package org.picketlink.idm.ldap.internal;

import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.SearchResult;
import org.picketlink.idm.IdentityManagementException;
import org.picketlink.idm.config.LDAPIdentityStoreConfiguration;
import org.picketlink.idm.internal.util.IDMUtil;
import org.picketlink.idm.model.Agent;
import org.picketlink.idm.model.Grant;
import org.picketlink.idm.model.Group;
import org.picketlink.idm.model.GroupMembership;
import org.picketlink.idm.model.GroupRole;
import org.picketlink.idm.model.IdentityType;
import org.picketlink.idm.model.Role;
import org.picketlink.idm.model.User;
import org.picketlink.idm.query.IdentityQuery;
import org.picketlink.idm.query.QueryParameter;
import org.picketlink.idm.query.RelationshipQuery;
import org.picketlink.idm.spi.SecurityContext;

/* loaded from: input_file:org/picketlink/idm/ldap/internal/LDAPQuery.class */
public class LDAPQuery {
    private SecurityContext context;
    private List<LDAPQueryParameter> managedParameters = new ArrayList();
    private Boolean hasCustomAttributes;
    private IdentityQuery<?> identityQuery;
    private LDAPIdentityStore identityStore;
    private boolean hasRelationshipParameters;

    public LDAPQuery(SecurityContext securityContext, IdentityQuery<?> identityQuery, LDAPIdentityStore lDAPIdentityStore) {
        this.hasCustomAttributes = null;
        this.context = securityContext;
        this.identityQuery = identityQuery;
        this.identityStore = lDAPIdentityStore;
        for (Map.Entry entry : identityQuery.getParameters().entrySet()) {
            LDAPQueryParameter lDAPQueryParameter = new LDAPQueryParameter((QueryParameter) entry.getKey(), (Object[]) entry.getValue());
            if (lDAPQueryParameter.isMappedToManagedAttribute()) {
                this.managedParameters.add(lDAPQueryParameter);
            } else if (lDAPQueryParameter.isMembershipParameter()) {
                this.hasRelationshipParameters = true;
            } else {
                this.hasCustomAttributes = true;
            }
        }
    }

    public StringBuffer createManagedAttributesFilter() {
        if (getManagedParameters().isEmpty()) {
            return null;
        }
        StringBuffer stringBuffer = new StringBuffer("(&(objectClass=*)");
        Iterator<LDAPQueryParameter> it = getManagedParameters().iterator();
        while (it.hasNext()) {
            stringBuffer.append(it.next().createFilter());
        }
        stringBuffer.append(")");
        return stringBuffer;
    }

    public String createRelationshipFilter() {
        StringBuffer stringBuffer = new StringBuffer();
        if (IDMUtil.isAgentType(this.identityQuery.getIdentityType())) {
            stringBuffer.append(createHasRoleFilter());
            stringBuffer.append(createMemberOfFilter());
            stringBuffer.append(createGroupRoleFilter());
        } else if (IDMUtil.isRoleType(this.identityQuery.getIdentityType())) {
            stringBuffer.append(createRoleOfFilter());
        } else if (IDMUtil.isGroupType(this.identityQuery.getIdentityType())) {
            stringBuffer.append(createHasMemberFilter());
            stringBuffer.append(createChildGroupsFilter());
        }
        return stringBuffer.toString();
    }

    public boolean hasCustomAttributes() {
        return this.hasCustomAttributes != null && this.hasCustomAttributes.booleanValue();
    }

    public List<LDAPQueryParameter> getManagedParameters() {
        return this.managedParameters;
    }

    private String createHasMemberFilter() {
        StringBuffer stringBuffer = new StringBuffer();
        if (this.identityQuery.getParameters().containsKey(Group.HAS_MEMBER)) {
            Object[] objArr = (Object[]) this.identityQuery.getParameters().get(Group.HAS_MEMBER);
            IdentityType[] identityTypeArr = new IdentityType[objArr.length];
            for (int i = 0; i < objArr.length; i++) {
                identityTypeArr[i] = (IdentityType) objArr[i];
            }
            for (IdentityType identityType : identityTypeArr) {
                if (identityType != null) {
                    if (Group.class.isInstance(identityType)) {
                        stringBuffer.append(createMembersFilter(identityType));
                    } else {
                        if (!Agent.class.isInstance(identityType)) {
                            throw new IdentityManagementException("Unsupported type for Group.HAS_MEMBER QueryParameter. You should specify a Agent or Group only.");
                        }
                        RelationshipQuery createRelationshipQuery = this.context.getIdentityManager().createRelationshipQuery(GroupMembership.class);
                        createRelationshipQuery.setParameter(GroupMembership.MEMBER, new Object[]{identityType});
                        Iterator it = createRelationshipQuery.getResultList().iterator();
                        while (it.hasNext()) {
                            stringBuffer.append("(").append(this.identityStore.lookupEntryById(this.context, ((GroupMembership) it.next()).getGroup()).getBidingName()).append(")");
                        }
                    }
                }
            }
            if (stringBuffer.length() > 0) {
                stringBuffer.insert(0, "(|");
                stringBuffer.append(")");
            }
        }
        return stringBuffer.toString();
    }

    private String createRoleOfFilter() {
        StringBuffer stringBuffer = new StringBuffer();
        if (this.identityQuery.getParameters().containsKey(IdentityType.ROLE_OF)) {
            HashMap hashMap = new HashMap();
            Object[] objArr = (Object[]) this.identityQuery.getParameters().get(IdentityType.ROLE_OF);
            for (Object obj : objArr) {
                if (!Agent.class.isInstance(obj) && !Group.class.isInstance(obj)) {
                    throw new IdentityManagementException("Unsupported type for IdentityType.ROLE_OF QueryParameter. You should specify a Agent or a Group.");
                }
                RelationshipQuery createRelationshipQuery = this.context.getIdentityManager().createRelationshipQuery(Grant.class);
                createRelationshipQuery.setParameter(Grant.ASSIGNEE, new Object[]{obj});
                Iterator it = createRelationshipQuery.getResultList().iterator();
                while (it.hasNext()) {
                    LDAPEntry lookupEntryById = this.identityStore.lookupEntryById(this.context, ((Grant) it.next()).getRole());
                    String bidingName = lookupEntryById.getBidingName();
                    stringBuffer.append("(").append(lookupEntryById.getBidingName()).append(")");
                    if (hashMap.containsKey(bidingName)) {
                        hashMap.put(bidingName, Integer.valueOf(((Integer) hashMap.get(bidingName)).intValue() + 1));
                    } else {
                        hashMap.put(bidingName, 1);
                    }
                }
            }
            for (Map.Entry entry : hashMap.entrySet()) {
                if (((Integer) entry.getValue()).intValue() != objArr.length) {
                    stringBuffer = new StringBuffer(stringBuffer.toString().replaceAll("\\(" + ((String) entry.getKey()) + "\\)", ""));
                }
            }
        }
        if (stringBuffer.length() > 0) {
            stringBuffer.insert(0, "(|");
            stringBuffer.append(")");
        }
        return stringBuffer.toString();
    }

    private String createGroupRoleFilter() {
        if (!this.identityQuery.getParameters().containsKey(IdentityType.HAS_GROUP_ROLE)) {
            return "";
        }
        StringBuffer stringBuffer = new StringBuffer();
        NamingEnumeration namingEnumeration = null;
        try {
            try {
                for (Object obj : (Object[]) this.identityQuery.getParameters().get(User.HAS_GROUP_ROLE)) {
                    GroupRole groupRole = (GroupRole) obj;
                    RelationshipQuery createRelationshipQuery = this.context.getIdentityManager().createRelationshipQuery(GroupRole.class);
                    createRelationshipQuery.setParameter(GroupRole.ASSIGNEE, new Object[]{groupRole.getAssignee()});
                    createRelationshipQuery.setParameter(GroupRole.ROLE, new Object[]{groupRole.getRole()});
                    createRelationshipQuery.setParameter(GroupRole.GROUP, new Object[]{groupRole.getGroup()});
                    for (GroupRole groupRole2 : createRelationshipQuery.getResultList()) {
                        LDAPEntry lookupEntryById = this.identityStore.lookupEntryById(this.context, groupRole2.getAssignee());
                        if (lookupEntryById == null) {
                            throw new IdentityManagementException("Relationship references a inexistent IdentityType [" + groupRole2.getAssignee() + "]");
                        }
                        stringBuffer.append("(").append(lookupEntryById.getBidingName()).append(")");
                    }
                }
                return stringBuffer.toString();
            } catch (Exception e) {
                throw new IdentityManagementException(e);
            }
        } finally {
            if (0 != 0) {
                try {
                    namingEnumeration.close();
                } catch (NamingException e2) {
                }
            }
        }
    }

    private String createHasRoleFilter() {
        StringBuffer stringBuffer = new StringBuffer();
        if (this.identityQuery.getParameters().containsKey(User.HAS_ROLE)) {
            Object[] objArr = (Object[]) this.identityQuery.getParameters().get(User.HAS_ROLE);
            HashMap hashMap = new HashMap();
            for (Object obj : objArr) {
                if (!Role.class.isInstance(obj)) {
                    throw new IdentityManagementException("Unsupported type for User.HAS_ROLE QueryParameter. You should specify a Role type only.");
                }
                RelationshipQuery createRelationshipQuery = this.context.getIdentityManager().createRelationshipQuery(Grant.class);
                createRelationshipQuery.setParameter(Grant.ROLE, new Object[]{obj});
                Iterator it = createRelationshipQuery.getResultList().iterator();
                while (it.hasNext()) {
                    String bidingName = this.identityStore.lookupEntryById(this.context, ((Grant) it.next()).getAssignee()).getBidingName();
                    stringBuffer.append("(").append(bidingName).append(")");
                    if (hashMap.containsKey(bidingName)) {
                        hashMap.put(bidingName, Integer.valueOf(((Integer) hashMap.get(bidingName)).intValue() + 1));
                    } else {
                        hashMap.put(bidingName, 1);
                    }
                }
            }
            for (Map.Entry entry : hashMap.entrySet()) {
                if (((Integer) entry.getValue()).intValue() != objArr.length) {
                    stringBuffer = new StringBuffer(stringBuffer.toString().replaceAll("\\(" + ((String) entry.getKey()) + "\\)", ""));
                }
            }
        }
        if (stringBuffer.length() > 0) {
            stringBuffer.insert(0, "(|");
            stringBuffer.append(")");
        }
        return stringBuffer.toString();
    }

    private String createMemberOfFilter() {
        StringBuffer stringBuffer = new StringBuffer();
        if (this.identityQuery.getParameters().containsKey(User.MEMBER_OF)) {
            HashMap hashMap = new HashMap();
            Object[] objArr = (Object[]) this.identityQuery.getParameters().get(User.MEMBER_OF);
            for (Object obj : objArr) {
                if (!Group.class.isInstance(obj)) {
                    throw new IdentityManagementException("Unsupported type for User.MEMBER_OF QueryParameter. You should specify a Group type.");
                }
                RelationshipQuery createRelationshipQuery = this.context.getIdentityManager().createRelationshipQuery(GroupMembership.class);
                createRelationshipQuery.setParameter(GroupMembership.GROUP, new Object[]{obj});
                Iterator it = createRelationshipQuery.getResultList().iterator();
                while (it.hasNext()) {
                    String bidingName = this.identityStore.lookupEntryById(this.context, ((GroupMembership) it.next()).getMember()).getBidingName();
                    stringBuffer.append("(").append(bidingName).append(")");
                    if (hashMap.containsKey(bidingName)) {
                        hashMap.put(bidingName, Integer.valueOf(((Integer) hashMap.get(bidingName)).intValue() + 1));
                    } else {
                        hashMap.put(bidingName, 1);
                    }
                }
            }
            for (Map.Entry entry : hashMap.entrySet()) {
                if (((Integer) entry.getValue()).intValue() != objArr.length) {
                    stringBuffer = new StringBuffer(stringBuffer.toString().replaceAll("\\(" + ((String) entry.getKey()) + "\\)", ""));
                }
            }
        }
        if (stringBuffer.length() > 0) {
            stringBuffer.insert(0, "(|");
            stringBuffer.append(")");
        }
        return stringBuffer.toString();
    }

    /* JADX WARN: Finally extract failed */
    private String createMembersFilter(IdentityType identityType) {
        String str;
        str = "";
        boolean z = false;
        if (identityType != null) {
            try {
                LDAPEntry lookupEntryById = this.identityStore.lookupEntryById(this.context, identityType);
                str = lookupEntryById != null ? str + "(member=" + lookupEntryById.getDN() + ")" : "";
                if (Group.class.isInstance(identityType)) {
                    z = true;
                }
            } catch (IdentityManagementException e) {
                return str;
            }
        }
        StringBuffer stringBuffer = new StringBuffer();
        if (str.length() > 0) {
            NamingEnumeration<SearchResult> namingEnumeration = null;
            try {
                try {
                    namingEnumeration = getLDAPManager().search(getConfig().getBaseDN(), str.toString());
                    while (namingEnumeration.hasMoreElements()) {
                        SearchResult searchResult = (SearchResult) namingEnumeration.next();
                        stringBuffer.append("(").append(LDAPConstants.CN).append(LDAPConstants.EQUAL).append(searchResult.getAttributes().get(LDAPConstants.CN).get().toString()).append(")");
                        if (z) {
                            Iterator<Group> it = this.identityStore.getParentGroups(this.context, (LDAPGroup) this.identityStore.lookupEntryById(this.context, LDAPGroup.class, searchResult.getAttributes().get(LDAPConstants.ENTRY_UUID).get().toString())).iterator();
                            while (it.hasNext()) {
                                stringBuffer.append("(").append(LDAPConstants.CN).append(LDAPConstants.EQUAL).append(it.next().getName()).append(")");
                            }
                        }
                    }
                    if (namingEnumeration != null) {
                        try {
                            namingEnumeration.close();
                        } catch (NamingException e2) {
                        }
                    }
                } catch (Exception e3) {
                    throw new IdentityManagementException(e3);
                }
            } catch (Throwable th) {
                if (namingEnumeration != null) {
                    try {
                        namingEnumeration.close();
                    } catch (NamingException e4) {
                    }
                }
                throw th;
            }
        }
        if (stringBuffer.length() > 0) {
            stringBuffer.insert(0, "(|");
            stringBuffer.append(")");
        }
        return stringBuffer.toString();
    }

    private String createChildGroupsFilter() {
        if (!this.identityQuery.getParameters().containsKey(Group.PARENT)) {
            return "";
        }
        LDAPGroup lookupGroup = this.identityStore.lookupGroup(((Object[]) this.identityQuery.getParameters().get(Group.PARENT))[0].toString());
        NamingEnumeration namingEnumeration = null;
        StringBuffer stringBuffer = new StringBuffer();
        try {
            try {
                namingEnumeration = lookupGroup.getLDAPAttributes().get(LDAPConstants.MEMBER).getAll();
                while (namingEnumeration.hasMoreElements()) {
                    String str = (String) namingEnumeration.nextElement();
                    if (!str.toString().trim().isEmpty()) {
                        stringBuffer.append("(").append(str.split(LDAPConstants.COMMA)[0]).append(")");
                    }
                }
                if (namingEnumeration != null) {
                    try {
                        namingEnumeration.close();
                    } catch (NamingException e) {
                    }
                }
                return stringBuffer.toString();
            } catch (NamingException e2) {
                throw new IdentityManagementException(e2);
            }
        } catch (Throwable th) {
            if (namingEnumeration != null) {
                try {
                    namingEnumeration.close();
                } catch (NamingException e3) {
                }
            }
            throw th;
        }
    }

    private LDAPIdentityStoreConfiguration getConfig() {
        return this.identityStore.m8getConfig();
    }

    private LDAPOperationManager getLDAPManager() {
        return this.identityStore.getLDAPManager();
    }

    public boolean hasRelationshipParameters() {
        return this.hasRelationshipParameters;
    }
}
