package org.cloudfoundry.identity.uaa.ldap.extension;

import java.text.MessageFormat;
import java.util.Arrays;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.PartialResultException;
import javax.naming.directory.DirContext;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.hsqldb.Tokens;
import org.springframework.dao.IncorrectResultSizeDataAccessException;
import org.springframework.ldap.core.ContextExecutor;
import org.springframework.ldap.core.ContextMapper;
import org.springframework.ldap.core.ContextSource;
import org.springframework.ldap.core.DirContextAdapter;
import org.springframework.ldap.core.DirContextOperations;
import org.springframework.ldap.core.DistinguishedName;
import org.springframework.ldap.core.LdapTemplate;
import org.springframework.ldap.support.LdapEncoder;
import org.springframework.security.ldap.LdapUtils;
import org.springframework.util.Assert;

/* loaded from: input_file:lib/cloudfoundry-identity-common-2.7.4.jar:org/cloudfoundry/identity/uaa/ldap/extension/SpringSecurityLdapTemplate.class */
public class SpringSecurityLdapTemplate extends LdapTemplate {
    private static final Log logger = LogFactory.getLog(SpringSecurityLdapTemplate.class);
    public static final String[] NO_ATTRS = new String[0];
    public static final String DN_KEY = "spring.security.ldap.dn";
    private static final boolean RETURN_OBJECT = true;
    private SearchControls searchControls = new SearchControls();

    public SpringSecurityLdapTemplate(ContextSource contextSource) {
        Assert.notNull(contextSource, "ContextSource cannot be null");
        setContextSource(contextSource);
        this.searchControls.setSearchScope(2);
    }

    public boolean compare(final String str, String str2, final Object obj) {
        final String str3 = Tokens.T_OPENBRACKET + str2 + "={0})";
        return ((Boolean) executeReadOnly(new ContextExecutor() { // from class: org.cloudfoundry.identity.uaa.ldap.extension.SpringSecurityLdapTemplate.1LdapCompareCallback
            @Override // org.springframework.ldap.core.ContextExecutor
            public Object executeWithContext(DirContext dirContext) throws NamingException {
                SearchControls searchControls = new SearchControls();
                searchControls.setReturningAttributes(SpringSecurityLdapTemplate.NO_ATTRS);
                searchControls.setSearchScope(0);
                NamingEnumeration search = dirContext.search(str, str3, new Object[]{obj}, searchControls);
                Boolean valueOf = Boolean.valueOf(search.hasMore());
                LdapUtils.closeEnumeration(search);
                return valueOf;
            }
        })).booleanValue();
    }

    public DirContextOperations retrieveEntry(final String str, final String[] strArr) {
        return (DirContextOperations) executeReadOnly(new ContextExecutor() { // from class: org.cloudfoundry.identity.uaa.ldap.extension.SpringSecurityLdapTemplate.1
            @Override // org.springframework.ldap.core.ContextExecutor
            public Object executeWithContext(DirContext dirContext) throws NamingException {
                return new DirContextAdapter(dirContext.getAttributes(str, strArr), new DistinguishedName(str), new DistinguishedName(dirContext.getNameInNamespace()));
            }
        });
    }

    public Set<Map<String, String[]>> searchForMultipleAttributeValues(String str, String str2, Object[] objArr, final String[] strArr) {
        String[] strArr2 = new String[objArr.length];
        for (int i = 0; i < objArr.length; i++) {
            strArr2[i] = LdapEncoder.filterEncode(objArr[i].toString());
        }
        String format = MessageFormat.format(str2, strArr2);
        logger.debug("Using filter: " + format);
        final HashSet hashSet = new HashSet();
        ContextMapper contextMapper = new ContextMapper() { // from class: org.cloudfoundry.identity.uaa.ldap.extension.SpringSecurityLdapTemplate.2
            @Override // org.springframework.ldap.core.ContextMapper
            public Object mapFromContext(Object obj) {
                DirContextAdapter dirContextAdapter = (DirContextAdapter) obj;
                HashMap hashMap = new HashMap();
                for (String str3 : strArr) {
                    String[] stringAttributes = dirContextAdapter.getStringAttributes(str3);
                    if (stringAttributes == null || stringAttributes.length == 0) {
                        SpringSecurityLdapTemplate.logger.debug("No attribute value found for '" + str3 + "'");
                    } else {
                        hashMap.put(str3, stringAttributes);
                    }
                }
                hashMap.put(SpringSecurityLdapTemplate.DN_KEY, new String[]{dirContextAdapter.getDn().toString()});
                hashSet.add(hashMap);
                return null;
            }
        };
        SearchControls searchControls = new SearchControls();
        searchControls.setSearchScope(this.searchControls.getSearchScope());
        searchControls.setReturningAttributes(strArr);
        search(str, format, searchControls, contextMapper);
        return hashSet;
    }

    public Set<String> searchForSingleAttributeValues(String str, String str2, Object[] objArr, String str3) {
        Set<Map<String, String[]>> searchForMultipleAttributeValues = searchForMultipleAttributeValues(str, str2, objArr, new String[]{str3});
        HashSet hashSet = new HashSet();
        Iterator<Map<String, String[]>> it = searchForMultipleAttributeValues.iterator();
        while (it.hasNext()) {
            String[] strArr = it.next().get(str3);
            if (strArr != null && strArr.length > 0) {
                hashSet.addAll(Arrays.asList(strArr));
            }
        }
        return hashSet;
    }

    public DirContextOperations searchForSingleEntry(final String str, final String str2, final Object[] objArr) {
        return (DirContextOperations) executeReadOnly(new ContextExecutor() { // from class: org.cloudfoundry.identity.uaa.ldap.extension.SpringSecurityLdapTemplate.3
            @Override // org.springframework.ldap.core.ContextExecutor
            public Object executeWithContext(DirContext dirContext) throws NamingException {
                return SpringSecurityLdapTemplate.searchForSingleEntryInternal(dirContext, SpringSecurityLdapTemplate.this.searchControls, str, str2, objArr);
            }
        });
    }

    public static DirContextOperations searchForSingleEntryInternal(DirContext dirContext, SearchControls searchControls, String str, String str2, Object[] objArr) throws NamingException {
        DistinguishedName distinguishedName = new DistinguishedName(dirContext.getNameInNamespace());
        DistinguishedName distinguishedName2 = new DistinguishedName(str);
        NamingEnumeration search = dirContext.search(distinguishedName2, str2, objArr, buildControls(searchControls));
        if (logger.isDebugEnabled()) {
            logger.debug("Searching for entry under DN '" + distinguishedName + "', base = '" + distinguishedName2 + "', filter = '" + str2 + "'");
        }
        HashSet hashSet = new HashSet();
        while (search.hasMore()) {
            try {
                DirContextAdapter dirContextAdapter = (DirContextAdapter) ((SearchResult) search.next()).getObject();
                Assert.notNull(dirContextAdapter, "No object returned by search, DirContext is not correctly configured");
                if (logger.isDebugEnabled()) {
                    logger.debug("Found DN: " + dirContextAdapter.getDn());
                }
                hashSet.add(dirContextAdapter);
            } catch (PartialResultException e) {
                LdapUtils.closeEnumeration(search);
                logger.info("Ignoring PartialResultException");
            }
        }
        if (hashSet.size() == 0) {
            throw new IncorrectResultSizeDataAccessException(1, 0);
        }
        if (hashSet.size() > 1) {
            throw new IncorrectResultSizeDataAccessException(1, hashSet.size());
        }
        return (DirContextOperations) hashSet.iterator().next();
    }

    private static SearchControls buildControls(SearchControls searchControls) {
        return new SearchControls(searchControls.getSearchScope(), searchControls.getCountLimit(), searchControls.getTimeLimit(), searchControls.getReturningAttributes(), true, searchControls.getDerefLinkFlag());
    }

    public void setSearchControls(SearchControls searchControls) {
        this.searchControls = searchControls;
    }
}
