package com.nimbusds.infinispan.persistence.ldap.backend;

import com.codahale.metrics.Timer;
import com.nimbusds.common.appendable.Appendable;
import com.nimbusds.common.ldap.LDAPConnectionPoolFactory;
import com.nimbusds.common.ldap.LDAPConnectionPoolMetrics;
import com.nimbusds.common.ldap.LDAPHealthCheck;
import com.nimbusds.common.monitor.MonitorRegistries;
import com.nimbusds.infinispan.persistence.ldap.LDAPStoreConfiguration;
import com.nimbusds.infinispan.persistence.ldap.Loggers;
import com.unboundid.asn1.ASN1OctetString;
import com.unboundid.ldap.sdk.DN;
import com.unboundid.ldap.sdk.DeleteRequest;
import com.unboundid.ldap.sdk.Entry;
import com.unboundid.ldap.sdk.Filter;
import com.unboundid.ldap.sdk.LDAPConnection;
import com.unboundid.ldap.sdk.LDAPConnectionPool;
import com.unboundid.ldap.sdk.LDAPException;
import com.unboundid.ldap.sdk.LDAPResult;
import com.unboundid.ldap.sdk.LDAPSearchException;
import com.unboundid.ldap.sdk.ModifyRequest;
import com.unboundid.ldap.sdk.ReadOnlyEntry;
import com.unboundid.ldap.sdk.ResultCode;
import com.unboundid.ldap.sdk.SearchRequest;
import com.unboundid.ldap.sdk.SearchResult;
import com.unboundid.ldap.sdk.SearchResultEntry;
import com.unboundid.ldap.sdk.SearchScope;
import com.unboundid.ldap.sdk.controls.SimplePagedResultsControl;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Set;
import java.util.concurrent.atomic.AtomicInteger;
import net.jcip.annotations.ThreadSafe;
import org.infinispan.persistence.spi.PersistenceException;

@ThreadSafe
/* loaded from: input_file:com/nimbusds/infinispan/persistence/ldap/backend/LDAPConnector.class */
public class LDAPConnector {
    public static final Filter MATCH_ANY_FILTER = Filter.createPresenceFilter("objectClass");
    private final LDAPStoreConfiguration config;
    private final LDAPConnectionPool ldapConnPool;
    private final LDAPModifyRequestFactory ldapModifyRequestFactory;
    private final boolean supportAttributeOptions;
    private final LDAPTimers ldapTimers;
    private final String cacheName;

    public LDAPConnector(LDAPStoreConfiguration lDAPStoreConfiguration, String str, Set<String> set, boolean z) {
        this.config = lDAPStoreConfiguration;
        this.cacheName = str;
        this.supportAttributeOptions = z;
        try {
            this.ldapConnPool = new LDAPConnectionPoolFactory(lDAPStoreConfiguration.ldapServer, lDAPStoreConfiguration.customTrustStore, lDAPStoreConfiguration.customKeyStore, lDAPStoreConfiguration.ldapUser).createLDAPConnectionPool();
            this.ldapConnPool.setConnectionPoolName(str);
            checkBaseDN();
            this.ldapModifyRequestFactory = new LDAPModifyRequestFactory(set);
            this.ldapTimers = new LDAPTimers(str + ".");
            String str2 = str + ".ldapStore";
            MonitorRegistries.register(new LDAPConnectionPoolMetrics(this.ldapConnPool, str2));
            MonitorRegistries.register(str2, new LDAPHealthCheck(this.ldapConnPool, lDAPStoreConfiguration.ldapDirectory.baseDN, Loggers.LDAP_LOG));
            Loggers.MAIN_LOG.info("[IL0100] Created new LDAP store connector for " + str + " cache");
        } catch (Exception e) {
            throw new PersistenceException("LDAP connection pool creation for " + str + " cache failed: " + e.getMessage(), e);
        }
    }

    private void checkBaseDN() {
        try {
            if (this.ldapConnPool.getEntry(this.config.ldapDirectory.baseDN.toString()) == null) {
                Loggers.MAIN_LOG.warn("[IL0101] The configured LDAP store base DN for {} cache doesn't exist: {}", new Object[]{this.cacheName, this.config.ldapDirectory.baseDN});
            }
        } catch (LDAPException e) {
            Loggers.MAIN_LOG.warn("[IL0102] Couldn't verify the LDAP store base DN for {} cache: {}", new Object[]{this.cacheName, e.getMessage()});
        }
    }

    public LDAPConnectionPool getPool() {
        return this.ldapConnPool;
    }

    public ReadOnlyEntry retrieveEntry(DN dn) {
        Timer.Context time = this.ldapTimers.getTimer.time();
        try {
            try {
                SearchResultEntry entry = this.ldapConnPool.getEntry(dn.toString(), new String[]{"*"});
                time.stop();
                return entry;
            } catch (LDAPException e) {
                throw new PersistenceException("LDAP get of " + dn + " failed: " + e.getResultString(), e);
            }
        } catch (Throwable th) {
            time.stop();
            throw th;
        }
    }

    public void retrieveEntries(Appendable<ReadOnlyEntry> appendable) {
        doSearch(new SearchRequest(this.config.ldapDirectory.baseDN.toString(), SearchScope.ONE, MATCH_ANY_FILTER, new String[]{"*"}), appendable);
    }

    public boolean entryExists(DN dn) {
        Timer.Context time = this.ldapTimers.getTimer.time();
        try {
            try {
                return this.ldapConnPool.getEntry(dn.toString(), new String[]{"1.1"}) != null;
            } catch (LDAPException e) {
                throw new PersistenceException("LDAP get of " + dn + " failed: " + e.getResultString(), e);
            }
        } finally {
            time.stop();
        }
    }

    public boolean addEntry(ReadOnlyEntry readOnlyEntry) {
        Timer.Context time = this.ldapTimers.addTimer.time();
        try {
            try {
                LDAPResult add = this.ldapConnPool.add(readOnlyEntry);
                time.stop();
                ResultCode resultCode = add.getResultCode();
                if (resultCode.equals(ResultCode.SUCCESS)) {
                    return true;
                }
                if (resultCode.equals(ResultCode.ENTRY_ALREADY_EXISTS)) {
                    return false;
                }
                throw new PersistenceException("LDAP add for " + readOnlyEntry.getDN() + " failed: " + resultCode.getName());
            } catch (LDAPException e) {
                if (!e.getResultCode().equals(ResultCode.ENTRY_ALREADY_EXISTS)) {
                    throw new PersistenceException("LDAP add for " + readOnlyEntry.getDN() + " failed: " + e.getResultString(), e);
                }
                time.stop();
                return false;
            }
        } catch (Throwable th) {
            time.stop();
            throw th;
        }
    }

    public boolean replaceEntry(ReadOnlyEntry readOnlyEntry) {
        ModifyRequest composeModifyRequest;
        if (this.supportAttributeOptions) {
            try {
                Entry retrieveEntry = retrieveEntry(new DN(readOnlyEntry.getDN()));
                if (retrieveEntry == null) {
                    return false;
                }
                composeModifyRequest = this.ldapModifyRequestFactory.composeModifyRequest(readOnlyEntry, retrieveEntry);
                if (composeModifyRequest == null) {
                    return true;
                }
            } catch (LDAPException e) {
                throw new PersistenceException(e.getMessage(), e);
            }
        } else {
            composeModifyRequest = this.ldapModifyRequestFactory.composeModifyRequest(readOnlyEntry);
        }
        Timer.Context time = this.ldapTimers.modifyTimer.time();
        try {
            try {
                LDAPResult modify = this.ldapConnPool.modify(composeModifyRequest);
                time.stop();
                ResultCode resultCode = modify.getResultCode();
                if (resultCode.equals(ResultCode.SUCCESS)) {
                    return true;
                }
                if (resultCode.equals(ResultCode.NO_SUCH_OBJECT)) {
                    return false;
                }
                throw new PersistenceException("LDAP modify " + composeModifyRequest.getDN() + " failed: " + resultCode.getName());
            } catch (LDAPException e2) {
                if (!e2.getResultCode().equals(ResultCode.NO_SUCH_OBJECT)) {
                    throw new PersistenceException("LDAP modify for " + composeModifyRequest.getDN() + " failed: " + e2.getResultString(), e2);
                }
                time.stop();
                return false;
            }
        } catch (Throwable th) {
            time.stop();
            throw th;
        }
    }

    public boolean deleteEntry(DN dn) {
        DeleteRequest deleteRequest = new DeleteRequest(dn);
        Timer.Context time = this.ldapTimers.deleteTimer.time();
        try {
            try {
                LDAPResult delete = this.ldapConnPool.delete(deleteRequest);
                time.stop();
                ResultCode resultCode = delete.getResultCode();
                if (resultCode.equals(ResultCode.SUCCESS)) {
                    return true;
                }
                if (resultCode.equals(ResultCode.NO_SUCH_OBJECT)) {
                    return false;
                }
                throw new PersistenceException("LDAP delete of " + dn + " failed: " + resultCode.getName());
            } catch (LDAPException e) {
                if (!e.getResultCode().equals(ResultCode.NO_SUCH_OBJECT)) {
                    throw new PersistenceException("LDAP delete of " + dn + " failed: " + e.getResultString(), e);
                }
                time.stop();
                return false;
            }
        } catch (Throwable th) {
            time.stop();
            throw th;
        }
    }

    protected static boolean indicatesConnectionException(LDAPException lDAPException) {
        return indicatesConnectionException(lDAPException.getResultCode());
    }

    protected static boolean indicatesConnectionException(ResultCode resultCode) {
        return resultCode.equals(ResultCode.CONNECT_ERROR) || resultCode.equals(ResultCode.SERVER_DOWN) || resultCode.equals(ResultCode.TIMEOUT) || resultCode.equals(ResultCode.UNAVAILABLE);
    }

    private static ASN1OctetString parsePageCookie(SearchResult searchResult) {
        SimplePagedResultsControl responseControl = searchResult.getResponseControl("1.2.840.113556.1.4.319");
        if (responseControl instanceof SimplePagedResultsControl) {
            return responseControl.getCookie();
        }
        return null;
    }

    private void doSearch(SearchRequest searchRequest, Appendable<ReadOnlyEntry> appendable) {
        try {
            LDAPConnection connection = this.ldapConnPool.getConnection();
            ASN1OctetString aSN1OctetString = null;
            do {
                searchRequest.replaceControl(new SimplePagedResultsControl(this.config.ldapDirectory.pageSize, aSN1OctetString));
                Timer.Context time = this.ldapTimers.searchTimer.time();
                try {
                    try {
                        SearchResult search = connection.search(searchRequest);
                        time.stop();
                        aSN1OctetString = parsePageCookie(search);
                        List searchEntries = search.getSearchEntries();
                        appendable.getClass();
                        searchEntries.forEach((v1) -> {
                            r1.append(v1);
                        });
                        if (aSN1OctetString == null) {
                            break;
                        }
                    } catch (LDAPSearchException e) {
                        String str = "[AS0109] LDAP search " + searchRequest.getFilter() + " failed: " + e.getMessage();
                        if (indicatesConnectionException((LDAPException) e)) {
                            this.ldapConnPool.releaseDefunctConnection(connection);
                        } else {
                            this.ldapConnPool.releaseConnection(connection);
                        }
                        throw new PersistenceException(str, e);
                    }
                } catch (Throwable th) {
                    time.stop();
                    throw th;
                }
            } while (aSN1OctetString.getValueLength() > 0);
            this.ldapConnPool.releaseConnection(connection);
        } catch (LDAPException e2) {
            throw new PersistenceException(e2.getMessage(), e2);
        }
    }

    public int countEntries() {
        SearchRequest searchRequest = new SearchRequest(this.config.ldapDirectory.baseDN.toString(), SearchScope.ONE, MATCH_ANY_FILTER, new String[]{"1.1"});
        AtomicInteger atomicInteger = new AtomicInteger();
        doSearch(searchRequest, readOnlyEntry -> {
            atomicInteger.incrementAndGet();
        });
        return atomicInteger.intValue();
    }

    public int deleteEntries() {
        SearchRequest searchRequest = new SearchRequest(this.config.ldapDirectory.baseDN.toString(), SearchScope.ONE, MATCH_ANY_FILTER, new String[]{"1.1"});
        LinkedList linkedList = new LinkedList();
        doSearch(searchRequest, readOnlyEntry -> {
            linkedList.add(readOnlyEntry.getDN());
        });
        int i = 0;
        Iterator it = linkedList.iterator();
        while (it.hasNext()) {
            try {
                if (deleteEntry(new DN((String) it.next()))) {
                    i++;
                }
            } catch (LDAPException e) {
                throw new PersistenceException(e.getMessage(), e);
            }
        }
        return i;
    }

    public void shutdown() {
        this.ldapConnPool.close();
        if (this.ldapConnPool.isClosed()) {
            Loggers.MAIN_LOG.info("[IL0107] Shut down LDAP connector for {} cache", new Object[]{this.cacheName});
        } else {
            Loggers.MAIN_LOG.error("[IL0108] Attempted to shut down LDAP connector for {} cache, detected unreleased LDAP connections", new Object[]{this.cacheName});
        }
    }
}
