package com.imcode.net.ldap;

import java.util.Collections;
import java.util.HashSet;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import javax.naming.CommunicationException;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.DirContext;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import org.apache.commons.collections.map.CaseInsensitiveMap;
import org.apache.commons.lang.ArrayUtils;
import org.apache.commons.lang.UnhandledException;
import org.apache.log4j.Logger;

/* loaded from: input_file:com/imcode/net/ldap/LdapConnection.class */
public class LdapConnection {
    private static final Logger LOG = Logger.getLogger(LdapConnection.class);
    private static final String AUTHENTICATION_TYPE_SIMPLE = "simple";
    public static final String DISTINGUISHED_NAME = "dn";
    private final Hashtable<String, String> env;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/imcode/net/ldap/LdapConnection$LdapCommand.class */
    public interface LdapCommand<T> {
        T execute() throws NamingException, LdapClientException;
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/imcode/net/ldap/LdapConnection$SearchMultivalueResultIterator.class */
    public static class SearchMultivalueResultIterator implements Iterator<Map<String, Set<String>>> {
        private final NamingEnumeration<SearchResult> enumeration;
        private final SearchControls searchControls;

        SearchMultivalueResultIterator(NamingEnumeration<SearchResult> namingEnumeration, SearchControls searchControls) {
            this.enumeration = namingEnumeration;
            this.searchControls = searchControls;
        }

        @Override // java.util.Iterator
        public boolean hasNext() {
            return this.enumeration.hasMoreElements();
        }

        /* JADX WARN: Can't rename method to resolve collision */
        @Override // java.util.Iterator
        public Map<String, Set<String>> next() {
            try {
                return createMapFromSearchResult((SearchResult) this.enumeration.nextElement());
            } catch (NamingException e) {
                throw new UnhandledException(e);
            }
        }

        @Override // java.util.Iterator
        public void remove() {
            throw new UnsupportedOperationException();
        }

        private Map<String, Set<String>> createMapFromSearchResult(SearchResult searchResult) throws NamingException {
            NamingEnumeration all = searchResult.getAttributes().getAll();
            CaseInsensitiveMap caseInsensitiveMap = new CaseInsensitiveMap();
            while (all.hasMoreElements()) {
                Attribute attribute = (Attribute) all.nextElement();
                String id = attribute.getID();
                NamingEnumeration all2 = attribute.getAll();
                HashSet hashSet = new HashSet();
                while (all2.hasMoreElements()) {
                    hashSet.add(all2.nextElement());
                }
                caseInsensitiveMap.put(id, Collections.unmodifiableSet(hashSet));
            }
            return caseInsensitiveMap;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/imcode/net/ldap/LdapConnection$SearchResultIterator.class */
    public static class SearchResultIterator implements Iterator<Map<String, String>> {
        private final NamingEnumeration<SearchResult> enumeration;
        private final SearchControls searchControls;

        SearchResultIterator(NamingEnumeration<SearchResult> namingEnumeration, SearchControls searchControls) {
            this.enumeration = namingEnumeration;
            this.searchControls = searchControls;
        }

        @Override // java.util.Iterator
        public boolean hasNext() {
            return this.enumeration.hasMoreElements();
        }

        /* JADX WARN: Can't rename method to resolve collision */
        @Override // java.util.Iterator
        public Map<String, String> next() {
            try {
                return createMapFromSearchResult((SearchResult) this.enumeration.nextElement());
            } catch (NamingException e) {
                throw new UnhandledException(e);
            }
        }

        @Override // java.util.Iterator
        public void remove() {
            throw new UnsupportedOperationException();
        }

        private Map<String, String> createMapFromSearchResult(SearchResult searchResult) throws NamingException {
            NamingEnumeration all = searchResult.getAttributes().getAll();
            CaseInsensitiveMap caseInsensitiveMap = new CaseInsensitiveMap();
            while (all.hasMoreElements()) {
                Attribute attribute = (Attribute) all.nextElement();
                caseInsensitiveMap.put(attribute.getID(), attribute.get().toString());
            }
            if (!caseInsensitiveMap.containsKey(LdapConnection.DISTINGUISHED_NAME)) {
                if (null != this.searchControls && this.searchControls.getReturningObjFlag() && (null == this.searchControls.getReturningAttributes() || ArrayUtils.contains(this.searchControls.getReturningAttributes(), LdapConnection.DISTINGUISHED_NAME))) {
                    caseInsensitiveMap.put(LdapConnection.DISTINGUISHED_NAME, ((DirContext) searchResult.getObject()).getNameInNamespace());
                }
            }
            return caseInsensitiveMap;
        }
    }

    public LdapConnection(String str, String str2, String str3) throws LdapClientException {
        this.env = createLdapJndiEnvironment(str, str2, str3);
    }

    private Hashtable<String, String> createLdapJndiEnvironment(String str, String str2, String str3) {
        Hashtable<String, String> hashtable = new Hashtable<>();
        hashtable.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
        hashtable.put("com.sun.jndi.ldap.read.timeout", "5000");
        hashtable.put("java.naming.provider.url", str);
        hashtable.put("java.naming.security.authentication", AUTHENTICATION_TYPE_SIMPLE);
        hashtable.put("java.naming.security.principal", str2);
        hashtable.put("java.naming.security.credentials", str3);
        hashtable.put("java.naming.referral", "follow");
        hashtable.put("java.naming.ldap.attributes.binary", "tokenGroups");
        hashtable.put("com.sun.jndi.ldap.connect.pool", "true");
        hashtable.put("com.sun.jndi.ldap.connect.pool.authentication", AUTHENTICATION_TYPE_SIMPLE);
        hashtable.put("com.sun.jndi.ldap.connect.pool.maxsize", "20");
        hashtable.put("com.sun.jndi.ldap.connect.pool.prefsize", "10");
        hashtable.put("com.sun.jndi.ldap.connect.pool.timeout", "30000");
        hashtable.put("com.sun.jndi.ldap.connect.pool.debug", "fine");
        return hashtable;
    }

    private Iterator<Map<String, String>> trySearch(String str, Object[] objArr, SearchControls searchControls) throws NamingException, LdapClientException {
        if (null == searchControls) {
            searchControls = new SearchControls();
        }
        searchControls.setReturningObjFlag(true);
        return new SearchResultIterator(LdapContextOperationWrapper.from(this.env).searchAndClose(str, objArr, searchControls), searchControls);
    }

    private Iterator<Map<String, Set<String>>> trySearchMultivalues(String str, Object[] objArr, SearchControls searchControls) throws NamingException, LdapClientException {
        if (null == searchControls) {
            searchControls = new SearchControls();
        }
        searchControls.setReturningObjFlag(true);
        return new SearchMultivalueResultIterator(LdapContextOperationWrapper.from(this.env).searchAndClose(str, objArr, searchControls), searchControls);
    }

    public Iterator<Map<String, String>> search(String str, Object[] objArr, SearchControls searchControls) throws LdapClientException {
        try {
            try {
                return trySearch(str, objArr, searchControls);
            } catch (CommunicationException e) {
                LOG.warn("Problem communicating with LDAP server, retrying.", e);
                return trySearch(str, objArr, searchControls);
            }
        } catch (NamingException e2) {
            throw new LdapClientException("LDAP search failed.", e2);
        }
    }

    public Iterator<Map<String, Set<String>>> searchMultivalues(String str, Object[] objArr, SearchControls searchControls) throws LdapClientException {
        try {
            try {
                return trySearchMultivalues(str, objArr, searchControls);
            } catch (CommunicationException e) {
                LOG.warn("Problem communicating with LDAP server, retrying.", e);
                return trySearchMultivalues(str, objArr, searchControls);
            }
        } catch (NamingException e2) {
            throw new LdapClientException("LDAP search failed.", e2);
        }
    }

    private static LdapClientException wrapNamingException(String str, NamingException namingException) {
        return new LdapClientException("Failed to create LDAP context " + str + ": " + namingException.getExplanation(), namingException);
    }

    public String getADUserDn(final String str) throws LdapClientException {
        return (String) executeWitReconnect(new LdapCommand<String>() { // from class: com.imcode.net.ldap.LdapConnection.1
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // com.imcode.net.ldap.LdapConnection.LdapCommand
            public String execute() throws NamingException, LdapClientException {
                SearchControls searchControls = new SearchControls();
                searchControls.setReturningAttributes(new String[0]);
                searchControls.setSearchScope(2);
                NamingEnumeration<SearchResult> searchAndClose = LdapContextOperationWrapper.from(LdapConnection.this.env).searchAndClose("(&(objectClass=user)(sAMAccountName={0}))", new Object[]{str}, searchControls);
                String str2 = null;
                if (searchAndClose.hasMoreElements()) {
                    str2 = ((SearchResult) searchAndClose.nextElement()).getNameInNamespace();
                }
                return str2;
            }
        });
    }

    public Set<String> getADUserGroups(String str) throws LdapClientException {
        String aDUserDn = getADUserDn(str);
        if (aDUserDn == null) {
            return Collections.emptySet();
        }
        HashSet hashSet = new HashSet();
        SearchControls searchControls = new SearchControls();
        searchControls.setSearchScope(0);
        searchControls.setReturningAttributes(new String[]{"tokenGroups"});
        try {
            NamingEnumeration searchBasedOnNamespacesAndClose = LdapContextOperationWrapper.from(this.env).searchBasedOnNamespacesAndClose(aDUserDn, searchControls);
            StringBuilder sb = new StringBuilder();
            sb.append("(|");
            while (searchBasedOnNamespacesAndClose.hasMoreElements()) {
                Attributes attributes = ((SearchResult) searchBasedOnNamespacesAndClose.nextElement()).getAttributes();
                if (attributes != null) {
                    NamingEnumeration all = attributes.getAll();
                    while (all.hasMoreElements()) {
                        NamingEnumeration all2 = ((Attribute) all.nextElement()).getAll();
                        while (all2.hasMoreElements()) {
                            sb.append("(objectSid=" + binarySidToStringSid((byte[]) all2.nextElement()) + ")");
                        }
                    }
                }
            }
            sb.append(")");
            SearchControls searchControls2 = new SearchControls();
            searchControls2.setSearchScope(2);
            searchControls2.setReturningAttributes(new String[]{"sAMAccountName"});
            NamingEnumeration<SearchResult> searchAndClose = LdapContextOperationWrapper.from(this.env).searchAndClose(sb.toString(), searchControls2);
            while (searchAndClose.hasMoreElements()) {
                Attributes attributes2 = ((SearchResult) searchAndClose.nextElement()).getAttributes();
                if (attributes2 != null) {
                    hashSet.add(attributes2.get("sAMAccountName").get().toString());
                }
            }
            return hashSet;
        } catch (NamingException e) {
            throw new LdapClientException("", e);
        }
    }

    public static String binarySidToStringSid(byte[] bArr) {
        String str = "S-" + Long.toString(bArr[0]);
        long j = bArr[4];
        for (int i = 0; i < 4; i++) {
            j = (j << 8) + (bArr[4 + i] & 255);
        }
        String str2 = str + "-" + Long.toString(j);
        long j2 = (bArr[2] << 8) + (bArr[1] & 255);
        for (int i2 = 0; i2 < j2; i2++) {
            long j3 = bArr[11 + (i2 * 4)] & 255;
            for (int i3 = 1; i3 < 4; i3++) {
                j3 = (j3 << 8) + (bArr[(11 - i3) + (i2 * 4)] & 255);
            }
            str2 = str2 + "-" + Long.toString(j3);
        }
        return str2;
    }

    private <T> T executeWitReconnect(LdapCommand<T> ldapCommand) throws LdapClientException {
        return (T) executeWitReconnect(ldapCommand, 2);
    }

    /* JADX WARN: Multi-variable type inference failed */
    private <T> T executeWitReconnect(LdapCommand<T> ldapCommand, int i) throws LdapClientException {
        T executeWitReconnect;
        try {
            executeWitReconnect = ldapCommand.execute();
        } catch (CommunicationException e) {
            if (i <= 1) {
                throw new LdapClientException("", e);
            }
            executeWitReconnect = executeWitReconnect(ldapCommand, i - 1);
        } catch (NamingException e2) {
            throw new LdapClientException("", e2);
        }
        return executeWitReconnect;
    }

    public Hashtable<String, String> getEnv() {
        return this.env;
    }
}
