package nl.nn.adapterframework.ldap;

import java.io.StringReader;
import java.io.UnsupportedEncodingException;
import java.util.ArrayList;
import java.util.Hashtable;
import java.util.Map;
import java.util.Vector;
import javax.naming.NameClassPair;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.BasicAttribute;
import javax.naming.directory.BasicAttributes;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.ModificationItem;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import nl.nn.adapterframework.configuration.ConfigurationException;
import nl.nn.adapterframework.configuration.ConfigurationWarnings;
import nl.nn.adapterframework.core.IPipeLineSession;
import nl.nn.adapterframework.core.ISenderWithParameters;
import nl.nn.adapterframework.core.ParameterException;
import nl.nn.adapterframework.core.SenderException;
import nl.nn.adapterframework.jms.JNDIBase;
import nl.nn.adapterframework.parameters.Parameter;
import nl.nn.adapterframework.parameters.ParameterList;
import nl.nn.adapterframework.parameters.ParameterResolutionContext;
import nl.nn.adapterframework.util.ClassUtils;
import nl.nn.adapterframework.util.XmlBuilder;
import org.apache.commons.digester.Digester;
import org.apache.commons.lang.StringUtils;
import org.hsqldb.Tokens;

/* loaded from: input_file:WEB-INF/lib/ibis-adapterframework-core-7.2.jar:nl/nn/adapterframework/ldap/LdapSender.class */
public class LdapSender extends JNDIBase implements ISenderWithParameters {
    private static final String INITIAL_CONTEXT_FACTORY = "com.sun.jndi.ldap.LdapCtxFactory";
    public static final String LDAP_ERROR_MAGIC_STRING = "[LDAP: error code";
    public static final String OPERATION_READ = "read";
    public static final String OPERATION_CREATE = "create";
    public static final String OPERATION_UPDATE = "update";
    public static final String OPERATION_DELETE = "delete";
    public static final String OPERATION_SEARCH = "search";
    public static final String OPERATION_DEEP_SEARCH = "deepSearch";
    public static final String OPERATION_SUB_CONTEXTS = "getSubContexts";
    public static final String OPERATION_GET_TREE = "getTree";
    public static final String OPERATION_CHALLENGE = "challenge";
    public static final String OPERATION_CHANGE_UNICODE_PWD = "changeUnicodePwd";
    public static final String MANIPULATION_ENTRY = "entry";
    public static final String MANIPULATION_ATTRIBUTE = "attribute";
    private static final String DEFAULT_RESULT = "<LdapResult>Success</LdapResult>";
    private static final String DEFAULT_RESULT_READ = "<LdapResult>No such object</LdapResult>";
    private static final String DEFAULT_RESULT_SEARCH = "<LdapResult>Object not found</LdapResult>";
    private static final String DEFAULT_RESULT_DELETE = "<LdapResult>Delete Success - Never Existed</LdapResult>";
    private static final String DEFAULT_RESULT_CREATE_OK = "<LdapResult>Create Success - Already There</LdapResult>";
    private static final String DEFAULT_RESULT_CREATE_NOK = "<LdapResult>Create FAILED - Entry with given name already exists</LdapResult>";
    private static final String DEFAULT_RESULT_UPDATE_NOK = "<LdapResult>Update FAILED</LdapResult>";
    private static final String DEFAULT_RESULT_CHALLENGE_OK = "<LdapResult>Success</LdapResult>";
    private static final String DEFAULT_RESULT_CHALLENGE_NOK = "<LdapResult>Challenge FAILED - Invalid credentials</LdapResult>";
    private static final String DEFAULT_RESULT_CHANGE_UNICODE_PWD_OK = "<LdapResult>Success</LdapResult>";
    private static final String DEFAULT_RESULT_CHANGE_UNICODE_PWD_NOK = "<LdapResult>Change unicodePwd FAILED - Invalid old and/or new password</LdapResult>";
    private String name;
    private String ldapProviderURL;
    private String attributesToReturn;
    private String FILTER = "filterExpression";
    private String ENTRYNAME = "entryName";
    private int searchTimeout = 20000;
    private String operation = "read";
    private String manipulationSubject = "attribute";
    private boolean usePooling = true;
    private String errorSessionKey = "errorReason";
    private int maxEntriesReturned = 0;
    private boolean unicodePwd = false;
    private boolean replyNotFound = false;
    protected ParameterList paramList = null;
    private boolean principalParameterFound = false;
    private Hashtable jndiEnv = null;

    public LdapSender() {
        setInitialContextFactoryName(INITIAL_CONTEXT_FACTORY);
    }

    @Override // nl.nn.adapterframework.core.ISender
    public void configure() throws ConfigurationException {
        if (this.paramList == null || (this.paramList.findParameter(this.ENTRYNAME) == null && !getOperation().equals(OPERATION_CHALLENGE))) {
            throw new ConfigurationException("[" + getName() + "] Required parameter with the name [entryName] not found!");
        }
        this.paramList.configure();
        if (getOperation() == null || !(getOperation().equals("read") || getOperation().equals(OPERATION_SEARCH) || getOperation().equals(OPERATION_DEEP_SEARCH) || getOperation().equals("create") || getOperation().equals("update") || getOperation().equals("delete") || getOperation().equals(OPERATION_SUB_CONTEXTS) || getOperation().equals(OPERATION_GET_TREE) || getOperation().equals(OPERATION_CHALLENGE) || getOperation().equals(OPERATION_CHANGE_UNICODE_PWD))) {
            throw new ConfigurationException("attribute opereration [" + getOperation() + "] must be one of (read,create,update,delete," + OPERATION_SEARCH + "," + OPERATION_DEEP_SEARCH + "," + OPERATION_SUB_CONTEXTS + "," + OPERATION_GET_TREE + "," + OPERATION_CHALLENGE + "," + OPERATION_CHANGE_UNICODE_PWD + Tokens.T_CLOSEBRACKET);
        }
        if ((getOperation().equals("create") || getOperation().equals("delete")) && !getManipulationSubject().equals("entry") && !getManipulationSubject().equals("attribute")) {
            throw new ConfigurationException("[" + getClass().getName() + "] manipulationSubject invalid (must be one of [attribute, entry])");
        }
        if (getOperation().equals("update") && !getManipulationSubject().equals("attribute")) {
            throw new ConfigurationException("[" + getClass().getName() + "] manipulationSubject invalid for update operation (must be ['attribute'], which is default - remove from <pipe>)");
        }
        if (getOperation().equals(OPERATION_CHALLENGE) && this.paramList.findParameter("principal") == null) {
            throw new ConfigurationException("principal should be specified using a parameter when using operation challenge");
        }
        Parameter findParameter = this.paramList.findParameter("credentials");
        if (findParameter != null && !findParameter.isHidden()) {
            ConfigurationWarnings.getInstance().add(this.log, "It's advised to set attribute hidden to true for parameter credentials.");
        }
        Parameter findParameter2 = this.paramList.findParameter("oldPassword");
        if (findParameter2 != null && !findParameter2.isHidden()) {
            ConfigurationWarnings.getInstance().add(this.log, "It's advised to set attribute hidden to true for parameter oldPassword.");
        }
        Parameter findParameter3 = this.paramList.findParameter("newPassword");
        if (findParameter3 != null && !findParameter3.isHidden()) {
            ConfigurationWarnings.getInstance().add(this.log, "It's advised to set attribute hidden to true for parameter newPassword.");
        }
        if (this.paramList.findParameter("principal") != null) {
            if (this.paramList.findParameter("credentials") == null) {
                throw new ConfigurationException("principal set as parameter, but no credentials parameter found");
            }
            this.principalParameterFound = true;
            setUsePooling(false);
            return;
        }
        DirContext dirContext = null;
        try {
            try {
                dirContext = getDirContext(null);
                closeDirContext(dirContext);
            } catch (Exception e) {
                throw new ConfigurationException("[" + getClass().getName() + "] Context could not be found ", e);
            }
        } catch (Throwable th) {
            closeDirContext(dirContext);
            throw th;
        }
    }

    public void storeLdapException(Throwable th, ParameterResolutionContext parameterResolutionContext) {
        int indexOf;
        IPipeLineSession iPipeLineSession = null;
        if (parameterResolutionContext != null) {
            iPipeLineSession = parameterResolutionContext.getSession();
        }
        if (StringUtils.isNotEmpty(getErrorSessionKey()) && iPipeLineSession != null && th != null) {
            XmlBuilder xmlBuilder = new XmlBuilder("ldapError");
            xmlBuilder.addAttribute("class", ClassUtils.nameOf(th));
            String message = th.getMessage();
            int indexOf2 = message.indexOf(LDAP_ERROR_MAGIC_STRING);
            if (indexOf2 >= 0 && (indexOf = message.indexOf(45, indexOf2)) > indexOf2) {
                xmlBuilder.addAttribute("code", message.substring(indexOf2 + LDAP_ERROR_MAGIC_STRING.length(), indexOf).trim());
                int indexOf3 = message.indexOf(93, indexOf);
                if (indexOf3 > indexOf) {
                    xmlBuilder.addAttribute("description", message.substring(indexOf + 1, indexOf3).trim());
                    String trim = message.substring(0, indexOf2).trim();
                    String trim2 = message.substring(indexOf3 + 1).trim();
                    if (trim.endsWith(":")) {
                        trim = trim.substring(0, trim.length() - 1).trim();
                    }
                    if (trim2.startsWith(";")) {
                        trim2 = trim2.substring(1).trim();
                    }
                    message = (trim + " " + trim2).trim();
                }
            }
            xmlBuilder.setValue(message);
            String xml = xmlBuilder.toXML();
            if (this.log.isDebugEnabled()) {
                this.log.debug("sessionKey [" + getErrorSessionKey() + "] loaded with error message [" + xml + "]");
            }
            iPipeLineSession.put(getErrorSessionKey(), xml);
        }
        this.log.debug("exit storeLdapException");
    }

    private String[] getAttributesReturnedParameter() {
        if (getAttributesToReturn() == null) {
            return null;
        }
        return splitCommaSeparatedString(getAttributesToReturn());
    }

    private String[] splitCommaSeparatedString(String str) {
        if (str == null || str == "") {
            return null;
        }
        ArrayList arrayList = new ArrayList();
        String[] strArr = new String[1];
        StringBuffer stringBuffer = new StringBuffer(str);
        for (int i = 0; i < stringBuffer.length(); i++) {
            if (stringBuffer.charAt(i) == ' ') {
                stringBuffer.deleteCharAt(i);
            }
        }
        int i2 = 0;
        int i3 = 0;
        while (i3 < stringBuffer.length()) {
            if (stringBuffer.charAt(i3) == ',' || i3 == stringBuffer.length() - 1) {
                arrayList.add(stringBuffer.substring(i2, i3 == stringBuffer.length() - 1 ? i3 + 1 : i3));
                i2 = i3 + 1;
            }
            i3++;
        }
        return (String[]) arrayList.toArray(strArr);
    }

    @Override // nl.nn.adapterframework.core.ISender
    public void open() throws SenderException {
    }

    @Override // nl.nn.adapterframework.core.ISender
    public boolean isSynchronous() {
        return true;
    }

    private String performOperationRead(String str, ParameterResolutionContext parameterResolutionContext, Map map) throws SenderException, ParameterException {
        DirContext dirContext = null;
        try {
            try {
                dirContext = getDirContext(map);
                String xml = attributesToXml(dirContext.getAttributes(str, getAttributesReturnedParameter())).toXML();
                closeDirContext(dirContext);
                return xml;
            } catch (NamingException e) {
                if (!e.getMessage().startsWith("[LDAP: error code 32 - ")) {
                    storeLdapException(e, parameterResolutionContext);
                    throw new SenderException("Exception in operation [" + getOperation() + "] entryName=[" + str + "]", e);
                }
                if (this.log.isDebugEnabled()) {
                    this.log.debug("Operation [" + getOperation() + "] found nothing - no such entryName: " + str);
                }
                closeDirContext(dirContext);
                return DEFAULT_RESULT_READ;
            }
        } catch (Throwable th) {
            closeDirContext(dirContext);
            throw th;
        }
    }

    private String performOperationUpdate(String str, ParameterResolutionContext parameterResolutionContext, Map map, Attributes attributes) throws SenderException, ParameterException {
        String str2;
        String str3 = str;
        if (map != null && (str2 = (String) map.get("newEntryName")) != null && StringUtils.isNotEmpty(str2)) {
            if (this.log.isDebugEnabled()) {
                this.log.debug("newEntryName=[" + str2 + "]");
            }
            DirContext dirContext = null;
            try {
                try {
                    dirContext = getDirContext(map);
                    dirContext.rename(str, str2);
                    str3 = str2;
                    closeDirContext(dirContext);
                } finally {
                    closeDirContext(dirContext);
                }
            } catch (NamingException e) {
                String str4 = e.getMessage().startsWith("[LDAP: error code 32 - ") ? "Operation [" + getOperation() + "] failed - wrong entryName [" + str + "]" : "Exception in operation [" + getOperation() + "] entryName [" + str + "]";
                storeLdapException(e, parameterResolutionContext);
                throw new SenderException(str4, e);
            }
        }
        if (!this.manipulationSubject.equals("attribute")) {
            DirContext dirContext2 = null;
            try {
                try {
                    dirContext2 = getDirContext(map);
                    dirContext2.rename(str, str);
                    closeDirContext(dirContext2);
                    return "<LdapResult>Deze functionaliteit is nog niet beschikbaar - naam niet veranderd.</LdapResult>";
                } catch (Throwable th) {
                    closeDirContext(dirContext2);
                    throw th;
                }
            } catch (NamingException e2) {
                if (e2.getMessage().startsWith("[LDAP: error code 68 - ")) {
                    return DEFAULT_RESULT_CREATE_NOK;
                }
                storeLdapException(e2, parameterResolutionContext);
                throw new SenderException((Throwable) e2);
            }
        }
        if (attributes == null && !str3.equals(str)) {
            return "<LdapResult>Success</LdapResult>";
        }
        NamingEnumeration all = attributes.getAll();
        while (all.hasMoreElements()) {
            Attribute attribute = (Attribute) all.nextElement();
            this.log.debug("Update attribute: " + attribute.getID());
            try {
                NamingEnumeration all2 = attribute.getAll();
                while (all2.hasMoreElements()) {
                    BasicAttributes basicAttributes = new BasicAttributes();
                    String id = attribute.getID();
                    Object nextElement = all2.nextElement();
                    if (this.log.isDebugEnabled()) {
                        if (id.toLowerCase().contains("password") || id.toLowerCase().contains("pwd")) {
                            this.log.debug("Update value: ***");
                        } else {
                            this.log.debug("Update value: " + nextElement);
                        }
                    }
                    basicAttributes.put((this.unicodePwd && "unicodePwd".equalsIgnoreCase(id)) ? new BasicAttribute(id, encodeUnicodePwd(nextElement)) : new BasicAttribute(id, nextElement));
                    DirContext dirContext3 = null;
                    try {
                        try {
                            dirContext3 = getDirContext(map);
                            dirContext3.modifyAttributes(str3, 2, basicAttributes);
                            closeDirContext(dirContext3);
                        } catch (NamingException e3) {
                            String str5 = e3.getMessage().startsWith("[LDAP: error code 32 - ") ? "Operation [" + getOperation() + "] failed - wrong entryName [" + str3 + "]" : "Exception in operation [" + getOperation() + "] entryName [" + str3 + "]";
                            storeLdapException(e3, parameterResolutionContext);
                            throw new SenderException(str5, e3);
                        }
                    } catch (Throwable th2) {
                        closeDirContext(dirContext3);
                        throw th2;
                    }
                }
            } catch (NamingException e4) {
                storeLdapException(e4, parameterResolutionContext);
                throw new SenderException("cannot obtain values of Attribute [" + attribute.getID() + "]", e4);
            }
        }
        return "<LdapResult>Success</LdapResult>";
    }

    private String performOperationCreate(String str, ParameterResolutionContext parameterResolutionContext, Map map, Attributes attributes) throws SenderException, ParameterException {
        if (!this.manipulationSubject.equals("attribute")) {
            DirContext dirContext = null;
            try {
                try {
                    if (this.unicodePwd) {
                        NamingEnumeration iDs = attributes.getIDs();
                        while (iDs.hasMoreElements()) {
                            String str2 = (String) iDs.nextElement();
                            if ("unicodePwd".equalsIgnoreCase(str2)) {
                                Attribute attribute = attributes.get(str2);
                                for (int i = 0; i < attribute.size(); i++) {
                                    attribute.set(i, encodeUnicodePwd(attribute.get(i)));
                                }
                            }
                        }
                    }
                    dirContext = getDirContext(map);
                    dirContext.bind(str, (Object) null, attributes);
                    closeDirContext(dirContext);
                    return "<LdapResult>Success</LdapResult>";
                } catch (NamingException e) {
                    if (this.log.isDebugEnabled()) {
                        this.log.debug("Exception in operation [" + getOperation() + "] entryName [" + str + "]: " + e.getMessage());
                    }
                    if (e.getMessage().startsWith("[LDAP: error code 68 - ")) {
                        closeDirContext(dirContext);
                        return DEFAULT_RESULT_CREATE_OK;
                    }
                    storeLdapException(e, parameterResolutionContext);
                    throw new SenderException((Throwable) e);
                }
            } catch (Throwable th) {
                closeDirContext(dirContext);
                throw th;
            }
        }
        String str3 = null;
        NamingEnumeration all = attributes.getAll();
        while (all.hasMoreElements()) {
            Attribute attribute2 = (Attribute) all.nextElement();
            this.log.debug("Create attribute: " + attribute2.getID());
            try {
                NamingEnumeration all2 = attribute2.getAll();
                while (all2.hasMoreElements()) {
                    BasicAttributes basicAttributes = new BasicAttributes();
                    String id = attribute2.getID();
                    Object nextElement = all2.nextElement();
                    if (this.log.isDebugEnabled()) {
                        if (id.toLowerCase().contains("password") || id.toLowerCase().contains("pwd")) {
                            this.log.debug("Create value: ***");
                        } else {
                            this.log.debug("Create value: " + nextElement);
                        }
                    }
                    basicAttributes.put((this.unicodePwd && "unicodePwd".equalsIgnoreCase(id)) ? new BasicAttribute(id, encodeUnicodePwd(nextElement)) : new BasicAttribute(id, nextElement));
                    DirContext dirContext2 = null;
                    try {
                        try {
                            dirContext2 = getDirContext(map);
                            dirContext2.modifyAttributes(str, 1, basicAttributes);
                            closeDirContext(dirContext2);
                        } catch (NamingException e2) {
                            if (!e2.getMessage().startsWith("[LDAP: error code 20 - ")) {
                                storeLdapException(e2, parameterResolutionContext);
                                throw new SenderException("Exception in operation [" + getOperation() + "] entryName [" + str + "]", e2);
                            }
                            if (this.log.isDebugEnabled()) {
                                this.log.debug("Operation [" + getOperation() + "] successful: " + e2.getMessage());
                            }
                            str3 = DEFAULT_RESULT_CREATE_OK;
                            closeDirContext(dirContext2);
                        }
                    } catch (Throwable th2) {
                        closeDirContext(dirContext2);
                        throw th2;
                    }
                }
            } catch (NamingException e3) {
                storeLdapException(e3, parameterResolutionContext);
                throw new SenderException("cannot obtain values of Attribute [" + attribute2.getID() + "]", e3);
            }
        }
        return str3 != null ? str3 : "<LdapResult>Success</LdapResult>";
    }

    private String performOperationDelete(String str, ParameterResolutionContext parameterResolutionContext, Map map, Attributes attributes) throws SenderException, ParameterException {
        if (!this.manipulationSubject.equals("attribute")) {
            DirContext dirContext = null;
            try {
                try {
                    dirContext = getDirContext(map);
                    dirContext.unbind(str);
                    closeDirContext(dirContext);
                    return "<LdapResult>Success</LdapResult>";
                } catch (NamingException e) {
                    if (!e.getMessage().startsWith("[LDAP: error code 32 - ")) {
                        storeLdapException(e, parameterResolutionContext);
                        throw new SenderException("Exception in operation [" + getOperation() + "] entryName [" + str + "]", e);
                    }
                    if (this.log.isDebugEnabled()) {
                        this.log.debug("Operation [" + getOperation() + "] successful: " + e.getMessage());
                    }
                    closeDirContext(dirContext);
                    return DEFAULT_RESULT_DELETE;
                }
            } catch (Throwable th) {
                closeDirContext(dirContext);
                throw th;
            }
        }
        String str2 = null;
        NamingEnumeration all = attributes.getAll();
        while (all.hasMoreElements()) {
            Attribute attribute = (Attribute) all.nextElement();
            this.log.debug("Delete attribute: " + attribute.getID());
            try {
                NamingEnumeration all2 = attribute.getAll();
                while (all2.hasMoreElements()) {
                    BasicAttributes basicAttributes = new BasicAttributes();
                    String id = attribute.getID();
                    Object nextElement = all2.nextElement();
                    if (this.log.isDebugEnabled()) {
                        if (id.toLowerCase().contains("password") || id.toLowerCase().contains("pwd")) {
                            this.log.debug("Delete value: ***");
                        } else {
                            this.log.debug("Delete value: " + nextElement);
                        }
                    }
                    basicAttributes.put((this.unicodePwd && "unicodePwd".equalsIgnoreCase(id)) ? new BasicAttribute(id, encodeUnicodePwd(nextElement)) : new BasicAttribute(id, nextElement));
                    DirContext dirContext2 = null;
                    try {
                        try {
                            dirContext2 = getDirContext(map);
                            dirContext2.modifyAttributes(str, 3, basicAttributes);
                            closeDirContext(dirContext2);
                        } catch (NamingException e2) {
                            if (!e2.getMessage().startsWith("[LDAP: error code 16 - ") && !e2.getMessage().startsWith("[LDAP: error code 32 - ")) {
                                storeLdapException(e2, parameterResolutionContext);
                                throw new SenderException("Exception in operation [" + getOperation() + "] entryName [" + str + "]", e2);
                            }
                            if (this.log.isDebugEnabled()) {
                                this.log.debug("Operation [" + getOperation() + "] successful: " + e2.getMessage());
                            }
                            str2 = DEFAULT_RESULT_DELETE;
                            closeDirContext(dirContext2);
                        }
                    } catch (Throwable th2) {
                        closeDirContext(dirContext2);
                        throw th2;
                    }
                }
            } catch (NamingException e3) {
                storeLdapException(e3, parameterResolutionContext);
                throw new SenderException("cannot obtain values of Attribute [" + attribute.getID() + "]", e3);
            }
        }
        return str2 != null ? str2 : "<LdapResult>Success</LdapResult>";
    }

    private String performOperationSearch(String str, ParameterResolutionContext parameterResolutionContext, Map map, String str2, int i) throws SenderException, ParameterException {
        SearchControls searchControls = new SearchControls(i, getMaxEntriesReturned(), getSearchTimeout(), getAttributesReturnedParameter(), false, false);
        DirContext dirContext = null;
        try {
            try {
                dirContext = getDirContext(map);
                String xml = searchResultsToXml(dirContext.search(str, str2, searchControls)).toXML();
                closeDirContext(dirContext);
                return xml;
            } catch (NamingException e) {
                if (!isReplyNotFound() || !e.getMessage().equals("Unprocessed Continuation Reference(s)")) {
                    storeLdapException(e, parameterResolutionContext);
                    throw new SenderException("Exception searching using filter [" + str2 + "]", e);
                }
                if (this.log.isDebugEnabled()) {
                    this.log.debug("Searching object not found using filter[" + str2 + "]");
                }
                closeDirContext(dirContext);
                return DEFAULT_RESULT_SEARCH;
            }
        } catch (Throwable th) {
            closeDirContext(dirContext);
            throw th;
        }
    }

    private String performOperationGetSubContexts(String str, ParameterResolutionContext parameterResolutionContext, Map map) throws SenderException, ParameterException {
        DirContext dirContext = null;
        try {
            try {
                dirContext = getDirContext(map);
                String xml = subContextsToXml(str, getSubContextList(dirContext, str, parameterResolutionContext), dirContext).toXML();
                closeDirContext(dirContext);
                return xml;
            } catch (NamingException e) {
                storeLdapException(e, parameterResolutionContext);
                throw new SenderException((Throwable) e);
            }
        } catch (Throwable th) {
            closeDirContext(dirContext);
            throw th;
        }
    }

    private String performOperationGetTree(String str, ParameterResolutionContext parameterResolutionContext, Map map) throws SenderException, ParameterException {
        DirContext dirContext = null;
        try {
            dirContext = getDirContext(map);
            String xml = getTree(dirContext, str, parameterResolutionContext, map).toXML();
            closeDirContext(dirContext);
            return xml;
        } catch (Throwable th) {
            closeDirContext(dirContext);
            throw th;
        }
    }

    private String performOperationChallenge(String str, ParameterResolutionContext parameterResolutionContext, Map map) throws SenderException, ParameterException {
        DirContext dirContext = null;
        try {
            try {
                dirContext = loopkupDirContext(map);
                attributesToXml(dirContext.getAttributes(str, getAttributesReturnedParameter())).toXML();
                closeDirContext(dirContext);
                return "<LdapResult>Success</LdapResult>";
            } catch (NamingException e) {
                if (!e.getMessage().startsWith("[LDAP: error code 49 - ")) {
                    storeLdapException(e, parameterResolutionContext);
                    throw new SenderException("Exception in operation [" + getOperation() + "] principal=[" + str + "]", e);
                }
                if (this.log.isDebugEnabled()) {
                    this.log.debug("Operation [" + getOperation() + "] invalid credentials for: " + str);
                }
                closeDirContext(dirContext);
                return DEFAULT_RESULT_CHALLENGE_NOK;
            }
        } catch (Throwable th) {
            closeDirContext(dirContext);
            throw th;
        }
    }

    private String performOperationChangeUnicodePwd(String str, ParameterResolutionContext parameterResolutionContext, Map map) throws SenderException, ParameterException {
        ModificationItem[] modificationItemArr = {new ModificationItem(3, new BasicAttribute("unicodePwd", encodeUnicodePwd(map.get("oldPassword")))), new ModificationItem(1, new BasicAttribute("unicodePwd", encodeUnicodePwd(map.get("newPassword"))))};
        DirContext dirContext = null;
        try {
            try {
                dirContext = getDirContext(map);
                dirContext.modifyAttributes(str, modificationItemArr);
                closeDirContext(dirContext);
                return "<LdapResult>Success</LdapResult>";
            } catch (NamingException e) {
                if (!e.getMessage().startsWith("[LDAP: error code 19 - ")) {
                    storeLdapException(e, parameterResolutionContext);
                    throw new SenderException("Exception in operation [" + getOperation() + "] entryName [" + str + "]", e);
                }
                if (this.log.isDebugEnabled()) {
                    this.log.debug("Operation [" + getOperation() + "] old password doesn't match or new password doesn't comply with policy for: " + str);
                }
                closeDirContext(dirContext);
                return DEFAULT_RESULT_CHANGE_UNICODE_PWD_NOK;
            }
        } catch (Throwable th) {
            closeDirContext(dirContext);
            throw th;
        }
    }

    public String performOperation(String str, ParameterResolutionContext parameterResolutionContext) throws SenderException, ParameterException {
        Map<String, Object> map = null;
        String str2 = null;
        if (this.paramList != null && parameterResolutionContext != null) {
            map = parameterResolutionContext.getValueMap(this.paramList);
            str2 = (String) map.get("entryName");
            if (this.log.isDebugEnabled()) {
                this.log.debug("entryName=[" + str2 + "]");
            }
        }
        if ((str2 == null || StringUtils.isEmpty(str2)) && !getOperation().equals(OPERATION_CHALLENGE)) {
            throw new SenderException("entryName must be defined through params, operation [" + getOperation() + "]");
        }
        if (getOperation().equals("read")) {
            return performOperationRead(str2, parameterResolutionContext, map);
        }
        if (getOperation().equals("update")) {
            return performOperationUpdate(str2, parameterResolutionContext, map, parseAttributesFromMessage(str));
        }
        if (getOperation().equals("create")) {
            return performOperationCreate(str2, parameterResolutionContext, map, parseAttributesFromMessage(str));
        }
        if (getOperation().equals("delete")) {
            return performOperationDelete(str2, parameterResolutionContext, map, parseAttributesFromMessage(str));
        }
        if (getOperation().equals(OPERATION_SEARCH)) {
            return performOperationSearch(str2, parameterResolutionContext, map, (String) map.get(this.FILTER), 1);
        }
        if (getOperation().equals(OPERATION_DEEP_SEARCH)) {
            return performOperationSearch(str2, parameterResolutionContext, map, (String) map.get(this.FILTER), 2);
        }
        if (getOperation().equals(OPERATION_SUB_CONTEXTS)) {
            return performOperationGetSubContexts(str2, parameterResolutionContext, map);
        }
        if (getOperation().equals(OPERATION_GET_TREE)) {
            return performOperationGetTree(str2, parameterResolutionContext, map);
        }
        if (getOperation().equals(OPERATION_CHALLENGE)) {
            return performOperationChallenge((String) map.get("principal"), parameterResolutionContext, map);
        }
        if (getOperation().equals(OPERATION_CHANGE_UNICODE_PWD)) {
            return performOperationChangeUnicodePwd(str2, parameterResolutionContext, map);
        }
        throw new SenderException("unknown operation [" + getOperation() + "]");
    }

    private XmlBuilder getTree(DirContext dirContext, String str, ParameterResolutionContext parameterResolutionContext, Map map) {
        XmlBuilder xmlBuilder = new XmlBuilder("context");
        xmlBuilder.addAttribute("name", str);
        String[] subContextList = getSubContextList(dirContext, str, parameterResolutionContext);
        try {
            if (subContextList.length == 0) {
                xmlBuilder.addSubElement(attributesToXml(dirContext.getAttributes(str, getAttributesReturnedParameter())));
            } else {
                for (String str2 : subContextList) {
                    xmlBuilder.addSubElement(getTree((DirContext) dirContext.lookup(str), str2, parameterResolutionContext, map));
                }
                xmlBuilder.addSubElement(attributesToXml(dirContext.getAttributes(str, getAttributesReturnedParameter())));
            }
        } catch (NamingException e) {
            storeLdapException(e, parameterResolutionContext);
            this.log.error("Exception in operation [" + getOperation() + "]: ", e);
        }
        return xmlBuilder;
    }

    private XmlBuilder subContextsToXml(String str, String[] strArr, DirContext dirContext) throws NamingException {
        XmlBuilder xmlBuilder = new XmlBuilder("Context");
        XmlBuilder xmlBuilder2 = new XmlBuilder("CurrentContext");
        xmlBuilder2.setValue(str + "," + dirContext.getNameInNamespace());
        xmlBuilder.addSubElement(xmlBuilder2);
        if (strArr != null) {
            this.log.error("Subs.length = " + strArr.length);
            for (String str2 : strArr) {
                XmlBuilder xmlBuilder3 = new XmlBuilder("SubContext");
                xmlBuilder3.setValue(str2);
                xmlBuilder.addSubElement(xmlBuilder3);
            }
        }
        return xmlBuilder;
    }

    public String[] getSubContextList(DirContext dirContext, String str, ParameterResolutionContext parameterResolutionContext) {
        String[] strArr = null;
        try {
            Vector vector = new Vector();
            NamingEnumeration list = dirContext.list(str);
            if (this.log.isDebugEnabled()) {
                this.log.debug("getSubCOntextList(context) : context = " + str);
            }
            int i = 0;
            while (list.hasMore()) {
                vector.addElement((NameClassPair) list.next());
                i++;
            }
            String[] strArr2 = new String[vector.size()];
            for (int i2 = 0; i2 < vector.size(); i2++) {
                strArr2[i2] = ((NameClassPair) vector.elementAt(i2)).getName();
            }
            strArr = strArr2;
        } catch (NamingException e) {
            storeLdapException(e, parameterResolutionContext);
            this.log.error("Exception in operation [" + getOperation() + "] ", e);
        }
        return strArr;
    }

    private Attributes parseAttributesFromMessage(String str) throws SenderException {
        Digester digester = new Digester();
        digester.addObjectCreate("*/attributes", BasicAttributes.class);
        digester.addFactoryCreate("*/attributes/attribute", BasicAttributeFactory.class);
        digester.addSetNext("*/attributes/attribute", "put");
        digester.addCallMethod("*/attributes/attribute/value", "add", 0);
        try {
            return (Attributes) digester.parse(new StringReader(str));
        } catch (Exception e) {
            throw new SenderException("[" + getClass().getName() + "] exception in digesting", e);
        }
    }

    @Override // nl.nn.adapterframework.core.ISender
    public String sendMessage(String str, String str2) throws SenderException {
        return sendMessage(str, str2, new ParameterResolutionContext(str2, null));
    }

    @Override // nl.nn.adapterframework.core.ISenderWithParameters
    public String sendMessage(String str, String str2, ParameterResolutionContext parameterResolutionContext) throws SenderException {
        try {
            return performOperation(str2, parameterResolutionContext);
        } catch (Exception e) {
            throw new SenderException("cannot obtain resultset for [" + str2 + "]", e);
        }
    }

    protected Attributes removeValuesFromAttributes(Attributes attributes) {
        BasicAttributes basicAttributes = new BasicAttributes(true);
        NamingEnumeration iDs = attributes.getIDs();
        while (iDs.hasMoreElements()) {
            basicAttributes.put(new BasicAttribute((String) iDs.nextElement()));
        }
        return basicAttributes;
    }

    protected synchronized DirContext loopkupDirContext(Map map) throws NamingException, ParameterException {
        InitialDirContext initialDirContext;
        if (this.jndiEnv == null) {
            Hashtable jndiEnv = getJndiEnv();
            if (getLdapProviderURL() != null) {
                jndiEnv.put("java.naming.provider.url", getLdapProviderURL());
            }
            if (this.principalParameterFound) {
                jndiEnv.put("java.naming.security.principal", map.get("principal"));
                jndiEnv.put("java.naming.security.credentials", map.get("credentials"));
            }
            if (isUsePooling()) {
                jndiEnv.put("com.sun.jndi.ldap.connect.pool", "true");
            } else {
                jndiEnv.put("com.sun.jndi.ldap.connect.pool", "false");
            }
            if (this.log.isDebugEnabled()) {
                this.log.debug("created environment for LDAP provider URL [" + jndiEnv.get("java.naming.provider.url") + "]");
            }
            initialDirContext = new InitialDirContext(jndiEnv);
            if (!this.principalParameterFound) {
                this.jndiEnv = jndiEnv;
            }
        } else {
            initialDirContext = new InitialDirContext(this.jndiEnv);
        }
        return initialDirContext;
    }

    protected DirContext getDirContext(Map map) throws SenderException, ParameterException {
        try {
            return loopkupDirContext(map);
        } catch (NamingException e) {
            throw new SenderException("cannot create InitialDirContext for ldapProviderURL [" + getLdapProviderURL() + "]", e);
        }
    }

    protected void closeDirContext(DirContext dirContext) {
        if (dirContext != null) {
            try {
                dirContext.close();
            } catch (NamingException e) {
                this.log.warn("Exception closing DirContext", e);
            }
        }
    }

    protected XmlBuilder attributesToXml(Attributes attributes) throws NamingException {
        XmlBuilder xmlBuilder = new XmlBuilder("attributes");
        NamingEnumeration all = attributes.getAll();
        while (all.hasMore()) {
            Attribute attribute = (Attribute) all.next();
            XmlBuilder xmlBuilder2 = new XmlBuilder("attribute");
            xmlBuilder2.addAttribute("name", attribute.getID());
            if (attribute.size() != 1 || attribute.get() == null) {
                NamingEnumeration all2 = attribute.getAll();
                while (all2.hasMore()) {
                    Object next = all2.next();
                    XmlBuilder xmlBuilder3 = new XmlBuilder("item");
                    xmlBuilder3.addAttribute("value", next.toString());
                    xmlBuilder2.addSubElement(xmlBuilder3);
                }
            } else {
                xmlBuilder2.addAttribute("value", attribute.get().toString());
            }
            xmlBuilder.addSubElement(xmlBuilder2);
        }
        return xmlBuilder;
    }

    private XmlBuilder searchResultsToXml(NamingEnumeration namingEnumeration) throws NamingException {
        XmlBuilder xmlBuilder = new XmlBuilder("entries");
        int i = 0;
        while (true) {
            if ((getMaxEntriesReturned() == 0 || i < getMaxEntriesReturned()) && namingEnumeration.hasMore()) {
                SearchResult searchResult = (SearchResult) namingEnumeration.next();
                XmlBuilder xmlBuilder2 = new XmlBuilder("entry");
                xmlBuilder2.addAttribute("name", searchResult.getName());
                xmlBuilder2.addSubElement(attributesToXml(searchResult.getAttributes()));
                xmlBuilder.addSubElement(xmlBuilder2);
                i++;
            }
        }
        return xmlBuilder;
    }

    private byte[] encodeUnicodePwd(Object obj) throws SenderException {
        this.log.debug("Encode unicodePwd value");
        try {
            return ("\"" + obj + "\"").getBytes("UTF-16LE");
        } catch (UnsupportedEncodingException e) {
            throw new SenderException(e);
        }
    }

    @Override // nl.nn.adapterframework.core.IWithParameters
    public void addParameter(Parameter parameter) {
        if (this.paramList == null) {
            this.paramList = new ParameterList();
        }
        this.paramList.add(parameter);
    }

    @Override // nl.nn.adapterframework.core.INamedObject
    public void setName(String str) {
        this.name = str;
    }

    @Override // nl.nn.adapterframework.core.INamedObject
    public String getName() {
        return this.name;
    }

    public void setOperation(String str) {
        this.operation = str;
    }

    public String getOperation() {
        return this.operation;
    }

    public void setLdapProviderURL(String str) {
        this.ldapProviderURL = str;
    }

    public String getLdapProviderURL() {
        return this.ldapProviderURL;
    }

    public void setManipulationSubject(String str) {
        this.manipulationSubject = str;
    }

    public String getManipulationSubject() {
        return this.manipulationSubject;
    }

    public void setAttributesToReturn(String str) {
        this.attributesToReturn = str;
    }

    public String getAttributesToReturn() {
        return this.attributesToReturn;
    }

    public void setUsePooling(boolean z) {
        this.usePooling = z;
    }

    public boolean isUsePooling() {
        return this.usePooling;
    }

    public void setSearchTimeout(int i) {
        this.searchTimeout = i;
    }

    public int getSearchTimeout() {
        return this.searchTimeout;
    }

    public void setErrorSessionKey(String str) {
        this.errorSessionKey = str;
    }

    public String getErrorSessionKey() {
        return this.errorSessionKey;
    }

    public void setMaxEntriesReturned(int i) {
        this.maxEntriesReturned = i;
    }

    public int getMaxEntriesReturned() {
        return this.maxEntriesReturned;
    }

    public void setUnicodePwd(boolean z) {
        this.unicodePwd = z;
    }

    public boolean getUnicodePwd() {
        return this.unicodePwd;
    }

    public void setReplyNotFound(boolean z) {
        this.replyNotFound = z;
    }

    public boolean isReplyNotFound() {
        return this.replyNotFound;
    }
}
