package org.nuxeo.ecm.directory.ldap;

import java.text.ParseException;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Calendar;
import java.util.Collection;
import java.util.Collections;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import java.util.Set;
import java.util.SimpleTimeZone;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.SizeLimitExceededException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.BasicAttribute;
import javax.naming.directory.BasicAttributes;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.nuxeo.common.utils.Path;
import org.nuxeo.ecm.core.api.ClientException;
import org.nuxeo.ecm.core.api.DataModel;
import org.nuxeo.ecm.core.api.DocumentModel;
import org.nuxeo.ecm.core.api.DocumentModelList;
import org.nuxeo.ecm.core.api.DocumentRef;
import org.nuxeo.ecm.core.api.impl.DataModelImpl;
import org.nuxeo.ecm.core.api.impl.DocumentModelImpl;
import org.nuxeo.ecm.core.api.impl.DocumentModelListImpl;
import org.nuxeo.ecm.core.schema.types.Field;
import org.nuxeo.ecm.core.schema.types.Type;
import org.nuxeo.ecm.core.utils.SIDGenerator;
import org.nuxeo.ecm.directory.Directory;
import org.nuxeo.ecm.directory.DirectoryException;
import org.nuxeo.ecm.directory.EntrySource;
import org.nuxeo.ecm.directory.Session;

/* loaded from: input_file:org/nuxeo/ecm/directory/ldap/LDAPSession.class */
public class LDAPSession implements Session, EntrySource {
    private static final Log log = LogFactory.getLog(LDAPSession.class);
    protected final String schemaName;
    protected final DirContext dirContext;
    protected final String idAttribute;
    protected final LDAPDirectory directory;
    protected final String searchBaseDn;
    protected final Set<String> emptySet = Collections.emptySet();
    protected final String sid = String.valueOf(SIDGenerator.next());
    protected final Map<String, Field> schemaFieldMap;

    public LDAPSession(LDAPDirectory lDAPDirectory, DirContext dirContext) {
        this.directory = lDAPDirectory;
        this.dirContext = dirContext;
        this.idAttribute = lDAPDirectory.getFieldMapper().getBackendField(lDAPDirectory.getConfig().getIdField());
        this.schemaName = lDAPDirectory.getSchema();
        this.schemaFieldMap = lDAPDirectory.getSchemaFieldMap();
        this.searchBaseDn = lDAPDirectory.getConfig().getSearchBaseDn();
    }

    public Directory getDirectory() {
        return this.directory;
    }

    public DirContext getContext() {
        return this.dirContext;
    }

    public DocumentModel createEntry(Map<String, Object> map) throws DirectoryException {
        if (isReadOnly()) {
            return null;
        }
        LinkedList<String> linkedList = new LinkedList();
        try {
            String format = String.format("%s=%s,%s", this.idAttribute, map.get(getIdField()), this.directory.getConfig().getCreationBaseDn());
            BasicAttributes basicAttributes = new BasicAttributes();
            Iterator<String> it = getMandatoryAttributes().iterator();
            while (it.hasNext()) {
                BasicAttribute basicAttribute = new BasicAttribute(it.next());
                basicAttribute.add(" ");
                basicAttributes.put(basicAttribute);
            }
            String[] creationClasses = this.directory.getConfig().getCreationClasses();
            if (creationClasses.length != 0) {
                BasicAttribute basicAttribute2 = new BasicAttribute("objectclass");
                for (String str : creationClasses) {
                    basicAttribute2.add(str);
                }
                basicAttributes.put(basicAttribute2);
            }
            for (String str2 : map.keySet()) {
                String backendField = this.directory.getFieldMapper().getBackendField(str2);
                if (backendField.equals(getPasswordField())) {
                    BasicAttribute basicAttribute3 = new BasicAttribute(backendField);
                    basicAttribute3.add(map.get(str2));
                    basicAttributes.put(basicAttribute3);
                } else if (this.directory.isReference(str2)) {
                    LDAPReference reference = this.directory.getReference(str2);
                    if (reference instanceof LDAPReference) {
                        BasicAttribute basicAttribute4 = new BasicAttribute(reference.getStaticAttributeId());
                        basicAttribute4.add(this.directory.getConfig().getEmptyRefMarker());
                        basicAttributes.put(basicAttribute4);
                    }
                    linkedList.add(str2);
                } else {
                    Object obj = map.get(str2);
                    if (obj != null && !obj.equals("")) {
                        basicAttributes.put(getAttributeValue(str2, obj));
                    }
                }
            }
            this.dirContext.bind(format, (Object) null, basicAttributes);
            for (String str3 : linkedList) {
                this.directory.getReference(str3).addLinks((String) map.get(getIdField()), (List) map.get(str3));
            }
            this.directory.invalidateCaches();
            return fieldMapToDocumentModel(map);
        } catch (Exception e) {
            throw new DirectoryException("createEntry failed", e);
        }
    }

    public DocumentModel getEntry(String str) throws DirectoryException {
        return this.directory.getCache().getEntry(str, this);
    }

    public DocumentModel getEntryFromSource(String str) throws DirectoryException {
        try {
            SearchResult ldapEntry = getLdapEntry(str);
            if (ldapEntry == null) {
                return null;
            }
            return ldapResultToDocumentModel(ldapEntry, str, true);
        } catch (NamingException e) {
            throw new DirectoryException("getEntry failed: " + e.getMessage(), e);
        }
    }

    public boolean hasEntry(String str) throws DirectoryException {
        try {
            return getLdapEntry(str) != null;
        } catch (NamingException e) {
            throw new DirectoryException("hasEntry failed: " + e.getMessage(), e);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public SearchResult getLdapEntry(String str) throws NamingException, DirectoryException {
        return getLdapEntry(str, false);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public SearchResult getLdapEntry(String str, boolean z) throws NamingException, DirectoryException {
        String format = this.directory.getBaseFilter().startsWith("(") ? String.format("(&(%s={0})%s)", this.idAttribute, this.directory.getBaseFilter()) : String.format("(&(%s={0})(%s))", this.idAttribute, this.directory.getBaseFilter());
        String[] strArr = {str};
        SearchControls searchControls = this.directory.getSearchControls(z);
        if (log.isDebugEnabled()) {
            log.debug(String.format("LDAP search base='%s' filter='%s'  args='%s' scope='%s'", this.searchBaseDn, format, str, Integer.valueOf(searchControls.getSearchScope())));
        }
        NamingEnumeration search = this.dirContext.search(this.searchBaseDn, format, strArr, searchControls);
        if (!search.hasMore()) {
            log.debug("Entry not found: " + str);
            return null;
        }
        SearchResult searchResult = (SearchResult) search.next();
        if (!search.hasMore()) {
            return searchResult;
        }
        log.debug("More than one entry found");
        throw new DirectoryException("more than one entry found for " + str);
    }

    public DocumentModelList getEntries() throws DirectoryException {
        try {
            SearchControls searchControls = this.directory.getSearchControls();
            log.debug(String.format("LDAP search base='%s' filter='%s'  args=* scope=%s", this.searchBaseDn, this.directory.getBaseFilter(), Integer.valueOf(searchControls.getSearchScope())));
            return ldapResultsToDocumentModels(this.dirContext.search(this.searchBaseDn, this.directory.getBaseFilter(), searchControls), false);
        } catch (NamingException e) {
            throw new DirectoryException("getEntries failed", e);
        } catch (SizeLimitExceededException e2) {
            throw new org.nuxeo.ecm.directory.SizeLimitExceededException(e2);
        }
    }

    public void updateEntry(DocumentModel documentModel) throws DirectoryException {
        ArrayList<String> arrayList = new ArrayList();
        LinkedList<String> linkedList = new LinkedList();
        try {
            DataModel dataModel = documentModel.getDataModel(this.schemaName);
            for (String str : this.schemaFieldMap.keySet()) {
                if (dataModel.isDirty(str)) {
                    if (this.directory.isReference(str)) {
                        linkedList.add(str);
                    } else {
                        arrayList.add(str);
                    }
                }
            }
            if (!isReadOnly() && !arrayList.isEmpty()) {
                BasicAttributes basicAttributes = new BasicAttributes();
                SearchResult ldapEntry = getLdapEntry(documentModel.getId());
                if (ldapEntry == null) {
                    throw new DirectoryException(documentModel.getId() + " not found");
                }
                Attributes attributes = ldapEntry.getAttributes();
                String nameInNamespace = ldapEntry.getNameInNamespace();
                BasicAttributes basicAttributes2 = new BasicAttributes();
                for (String str2 : arrayList) {
                    Object property = documentModel.getProperty(this.schemaName, str2);
                    String backendField = this.directory.getFieldMapper().getBackendField(str2);
                    if (property != null && !property.equals("")) {
                        basicAttributes.put(getAttributeValue(str2, property));
                    } else if (getMandatoryAttributes().contains(backendField)) {
                        BasicAttribute basicAttribute = new BasicAttribute(backendField);
                        basicAttribute.add(" ");
                        basicAttributes.put(basicAttribute);
                    } else if (attributes.get(backendField) != null) {
                        BasicAttribute basicAttribute2 = new BasicAttribute(backendField);
                        basicAttribute2.add(attributes.get(backendField).get());
                        basicAttributes2.put(basicAttribute2);
                    }
                }
                this.dirContext.modifyAttributes(nameInNamespace, 3, basicAttributes2);
                this.dirContext.modifyAttributes(nameInNamespace, 2, basicAttributes);
            }
            for (String str3 : linkedList) {
                this.directory.getReference(str3).setTargetIdsForSource(documentModel.getId(), (List) documentModel.getProperty(this.schemaName, str3));
            }
            this.directory.invalidateCaches();
        } catch (Exception e) {
            throw new DirectoryException("updateEntry failed: " + e.getMessage(), e);
        }
    }

    public void deleteEntry(DocumentModel documentModel) throws DirectoryException {
        deleteEntry(documentModel.getId());
    }

    public void deleteEntry(String str) throws DirectoryException {
        if (isReadOnly()) {
            return;
        }
        try {
            for (String str2 : this.schemaFieldMap.keySet()) {
                if (this.directory.isReference(str2)) {
                    this.directory.getReference(str2).removeLinksForSource(str);
                }
            }
            this.dirContext.destroySubcontext(getLdapEntry(str).getNameInNamespace());
            this.directory.invalidateCaches();
        } catch (Exception e) {
            throw new DirectoryException("deleteEntry failed", e);
        }
    }

    public void deleteEntry(String str, Map<String, String> map) throws DirectoryException {
        log.warn("Calling deleteEntry extended on LDAP directory");
        deleteEntry(str);
    }

    public DocumentModelList query(Map<String, Object> map, Set<String> set, boolean z, Map<String, String> map2) throws DirectoryException {
        try {
            String[] strArr = new String[map.size()];
            String[] strArr2 = new String[map.size()];
            int i = 0;
            for (String str : map.keySet()) {
                if (this.directory.isReference(str)) {
                    log.warn(str + " is a reference and will be ignored as a query criterion");
                } else {
                    String backendField = this.directory.getFieldMapper().getBackendField(str);
                    Object obj = map.get(str);
                    StringBuffer stringBuffer = new StringBuffer();
                    stringBuffer.append("(");
                    if (obj == null) {
                        stringBuffer.append("!(" + backendField + "=*)");
                    } else if ("".equals(obj)) {
                        stringBuffer.append(backendField + "=");
                    } else {
                        stringBuffer.append(backendField + "={" + i + "}");
                    }
                    if (obj != null && set.contains(str)) {
                        stringBuffer.append("*");
                    }
                    stringBuffer.append(")");
                    strArr[i] = stringBuffer.toString();
                    if (obj != null && !"".equals(obj)) {
                        strArr2[i] = obj.toString();
                    }
                    i++;
                }
            }
            String str2 = "(&" + this.directory.getBaseFilter() + StringUtils.join(strArr) + ')';
            SearchControls searchControls = this.directory.getSearchControls();
            log.debug("LDAP search base=" + this.searchBaseDn + " filter=" + str2 + " args=" + StringUtils.join(strArr2, ",") + " scope=" + searchControls.getSearchScope());
            return ldapResultsToDocumentModels(this.dirContext.search(this.searchBaseDn, str2, strArr2, searchControls), z);
        } catch (SizeLimitExceededException e) {
            throw new org.nuxeo.ecm.directory.SizeLimitExceededException(e);
        } catch (NamingException e2) {
            throw new DirectoryException("executeQuery failed", e2);
        }
    }

    public DocumentModelList query(Map<String, Object> map) throws DirectoryException {
        return query(map, this.emptySet, new HashMap());
    }

    public DocumentModelList query(Map<String, Object> map, Set<String> set, Map<String, String> map2) throws DirectoryException {
        return query(map, set, false, map2);
    }

    public DocumentModelList query(Map<String, Object> map, Set<String> set) throws DirectoryException {
        return query(map, set, new HashMap());
    }

    public void commit() {
    }

    public void rollback() {
    }

    public void close() throws DirectoryException {
        try {
            this.dirContext.close();
            this.directory.removeSession(this);
        } catch (NamingException e) {
            throw new DirectoryException("close failed", e);
        }
    }

    public List<String> getProjection(Map<String, Object> map, String str) throws DirectoryException {
        return getProjection(map, this.emptySet, str);
    }

    public List<String> getProjection(Map<String, Object> map, Set<String> set, String str) throws DirectoryException {
        ArrayList arrayList = new ArrayList();
        DocumentModelList query = query(map, set);
        String directoryField = this.directory.getFieldMapper().getDirectoryField(str);
        Iterator it = query.iterator();
        while (it.hasNext()) {
            Object property = ((DocumentModel) it.next()).getProperty(this.schemaName, directoryField);
            arrayList.add(property instanceof String ? (String) property : String.valueOf(property));
        }
        return arrayList;
    }

    protected DocumentModel fieldMapToDocumentModel(Map<String, Object> map) {
        DataModelImpl dataModelImpl = new DataModelImpl(this.schemaName, map);
        DocumentModelImpl documentModelImpl = new DocumentModelImpl(this.sid, this.schemaName, String.valueOf(map.get(getIdField())), (Path) null, (DocumentRef) null, (DocumentRef) null, new String[]{this.schemaName}, (Set) null);
        dataModelImpl.setMap(map);
        documentModelImpl.addDataModel(dataModelImpl);
        return documentModelImpl;
    }

    protected Object getFieldValue(Attribute attribute, String str, String str2, boolean z) throws DirectoryException {
        Field field = this.schemaFieldMap.get(str);
        Type type = field.getType();
        Object defaultValue = field.getDefaultValue();
        String name = type.getName();
        if (attribute == null) {
            return defaultValue;
        }
        try {
            Object obj = attribute.get();
            if (obj == null) {
                return defaultValue;
            }
            String trim = obj.toString().trim();
            if ("string".equals(name)) {
                return trim;
            }
            if ("integer".equals(name) || "long".equals(name)) {
                if ("".equals(trim)) {
                    return defaultValue;
                }
                try {
                    return Long.valueOf(trim);
                } catch (NumberFormatException e) {
                    log.error(String.format("field %s of type %s has non-numeric value found on server: '%s' (ignoring and using default value instead)", str, name, trim));
                    return defaultValue;
                }
            }
            if (!type.isListType()) {
                if (!"date".equals(name)) {
                    throw new DirectoryException("Field type not supported in directories: " + name);
                }
                if ("".equals(trim)) {
                    return defaultValue;
                }
                try {
                    SimpleDateFormat simpleDateFormat = new SimpleDateFormat("yyyyMMddHHmmss'Z'");
                    simpleDateFormat.setTimeZone(new SimpleTimeZone(0, "Z"));
                    Date parse = simpleDateFormat.parse(trim);
                    Calendar calendar = Calendar.getInstance();
                    calendar.setTime(parse);
                    return calendar;
                } catch (ParseException e2) {
                    log.error(String.format("field %s of type %s has invalid value found on server: '%s' (ignoring and using default value instead)", str, name, trim));
                    return defaultValue;
                }
            }
            LinkedList linkedList = new LinkedList();
            NamingEnumeration namingEnumeration = null;
            try {
                namingEnumeration = attribute.getAll();
                while (namingEnumeration.hasMore()) {
                    linkedList.add(namingEnumeration.next().toString().trim());
                }
                return linkedList;
            } catch (NamingException e3) {
                Log log2 = log;
                Object[] objArr = new Object[3];
                objArr[0] = str;
                objArr[1] = name;
                objArr[2] = namingEnumeration != null ? namingEnumeration.toString() : trim;
                log2.error(String.format("field %s of type %s has non list value found on server: '%s' (ignoring and using default value instead)", objArr));
                return defaultValue;
            }
        } catch (NamingException e4) {
            throw new DirectoryException("Could not fetch value for " + attribute, e4);
        }
    }

    protected Attribute getAttributeValue(String str, Object obj) throws DirectoryException {
        Collection collection;
        BasicAttribute basicAttribute = new BasicAttribute(this.directory.getFieldMapper().getBackendField(str));
        Type type = this.schemaFieldMap.get(str).getType();
        String name = type.getName();
        if ("string".equals(name)) {
            basicAttribute.add(obj);
        } else if ("integer".equals(name) || "long".equals(name)) {
            basicAttribute.add(obj.toString());
        } else if (type.isListType()) {
            if (obj instanceof String[]) {
                collection = Arrays.asList((String[]) obj);
            } else {
                if (!(obj instanceof Collection)) {
                    throw new DirectoryException(String.format("field %s with value %s does not match type %s", str, obj.toString(), type.getName()));
                }
                collection = (Collection) obj;
            }
            Iterator it = collection.iterator();
            while (it.hasNext()) {
                basicAttribute.add((String) it.next());
            }
        } else {
            if (!"date".equals(name)) {
                throw new DirectoryException("Field type not supported in directories: " + name);
            }
            Date time = ((Calendar) obj).getTime();
            SimpleDateFormat simpleDateFormat = new SimpleDateFormat("yyyyMMddHHmmss'Z'");
            simpleDateFormat.setTimeZone(new SimpleTimeZone(0, "Z"));
            basicAttribute.add(simpleDateFormat.format(time));
        }
        return basicAttribute;
    }

    protected DocumentModelList ldapResultsToDocumentModels(NamingEnumeration<SearchResult> namingEnumeration, boolean z) throws DirectoryException {
        DocumentModelListImpl documentModelListImpl = new DocumentModelListImpl();
        while (namingEnumeration.hasMore()) {
            try {
                documentModelListImpl.add(ldapResultToDocumentModel((SearchResult) namingEnumeration.next(), null, z));
            } catch (NamingException e) {
                throw new DirectoryException("Could not create DocumentModelList", e);
            }
        }
        log.debug("LDAP search returned " + documentModelListImpl.size() + " results");
        return documentModelListImpl;
    }

    protected DocumentModel ldapResultToDocumentModel(SearchResult searchResult, String str, boolean z) throws DirectoryException {
        List<String> targetIdsForSource;
        Attributes attributes = searchResult.getAttributes();
        String passwordField = getPasswordField();
        HashMap hashMap = new HashMap();
        if (str == null) {
            try {
                str = attributes.get(this.idAttribute).get().toString();
            } catch (NamingException e) {
                throw new DirectoryException("could not fetch " + this.idAttribute, e);
            }
        }
        for (String str2 : this.schemaFieldMap.keySet()) {
            LDAPReference reference = this.directory.getReference(str2);
            if (reference != null) {
                if (!z) {
                    new ArrayList();
                }
                if (reference instanceof LDAPReference) {
                    targetIdsForSource = reference.getLdapTargetIds(attributes);
                } else {
                    try {
                        targetIdsForSource = reference.getTargetIdsForSource(str);
                    } catch (ClientException e2) {
                        throw new DirectoryException(e2);
                    }
                }
                hashMap.put(str2, targetIdsForSource);
            } else {
                Attribute attribute = attributes.get(this.directory.getFieldMapper().getBackendField(str2));
                if (!str2.equals(passwordField)) {
                    hashMap.put(str2, getFieldValue(attribute, str2, str, z));
                }
            }
        }
        return fieldMapToDocumentModel(hashMap);
    }

    public boolean authenticate(String str, String str2) throws DirectoryException {
        try {
            SearchResult ldapEntry = getLdapEntry(str);
            if (ldapEntry == null) {
                return false;
            }
            String nameInNamespace = ldapEntry.getNameInNamespace();
            Properties properties = (Properties) this.directory.getContextProperties().clone();
            properties.put("java.naming.security.principal", nameInNamespace);
            properties.put("java.naming.security.credentials", str2);
            try {
                log.debug(String.format("LDAP bind dn='%s'", nameInNamespace));
                new InitialDirContext(properties);
                log.debug("Bind succeeded, authentication ok");
                return true;
            } catch (NamingException e) {
                log.debug("Bind failed: " + e.getMessage());
                return false;
            }
        } catch (NamingException e2) {
            throw new DirectoryException("failed to fetch the ldap entry for " + str, e2);
        }
    }

    public String getIdField() {
        return this.directory.getConfig().getIdField();
    }

    public String getPasswordField() {
        return this.directory.getConfig().getPasswordField();
    }

    public boolean isAuthenticating() throws DirectoryException {
        return this.schemaFieldMap.containsKey(getPasswordField());
    }

    public boolean isReadOnly() {
        return this.directory.getConfig().getReadOnly().booleanValue();
    }

    public boolean rdnMatchesIdField() {
        return this.directory.getConfig().rdnAttribute.equals(this.idAttribute);
    }

    protected List<String> getMandatoryAttributes() throws DirectoryException {
        try {
            ArrayList arrayList = new ArrayList();
            DirContext schema = this.dirContext.getSchema("");
            ArrayList arrayList2 = new ArrayList(Arrays.asList(this.directory.getConfig().getCreationClasses()));
            arrayList2.remove("top");
            Iterator it = arrayList2.iterator();
            while (it.hasNext()) {
                Attribute attribute = schema.getAttributes("ClassDefinition/" + ((String) it.next())).get("MUST");
                if (attribute != null) {
                    NamingEnumeration all = attribute.getAll();
                    while (all.hasMore()) {
                        arrayList.add((String) all.next());
                    }
                }
            }
            return arrayList;
        } catch (NamingException e) {
            throw new DirectoryException("getMandatoryAttributes failed", e);
        }
    }
}
