package org.sonar.plugins.ldap.windows;

import com.google.common.annotations.VisibleForTesting;
import com.google.common.base.Preconditions;
import com4j.Com4jObject;
import com4j.ComException;
import com4j.ExecutionException;
import com4j.typelibs.activeDirectory.IADs;
import com4j.typelibs.ado20.Field;
import com4j.typelibs.ado20.Fields;
import com4j.typelibs.ado20._Command;
import com4j.typelibs.ado20._Connection;
import com4j.typelibs.ado20._Recordset;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import org.apache.commons.lang.StringUtils;
import org.sonar.api.utils.log.Logger;
import org.sonar.api.utils.log.Loggers;
import org.sonar.plugins.ldap.windows.auth.ICom4jWrapper;
import org.sonar.plugins.ldap.windows.auth.impl.Com4jWrapper;

/* loaded from: input_file:org/sonar/plugins/ldap/windows/AdConnectionHelper.class */
public class AdConnectionHelper {
    private static final Logger LOG = Loggers.get(AdConnectionHelper.class);
    public static final String ADS_OBJECT_PROVIDER_STR = "ADsDSOObject";
    public static final String ROOT_DSE = "RootDSE";
    public static final String DEFAULT_NAMING_CONTEXT_STR = "defaultNamingContext";
    public static final String DEFAULT_AD_CONNECTION_STR = "Active Directory Provider";
    public static final String SAMACCOUNTNAME_STR = "sAMAccountName";
    public static final String DISTINGUISHED_NAME_STR = "distinguishedName";
    public static final String COMMON_NAME_ATTRIBUTE = "cn";
    public static final String MAIL_ATTRIBUTE = "mail";
    private final ICom4jWrapper com4jWrapper;

    public AdConnectionHelper() {
        this(new Com4jWrapper());
    }

    AdConnectionHelper(ICom4jWrapper iCom4jWrapper) {
        this.com4jWrapper = iCom4jWrapper;
    }

    public Map<String, String> getUserDetails(String str, String str2, Collection<String> collection) {
        Preconditions.checkArgument(StringUtils.isNotEmpty(str), "domainName is null or empty");
        Preconditions.checkArgument(StringUtils.isNotEmpty(str2), "userName is null or empty");
        Preconditions.checkArgument((collection == null || collection.isEmpty()) ? false : true, "requestedDetails is null or empty");
        HashMap hashMap = new HashMap();
        _Connection _connection = null;
        try {
            String activeDirectoryBindString = getActiveDirectoryBindString(str);
            if (activeDirectoryBindString == null) {
                if (0 != 0) {
                    _connection.close();
                    _connection.dispose();
                }
                this.com4jWrapper.cleanUp();
                return hashMap;
            }
            _connection = getActiveDirectoryConnection();
            if (_connection == null) {
                if (_connection != null) {
                    _connection.close();
                    _connection.dispose();
                }
                this.com4jWrapper.cleanUp();
                return hashMap;
            }
            Map<String, String> userDetailsFromAd = getUserDetailsFromAd(_connection, activeDirectoryBindString, str, str2, collection);
            if (_connection != null) {
                _connection.close();
                _connection.dispose();
            }
            this.com4jWrapper.cleanUp();
            return userDetailsFromAd;
        } catch (Throwable th) {
            if (_connection != null) {
                _connection.close();
                _connection.dispose();
            }
            this.com4jWrapper.cleanUp();
            throw th;
        }
    }

    public Collection<String> getUserGroupsInDomain(String str, String str2, String str3) {
        Preconditions.checkArgument(StringUtils.isNotEmpty(str), "domainName is null or empty");
        Preconditions.checkArgument(StringUtils.isNotEmpty(str2), "userName is null or empty");
        Preconditions.checkArgument(StringUtils.isNotEmpty(str3), "requestedGroupIdAttribute is null or empty");
        ArrayList arrayList = new ArrayList();
        _Connection _connection = null;
        try {
            String activeDirectoryBindString = getActiveDirectoryBindString(str);
            if (activeDirectoryBindString == null) {
                if (0 != 0) {
                    _connection.close();
                    _connection.dispose();
                }
                this.com4jWrapper.cleanUp();
                return arrayList;
            }
            _connection = getActiveDirectoryConnection();
            if (_connection == null) {
                if (_connection != null) {
                    _connection.close();
                    _connection.dispose();
                }
                this.com4jWrapper.cleanUp();
                return arrayList;
            }
            String userDistinguishedName = getUserDistinguishedName(_connection, activeDirectoryBindString, str, str2);
            if (StringUtils.isBlank(userDistinguishedName)) {
                if (_connection != null) {
                    _connection.close();
                    _connection.dispose();
                }
                this.com4jWrapper.cleanUp();
                return arrayList;
            }
            arrayList.addAll(getUserGroupsFromAd(_connection, activeDirectoryBindString, str, userDistinguishedName, str3));
            if (_connection != null) {
                _connection.close();
                _connection.dispose();
            }
            this.com4jWrapper.cleanUp();
            return arrayList;
        } catch (Throwable th) {
            if (_connection != null) {
                _connection.close();
                _connection.dispose();
            }
            this.com4jWrapper.cleanUp();
            throw th;
        }
    }

    @VisibleForTesting
    String getActiveDirectoryBindString(String str) {
        String str2 = null;
        LOG.debug("Getting active directory bind string for domain: {}", str);
        IADs iADs = null;
        try {
            iADs = getRootDse(str);
            if (iADs != null) {
                String str3 = (String) getRootDseAttribute(iADs, DEFAULT_NAMING_CONTEXT_STR);
                if (StringUtils.isNotBlank(str3)) {
                    str2 = String.format("LDAP://%s/%s", str, str3);
                }
            }
            if (iADs != null) {
                iADs.dispose();
            }
            if (StringUtils.isNotBlank(str2)) {
                LOG.debug("Active directory bind string for the domain {}: {}", str, str2);
            } else {
                LOG.debug("Unable to get the active directory bind string for the domain {}", str);
            }
            return str2;
        } catch (Throwable th) {
            if (iADs != null) {
                iADs.dispose();
            }
            throw th;
        }
    }

    @VisibleForTesting
    _Connection getActiveDirectoryConnection() {
        _Connection createConnection = this.com4jWrapper.createConnection();
        if (createConnection != null) {
            createConnection.provider(ADS_OBJECT_PROVIDER_STR);
            try {
                createConnection.open(DEFAULT_AD_CONNECTION_STR, StringUtils.EMPTY, StringUtils.EMPTY, -1);
            } catch (ComException | ExecutionException e) {
                LOG.error("Unable to get connection to the active directory. {}", e.getMessage());
                createConnection = null;
            }
        } else {
            LOG.error("Unable to create connection to the active directory.");
        }
        return createConnection;
    }

    @VisibleForTesting
    String getUserAttributeValue(Fields fields, String str) {
        String str2 = null;
        try {
            Field item = fields.item(str);
            if (item != null) {
                Object value = item.value();
                if (value != null) {
                    str2 = value.toString();
                    LOG.trace("Value of user attribute {}: {}", str, str2);
                }
            } else {
                LOG.debug("User attribute {} doesn't exist.", str);
            }
        } catch (ComException e) {
            LOG.debug("Unable to get {}. {}", str, e.getMessage());
        }
        return str2;
    }

    private Object getRootDseAttribute(IADs iADs, String str) {
        Object obj = null;
        try {
            LOG.trace("Getting value of {} from {}", str, ROOT_DSE);
            obj = iADs.get(str);
            LOG.trace("Value of {} from {} : {}", new Object[]{str, ROOT_DSE, obj});
        } catch (ComException e) {
            LOG.debug("Unable to get value of attribute {} from {}: {}", new Object[]{str, ROOT_DSE, e.getMessage()});
        }
        return obj;
    }

    private IADs getRootDse(String str) {
        IADs iADs = null;
        String format = String.format("LDAP://%s/%s", str, ROOT_DSE);
        try {
            iADs = (IADs) this.com4jWrapper.getObject(IADs.class, format, null);
        } catch (ComException | ExecutionException e) {
            LOG.debug("Unable to get {} for the active directory bind string {}: {}", new Object[]{ROOT_DSE, format, e.getMessage()});
        }
        return iADs;
    }

    private Map<String, String> getUserDetailsFromAd(_Connection _connection, String str, String str2, String str3, Collection<String> collection) {
        Map<String, String> hashMap = new HashMap();
        Collection<Map<String, String>> executeQuery = executeQuery(_connection, getUserDetailsCommandText(str, str3, collection), collection);
        if (executeQuery.size() == 1) {
            hashMap = executeQuery.iterator().next();
        } else {
            LOG.debug("No details record for the user found: " + str2 + "\\" + str3);
        }
        return hashMap;
    }

    private String getUserDistinguishedName(_Connection _connection, String str, String str2, String str3) {
        ArrayList arrayList = new ArrayList();
        arrayList.add(DISTINGUISHED_NAME_STR);
        return getUserDetailsFromAd(_connection, str, str2, str3, arrayList).get(DISTINGUISHED_NAME_STR);
    }

    private Collection<String> getUserGroupsFromAd(_Connection _connection, String str, String str2, String str3, String str4) {
        ArrayList arrayList = new ArrayList();
        String userGroupsCommandText = getUserGroupsCommandText(str, str3, str4);
        ArrayList arrayList2 = new ArrayList();
        arrayList2.add(str4);
        Iterator<Map<String, String>> it = executeQuery(_connection, userGroupsCommandText, arrayList2).iterator();
        while (it.hasNext()) {
            String str5 = it.next().get(str4);
            if (StringUtils.isNotBlank(str5)) {
                arrayList.add(str5);
            }
        }
        return arrayList;
    }

    private Collection<Map<String, String>> executeQuery(_Connection _connection, String str, Collection<String> collection) {
        Collection<Map<String, String>> arrayList = new ArrayList();
        _Recordset _recordset = null;
        try {
            _recordset = executeCommand(_connection, str);
            if (_recordset != null) {
                arrayList = getDataFromRecordSet(_recordset, collection);
            }
            if (_recordset != null) {
                _recordset.close();
                _recordset.dispose();
            }
            return arrayList;
        } catch (Throwable th) {
            if (_recordset != null) {
                _recordset.close();
                _recordset.dispose();
            }
            throw th;
        }
    }

    private Collection<Map<String, String>> getDataFromRecordSet(_Recordset _recordset, Collection<String> collection) {
        ArrayList arrayList = new ArrayList();
        while (!_recordset.eof()) {
            try {
                Fields fields = _recordset.fields();
                if (fields != null) {
                    HashMap hashMap = new HashMap();
                    for (String str : collection) {
                        hashMap.put(str, getUserAttributeValue(fields, str));
                    }
                    arrayList.add(hashMap);
                }
                _recordset.moveNext();
            } catch (ComException e) {
                LOG.debug("Exception while getting data from the record-set :  {} ", e.getMessage());
            }
        }
        return arrayList;
    }

    private _Recordset executeCommand(_Connection _connection, String str) {
        _Recordset _recordset = null;
        Com4jObject com4jObject = null;
        try {
            try {
                _Command createCommand = this.com4jWrapper.createCommand(_connection, str);
                if (createCommand != null) {
                    LOG.trace("Executing command: {}", str);
                    _recordset = createCommand.execute(null, this.com4jWrapper.getMissing(), -1);
                } else {
                    LOG.error("Unable to create the active directory command {}", str);
                }
                if (createCommand != null) {
                    createCommand.dispose();
                }
            } catch (ComException e) {
                LOG.debug("Exception while executing the command :  {} ", e.getMessage());
                if (0 != 0) {
                    com4jObject.dispose();
                }
            }
            return _recordset;
        } catch (Throwable th) {
            if (0 != 0) {
                com4jObject.dispose();
            }
            throw th;
        }
    }

    private String getUserDetailsCommandText(String str, String str2, Collection<String> collection) {
        return String.format("<%s>;%s;%s;SubTree", str, String.format("(%s=%s)", SAMACCOUNTNAME_STR, str2), StringUtils.join(collection, ","));
    }

    private String getUserGroupsCommandText(String str, String str2, String str3) {
        return String.format("<%s>;%s;%s;SubTree", str, String.format("(&(objectClass=group)(member=%s))", str2), str3);
    }
}
