package com.openkm.principal;

import com.openkm.core.Config;
import com.openkm.util.WebUtils;
import java.text.MessageFormat;
import java.util.ArrayList;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.List;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.ReferralException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/openkm/principal/LdapPrincipalAdapter.class */
public class LdapPrincipalAdapter implements PrincipalAdapter {
    private static Logger log = LoggerFactory.getLogger(LdapPrincipalAdapter.class);

    @Override // com.openkm.principal.PrincipalAdapter
    public List<String> getUsers() throws PrincipalAdapterException {
        log.debug("getUsers()");
        ArrayList arrayList = new ArrayList();
        for (String str : ldapSearch(Config.PRINCIPAL_LDAP_USER_SEARCH_BASE, Config.PRINCIPAL_LDAP_USER_SEARCH_FILTER, Config.PRINCIPAL_LDAP_USER_ATTRIBUTE)) {
            if (!Config.SYSTEM_USER.equals(str)) {
                if (Config.SYSTEM_LOGIN_LOWERCASE) {
                    str = str.toLowerCase();
                }
                arrayList.add(str);
            }
        }
        if (Config.PRINCIPAL_LDAP_USERS_FROM_ROLES) {
            for (String str2 : ldapSearch(Config.PRINCIPAL_LDAP_ROLE_SEARCH_BASE, Config.PRINCIPAL_LDAP_ROLE_SEARCH_FILTER, Config.PRINCIPAL_LDAP_ROLE_ATTRIBUTE)) {
                Iterator<String> it = ldapSearch(MessageFormat.format(Config.PRINCIPAL_LDAP_USERS_BY_ROLE_SEARCH_BASE, str2), MessageFormat.format(Config.PRINCIPAL_LDAP_USERS_BY_ROLE_SEARCH_FILTER, str2), Config.PRINCIPAL_LDAP_USERS_BY_ROLE_ATTRIBUTE).iterator();
                while (it.hasNext()) {
                    String next = it.next();
                    if (!Config.SYSTEM_USER.equals(next)) {
                        if (Config.SYSTEM_LOGIN_LOWERCASE) {
                            next = next.toLowerCase();
                        }
                        if (!arrayList.contains(next)) {
                            arrayList.add(next);
                        }
                    }
                }
            }
        }
        log.debug("getUsers: {}", arrayList);
        return arrayList;
    }

    @Override // com.openkm.principal.PrincipalAdapter
    public List<String> getRoles() throws PrincipalAdapterException {
        log.debug("getRoles()");
        ArrayList arrayList = new ArrayList();
        Iterator<String> it = ldapSearch(Config.PRINCIPAL_LDAP_ROLE_SEARCH_BASE, Config.PRINCIPAL_LDAP_ROLE_SEARCH_FILTER, Config.PRINCIPAL_LDAP_ROLE_ATTRIBUTE).iterator();
        while (it.hasNext()) {
            arrayList.add(it.next());
        }
        log.debug("getRoles: {}", arrayList);
        return arrayList;
    }

    @Override // com.openkm.principal.PrincipalAdapter
    public String getMail(String str) throws PrincipalAdapterException {
        log.debug("getMail({})", str);
        String str2 = null;
        List<String> ldapSearch = ldapSearch(MessageFormat.format(Config.PRINCIPAL_LDAP_MAIL_SEARCH_BASE, str), MessageFormat.format(Config.PRINCIPAL_LDAP_MAIL_SEARCH_FILTER, str), Config.PRINCIPAL_LDAP_MAIL_ATTRIBUTE);
        if (!ldapSearch.isEmpty()) {
            str2 = ldapSearch.get(0);
        }
        log.debug("getMail: {}", str2);
        return str2;
    }

    @Override // com.openkm.principal.PrincipalAdapter
    public String getName(String str) throws PrincipalAdapterException {
        log.debug("getName({})", str);
        String str2 = null;
        List<String> ldapSearch = ldapSearch(MessageFormat.format(Config.PRINCIPAL_LDAP_USERNAME_SEARCH_BASE, str), MessageFormat.format(Config.PRINCIPAL_LDAP_USERNAME_SEARCH_FILTER, str), Config.PRINCIPAL_LDAP_USERNAME_ATTRIBUTE);
        if (!ldapSearch.isEmpty()) {
            str2 = ldapSearch.get(0);
        }
        log.debug("getName: {}", str2);
        return str2;
    }

    @Override // com.openkm.principal.PrincipalAdapter
    public String getPassword(String str) throws PrincipalAdapterException {
        throw new UnsupportedOperationException("Not implemented");
    }

    @Override // com.openkm.principal.PrincipalAdapter
    public List<String> getUsersByRole(String str) throws PrincipalAdapterException {
        log.debug("getUsersByRole({})", str);
        ArrayList arrayList = new ArrayList();
        for (String str2 : ldapSearch(MessageFormat.format(Config.PRINCIPAL_LDAP_USERS_BY_ROLE_SEARCH_BASE, str), MessageFormat.format(Config.PRINCIPAL_LDAP_USERS_BY_ROLE_SEARCH_FILTER, str), Config.PRINCIPAL_LDAP_USERS_BY_ROLE_ATTRIBUTE)) {
            if (!Config.SYSTEM_USER.equals(str2)) {
                if (Config.SYSTEM_LOGIN_LOWERCASE) {
                    str2 = str2.toLowerCase();
                }
                arrayList.add(str2);
            }
        }
        log.debug("getUsersByRole: {}", arrayList);
        return arrayList;
    }

    @Override // com.openkm.principal.PrincipalAdapter
    public List<String> getRolesByUser(String str) throws PrincipalAdapterException {
        log.debug("getRolesByUser({})", str);
        ArrayList arrayList = new ArrayList();
        Iterator<String> it = ldapSearch(MessageFormat.format(Config.PRINCIPAL_LDAP_ROLES_BY_USER_SEARCH_BASE, str), MessageFormat.format(Config.PRINCIPAL_LDAP_ROLES_BY_USER_SEARCH_FILTER, str), Config.PRINCIPAL_LDAP_ROLES_BY_USER_ATTRIBUTE).iterator();
        while (it.hasNext()) {
            arrayList.add(it.next());
        }
        log.debug("getRolesByUser: {}", arrayList);
        return arrayList;
    }

    private List<String> ldapSearch(String str, String str2, String str3) {
        ArrayList arrayList = new ArrayList();
        arrayList.add(str);
        return ldapSearch(arrayList, str2, str3);
    }

    private List<String> ldapSearch(List<String> list, String str, String str2) {
        log.debug("ldapSearch({}, {}, {})", new Object[]{list, str, str2});
        ArrayList arrayList = new ArrayList();
        DirContext dirContext = null;
        try {
            try {
                try {
                    dirContext = new InitialDirContext(getEnvironment());
                    SearchControls searchControls = new SearchControls();
                    searchControls.setSearchScope(2);
                    Iterator<String> it = list.iterator();
                    while (it.hasNext()) {
                        NamingEnumeration search = dirContext.search(it.next(), str, searchControls);
                        while (search.hasMore()) {
                            Attributes attributes = ((SearchResult) search.next()).getAttributes();
                            if (str2.equals(WebUtils.EMPTY_STRING)) {
                                StringBuilder sb = new StringBuilder();
                                NamingEnumeration all = attributes.getAll();
                                while (all.hasMore()) {
                                    sb.append(((Attribute) all.nextElement()).toString());
                                    sb.append("\n");
                                }
                                arrayList.add(sb.toString());
                            } else {
                                Attribute attribute = attributes.get(str2);
                                if (attribute != null) {
                                    NamingEnumeration all2 = attribute.getAll();
                                    while (all2.hasMore()) {
                                        String str3 = (String) all2.nextElement();
                                        if (str3.startsWith("CN=") || str3.startsWith("cn=")) {
                                            String substring = str3.substring(3, str3.indexOf(44));
                                            log.debug("FQDN: {}, CN: {}", str3, substring);
                                            arrayList.add(substring);
                                        } else {
                                            arrayList.add(str3);
                                        }
                                    }
                                }
                            }
                        }
                    }
                    if (dirContext != null) {
                        try {
                            dirContext.close();
                        } catch (NamingException e) {
                            log.error("NamingException closing context: {}", e.getMessage());
                        }
                    }
                } catch (Throwable th) {
                    if (dirContext != null) {
                        try {
                            dirContext.close();
                        } catch (NamingException e2) {
                            log.error("NamingException closing context: {}", e2.getMessage());
                            throw th;
                        }
                    }
                    throw th;
                }
            } catch (NamingException e3) {
                log.error("NamingException: {} (Base: {} - Filter: {} - Attribute: {})", new Object[]{e3.getMessage(), list, str, str2});
                if (dirContext != null) {
                    try {
                        dirContext.close();
                    } catch (NamingException e4) {
                        log.error("NamingException closing context: {}", e4.getMessage());
                    }
                }
            }
        } catch (ReferralException e5) {
            log.error("ReferralException: {}", e5.getMessage());
            log.error("ReferralInfo: {}", e5.getReferralInfo());
            log.error("ResolvedObj: {}", e5.getResolvedObj());
            try {
                log.error("ReferralContext: {}", e5.getReferralContext());
            } catch (NamingException e6) {
                log.error("NamingException logging context: {}", e6.getMessage());
            }
            if (dirContext != null) {
                try {
                    dirContext.close();
                } catch (NamingException e7) {
                    log.error("NamingException closing context: {}", e7.getMessage());
                }
            }
        }
        log.debug("ldapSearch: {}", arrayList);
        return arrayList;
    }

    private static Hashtable<String, String> getEnvironment() {
        Hashtable<String, String> hashtable = new Hashtable<>();
        hashtable.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
        hashtable.put("java.naming.security.authentication", "simple");
        hashtable.put("java.naming.provider.url", Config.PRINCIPAL_LDAP_SERVER);
        hashtable.put("com.sun.jndi.ldap.connect.pool", "true");
        if (!WebUtils.EMPTY_STRING.equals(Config.PRINCIPAL_LDAP_REFERRAL)) {
            hashtable.put("java.naming.referral", Config.PRINCIPAL_LDAP_REFERRAL);
        }
        if (!Config.PRINCIPAL_LDAP_SECURITY_PRINCIPAL.equals(WebUtils.EMPTY_STRING)) {
            hashtable.put("java.naming.security.principal", Config.PRINCIPAL_LDAP_SECURITY_PRINCIPAL);
        }
        if (!Config.PRINCIPAL_LDAP_SECURITY_CREDENTIALS.equals(WebUtils.EMPTY_STRING)) {
            hashtable.put("java.naming.security.credentials", Config.PRINCIPAL_LDAP_SECURITY_CREDENTIALS);
        }
        return hashtable;
    }
}
