package nl.nn.adapterframework.ldap;

import java.util.Map;
import nl.nn.adapterframework.configuration.ConfigurationException;
import nl.nn.adapterframework.configuration.ConfigurationWarnings;
import nl.nn.adapterframework.core.IPipeLineSession;
import nl.nn.adapterframework.core.ParameterException;
import nl.nn.adapterframework.core.PipeRunException;
import nl.nn.adapterframework.core.PipeRunResult;
import nl.nn.adapterframework.parameters.Parameter;
import nl.nn.adapterframework.parameters.ParameterResolutionContext;
import nl.nn.adapterframework.pipes.AbstractPipe;
import org.apache.commons.lang.StringUtils;

/* loaded from: input_file:WEB-INF/lib/ibis-adapterframework-core-7.1-B3.jar:nl/nn/adapterframework/ldap/LdapChallengePipe.class */
public class LdapChallengePipe extends AbstractPipe {
    private String ldapProviderURL = null;
    private String initialContextFactoryName = null;
    private String errorSessionKey = null;

    @Override // nl.nn.adapterframework.pipes.AbstractPipe, nl.nn.adapterframework.core.IPipe
    public void configure() throws ConfigurationException {
        super.configure();
        ConfigurationWarnings.getInstance().add(this.log, "LdapChallengePipe is deprecated, please use LdapSender with operation challenge and check for returned message <LdapResult>Success</LdapResult>");
        if (StringUtils.isEmpty(this.ldapProviderURL) && getParameterList().findParameter("ldapProviderURL") == null) {
            throw new ConfigurationException("ldapProviderURL must be specified, either as attribute or as parameter");
        }
        if (StringUtils.isNotEmpty(this.ldapProviderURL) && getParameterList().findParameter("ldapProviderURL") != null) {
            throw new ConfigurationException("ldapProviderURL can only be specified once, either as attribute or as parameter");
        }
        if (getParameterList().findParameter("principal") == null) {
            throw new ConfigurationException("Parameter 'principal' must be specified");
        }
        if (getParameterList().findParameter("credentials") == null) {
            throw new ConfigurationException("Parameter 'credentials' must be specified");
        }
    }

    @Override // nl.nn.adapterframework.pipes.AbstractPipe, nl.nn.adapterframework.core.IPipe
    public PipeRunResult doPipe(Object obj, IPipeLineSession iPipeLineSession) throws PipeRunException {
        LdapSender ldapSender = new LdapSender();
        try {
            ParameterResolutionContext parameterResolutionContext = new ParameterResolutionContext((String) obj, iPipeLineSession);
            Map<String, Object> valueMap = parameterResolutionContext.getValueMap(getParameterList());
            String ldapProviderURL = StringUtils.isNotEmpty(getLdapProviderURL()) ? getLdapProviderURL() : (String) valueMap.get("ldapProviderURL");
            String str = (String) valueMap.get("credentials");
            String str2 = (String) valueMap.get("principal");
            ldapSender.setErrorSessionKey(getErrorSessionKey());
            if (StringUtils.isEmpty(ldapProviderURL)) {
                throw new PipeRunException(this, "ldapProviderURL is empty");
            }
            if (StringUtils.isEmpty(str2)) {
                handleError(ldapSender, parameterResolutionContext, 34, "Principal is Empty");
                return new PipeRunResult(findForward("invalid"), obj);
            }
            if (StringUtils.isEmpty(str)) {
                handleError(ldapSender, parameterResolutionContext, 49, "Credentials are Empty");
                return new PipeRunResult(findForward("invalid"), obj);
            }
            Parameter parameter = new Parameter();
            parameter.setName("entryName");
            parameter.setValue(str2);
            ldapSender.addParameter(parameter);
            ldapSender.setUsePooling(false);
            ldapSender.setLdapProviderURL(ldapProviderURL);
            if (StringUtils.isNotEmpty(getInitialContextFactoryName())) {
                ldapSender.setInitialContextFactoryName(getInitialContextFactoryName());
            }
            ldapSender.setPrincipal(str2);
            ldapSender.setCredentials(str);
            ldapSender.setOperation("read");
            try {
                this.log.debug("Looking up context for principal [" + str2 + "]");
                ldapSender.configure();
                this.log.debug("Succesfully looked up context for principal [" + str2 + "]");
                return new PipeRunResult(findForward("success"), obj);
            } catch (Exception e) {
                if (StringUtils.isNotEmpty(getErrorSessionKey())) {
                    ldapSender.storeLdapException(e, parameterResolutionContext);
                } else {
                    this.log.warn("LDAP error looking up context for principal [" + str2 + "]", e);
                }
                return new PipeRunResult(findForward("invalid"), obj);
            }
        } catch (ParameterException e2) {
            throw new PipeRunException(this, "Invalid parameter", e2);
        }
    }

    protected void handleError(LdapSender ldapSender, ParameterResolutionContext parameterResolutionContext, int i, String str) {
        ldapSender.storeLdapException(new ConfigurationException(LdapSender.LDAP_ERROR_MAGIC_STRING + i + "-" + str + "]"), parameterResolutionContext);
    }

    public void setLdapProviderURL(String str) {
        this.ldapProviderURL = str;
    }

    public String getLdapProviderURL() {
        return this.ldapProviderURL;
    }

    public void setInitialContextFactoryName(String str) {
        this.initialContextFactoryName = str;
    }

    public String getInitialContextFactoryName() {
        return this.initialContextFactoryName;
    }

    public void setErrorSessionKey(String str) {
        this.errorSessionKey = str;
    }

    public String getErrorSessionKey() {
        return this.errorSessionKey;
    }
}
