package fish.payara.microprofile.config.extensions.ldap;

import com.sun.enterprise.util.StringUtils;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.Hashtable;
import java.util.List;
import java.util.Map;
import java.util.logging.Level;
import java.util.logging.Logger;
import java.util.stream.Collectors;
import javax.naming.AuthenticationException;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.naming.ldap.Control;
import javax.naming.ldap.InitialLdapContext;
import javax.naming.ldap.LdapContext;
import javax.naming.ldap.StartTlsRequest;
import javax.naming.ldap.StartTlsResponse;
import org.glassfish.config.support.TranslatedConfigView;
import org.glassfish.internal.api.ORBLocator;

/* loaded from: input_file:fish/payara/microprofile/config/extensions/ldap/LDAPConfigSourceHelper.class */
public class LDAPConfigSourceHelper {
    private static final Logger logger = Logger.getLogger(LDAPConfigSourceHelper.class.getName());
    private final LDAPConfigSourceConfiguration configuration;

    public LDAPConfigSourceHelper(LDAPConfigSourceConfiguration lDAPConfigSourceConfiguration) {
        this.configuration = lDAPConfigSourceConfiguration;
    }

    public synchronized String getConfigValue(String str) {
        String str2 = null;
        StartTlsResponse startTlsResponse = null;
        LdapContext context = getContext();
        if (Boolean.valueOf(this.configuration.getStartTLSEnabled()).booleanValue()) {
            startTlsResponse = startTLSConnection(context);
        }
        try {
            if (context != null) {
                try {
                    if (StringUtils.ok(this.configuration.getSearchBase()) && StringUtils.ok(this.configuration.getSearchFilter())) {
                        SearchControls searchControls = new SearchControls();
                        searchControls.setReturningAttributes(new String[]{str});
                        searchControls.setSearchScope(convertScopeValue(this.configuration.getSearchBase()));
                        NamingEnumeration search = context.search(this.configuration.getSearchBase(), this.configuration.getSearchFilter(), searchControls);
                        ArrayList arrayList = new ArrayList();
                        while (search.hasMoreElements()) {
                            Attribute attribute = ((SearchResult) search.next()).getAttributes().get(str);
                            if (attribute != null) {
                                if (attribute.size() > 1) {
                                    arrayList.addAll(Collections.list(attribute.getAll()));
                                } else {
                                    arrayList.add(attribute.get());
                                }
                            }
                        }
                        if (!arrayList.isEmpty()) {
                            str2 = (String) arrayList.stream().map(obj -> {
                                return String.valueOf(obj);
                            }).collect(Collectors.joining(","));
                        }
                    } else {
                        Attribute attribute2 = context.getAttributes(this.configuration.getBindDN()).get(str);
                        if (attribute2 != null) {
                            str2 = attribute2.size() > 1 ? (String) Collections.list(attribute2.getAll()).stream().map(obj2 -> {
                                return String.valueOf(obj2);
                            }).collect(Collectors.joining(",")) : attribute2.get().toString();
                        }
                    }
                } catch (NamingException e) {
                    logger.log(Level.WARNING, "Could not find the LDAP attibute named {0}:{1}", new Object[]{str, e.getMessage()});
                    closeConnection(context, startTlsResponse);
                }
            }
            closeConnection(context, startTlsResponse);
            return str2;
        } catch (Throwable th) {
            closeConnection(context, startTlsResponse);
            throw th;
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v45, types: [java.util.Map] */
    public synchronized Map<String, String> getAllConfigValues() {
        HashMap hashMap = new HashMap();
        StartTlsResponse startTlsResponse = null;
        LdapContext context = getContext();
        if (Boolean.valueOf(this.configuration.getStartTLSEnabled()).booleanValue()) {
            startTlsResponse = startTLSConnection(context);
        }
        try {
            if (context != null) {
                try {
                    if (StringUtils.ok(this.configuration.getSearchBase()) && StringUtils.ok(this.configuration.getSearchFilter())) {
                        SearchControls searchControls = new SearchControls();
                        searchControls.setReturningAttributes((String[]) null);
                        searchControls.setSearchScope(convertScopeValue(this.configuration.getSearchBase()));
                        NamingEnumeration search = context.search(this.configuration.getSearchBase(), this.configuration.getSearchFilter(), searchControls);
                        HashMap hashMap2 = new HashMap();
                        while (search.hasMoreElements()) {
                            NamingEnumeration all = ((SearchResult) search.next()).getAttributes().getAll();
                            while (all.hasMoreElements()) {
                                Attribute attribute = (Attribute) all.nextElement();
                                List list = (List) hashMap2.get(attribute.getID());
                                if (list == null) {
                                    list = new ArrayList();
                                    hashMap2.put(attribute.getID(), list);
                                }
                                list.add(attribute.get());
                            }
                        }
                        hashMap = (Map) hashMap2.entrySet().stream().collect(Collectors.toMap((v0) -> {
                            return v0.getKey();
                        }, entry -> {
                            return (String) ((List) entry.getValue()).stream().map(String::valueOf).collect(Collectors.joining(","));
                        }));
                    } else {
                        NamingEnumeration all2 = context.getAttributes(this.configuration.getBindDN()).getAll();
                        while (all2.hasMoreElements()) {
                            Attribute attribute2 = (Attribute) all2.nextElement();
                            hashMap.put(attribute2.getID(), attribute2.get().toString());
                        }
                    }
                } catch (NamingException e) {
                    logger.log(Level.WARNING, "Could not fetch the LDAP attibutes:{0}", e.getMessage());
                    closeConnection(context, startTlsResponse);
                }
            }
            closeConnection(context, startTlsResponse);
            return hashMap;
        } catch (Throwable th) {
            closeConnection(context, startTlsResponse);
            throw th;
        }
    }

    private LdapContext getContext() {
        LdapContext ldapContext = null;
        if (StringUtils.ok(this.configuration.getUrl())) {
            try {
                ldapContext = getContext(this.configuration.getUrl(), this.configuration.getBindDN(), this.configuration.getBindDNPassword(), Boolean.valueOf(this.configuration.getStartTLSEnabled()).booleanValue(), this.configuration.getConnectionTimeout(), this.configuration.getReadTimeout());
            } catch (NamingException e) {
                logger.log(Level.SEVERE, "Could not create the LDAP context for {0}:{1}", new Object[]{this.configuration.getUrl(), e.getMessage()});
            }
        }
        return ldapContext;
    }

    private StartTlsResponse startTLSConnection(LdapContext ldapContext) {
        StartTlsResponse startTlsResponse = null;
        if (Boolean.valueOf(this.configuration.getStartTLSEnabled()).booleanValue()) {
            try {
                startTlsResponse = (StartTlsResponse) ldapContext.extendedOperation(new StartTlsRequest());
                if (startTlsResponse == null) {
                    throw new NamingException("Could not establish the LDAP connection through StartTLS");
                }
                try {
                    startTlsResponse.negotiate();
                    ldapContext.addToEnvironment("java.naming.security.authentication", this.configuration.getAuthType());
                    if (!"none".equals(this.configuration.getAuthType())) {
                        ldapContext.addToEnvironment("java.naming.security.principal", this.configuration.getBindDN());
                        ldapContext.addToEnvironment("java.naming.security.credentials", translatePassword(this.configuration.getBindDNPassword()));
                    }
                    ldapContext.lookup("");
                } catch (IOException e) {
                    throw new AuthenticationException("Could not negotiate TLS");
                }
            } catch (NamingException e2) {
                logger.log(Level.SEVERE, "Could not create the LDAP context for '{0}':{1}", new Object[]{this.configuration.getUrl(), e2.getMessage()});
            }
        }
        return startTlsResponse;
    }

    private LdapContext getContext(String str, String str2, String str3, boolean z, String str4, String str5) throws NamingException {
        Hashtable hashtable = new Hashtable();
        hashtable.put("java.naming.factory.initial", LDAPConfigSourceConfiguration.LDAP_CONTEXT_FACTORY);
        hashtable.put(ORBLocator.JNDI_PROVIDER_URL_PROPERTY, str);
        if (!z) {
            hashtable.put("java.naming.security.authentication", this.configuration.getAuthType());
            if (!"none".equals(this.configuration.getAuthType())) {
                hashtable.put("java.naming.security.principal", str2);
                hashtable.put("java.naming.security.credentials", translatePassword(str3));
            }
        }
        if (StringUtils.ok(str4)) {
            hashtable.put(LDAPConfigSourceConfiguration.LDAP_CONNECT_TIMEOUT, str4);
        }
        if (StringUtils.ok(str5)) {
            hashtable.put(LDAPConfigSourceConfiguration.LDAP_READ_TIMEOUT, str5);
        }
        return new InitialLdapContext(hashtable, (Control[]) null);
    }

    private char[] translatePassword(String str) {
        if (str != null && TranslatedConfigView.getAlias(str) != null) {
            try {
                str = TranslatedConfigView.getRealPasswordFromAlias(str);
            } catch (Exception e) {
                logger.log(Level.WARNING, e.getMessage(), (Throwable) e);
            }
        }
        if (str != null) {
            return str.toCharArray();
        }
        return null;
    }

    private static void closeConnection(LdapContext ldapContext, StartTlsResponse startTlsResponse) {
        if (startTlsResponse != null) {
            try {
                startTlsResponse.close();
            } catch (IOException e) {
            }
        }
        if (ldapContext != null) {
            try {
                ldapContext.close();
            } catch (NamingException e2) {
            }
        }
    }

    private static int convertScopeValue(String str) {
        if (LDAPConfigSourceConfiguration.SEARCH_SCOPE_ONELEVEL.equals(str)) {
            return 1;
        }
        if (LDAPConfigSourceConfiguration.SEARCH_SCOPE_SUBTREE.equals(str)) {
            return 2;
        }
        return LDAPConfigSourceConfiguration.SEARCH_SCOPE_OBJECT.equals(str) ? 0 : 1;
    }
}
