package imcode.server.user;

import com.imcode.imcms.servlet.SearchDocumentsPage;
import java.beans.PropertyDescriptor;
import java.lang.reflect.InvocationTargetException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashSet;
import java.util.Hashtable;
import java.util.Map;
import java.util.Properties;
import java.util.StringTokenizer;
import java.util.TreeSet;
import javax.naming.AuthenticationException;
import javax.naming.CommunicationException;
import javax.naming.NameNotFoundException;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import org.apache.commons.beanutils.BeanUtils;
import org.apache.commons.beanutils.PropertyUtils;
import org.apache.commons.collections.ExtendedProperties;
import org.apache.commons.lang.ArrayUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.lang.UnhandledException;
import org.apache.log4j.Logger;

/* loaded from: input_file:imcode/server/user/LdapUserAndRoleRegistry.class */
public class LdapUserAndRoleRegistry implements Authenticator, UserAndRoleRegistry {
    private static final Logger log;
    public static final String DEFAULT_LDAP_ROLE = "LDAP";
    public static final String AUTHENTICATION_TYPE_SIMPLE = "simple";
    private static final String DISTINGUISHED_NAME = "dn";
    private static final String PERSON_SURNAME = "sn";
    private static final String PERSON_TELEPHONE_NUMBER = "telephoneNumber";
    private static final String ORGANIZATIONALPERSON_TITLE = "title";
    private static final String ORGANIZATIONALPERSON_STATE_OR_PROVINCE_NAME = "st";
    private static final String ORGANIZATIONALPERSON_POSTAL_CODE = "postalCode";
    private static final String ORGANIZATIONALPERSON_STREET_ADRESS = "streetAddress";
    private static final String INETORGPERSON_GIVEN_NAME = "givenName";
    private static final String INETORGPERSON_MAIL = "mail";
    private static final String INETORGPERSON_HOME_PHONE = "homePhone";
    private static final String INETORGPERSON_MOBILE = "mobile";
    private static final String INETORGPERSON_LOCALITY_NAME = "l";
    private static final String INETORGPERSON_ORGANIZATION = "o";
    static final String INETORGPERSON_USER_IDENTITY = "uid";
    private String ldapUrl;
    private String ldapAuthenticationType;
    private String ldapBindDn;
    private String ldapPassword;
    private String[] ldapAttributesAutoMappedToRoles;
    private static final Map defaultUserPropertyNameToLdapAttributeNameMap;
    private static final String LDAP_USER_OBJECTCLASS__INETORGPERSON = "inetOrgPerson";
    private static final String LDAP_USER_OBJECTCLASS_DEFAULT = "inetOrgPerson";
    static Class class$imcode$server$user$LdapUserAndRoleRegistry;
    static Class class$imcode$server$user$UserDomainObject;
    private DirContext ctx = null;
    private String ldapUserObjectClass = null;
    private Properties userPropertyNameToLdapAttributeNameMap = new Properties();

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: imcode.server.user.LdapUserAndRoleRegistry$1, reason: invalid class name */
    /* loaded from: input_file:imcode/server/user/LdapUserAndRoleRegistry$1.class */
    public static class AnonymousClass1 {
    }

    /* loaded from: input_file:imcode/server/user/LdapUserAndRoleRegistry$LdapInitException.class */
    public class LdapInitException extends Exception {
        private final LdapUserAndRoleRegistry this$0;

        /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
        public LdapInitException(LdapUserAndRoleRegistry ldapUserAndRoleRegistry, String str) {
            super(str);
            this.this$0 = ldapUserAndRoleRegistry;
        }

        /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
        private LdapInitException(LdapUserAndRoleRegistry ldapUserAndRoleRegistry, String str, Throwable th) {
            super(str, th);
            this.this$0 = ldapUserAndRoleRegistry;
        }

        LdapInitException(LdapUserAndRoleRegistry ldapUserAndRoleRegistry, String str, Throwable th, AnonymousClass1 anonymousClass1) {
            this(ldapUserAndRoleRegistry, str, th);
        }
    }

    public LdapUserAndRoleRegistry(Properties properties) throws LdapInitException {
        String[] splitStringOnCommasAndSpaces = splitStringOnCommasAndSpaces(properties.getProperty("LdapAttributesMappedToRoles", SearchDocumentsPage.USER_DOCUMENTS_RESTRICTION__NONE));
        Properties properties2 = new Properties();
        ExtendedProperties subset = ExtendedProperties.convertProperties(properties).subset("LdapUserAttribute");
        if (null != subset) {
            properties2.putAll(subset);
        }
        init(properties.getProperty("LdapUrl", "ldap://localhost/"), AUTHENTICATION_TYPE_SIMPLE, properties.getProperty("LdapUserObjectClass", "inetOrgPerson"), properties.getProperty("LdapBindDn", SearchDocumentsPage.USER_DOCUMENTS_RESTRICTION__NONE), properties.getProperty("LdapPassword", SearchDocumentsPage.USER_DOCUMENTS_RESTRICTION__NONE), splitStringOnCommasAndSpaces, properties2);
    }

    public LdapUserAndRoleRegistry(String str, String str2, String str3, String str4, String str5, String[] strArr) throws LdapInitException {
        init(str, str2, str3, str4, str5, strArr, new Properties());
    }

    @Override // imcode.server.user.UserAndRoleRegistry
    public String[] getAllRoleNames() {
        return new String[]{DEFAULT_LDAP_ROLE};
    }

    private void init(String str, String str2, String str3, String str4, String str5, String[] strArr, Properties properties) throws LdapInitException {
        this.ldapAttributesAutoMappedToRoles = strArr;
        initLdapUserAttributesMap(properties);
        this.ldapUrl = str;
        this.ldapUserObjectClass = str3;
        this.ldapAuthenticationType = str2;
        this.ldapBindDn = str4;
        this.ldapPassword = str5;
        setupInitialDirContext();
    }

    private void initLdapUserAttributesMap(Properties properties) throws LdapInitException {
        Class cls;
        this.userPropertyNameToLdapAttributeNameMap.putAll(defaultUserPropertyNameToLdapAttributeNameMap);
        this.userPropertyNameToLdapAttributeNameMap.putAll(properties);
        TreeSet treeSet = new TreeSet(this.userPropertyNameToLdapAttributeNameMap.keySet());
        if (class$imcode$server$user$UserDomainObject == null) {
            cls = class$("imcode.server.user.UserDomainObject");
            class$imcode$server$user$UserDomainObject = cls;
        } else {
            cls = class$imcode$server$user$UserDomainObject;
        }
        treeSet.removeAll(Arrays.asList(getCapitalizedSettableBeanPropertyNames(cls)));
        if (!treeSet.isEmpty()) {
            throw new LdapInitException(this, new StringBuffer().append("Unrecognized LdapUserAttributes: ").append(StringUtils.join(treeSet.iterator(), ", ")).toString());
        }
    }

    private void setupInitialDirContext() throws LdapInitException {
        try {
            this.ctx = loginAndGetInitialDirContext(this.ldapUrl, this.ldapAuthenticationType, this.ldapBindDn, this.ldapPassword);
        } catch (AuthenticationException e) {
            throw new LdapInitException(this, new StringBuffer().append("Authentication failed, using login: '").append(this.ldapBindDn).append("'").toString(), e, null);
        } catch (NameNotFoundException e2) {
            throw new LdapInitException(this, new StringBuffer().append("Root not found: ").append(this.ldapUrl).toString(), e2, null);
        } catch (NamingException e3) {
            throw new LdapInitException(this, new StringBuffer().append("Failed to create LDAP context ").append(this.ldapUrl).append(": ").append(e3.getExplanation()).toString(), e3, null);
        }
    }

    @Override // imcode.server.user.Authenticator
    public boolean authenticate(String str, String str2) {
        String str3;
        boolean z = false;
        try {
            Properties searchForUserAttributes = searchForUserAttributes(str, new String[]{DISTINGUISHED_NAME});
            if (null != searchForUserAttributes && null != (str3 = (String) searchForUserAttributes.get(DISTINGUISHED_NAME))) {
                loginAndGetInitialDirContext(this.ldapUrl, this.ldapAuthenticationType, str3, str2);
                z = true;
            }
        } catch (AuthenticationException e) {
            z = false;
        } catch (NamingException e2) {
            log.warn("Failed to get ldap context.", e2);
            z = false;
        }
        return z;
    }

    @Override // imcode.server.user.UserAndRoleRegistry
    public UserDomainObject getUser(String str) {
        UserDomainObject userDomainObject = null;
        Properties searchForUserAttributes = searchForUserAttributes(str, null);
        if (null != searchForUserAttributes) {
            userDomainObject = createUserFromLdapAttributes(searchForUserAttributes);
            userDomainObject.setLoginName(str);
            userDomainObject.setActive(true);
        }
        return userDomainObject;
    }

    private Properties createMapFromSearchResult(SearchResult searchResult, String[] strArr) {
        NamingEnumeration all = searchResult.getAttributes().getAll();
        Properties properties = new Properties();
        try {
            if (!all.hasMore()) {
                if (null == strArr || ArrayUtils.contains(strArr, DISTINGUISHED_NAME)) {
                    properties.put(DISTINGUISHED_NAME, ((DirContext) searchResult.getObject()).getNameInNamespace());
                }
            }
        } catch (NamingException e) {
            log.error(e);
        }
        while (all.hasMoreElements()) {
            Attribute attribute = (Attribute) all.nextElement();
            String id = attribute.getID();
            String str = null;
            try {
                str = attribute.get().toString();
            } catch (NamingException e2) {
                log.error(e2);
            }
            properties.setProperty(id, str);
        }
        return properties;
    }

    private UserDomainObject createUserFromLdapAttributes(Properties properties) {
        String property;
        UserDomainObject userDomainObject = new UserDomainObject();
        for (PropertyDescriptor propertyDescriptor : PropertyUtils.getPropertyDescriptors(userDomainObject)) {
            try {
                if (null != propertyDescriptor.getWriteMethod()) {
                    String name = propertyDescriptor.getName();
                    String property2 = this.userPropertyNameToLdapAttributeNameMap.getProperty(StringUtils.capitalize(name));
                    if (null != property2 && null != (property = properties.getProperty(property2))) {
                        BeanUtils.setProperty(userDomainObject, name, property);
                    }
                }
            } catch (IllegalAccessException e) {
                throw new UnhandledException(e);
            } catch (InvocationTargetException e2) {
                throw new UnhandledException(e2);
            }
        }
        return userDomainObject;
    }

    private static DirContext loginAndGetInitialDirContext(String str, String str2, String str3, String str4) throws NamingException {
        Hashtable hashtable = new Hashtable();
        hashtable.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
        hashtable.put("java.naming.provider.url", str);
        hashtable.put("java.naming.security.authentication", str2);
        hashtable.put("java.naming.security.principal", str3);
        hashtable.put("java.naming.security.credentials", str4);
        return new InitialDirContext(hashtable);
    }

    @Override // imcode.server.user.UserAndRoleRegistry
    public String[] getRoleNames(UserDomainObject userDomainObject) {
        HashSet hashSet = new HashSet(searchForUserAttributes(userDomainObject.getLoginName(), this.ldapAttributesAutoMappedToRoles).values());
        String[] strArr = new String[hashSet.size() + 1];
        hashSet.toArray(strArr);
        strArr[strArr.length - 1] = DEFAULT_LDAP_ROLE;
        return strArr;
    }

    private Properties searchForUserAttributes(String str, String[] strArr) {
        Properties properties = null;
        try {
            try {
                properties = trySearchForUserAttributes(str, strArr);
            } catch (CommunicationException e) {
                log.warn("Problem communicating with LDAP server, reconnecting.", e);
                properties = reconnectAndRetrySearchForUserAttributes(str, strArr);
            }
        } catch (NamingException e2) {
            log.warn(new StringBuffer().append("Could not find user ").append(str).toString(), e2);
        }
        return properties;
    }

    private Properties reconnectAndRetrySearchForUserAttributes(String str, String[] strArr) throws NamingException {
        try {
            setupInitialDirContext();
        } catch (LdapInitException e) {
            log.fatal("Could not reconnect to LDAP server.", e);
        }
        return trySearchForUserAttributes(str, strArr);
    }

    private Properties trySearchForUserAttributes(String str, String[] strArr) throws NamingException {
        String property = this.userPropertyNameToLdapAttributeNameMap.getProperty("LoginName");
        SearchControls searchControls = new SearchControls();
        searchControls.setSearchScope(2);
        searchControls.setReturningAttributes(strArr);
        searchControls.setReturningObjFlag(true);
        NamingEnumeration search = this.ctx.search(SearchDocumentsPage.USER_DOCUMENTS_RESTRICTION__NONE, "(&(objectClass={0})({1}={2}))", new Object[]{this.ldapUserObjectClass, property, str}, searchControls);
        Properties properties = null;
        if (search != null && search.hasMore()) {
            properties = createMapFromSearchResult((SearchResult) search.nextElement(), strArr);
        } else {
            log.debug(new StringBuffer().append("Could not find user ").append(str).toString());
        }
        return properties;
    }

    @Override // imcode.server.user.UserAndRoleRegistry
    public RoleDomainObject getRoleByName(String str) {
        throw new UnsupportedOperationException(new StringBuffer().append("getRoleByName(String roleName) not supported for ").append(getClass()).toString());
    }

    private static String[] splitStringOnCommasAndSpaces(String str) {
        StringTokenizer stringTokenizer = new StringTokenizer(str, ", ");
        String[] strArr = new String[stringTokenizer.countTokens()];
        for (int i = 0; i < strArr.length; i++) {
            strArr[i] = stringTokenizer.nextToken();
        }
        return strArr;
    }

    private static String[] getCapitalizedSettableBeanPropertyNames(Class cls) {
        PropertyDescriptor[] propertyDescriptors = PropertyUtils.getPropertyDescriptors(cls);
        ArrayList arrayList = new ArrayList();
        for (PropertyDescriptor propertyDescriptor : propertyDescriptors) {
            if (null != propertyDescriptor.getWriteMethod()) {
                arrayList.add(StringUtils.capitalize(propertyDescriptor.getName()));
            }
        }
        return (String[]) arrayList.toArray(new String[arrayList.size()]);
    }

    public void setUserPropertyLdapAttribute(String str, String str2) {
        this.userPropertyNameToLdapAttributeNameMap.put(str, str2);
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    static {
        Class cls;
        if (class$imcode$server$user$LdapUserAndRoleRegistry == null) {
            cls = class$("imcode.server.user.LdapUserAndRoleRegistry");
            class$imcode$server$user$LdapUserAndRoleRegistry = cls;
        } else {
            cls = class$imcode$server$user$LdapUserAndRoleRegistry;
        }
        log = Logger.getLogger(cls);
        defaultUserPropertyNameToLdapAttributeNameMap = ArrayUtils.toMap(new String[]{new String[]{"LoginName", INETORGPERSON_USER_IDENTITY}, new String[]{"FirstName", INETORGPERSON_GIVEN_NAME}, new String[]{"LastName", PERSON_SURNAME}, new String[]{"Title", ORGANIZATIONALPERSON_TITLE}, new String[]{"Company", INETORGPERSON_ORGANIZATION}, new String[]{"Address", ORGANIZATIONALPERSON_STREET_ADRESS}, new String[]{"City", INETORGPERSON_LOCALITY_NAME}, new String[]{"Zip", ORGANIZATIONALPERSON_POSTAL_CODE}, new String[]{"CountyCouncil", ORGANIZATIONALPERSON_STATE_OR_PROVINCE_NAME}, new String[]{"EmailAddress", INETORGPERSON_MAIL}, new String[]{"WorkPhone", PERSON_TELEPHONE_NUMBER}, new String[]{"MobilePhone", INETORGPERSON_MOBILE}, new String[]{"HomePhone", INETORGPERSON_HOME_PHONE}});
    }
}
