package org.ametys.core.util.ldap;

import java.io.IOException;
import java.util.ArrayList;
import java.util.Hashtable;
import java.util.List;
import java.util.Map;
import java.util.regex.Pattern;
import javax.naming.Context;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.naming.ldap.Control;
import javax.naming.ldap.InitialLdapContext;
import javax.naming.ldap.LdapContext;
import javax.naming.ldap.PagedResultsControl;
import javax.naming.ldap.PagedResultsResponseControl;
import org.ametys.core.datasource.AbstractDataSourceManager;
import org.ametys.core.datasource.ConnectionHelper;
import org.ametys.core.datasource.LDAPDataSourceManager;
import org.ametys.core.datasource.UnknownDataSourceException;
import org.ametys.core.util.CachingComponent;
import org.ametys.runtime.config.Config;
import org.ametys.runtime.plugin.PluginsManager;
import org.apache.avalon.framework.configuration.Configuration;
import org.apache.avalon.framework.configuration.ConfigurationException;
import org.apache.avalon.framework.service.ServiceException;
import org.apache.avalon.framework.service.ServiceManager;
import org.apache.avalon.framework.service.Serviceable;

/* loaded from: input_file:org/ametys/core/util/ldap/AbstractLDAPConnector.class */
public abstract class AbstractLDAPConnector extends CachingComponent<Object> implements Serviceable {
    protected static final int __DEFAULT_PAGE_SIZE = 1000;
    private static final Pattern __FILTER = Pattern.compile("\\s*\\(.*\\)\\s*");
    protected String _ldapUrl;
    protected String _ldapBaseDN;
    protected String _ldapAdminRelativeDN;
    protected String _ldapAdminPassword;
    protected String _ldapAuthenticationMethod;
    protected boolean _ldapUseSSL;
    protected boolean _ldapFollowReferrals;
    protected String _ldapAliasDerefMode;
    protected boolean _pagingSupported;
    private LDAPDataSourceManager _ldapDataSourceManager;

    /* JADX INFO: Access modifiers changed from: protected */
    public void _delayedInitialize(String str) throws Exception {
        AbstractDataSourceManager.DataSourceDefinition dataSourceDefinition = this._ldapDataSourceManager.getDataSourceDefinition(str);
        if (dataSourceDefinition == null) {
            throw new UnknownDataSourceException("The data source of id '" + str + "' is still referenced but no longer exists.");
        }
        Map<String, String> parameters = dataSourceDefinition.getParameters();
        this._ldapUrl = parameters.get(LDAPDataSourceManager.PARAM_BASE_URL);
        this._ldapBaseDN = parameters.get(LDAPDataSourceManager.PARAM_BASE_DN);
        this._ldapAdminRelativeDN = parameters.get(LDAPDataSourceManager.PARAM_ADMIN_DN);
        this._ldapAdminPassword = parameters.get(LDAPDataSourceManager.PARAM_ADMIN_PASSWORD);
        this._ldapAuthenticationMethod = parameters.get(LDAPDataSourceManager.PARAM_AUTHENTICATION_METHOD);
        this._ldapUseSSL = "true".equals(parameters.get(LDAPDataSourceManager.PARAM_USE_SSL));
        this._ldapFollowReferrals = "true".equals(parameters.get(LDAPDataSourceManager.PARAM_FOLLOW_REFERRALS));
        this._ldapAliasDerefMode = parameters.get(LDAPDataSourceManager.PARAM_ALIAS_DEREFERENCING);
        this._pagingSupported = _testPagingSupported();
    }

    public void service(ServiceManager serviceManager) throws ServiceException {
        this._ldapDataSourceManager = (LDAPDataSourceManager) serviceManager.lookup(LDAPDataSourceManager.ROLE);
    }

    protected String _getFilter(Configuration configuration, String str) throws ConfigurationException {
        String _getConfigParameter = _getConfigParameter(configuration, str);
        if (__FILTER.matcher(_getConfigParameter).matches()) {
            return _getConfigParameter;
        }
        throw new ConfigurationException("Invalid filter '" + _getConfigParameter + "', missing parenthesis", configuration);
    }

    protected int _getSearchScope(Configuration configuration, String str) throws ConfigurationException {
        try {
            return ScopeEnumerator.parseScope(_getConfigParameter(configuration, str));
        } catch (IllegalArgumentException e) {
            throw new ConfigurationException("Unable to parse scope", e);
        }
    }

    public boolean isPagingSupported() {
        return this._pagingSupported;
    }

    protected String _getConfigParameter(Configuration configuration, String str) throws ConfigurationException {
        String value = configuration.getChild(str).getValue((String) null);
        if (value != null) {
            return Config.getInstance().getValueAsString(value);
        }
        String str2 = "The parameter '" + str + "' is missing";
        getLogger().error(str2);
        throw new ConfigurationException(str2, configuration);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Hashtable<String, String> _getContextEnv() {
        Hashtable<String, String> hashtable = new Hashtable<>();
        hashtable.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
        hashtable.put("java.naming.provider.url", this._ldapUrl + PluginsManager.FEATURE_ID_SEPARATOR + this._ldapBaseDN);
        hashtable.put("java.naming.security.authentication", this._ldapAuthenticationMethod);
        if (!this._ldapAuthenticationMethod.equals("none")) {
            hashtable.put("java.naming.security.principal", this._ldapAdminRelativeDN);
            hashtable.put("java.naming.security.credentials", this._ldapAdminPassword);
        }
        if (this._ldapUseSSL) {
            hashtable.put("java.naming.security.protocol", "ssl");
        }
        if (this._ldapFollowReferrals) {
            hashtable.put("java.naming.referral", "follow");
        } else {
            hashtable.put("java.naming.referral", "ignore");
        }
        hashtable.put("java.naming.ldap.derefAliases", this._ldapAliasDerefMode);
        hashtable.put("com.sun.jndi.ldap.connect.pool", "true");
        return hashtable;
    }

    protected Hashtable<String, String> _getRootContextEnv() {
        Hashtable<String, String> _getContextEnv = _getContextEnv();
        _getContextEnv.put("java.naming.provider.url", this._ldapUrl);
        return _getContextEnv;
    }

    protected boolean _testPagingSupported() {
        boolean z = false;
        LdapContext ldapContext = null;
        NamingEnumeration namingEnumeration = null;
        try {
            try {
                ldapContext = new InitialLdapContext(_getRootContextEnv(), (Control[]) null);
                SearchControls searchControls = new SearchControls();
                searchControls.setReturningAttributes(new String[]{"supportedControl"});
                searchControls.setSearchScope(0);
                namingEnumeration = ldapContext.search(ConnectionHelper.DATABASE_UNKNOWN, "(objectClass=*)", searchControls);
                while (namingEnumeration.hasMore() && !z) {
                    NamingEnumeration all = ((SearchResult) namingEnumeration.next()).getAttributes().getAll();
                    while (all.hasMore() && !z) {
                        NamingEnumeration all2 = ((Attribute) all.next()).getAll();
                        while (all2.hasMore() && !z) {
                            if ("1.2.840.113556.1.4.319".equals((String) all2.next())) {
                                z = true;
                            }
                        }
                    }
                }
                _cleanup(ldapContext, namingEnumeration);
            } catch (NamingException e) {
                getLogger().warn("Error while testing the LDAP server for paging feature, assuming false.", e);
                _cleanup(ldapContext, namingEnumeration);
            }
            return z;
        } catch (Throwable th) {
            _cleanup(ldapContext, namingEnumeration);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void _cleanup(Context context, NamingEnumeration namingEnumeration) {
        if (namingEnumeration != null) {
            try {
                namingEnumeration.close();
            } catch (NamingException e) {
                getLogger().error("Error while closing ldap result", e);
            }
        }
        if (context != null) {
            try {
                context.close();
            } catch (NamingException e2) {
                getLogger().error("Error while closing ldap connection", e2);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public List<SearchResult> _search(int i, String str, String str2, SearchControls searchControls) throws NamingException {
        return _search(i, str, str2, null, searchControls, 0, Integer.MAX_VALUE);
    }

    protected List<SearchResult> _search(int i, String str, String str2, Object[] objArr, SearchControls searchControls, int i2, int i3) throws NamingException {
        ArrayList arrayList = new ArrayList();
        LdapContext ldapContext = null;
        NamingEnumeration namingEnumeration = null;
        try {
            ldapContext = new InitialLdapContext(_getContextEnv(), (Control[]) null);
            byte[] bArr = null;
            _setPagingIfSupported(i, ldapContext);
            int i4 = 0;
            do {
                namingEnumeration = ldapContext.search(str, str2, objArr, searchControls);
                while (namingEnumeration != null && namingEnumeration.hasMoreElements() && i4 < i2 + i3) {
                    SearchResult searchResult = (SearchResult) namingEnumeration.nextElement();
                    if (i4 >= i2) {
                        arrayList.add(searchResult);
                    }
                    i4++;
                }
                if (i4 < i2 + i3) {
                    PagedResultsResponseControl[] responseControls = ldapContext.getResponseControls();
                    if (responseControls != null) {
                        for (int i5 = 0; i5 < responseControls.length; i5++) {
                            if (responseControls[i5] instanceof PagedResultsResponseControl) {
                                bArr = responseControls[i5].getCookie();
                            }
                        }
                    }
                    if (isPagingSupported()) {
                        try {
                            ldapContext.setRequestControls(new Control[]{new PagedResultsControl(i, bArr, false)});
                        } catch (IOException e) {
                            getLogger().error("Error setting the PagedResultsControl in the LDAP context.", e);
                        }
                    }
                }
                if (bArr == null) {
                    break;
                }
            } while (i4 < i2 + i3);
            _cleanup(ldapContext, namingEnumeration);
            return arrayList;
        } catch (Throwable th) {
            _cleanup(ldapContext, namingEnumeration);
            throw th;
        }
    }

    protected void _setPagingIfSupported(int i, LdapContext ldapContext) throws NamingException {
        if (isPagingSupported()) {
            try {
                ldapContext.setRequestControls(new Control[]{new PagedResultsControl(i, false)});
            } catch (IOException e) {
                getLogger().error("Error setting the PagedResultsControl in the LDAP context.", e);
            }
        }
    }
}
