ldap.commons.LdapUtil;
import net.tirasa.connid.bundles.ldap.commons.ObjectClassMappingConfig;
import org.hsqldb.Tokens;
import org.identityconnectors.common.CollectionUtil;
import org.identityconnectors.common.StringUtil;
import org.identityconnectors.common.logging.Log;
import org.identityconnectors.common.security.GuardedString;
import org.identityconnectors.framework.common.exceptions.ConnectorException;
import org.identityconnectors.framework.common.objects.Attribute;
import org.identityconnectors.framework.common.objects.AttributeBuilder;
import org.identityconnectors.framework.common.objects.AttributeDelta;
import org.identityconnectors.framework.common.objects.AttributeDeltaUtil;
import org.identityconnectors.framework.common.objects.AttributeInfo;
import org.identityconnectors.framework.common.objects.AttributeUtil;
import org.identityconnectors.framework.common.objects.Name;
import org.identityconnectors.framework.common.objects.ObjectClass;
import org.identityconnectors.framework.common.objects.ObjectClassInfo;
import org.identityconnectors.framework.common.objects.ObjectClassUtil;
import org.identityconnectors.framework.common.objects.OperationalAttributes;
import org.identityconnectors.framework.common.objects.Schema;
import org.identityconnectors.framework.common.objects.Uid;
import org.openapitools.client.model.Group;

/* JADX WARN: Classes with same name are omitted:
  input_file:WEB-INF/classes/bundles/net.tirasa.connid.bundles.ad-1.3.8-bundle.jar:lib/net.tirasa.connid.bundles.ldap-1.5.5.jar:net/tirasa/connid/bundles/ldap/schema/LdapSchemaMapping.class
 */
/* loaded from: input_file:WEB-INF/classes/bundles/net.tirasa.connid.bundles.ldap-1.5.7-bundle.jar:net/tirasa/connid/bundles/ldap/schema/LdapSchemaMapping.class */
public class LdapSchemaMapping {
    private static final Log LOG;
    public static final ObjectClass ANY_OBJECT_CLASS;
    static final String DEFAULT_LDAP_NAME_ATTR = "entryDN";
    private final LdapConnection conn;
    private final Map<String, Set<String>> ldapClass2Effective = CollectionUtil.newCaseInsensitiveMap();
    private Schema schema;
    static final /* synthetic */ boolean $assertionsDisabled;

    public LdapSchemaMapping(LdapConnection ldapConnection) {
        this.conn = ldapConnection;
    }

    public Schema schema() {
        if (this.schema == null) {
            this.schema = new LdapSchemaBuilder(this.conn).getSchema();
        }
        return this.schema;
    }

    private Set<String> getEffectiveLdapClasses(String str) {
        Set<String> set = this.ldapClass2Effective.get(str);
        if (set == null) {
            set = this.conn.createNativeSchema().getEffectiveObjectClasses(str);
            this.ldapClass2Effective.put(str, set);
        }
        return set;
    }

    public List<String> getLdapClasses(ObjectClass objectClass) {
        if (objectClass.equals(ANY_OBJECT_CLASS)) {
            return Collections.emptyList();
        }
        ObjectClassMappingConfig objectClassMappingConfig = this.conn.getConfiguration().getObjectClassMappingConfigs().get(objectClass);
        if (objectClassMappingConfig != null) {
            return objectClassMappingConfig.getLdapClasses();
        }
        if (ObjectClassUtil.isSpecial(objectClass)) {
            throw new ConnectorException("Object class " + objectClass.getObjectClassValue() + " is not mapped to an LDAP object class");
        }
        return CollectionUtil.newReadOnlyList(objectClass.getObjectClassValue());
    }

    public Set<String> getEffectiveLdapClasses(ObjectClass objectClass) {
        SortedSet<String> newCaseInsensitiveSet = CollectionUtil.newCaseInsensitiveSet();
        Iterator<String> it = getLdapClasses(objectClass).iterator();
        while (it.hasNext()) {
            newCaseInsensitiveSet.addAll(getEffectiveLdapClasses(it.next()));
        }
        return Collections.unmodifiableSet(newCaseInsensitiveSet);
    }

    public List<String> getUserNameLdapAttributes(ObjectClass objectClass) {
        ObjectClassMappingConfig objectClassMappingConfig = this.conn.getConfiguration().getObjectClassMappingConfigs().get(objectClass);
        return objectClassMappingConfig == null ? Collections.emptyList() : objectClassMappingConfig.getShortNameLdapAttributes();
    }

    public String getLdapAttribute(ObjectClass objectClass, String str, boolean z) {
        String str2 = null;
        if (AttributeUtil.namesEqual(Uid.NAME, str)) {
            str2 = getLdapUidAttribute(objectClass);
        } else if (AttributeUtil.namesEqual(Name.NAME, str)) {
            str2 = getLdapNameAttribute(objectClass);
        } else if (OperationalAttributes.PASSWORD_NAME.equals(str)) {
            str2 = getLdapPasswordAttribute(objectClass);
        }
        if (str2 == null && !AttributeUtil.isSpecialName(str)) {
            str2 = str;
        }
        if (str2 != null && z && this.conn.needsBinaryOption(str2)) {
            str2 = LdapUtil.addBinaryOption(str2);
        }
        if (str2 == null && !objectClass.equals(ANY_OBJECT_CLASS)) {
            LOG.warn("Attribute {0} of object class {1} is not mapped to an LDAP attribute", str, objectClass.getObjectClassValue());
        }
        return str2;
    }

    public String getLdapAttribute(ObjectClass objectClass, Attribute attribute) {
        return getLdapAttribute(objectClass, attribute.getName(), false);
    }

    public Set<String> getLdapAttributes(ObjectClass objectClass, Set<String> set, boolean z) {
        SortedSet<String> newCaseInsensitiveSet = CollectionUtil.newCaseInsensitiveSet();
        Iterator<String> it = set.iterator();
        while (it.hasNext()) {
            String ldapAttribute = getLdapAttribute(objectClass, it.next(), z);
            if (ldapAttribute != null) {
                newCaseInsensitiveSet.add(ldapAttribute);
            }
        }
        return newCaseInsensitiveSet;
    }

    public String getLdapUidAttribute(ObjectClass objectClass) {
        ObjectClass objectClass2;
        String str;
        if (objectClass.equals(ObjectClass.GROUP)) {
            objectClass2 = objectClass;
            str = this.conn.getConfiguration().getGidAttribute();
        } else if (objectClass.equals(ObjectClass.ACCOUNT)) {
            objectClass2 = objectClass;
            str = this.conn.getConfiguration().getUidAttribute();
        } else {
            objectClass2 = ObjectClass.ALL;
            str = null;
        }
        return StringUtil.isBlank(str) ? this.conn.getConfiguration().getObjectClassMappingConfigs().get(objectClass2).getShortNameLdapAttributes().iterator().next() : str;
    }

    public String getLdapPasswordAttribute(ObjectClass objectClass) {
        return this.conn.getConfiguration().getPasswordAttribute();
    }

    public String getLdapNameAttribute(ObjectClass objectClass) {
        return DEFAULT_LDAP_NAME_ATTR;
    }

    public Uid createUid(ObjectClass objectClass, LdapEntry ldapEntry) {
        return createUid(getLdapUidAttribute(objectClass), ldapEntry.getAttributes());
    }

    public Uid createUid(ObjectClass objectClass, String str) {
        String ldapUidAttribute = getLdapUidAttribute(objectClass);
        if (LdapEntry.isDNAttribute(ldapUidAttribute)) {
            return new Uid(str);
        }
        try {
            return createUid(ldapUidAttribute, this.conn.getInitialContext().getAttributes(str, new String[]{ldapUidAttribute}));
        } catch (NamingException e) {
            throw new ConnectorException((Throwable) e);
        }
    }

    private Uid createUid(String str, Attributes attributes) {
        String stringAttrValue = LdapUtil.getStringAttrValue(attributes, str);
        if (stringAttrValue != null) {
            return new Uid(stringAttrValue);
        }
        throw new ConnectorException("No attribute named " + str + " found in the search result");
    }

    public Name createName(ObjectClass objectClass, LdapEntry ldapEntry) {
        if (LdapEntry.isDNAttribute(getLdapNameAttribute(objectClass))) {
            return new Name(ldapEntry.getDN().toString());
        }
        throw new UnsupportedOperationException("Name can only be mapped to the entry DN");
    }

    public Attribute createAttribute(ObjectClass objectClass, String str, LdapEntry ldapEntry, boolean z) {
        String ldapAttribute = getLdapAttribute(objectClass, str, true);
        javax.naming.directory.Attribute attribute = null;
        if (ldapAttribute != null) {
            attribute = ldapEntry.getAttributes().get(ldapAttribute);
        }
        if (attribute == null) {
            if (z) {
                return AttributeBuilder.build(str, Collections.emptyList());
            }
            return null;
        }
        AttributeBuilder attributeBuilder = new AttributeBuilder();
        attributeBuilder.setName(str);
        try {
            if (OperationalAttributes.PASSWORD_NAME.equals(str)) {
                attributeBuilder.addValue(new GuardedString(new String((byte[]) attribute.get()).toCharArray()));
            } else {
                NamingEnumeration all = attribute.getAll();
                while (all.hasMore()) {
                    attributeBuilder.addValue(all.next());
                }
            }
            return attributeBuilder.build();
        } catch (NamingException e) {
            throw new ConnectorException((Throwable) e);
        }
    }

    public String create(ObjectClass objectClass, Name name, Attributes attributes) {
        LdapName quietCreateLdapName = LdapUtil.quietCreateLdapName(getEntryDN(objectClass, name));
        BasicAttributes basicAttributes = new BasicAttributes();
        NamingEnumeration all = attributes.getAll();
        while (all.hasMoreElements()) {
            basicAttributes.put((javax.naming.directory.Attribute) all.nextElement());
        }
        BasicAttribute basicAttribute = new BasicAttribute(Group.JSON_PROPERTY_OBJECT_CLASS);
        Iterator<String> it = this.conn.getSchemaMapping().getEffectiveLdapClasses(objectClass).iterator();
        while (it.hasNext()) {
            basicAttribute.add(it.next());
        }
        basicAttributes.put(basicAttribute);
        LOG.ok("Creating LDAP subcontext {0} with attributes {1}", quietCreateLdapName, basicAttributes);
        try {
            this.conn.getInitialContext().createSubcontext(quietCreateLdapName, basicAttributes).close();
            return quietCreateLdapName.toString();
        } catch (NamingException e) {
            throw new ConnectorException((Throwable) e);
        }
    }

    public javax.naming.directory.Attribute encodeAttribute(ObjectClass objectClass, Attribute attribute) {
        if (attribute.is(OperationalAttributes.PASSWORD_NAME)) {
            throw new IllegalArgumentException("This method should not be used for password attributes");
        }
        String ldapAttribute = getLdapAttribute(objectClass, attribute.getName(), true);
        if (ldapAttribute == null) {
            return null;
        }
        BasicAttribute basicAttribute = new BasicAttribute(ldapAttribute);
        List<Object> value = attribute.getValue();
        if (value != null) {
            Iterator<Object> it = value.iterator();
            while (it.hasNext()) {
                basicAttribute.add(it.next());
            }
        }
        return basicAttribute;
    }

    public List<ModificationItem> encodeAttribute(ObjectClass objectClass, AttributeDelta attributeDelta) {
        if (attributeDelta.is(OperationalAttributes.PASSWORD_NAME)) {
            throw new IllegalArgumentException("This method should not be used for password attributes");
        }
        String ldapAttribute = getLdapAttribute(objectClass, attributeDelta.getName(), true);
        if (ldapAttribute == null) {
            return Collections.emptyList();
        }
        ArrayList arrayList = new ArrayList();
        if (CollectionUtil.isEmpty(attributeDelta.getValuesToReplace())) {
            if (!CollectionUtil.isEmpty(attributeDelta.getValuesToAdd())) {
                BasicAttribute basicAttribute = new BasicAttribute(ldapAttribute);
                Iterator<Object> it = attributeDelta.getValuesToAdd().iterator();
                while (it.hasNext()) {
                    basicAttribute.add(it.next());
                }
                arrayList.add(new ModificationItem(1, basicAttribute));
            }
            if (!CollectionUtil.isEmpty(attributeDelta.getValuesToRemove())) {
                BasicAttribute basicAttribute2 = new BasicAttribute(ldapAttribute);
                Iterator<Object> it2 = attributeDelta.getValuesToRemove().iterator();
                while (it2.hasNext()) {
                    basicAttribute2.add(it2.next());
                }
                arrayList.add(new ModificationItem(3, basicAttribute2));
            }
        } else {
            BasicAttribute basicAttribute3 = new BasicAttribute(ldapAttribute);
            Iterator<Object> it3 = attributeDelta.getValuesToReplace().iterator();
            while (it3.hasNext()) {
                basicAttribute3.add(it3.next());
            }
            arrayList.add(new ModificationItem(2, basicAttribute3));
        }
        return arrayList;
    }

    public GuardedPasswordAttribute encodePassword(Attribute attribute) {
        if (!$assertionsDisabled && !attribute.is(OperationalAttributes.PASSWORD_NAME)) {
            throw new AssertionError();
        }
        String passwordAttribute = this.conn.getConfiguration().getPasswordAttribute();
        List<Object> value = attribute.getValue();
        if (value != null) {
            Iterator<Object> it = value.iterator();
            if (it.hasNext()) {
                return GuardedPasswordAttribute.create(passwordAttribute, (GuardedString) it.next());
            }
        }
        return GuardedPasswordAttribute.create(passwordAttribute);
    }

    public GuardedPasswordAttribute encodePassword(AttributeDelta attributeDelta) {
        if (!$assertionsDisabled && !attributeDelta.is(OperationalAttributes.PASSWORD_NAME)) {
            throw new AssertionError();
        }
        String passwordAttribute = this.conn.getConfiguration().getPasswordAttribute();
        if (CollectionUtil.isEmpty(attributeDelta.getValuesToReplace())) {
            return null;
        }
        return GuardedPasswordAttribute.create(passwordAttribute, (GuardedString) attributeDelta.getValuesToReplace().get(0));
    }

    public String getEntryDN(ObjectClass objectClass, Name name) {
        if (LdapEntry.isDNAttribute(getLdapNameAttribute(objectClass))) {
            return name.getNameValue();
        }
        throw new UnsupportedOperationException("Name can only be mapped to the entry DN");
    }

    public String getEntryDN(ObjectClass objectClass, AttributeDelta attributeDelta) {
        if (LdapEntry.isDNAttribute(getLdapNameAttribute(objectClass))) {
            return AttributeDeltaUtil.getStringValue(attributeDelta);
        }
        throw new UnsupportedOperationException("Name can only be mapped to the entry DN");
    }

    public String rename(ObjectClass objectClass, String str, Name name) {
        String entryDN = getEntryDN(objectClass, name);
        try {
            this.conn.getInitialContext().rename(str, entryDN);
            return entryDN;
        } catch (NamingException e) {
            throw new ConnectorException((Throwable) e);
        }
    }

    public String rename(ObjectClass objectClass, String str, AttributeDelta attributeDelta) {
        String entryDN = getEntryDN(objectClass, attributeDelta);
        try {
            this.conn.getInitialContext().rename(str, entryDN);
            return entryDN;
        } catch (NamingException e) {
            throw new ConnectorException((Throwable) e);
        }
    }

    public void removeNonReadableAttributes(ObjectClass objectClass, Set<String> set) {
        ObjectClassInfo findObjectClassInfo = schema().findObjectClassInfo(objectClass.getObjectClassValue());
        if (findObjectClassInfo == null) {
            return;
        }
        SortedSet<String> newCaseInsensitiveSet = CollectionUtil.newCaseInsensitiveSet();
        SortedSet<String> newCaseInsensitiveSet2 = CollectionUtil.newCaseInsensitiveSet();
        for (AttributeInfo attributeInfo : findObjectClassInfo.getAttributeInfo()) {
            String name = attributeInfo.getName();
            newCaseInsensitiveSet.add(name);
            if (attributeInfo.isReadable()) {
                newCaseInsensitiveSet2.add(name);
            }
        }
        Iterator<String> it = set.iterator();
        while (it.hasNext()) {
            String next = it.next();
            if (newCaseInsensitiveSet.contains(next) && !newCaseInsensitiveSet2.contains(next)) {
                it.remove();
            }
        }
    }

    static {
        $assertionsDisabled = !LdapSchemaMapping.class.desiredAssertionStatus();
        LOG = Log.getLog(LdapSchemaMapping.class);
        ANY_OBJECT_CLASS = new ObjectClass(ObjectClassUtil.createSpecialName(Tokens.T_ANY));
    }
}
