package org.picketlink.idm.ldap.internal;

import java.io.Serializable;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attributes;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import org.picketlink.common.util.Base64;
import org.picketlink.idm.IDMMessages;
import org.picketlink.idm.IdentityManagementException;
import org.picketlink.idm.config.FeatureSet;
import org.picketlink.idm.config.LDAPIdentityStoreConfiguration;
import org.picketlink.idm.credential.Credentials;
import org.picketlink.idm.credential.spi.CredentialHandler;
import org.picketlink.idm.credential.spi.annotations.CredentialHandlers;
import org.picketlink.idm.internal.util.IDMUtil;
import org.picketlink.idm.model.Agent;
import org.picketlink.idm.model.Attribute;
import org.picketlink.idm.model.AttributedType;
import org.picketlink.idm.model.Grant;
import org.picketlink.idm.model.Group;
import org.picketlink.idm.model.GroupMembership;
import org.picketlink.idm.model.GroupRole;
import org.picketlink.idm.model.IdentityType;
import org.picketlink.idm.model.Realm;
import org.picketlink.idm.model.Relationship;
import org.picketlink.idm.model.Role;
import org.picketlink.idm.model.SimpleAgent;
import org.picketlink.idm.model.SimpleGroup;
import org.picketlink.idm.model.SimpleRole;
import org.picketlink.idm.model.SimpleUser;
import org.picketlink.idm.model.User;
import org.picketlink.idm.query.IdentityQuery;
import org.picketlink.idm.query.QueryParameter;
import org.picketlink.idm.query.RelationshipQuery;
import org.picketlink.idm.spi.IdentityStore;
import org.picketlink.idm.spi.SecurityContext;

@CredentialHandlers({LDAPPlainTextPasswordCredentialHandler.class})
/* loaded from: input_file:org/picketlink/idm/ldap/internal/LDAPIdentityStore.class */
public class LDAPIdentityStore implements IdentityStore<LDAPIdentityStoreConfiguration> {
    private LDAPIdentityStoreConfiguration configuration;
    private LDAPOperationManager operationManager;

    public void setup(LDAPIdentityStoreConfiguration lDAPIdentityStoreConfiguration) {
        this.configuration = lDAPIdentityStoreConfiguration;
        try {
            this.operationManager = new LDAPOperationManager(this.configuration);
            try {
                this.operationManager.search(this.configuration.getUserDNSuffix(), "(objectClass=initialCheck)");
                try {
                    this.operationManager.search(this.configuration.getAgentDNSuffix(), "(objectClass=initialCheck)");
                    try {
                        this.operationManager.search(this.configuration.getRoleDNSuffix(), "(objectClass=initialCheck)");
                        try {
                            this.operationManager.search(this.configuration.getGroupDNSuffix(), "(objectClass=initialCheck)");
                        } catch (NamingException e) {
                            throw IDMMessages.MESSAGES.ldapCouldNotFindGroupsBaseDN(this.configuration.getGroupDNSuffix(), e);
                        }
                    } catch (NamingException e2) {
                        throw IDMMessages.MESSAGES.ldapCouldNotFindRolesBaseDN(this.configuration.getRoleDNSuffix(), e2);
                    }
                } catch (NamingException e3) {
                    throw IDMMessages.MESSAGES.ldapCouldNotFindAgentsBaseDN(this.configuration.getAgentDNSuffix(), e3);
                }
            } catch (NamingException e4) {
                throw IDMMessages.MESSAGES.ldapCouldNotFindUsersBaseDN(this.configuration.getUserDNSuffix(), e4);
            }
        } catch (NamingException e5) {
            throw IDMMessages.MESSAGES.ldapCouldNotCreateContext(e5);
        }
    }

    /* renamed from: getConfig, reason: merged with bridge method [inline-methods] */
    public LDAPIdentityStoreConfiguration m8getConfig() {
        return this.configuration;
    }

    public void add(SecurityContext securityContext, AttributedType attributedType) {
        if (!IdentityType.class.isInstance(attributedType)) {
            if (!Relationship.class.isInstance(attributedType)) {
                throw IDMMessages.MESSAGES.attributedTypeUnsupportedType(attributedType.getClass());
            }
            Relationship relationship = (Relationship) attributedType;
            if (GroupRole.class.isInstance(relationship)) {
                addGroupRoleRelationship(securityContext, (GroupRole) relationship);
                return;
            } else if (Grant.class.isInstance(relationship)) {
                addGrantRelationship(securityContext, (Grant) relationship);
                return;
            } else {
                if (!GroupMembership.class.isInstance(relationship)) {
                    throw IDMMessages.MESSAGES.storeConfigUnsupportedRelationshipType(relationship.getClass());
                }
                addGroupMembership(securityContext, (GroupMembership) relationship);
                return;
            }
        }
        IdentityType identityType = (IdentityType) attributedType;
        identityType.setPartition(securityContext.getPartition());
        if (Agent.class.isInstance(attributedType)) {
            Agent agent = (Agent) attributedType;
            if (User.class.isInstance(agent)) {
                addUser(securityContext, (User) attributedType);
                return;
            } else {
                addAgent(securityContext, agent);
                return;
            }
        }
        if (Role.class.isInstance(attributedType)) {
            addRole(securityContext, (Role) attributedType);
        } else {
            if (!Group.class.isInstance(attributedType)) {
                throw IDMMessages.MESSAGES.identityTypeUnsupportedType(identityType.getClass());
            }
            addGroup(securityContext, (Group) attributedType);
        }
    }

    public void update(SecurityContext securityContext, AttributedType attributedType) {
        if (!IdentityType.class.isInstance(attributedType)) {
            throw IDMMessages.MESSAGES.attributedTypeUnsupportedType(attributedType.getClass());
        }
        IdentityType identityType = (IdentityType) attributedType;
        if (Agent.class.isInstance(identityType)) {
            if (User.class.isInstance(identityType)) {
                updateUser(securityContext, (User) identityType);
                return;
            } else {
                updateAgent(securityContext, (Agent) identityType);
                return;
            }
        }
        if (Role.class.isInstance(identityType)) {
            updateRole(securityContext, (Role) identityType);
        } else {
            if (!Group.class.isInstance(identityType)) {
                throw IDMMessages.MESSAGES.identityTypeUnsupportedType(identityType.getClass());
            }
            updateGroup(securityContext, (Group) identityType);
        }
    }

    public void remove(SecurityContext securityContext, AttributedType attributedType) {
        LDAPGroup lDAPGroup;
        Group parentGroup;
        if (IdentityType.class.isInstance(attributedType)) {
            IdentityType identityType = (IdentityType) attributedType;
            LDAPEntry lookupEntryById = lookupEntryById(securityContext, identityType);
            String dnSuffix = lookupEntryById.getDnSuffix();
            if (Group.class.isInstance(identityType) && (parentGroup = getParentGroup((lDAPGroup = (LDAPGroup) lookupEntryById), false)) != null) {
                removeMember((LDAPGroup) lookupEntryById(securityContext, parentGroup), lDAPGroup);
            }
            RelationshipQuery createRelationshipQuery = securityContext.getIdentityManager().createRelationshipQuery(Relationship.class);
            createRelationshipQuery.setParameter(Relationship.IDENTITY, new Object[]{identityType});
            Iterator it = createRelationshipQuery.getResultList().iterator();
            while (it.hasNext()) {
                securityContext.getIdentityManager().remove((Relationship) it.next());
            }
            getLDAPManager().removeEntryById(dnSuffix, identityType.getId());
            return;
        }
        if (Relationship.class.isInstance(attributedType)) {
            Relationship relationship = (Relationship) attributedType;
            if (GroupRole.class.isInstance(relationship)) {
                removeGroupRoleRelationship(securityContext, (GroupRole) relationship);
            } else if (Grant.class.isInstance(relationship)) {
                removeGrantRelationship(securityContext, (Grant) relationship);
            } else {
                if (!GroupMembership.class.isInstance(relationship)) {
                    throw IDMMessages.MESSAGES.storeConfigUnsupportedRelationshipType(relationship.getClass());
                }
                removeGroupMembership(securityContext, (GroupMembership) relationship);
            }
        }
    }

    public Agent getAgent(SecurityContext securityContext, String str) {
        if (!Realm.class.isInstance(securityContext.getPartition())) {
            throw new RuntimeException();
        }
        Agent agent = null;
        if (str != null) {
            LDAPAgent lookupAgent = lookupAgent(str);
            if (lookupAgent == null) {
                agent = getUser(securityContext, str);
            } else {
                agent = new SimpleAgent(lookupAgent.getLoginName());
                agent.setLoginName(lookupAgent.getLoginName());
                populateIdentityType(lookupAgent, agent);
            }
        }
        return agent;
    }

    public User getUser(SecurityContext securityContext, String str) {
        LDAPUser lookupUser;
        if (!Realm.class.isInstance(securityContext.getPartition())) {
            throw new RuntimeException();
        }
        User user = null;
        if (str != null && 0 == 0 && (lookupUser = lookupUser(str)) != null) {
            user = new SimpleUser(lookupUser.getLoginName());
            user.setLoginName(lookupUser.getLoginName());
            user.setFirstName(lookupUser.getFirstName());
            user.setLastName(lookupUser.getLastName());
            user.setEmail(lookupUser.getEmail());
            populateIdentityType(lookupUser, user);
        }
        return user;
    }

    public Group getGroup(SecurityContext securityContext, String str) {
        if (str == null) {
            return null;
        }
        Group group = null;
        if (0 == 0) {
            group = getGroup(str, getGroupBaseDN(str));
        }
        return group;
    }

    public Group getGroup(SecurityContext securityContext, String str, Group group) {
        Group group2 = getGroup(securityContext, group.getPath() + "/" + str);
        if (group2.getParentGroup() == null || !group2.getParentGroup().getName().equals(group.getName())) {
            group2 = null;
        }
        return group2;
    }

    public Role getRole(SecurityContext securityContext, String str) {
        LDAPRole lookupRole;
        IdentityType identityType = null;
        if (str != null && (lookupRole = lookupRole(str)) != null) {
            identityType = new SimpleRole(lookupRole.getName());
            populateIdentityType(lookupRole, identityType);
        }
        return identityType;
    }

    /* JADX WARN: Finally extract failed */
    public <T extends IdentityType> List<T> fetchQueryResults(SecurityContext securityContext, IdentityQuery<T> identityQuery) {
        User groupById;
        LDAPQuery lDAPQuery = new LDAPQuery(securityContext, identityQuery, this);
        StringBuffer createManagedAttributesFilter = lDAPQuery.createManagedAttributesFilter();
        if (createManagedAttributesFilter == null) {
            createManagedAttributesFilter = new StringBuffer("(&(objectClass=*))");
        }
        String createRelationshipFilter = lDAPQuery.createRelationshipFilter();
        if (createRelationshipFilter.isEmpty() && lDAPQuery.hasRelationshipParameters()) {
            return Collections.emptyList();
        }
        String idAttribute = getIdAttribute(identityQuery.getIdentityType());
        if (idAttribute != null) {
            createManagedAttributesFilter.insert(createManagedAttributesFilter.length() - 1, "(" + idAttribute + "=*)");
        }
        createManagedAttributesFilter.insert(createManagedAttributesFilter.length() - 1, "(!(cn=custom-attributes))");
        createManagedAttributesFilter.insert(createManagedAttributesFilter.length() - 1, createRelationshipFilter.toString());
        NamingEnumeration<SearchResult> namingEnumeration = null;
        ArrayList arrayList = new ArrayList();
        try {
            try {
                String baseDN = getBaseDN(identityQuery.getIdentityType());
                if (identityQuery.getParameter(AttributedType.ID) != null) {
                    baseDN = m8getConfig().getBaseDN();
                }
                namingEnumeration = getLDAPManager().search(baseDN, createManagedAttributesFilter.toString());
                while (namingEnumeration.hasMore()) {
                    SearchResult searchResult = (SearchResult) namingEnumeration.next();
                    String nameInNamespace = searchResult.getNameInNamespace();
                    String str = nameInNamespace.split(LDAPConstants.COMMA)[0].split(LDAPConstants.EQUAL)[1];
                    if (nameInNamespace.endsWith(m8getConfig().getUserDNSuffix())) {
                        groupById = getUser(securityContext, str);
                    } else if (nameInNamespace.endsWith(m8getConfig().getAgentDNSuffix())) {
                        groupById = getAgent(securityContext, str);
                    } else if (nameInNamespace.endsWith(m8getConfig().getRoleDNSuffix())) {
                        groupById = getRole(securityContext, str);
                    } else {
                        if (!m8getConfig().isGroupNamespace(nameInNamespace)) {
                            throw IDMMessages.MESSAGES.ldapStoreUnknownBaseDNForIdentityType(nameInNamespace);
                        }
                        LDAPGroup lDAPGroup = new LDAPGroup(nameInNamespace.substring(nameInNamespace.indexOf(LDAPConstants.COMMA) + 1));
                        lDAPGroup.setLDAPAttributes(searchResult.getAttributes());
                        groupById = getGroupById(securityContext, lDAPGroup.getId());
                    }
                    boolean z = true;
                    if (isCustomAttributesSupported()) {
                        if (identityQuery.getParameters().containsKey(IdentityType.ENABLED)) {
                            if (!String.valueOf(groupById.isEnabled()).equals(((Object[]) identityQuery.getParameters().get(IdentityType.ENABLED))[0].toString())) {
                            }
                        }
                        if (identityQuery.getParameters().containsKey(IdentityType.EXPIRY_DATE) || identityQuery.getParameters().containsKey(IdentityType.EXPIRY_BEFORE) || identityQuery.getParameters().containsKey(IdentityType.EXPIRY_AFTER)) {
                            if (groupById.getExpirationDate() != null) {
                                if (identityQuery.getParameters().containsKey(IdentityType.EXPIRY_DATE)) {
                                    if (groupById.getExpirationDate().getTime() != ((Date) ((Object[]) identityQuery.getParameters().get(IdentityType.EXPIRY_DATE))[0]).getTime()) {
                                    }
                                }
                                if (identityQuery.getParameters().containsKey(IdentityType.EXPIRY_BEFORE)) {
                                    if (groupById.getExpirationDate().getTime() > ((Date) ((Object[]) identityQuery.getParameters().get(IdentityType.EXPIRY_BEFORE))[0]).getTime()) {
                                    }
                                }
                                if (identityQuery.getParameters().containsKey(IdentityType.EXPIRY_AFTER)) {
                                    if (groupById.getExpirationDate().getTime() < ((Date) ((Object[]) identityQuery.getParameters().get(IdentityType.EXPIRY_AFTER))[0]).getTime()) {
                                    }
                                }
                            }
                        }
                        for (Map.Entry entry : identityQuery.getParameters(AttributedType.AttributeParameter.class).entrySet()) {
                            AttributedType.AttributeParameter attributeParameter = (QueryParameter) entry.getKey();
                            Object[] objArr = (Object[]) entry.getValue();
                            z = false;
                            AttributedType.AttributeParameter attributeParameter2 = attributeParameter;
                            Attribute attribute = groupById.getAttribute(attributeParameter2.getName());
                            if (groupById.getAttribute(attributeParameter2.getName()) != null) {
                                int length = objArr.length;
                                for (Object obj : objArr) {
                                    if (attribute.getValue().getClass().isArray()) {
                                        for (Object obj2 : (Object[]) attribute.getValue()) {
                                            if (obj2.equals(obj)) {
                                                length--;
                                            }
                                        }
                                    } else if (obj.equals(attribute.getValue())) {
                                        length--;
                                    }
                                }
                                z = length <= 0;
                                if (!z) {
                                    break;
                                }
                            }
                        }
                    }
                    if (z && groupById != null) {
                        arrayList.add(groupById);
                    }
                }
                if (namingEnumeration != null) {
                    try {
                        namingEnumeration.close();
                    } catch (NamingException e) {
                    }
                }
                return arrayList;
            } catch (NamingException e2) {
                throw IDMMessages.MESSAGES.ldapStoreSearchFailed(e2);
            }
        } catch (Throwable th) {
            if (namingEnumeration != null) {
                try {
                    namingEnumeration.close();
                } catch (NamingException e3) {
                }
            }
            throw th;
        }
    }

    public <T extends IdentityType> int countQueryResults(SecurityContext securityContext, IdentityQuery<T> identityQuery) {
        throw IDMMessages.MESSAGES.notImplentedYet();
    }

    /* JADX WARN: Finally extract failed */
    public <T extends Relationship> List<T> fetchQueryResults(SecurityContext securityContext, RelationshipQuery<T> relationshipQuery) {
        Agent agent;
        ArrayList arrayList = new ArrayList();
        Class relationshipType = relationshipQuery.getRelationshipType();
        Object[] parameter = relationshipQuery.getParameter(Relationship.IDENTITY);
        if (parameter != null && parameter.length > 0) {
            Object obj = parameter[0];
            IdentityType identityType = null;
            if (IdentityType.class.isInstance(obj)) {
                identityType = lookupEntryById(securityContext, (IdentityType) obj);
            } else if (String.class.isInstance(obj)) {
                IdentityQuery createIdentityQuery = securityContext.getIdentityManager().createIdentityQuery(IdentityType.class);
                createIdentityQuery.setParameter(IdentityType.ID, new Object[]{obj.toString()});
                List resultList = createIdentityQuery.getResultList();
                if (!resultList.isEmpty()) {
                    identityType = (IdentityType) resultList.get(0);
                }
            }
            if (identityType == null) {
                return arrayList;
            }
            if (Agent.class.isInstance(identityType)) {
                Agent agent2 = (Agent) identityType;
                RelationshipQuery createRelationshipQuery = securityContext.getIdentityManager().createRelationshipQuery(Grant.class);
                createRelationshipQuery.setParameter(Grant.ASSIGNEE, new Object[]{agent2});
                Iterator it = createRelationshipQuery.getResultList().iterator();
                while (it.hasNext()) {
                    arrayList.add((Grant) it.next());
                }
                RelationshipQuery createRelationshipQuery2 = securityContext.getIdentityManager().createRelationshipQuery(GroupMembership.class);
                createRelationshipQuery2.setParameter(GroupMembership.MEMBER, new Object[]{agent2});
                Iterator it2 = createRelationshipQuery2.getResultList().iterator();
                while (it2.hasNext()) {
                    arrayList.add((GroupMembership) it2.next());
                }
                RelationshipQuery createRelationshipQuery3 = securityContext.getIdentityManager().createRelationshipQuery(GroupRole.class);
                createRelationshipQuery3.setParameter(GroupRole.ASSIGNEE, new Object[]{agent2});
                Iterator it3 = createRelationshipQuery3.getResultList().iterator();
                while (it3.hasNext()) {
                    arrayList.add((GroupRole) it3.next());
                }
            } else if (Role.class.isInstance(identityType)) {
                Role role = (Role) identityType;
                RelationshipQuery createRelationshipQuery4 = securityContext.getIdentityManager().createRelationshipQuery(Grant.class);
                createRelationshipQuery4.setParameter(Grant.ROLE, new Object[]{role});
                Iterator it4 = createRelationshipQuery4.getResultList().iterator();
                while (it4.hasNext()) {
                    arrayList.add((Grant) it4.next());
                }
                RelationshipQuery createRelationshipQuery5 = securityContext.getIdentityManager().createRelationshipQuery(GroupRole.class);
                createRelationshipQuery5.setParameter(GroupRole.ROLE, new Object[]{role});
                Iterator it5 = createRelationshipQuery5.getResultList().iterator();
                while (it5.hasNext()) {
                    arrayList.add((GroupRole) it5.next());
                }
            } else if (Group.class.isInstance(identityType)) {
                Group group = (Group) identityType;
                RelationshipQuery createRelationshipQuery6 = securityContext.getIdentityManager().createRelationshipQuery(GroupMembership.class);
                createRelationshipQuery6.setParameter(GroupMembership.GROUP, new Object[]{group});
                Iterator it6 = createRelationshipQuery6.getResultList().iterator();
                while (it6.hasNext()) {
                    arrayList.add((GroupMembership) it6.next());
                }
                RelationshipQuery createRelationshipQuery7 = securityContext.getIdentityManager().createRelationshipQuery(GroupRole.class);
                createRelationshipQuery7.setParameter(GroupRole.GROUP, new Object[]{group});
                Iterator it7 = createRelationshipQuery7.getResultList().iterator();
                while (it7.hasNext()) {
                    arrayList.add((GroupRole) it7.next());
                }
            }
        } else if (Grant.class.equals(relationshipType)) {
            IdentityType identityType2 = null;
            if (relationshipQuery.getParameter(Grant.ASSIGNEE) != null) {
                identityType2 = (IdentityType) relationshipQuery.getParameter(Grant.ASSIGNEE)[0];
            }
            Role role2 = null;
            if (relationshipQuery.getParameter(Grant.ROLE) != null) {
                role2 = (Role) relationshipQuery.getParameter(Grant.ROLE)[0];
            }
            if (identityType2 == null || role2 == null) {
                if (identityType2 != null) {
                    try {
                        NamingEnumeration<SearchResult> namingEnumeration = null;
                        try {
                            try {
                                namingEnumeration = getLDAPManager().search(m8getConfig().getRoleDNSuffix(), ("(member=" + lookupEntryById(securityContext, identityType2).getDN() + ")").toString());
                                while (namingEnumeration.hasMoreElements()) {
                                    arrayList.add(new Grant(identityType2, getRole(securityContext, ((SearchResult) namingEnumeration.next()).getAttributes().get(LDAPConstants.CN).get().toString())));
                                }
                                if (namingEnumeration != null) {
                                    try {
                                        namingEnumeration.close();
                                    } catch (NamingException e) {
                                    }
                                }
                            } catch (Throwable th) {
                                if (namingEnumeration != null) {
                                    try {
                                        namingEnumeration.close();
                                    } catch (NamingException e2) {
                                    }
                                }
                                throw th;
                            }
                        } catch (NamingException e3) {
                            throw IDMMessages.MESSAGES.ldapStoreSearchFailed(e3);
                        }
                    } catch (IdentityManagementException e4) {
                        return arrayList;
                    }
                } else if (role2 != null) {
                    try {
                        NamingEnumeration namingEnumeration2 = null;
                        try {
                            try {
                                namingEnumeration2 = lookupEntryById(securityContext, role2).getLDAPAttributes().get(LDAPConstants.MEMBER).getAll();
                                while (namingEnumeration2.hasMoreElements()) {
                                    String str = (String) namingEnumeration2.nextElement();
                                    if (!str.trim().isEmpty() && (agent = getAgent(securityContext, str.split(LDAPConstants.COMMA)[0].split(LDAPConstants.EQUAL)[1])) != null) {
                                        arrayList.add(new Grant(agent, role2));
                                    }
                                }
                                if (namingEnumeration2 != null) {
                                    try {
                                        namingEnumeration2.close();
                                    } catch (NamingException e5) {
                                    }
                                }
                            } catch (NamingException e6) {
                                throw IDMMessages.MESSAGES.ldapStoreSearchFailed(e6);
                            }
                        } finally {
                        }
                    } catch (IdentityManagementException e7) {
                        return arrayList;
                    }
                }
            } else if (((LDAPRole) lookupEntryById(securityContext, role2)).isMember(lookupEntryById(securityContext, identityType2))) {
                arrayList.add(new Grant(identityType2, role2));
            }
        } else if (GroupMembership.class.equals(relationshipType)) {
            Agent agent3 = null;
            if (relationshipQuery.getParameter(GroupMembership.MEMBER) != null) {
                agent3 = (Agent) relationshipQuery.getParameter(GroupMembership.MEMBER)[0];
            }
            Group group2 = null;
            if (relationshipQuery.getParameter(GroupMembership.GROUP) != null) {
                group2 = (Group) relationshipQuery.getParameter(GroupMembership.GROUP)[0];
            }
            if (agent3 != null && group2 != null) {
                try {
                    LDAPGroup lDAPGroup = (LDAPGroup) lookupEntryById(securityContext, group2);
                    LDAPAgent lDAPAgent = (LDAPAgent) lookupEntryById(securityContext, agent3);
                    boolean z = false;
                    if (lDAPGroup.isMember(lDAPAgent)) {
                        z = true;
                    } else {
                        Iterator<Group> it8 = getParentGroups(securityContext, lDAPGroup).iterator();
                        while (it8.hasNext()) {
                            if (((LDAPGroup) lookupEntryById(securityContext, it8.next())).isMember(lDAPAgent)) {
                                z = true;
                            }
                        }
                    }
                    if (z) {
                        arrayList.add(new GroupMembership(agent3, group2));
                    }
                } catch (IdentityManagementException e8) {
                    return arrayList;
                }
            } else if (agent3 != null) {
                try {
                    NamingEnumeration<SearchResult> namingEnumeration3 = null;
                    try {
                        try {
                            namingEnumeration3 = getLDAPManager().search(m8getConfig().getBaseDN(), ("(member=" + lookupEntryById(securityContext, agent3).getDN() + ")").toString());
                            while (namingEnumeration3.hasMoreElements()) {
                                SearchResult searchResult = (SearchResult) namingEnumeration3.next();
                                String obj2 = searchResult.getAttributes().get(LDAPConstants.CN).get().toString();
                                String nameInNamespace = searchResult.getNameInNamespace();
                                if (m8getConfig().isGroupNamespace(nameInNamespace)) {
                                    LDAPGroup lDAPGroup2 = new LDAPGroup(nameInNamespace.substring(nameInNamespace.indexOf(LDAPConstants.COMMA) + 1));
                                    populateLDAPEntry(lDAPGroup2, searchResult);
                                    SimpleGroup simpleGroup = new SimpleGroup(obj2, getParentGroup(lDAPGroup2, true));
                                    populateIdentityType(lDAPGroup2, simpleGroup);
                                    arrayList.add(new GroupMembership(agent3, simpleGroup));
                                }
                            }
                            if (namingEnumeration3 != null) {
                                try {
                                    namingEnumeration3.close();
                                } catch (NamingException e9) {
                                }
                            }
                        } catch (NamingException e10) {
                            throw IDMMessages.MESSAGES.ldapStoreSearchFailed(e10);
                        }
                    } finally {
                    }
                } catch (IdentityManagementException e11) {
                    return arrayList;
                }
            } else if (group2 != null) {
                try {
                    NamingEnumeration namingEnumeration4 = null;
                    try {
                        try {
                            namingEnumeration4 = lookupEntryById(securityContext, group2).getLDAPAttributes().get(LDAPConstants.MEMBER).getAll();
                            while (namingEnumeration4.hasMoreElements()) {
                                String str2 = (String) namingEnumeration4.nextElement();
                                if ((str2.contains(m8getConfig().getUserDNSuffix()) || str2.contains(m8getConfig().getAgentDNSuffix())) && !str2.trim().isEmpty()) {
                                    arrayList.add(new GroupMembership(getAgent(securityContext, str2.split(LDAPConstants.COMMA)[0].split(LDAPConstants.EQUAL)[1]), group2));
                                }
                            }
                            if (namingEnumeration4 != null) {
                                try {
                                    namingEnumeration4.close();
                                } catch (NamingException e12) {
                                }
                            }
                        } catch (Throwable th2) {
                            if (namingEnumeration4 != null) {
                                try {
                                    namingEnumeration4.close();
                                } catch (NamingException e13) {
                                }
                            }
                            throw th2;
                        }
                    } catch (NamingException e14) {
                        throw IDMMessages.MESSAGES.ldapStoreSearchFailed(e14);
                    }
                } catch (IdentityManagementException e15) {
                    return arrayList;
                }
            }
        } else if (GroupRole.class.equals(relationshipType)) {
            Agent agent4 = null;
            if (relationshipQuery.getParameter(GroupRole.ASSIGNEE) != null) {
                agent4 = (Agent) relationshipQuery.getParameter(GroupRole.ASSIGNEE)[0];
            }
            Role role3 = null;
            if (relationshipQuery.getParameter(GroupRole.ROLE) != null) {
                role3 = (Role) relationshipQuery.getParameter(GroupRole.ROLE)[0];
            }
            Group group3 = null;
            if (relationshipQuery.getParameter(GroupRole.GROUP) != null) {
                group3 = (Group) relationshipQuery.getParameter(GroupRole.GROUP)[0];
            }
            if (agent4 != null && group3 != null && role3 != null) {
                LDAPGroup lDAPGroup3 = (LDAPGroup) lookupEntryById(securityContext, group3);
                LDAPRole lDAPRole = (LDAPRole) lookupEntryById(securityContext, role3);
                LDAPAgent lDAPAgent2 = (LDAPAgent) lookupEntryById(securityContext, agent4);
                if (hasGroupRole(lDAPGroup3, lDAPRole, lDAPAgent2)) {
                    arrayList.add(new GroupRole(agent4, group3, role3));
                } else {
                    Iterator<Group> it9 = getParentGroups(securityContext, lDAPGroup3).iterator();
                    while (true) {
                        if (!it9.hasNext()) {
                            break;
                        }
                        if (hasGroupRole((LDAPGroup) lookupEntryById(securityContext, it9.next()), lDAPRole, lDAPAgent2)) {
                            arrayList.add(new GroupRole(agent4, group3, role3));
                            break;
                        }
                    }
                }
            } else if (agent4 != null && role3 == null && group3 == null) {
                LDAPAgent lookupAgent = lookupAgent(agent4);
                if (lookupAgent != null) {
                    NamingEnumeration<SearchResult> namingEnumeration5 = null;
                    try {
                        try {
                            namingEnumeration5 = getLDAPManager().search(lookupAgent.getDN(), "(&(objectClass=*)(cn=*)(member=*))");
                            while (namingEnumeration5.hasMore()) {
                                SearchResult searchResult2 = (SearchResult) namingEnumeration5.next();
                                String str3 = (String) searchResult2.getAttributes().get(LDAPConstants.CN).get();
                                javax.naming.directory.Attribute attribute = searchResult2.getAttributes().get(LDAPConstants.MEMBER);
                                if (attribute != null && attribute.size() > 0) {
                                    NamingEnumeration all = attribute.getAll();
                                    while (all.hasMoreElements()) {
                                        String str4 = (String) all.nextElement();
                                        Role role4 = getRole(securityContext, str4.substring(str4.indexOf(LDAPConstants.EQUAL) + 1, str4.indexOf(LDAPConstants.COMMA)));
                                        Group group4 = getGroup(securityContext, str3);
                                        if (role4 != null && group4 != null) {
                                            arrayList.add(new GroupRole(agent4, group4, role4));
                                        }
                                    }
                                }
                            }
                            try {
                                namingEnumeration5.close();
                            } catch (NamingException e16) {
                            }
                        } catch (NamingException e17) {
                            throw IDMMessages.MESSAGES.ldapStoreSearchFailed(e17);
                        }
                    } catch (Throwable th3) {
                        try {
                            namingEnumeration5.close();
                        } catch (NamingException e18) {
                        }
                        throw th3;
                    }
                }
            } else if (role3 != null) {
                try {
                    LDAPRole lDAPRole2 = (LDAPRole) lookupEntryById(securityContext, role3);
                    if (lDAPRole2 != null) {
                        NamingEnumeration<SearchResult> namingEnumeration6 = null;
                        try {
                            try {
                                namingEnumeration6 = getLDAPManager().search(m8getConfig().getUserDNSuffix(), "(&(objectClass=*)(cn=*)(member=" + lDAPRole2.getDN() + "))");
                                while (namingEnumeration6.hasMore()) {
                                    SearchResult searchResult3 = (SearchResult) namingEnumeration6.next();
                                    String nameInNamespace2 = searchResult3.getNameInNamespace();
                                    String substring = nameInNamespace2.substring(nameInNamespace2.indexOf(LDAPConstants.UID));
                                    String substring2 = substring.substring(substring.indexOf(LDAPConstants.EQUAL) + 1, substring.indexOf(LDAPConstants.COMMA));
                                    String str5 = (String) searchResult3.getAttributes().get(LDAPConstants.CN).get();
                                    Role role5 = getRole(securityContext, lDAPRole2.getName());
                                    Group group5 = getGroup(securityContext, str5);
                                    Agent agent5 = getAgent(securityContext, substring2);
                                    if (role5 != null && group5 != null && agent5 != null) {
                                        arrayList.add(new GroupRole(agent5, group5, role5));
                                    }
                                }
                                try {
                                    namingEnumeration6.close();
                                } catch (NamingException e19) {
                                }
                            } catch (Throwable th4) {
                                try {
                                    namingEnumeration6.close();
                                } catch (NamingException e20) {
                                }
                                throw th4;
                            }
                        } catch (NamingException e21) {
                            throw IDMMessages.MESSAGES.ldapStoreSearchFailed(e21);
                        }
                    }
                } catch (IdentityManagementException e22) {
                    return arrayList;
                }
            } else if (group3 != null) {
                try {
                    NamingEnumeration<SearchResult> namingEnumeration7 = null;
                    try {
                        try {
                            namingEnumeration7 = getLDAPManager().search(m8getConfig().getUserDNSuffix(), "(&(objectClass=*)(" + ((LDAPGroup) lookupEntryById(securityContext, group3)).getBidingName() + ")(" + LDAPConstants.MEMBER + LDAPConstants.EQUAL + "*))");
                            while (namingEnumeration7.hasMore()) {
                                SearchResult searchResult4 = (SearchResult) namingEnumeration7.next();
                                String nameInNamespace3 = searchResult4.getNameInNamespace();
                                String substring3 = nameInNamespace3.substring(nameInNamespace3.indexOf(LDAPConstants.UID));
                                String substring4 = substring3.substring(substring3.indexOf(LDAPConstants.EQUAL) + 1, substring3.indexOf(LDAPConstants.COMMA));
                                String str6 = (String) searchResult4.getAttributes().get(LDAPConstants.CN).get();
                                javax.naming.directory.Attribute attribute2 = searchResult4.getAttributes().get(LDAPConstants.MEMBER);
                                if (attribute2 != null && attribute2.size() > 0) {
                                    NamingEnumeration all2 = attribute2.getAll();
                                    while (all2.hasMoreElements()) {
                                        String str7 = (String) all2.nextElement();
                                        Role role6 = getRole(securityContext, str7.substring(str7.indexOf(LDAPConstants.EQUAL) + 1, str7.indexOf(LDAPConstants.COMMA)));
                                        Group group6 = getGroup(securityContext, str6);
                                        Agent agent6 = getAgent(securityContext, substring4);
                                        if (role6 != null && group6 != null && agent6 != null) {
                                            arrayList.add(new GroupRole(agent6, group6, role6));
                                        }
                                    }
                                }
                            }
                            try {
                                namingEnumeration7.close();
                            } catch (NamingException e23) {
                            }
                        } catch (Throwable th5) {
                            try {
                                namingEnumeration7.close();
                            } catch (NamingException e24) {
                            }
                            throw th5;
                        }
                    } catch (NamingException e25) {
                        throw IDMMessages.MESSAGES.ldapStoreSearchFailed(e25);
                    }
                } catch (IdentityManagementException e26) {
                    return arrayList;
                }
            }
        }
        return arrayList;
    }

    private boolean hasGroupRole(LDAPGroup lDAPGroup, LDAPRole lDAPRole, LDAPAgent lDAPAgent) {
        NamingEnumeration<SearchResult> namingEnumeration = null;
        try {
            try {
                namingEnumeration = lookupGroupRoleEntry(lDAPAgent, lDAPGroup);
                if (namingEnumeration.hasMore()) {
                    LDAPGroupRole lDAPGroupRole = new LDAPGroupRole(lDAPAgent, lDAPGroup, lDAPRole);
                    lDAPGroupRole.setLDAPAttributes(((SearchResult) namingEnumeration.next()).getAttributes());
                    if (lDAPGroupRole.isMember(lDAPRole)) {
                        try {
                            namingEnumeration.close();
                        } catch (NamingException e) {
                        }
                        return true;
                    }
                }
                try {
                    namingEnumeration.close();
                    return false;
                } catch (NamingException e2) {
                    return false;
                }
            } catch (NamingException e3) {
                throw IDMMessages.MESSAGES.ldapStoreSearchFailed(e3);
            }
        } catch (Throwable th) {
            try {
                namingEnumeration.close();
            } catch (NamingException e4) {
            }
            throw th;
        }
    }

    public <T extends Relationship> int countQueryResults(SecurityContext securityContext, RelationshipQuery<T> relationshipQuery) {
        throw IDMMessages.MESSAGES.notImplentedYet();
    }

    public void setAttribute(SecurityContext securityContext, IdentityType identityType, Attribute<? extends Serializable> attribute) {
        throw IDMMessages.MESSAGES.notImplentedYet();
    }

    public <T extends Serializable> Attribute<T> getAttribute(SecurityContext securityContext, IdentityType identityType, String str) {
        throw IDMMessages.MESSAGES.notImplentedYet();
    }

    public void removeAttribute(SecurityContext securityContext, IdentityType identityType, String str) {
        throw IDMMessages.MESSAGES.notImplentedYet();
    }

    public void validateCredentials(SecurityContext securityContext, Credentials credentials) {
        CredentialHandler credentialValidator = securityContext.getCredentialValidator(credentials.getClass(), this);
        if (credentialValidator == null) {
            throw IDMMessages.MESSAGES.credentialHandlerNotFoundForCredentialType(credentials.getClass());
        }
        credentialValidator.validate(securityContext, credentials, this);
    }

    public void updateCredential(SecurityContext securityContext, Agent agent, Object obj, Date date, Date date2) {
        CredentialHandler credentialUpdater = securityContext.getCredentialUpdater(obj.getClass(), this);
        if (credentialUpdater == null) {
            throw IDMMessages.MESSAGES.credentialHandlerNotFoundForCredentialType(obj.getClass());
        }
        credentialUpdater.update(securityContext, agent, obj, this, date, date2);
    }

    private void addIdentityType(SecurityContext securityContext, IdentityType identityType, LDAPIdentityType lDAPIdentityType) {
        lDAPIdentityType.setEnabled(identityType.isEnabled());
        lDAPIdentityType.setExpirationDate(identityType.getExpirationDate());
        getLDAPManager().createSubContext(lDAPIdentityType.getDN(), lDAPIdentityType.getLDAPAttributes());
        if (isCustomAttributesSupported()) {
            getLDAPManager().rebind(getCustomAttributesDN(lDAPIdentityType.getDN()), lDAPIdentityType.getCustomAttributes());
        }
        NamingEnumeration<SearchResult> namingEnumeration = null;
        try {
            try {
                namingEnumeration = getLDAPManager().search(lDAPIdentityType.getDnSuffix(), "(&(objectClass=*)(" + lDAPIdentityType.getBidingName() + "))");
                lDAPIdentityType.setLDAPAttributes(((SearchResult) namingEnumeration.next()).getAttributes());
                try {
                    namingEnumeration.close();
                } catch (NamingException e) {
                }
                identityType.setId(lDAPIdentityType.getId());
            } catch (Throwable th) {
                try {
                    namingEnumeration.close();
                } catch (NamingException e2) {
                }
                throw th;
            }
        } catch (NamingException e3) {
            throw IDMMessages.MESSAGES.ldapStoreSearchFailed(e3);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public LDAPOperationManager getLDAPManager() {
        return this.operationManager;
    }

    private String getCustomAttributesDN(String str) {
        return "cn=custom-attributes," + str;
    }

    private void updateIdentityType(IdentityType identityType, LDAPIdentityType lDAPIdentityType) {
        lDAPIdentityType.setEnabled(identityType.isEnabled());
        lDAPIdentityType.setExpirationDate(identityType.getExpirationDate());
        NamingEnumeration all = lDAPIdentityType.getLDAPAttributes().getAll();
        Attributes attributes = (Attributes) lDAPIdentityType.getLDAPAttributes().clone();
        while (all.hasMoreElements()) {
            javax.naming.directory.Attribute attribute = (javax.naming.directory.Attribute) all.nextElement();
            if (attributes.get(attribute.getID()) == null) {
                getLDAPManager().addAttribute(lDAPIdentityType.getDN(), attribute);
            } else if (!attribute.getID().equalsIgnoreCase(LDAPConstants.ENTRY_UUID) && !attribute.getID().equalsIgnoreCase(LDAPConstants.CREATE_TIMESTAMP)) {
                getLDAPManager().modifyAttribute(lDAPIdentityType.getDN(), attribute);
            }
        }
        lDAPIdentityType.getCustomAttributes().clear();
        for (Attribute attribute2 : identityType.getAttributes()) {
            lDAPIdentityType.getCustomAttributes().addAttribute(attribute2.getName(), Base64.encodeObject(attribute2.getValue()));
        }
        getLDAPManager().rebind(getCustomAttributesDN(lDAPIdentityType.getDN()), lDAPIdentityType.getCustomAttributes());
    }

    private void populateIdentityType(LDAPIdentityType lDAPIdentityType, IdentityType identityType) {
        identityType.setId(lDAPIdentityType.getId());
        identityType.setPartition(lDAPIdentityType.getPartition());
        if (isCustomAttributesSupported()) {
            identityType.setEnabled(lDAPIdentityType.isEnabled());
            identityType.setCreatedDate(lDAPIdentityType.getCreatedDate());
            identityType.setExpirationDate(lDAPIdentityType.getExpirationDate());
            for (Map.Entry<String, Serializable> entry : lDAPIdentityType.getCustomAttributes().getAttributes().entrySet()) {
                if (!entry.getKey().equals(LDAPConstants.CUSTOM_ATTRIBUTE_ENABLED) && !entry.getKey().equals(LDAPConstants.CUSTOM_ATTRIBUTE_EXPIRY_DATE)) {
                    identityType.setAttribute(new Attribute(entry.getKey(), (Serializable) Base64.decodeToObject(entry.getValue().toString())));
                }
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public <T extends LDAPIdentityType> T lookupEntryById(SecurityContext securityContext, Class<T> cls, String str) throws IdentityManagementException {
        T t = null;
        NamingEnumeration<SearchResult> lookupById = getLDAPManager().lookupById(m8getConfig().getBaseDN(), str);
        try {
            try {
                if (lookupById.hasMore()) {
                    SearchResult searchResult = (SearchResult) lookupById.next();
                    String nameInNamespace = searchResult.getNameInNamespace();
                    t = cls.getConstructor(String.class).newInstance(nameInNamespace.substring(nameInNamespace.indexOf(LDAPConstants.COMMA) + 1));
                    populateLDAPEntry(t, searchResult);
                }
                if (lookupById.hasMore()) {
                    throw IDMMessages.MESSAGES.identityTypeAmbiguosFoundWithId(str);
                }
                if (t == null) {
                    throw IDMMessages.MESSAGES.attributedTypeNotFoundWithId(cls, str, securityContext.getPartition());
                }
                return t;
            } finally {
                if (lookupById != null) {
                    try {
                        lookupById.close();
                    } catch (NamingException e) {
                    }
                }
            }
        } catch (NamingException e2) {
            throw IDMMessages.MESSAGES.ldapStoreSearchFailed(e2);
        } catch (Exception e3) {
            throw new IdentityManagementException("Error creating instance for type [" + cls.getName() + "].", e3);
        }
    }

    private <T extends LDAPIdentityType> T populateIdentityTypeEntry(T t) {
        NamingEnumeration<SearchResult> namingEnumeration = null;
        try {
            try {
                namingEnumeration = getLDAPManager().search(t.getDnSuffix(), "(&(objectClass=*)(" + t.getBidingName() + ")) ");
                if (namingEnumeration.hasMore()) {
                    populateLDAPEntry(t, (SearchResult) namingEnumeration.next());
                } else {
                    t = null;
                }
                if (namingEnumeration != null) {
                    try {
                        namingEnumeration.close();
                    } catch (NamingException e) {
                    }
                }
                return t;
            } catch (NamingException e2) {
                throw IDMMessages.MESSAGES.ldapStoreSearchFailed(e2);
            }
        } catch (Throwable th) {
            if (namingEnumeration != null) {
                try {
                    namingEnumeration.close();
                } catch (NamingException e3) {
                }
            }
            throw th;
        }
    }

    private <T extends LDAPIdentityType> void populateLDAPEntry(T t, SearchResult searchResult) throws NamingException {
        t.setLDAPAttributes(searchResult.getAttributes());
        if (isCustomAttributesSupported()) {
            t.setCustomAttributes(getCustomAttributes(t));
        }
        t.setPartition(new Realm("default"));
        if (isCustomAttributesSupported()) {
            t.setCustomAttributes(getCustomAttributes(t));
        }
    }

    private LDAPCustomAttributes getCustomAttributes(LDAPAttributedType lDAPAttributedType) {
        String customAttributesDN = getCustomAttributesDN(lDAPAttributedType.getDN());
        LDAPCustomAttributes lDAPCustomAttributes = null;
        try {
            lDAPCustomAttributes = (LDAPCustomAttributes) getLDAPManager().lookup(customAttributesDN);
        } catch (Exception e) {
        }
        if (lDAPCustomAttributes == null) {
            getLDAPManager().bind(customAttributesDN, lDAPAttributedType.getCustomAttributes());
        }
        return lDAPCustomAttributes;
    }

    protected Group getParentGroup(LDAPGroup lDAPGroup, boolean z) {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append("(member=" + lDAPGroup.getDN() + ")");
        NamingEnumeration namingEnumeration = null;
        try {
            try {
                SearchControls searchControls = new SearchControls();
                searchControls.setSearchScope(2);
                NamingEnumeration<SearchResult> search = getLDAPManager().search(m8getConfig().getBaseDN(), stringBuffer.toString(), new String[]{LDAPConstants.CN}, searchControls);
                if (!search.hasMoreElements()) {
                    if (search == null) {
                        return null;
                    }
                    try {
                        search.close();
                        return null;
                    } catch (NamingException e) {
                        return null;
                    }
                }
                SearchResult searchResult = (SearchResult) search.nextElement();
                String str = (String) searchResult.getAttributes().get(LDAPConstants.CN).get();
                String nameInNamespace = searchResult.getNameInNamespace();
                String str2 = "cn=" + str + LDAPConstants.COMMA;
                String substring = nameInNamespace.substring(nameInNamespace.indexOf(str2) + str2.length());
                if (z) {
                    Group group = getGroup(str, substring);
                    if (search != null) {
                        try {
                            search.close();
                        } catch (NamingException e2) {
                        }
                    }
                    return group;
                }
                LDAPGroup lDAPGroup2 = new LDAPGroup(substring);
                SimpleGroup simpleGroup = new SimpleGroup(str);
                populateLDAPEntry(lDAPGroup2, searchResult);
                populateIdentityType(lDAPGroup2, simpleGroup);
                if (search != null) {
                    try {
                        search.close();
                    } catch (NamingException e3) {
                    }
                }
                return simpleGroup;
            } catch (Throwable th) {
                if (0 != 0) {
                    try {
                        namingEnumeration.close();
                    } catch (NamingException e4) {
                    }
                }
                throw th;
            }
        } catch (NamingException e5) {
            throw IDMMessages.MESSAGES.ldapStoreSearchFailed(e5);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public List<Group> getParentGroups(SecurityContext securityContext, LDAPGroup lDAPGroup) {
        ArrayList arrayList = new ArrayList();
        Group parentGroup = getParentGroup(lDAPGroup, true);
        if (parentGroup == null) {
            return arrayList;
        }
        arrayList.add(parentGroup);
        arrayList.addAll(getParentGroups(securityContext, (LDAPGroup) lookupEntryById(securityContext, parentGroup)));
        return arrayList;
    }

    private void addGroup(SecurityContext securityContext, Group group) {
        LDAPGroup lDAPGroup = new LDAPGroup(getGroupBaseDN(group.getPath()));
        lDAPGroup.setName(group.getName());
        addIdentityType(securityContext, group, lDAPGroup);
        if (group.getParentGroup() != null) {
            addMember(lookupGroup(group.getParentGroup().getPath()), lDAPGroup);
        }
    }

    private String getGroupBaseDN(String str) {
        if (!str.startsWith("/")) {
            str = "/" + str;
        }
        String groupMappingDN = m8getConfig().getGroupMappingDN(str);
        if (groupMappingDN == null) {
            groupMappingDN = m8getConfig().getGroupDNSuffix();
        }
        return groupMappingDN;
    }

    private void addRole(SecurityContext securityContext, Role role) {
        LDAPRole lDAPRole = new LDAPRole(m8getConfig().getRoleDNSuffix());
        lDAPRole.setName(role.getName());
        addIdentityType(securityContext, role, lDAPRole);
    }

    private void addAgent(SecurityContext securityContext, Agent agent) {
        LDAPAgent lDAPAgent = new LDAPAgent(m8getConfig().getAgentDNSuffix());
        lDAPAgent.setLoginName(agent.getLoginName());
        addIdentityType(securityContext, agent, lDAPAgent);
    }

    private void addUser(SecurityContext securityContext, User user) {
        LDAPUser lDAPUser = new LDAPUser(m8getConfig().getUserDNSuffix());
        lDAPUser.setLoginName(user.getLoginName());
        lDAPUser.setFirstName(user.getFirstName());
        lDAPUser.setLastName(user.getLastName());
        lDAPUser.setFullName(lDAPUser.getUserCN());
        lDAPUser.setEmail(user.getEmail());
        addIdentityType(securityContext, user, lDAPUser);
    }

    private void updateGroup(SecurityContext securityContext, Group group) {
        updateIdentityType(group, (LDAPGroup) lookupEntryById(securityContext, group));
    }

    private void updateRole(SecurityContext securityContext, Role role) {
        updateIdentityType(role, (LDAPRole) lookupEntryById(securityContext, role));
    }

    private void updateAgent(SecurityContext securityContext, Agent agent) {
        updateIdentityType(agent, (LDAPAgent) lookupEntryById(securityContext, agent));
    }

    private void updateUser(SecurityContext securityContext, User user) {
        LDAPUser lDAPUser = (LDAPUser) lookupEntryById(securityContext, user);
        lDAPUser.setFirstName(user.getFirstName());
        lDAPUser.setLastName(user.getLastName());
        lDAPUser.setFullName(lDAPUser.getUserCN());
        lDAPUser.setEmail(user.getEmail());
        updateIdentityType(user, lDAPUser);
    }

    private String getBaseDN(Class<? extends IdentityType> cls) {
        return IDMUtil.isUserType(cls) ? m8getConfig().getUserDNSuffix() : IDMUtil.isRoleType(cls) ? m8getConfig().getRoleDNSuffix() : IDMUtil.isGroupType(cls) ? m8getConfig().getGroupDNSuffix() : IDMUtil.isAgentType(cls) ? m8getConfig().getAgentDNSuffix() : m8getConfig().getBaseDN();
    }

    private void addGroupRoleRelationship(SecurityContext securityContext, GroupRole groupRole) {
        LDAPAgent lDAPAgent = (LDAPAgent) lookupEntryById(securityContext, groupRole.getAssignee());
        LDAPGroup lDAPGroup = (LDAPGroup) lookupEntryById(securityContext, groupRole.getGroup());
        LDAPRole lDAPRole = (LDAPRole) lookupEntryById(securityContext, groupRole.getRole());
        NamingEnumeration<SearchResult> namingEnumeration = null;
        try {
            try {
                namingEnumeration = lookupGroupRoleEntry(lDAPAgent, lDAPGroup);
                if (!namingEnumeration.hasMore()) {
                    LDAPEntry lDAPGroupRole = new LDAPGroupRole(lDAPAgent, lDAPGroup, lDAPRole);
                    getLDAPManager().createSubContext(lDAPGroupRole.getDN(), lDAPGroupRole.getLDAPAttributes());
                    addMember(lDAPGroupRole, lDAPRole);
                }
                if (namingEnumeration != null) {
                    try {
                        namingEnumeration.close();
                    } catch (NamingException e) {
                    }
                }
            } catch (NamingException e2) {
                throw IDMMessages.MESSAGES.ldapStoreCouldNotCreateGroupRoleEntry(e2);
            }
        } catch (Throwable th) {
            if (namingEnumeration != null) {
                try {
                    namingEnumeration.close();
                } catch (NamingException e3) {
                }
            }
            throw th;
        }
    }

    private void addGroupMembership(SecurityContext securityContext, GroupMembership groupMembership) {
        addMember((LDAPGroup) lookupEntryById(securityContext, groupMembership.getGroup()), (LDAPAgent) lookupEntryById(securityContext, groupMembership.getMember()));
    }

    private void addGrantRelationship(SecurityContext securityContext, Grant grant) {
        addMember((LDAPRole) lookupEntryById(securityContext, grant.getRole()), (LDAPEntry) lookupEntryById(securityContext, grant.getAssignee()));
    }

    private void addMember(LDAPEntry lDAPEntry, LDAPEntry lDAPEntry2) {
        lDAPEntry.addMember(lDAPEntry2);
        getLDAPManager().modifyAttribute(lDAPEntry.getDN(), lDAPEntry.getLDAPAttributes().get(LDAPConstants.MEMBER));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public <T extends IdentityType> T lookupEntryById(SecurityContext securityContext, T t) throws IdentityManagementException {
        LDAPIdentityType lookupEntryById;
        if (Agent.class.isInstance(t)) {
            Agent agent = (Agent) t;
            lookupEntryById = User.class.isInstance(agent) ? lookupEntryById(securityContext, LDAPUser.class, agent.getId()) : lookupEntryById(securityContext, LDAPAgent.class, agent.getId());
        } else if (Role.class.isInstance(t)) {
            lookupEntryById = lookupEntryById(securityContext, LDAPRole.class, t.getId());
        } else {
            if (!Group.class.isInstance(t)) {
                throw new IdentityManagementException("Unsupported type [" + t.getClass().getName() + "].");
            }
            lookupEntryById = lookupEntryById(securityContext, LDAPGroup.class, t.getId());
        }
        return lookupEntryById;
    }

    private String getIdAttribute(Class<? extends IdentityType> cls) {
        String str = null;
        if (IDMUtil.isAgentType(cls)) {
            str = LDAPConstants.UID;
        } else if (IDMUtil.isRoleType(cls)) {
            str = LDAPConstants.CN;
        } else if (IDMUtil.isGroupType(cls)) {
            str = LDAPConstants.CN;
        }
        return str;
    }

    protected LDAPRole lookupRole(String str) {
        return (LDAPRole) populateIdentityTypeEntry(new LDAPRole(str, m8getConfig().getRoleDNSuffix()));
    }

    protected LDAPAgent lookupAgent(String str) {
        return (LDAPAgent) populateIdentityTypeEntry(new LDAPAgent(str, m8getConfig().getAgentDNSuffix()));
    }

    protected LDAPAgent lookupAgent(Agent agent) {
        return User.class.isInstance(agent) ? lookupUser(agent.getLoginName()) : lookupAgent(agent.getLoginName());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public LDAPGroup lookupGroup(String str) {
        return lookupGroup(str, getGroupBaseDN(str));
    }

    protected LDAPGroup lookupGroup(String str, String str2) {
        if (!str.startsWith("/")) {
            str = "/" + str;
        }
        String[] split = str.split("/");
        LDAPGroup lDAPGroup = new LDAPGroup(split[split.length - 1], str2);
        lDAPGroup.setPath(str);
        return (LDAPGroup) populateIdentityTypeEntry(lDAPGroup);
    }

    private LDAPUser lookupUser(String str) {
        return (LDAPUser) populateIdentityTypeEntry(new LDAPUser(str, m8getConfig().getUserDNSuffix()));
    }

    private void removeGroupRoleRelationship(SecurityContext securityContext, GroupRole groupRole) {
        LDAPGroup lDAPGroup = (LDAPGroup) lookupEntryById(securityContext, groupRole.getGroup());
        LDAPAgent lDAPAgent = (LDAPAgent) lookupEntryById(securityContext, groupRole.getAssignee());
        LDAPRole lDAPRole = (LDAPRole) lookupEntryById(securityContext, groupRole.getRole());
        try {
            NamingEnumeration<SearchResult> lookupGroupRoleEntry = lookupGroupRoleEntry(lDAPAgent, lDAPGroup);
            if (lookupGroupRoleEntry.hasMore()) {
                LDAPEntry lDAPGroupRole = new LDAPGroupRole(lDAPAgent, lDAPGroup, lDAPRole);
                removeMember(lDAPGroupRole, lDAPRole);
                if (lDAPGroupRole.getLDAPAttributes().get(LDAPConstants.MEMBER).get().toString().trim().isEmpty()) {
                    getLDAPManager().destroySubcontext(((SearchResult) lookupGroupRoleEntry.next()).getNameInNamespace());
                }
            }
        } catch (NamingException e) {
            throw IDMMessages.MESSAGES.ldapStoreCouldNotRemoveGroupRoleEntry(e);
        }
    }

    private void removeGroupMembership(SecurityContext securityContext, GroupMembership groupMembership) {
        removeMember((LDAPGroup) lookupEntryById(securityContext, groupMembership.getGroup()), (LDAPAgent) lookupEntryById(securityContext, groupMembership.getMember()));
    }

    private void removeGrantRelationship(SecurityContext securityContext, Grant grant) {
        removeMember((LDAPRole) lookupEntryById(securityContext, grant.getRole()), (LDAPEntry) lookupEntryById(securityContext, grant.getAssignee()));
    }

    private NamingEnumeration<SearchResult> lookupGroupRoleEntry(LDAPAgent lDAPAgent, LDAPGroup lDAPGroup) throws NamingException {
        return getLDAPManager().search(lDAPAgent.getDN(), lDAPGroup.getBidingName());
    }

    private void removeMember(LDAPEntry lDAPEntry, LDAPEntry lDAPEntry2) {
        lDAPEntry.removeMember(lDAPEntry2);
        getLDAPManager().modifyAttribute(lDAPEntry.getDN(), lDAPEntry.getLDAPAttributes().get(LDAPConstants.MEMBER));
    }

    private Group getGroupById(SecurityContext securityContext, String str) {
        LDAPGroup lDAPGroup;
        if (str == null || (lDAPGroup = (LDAPGroup) lookupEntryById(securityContext, LDAPGroup.class, str)) == null) {
            return null;
        }
        Group parentGroup = getParentGroup(lDAPGroup, false);
        SimpleGroup simpleGroup = parentGroup != null ? new SimpleGroup(lDAPGroup.getName(), getGroupById(securityContext, parentGroup.getId())) : new SimpleGroup(lDAPGroup.getName());
        populateIdentityType(lDAPGroup, simpleGroup);
        return simpleGroup;
    }

    private Group getGroup(String str, String str2) {
        LDAPGroup lookupGroup;
        if (str == null || (lookupGroup = lookupGroup(str, str2)) == null) {
            return null;
        }
        SimpleGroup simpleGroup = new SimpleGroup(lookupGroup.getName(), getParentGroup(lookupGroup, true));
        populateIdentityType(lookupGroup, simpleGroup);
        return simpleGroup;
    }

    private boolean isCustomAttributesSupported() {
        return this.configuration.supportsFeature(FeatureSet.FeatureGroup.attribute, (FeatureSet.FeatureOperation) null);
    }
}
