package org.jboss.as.domain.management.security;

import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashSet;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.naming.ldap.LdapReferralException;
import org.codehaus.plexus.util.LineOrientedInterpolatingReader;
import org.jboss.as.domain.management.DomainManagementLogger;
import org.jboss.as.domain.management.security.BaseLdapGroupSearchResource;

/* loaded from: input_file:WEB-INF/lib/wildfly-domain-management-8.2.1.Final.jar:org/jboss/as/domain/management/security/LdapGroupSearcherFactory.class */
public class LdapGroupSearcherFactory {
    private static final int searchTimeLimit = 10000;

    /* loaded from: input_file:WEB-INF/lib/wildfly-domain-management-8.2.1.Final.jar:org/jboss/as/domain/management/security/LdapGroupSearcherFactory$GroupToPrincipalSearcher.class */
    private static class GroupToPrincipalSearcher implements LdapSearcher<LdapEntry[], LdapEntry> {
        private final String baseDn;
        private final String groupDnAttribute;
        private final String groupNameAttribute;
        private final String[] attributeArray;
        private final String filterString;
        private final boolean recursive;
        private final BaseLdapGroupSearchResource.GroupName searchBy;

        private GroupToPrincipalSearcher(String str, String str2, String str3, String str4, boolean z, BaseLdapGroupSearchResource.GroupName groupName) {
            this.baseDn = str;
            this.groupDnAttribute = str2;
            this.groupNameAttribute = str3;
            this.attributeArray = LdapGroupSearcherFactory.createArray(str2, str3);
            this.filterString = String.format("(%s={0})", str4);
            this.recursive = z;
            this.searchBy = groupName;
            if (DomainManagementLogger.SECURITY_LOGGER.isTraceEnabled()) {
                DomainManagementLogger.SECURITY_LOGGER.tracef("GroupToPrincipalSearcher baseDn=%s", str);
                DomainManagementLogger.SECURITY_LOGGER.tracef("GroupToPrincipalSearcher groupDnAttribute=%s", str2);
                DomainManagementLogger.SECURITY_LOGGER.tracef("GroupToPrincipalSearcher groupNameAttribute=%s", str3);
                DomainManagementLogger.SECURITY_LOGGER.tracef("GroupToPrincipalSearcher attributeArray=%s", Arrays.toString(this.attributeArray));
                DomainManagementLogger.SECURITY_LOGGER.tracef("GroupToPrincipalSearcher filterString=%s", this.filterString);
                DomainManagementLogger.SECURITY_LOGGER.tracef("GroupToPrincipalSearcher recursive=%b", Boolean.valueOf(z));
                DomainManagementLogger.SECURITY_LOGGER.tracef("GroupToPrincipalSearcher searchBy=%s", groupName);
            }
        }

        @Override // org.jboss.as.domain.management.security.LdapSearcher
        public LdapEntry[] search(LdapConnectionHandler ldapConnectionHandler, LdapEntry ldapEntry) throws IOException, NamingException {
            SearchControls createSearchControl = LdapGroupSearcherFactory.createSearchControl(this.recursive, this.attributeArray);
            HashSet hashSet = new HashSet();
            Object[] searchParameter = getSearchParameter(ldapEntry);
            boolean isTraceEnabled = DomainManagementLogger.SECURITY_LOGGER.isTraceEnabled();
            if (isTraceEnabled) {
                DomainManagementLogger.SECURITY_LOGGER.tracef("Performing search baseDn=%s, filterString=%s, searchParameter=%s", this.baseDn, this.filterString, Arrays.toString(searchParameter));
            }
            NamingEnumeration search = ldapConnectionHandler.getConnection().search(this.baseDn, this.filterString, searchParameter, createSearchControl);
            if (isTraceEnabled && !search.hasMore()) {
                DomainManagementLogger.SECURITY_LOGGER.trace("No search results found.");
            }
            while (search.hasMore()) {
                SearchResult searchResult = (SearchResult) search.next();
                Attributes attributes = searchResult.getAttributes();
                if (attributes != null) {
                    LdapEntry convertToLdapEntry = convertToLdapEntry(searchResult, attributes);
                    DomainManagementLogger.SECURITY_LOGGER.tracef("Adding %s", convertToLdapEntry);
                    hashSet.add(convertToLdapEntry);
                } else {
                    DomainManagementLogger.SECURITY_LOGGER.tracef("No attributes found for %s", searchResult);
                }
            }
            return (LdapEntry[]) hashSet.toArray(new LdapEntry[hashSet.size()]);
        }

        private LdapEntry convertToLdapEntry(SearchResult searchResult, Attributes attributes) throws NamingException {
            String str = null;
            String str2 = null;
            if (this.groupNameAttribute != null) {
                DomainManagementLogger.SECURITY_LOGGER.tracef("Getting groupNameAttribute=%s", this.groupNameAttribute);
                Attribute attribute = attributes.get(this.groupNameAttribute);
                if (attribute != null) {
                    str = (String) attribute.get();
                }
            }
            if (this.groupDnAttribute != null) {
                if (UserLdapCallbackHandler.DEFAULT_USER_DN.equals(this.groupDnAttribute)) {
                    DomainManagementLogger.SECURITY_LOGGER.trace("Obtaining dn using getNameInNamespace()");
                    str2 = searchResult.getNameInNamespace();
                } else {
                    DomainManagementLogger.SECURITY_LOGGER.tracef("Getting groupDnAttribute=%s", this.groupDnAttribute);
                    Attribute attribute2 = attributes.get(this.groupDnAttribute);
                    if (attribute2 != null) {
                        str2 = (String) attribute2.get();
                    }
                }
            }
            return new LdapEntry(str, str2);
        }

        private Object[] getSearchParameter(LdapEntry ldapEntry) {
            switch (this.searchBy) {
                case SIMPLE:
                    return new String[]{ldapEntry.getSimpleName()};
                default:
                    return new String[]{ldapEntry.getDistinguishedName()};
            }
        }
    }

    /* loaded from: input_file:WEB-INF/lib/wildfly-domain-management-8.2.1.Final.jar:org/jboss/as/domain/management/security/LdapGroupSearcherFactory$PrincipalToGroupSearcher.class */
    private static class PrincipalToGroupSearcher implements LdapSearcher<LdapEntry[], LdapEntry> {
        private final String groupAttribute;
        private final String groupNameAttribute;
        private final boolean preferOriginalConnection;

        private PrincipalToGroupSearcher(String str, String str2, boolean z) {
            this.groupAttribute = str;
            this.groupNameAttribute = str2;
            this.preferOriginalConnection = z;
            if (DomainManagementLogger.SECURITY_LOGGER.isTraceEnabled()) {
                DomainManagementLogger.SECURITY_LOGGER.tracef("PrincipalToGroupSearcher groupAttribute=%s", str);
                DomainManagementLogger.SECURITY_LOGGER.tracef("PrincipalToGroupSearcher groupNameAttribute=%s", str2);
                DomainManagementLogger.SECURITY_LOGGER.tracef("PrincipalToGroupSearcher preferOriginalConnection=%b", Boolean.valueOf(z));
            }
        }

        @Override // org.jboss.as.domain.management.security.LdapSearcher
        public LdapEntry[] search(LdapConnectionHandler ldapConnectionHandler, LdapEntry ldapEntry) throws IOException, NamingException {
            boolean z;
            HashSet hashSet = new HashSet();
            LdapConnectionHandler ldapConnectionHandler2 = ldapConnectionHandler;
            URI referralUri = ldapEntry.getReferralUri();
            URI uri = referralUri;
            if (referralUri != null) {
                ldapConnectionHandler2 = ldapConnectionHandler2.findForReferral(uri);
                if (ldapConnectionHandler2 == null) {
                    DomainManagementLogger.SECURITY_LOGGER.tracef("Unable to obtain connection handler for referral URI %s", uri);
                    return (LdapEntry[]) hashSet.toArray(new LdapEntry[hashSet.size()]);
                }
            }
            Attribute attribute = ldapConnectionHandler2.getConnection().getAttributes(ldapEntry.getDistinguishedName(), new String[]{this.groupAttribute}).get(this.groupAttribute);
            if (this.preferOriginalConnection) {
                ldapConnectionHandler2 = ldapConnectionHandler;
                uri = null;
            }
            if (attribute == null || attribute.size() <= 0) {
                DomainManagementLogger.SECURITY_LOGGER.tracef("No groups found for %s", ldapEntry);
            } else {
                NamingEnumeration all = attribute.getAll();
                while (all.hasMore()) {
                    String replace = ((String) all.next()).replace(LineOrientedInterpolatingReader.DEFAULT_ESCAPE_SEQ, "\\\\").replace("/", "\\/");
                    DomainManagementLogger.SECURITY_LOGGER.tracef("Group found with distinguishedName=%s", replace);
                    LdapConnectionHandler ldapConnectionHandler3 = ldapConnectionHandler2;
                    URI uri2 = uri;
                    String str = null;
                    do {
                        z = false;
                        try {
                            Attributes attributes = ldapConnectionHandler3.getConnection().getAttributes(replace, this.groupNameAttribute != null ? new String[]{this.groupNameAttribute} : new String[0]);
                            if (this.groupNameAttribute != null) {
                                str = (String) attributes.get(this.groupNameAttribute).get();
                                DomainManagementLogger.SECURITY_LOGGER.tracef("simpleName %s loaded for group with distinguishedName=%s", str, replace);
                            } else {
                                DomainManagementLogger.SECURITY_LOGGER.trace("No groupNameAttribute to load simpleName");
                            }
                            hashSet.add(new LdapEntry(str, replace, uri2));
                        } catch (LdapReferralException e) {
                            Object referralInfo = e.getReferralInfo();
                            try {
                                URI uri3 = new URI(referralInfo.toString());
                                uri2 = new URI(uri3.getScheme(), null, uri3.getHost(), uri3.getPort(), null, null, null);
                                replace = uri3.getPath().substring(1);
                                DomainManagementLogger.SECURITY_LOGGER.tracef("Received referral with address '%s' for dn '%s'", uri2.toString(), replace);
                                ldapConnectionHandler3 = ldapConnectionHandler3.findForReferral(uri2);
                                if (ldapConnectionHandler3 == null) {
                                    DomainManagementLogger.SECURITY_LOGGER.tracef("Unable to follow referral to '%s'", uri3);
                                }
                                z = true;
                            } catch (URISyntaxException e2) {
                                DomainManagementLogger.SECURITY_LOGGER.tracef("Unable to construct URI from referral: %s", referralInfo);
                            }
                        }
                    } while (z);
                }
            }
            return (LdapEntry[]) hashSet.toArray(new LdapEntry[hashSet.size()]);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static LdapSearcher<LdapEntry[], LdapEntry> createForGroupToPrincipal(String str, String str2, String str3, String str4, boolean z, BaseLdapGroupSearchResource.GroupName groupName) {
        return new GroupToPrincipalSearcher(str, str2, str3, str4, z, groupName);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static LdapSearcher<LdapEntry[], LdapEntry> createForPrincipalToGroup(String str, String str2, boolean z) {
        return new PrincipalToGroupSearcher(str, str2, z);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static SearchControls createSearchControl(boolean z, String[] strArr) {
        if (DomainManagementLogger.SECURITY_LOGGER.isTraceEnabled()) {
            DomainManagementLogger.SECURITY_LOGGER.tracef("createSearchControl recursive=%b,  attributes=%s", Boolean.valueOf(z), Arrays.toString(strArr));
        }
        SearchControls searchControls = new SearchControls();
        if (z) {
            searchControls.setSearchScope(2);
        } else {
            searchControls.setSearchScope(1);
        }
        searchControls.setReturningAttributes(strArr);
        searchControls.setTimeLimit(10000);
        return searchControls;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static String[] createArray(String... strArr) {
        ArrayList arrayList = new ArrayList(strArr.length);
        for (String str : strArr) {
            if (str != null) {
                arrayList.add(str);
            }
        }
        return (String[]) arrayList.toArray(new String[arrayList.size()]);
    }
}
