package org.jivesoftware.openfire.ldap;

import java.text.MessageFormat;
import java.text.SimpleDateFormat;
import java.time.Instant;
import java.time.temporal.ChronoUnit;
import java.time.temporal.TemporalUnit;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.Date;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.StringTokenizer;
import java.util.TimeZone;
import java.util.stream.Collectors;
import javax.naming.NamingEnumeration;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.DirContext;
import javax.naming.ldap.LdapContext;
import javax.naming.ldap.Rdn;
import org.jivesoftware.admin.LdapUserTester;
import org.jivesoftware.openfire.XMPPServer;
import org.jivesoftware.openfire.group.GroupManager;
import org.jivesoftware.openfire.http.HttpBindManager;
import org.jivesoftware.openfire.user.User;
import org.jivesoftware.openfire.user.UserAlreadyExistsException;
import org.jivesoftware.openfire.user.UserCollection;
import org.jivesoftware.openfire.user.UserNotFoundException;
import org.jivesoftware.openfire.user.UserProvider;
import org.jivesoftware.util.DomainResolver;
import org.jivesoftware.util.JiveGlobals;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.xmpp.packet.JID;

/* loaded from: input_file:org/jivesoftware/openfire/ldap/LdapUserProvider.class */
public class LdapUserProvider implements UserProvider {
    private static final Logger Log = LoggerFactory.getLogger(LdapUserProvider.class);
    private static final SimpleDateFormat ldapDateFormat = new SimpleDateFormat("yyyyMMddHHmmss");
    private final LdapManager manager;
    private Map<String, String> searchFields;
    private Instant allUserCacheExpires = Instant.now();
    private int userCount = -1;
    private List<String> allUsernames = null;
    private Collection<User> allUsers = null;

    public LdapUserProvider() {
        JiveGlobals.migrateProperty("ldap.searchFields");
        this.manager = LdapManager.getInstance();
        this.searchFields = new LinkedHashMap();
        String property = JiveGlobals.getProperty("ldap.searchFields");
        if (property != null) {
            try {
                StringTokenizer stringTokenizer = new StringTokenizer(property, ",");
                while (stringTokenizer.hasMoreTokens()) {
                    String[] split = stringTokenizer.nextToken().split("/");
                    this.searchFields.put(split[0], split[1]);
                }
                return;
            } catch (Exception e) {
                Log.error("Error parsing LDAP search fields: " + property, e);
                return;
            }
        }
        this.searchFields.put("Username", this.manager.getUsernameField());
        int i = 0;
        Iterator<String> it = this.manager.getNameField().getFields().iterator();
        while (it.hasNext()) {
            this.searchFields.put(i == 0 ? LdapUserTester.NAME : "Name (" + i + ")", it.next());
            i++;
        }
        this.searchFields.put(LdapUserTester.EMAIL, this.manager.getEmailField());
    }

    @Override // org.jivesoftware.openfire.user.UserProvider
    public User loadUser(String str) throws UserNotFoundException {
        String unescapeNode = JID.unescapeNode(str);
        DirContext dirContext = null;
        try {
            try {
                Rdn[] findUserRDN = this.manager.findUserRDN(unescapeNode);
                ArrayList arrayList = new ArrayList();
                arrayList.add(this.manager.getUsernameField());
                arrayList.addAll(this.manager.getNameField().getFields());
                arrayList.add(this.manager.getEmailField());
                arrayList.add("createTimestamp");
                arrayList.add("modifyTimestamp");
                LdapContext context = this.manager.getContext(this.manager.getUsersBaseDN(unescapeNode));
                Attributes attributes = context.getAttributes(LdapManager.escapeForJNDI(findUserRDN), (String[]) arrayList.toArray(new String[0]));
                String propertyValue = LdapUserTester.getPropertyValue(this.manager.getNameField(), attributes);
                String str2 = null;
                Attribute attribute = attributes.get(this.manager.getEmailField());
                if (attribute != null) {
                    str2 = (String) attribute.get();
                }
                Date date = new Date();
                Attribute attribute2 = attributes.get("createTimestamp");
                if (attribute2 != null && "".equals(((String) attribute2.get()).trim())) {
                    date = parseLDAPDate((String) attribute2.get());
                }
                Date date2 = new Date();
                Attribute attribute3 = attributes.get("modifyTimestamp");
                if (attribute3 != null && "".equals(((String) attribute3.get()).trim())) {
                    date2 = parseLDAPDate((String) attribute3.get());
                }
                String escapeNode = JID.escapeNode(unescapeNode);
                Attribute attribute4 = attributes.get("authPassword");
                User user = new User(escapeNode, propertyValue, str2, "", date, date2);
                if (this.manager.isFindUsersFromGroupsEnabled() && GroupManager.getInstance().getGroups(user).isEmpty()) {
                    throw new UserNotFoundException("User exists in LDAP but is not a member of any Openfire groups");
                }
                if (attribute4 != null) {
                    NamingEnumeration all = attribute4.getAll();
                    while (true) {
                        if (!all.hasMore()) {
                            break;
                        }
                        String[] split = ((String) ((Attribute) all.next()).get()).split("$");
                        String[] split2 = split[1].split(":");
                        String[] split3 = split[2].split(":");
                        if ("SCRAM-SHA-1".equals(split[0].trim())) {
                            int intValue = Integer.valueOf(split2[0].trim()).intValue();
                            String trim = split2[1].trim();
                            String trim2 = split3[0].trim();
                            String trim3 = split3[1].trim();
                            user.setSalt(trim);
                            user.setStoredKey(trim2);
                            user.setServerKey(trim3);
                            user.setIterations(intValue);
                            break;
                        }
                    }
                }
                if (context != null) {
                    try {
                        context.close();
                    } catch (Exception e) {
                    }
                }
                return user;
            } catch (Exception e2) {
                throw new UserNotFoundException(e2);
            }
        } catch (Throwable th) {
            if (0 != 0) {
                try {
                    dirContext.close();
                } catch (Exception e3) {
                    throw th;
                }
            }
            throw th;
        }
    }

    @Override // org.jivesoftware.openfire.user.UserProvider
    public User createUser(String str, String str2, String str3, String str4, String str5) throws UserAlreadyExistsException {
        throw new UnsupportedOperationException();
    }

    @Override // org.jivesoftware.openfire.user.UserProvider
    public void deleteUser(String str) {
        throw new UnsupportedOperationException();
    }

    @Override // org.jivesoftware.openfire.user.UserProvider
    public int getUserCount() {
        if (this.userCount != -1 && this.allUserCacheExpires.isAfter(Instant.now())) {
            return this.userCount;
        }
        getUsers();
        return this.userCount;
    }

    @Override // org.jivesoftware.openfire.user.UserProvider
    public Collection<String> getUsernames() {
        if (this.allUsernames != null && this.allUserCacheExpires.isAfter(Instant.now())) {
            return this.allUsernames;
        }
        getUsers();
        return this.allUsernames;
    }

    @Override // org.jivesoftware.openfire.user.UserProvider
    public synchronized Collection<User> getUsersByDomain(String str) {
        if (this.allUsers != null && this.allUserCacheExpires.isAfter(Instant.now())) {
            return this.allUsers;
        }
        this.allUsers = getUsers(-1, -1);
        this.userCount = this.allUsers.size();
        this.allUsernames = (List) this.allUsers.stream().map((v0) -> {
            return v0.getUsername();
        }).collect(Collectors.toList());
        this.allUserCacheExpires = Instant.now().plus(5L, (TemporalUnit) ChronoUnit.MINUTES);
        return filterAllUsersByDomain(str);
    }

    private Collection<User> filterAllUsersByDomain(String str) {
        ArrayList arrayList = new ArrayList();
        for (User user : this.allUsers) {
            if (user.getDomain().equals(str)) {
                arrayList.add(user);
            }
        }
        return Collections.unmodifiableCollection(arrayList);
    }

    @Override // org.jivesoftware.openfire.user.UserProvider
    public synchronized Collection<User> getUsers() {
        if (this.allUsers != null && this.allUserCacheExpires.isAfter(Instant.now())) {
            return this.allUsers;
        }
        this.allUsers = getUsers(-1, -1);
        this.userCount = this.allUsers.size();
        this.allUsernames = (List) this.allUsers.stream().map((v0) -> {
            return v0.getUsername();
        }).collect(Collectors.toList());
        this.allUserCacheExpires = Instant.now().plus(5L, (TemporalUnit) ChronoUnit.MINUTES);
        return this.allUsers;
    }

    @Override // org.jivesoftware.openfire.user.UserProvider
    public Collection<User> getUsers(int i, int i2) {
        List<String> sortAndPaginate = this.manager.isFindUsersFromGroupsEnabled() ? LdapManager.sortAndPaginate((Set) GroupManager.getInstance().getGroups().stream().map((v0) -> {
            return v0.getAll();
        }).flatMap((v0) -> {
            return v0.stream();
        }).map((v0) -> {
            return v0.getNode();
        }).collect(Collectors.toSet()), i, i2) : this.manager.retrieveList(this.manager.getUsernameField(), MessageFormat.format(this.manager.getSearchFilter(), HttpBindManager.HTTP_BIND_CORS_ALLOW_ORIGIN_DEFAULT), i, i2, this.manager.getUsernameSuffix(), true);
        return new UserCollection((String[]) sortAndPaginate.toArray(new String[sortAndPaginate.size()]));
    }

    @Override // org.jivesoftware.openfire.user.UserProvider
    public void setName(String str, String str2) throws UserNotFoundException {
        throw new UnsupportedOperationException();
    }

    @Override // org.jivesoftware.openfire.user.UserProvider
    public void setEmail(String str, String str2) throws UserNotFoundException {
        throw new UnsupportedOperationException();
    }

    @Override // org.jivesoftware.openfire.user.UserProvider
    public void setCreationDate(String str, Date date) throws UserNotFoundException {
        throw new UnsupportedOperationException();
    }

    @Override // org.jivesoftware.openfire.user.UserProvider
    public void setModificationDate(String str, Date date) throws UserNotFoundException {
        throw new UnsupportedOperationException();
    }

    @Override // org.jivesoftware.openfire.user.UserProvider
    public Set<String> getSearchFields() throws UnsupportedOperationException {
        return Collections.unmodifiableSet(this.searchFields.keySet());
    }

    public void setSearchFields(String str) {
        this.searchFields = new LinkedHashMap();
        if (str == null) {
            this.searchFields.put("Username", this.manager.getUsernameField());
            int i = 0;
            Iterator<String> it = this.manager.getNameField().getFields().iterator();
            while (it.hasNext()) {
                this.searchFields.put(i == 0 ? LdapUserTester.NAME : "Name (" + i + ")", it.next());
                i++;
            }
            this.searchFields.put(LdapUserTester.EMAIL, this.manager.getEmailField());
        } else {
            try {
                StringTokenizer stringTokenizer = new StringTokenizer(str, ",");
                while (stringTokenizer.hasMoreTokens()) {
                    String[] split = stringTokenizer.nextToken().split("/");
                    this.searchFields.put(split[0], split[1]);
                }
            } catch (Exception e) {
                Log.error("Error parsing LDAP search fields: " + str, e);
            }
        }
        JiveGlobals.setProperty("ldap.searchFields", str);
    }

    @Override // org.jivesoftware.openfire.user.UserProvider
    public Collection<User> findUsers(Set<String> set, String str) throws UnsupportedOperationException {
        return findUsers(set, str, -1, -1);
    }

    @Override // org.jivesoftware.openfire.user.UserProvider
    public Collection<User> findUsers(Set<String> set, String str, int i, int i2) throws UnsupportedOperationException {
        if (set.isEmpty() || str == null || "".equals(str)) {
            return Collections.emptyList();
        }
        String sanitizeSearchFilter = LdapManager.sanitizeSearchFilter(str, true);
        if (!sanitizeSearchFilter.endsWith(HttpBindManager.HTTP_BIND_CORS_ALLOW_ORIGIN_DEFAULT)) {
            sanitizeSearchFilter = sanitizeSearchFilter + HttpBindManager.HTTP_BIND_CORS_ALLOW_ORIGIN_DEFAULT;
        }
        if (!this.searchFields.keySet().containsAll(set)) {
            throw new IllegalArgumentException("Search fields " + set + " are not valid.");
        }
        StringBuilder sb = new StringBuilder();
        sb.append("(&(");
        sb.append(MessageFormat.format(this.manager.getSearchFilter(), HttpBindManager.HTTP_BIND_CORS_ALLOW_ORIGIN_DEFAULT));
        sb.append(')');
        if (set.size() > 1) {
            sb.append("(|");
        }
        Iterator<String> it = set.iterator();
        while (it.hasNext()) {
            sb.append('(').append(this.searchFields.get(it.next())).append('=').append(sanitizeSearchFilter).append(")");
        }
        if (set.size() > 1) {
            sb.append(')');
        }
        sb.append(')');
        List<String> retrieveList = this.manager.retrieveList(this.manager.getUsernameField(), sb.toString(), i, i2, this.manager.getUsernameSuffix(), true);
        if (this.manager.isFindUsersFromGroupsEnabled()) {
            retrieveList = (List) retrieveList.stream().filter(str2 -> {
                return !GroupManager.getInstance().getGroups(XMPPServer.getInstance().createJID(str2, DomainResolver.resolveUserDomain(str2), null)).isEmpty();
            }).collect(Collectors.toList());
        }
        return new UserCollection((String[]) retrieveList.toArray(new String[retrieveList.size()]));
    }

    @Override // org.jivesoftware.openfire.user.UserProvider
    public boolean isReadOnly() {
        return true;
    }

    @Override // org.jivesoftware.openfire.user.UserProvider
    public boolean isNameRequired() {
        return false;
    }

    @Override // org.jivesoftware.openfire.user.UserProvider
    public boolean isEmailRequired() {
        return false;
    }

    private static Date parseLDAPDate(String str) {
        boolean z = false;
        if (str.endsWith("Z")) {
            z = true;
        }
        Date date = new Date();
        try {
            if (z) {
                ldapDateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));
            } else {
                ldapDateFormat.setTimeZone(TimeZone.getDefault());
            }
            date = ldapDateFormat.parse(str);
        } catch (Exception e) {
            Log.error(e.getMessage(), e);
        }
        return date;
    }
}
