package nl.nn.adapterframework.ldap;

import java.util.Hashtable;
import javax.naming.CommunicationException;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.InitialDirContext;
import javax.naming.ldap.Control;
import javax.naming.ldap.InitialLdapContext;
import nl.nn.adapterframework.configuration.ConfigurationException;
import nl.nn.adapterframework.core.IPipeLineSession;
import nl.nn.adapterframework.core.ParameterException;
import nl.nn.adapterframework.core.PipeForward;
import nl.nn.adapterframework.core.PipeRunException;
import nl.nn.adapterframework.core.PipeRunResult;
import nl.nn.adapterframework.parameters.ParameterResolutionContext;
import nl.nn.adapterframework.parameters.ParameterValueList;
import nl.nn.adapterframework.pipes.FixedForwardPipe;
import nl.nn.adapterframework.util.CredentialFactory;
import nl.nn.adapterframework.webcontrol.DummySSLSocketFactory;
import org.apache.commons.lang.StringUtils;
import org.springframework.beans.factory.xml.BeanDefinitionParserDelegate;

/* loaded from: input_file:WEB-INF/lib/ibis-adapterframework-core-7.2.jar:nl/nn/adapterframework/ldap/LdapFindMemberPipe.class */
public class LdapFindMemberPipe extends FixedForwardPipe {
    private String authAlias;
    private String userName;
    private String password;
    private String host;
    private String dnSearchIn;
    private String dnFind;
    private CredentialFactory cf;
    protected PipeForward notFoundForward;
    protected PipeForward exceptionForward;
    private int port = -1;
    private boolean useSsl = false;
    private boolean recursiveSearch = true;
    private String notFoundForwardName = "notFound";
    private String exceptionForwardName = null;

    @Override // nl.nn.adapterframework.pipes.FixedForwardPipe, nl.nn.adapterframework.pipes.AbstractPipe, nl.nn.adapterframework.core.IPipe
    public void configure() throws ConfigurationException {
        super.configure();
        if (getHost() == null) {
            throw new ConfigurationException(getLogPrefix(null) + "host must be set");
        }
        this.cf = new CredentialFactory(getAuthAlias(), getUserName(), getPassword());
        if (StringUtils.isNotEmpty(getNotFoundForwardName())) {
            this.notFoundForward = findForward(getNotFoundForwardName());
        }
        if (StringUtils.isNotEmpty(getExceptionForwardName())) {
            this.exceptionForward = findForward(getExceptionForwardName());
        }
    }

    @Override // nl.nn.adapterframework.pipes.AbstractPipe, nl.nn.adapterframework.core.IPipe
    public PipeRunResult doPipe(Object obj, IPipeLineSession iPipeLineSession) throws PipeRunException {
        if (this.exceptionForward == null) {
            return doPipeWithException(obj, iPipeLineSession);
        }
        try {
            return doPipeWithException(obj, iPipeLineSession);
        } catch (Throwable th) {
            this.log.warn(getLogPrefix(iPipeLineSession) + "exception occured, forwarding to exception-forward [" + this.exceptionForward.getPath() + "], exception:\n", th);
            return new PipeRunResult(this.exceptionForward, obj);
        }
    }

    public PipeRunResult doPipeWithException(Object obj, IPipeLineSession iPipeLineSession) throws PipeRunException {
        ParameterValueList parameterValueList = null;
        if (getParameterList() != null) {
            try {
                parameterValueList = new ParameterResolutionContext((String) obj, iPipeLineSession).getValues(getParameterList());
            } catch (ParameterException e) {
                throw new PipeRunException(this, getLogPrefix(iPipeLineSession) + "exception on extracting parameters", e);
            }
        }
        String parameterValue = getParameterValue(parameterValueList, "dnSearchIn");
        if (parameterValue == null) {
            parameterValue = getDnSearchIn();
        }
        String parameterValue2 = getParameterValue(parameterValueList, "dnFind");
        if (parameterValue2 == null) {
            parameterValue2 = getDnFind();
        }
        boolean z = false;
        if (StringUtils.isNotEmpty(parameterValue) && StringUtils.isNotEmpty(parameterValue2)) {
            try {
                z = findMember(getHost(), getPort(), parameterValue, isUseSsl(), parameterValue2, isRecursiveSearch());
            } catch (NamingException e2) {
                throw new PipeRunException(this, getLogPrefix(iPipeLineSession) + "exception on ldap lookup", e2);
            }
        }
        if (z) {
            return new PipeRunResult(getForward(), obj);
        }
        String str = getLogPrefix(iPipeLineSession) + "dn [" + parameterValue2 + "] not found as member in url [" + retrieveUrl(getHost(), getPort(), parameterValue, isUseSsl()) + "]";
        if (this.notFoundForward == null) {
            throw new PipeRunException(this, str);
        }
        this.log.info(str);
        return new PipeRunResult(this.notFoundForward, obj);
    }

    private boolean findMember(String str, int i, String str2, boolean z, String str3, boolean z2) throws NamingException {
        Hashtable hashtable = new Hashtable();
        hashtable.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
        hashtable.put("java.naming.provider.url", retrieveUrl(str, i, str2, z));
        if (StringUtils.isNotEmpty(this.cf.getUsername())) {
            hashtable.put("java.naming.security.authentication", BeanDefinitionParserDelegate.DEPENDENCY_CHECK_SIMPLE_ATTRIBUTE_VALUE);
            hashtable.put("java.naming.security.principal", this.cf.getUsername());
            hashtable.put("java.naming.security.credentials", this.cf.getPassword());
        } else {
            hashtable.put("java.naming.security.authentication", "none");
        }
        InitialDirContext initialDirContext = null;
        try {
            try {
                initialDirContext = new InitialDirContext(hashtable);
            } finally {
                if (initialDirContext != null) {
                    try {
                        initialDirContext.close();
                    } catch (NamingException e) {
                        this.log.warn("Exception closing DirContext", e);
                    }
                }
            }
        } catch (CommunicationException e2) {
            this.log.info("Cannot create constructor for DirContext (" + e2.getMessage() + "], will try again with dummy SocketFactory");
            hashtable.put("java.naming.ldap.factory.socket", DummySSLSocketFactory.class.getName());
            initialDirContext = new InitialLdapContext(hashtable, (Control[]) null);
        }
        Attribute attribute = initialDirContext.getAttributes("").get("member");
        if (attribute == null) {
            if (initialDirContext == null) {
                return false;
            }
            try {
                initialDirContext.close();
                return false;
            } catch (NamingException e3) {
                this.log.warn("Exception closing DirContext", e3);
                return false;
            }
        }
        boolean z3 = false;
        for (int i2 = 0; i2 < attribute.size() && !z3; i2++) {
            String str4 = (String) attribute.get(i2);
            if (str4.equalsIgnoreCase(str3)) {
                z3 = true;
            } else if (z2) {
                z3 = findMember(str, i, str4, z, str3, z2);
            }
        }
        return z3;
    }

    private String retrieveUrl(String str, int i, String str2, boolean z) {
        return (z ? "ldaps://" : "ldap://") + (str != null ? str : "") + (i != -1 ? ":" + i : "") + (str2 != null ? "/" + str2.replaceAll("\\s", "%20") : "");
    }

    public String getAuthAlias() {
        return this.authAlias;
    }

    public void setAuthAlias(String str) {
        this.authAlias = str;
    }

    public String getUserName() {
        return this.userName;
    }

    public void setUserName(String str) {
        this.userName = str;
    }

    public String getPassword() {
        return this.password;
    }

    public void setPassword(String str) {
        this.password = str;
    }

    public String getHost() {
        return this.host;
    }

    public void setHost(String str) {
        this.host = str;
    }

    public int getPort() {
        return this.port;
    }

    public void setPort(int i) {
        this.port = i;
    }

    public boolean isUseSsl() {
        return this.useSsl;
    }

    public void setUseSsl(boolean z) {
        this.useSsl = z;
    }

    public String getDnSearchIn() {
        return this.dnSearchIn;
    }

    public void setDnSearchIn(String str) {
        this.dnSearchIn = str;
    }

    public String getDnFind() {
        return this.dnFind;
    }

    public void setDnFind(String str) {
        this.dnFind = str;
    }

    public boolean isRecursiveSearch() {
        return this.recursiveSearch;
    }

    public void setRecursiveSearch(boolean z) {
        this.recursiveSearch = z;
    }

    public String getNotFoundForwardName() {
        return this.notFoundForwardName;
    }

    public void setNotFoundForwardName(String str) {
        this.notFoundForwardName = str;
    }

    public String getExceptionForwardName() {
        return this.exceptionForwardName;
    }

    public void setExceptionForwardName(String str) {
        this.exceptionForwardName = str;
    }
}
