package ca.nrc.cadc.ac.server.ldap;

import ca.nrc.cadc.net.TransientException;
import ca.nrc.cadc.profiler.Profiler;
import com.unboundid.ldap.sdk.DN;
import com.unboundid.ldap.sdk.LDAPConnection;
import com.unboundid.ldap.sdk.ResultCode;
import com.unboundid.util.ssl.SSLUtil;
import java.security.AccessControlException;
import java.security.GeneralSecurityException;
import java.util.Random;
import javax.net.SocketFactory;
import javax.net.ssl.SSLSocketFactory;
import org.apache.log4j.Logger;

/* loaded from: input_file:ca/nrc/cadc/ac/server/ldap/LdapDAO.class */
public abstract class LdapDAO {
    private static final Logger logger = Logger.getLogger(LdapDAO.class);
    protected static final String LDAP_OBJECT_CLASS = "objectClass";
    protected static final String LDAP_GID_NUMBER = "gidNumber";
    protected static final String LDAP_CN = "cn";
    protected static final String LDAP_ENTRYDN = "entrydn";
    protected static final String LDAP_INET_USER = "inetuser";
    protected static final String LDAP_NSACCOUNTLOCK = "nsaccountlock";
    private LdapConnections connections;
    protected LdapConfig config;
    DN subjDN = null;

    public LdapDAO(LdapConnections ldapConnections) {
        this.connections = ldapConnections;
        this.config = ldapConnections.getCurrentConfig();
        logger.debug("New LdapDAO instance, config: " + this.config);
    }

    public LDAPConnection getReadOnlyConnection() throws TransientException {
        return this.connections.getReadOnlyConnection();
    }

    public LDAPConnection getReadWriteConnection() throws TransientException {
        return this.connections.getReadWriteConnection();
    }

    public LDAPConnection getUnboundReadConnection() throws TransientException {
        return this.connections.getUnboundReadOnlyConnection();
    }

    public void close() {
        this.connections.releaseConnections();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public int genNextNumericId() {
        return new Random().nextInt(2147463647) + 20000;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static void checkLdapResult(ResultCode resultCode) throws TransientException {
        logger.debug("Ldap result: " + resultCode);
        checkLdapResult(resultCode, false);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static void checkLdapResult(ResultCode resultCode, boolean z) throws TransientException {
        if (resultCode == ResultCode.SUCCESS || resultCode == ResultCode.NO_SUCH_OBJECT) {
            return;
        }
        if (z && resultCode == ResultCode.NO_SUCH_ATTRIBUTE) {
            return;
        }
        if (resultCode == ResultCode.INSUFFICIENT_ACCESS_RIGHTS) {
            throw new AccessControlException("Not authorized ");
        }
        if (resultCode == ResultCode.INVALID_CREDENTIALS) {
            throw new AccessControlException("Invalid credentials ");
        }
        if (resultCode == ResultCode.PARAM_ERROR) {
            throw new IllegalArgumentException("Error in Ldap parameters ");
        }
        if (resultCode == ResultCode.BUSY || resultCode == ResultCode.CONNECT_ERROR) {
            throw new TransientException("Connection problems ");
        }
        if (resultCode == ResultCode.TIMEOUT || resultCode == ResultCode.TIME_LIMIT_EXCEEDED) {
            throw new TransientException("ldap timeout");
        }
        if (resultCode != ResultCode.INVALID_DN_SYNTAX) {
            throw new RuntimeException("Ldap error (" + resultCode.getName() + ")");
        }
        throw new IllegalArgumentException("Invalid DN syntax");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static SocketFactory getSocketFactory(LdapConfig ldapConfig) {
        SocketFactory socketFactory;
        if (ldapConfig.isSecure()) {
            Profiler profiler = new Profiler(LdapDAO.class);
            socketFactory = createSSLSocketFactory();
            profiler.checkpoint("createSSLSocketFactory");
        } else {
            socketFactory = SocketFactory.getDefault();
        }
        return socketFactory;
    }

    static SSLSocketFactory createSSLSocketFactory() {
        try {
            return new SSLUtil().createSSLSocketFactory();
        } catch (GeneralSecurityException e) {
            throw new RuntimeException("Unexpected error.", e);
        }
    }
}
