package edu.amc.sakai.user;

import com.novell.ldap.LDAPConnection;
import com.novell.ldap.LDAPConstraints;
import com.novell.ldap.LDAPException;
import com.novell.ldap.LDAPSocketFactory;
import com.novell.ldap.LDAPTLSSocketFactory;
import java.io.UnsupportedEncodingException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:edu/amc/sakai/user/SimpleLdapConnectionManager.class */
public class SimpleLdapConnectionManager implements LdapConnectionManager {
    private static final Logger log = LoggerFactory.getLogger(SimpleLdapConnectionManager.class);
    public static final String KEYSTORE_LOCATION_SYS_PROP_KEY = "javax.net.ssl.trustStore";
    public static final String KEYSTORE_PASSWORD_SYS_PROP_KEY = "javax.net.ssl.trustStorePassword";
    private LdapConnectionManagerConfig config;

    @Override // edu.amc.sakai.user.LdapConnectionManager
    public void init() {
        if (log.isDebugEnabled()) {
            log.debug("init()");
        }
        if (this.config.isSecureConnection()) {
            if (log.isDebugEnabled()) {
                log.debug("init(): initializing keystore");
            }
            initKeystoreLocation();
            initKeystorePassword();
        }
    }

    @Override // edu.amc.sakai.user.LdapConnectionManager
    public LDAPConnection getConnection() throws LDAPException {
        if (log.isDebugEnabled()) {
            log.debug("getConnection()");
        }
        LDAPConnection newConnection = newConnection();
        if (this.config.isAutoBind()) {
            if (log.isDebugEnabled()) {
                log.debug("getConnection(): auto-binding");
            }
            try {
                bind(newConnection, this.config.getLdapUser(), this.config.getLdapPassword());
            } catch (LDAPException e) {
                if (e.getResultCode() == 49) {
                    log.warn("Failed to bind against: " + newConnection.getHost() + " with user: " + this.config.getLdapUser() + " password: " + this.config.getLdapPassword().replaceAll(".", "*"));
                }
                throw e;
            }
        }
        return newConnection;
    }

    private LDAPConnection createConnectionWithSocketFactory() {
        LDAPSocketFactory socketFactory;
        if (this.config.isSecureConnection()) {
            socketFactory = this.config.getSecureSocketFactory();
            if (socketFactory == null) {
                throw new RuntimeException("You must set a 'secureSocketFactory' (in jldap-beans.xml) when using LDAPS");
            }
        } else {
            socketFactory = this.config.getSocketFactory();
        }
        return socketFactory == null ? new LDAPConnection() : new LDAPConnection(socketFactory);
    }

    @Override // edu.amc.sakai.user.LdapConnectionManager
    public LDAPConnection getBoundConnection(String str, String str2) throws LDAPException {
        if (log.isDebugEnabled()) {
            log.debug("getBoundConnection(): [dn = " + str + "]");
        }
        LDAPConnection createConnectionWithSocketFactory = createConnectionWithSocketFactory();
        applyConstraints(createConnectionWithSocketFactory);
        connect(createConnectionWithSocketFactory);
        bind(createConnectionWithSocketFactory, str, str2);
        return createConnectionWithSocketFactory;
    }

    protected LDAPConnection newConnection() throws LDAPException {
        if (log.isDebugEnabled()) {
            log.debug("newConnection()");
        }
        LDAPConnection createConnectionWithSocketFactory = createConnectionWithSocketFactory();
        applyConstraints(createConnectionWithSocketFactory);
        connect(createConnectionWithSocketFactory);
        return createConnectionWithSocketFactory;
    }

    private void bind(LDAPConnection lDAPConnection, String str, String str2) throws LDAPException {
        if (log.isDebugEnabled()) {
            log.debug("bind(): binding [dn = " + str + "]");
        }
        try {
            lDAPConnection.bind(3, str, str2.getBytes("UTF8"));
        } catch (UnsupportedEncodingException e) {
            throw new RuntimeException("Failed to encode user password", e);
        }
    }

    @Override // edu.amc.sakai.user.LdapConnectionManager
    public void returnConnection(LDAPConnection lDAPConnection) {
        if (lDAPConnection != null) {
            try {
                lDAPConnection.disconnect();
            } catch (LDAPException e) {
                log.error("returnConnection(): failed on disconnect: ", e);
            }
        }
    }

    @Override // edu.amc.sakai.user.LdapConnectionManager
    public void setConfig(LdapConnectionManagerConfig ldapConnectionManagerConfig) {
        this.config = ldapConnectionManagerConfig;
    }

    @Override // edu.amc.sakai.user.LdapConnectionManager
    public LdapConnectionManagerConfig getConfig() {
        return this.config;
    }

    protected void initKeystorePassword() {
        if (log.isDebugEnabled()) {
            log.debug("initKeystorePassword()");
        }
        if (System.getProperty(KEYSTORE_PASSWORD_SYS_PROP_KEY) != null) {
            if (log.isDebugEnabled()) {
                log.debug("initKeystorePassword(): retained existing system property");
            }
        } else {
            String keystorePassword = this.config.getKeystorePassword();
            if (keystorePassword != null) {
                if (log.isDebugEnabled()) {
                    log.debug("initKeystorePassword(): setting system property");
                }
                System.setProperty(KEYSTORE_PASSWORD_SYS_PROP_KEY, keystorePassword);
            }
        }
    }

    protected void initKeystoreLocation() {
        if (log.isDebugEnabled()) {
            log.debug("initKeystoreLocation()");
        }
        String property = System.getProperty(KEYSTORE_LOCATION_SYS_PROP_KEY);
        if (property != null) {
            if (log.isDebugEnabled()) {
                log.debug("initKeystoreLocation(): retained existing system property [location = " + property + "]");
            }
        } else {
            String keystoreLocation = this.config.getKeystoreLocation();
            if (keystoreLocation != null) {
                if (log.isDebugEnabled()) {
                    log.debug("initKeystoreLocation(): setting system property [location = " + keystoreLocation + "]");
                }
                System.setProperty(KEYSTORE_LOCATION_SYS_PROP_KEY, keystoreLocation);
            }
        }
    }

    protected void applyConstraints(LDAPConnection lDAPConnection) {
        int operationTimeout = this.config.getOperationTimeout();
        boolean isFollowReferrals = this.config.isFollowReferrals();
        if (log.isDebugEnabled()) {
            log.debug("applyConstraints(): values [timeout = " + operationTimeout + "][follow referrals = " + isFollowReferrals + "]");
        }
        LDAPConstraints lDAPConstraints = new LDAPConstraints();
        lDAPConstraints.setTimeLimit(operationTimeout);
        lDAPConstraints.setReferralFollowing(isFollowReferrals);
        lDAPConnection.setConstraints(lDAPConstraints);
    }

    protected void connect(LDAPConnection lDAPConnection) throws LDAPException {
        if (log.isDebugEnabled()) {
            log.debug("connect()");
        }
        lDAPConnection.connect(this.config.getLdapHost(), this.config.getLdapPort());
        try {
            postConnect(lDAPConnection);
        } catch (LDAPException e) {
            log.error("Failed to completely initialize a connection [host = " + this.config.getLdapHost() + "][port = " + this.config.getLdapPort() + "]", e);
            try {
                lDAPConnection.disconnect();
            } catch (LDAPException e2) {
            }
            throw e;
        } catch (Throwable th) {
            log.error("Failed to completely initialize a connection [host = " + this.config.getLdapHost() + "][port = " + this.config.getLdapPort() + "]", th);
            try {
                lDAPConnection.disconnect();
            } catch (LDAPException e3) {
            }
            if (th instanceof Error) {
                throw ((Error) th);
            }
            if (!(th instanceof RuntimeException)) {
                throw new RuntimeException("LDAPConnection allocation failure", th);
            }
            throw ((RuntimeException) th);
        }
    }

    protected void postConnect(LDAPConnection lDAPConnection) throws LDAPException {
        if (log.isDebugEnabled()) {
            log.debug("postConnect()");
        }
        if (this.config.isSecureConnection() && isTlsSocketFactory()) {
            if (log.isDebugEnabled()) {
                log.debug("postConnect(): starting TLS");
            }
            lDAPConnection.startTLS();
        }
    }

    protected boolean isTlsSocketFactory() {
        return this.config.getSecureSocketFactory() instanceof LDAPTLSSocketFactory;
    }

    @Override // edu.amc.sakai.user.LdapConnectionManager
    public void destroy() {
    }
}
