package org.ametys.runtime.plugins.core.group.ldap;

import java.security.InvalidParameterException;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import org.ametys.runtime.group.Group;
import org.apache.avalon.framework.component.Component;
import org.apache.avalon.framework.configuration.Configuration;
import org.apache.avalon.framework.configuration.ConfigurationException;

/* loaded from: input_file:org/ametys/runtime/plugins/core/group/ldap/UserDrivenLdapGroupsManager.class */
public class UserDrivenLdapGroupsManager extends AbstractLDAPGroupsManager implements Component {
    protected String _usersMemberOfAttribute;
    protected String _usersRelativeDN;
    protected String _usersObjectFilter;
    protected int _usersSearchScope;
    protected String _usersLoginAttribute;
    private Pattern _groupExtractionPattern;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/ametys/runtime/plugins/core/group/ldap/UserDrivenLdapGroupsManager$UserInfos.class */
    public class UserInfos {
        private String _login;
        private Set<String> _groups = new HashSet();

        public UserInfos(String str) {
            this._login = str;
        }

        public String getLogin() {
            return this._login;
        }

        public Set<String> getGroups() {
            return this._groups;
        }

        public void addGroup(String str) {
            this._groups.add(str);
        }
    }

    @Override // org.ametys.runtime.plugins.core.group.ldap.AbstractLDAPGroupsManager, org.ametys.runtime.plugins.core.util.ldap.AbstractLDAPConnector
    public void configure(Configuration configuration) throws ConfigurationException {
        super.configure(configuration);
        this._usersRelativeDN = _getConfigParameter(configuration, "UsersRelativeDN");
        this._usersObjectFilter = _getFilter(configuration, "UsersFilter");
        this._usersSearchScope = _getSearchScope(configuration, "UsersSearchScope");
        this._usersLoginAttribute = _getConfigParameter(configuration, "UsersLogin");
        this._usersMemberOfAttribute = _getConfigParameter(configuration, "MemberOf");
        this._groupExtractionPattern = Pattern.compile("^" + this._groupsIdAttribute + "=([^,]+),.*");
    }

    @Override // org.ametys.runtime.group.GroupsManager
    public Group getGroup(String str) {
        for (Group group : getGroups()) {
            if (group.getId().equals(str)) {
                return group;
            }
        }
        return null;
    }

    @Override // org.ametys.runtime.group.GroupsManager
    public Set<Group> getGroups() {
        HashSet hashSet = new HashSet();
        HashMap hashMap = new HashMap();
        DirContext dirContext = null;
        NamingEnumeration namingEnumeration = null;
        HashMap hashMap2 = new HashMap();
        try {
            try {
                NamingEnumeration search = new InitialDirContext(_getContextEnv()).search(this._groupsRelativeDN, this._groupsObjectFilter, _getGroupsSearchConstraint());
                while (search.hasMoreElements()) {
                    Map<String, String> _getGroupDescription = _getGroupDescription((SearchResult) search.nextElement());
                    hashMap2.put(_getGroupDescription.get("id"), _getGroupDescription.get("desc"));
                }
                dirContext = new InitialDirContext(_getContextEnv());
                namingEnumeration = dirContext.search(this._usersRelativeDN, this._usersObjectFilter, _getUsersSearchConstraint());
                while (namingEnumeration.hasMoreElements()) {
                    UserInfos _getUserInfos = _getUserInfos((SearchResult) namingEnumeration.nextElement());
                    String login = _getUserInfos.getLogin();
                    for (String str : _getUserInfos.getGroups()) {
                        if (hashMap.containsKey(str)) {
                            ((Group) hashMap.get(str)).addUser(login);
                        } else {
                            String str2 = (String) hashMap2.get(str);
                            Group group = new Group(str, str2 != null ? str2 : str);
                            group.addUser(login);
                            hashMap.put(str, group);
                        }
                    }
                }
                hashSet.addAll(hashMap.values());
                _cleanup(dirContext, namingEnumeration);
            } catch (NamingException e) {
                getLogger().error("Error communication with ldap server", e);
                _cleanup(dirContext, namingEnumeration);
            } catch (InvalidParameterException e2) {
                getLogger().error("Error missing at least one attribute or attribute value", e2);
                _cleanup(dirContext, namingEnumeration);
            }
            return hashSet;
        } catch (Throwable th) {
            _cleanup(dirContext, namingEnumeration);
            throw th;
        }
    }

    private Map<String, String> _getGroupDescription(SearchResult searchResult) {
        HashMap hashMap = new HashMap();
        Attributes attributes = searchResult.getAttributes();
        try {
            Attribute attribute = attributes.get(this._groupsIdAttribute);
            if (attribute == null) {
                throw new IllegalArgumentException("Missing group id attribute : \"" + this._groupsIdAttribute + "\"");
            }
            String str = (String) attribute.get();
            Attribute attribute2 = attributes.get(this._groupsDescriptionAttribute);
            if (attribute2 == null) {
                throw new IllegalArgumentException("Missing group description attribute : \"" + this._groupsDescriptionAttribute + "\"");
            }
            String str2 = (String) attribute2.get();
            hashMap.put("id", str);
            hashMap.put("desc", str2);
            return hashMap;
        } catch (NamingException e) {
            throw new IllegalArgumentException("Missing at least one value for an attribute in an ldap entry", e);
        }
    }

    @Override // org.ametys.runtime.group.GroupsManager
    public Set<String> getUserGroups(String str) {
        HashSet hashSet = new HashSet();
        DirContext dirContext = null;
        NamingEnumeration namingEnumeration = null;
        try {
            try {
                dirContext = new InitialDirContext(_getContextEnv());
                StringBuffer stringBuffer = new StringBuffer("(&");
                stringBuffer.append(this._usersObjectFilter);
                stringBuffer.append("(");
                stringBuffer.append(this._usersLoginAttribute);
                stringBuffer.append("={0}))");
                namingEnumeration = dirContext.search(this._usersRelativeDN, stringBuffer.toString(), new Object[]{str}, _getUsersSearchConstraint());
                while (namingEnumeration.hasMoreElements()) {
                    hashSet.addAll(_getGroupID((SearchResult) namingEnumeration.nextElement()));
                }
                _cleanup(dirContext, namingEnumeration);
            } catch (InvalidParameterException e) {
                getLogger().error("Error missing at least one attribute or attribute value", e);
                _cleanup(dirContext, namingEnumeration);
            } catch (NamingException e2) {
                getLogger().error("Error communication with ldap server", e2);
                _cleanup(dirContext, namingEnumeration);
            }
            return hashSet;
        } catch (Throwable th) {
            _cleanup(dirContext, namingEnumeration);
            throw th;
        }
    }

    protected Set<String> _getGroupID(SearchResult searchResult) {
        HashSet hashSet = new HashSet();
        try {
            Attribute attribute = searchResult.getAttributes().get(this._usersMemberOfAttribute);
            if (attribute != null) {
                NamingEnumeration all = attribute.getAll();
                while (all.hasMore()) {
                    String str = (String) all.next();
                    Matcher matcher = this._groupExtractionPattern.matcher(str);
                    if (matcher.matches()) {
                        hashSet.add(matcher.group(1));
                    } else {
                        if (getLogger().isWarnEnabled()) {
                            getLogger().warn("Unable to get the uid from the LDAP RDN entry : " + str);
                        }
                        hashSet.add(str);
                    }
                }
                all.close();
            }
            return hashSet;
        } catch (NamingException e) {
            throw new IllegalArgumentException("Missing at least one value for an attribute in an ldap entry", e);
        }
    }

    protected UserInfos _getUserInfos(SearchResult searchResult) {
        Attributes attributes = searchResult.getAttributes();
        try {
            Attribute attribute = attributes.get(this._usersLoginAttribute);
            if (attribute == null) {
                throw new InvalidParameterException("Missing login id attribute : \"" + this._usersLoginAttribute + "\"");
            }
            UserInfos userInfos = new UserInfos((String) attribute.get());
            Attribute attribute2 = attributes.get(this._usersMemberOfAttribute);
            if (attribute2 != null) {
                NamingEnumeration all = attribute2.getAll();
                while (all.hasMore()) {
                    String str = (String) all.next();
                    Matcher matcher = this._groupExtractionPattern.matcher(str);
                    if (matcher.matches()) {
                        userInfos.addGroup(matcher.group(1));
                    } else {
                        if (getLogger().isWarnEnabled()) {
                            getLogger().warn("Unable to get the uid from the LDAP RDN entry : " + str);
                        }
                        userInfos.addGroup(str);
                    }
                }
                all.close();
            }
            return userInfos;
        } catch (NamingException e) {
            throw new IllegalArgumentException("Missing at least one value for an attribute in an ldap entry", e);
        }
    }

    protected SearchControls _getGroupsSearchConstraint() {
        SearchControls searchControls = new SearchControls();
        searchControls.setReturningAttributes(new String[]{this._groupsIdAttribute, this._groupsDescriptionAttribute});
        searchControls.setSearchScope(this._groupsSearchScope);
        return searchControls;
    }

    protected SearchControls _getUsersSearchConstraint() {
        SearchControls searchControls = new SearchControls();
        searchControls.setReturningAttributes(new String[]{this._usersLoginAttribute, this._usersMemberOfAttribute});
        searchControls.setSearchScope(this._usersSearchScope);
        return searchControls;
    }
}
