package org.nuxeo.ecm.directory.ldap;

import java.util.ArrayList;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import javax.naming.NamingException;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.SearchControls;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.nuxeo.common.utils.StringUtils;
import org.nuxeo.ecm.core.api.ClientException;
import org.nuxeo.ecm.core.schema.NXSchema;
import org.nuxeo.ecm.core.schema.types.Field;
import org.nuxeo.ecm.core.schema.types.Schema;
import org.nuxeo.ecm.directory.AbstractDirectory;
import org.nuxeo.ecm.directory.DirectoryException;
import org.nuxeo.ecm.directory.DirectoryFieldMapper;
import org.nuxeo.ecm.directory.IdGenerator;
import org.nuxeo.ecm.directory.Session;
import org.nuxeo.runtime.api.Framework;

/* loaded from: input_file:org/nuxeo/ecm/directory/ldap/LDAPDirectory.class */
public class LDAPDirectory extends AbstractDirectory {
    private static final Log log = LogFactory.getLog(LDAPDirectory.class);
    protected final LDAPDirectoryDescriptor config;
    protected final Properties contextProperties;
    protected final SearchControls searchControls;
    protected final Map<String, Field> schemaFieldMap;
    protected final String baseFilter;
    protected ContextProvider testServer;
    protected final List<Session> sessions = new LinkedList();
    protected final LDAPDirectoryFactory factory = (LDAPDirectoryFactory) Framework.getRuntime().getComponent(LDAPDirectoryFactory.NAME);

    public LDAPDirectory(LDAPDirectoryDescriptor lDAPDirectoryDescriptor) throws ClientException {
        this.config = lDAPDirectoryDescriptor;
        Schema schema = NXSchema.getSchemaManager().getSchema(lDAPDirectoryDescriptor.getSchemaName());
        this.schemaFieldMap = new LinkedHashMap();
        for (Field field : schema.getFields()) {
            this.schemaFieldMap.put(field.getName().toString(), field);
        }
        this.fieldMapper = new DirectoryFieldMapper(lDAPDirectoryDescriptor.fieldMapping);
        this.contextProperties = computeContextProperties();
        this.baseFilter = lDAPDirectoryDescriptor.getAggregatedSearchFilter();
        addReferences(lDAPDirectoryDescriptor.getInverseReferences());
        addReferences(lDAPDirectoryDescriptor.getLdapReferences());
        this.searchControls = computeSearchControls();
        this.cache.setMaxSize(lDAPDirectoryDescriptor.getCacheMaxSize());
        this.cache.setTimeout(lDAPDirectoryDescriptor.getCacheTimeout());
        log.debug(String.format("initialized LDAP directory %s with fields [%s] and references [%s]", lDAPDirectoryDescriptor.getName(), StringUtils.join(this.schemaFieldMap.keySet().toArray(), ", "), StringUtils.join(this.references.keySet().toArray(), ", ")));
    }

    protected Properties computeContextProperties() throws DirectoryException {
        Properties properties = new Properties();
        String serverName = this.config.getServerName();
        LDAPServerDescriptor server = this.factory.getServer(serverName);
        if (server == null) {
            throw new DirectoryException("LDAP server configuration not found: " + serverName);
        }
        properties.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
        properties.put("java.naming.provider.url", server.getLdapUrls());
        properties.put("java.naming.referral", "follow");
        String bindDn = server.getBindDn();
        if (bindDn != null) {
            properties.put("java.naming.security.principal", bindDn);
            properties.put("java.naming.security.credentials", server.getBindPassword());
        }
        if (server.isPoolingEnabled()) {
            properties.put("com.sun.jndi.ldap.connect.pool", "true");
            properties.put("com.sun.jndi.ldap.connect.pool.protocol", "plain ssl");
            properties.put("com.sun.jndi.ldap.connect.pool.authentication", "none simple DIGEST-MD5");
        }
        return properties;
    }

    public Properties getContextProperties() {
        return this.contextProperties;
    }

    protected SearchControls computeSearchControls() throws DirectoryException {
        SearchControls searchControls = new SearchControls();
        searchControls.setSearchScope(this.config.getSearchScope());
        HashSet hashSet = new HashSet();
        hashSet.addAll(this.fieldMapper.getBackendFields(this.schemaFieldMap.keySet()));
        for (LDAPReference lDAPReference : this.references.values()) {
            if (lDAPReference instanceof LDAPReference) {
                LDAPReference lDAPReference2 = lDAPReference;
                hashSet.add(lDAPReference2.getStaticAttributeId(this.fieldMapper));
                hashSet.add(lDAPReference2.getDynamicAttributeId());
            }
        }
        if (this.config.getPasswordField() != null) {
            hashSet.remove(this.config.getPasswordField());
        }
        searchControls.setReturningAttributes((String[]) hashSet.toArray(new String[hashSet.size()]));
        return searchControls;
    }

    public SearchControls getSearchControls() {
        return getSearchControls(false);
    }

    public SearchControls getSearchControls(boolean z) {
        if (!z) {
            return this.searchControls;
        }
        SearchControls searchControls = new SearchControls();
        searchControls.setSearchScope(this.config.getSearchScope());
        return searchControls;
    }

    protected DirContext createContext() throws DirectoryException {
        try {
            return new InitialDirContext(this.contextProperties);
        } catch (NamingException e) {
            log.error(e.getMessage());
            throw new DirectoryException("could not initialise LDAP directory context: " + e.getMessage(), e);
        }
    }

    public IdGenerator getIdGenerator() {
        return null;
    }

    public String getName() {
        return this.config.getName();
    }

    public String getSchema() {
        return this.config.getSchemaName();
    }

    public String getParentDirectory() {
        return null;
    }

    public String getIdField() {
        return this.config.getIdField();
    }

    public String getPasswordField() {
        return this.config.getPasswordField();
    }

    public Session getSession() throws DirectoryException {
        LDAPSession lDAPSession = new LDAPSession(this, this.testServer != null ? this.testServer.getContext() : createContext());
        this.sessions.add(lDAPSession);
        return lDAPSession;
    }

    public synchronized void removeSession(Session session) {
        this.sessions.remove(session);
    }

    public synchronized void addSession(Session session) {
        this.sessions.add(session);
    }

    protected synchronized void clearSessions() {
        this.sessions.clear();
    }

    public void shutdown() {
        try {
            ArrayList arrayList = new ArrayList();
            arrayList.addAll(this.sessions);
            Iterator it = arrayList.iterator();
            while (it.hasNext()) {
                ((Session) it.next()).close();
            }
            clearSessions();
        } catch (ClientException e) {
            log.error("exception during shutdown", e);
        }
    }

    public String getBaseFilter() {
        String format = String.format("(%s=*)", getFieldMapper().getBackendField(getIdField()));
        return (this.baseFilter == null || "".equals(this.baseFilter)) ? format : this.baseFilter.startsWith("(") ? String.format("(&%s%s)", this.baseFilter, format) : String.format("(&(%s)%s)", this.baseFilter, format);
    }

    public LDAPDirectoryDescriptor getConfig() {
        return this.config;
    }

    public Map<String, Field> getSchemaFieldMap() {
        return this.schemaFieldMap;
    }

    public void setTestServer(ContextProvider contextProvider) {
        this.testServer = contextProvider;
    }
}
