package org.opencastproject.userdirectory.ldap;

import java.lang.management.ManagementFactory;
import java.util.Dictionary;
import java.util.Hashtable;
import java.util.Map;
import java.util.Objects;
import java.util.concurrent.ConcurrentHashMap;
import javax.management.MalformedObjectNameException;
import javax.management.ObjectName;
import org.apache.commons.lang3.BooleanUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.lang3.math.NumberUtils;
import org.opencastproject.security.api.Organization;
import org.opencastproject.security.api.OrganizationDirectoryService;
import org.opencastproject.security.api.SecurityService;
import org.opencastproject.security.api.UserProvider;
import org.opencastproject.userdirectory.JpaGroupRoleProvider;
import org.opencastproject.util.NotFoundException;
import org.osgi.framework.BundleContext;
import org.osgi.framework.ServiceRegistration;
import org.osgi.service.cm.ConfigurationException;
import org.osgi.service.cm.ManagedServiceFactory;
import org.osgi.service.component.ComponentContext;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.ldap.userdetails.LdapAuthoritiesPopulator;

/* loaded from: input_file:org/opencastproject/userdirectory/ldap/LdapUserProviderFactory.class */
public class LdapUserProviderFactory implements ManagedServiceFactory {
    private static final Logger logger = LoggerFactory.getLogger(LdapUserProviderFactory.class);
    private static final String PID = "org.opencastproject.userdirectory.ldap";
    private static final String SEARCH_FILTER_KEY = "org.opencastproject.userdirectory.ldap.searchfilter";
    private static final String SEARCH_BASE_KEY = "org.opencastproject.userdirectory.ldap.searchbase";
    private static final String LDAP_URL_KEY = "org.opencastproject.userdirectory.ldap.url";
    private static final String ROLE_ATTRIBUTES_KEY = "org.opencastproject.userdirectory.ldap.roleattributes";
    private static final String ORGANIZATION_KEY = "org.opencastproject.userdirectory.ldap.org";
    private static final String SEARCH_USER_DN = "org.opencastproject.userdirectory.ldap.userDn";
    private static final String SEARCH_PASSWORD = "org.opencastproject.userdirectory.ldap.password";
    private static final String CACHE_SIZE = "org.opencastproject.userdirectory.ldap.cache.size";
    private static final String CACHE_EXPIRATION = "org.opencastproject.userdirectory.ldap.cache.expiration";
    private static final String ROLE_PREFIX_KEY = "org.opencastproject.userdirectory.ldap.roleprefix";
    private static final String EXCLUDE_PREFIXES_KEY = "org.opencastproject.userdirectory.ldap.exclude.prefixes";
    private static final String UPPERCASE_KEY = "org.opencastproject.userdirectory.ldap.uppercase";
    private static final String INSTANCE_ID_KEY = "org.opencastproject.userdirectory.ldap.id";
    private static final String EXTRA_ROLES_KEY = "org.opencastproject.userdirectory.ldap.extra.roles";
    private static final String INSTANCE_ID_SERVICE_PROPERTY_KEY = "instanceId";
    private Map<String, ServiceRegistration> providerRegistrations = new ConcurrentHashMap();
    private Map<String, ServiceRegistration> authoritiesPopulatorRegistrations = new ConcurrentHashMap();
    private BundleContext bundleContext = null;
    private OrganizationDirectoryService orgDirectory;
    private JpaGroupRoleProvider groupRoleProvider;
    private SecurityService securityService;

    public void setOrgDirectory(OrganizationDirectoryService organizationDirectoryService) {
        this.orgDirectory = organizationDirectoryService;
    }

    public void setGroupRoleProvider(JpaGroupRoleProvider jpaGroupRoleProvider) {
        this.groupRoleProvider = jpaGroupRoleProvider;
    }

    public void setSecurityService(SecurityService securityService) {
        this.securityService = securityService;
    }

    public void activate(ComponentContext componentContext) {
        logger.debug("Activate LdapUserProviderFactory");
        this.bundleContext = componentContext.getBundleContext();
    }

    public String getName() {
        return PID;
    }

    private String getRequiredProperty(Dictionary dictionary, String str) throws ConfigurationException {
        String str2 = (String) dictionary.get(str);
        if (StringUtils.isBlank(str2)) {
            throw new ConfigurationException(str, "missing configuration value");
        }
        return str2;
    }

    public void updated(String str, Dictionary dictionary) throws ConfigurationException {
        Organization organization;
        logger.debug("Updating LdapUserProviderFactory");
        String requiredProperty = getRequiredProperty(dictionary, SEARCH_BASE_KEY);
        String requiredProperty2 = getRequiredProperty(dictionary, SEARCH_FILTER_KEY);
        String requiredProperty3 = getRequiredProperty(dictionary, LDAP_URL_KEY);
        String requiredProperty4 = getRequiredProperty(dictionary, INSTANCE_ID_KEY);
        String requiredProperty5 = getRequiredProperty(dictionary, ROLE_ATTRIBUTES_KEY);
        String str2 = (String) dictionary.get(ORGANIZATION_KEY);
        String str3 = (String) dictionary.get(SEARCH_USER_DN);
        String str4 = (String) dictionary.get(SEARCH_PASSWORD);
        String objects = Objects.toString(dictionary.get(ROLE_PREFIX_KEY), "ROLE_");
        String[] split = StringUtils.split((String) dictionary.get(EXCLUDE_PREFIXES_KEY), ",");
        String[] split2 = StringUtils.split(Objects.toString(dictionary.get(EXTRA_ROLES_KEY), ""), ",");
        boolean z = BooleanUtils.toBoolean(Objects.toString(dictionary.get(UPPERCASE_KEY), "true"));
        int i = NumberUtils.toInt((String) dictionary.get(CACHE_SIZE), 1000);
        int i2 = NumberUtils.toInt((String) dictionary.get(CACHE_EXPIRATION), 5);
        ServiceRegistration remove = this.providerRegistrations.remove(str);
        if (remove != null) {
            remove.unregister();
        }
        try {
            if (StringUtils.isNoneBlank(new CharSequence[]{str2})) {
                organization = this.orgDirectory.getOrganization(str2);
            } else {
                if (this.orgDirectory.getOrganizations().size() != 1) {
                    throw new NotFoundException("Multiple organizations exist but none is specified");
                }
                organization = (Organization) this.orgDirectory.getOrganizations().get(0);
            }
            Hashtable hashtable = new Hashtable();
            hashtable.put(INSTANCE_ID_SERVICE_PROPERTY_KEY, requiredProperty4);
            this.providerRegistrations.put(str, this.bundleContext.registerService(UserProvider.class.getName(), new LdapUserProviderInstance(str, organization, requiredProperty, requiredProperty2, requiredProperty3, str3, str4, requiredProperty5, objects, split2, split, z, i, i2, this.securityService), (Dictionary) null));
            this.authoritiesPopulatorRegistrations.put(str, this.bundleContext.registerService(LdapAuthoritiesPopulator.class.getName(), new OpencastLdapAuthoritiesPopulator(requiredProperty5, objects, split, z, organization, this.securityService, this.groupRoleProvider, split2), hashtable));
        } catch (NotFoundException e) {
            throw new ConfigurationException(ORGANIZATION_KEY, "no organization with configured id", e);
        }
    }

    public void deleted(String str) {
        ServiceRegistration serviceRegistration = null;
        ServiceRegistration serviceRegistration2 = null;
        try {
            serviceRegistration = this.providerRegistrations.remove(str);
            serviceRegistration2 = this.authoritiesPopulatorRegistrations.remove(str);
            if (serviceRegistration != null || serviceRegistration2 != null) {
                try {
                    ManagementFactory.getPlatformMBeanServer().unregisterMBean(getObjectName(str));
                } catch (Exception e) {
                    logger.warn("Unable to unregister mbean for pid='{}': {}", str, e.getMessage());
                }
            }
            if (serviceRegistration != null) {
                serviceRegistration.unregister();
            }
            if (serviceRegistration2 != null) {
                serviceRegistration2.unregister();
            }
        } catch (Throwable th) {
            if (serviceRegistration != null) {
                serviceRegistration.unregister();
            }
            if (serviceRegistration2 != null) {
                serviceRegistration2.unregister();
            }
            throw th;
        }
    }

    public static final ObjectName getObjectName(String str) throws MalformedObjectNameException, NullPointerException {
        return new ObjectName(str + ":type=LDAPRequests");
    }
}
