package pl.edu.icm.unity.ldap.client;

import com.unboundid.ldap.sdk.Attribute;
import com.unboundid.ldap.sdk.SearchResultEntry;
import eu.emi.security.authn.x509.impl.X500NameUtils;
import java.util.List;
import java.util.Map;
import pl.edu.icm.unity.engine.api.authn.remote.RemoteGroupMembership;
import pl.edu.icm.unity.ldap.client.config.GroupSpecification;
import pl.edu.icm.unity.ldap.client.config.LdapClientConfiguration;

/* loaded from: input_file:pl/edu/icm/unity/ldap/client/LdapGroupHelper.class */
public class LdapGroupHelper {
    public static final String ORIGINAL_GROUP_NAME = "originalGroupName";

    public String buildGroupFilter(SearchResultEntry searchResultEntry, List<GroupSpecification> list, boolean z) {
        StringBuilder sb = new StringBuilder(512);
        sb.append("(|");
        for (GroupSpecification groupSpecification : list) {
            sb.append(z ? buildCompleteGroupFilter(searchResultEntry, groupSpecification) : buildSimpleGroupFilter(groupSpecification));
        }
        sb.append(")");
        return sb.toString();
    }

    private String buildCompleteGroupFilter(SearchResultEntry searchResultEntry, GroupSpecification groupSpecification) {
        String str;
        if (!LdapUtils.nonEmpty(groupSpecification.getMemberAttribute())) {
            return buildSimpleGroupFilter(groupSpecification);
        }
        if (LdapUtils.nonEmpty(groupSpecification.getMatchByMemberAttribute())) {
            str = groupSpecification.getMemberAttribute() + "=" + getUsersGroupMatchAttributeValue(searchResultEntry, groupSpecification);
        } else {
            str = groupSpecification.getMemberAttribute() + "=" + searchResultEntry.getDN();
        }
        StringBuilder sb = new StringBuilder(512);
        sb.append("(&").append("(objectClass=").append(groupSpecification.getObjectClass()).append(")").append("(").append(str).append(")").append(")");
        return sb.toString();
    }

    private String buildSimpleGroupFilter(GroupSpecification groupSpecification) {
        return "(objectClass=" + groupSpecification.getObjectClass() + ")";
    }

    public void findMemberInGroup(Map<String, RemoteGroupMembership> map, SearchResultEntry searchResultEntry, SearchResultEntry searchResultEntry2, GroupSpecification groupSpecification) {
        Attribute attribute = searchResultEntry2.getAttribute(groupSpecification.getMemberAttribute());
        if (attribute == null) {
            return;
        }
        String[] values = attribute.getValues();
        if (!LdapUtils.nonEmpty(groupSpecification.getMatchByMemberAttribute())) {
            for (String str : values) {
                if (X500NameUtils.equal(str, searchResultEntry.getDN())) {
                    RemoteGroupMembership createGroupMembership = createGroupMembership(searchResultEntry2.getDN(), groupSpecification.getGroupNameAttribute());
                    if (createGroupMembership != null) {
                        map.put(createGroupMembership.getName(), createGroupMembership);
                        return;
                    }
                    return;
                }
            }
            return;
        }
        String usersGroupMatchAttributeValue = getUsersGroupMatchAttributeValue(searchResultEntry, groupSpecification);
        if (usersGroupMatchAttributeValue == null) {
            return;
        }
        for (String str2 : values) {
            if (str2.equals(usersGroupMatchAttributeValue)) {
                RemoteGroupMembership createGroupMembership2 = createGroupMembership(searchResultEntry2.getDN(), groupSpecification.getGroupNameAttribute());
                if (createGroupMembership2 != null) {
                    map.put(createGroupMembership2.getName(), createGroupMembership2);
                    return;
                }
                return;
            }
        }
    }

    private String getUsersGroupMatchAttributeValue(SearchResultEntry searchResultEntry, GroupSpecification groupSpecification) {
        Attribute attribute = searchResultEntry.getAttribute(groupSpecification.getMatchByMemberAttribute());
        if (attribute == null) {
            return null;
        }
        return attribute.getValue();
    }

    public void findMemberOfGroups(Map<String, RemoteGroupMembership> map, SearchResultEntry searchResultEntry, LdapClientConfiguration ldapClientConfiguration) {
        Attribute attribute = searchResultEntry.getAttribute(ldapClientConfiguration.getMemberOfAttribute());
        if (attribute != null) {
            String[] values = attribute.getValues();
            String memberOfGroupAttribute = ldapClientConfiguration.getMemberOfGroupAttribute();
            for (String str : values) {
                RemoteGroupMembership createGroupMembership = createGroupMembership(str, memberOfGroupAttribute);
                if (createGroupMembership != null) {
                    map.put(createGroupMembership.getName(), createGroupMembership);
                }
            }
        }
    }

    private RemoteGroupMembership createGroupMembership(String str, String str2) {
        String extractNameFromDn = LdapUtils.nonEmpty(str2) ? LdapUtils.extractNameFromDn(str2, str) : str;
        if (extractNameFromDn == null) {
            return null;
        }
        RemoteGroupMembership remoteGroupMembership = new RemoteGroupMembership(extractNameFromDn);
        remoteGroupMembership.getMetadata().put(ORIGINAL_GROUP_NAME, str);
        return remoteGroupMembership;
    }
}
