package org.jaaslounge.ldap;

import java.security.PrivilegedAction;
import java.util.ArrayList;
import java.util.Hashtable;
import java.util.List;
import java.util.Map;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.security.auth.Subject;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;

/* loaded from: input_file:org/jaaslounge/ldap/LDAPReader.class */
public class LDAPReader implements PrivilegedAction {
    private Map _cMap;
    private boolean _bDebug;
    private String _sUser;
    private char[] _sPasswd;
    private DirContext _cDirContext = null;
    private List _cUserGroups = new ArrayList();
    private String _sLDAPServerURL = null;
    private String _sLDAPSuperUserContext = null;
    private String _sLDAPInitialContextFactory = null;
    private String _sLDAPSearchFilter = null;
    private boolean _sLDAPTruncateMemberOf = false;
    private String _sLDAPGroupSearch = null;
    private String _sLDAPClassName = null;
    private String _sLDAPUserSearch = null;

    public LDAPReader(Map map, boolean z, String str, char[] cArr) throws Exception {
        this._cMap = null;
        this._bDebug = false;
        this._sUser = null;
        this._sPasswd = null;
        if (map == null || str == null || cArr == null) {
            throw new Exception("LDAPReader(Map opts,boolean isDebug,CallbackHandler callback,String sUser,char[] sPasswd): Parameter null");
        }
        this._bDebug = z;
        this._cMap = map;
        this._sUser = str;
        this._sPasswd = cArr;
        init();
    }

    @Override // java.security.PrivilegedAction
    public Object run() {
        LDAPConnect();
        return null;
    }

    public void LDAPConnect() {
        int indexOf;
        Hashtable hashtable = new Hashtable(11);
        hashtable.put("java.naming.provider.url", this._sLDAPServerURL);
        hashtable.put("java.naming.factory.initial", this._sLDAPInitialContextFactory);
        hashtable.put("java.naming.security.authentication", "GSSAPI");
        hashtable.put("javax.security.sasl.qop", "auth");
        try {
            this._cDirContext = new InitialDirContext(hashtable);
            if (this._bDebug) {
                System.out.println("[" + getClass().getName() + "] " + this._cDirContext.getAttributes(this._sLDAPServerURL, new String[]{"supportedSASLMechanisms"}).clone().toString());
            }
            SearchControls searchControls = new SearchControls();
            searchControls.setSearchScope(2);
            String ReplaceSearchParameter = ReplaceSearchParameter(this._sLDAPSearchFilter != null ? this._sLDAPSearchFilter : "(&(objectClass=user)(CN=%s*))", this._sUser);
            if (this._bDebug) {
                System.out.println("[" + getClass().getName() + "]: searchFilter: " + ReplaceSearchParameter);
            }
            searchControls.setReturningAttributes(new String[]{"memberOf"});
            NamingEnumeration search = this._cDirContext.search(this._sLDAPSuperUserContext, ReplaceSearchParameter, searchControls);
            while (search.hasMoreElements()) {
                SearchResult searchResult = (SearchResult) search.next();
                if (this._bDebug) {
                    System.out.println("[" + getClass().getName() + "] " + searchResult.getName());
                }
                Attributes attributes = searchResult.getAttributes();
                if (attributes != null) {
                    try {
                        NamingEnumeration all = attributes.getAll();
                        while (all.hasMore()) {
                            Attribute attribute = (Attribute) all.next();
                            if (this._bDebug) {
                                System.out.println("[" + getClass().getName() + "]: Attribute: " + attribute.getID());
                            }
                            NamingEnumeration all2 = attribute.getAll();
                            while (all2.hasMoreElements()) {
                                String obj = all2.nextElement().toString();
                                if (this._sLDAPTruncateMemberOf && (indexOf = obj.indexOf("CN=")) != -1) {
                                    obj = obj.substring(indexOf + 3, obj.indexOf(",", indexOf + 3));
                                }
                                if (this._bDebug) {
                                    System.out.println("[" + getClass().getName() + "]: " + obj);
                                }
                                this._cUserGroups.add(obj);
                            }
                        }
                    } catch (NamingException e) {
                        System.out.println("[" + getClass().getName() + "]: Problem listing membership: " + e);
                    }
                }
            }
            this._cDirContext.close();
        } catch (NamingException e2) {
            e2.printStackTrace();
        }
    }

    private String ReplaceSearchParameter(String str, String str2) {
        StringBuffer stringBuffer = new StringBuffer(str);
        int indexOf = stringBuffer.indexOf("%s");
        if (indexOf != -1) {
            while (indexOf != -1) {
                stringBuffer.delete(indexOf, indexOf + 2);
                stringBuffer.insert(indexOf, str2);
                indexOf = stringBuffer.indexOf("%s");
            }
        }
        return stringBuffer.toString();
    }

    private void init() throws Exception {
        this._sLDAPServerURL = (String) this._cMap.get("LDAPServerURL");
        this._sLDAPSuperUserContext = (String) this._cMap.get("LDAPSuperUserContext");
        this._sLDAPInitialContextFactory = (String) this._cMap.get("LDAPInitialContextFactory");
        this._sLDAPSearchFilter = (String) this._cMap.get("LDAPSearchFilter");
        String str = (String) this._cMap.get("LDAPTruncateMemberOf");
        if (str == null) {
            this._sLDAPTruncateMemberOf = false;
        } else if (str.equalsIgnoreCase("yes") || str.equalsIgnoreCase("1") || str.equalsIgnoreCase("on") || str.equalsIgnoreCase("true")) {
            this._sLDAPTruncateMemberOf = true;
        } else {
            this._sLDAPTruncateMemberOf = false;
        }
        if (this._sLDAPServerURL == null) {
            throw new Exception("Missing Parameter [LDAPServerURL]");
        }
        if (this._sLDAPSuperUserContext == null) {
            throw new Exception("Missing Parameter [LDAPSuperUserContext]");
        }
        if (this._sLDAPInitialContextFactory == null) {
            throw new Exception("Missing Parameter [LDAPInitialContextFactory]");
        }
        if (this._bDebug) {
            System.out.println("[" + getClass().getName() + "]: LDAPServerURL=" + this._sLDAPServerURL);
            System.out.println("[" + getClass().getName() + "]: LDAPSuperUserContext=" + this._sLDAPSuperUserContext);
            System.out.println("[" + getClass().getName() + "]: LDAPInitialContextFactory=" + this._sLDAPInitialContextFactory);
            System.out.println("[" + getClass().getName() + "]: LDAPSearchFilter=" + this._sLDAPSearchFilter);
            System.out.println("[" + getClass().getName() + "]: LDAPTruncateMemberOf=" + this._sLDAPTruncateMemberOf);
        }
    }

    public void connect() throws Exception {
        if (this._bDebug) {
            System.out.println("[" + getClass().getName() + "] sun.security.krb5.debug=true");
            System.setProperty("sun.security.krb5.debug", "true");
        }
        try {
            if (this._bDebug) {
                System.out.println("[" + getClass().getName() + "]: Kerberos Authentication start");
                System.out.println("[" + getClass().getName() + "]: java.security.auth.login.config = " + System.getProperty("java.security.auth.login.config"));
            }
            LoginContext loginContext = new LoginContext("Kerberos", new LDAPCallbackHandler(this._sUser, new String(this._sPasswd)));
            loginContext.login();
            if (this._bDebug) {
                System.out.println("[" + getClass().getName() + "]: Kerberos Authentication succesful");
            }
            Subject.doAs(loginContext.getSubject(), this);
            if (this._bDebug) {
                System.out.println("[" + getClass().getName() + "]: LDAP Authentication succesful");
            }
        } catch (LoginException e) {
            if (this._bDebug) {
                System.out.println("[" + getClass().getName() + "]: Kerberos or LDAP Authentication failed");
            }
            throw new Exception("LDAPReader()::connect: " + e.getMessage());
        }
    }

    public List getMemberGroups() {
        return this._cUserGroups;
    }
}
