package net.sf.jguard.ext.authentication.loginmodules;

import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Hashtable;
import java.util.Map;
import java.util.Set;
import java.util.logging.Logger;
import javax.naming.InitialContext;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.DirContext;
import javax.naming.directory.SearchControls;
import javax.naming.ldap.Control;
import javax.naming.ldap.InitialLdapContext;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;
import net.sf.jguard.core.authentication.credentials.JGuardCredential;
import net.sf.jguard.ext.util.FastBindConnectionControl;
import net.sf.jguard.ext.util.JNDIUtils;

/* loaded from: input_file:net/sf/jguard/ext/authentication/loginmodules/JNDILoginModule.class */
public class JNDILoginModule extends UserLoginModule implements LoginModule {
    private static final String USER_DN = "userDN";
    private static final String CONTEXTFORCOMMIT = "contextforcommit";
    private static final String JNDI = "jndi";
    private static final String TIMELIMIT = "timelimit";
    private static final String SEARCHSCOPE = "searchscope";
    private static final String RETURNINGOBJFLAG = "returningobjflag";
    private static final String RETURNINGATTRIBUTES = "returningattributes";
    private static final String DEREFLINKFLAG = "dereflinkflag";
    private static final String COUNTLIMIT = "countlimit";
    private static final String SEARCHCONTROLS = "searchcontrols.";
    private static final String PREAUTH = "preauth.";
    private static final String AUTH = "auth.";
    private static final String FAST_BIND_CONNECTION = "fastBindConnection";
    private static final String SEARCH_FILTER = "search.filter";
    private static final String SEARCH_BASE_DN = "search.base.dn";
    private static final Logger logger;
    private DirContext preAuthContext = null;
    private DirContext authContext = null;
    private SearchControls preAuthSearchControls = null;
    private Map authOpts = null;
    private Map preAuthOpts = null;
    private Map preAuthSearchControlsOpts = null;
    private Set credentials = null;
    static Class class$net$sf$jguard$ext$authentication$loginmodules$JNDILoginModule;

    @Override // net.sf.jguard.ext.authentication.loginmodules.UserLoginModule
    public void initialize(Subject subject, CallbackHandler callbackHandler, Map map, Map map2) {
        super.initialize(subject, callbackHandler, map, map2);
        this.preAuthOpts = new HashMap();
        this.preAuthSearchControlsOpts = new HashMap();
        this.authOpts = new HashMap();
        fillOptions();
    }

    private DirContext getContext(Map map) throws LoginException {
        InitialLdapContext initialLdapContext;
        if (map.containsKey(JNDI)) {
            try {
                initialLdapContext = (DirContext) new InitialContext().lookup((String) map.get(JNDI));
            } catch (NamingException e) {
                throw new LoginException(" we cannot grab the default initial context ");
            }
        } else {
            try {
                initialLdapContext = new InitialLdapContext(new Hashtable(map), getLDAPControls(map));
            } catch (NamingException e2) {
                throw new LoginException(e2.getMessage());
            }
        }
        if (initialLdapContext == null) {
            throw new LoginException(" we cannot grab the default initial context ");
        }
        return initialLdapContext;
    }

    private void fillOptions() {
        for (Map.Entry entry : this.options.entrySet()) {
            String str = (String) entry.getKey();
            String str2 = (String) entry.getValue();
            if (str.startsWith(PREAUTH)) {
                String substring = str.substring(8, str.length());
                if (substring.startsWith(SEARCHCONTROLS)) {
                    this.preAuthSearchControlsOpts.put(substring.substring(15, substring.length()), str2);
                } else {
                    this.preAuthOpts.put(substring, str2);
                }
            } else if (str.startsWith(AUTH)) {
                this.authOpts.put(str.substring(5, str.length()), str2);
            }
        }
    }

    /*  JADX ERROR: JadxRuntimeException in pass: BlockProcessor
        jadx.core.utils.exceptions.JadxRuntimeException: Unreachable block: B:28:0x00b1
        	at jadx.core.dex.visitors.blocks.BlockProcessor.checkForUnreachableBlocks(BlockProcessor.java:88)
        	at jadx.core.dex.visitors.blocks.BlockProcessor.processBlocksTree(BlockProcessor.java:52)
        	at jadx.core.dex.visitors.blocks.BlockProcessor.visit(BlockProcessor.java:44)
        */
    @Override // net.sf.jguard.ext.authentication.loginmodules.UserLoginModule
    public boolean login() throws javax.security.auth.login.LoginException {
        /*
            Method dump skipped, instructions count: 257
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: net.sf.jguard.ext.authentication.loginmodules.JNDILoginModule.login():boolean");
    }

    /*  JADX ERROR: JadxRuntimeException in pass: BlockProcessor
        jadx.core.utils.exceptions.JadxRuntimeException: Unreachable block: B:12:0x008b
        	at jadx.core.dex.visitors.blocks.BlockProcessor.checkForUnreachableBlocks(BlockProcessor.java:88)
        	at jadx.core.dex.visitors.blocks.BlockProcessor.processBlocksTree(BlockProcessor.java:52)
        	at jadx.core.dex.visitors.blocks.BlockProcessor.visit(BlockProcessor.java:44)
        */
    private java.lang.String getuserDN(java.lang.String r6, java.lang.String r7) throws javax.security.auth.login.LoginException {
        /*
            r5 = this;
            r0 = r7
            java.lang.String r0 = net.sf.jguard.ext.util.JNDIUtils.escapeDn(r0)
            r8 = r0
            r0 = 1
            java.lang.Object[] r0 = new java.lang.Object[r0]
            r1 = r0
            r2 = 0
            r3 = r8
            r1[r2] = r3
            r9 = r0
            r0 = r5
            java.util.Map r0 = r0.preAuthOpts
            int r0 = r0.size()
            if (r0 <= 0) goto L9a
            r0 = r5
            r1 = r5
            r2 = r5
            java.util.Map r2 = r2.preAuthOpts     // Catch: javax.security.auth.login.LoginException -> L2a
            javax.naming.directory.DirContext r1 = r1.getContext(r2)     // Catch: javax.security.auth.login.LoginException -> L2a
            r0.preAuthContext = r1     // Catch: javax.security.auth.login.LoginException -> L2a
            goto L3e
        L2a:
            r10 = move-exception
            r0 = r5
            r1 = 0
            r0.loginOK = r1
            java.lang.IllegalArgumentException r0 = new java.lang.IllegalArgumentException
            r1 = r0
            r2 = r10
            java.lang.String r2 = r2.getMessage()
            r1.<init>(r2)
            throw r0
        L3e:
            r0 = r5
            java.util.Map r0 = r0.preAuthSearchControlsOpts
            java.lang.String r1 = "countlimit"
            java.lang.String r2 = "1"
            java.lang.Object r0 = r0.put(r1, r2)
            r0 = r5
            r1 = r5
            r2 = r5
            java.util.Map r2 = r2.preAuthSearchControlsOpts
            javax.naming.directory.SearchControls r1 = r1.getSearchControls(r2)
            r0.preAuthSearchControls = r1
            r0 = r5
            r1 = r5
            javax.naming.directory.DirContext r1 = r1.preAuthContext     // Catch: javax.security.auth.login.LoginException -> L6b java.lang.Throwable -> L75
            r2 = r5
            javax.naming.directory.SearchControls r2 = r2.preAuthSearchControls     // Catch: javax.security.auth.login.LoginException -> L6b java.lang.Throwable -> L75
            java.lang.String r0 = r0.preAuthSearch(r1, r2)     // Catch: javax.security.auth.login.LoginException -> L6b java.lang.Throwable -> L75
            r6 = r0
            r0 = jsr -> L7d
        L68:
            goto La6
        L6b:
            r10 = move-exception
            r0 = r5
            r1 = 0
            r0.loginOK = r1     // Catch: java.lang.Throwable -> L75
            r0 = r10
            throw r0     // Catch: java.lang.Throwable -> L75
        L75:
            r11 = move-exception
            r0 = jsr -> L7d
        L7a:
            r1 = r11
            throw r1
        L7d:
            r12 = r0
            r0 = r5
            javax.naming.directory.DirContext r0 = r0.preAuthContext     // Catch: javax.naming.NamingException -> L8b
            r0.close()     // Catch: javax.naming.NamingException -> L8b
            goto L98
        L8b:
            r13 = move-exception
            java.util.logging.Logger r0 = net.sf.jguard.ext.authentication.loginmodules.JNDILoginModule.logger
            r1 = r13
            java.lang.String r1 = r1.getMessage()
            r0.severe(r1)
        L98:
            ret r12
        L9a:
            r0 = r6
            r1 = r9
            java.lang.String r0 = java.text.MessageFormat.format(r0, r1)
            r6 = r0
            r0 = r6
            java.lang.String r0 = net.sf.jguard.ext.util.JNDIUtils.escapeDn(r0)
            r6 = r0
        La6:
            r1 = r6
            return r1
        */
        throw new UnsupportedOperationException("Method not decompiled: net.sf.jguard.ext.authentication.loginmodules.JNDILoginModule.getuserDN(java.lang.String, java.lang.String):java.lang.String");
    }

    @Override // net.sf.jguard.ext.authentication.loginmodules.UserLoginModule
    public boolean commit() throws LoginException {
        if (!this.loginOK) {
            return false;
        }
        if (this.options.containsKey(CONTEXTFORCOMMIT) && this.options.get(CONTEXTFORCOMMIT).equals("true")) {
            this.credentials = grabAttributes(getContext(this.authOpts), (String) this.authOpts.get(USER_DN));
        }
        if (this.credentials == null) {
            return true;
        }
        this.subject.getPrivateCredentials().addAll(this.credentials);
        return true;
    }

    /*  JADX ERROR: JadxRuntimeException in pass: BlockProcessor
        jadx.core.utils.exceptions.JadxRuntimeException: Unreachable block: B:16:0x006a
        	at jadx.core.dex.visitors.blocks.BlockProcessor.checkForUnreachableBlocks(BlockProcessor.java:88)
        	at jadx.core.dex.visitors.blocks.BlockProcessor.processBlocksTree(BlockProcessor.java:52)
        	at jadx.core.dex.visitors.blocks.BlockProcessor.visit(BlockProcessor.java:44)
        */
    private java.util.Set grabAttributes(javax.naming.directory.DirContext r6, java.lang.String r7) throws javax.security.auth.login.LoginException {
        /*
            r5 = this;
            r0 = 0
            r8 = r0
            java.util.HashSet r0 = new java.util.HashSet
            r1 = r0
            r1.<init>()
            r9 = r0
            r0 = r6
            r1 = r5
            r2 = r7
            r3 = r5
            java.lang.String r3 = r3.login     // Catch: javax.naming.NamingException -> L44 java.lang.Throwable -> L53
            java.lang.String r1 = r1.getuserDN(r2, r3)     // Catch: javax.naming.NamingException -> L44 java.lang.Throwable -> L53
            java.lang.Object r0 = r0.lookup(r1)     // Catch: javax.naming.NamingException -> L44 java.lang.Throwable -> L53
            javax.naming.directory.DirContext r0 = (javax.naming.directory.DirContext) r0     // Catch: javax.naming.NamingException -> L44 java.lang.Throwable -> L53
            r8 = r0
            r0 = r8
            if (r0 != 0) goto L2c
            javax.security.auth.login.FailedLoginException r0 = new javax.security.auth.login.FailedLoginException     // Catch: javax.naming.NamingException -> L44 java.lang.Throwable -> L53
            r1 = r0
            java.lang.String r2 = "login.user.does.not.exist"
            r1.<init>(r2)     // Catch: javax.naming.NamingException -> L44 java.lang.Throwable -> L53
            throw r0     // Catch: javax.naming.NamingException -> L44 java.lang.Throwable -> L53
        L2c:
            r0 = r8
            java.lang.String r1 = ""
            javax.naming.directory.Attributes r0 = r0.getAttributes(r1)     // Catch: javax.naming.NamingException -> L44 java.lang.Throwable -> L53
            r10 = r0
            r0 = r5
            r1 = r10
            java.util.Set r0 = r0.grabCredentials(r1)     // Catch: javax.naming.NamingException -> L44 java.lang.Throwable -> L53
            r9 = r0
            r0 = jsr -> L5b
        L41:
            goto L7b
        L44:
            r10 = move-exception
            javax.security.auth.login.LoginException r0 = new javax.security.auth.login.LoginException     // Catch: java.lang.Throwable -> L53
            r1 = r0
            r2 = r10
            java.lang.String r2 = r2.getMessage()     // Catch: java.lang.Throwable -> L53
            r1.<init>(r2)     // Catch: java.lang.Throwable -> L53
            throw r0     // Catch: java.lang.Throwable -> L53
        L53:
            r11 = move-exception
            r0 = jsr -> L5b
        L58:
            r1 = r11
            throw r1
        L5b:
            r12 = r0
            r0 = r8
            if (r0 == 0) goto L67
            r0 = r8
            r0.close()     // Catch: javax.naming.NamingException -> L6a
        L67:
            goto L79
        L6a:
            r13 = move-exception
            javax.security.auth.login.LoginException r0 = new javax.security.auth.login.LoginException
            r1 = r0
            r2 = r13
            java.lang.String r2 = r2.getMessage()
            r1.<init>(r2)
            throw r0
        L79:
            ret r12
        L7b:
            r1 = r9
            return r1
        */
        throw new UnsupportedOperationException("Method not decompiled: net.sf.jguard.ext.authentication.loginmodules.JNDILoginModule.grabAttributes(javax.naming.directory.DirContext, java.lang.String):java.util.Set");
    }

    private Set grabCredentials(Attributes attributes) throws NamingException {
        HashSet hashSet = new HashSet();
        NamingEnumeration all = attributes.getAll();
        while (all.hasMore()) {
            Attribute attribute = (Attribute) all.next();
            String id = attribute.getID();
            String attributeValue = JNDIUtils.getAttributeValue(attribute);
            JGuardCredential jGuardCredential = new JGuardCredential();
            jGuardCredential.setName(id);
            jGuardCredential.setValue(attributeValue);
            hashSet.add(jGuardCredential);
        }
        return hashSet;
    }

    /*  JADX ERROR: JadxRuntimeException in pass: BlockProcessor
        jadx.core.utils.exceptions.JadxRuntimeException: Unreachable block: B:27:0x0135
        	at jadx.core.dex.visitors.blocks.BlockProcessor.checkForUnreachableBlocks(BlockProcessor.java:88)
        	at jadx.core.dex.visitors.blocks.BlockProcessor.processBlocksTree(BlockProcessor.java:52)
        	at jadx.core.dex.visitors.blocks.BlockProcessor.visit(BlockProcessor.java:44)
        */
    private java.lang.String preAuthSearch(javax.naming.directory.DirContext r7, javax.naming.directory.SearchControls r8) throws javax.security.auth.login.LoginException {
        /*
            Method dump skipped, instructions count: 344
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: net.sf.jguard.ext.authentication.loginmodules.JNDILoginModule.preAuthSearch(javax.naming.directory.DirContext, javax.naming.directory.SearchControls):java.lang.String");
    }

    private SearchControls getSearchControls(Map map) {
        SearchControls searchControls = new SearchControls();
        for (Map.Entry entry : map.entrySet()) {
            String str = (String) entry.getKey();
            String str2 = (String) entry.getValue();
            if (COUNTLIMIT.equals(str)) {
                searchControls.setCountLimit(Long.parseLong(str2));
            } else if (DEREFLINKFLAG.equals(str)) {
                searchControls.setDerefLinkFlag(Boolean.valueOf(str2).booleanValue());
            } else if (RETURNINGATTRIBUTES.equals(str)) {
                searchControls.setReturningAttributes(str2.split("#"));
            } else if (RETURNINGOBJFLAG.equals(str)) {
                searchControls.setReturningObjFlag(Boolean.valueOf(str2).booleanValue());
            } else if (SEARCHSCOPE.equals(str)) {
                searchControls.setSearchScope(Integer.parseInt(str2));
            } else if (TIMELIMIT.equals(str)) {
                searchControls.setTimeLimit(Integer.parseInt(str2));
            }
        }
        return searchControls;
    }

    private Control[] getLDAPControls(Map map) {
        ArrayList arrayList = new ArrayList();
        if (map.containsKey(FAST_BIND_CONNECTION) && "true".equalsIgnoreCase((String) map.get(FAST_BIND_CONNECTION))) {
            arrayList.add(new FastBindConnectionControl());
        }
        return (Control[]) arrayList.toArray(new Control[arrayList.size()]);
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        if (class$net$sf$jguard$ext$authentication$loginmodules$JNDILoginModule == null) {
            cls = class$("net.sf.jguard.ext.authentication.loginmodules.JNDILoginModule");
            class$net$sf$jguard$ext$authentication$loginmodules$JNDILoginModule = cls;
        } else {
            cls = class$net$sf$jguard$ext$authentication$loginmodules$JNDILoginModule;
        }
        logger = Logger.getLogger(cls.getName());
    }
}
