package net.sf.jguard.ext.authentication.manager;

import java.security.Principal;
import java.text.MessageFormat;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashSet;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import java.util.logging.Logger;
import javax.naming.Context;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.BasicAttribute;
import javax.naming.directory.BasicAttributes;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.security.auth.Subject;
import net.sf.jguard.core.authentication.credentials.JGuardCredential;
import net.sf.jguard.core.principals.RolePrincipal;
import net.sf.jguard.ext.authentication.AuthenticationException;
import net.sf.jguard.ext.authentication.SubjectTemplate;
import net.sf.jguard.ext.util.JNDIUtils;

/* loaded from: input_file:net/sf/jguard/ext/authentication/manager/JNDIAuthenticationManager.class */
public class JNDIAuthenticationManager extends AbstractAuthenticationManager {
    private static final Logger logger;
    private DirContext initDirCtx = null;
    String applicationPath = null;
    String relativeRolePathPattern = null;
    String relativeRolesPath = "";
    private String ppalNameAttribute = "cn";
    String searchRoot = null;
    String roleClass = "organizationalRole";
    String userClass = "inetOrgPerson";
    private int ppalAppNameLevel = 2;
    private Hashtable initParams = null;
    static Class class$net$sf$jguard$ext$authentication$manager$JNDIAuthenticationManager;

    @Override // net.sf.jguard.ext.authentication.manager.AbstractAuthenticationManager
    protected void persistUser(Subject subject) throws AuthenticationException {
        logger.info(" this JNDIAUthenticationManager version is read-only ");
    }

    @Override // net.sf.jguard.ext.authentication.manager.AbstractAuthenticationManager
    protected void persistPrincipal(Principal principal) throws AuthenticationException {
        if (!(principal instanceof RolePrincipal)) {
            logger.warning(" only jGuardPrincipal are supported in this version ");
            return;
        }
        Context context = null;
        DirContext dirContext = null;
        try {
            try {
                RolePrincipal rolePrincipal = (RolePrincipal) principal;
                dirContext = (DirContext) this.initDirCtx.lookup(new StringBuffer().append(this.relativeRolesPath).append(this.applicationPath).toString());
                BasicAttributes basicAttributes = new BasicAttributes();
                basicAttributes.put("cn", rolePrincipal.getName());
                BasicAttribute basicAttribute = new BasicAttribute("objectClass", true);
                basicAttribute.add("organizationalRole");
                basicAttribute.add("top");
                basicAttributes.put(basicAttribute);
                context = dirContext.createSubcontext(new StringBuffer().append("cn=").append(rolePrincipal.getName()).toString(), basicAttributes);
                try {
                    dirContext.close();
                    if (context != null) {
                        context.close();
                    }
                } catch (NamingException e) {
                    throw new AuthenticationException(e.getMessage());
                }
            } catch (NamingException e2) {
                throw new AuthenticationException(e2.getMessage());
            }
        } catch (Throwable th) {
            try {
                dirContext.close();
                if (context != null) {
                    context.close();
                }
                throw th;
            } catch (NamingException e3) {
                throw new AuthenticationException(e3.getMessage());
            }
        }
    }

    private String getPrincipalDN(RolePrincipal rolePrincipal) {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append(MessageFormat.format(this.relativeRolePathPattern, rolePrincipal.getName())).append(",");
        stringBuffer.append(this.relativeRolesPath);
        stringBuffer.append(this.applicationPath);
        return stringBuffer.toString();
    }

    @Override // net.sf.jguard.ext.authentication.manager.AbstractAuthenticationManager, net.sf.jguard.ext.authentication.manager.AuthenticationManager
    public void persistSubjectTemplate(SubjectTemplate subjectTemplate) {
        logger.info(" this JNDIAUthenticationManager version is read-only ");
    }

    @Override // net.sf.jguard.ext.authentication.manager.AbstractAuthenticationManager, net.sf.jguard.ext.authentication.manager.AuthenticationManager
    public void init(Map map) {
        Hashtable hashtable = new Hashtable();
        String str = null;
        for (Map.Entry entry : map.entrySet()) {
            if (entry.getValue() != null) {
                hashtable.put(entry.getKey(), entry.getValue());
                if (((String) entry.getKey()).equals("applicationPathPattern")) {
                    str = (String) entry.getValue();
                } else if (((String) entry.getKey()).equals("relativeRolePathPattern")) {
                    this.relativeRolePathPattern = (String) entry.getValue();
                } else if (((String) entry.getKey()).equals("relativeRolesPath")) {
                    this.relativeRolesPath = new StringBuffer().append((String) entry.getValue()).append(",").toString();
                } else if (((String) entry.getKey()).equals("searchRoot")) {
                    this.searchRoot = (String) entry.getValue();
                } else if (((String) entry.getKey()).equals("ppalAppNameLevel")) {
                    this.ppalAppNameLevel = Integer.parseInt((String) entry.getValue());
                } else if (((String) entry.getKey()).equals("applicationName")) {
                    this.applicationName = (String) entry.getValue();
                }
            }
        }
        this.initParams = hashtable;
        this.applicationPath = MessageFormat.format(str, this.applicationName);
        try {
            this.initDirCtx = new InitialDirContext(hashtable);
        } catch (NamingException e) {
            e.printStackTrace();
            logger.severe(e.getMessage());
        }
    }

    @Override // net.sf.jguard.ext.authentication.manager.AbstractAuthenticationManager
    public void updateUserImpl(JGuardCredential jGuardCredential, Subject subject) throws AuthenticationException {
        logger.info(" this JNDIAUthenticationManager version is read-only ");
    }

    @Override // net.sf.jguard.ext.authentication.manager.AbstractAuthenticationManager, net.sf.jguard.ext.authentication.manager.AuthenticationManager
    public void deleteUser(Subject subject) throws AuthenticationException {
        logger.info(" this JNDIAUthenticationManager version is read-only ");
    }

    @Override // net.sf.jguard.ext.authentication.manager.AbstractAuthenticationManager, net.sf.jguard.ext.authentication.manager.AuthenticationManager
    public boolean isEmpty() {
        if (getAllPrincipalsSet().size() == 0) {
            logger.info(" there is no principals registered in the JNDI datasource ");
            return true;
        }
        if (getUsers().size() != 0) {
            return false;
        }
        logger.info(" there is no users registered in the JNDI datasource ");
        return true;
    }

    @Override // net.sf.jguard.ext.authentication.manager.AbstractAuthenticationManager, net.sf.jguard.ext.authentication.manager.AuthenticationManager
    public SubjectTemplate getSubjectTemplate(String str) {
        logger.info(" feature not yet implemented ");
        return null;
    }

    @Override // net.sf.jguard.ext.authentication.manager.AbstractAuthenticationManager, net.sf.jguard.ext.authentication.manager.AuthenticationManager
    public Set getAllPrincipalsSet() {
        HashSet hashSet = new HashSet();
        SearchControls searchControls = new SearchControls();
        searchControls.setSearchScope(2);
        try {
            NamingEnumeration search = this.initDirCtx.search(this.searchRoot, JNDIUtils.escapeSearchFilter(new StringBuffer().append("(objectClass=").append(this.roleClass).append(")").toString()), searchControls);
            while (search.hasMore()) {
                SearchResult searchResult = (SearchResult) search.next();
                logger.finest(new StringBuffer().append("name in namespace").append(searchResult.getNameInNamespace()).toString());
                String valueInNameSpace = JNDIUtils.getValueInNameSpace(searchResult, 0);
                logger.finest(new StringBuffer().append("applicationName=").append(valueInNameSpace).toString());
                NamingEnumeration all = searchResult.getAttributes().getAll();
                RolePrincipal rolePrincipal = new RolePrincipal();
                rolePrincipal.setApplicationName(valueInNameSpace);
                while (all.hasMoreElements()) {
                    Attribute attribute = (Attribute) all.next();
                    String id = attribute.getID();
                    String str = (String) attribute.get();
                    logger.finest(new StringBuffer().append("principal attributeID=").append(id).toString());
                    logger.finest(new StringBuffer().append("principal attributeValue=").append(str).toString());
                    if (id.equals(this.ppalNameAttribute)) {
                        rolePrincipal.setName(str);
                        logger.finest(new StringBuffer().append("principal name=").append(str).toString());
                    }
                }
                hashSet.add(rolePrincipal);
            }
        } catch (NamingException e) {
            logger.severe(e.getMessage());
        }
        return hashSet;
    }

    @Override // net.sf.jguard.ext.authentication.manager.AbstractAuthenticationManager, net.sf.jguard.ext.authentication.manager.AuthenticationManager
    public Set findUsers(Collection collection) {
        HashSet hashSet = new HashSet();
        SearchControls searchControls = new SearchControls();
        searchControls.setSearchScope(2);
        String buildUserFilterExpression = buildUserFilterExpression(collection);
        logger.finest(new StringBuffer().append("filterExpression=").append(buildUserFilterExpression).toString());
        try {
            NamingEnumeration search = this.initDirCtx.search(this.searchRoot, buildUserFilterExpression, searchControls);
            while (search.hasMore()) {
                Subject subject = new Subject();
                SearchResult searchResult = (SearchResult) search.next();
                String nameInNamespace = searchResult.getNameInNamespace();
                logger.finest(new StringBuffer().append("user dn found=").append(nameInNamespace).toString());
                subject.getPrincipals().addAll(JNDIUtils.grabPrincipalsFromUser(this.initDirCtx.search(nameInNamespace, JNDIUtils.escapeSearchFilter(new StringBuffer().append("(objectClass=").append(this.roleClass).append(")").toString()), searchControls), this.ppalNameAttribute, this.ppalAppNameLevel));
                subject.getPrivateCredentials().addAll(JNDIUtils.grabCredentialsFromJNDIAttributes(searchResult.getAttributes().getAll()));
                hashSet.add(subject);
            }
        } catch (NamingException e) {
            logger.severe(e.getMessage());
        }
        return hashSet;
    }

    private String buildUserFilterExpression(Collection collection) {
        StringBuffer stringBuffer = new StringBuffer(new StringBuffer().append("(objectClass=").append(this.userClass).append(")").toString());
        Iterator it = collection.iterator();
        int i = 0;
        while (it.hasNext()) {
            if (i == 0) {
                stringBuffer.insert(0, "(&");
            }
            JGuardCredential jGuardCredential = (JGuardCredential) it.next();
            stringBuffer.append(" (");
            stringBuffer.append(jGuardCredential.getId());
            stringBuffer.append("=");
            stringBuffer.append(jGuardCredential.getValue());
            stringBuffer.append(")");
            i++;
        }
        if (i > 0) {
            stringBuffer.append(")");
        }
        return stringBuffer.toString();
    }

    @Override // net.sf.jguard.ext.authentication.manager.AbstractAuthenticationManager, net.sf.jguard.ext.authentication.manager.AuthenticationManager
    public Set getUsers() {
        return findUsers(new ArrayList());
    }

    @Override // net.sf.jguard.ext.authentication.manager.AbstractAuthenticationManager, net.sf.jguard.ext.authentication.manager.AuthenticationManager
    public void updatePrincipal(String str, Principal principal) throws AuthenticationException {
        if (str.equals(principal.getName())) {
            logger.info(" principal name hasn't changed ");
            return;
        }
        logger.finest(new StringBuffer().append("principal name=").append(principal.getName()).toString());
        RolePrincipal rolePrincipal = new RolePrincipal();
        rolePrincipal.setName(str);
        rolePrincipal.setApplicationName(this.applicationName);
        Context context = null;
        try {
            try {
                context = getPrincipalDirContext(rolePrincipal);
                System.out.println(new StringBuffer().append("oldName=").append(context.getNameInNamespace()).toString());
                System.out.println(new StringBuffer().append("newName=").append(getPrincipalDN((RolePrincipal) principal)).toString());
                context.rename(context.getNameInNamespace(), getPrincipalDN((RolePrincipal) principal));
                if (context != null) {
                    try {
                        context.close();
                    } catch (NamingException e) {
                        logger.severe(e.getMessage());
                        throw new AuthenticationException((Throwable) e);
                    }
                }
            } catch (NamingException e2) {
                throw new AuthenticationException((Throwable) e2);
            }
        } catch (Throwable th) {
            if (context != null) {
                try {
                    context.close();
                } catch (NamingException e3) {
                    logger.severe(e3.getMessage());
                    throw new AuthenticationException((Throwable) e3);
                }
            }
            throw th;
        }
    }

    private DirContext getPrincipalDirContext(RolePrincipal rolePrincipal) throws NamingException {
        return (DirContext) this.initDirCtx.lookup(getPrincipalDN(rolePrincipal));
    }

    @Override // net.sf.jguard.ext.authentication.manager.AbstractAuthenticationManager, net.sf.jguard.ext.authentication.manager.AuthenticationManager
    public void deletePrincipal(Principal principal) {
        logger.info(" this JNDIAUthenticationManager version is read-only ");
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$net$sf$jguard$ext$authentication$manager$JNDIAuthenticationManager == null) {
            cls = class$("net.sf.jguard.ext.authentication.manager.JNDIAuthenticationManager");
            class$net$sf$jguard$ext$authentication$manager$JNDIAuthenticationManager = cls;
        } else {
            cls = class$net$sf$jguard$ext$authentication$manager$JNDIAuthenticationManager;
        }
        logger = Logger.getLogger(cls.getName());
    }
}
