package edu.amc.sakai.user;

import com.novell.ldap.LDAPConstraints;
import com.novell.ldap.LDAPException;
import com.novell.ldap.LDAPTLSSocketFactory;
import java.net.InetAddress;
import java.net.UnknownHostException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.Iterator;
import java.util.StringTokenizer;
import org.apache.commons.pool.PoolableObjectFactory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:edu/amc/sakai/user/PooledLDAPConnectionFactory.class */
public class PooledLDAPConnectionFactory implements PoolableObjectFactory {
    private static final Logger log = LoggerFactory.getLogger(PooledLDAPConnectionFactory.class);
    private LdapConnectionManager connectionManager;
    private String host;
    private int port;
    private String binddn;
    private byte[] bindpw;
    private boolean autoBind;
    private boolean useTLS;
    private LDAPConstraints standardConstraints;
    private LdapConnectionLivenessValidator livenessValidator = newDefaultConnectionLivenessValidator();

    public Object makeObject() throws LDAPException {
        if (log.isDebugEnabled()) {
            log.debug("makeObject()");
        }
        PooledLDAPConnection newConnection = newConnection();
        if (log.isDebugEnabled()) {
            log.debug("makeObject(): instantiated connection");
        }
        newConnection.setConnectionManager(this.connectionManager);
        if (log.isDebugEnabled()) {
            log.debug("makeObject(): assigned connection ConnectionManager");
        }
        newConnection.setConstraints(this.standardConstraints);
        if (log.isDebugEnabled()) {
            log.debug("makeObject(): assigned connection constraints");
        }
        newConnection.connect(getHost(), this.port);
        if (log.isDebugEnabled()) {
            log.debug("makeObject(): connected connection");
        }
        if (this.useTLS) {
            if (log.isDebugEnabled()) {
                log.debug("makeObject(): attempting to initiate TLS");
            }
            newConnection.startTLS();
            if (log.isDebugEnabled()) {
                log.debug("makeObject(): successfully initiated TLS");
            }
        }
        if (this.autoBind) {
            if (log.isDebugEnabled()) {
                log.debug("makeObject(): binding connection to default bind DN [" + this.binddn + "]");
            }
            newConnection.bind(3, this.binddn, this.bindpw);
            if (log.isDebugEnabled()) {
                log.debug("makeObject(): successfully bound connection to default bind DN [" + this.binddn + "]");
            }
        }
        newConnection.setBindAttempted(false);
        if (log.isDebugEnabled()) {
            log.debug("makeObject(): reset connection bindAttempted flag");
        }
        return newConnection;
    }

    protected PooledLDAPConnection newConnection() {
        return new PooledLDAPConnection();
    }

    public void activateObject(Object obj) throws LDAPException {
        if (log.isDebugEnabled()) {
            log.debug("activateObject()");
        }
        if (!(obj instanceof PooledLDAPConnection)) {
            if (log.isDebugEnabled()) {
                log.debug("activateObject(): connection not of expected type [" + (obj == null ? "null" : obj.getClass().getName()) + "] nothing to do");
                return;
            }
            return;
        }
        PooledLDAPConnection pooledLDAPConnection = (PooledLDAPConnection) obj;
        pooledLDAPConnection.setConstraints(this.standardConstraints);
        if (log.isDebugEnabled()) {
            log.debug("activateObject(): assigned connection constraints");
        }
        pooledLDAPConnection.setActive(true);
        if (log.isDebugEnabled()) {
            log.debug("activateObject(): set connection active flag");
        }
    }

    public void passivateObject(Object obj) throws LDAPException {
        if (log.isDebugEnabled()) {
            log.debug("passivateObject()");
        }
        if (!(obj instanceof PooledLDAPConnection)) {
            if (log.isDebugEnabled()) {
                log.debug("passivateObject(): connection not of expected type [" + (obj == null ? "null" : obj.getClass().getName()) + "] nothing to do");
            }
        } else {
            ((PooledLDAPConnection) obj).setActive(false);
            if (log.isDebugEnabled()) {
                log.debug("passivateObject(): unset connection active flag");
            }
        }
    }

    public boolean validateObject(Object obj) {
        if (log.isDebugEnabled()) {
            log.debug("validateObject()");
        }
        if (obj == null) {
            if (!log.isDebugEnabled()) {
                return false;
            }
            log.debug("validateObject(): received null object reference, returning false");
            return false;
        }
        if (obj instanceof PooledLDAPConnection) {
            PooledLDAPConnection pooledLDAPConnection = (PooledLDAPConnection) obj;
            if (log.isDebugEnabled()) {
                log.debug("validateObject(): received PooledLDAPConnection object to validate");
            }
            if (pooledLDAPConnection.isBindAttempted()) {
                if (log.isDebugEnabled()) {
                    log.debug("validateObject(): connection bindAttempted flag is set");
                }
                if (!this.autoBind) {
                    if (log.isDebugEnabled()) {
                        log.debug("validateObject(): last borrower attempted bind operation, but no default bind credentials available, invalidating connection");
                    }
                    pooledLDAPConnection.setActive(false);
                    if (!log.isDebugEnabled()) {
                        return false;
                    }
                    log.debug("validateObject(): unset connection bindAttempted flag due to missing default bind credentials, returning false");
                    return false;
                }
                try {
                    if (log.isDebugEnabled()) {
                        log.debug("validateObject(): last borrower attempted bind operation - rebinding with defaults [bind dn: " + this.binddn + "]");
                    }
                    pooledLDAPConnection.bind(3, this.binddn, this.bindpw);
                    if (log.isDebugEnabled()) {
                        log.debug("validateObject(): successfully bound connection [bind dn: " + this.binddn + "]");
                    }
                    pooledLDAPConnection.setBindAttempted(false);
                    if (log.isDebugEnabled()) {
                        log.debug("validateObject(): reset connection bindAttempted flag");
                    }
                } catch (Exception e) {
                    log.error("validateObject(): unable to rebind pooled connection", e);
                    pooledLDAPConnection.setActive(false);
                    if (!log.isDebugEnabled()) {
                        return false;
                    }
                    log.debug("validateObject(): unset connection active flag due to bind failure, returning false");
                    return false;
                }
            }
            if (log.isDebugEnabled()) {
                log.debug("validateObject(): beginning connection liveness testing");
            }
            try {
                if (!this.livenessValidator.isConnectionAlive(pooledLDAPConnection)) {
                    if (log.isInfoEnabled()) {
                        log.info("validateObject(): connection failed liveness test, " + pooledLDAPConnection.getHost());
                    }
                    pooledLDAPConnection.setActive(false);
                    if (!log.isDebugEnabled()) {
                        return false;
                    }
                    log.debug("validateObject(): unset connection active flag on stale connection, returning false");
                    return false;
                }
            } catch (Exception e2) {
                log.error("validateObject(): unable to test connection liveness", e2);
                pooledLDAPConnection.setActive(false);
                if (!log.isDebugEnabled()) {
                    return false;
                }
                log.debug("validateObject(): unset connection active flag due to liveness test error, returning false");
                return false;
            }
        } else if (log.isDebugEnabled()) {
            log.debug("validateObject(): connection not of expected type [" + obj.getClass().getName() + "] nothing to do");
        }
        if (!log.isDebugEnabled()) {
            return true;
        }
        log.debug("validateObject(): connection appears to be valid, returning true");
        return true;
    }

    public void destroyObject(Object obj) throws Exception {
        if (log.isDebugEnabled()) {
            log.debug("destroyObject()");
        }
        if (obj instanceof PooledLDAPConnection) {
            ((PooledLDAPConnection) obj).setActive(false);
            ((PooledLDAPConnection) obj).disconnect();
        } else if (log.isDebugEnabled()) {
            log.debug("destroyObject(): connection not of expected type [" + (obj == null ? "null" : obj.getClass().getName()) + "] nothing to do");
        }
    }

    public LdapConnectionManager getConnectionManager() {
        return this.connectionManager;
    }

    public void setConnectionManager(LdapConnectionManager ldapConnectionManager) {
        this.connectionManager = ldapConnectionManager;
        this.host = ldapConnectionManager.getConfig().getLdapHost();
        this.port = ldapConnectionManager.getConfig().getLdapPort();
        this.autoBind = ldapConnectionManager.getConfig().isAutoBind();
        if (this.autoBind) {
            this.binddn = ldapConnectionManager.getConfig().getLdapUser();
            try {
                this.bindpw = ldapConnectionManager.getConfig().getLdapPassword().getBytes("UTF8");
            } catch (Exception e) {
                throw new RuntimeException("unable to encode bind password", e);
            }
        }
        this.useTLS = ldapConnectionManager.getConfig().isSecureConnection() && (ldapConnectionManager.getConfig().getSecureSocketFactory() instanceof LDAPTLSSocketFactory);
        this.standardConstraints = new LDAPConstraints();
        this.standardConstraints.setTimeLimit(ldapConnectionManager.getConfig().getOperationTimeout());
        this.standardConstraints.setReferralFollowing(ldapConnectionManager.getConfig().isFollowReferrals());
    }

    public void setConnectionLivenessValidator(LdapConnectionLivenessValidator ldapConnectionLivenessValidator) {
        if (ldapConnectionLivenessValidator == null) {
            ldapConnectionLivenessValidator = newDefaultConnectionLivenessValidator();
        }
        this.livenessValidator = ldapConnectionLivenessValidator;
    }

    protected LdapConnectionLivenessValidator newDefaultConnectionLivenessValidator() {
        return new NativeLdapConnectionLivenessValidator();
    }

    public LdapConnectionLivenessValidator getConnectionLivenessValidator() {
        return this.livenessValidator;
    }

    protected String getHost() {
        ArrayList arrayList = new ArrayList();
        StringTokenizer stringTokenizer = new StringTokenizer(this.host, " ");
        while (stringTokenizer.hasMoreTokens()) {
            try {
                arrayList.addAll(Arrays.asList(InetAddress.getAllByName(stringTokenizer.nextToken())));
            } catch (UnknownHostException e) {
                if (log.isDebugEnabled()) {
                    log.debug("Failed to resolve " + this.host + " not handling now, will deal with later.");
                }
            }
        }
        if (arrayList.size() <= 1) {
            return this.host;
        }
        StringBuilder sb = new StringBuilder();
        Collections.shuffle(arrayList);
        Iterator it = arrayList.iterator();
        while (it.hasNext()) {
            sb.append(((InetAddress) it.next()).getHostAddress() + " ");
        }
        return sb.toString();
    }
}
