package org.ametys.plugins.core.impl.checker;

import java.util.HashMap;
import java.util.Hashtable;
import java.util.List;
import java.util.Map;
import javax.naming.Context;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.naming.ldap.Control;
import javax.naming.ldap.InitialLdapContext;
import javax.naming.ldap.LdapContext;
import org.ametys.core.datasource.AbstractDataSourceManager;
import org.ametys.core.datasource.ConnectionHelper;
import org.ametys.core.datasource.LDAPDataSourceManager;
import org.ametys.core.util.ldap.ScopeEnumerator;
import org.ametys.runtime.model.checker.ItemChecker;
import org.ametys.runtime.model.checker.ItemCheckerTestFailureException;
import org.ametys.runtime.plugin.component.AbstractLogEnabled;
import org.apache.avalon.framework.service.ServiceException;
import org.apache.avalon.framework.service.ServiceManager;
import org.apache.avalon.framework.service.Serviceable;

/* loaded from: input_file:org/ametys/plugins/core/impl/checker/LdapUserDirectoryChecker.class */
public class LdapUserDirectoryChecker extends AbstractLogEnabled implements ItemChecker, Serviceable {
    private ServiceManager _manager;
    private LDAPDataSourceManager _ldapDataSourceManager;

    public void service(ServiceManager serviceManager) throws ServiceException {
        this._manager = serviceManager;
    }

    @Override // org.ametys.runtime.model.checker.ItemChecker
    public void check(List<String> list) throws ItemCheckerTestFailureException {
        if (this._ldapDataSourceManager == null) {
            try {
                this._ldapDataSourceManager = (LDAPDataSourceManager) this._manager.lookup(LDAPDataSourceManager.ROLE);
            } catch (ServiceException e) {
                throw new ItemCheckerTestFailureException("The test cannot be tested now", e);
            }
        }
        String str = list.get(0);
        String str2 = list.get(1);
        String str3 = list.get(2);
        int parseScope = ScopeEnumerator.parseScope(list.get(3));
        String str4 = list.get(4);
        String str5 = list.get(5);
        if (str5 != null && str5.length() == 0) {
            str5 = null;
        }
        String str6 = list.get(6);
        String str7 = list.get(7);
        boolean equals = "true".equals(list.get(8));
        AbstractDataSourceManager.DataSourceDefinition dataSourceDefinition = this._ldapDataSourceManager.getDataSourceDefinition(str);
        if (dataSourceDefinition == null) {
            throw new ItemCheckerTestFailureException("Unable to find the data source definition for the id '" + str + "'.");
        }
        LdapContext ldapContext = null;
        NamingEnumeration namingEnumeration = null;
        try {
            try {
                ldapContext = new InitialLdapContext(_getContextEnv(dataSourceDefinition), (Control[]) null);
                namingEnumeration = ldapContext.search(str2, str3, new Object[0], _getSearchConstraint(0, str5, str4, str6, str7, parseScope));
                boolean z = false;
                while (namingEnumeration.hasMoreElements() && !z) {
                    if (_getAttributes((SearchResult) namingEnumeration.nextElement(), str4, str5, str6, str7, equals) != null) {
                        z = true;
                    }
                }
                if (!z) {
                    throw new ItemCheckerTestFailureException("The LDAP repository does not return any user with the given parameters.");
                }
                try {
                    _cleanup(ldapContext, namingEnumeration);
                } catch (NamingException e2) {
                    getLogger().error("Cleaning the LDAP connection during test failed.", e2);
                    throw new ItemCheckerTestFailureException((Throwable) e2);
                }
            } catch (IllegalArgumentException | NamingException e3) {
                throw new ItemCheckerTestFailureException(e3);
            }
        } catch (Throwable th) {
            try {
                _cleanup(ldapContext, namingEnumeration);
                throw th;
            } catch (NamingException e4) {
                getLogger().error("Cleaning the LDAP connection during test failed.", e4);
                throw new ItemCheckerTestFailureException((Throwable) e4);
            }
        }
    }

    private Hashtable<String, String> _getContextEnv(AbstractDataSourceManager.DataSourceDefinition dataSourceDefinition) {
        Map<String, Object> parameters = dataSourceDefinition.getParameters();
        String str = (String) parameters.get(LDAPDataSourceManager.PARAM_BASE_URL);
        String str2 = (String) parameters.get(LDAPDataSourceManager.PARAM_BASE_DN);
        String str3 = (String) parameters.get(LDAPDataSourceManager.PARAM_ADMIN_DN);
        String str4 = (String) parameters.get(LDAPDataSourceManager.PARAM_ADMIN_PASSWORD);
        String str5 = (String) parameters.get(LDAPDataSourceManager.PARAM_AUTHENTICATION_METHOD);
        boolean booleanValue = ((Boolean) parameters.get(LDAPDataSourceManager.PARAM_USE_SSL)).booleanValue();
        boolean booleanValue2 = ((Boolean) parameters.get(LDAPDataSourceManager.PARAM_FOLLOW_REFERRALS)).booleanValue();
        String str6 = (String) parameters.get(LDAPDataSourceManager.PARAM_ALIAS_DEREFERENCING);
        Hashtable<String, String> hashtable = new Hashtable<>();
        hashtable.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
        hashtable.put("java.naming.provider.url", str + "/" + str2);
        hashtable.put("java.naming.security.authentication", str5);
        if (!str5.equals("none")) {
            hashtable.put("java.naming.security.principal", str3);
            hashtable.put("java.naming.security.credentials", str4);
        }
        if (booleanValue) {
            hashtable.put("java.naming.security.protocol", "ssl");
        }
        if (booleanValue2) {
            hashtable.put("java.naming.referral", "follow");
        } else {
            hashtable.put("java.naming.referral", "ignore");
        }
        hashtable.put("java.naming.ldap.derefAliases", str6);
        hashtable.put("com.sun.jndi.ldap.connect.pool", "true");
        return hashtable;
    }

    private SearchControls _getSearchConstraint(int i, String str, String str2, String str3, String str4, int i2) {
        SearchControls searchControls = new SearchControls();
        int i3 = 4;
        if (str == null) {
            i3 = 4 - 1;
        }
        String[] strArr = new String[i3];
        int i4 = 0 + 1;
        strArr[0] = str2;
        if (str != null) {
            i4++;
            strArr[i4] = str;
        }
        int i5 = i4;
        int i6 = i4 + 1;
        strArr[i5] = str3;
        int i7 = i6 + 1;
        strArr[i6] = str4;
        searchControls.setReturningAttributes(strArr);
        searchControls.setSearchScope(i2);
        if (i > 0) {
            searchControls.setCountLimit(i);
        }
        return searchControls;
    }

    private Map<String, Object> _getAttributes(SearchResult searchResult, String str, String str2, String str3, String str4, boolean z) throws NamingException {
        HashMap hashMap = new HashMap();
        Attributes attributes = searchResult.getAttributes();
        Attribute attribute = attributes.get(str);
        if (attribute == null) {
            if (!getLogger().isWarnEnabled()) {
                return null;
            }
            getLogger().warn("Missing login attribute : '{}'", str);
            return null;
        }
        hashMap.put(str, attribute.get());
        if (str2 != null) {
            Attribute attribute2 = attributes.get(str2);
            if (attribute2 == null) {
                if (!getLogger().isWarnEnabled()) {
                    return null;
                }
                getLogger().warn("Missing firstname attribute : '{}', for user '{}'.", str2, hashMap.get(str));
                return null;
            }
            hashMap.put(str2, attribute2.get());
        }
        Attribute attribute3 = attributes.get(str3);
        if (attribute3 == null) {
            if (!getLogger().isWarnEnabled()) {
                return null;
            }
            getLogger().warn("Missing lastname attribute : '{}', for user '{}'.", str3, hashMap.get(str));
            return null;
        }
        hashMap.put(str3, attribute3.get());
        Attribute attribute4 = attributes.get(str4);
        if (attribute4 == null && z) {
            if (!getLogger().isWarnEnabled()) {
                return null;
            }
            getLogger().warn("Missing email attribute : '{}', for user '{}'.", str4, hashMap.get(str));
            return null;
        }
        if (attribute4 == null) {
            hashMap.put(str4, ConnectionHelper.DATABASE_UNKNOWN);
        } else {
            hashMap.put(str4, attribute4.get());
        }
        return hashMap;
    }

    private void _cleanup(Context context, NamingEnumeration namingEnumeration) throws NamingException {
        if (namingEnumeration != null) {
            namingEnumeration.close();
        }
        if (context != null) {
            context.close();
        }
    }
}
