package com.ibm.rpm.authentication;

import com.ibm.rpm.build.TMXConverter;
import com.ibm.rpm.framework.RPMException;
import com.ibm.rpm.framework.RpmOptions;
import java.util.Properties;
import javax.naming.AuthenticationException;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import org.apache.axis.client.async.Status;
import org.apache.axis.components.jms.JNDIVendorAdapter;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: input_file:WEB-INF/lib/rpm-data-7.1.1.2-iFix.jar:com/ibm/rpm/authentication/LdapAuthenticationController.class */
public class LdapAuthenticationController {
    public static final String LDAPSEARCHCONTEXT = "ldapsearchcontext";
    public static final String LDAPUSERIDATTR = "ldapuseridattr";
    private Properties properties = new Properties();
    private RpmOptions currentOptions;
    private static Log logger;
    static Class class$com$ibm$rpm$authentication$LdapAuthenticationController;

    public LdapAuthenticationController(RpmOptions rpmOptions) {
        this.currentOptions = rpmOptions;
        parseSingleStringConfiguration(this.currentOptions.getLdapConfiguration(), this.properties);
    }

    public LdapAuthenticationController(Properties properties) {
        setProperties(properties);
    }

    public static void parseSingleStringConfiguration(String str, Properties properties) {
        int indexOf = str.indexOf(61);
        if (indexOf != -1) {
            String cleanParameterName = cleanParameterName(str.substring(0, indexOf));
            while (indexOf != -1) {
                int indexOf2 = str.indexOf(34, indexOf);
                int indexOf3 = str.indexOf(34, indexOf2 + 1);
                if (indexOf2 == -1) {
                    throw new IllegalArgumentException(new StringBuffer().append("Missing opening quote for argument : ").append(cleanParameterName).toString());
                }
                if (indexOf3 == -1 || indexOf2 == indexOf3) {
                    throw new IllegalArgumentException(new StringBuffer().append("Missing closing quote for argument : ").append(cleanParameterName).toString());
                }
                properties.put(cleanParameterName, str.substring(indexOf2 + 1, indexOf3));
                indexOf = str.indexOf(61, indexOf3);
                if (indexOf != -1) {
                    cleanParameterName = StringUtils.deleteWhitespace(str.substring(indexOf3 + 1, indexOf));
                }
            }
            convertLegacyPropertyName(properties, LDAPSEARCHCONTEXT);
            convertLegacyPropertyName(properties, LDAPUSERIDATTR);
        }
    }

    private static void convertLegacyPropertyName(Properties properties, String str) {
        String stringBuffer = new StringBuffer().append("com.ibm.rpm.auth.jndi.").append(str).toString();
        if (isPropertyValueValid(properties, str) || !isPropertyValueValid(properties, stringBuffer)) {
            return;
        }
        properties.put(str, properties.get(stringBuffer));
    }

    private static String cleanParameterName(String str) {
        return StringUtils.deleteWhitespace(str.replace('\n', ' ').replace('\t', ' ').replace('\r', ' '));
    }

    public String authenticate(String str, String str2) throws RPMException {
        Properties properties = (Properties) this.properties.clone();
        validateAuthenticationProperties(properties);
        DirContext dirContext = null;
        try {
            try {
                dirContext = new InitialDirContext(properties);
                logger.debug(new StringBuffer().append("Trying LDAP lookup using context: ").append(getLdapProperty(LDAPSEARCHCONTEXT)).append(" and ").append(getLdapProperty(LDAPUSERIDATTR)).append(TMXConverter.JAVA_LINE_MIDDLE).append(str).toString());
                NamingEnumeration findLdapSearchContext = findLdapSearchContext(str, dirContext, null);
                if (findLdapSearchContext != null) {
                    try {
                        if (findLdapSearchContext.hasMore()) {
                            String name = ((SearchResult) findLdapSearchContext.next()).getName();
                            String ldapProperty = getLdapProperty(LDAPSEARCHCONTEXT);
                            if (!StringUtils.isEmpty(ldapProperty)) {
                                name = new StringBuffer().append(name).append(",").append(ldapProperty).toString();
                            }
                            logger.info(new StringBuffer().append("Found DN=").append(name).append(" for user ").append(str).toString());
                            properties.setProperty("java.naming.security.principal", name);
                            closeLdapContext(dirContext);
                            if (properties.containsKey("java.naming.security.credentials")) {
                                properties.remove("java.naming.security.credentials");
                            }
                            authenticateUserWithPassword(str, str2, properties);
                            return str;
                        }
                    } catch (NamingException e) {
                        throw new RPMException(100009, new String[0], (Throwable) e);
                    }
                }
                throw new RPMException(100009);
            } catch (NamingException e2) {
                throw new RPMException(400092, new String[]{e2.getMessage()}, (Throwable) e2);
            }
        } catch (Throwable th) {
            closeLdapContext(dirContext);
            throw th;
        }
    }

    private void validateAuthenticationProperties(Properties properties) throws RPMException {
        validateValidPropertyValue(properties, JNDIVendorAdapter.PROVIDER_URL);
        validateValidPropertyValue(properties, LDAPSEARCHCONTEXT);
        validateValidPropertyValue(properties, LDAPUSERIDATTR);
        validateValidPropertyValue(properties, JNDIVendorAdapter.CONTEXT_FACTORY);
    }

    private void validateValidPropertyValue(Properties properties, String str) throws RPMException {
        if (isPropertyValueValid(properties, str)) {
            return;
        }
        failWithMissingProperty(str);
    }

    private static boolean isPropertyValueValid(Properties properties, String str) {
        Object obj = properties.get(str);
        return (obj instanceof String) && ((String) obj).length() != 0;
    }

    private void failWithMissingProperty(String str) throws RPMException {
        throw new RPMException(400092, new String[]{new StringBuffer().append("Missing Property ").append(str).toString()});
    }

    private void closeLdapContext(DirContext dirContext) {
        if (dirContext != null) {
            try {
                dirContext.close();
            } catch (Exception e) {
            }
        }
    }

    public static boolean isSecurityAuthenticationSetToNone(Properties properties) {
        boolean z = false;
        if (isPropertyValueValid(properties, "java.naming.security.authentication")) {
            z = ((String) properties.get("java.naming.security.authentication")).trim().toLowerCase().indexOf(Status.NONE_STR) > -1;
        }
        return z;
    }

    private void authenticateUserWithPassword(String str, String str2, Properties properties) throws RPMException {
        DirContext dirContext = null;
        try {
            if (!isSecurityAuthenticationSetToNone(properties) && StringUtils.isBlank(str2)) {
                throw new RPMException(100009);
            }
            if (!StringUtils.isBlank(str2)) {
                properties.setProperty("java.naming.security.credentials", str2);
            }
            try {
                dirContext = new InitialDirContext(properties);
                logger.debug(new StringBuffer().append("Trying LDAP lookup using context: ").append(properties.getProperty(LDAPSEARCHCONTEXT)).append(" and ").append(properties.getProperty(LDAPUSERIDATTR)).append(TMXConverter.JAVA_LINE_MIDDLE).append(str).toString());
                try {
                    if (callLdapWithUserNameAndPassword(str, dirContext) == null) {
                        throw new RPMException(100009);
                    }
                    closeLdapContext(dirContext);
                } catch (NamingException e) {
                    throw new RPMException(100009, new String[0], (Throwable) e);
                }
            } catch (NamingException e2) {
                if (!(e2 instanceof AuthenticationException)) {
                    throw new RPMException(400092, new String[]{e2.getMessage()}, (Throwable) e2);
                }
                throw new RPMException(100009, new String[0], (Throwable) e2);
            }
        } catch (Throwable th) {
            closeLdapContext(dirContext);
            throw th;
        }
    }

    private NamingEnumeration callLdapWithUserNameAndPassword(String str, DirContext dirContext) throws NamingException {
        SearchControls searchControls = new SearchControls();
        searchControls.setSearchScope(2);
        searchControls.setCountLimit(0L);
        searchControls.setTimeLimit(0);
        searchControls.setReturningAttributes(new String[]{getLdapProperty(LDAPUSERIDATTR)});
        return dirContext.search(getLdapProperty(LDAPSEARCHCONTEXT), new StringBuffer().append(getLdapProperty(LDAPUSERIDATTR)).append(TMXConverter.JAVA_LINE_MIDDLE).append(str).toString(), searchControls);
    }

    private NamingEnumeration findLdapSearchContext(String str, DirContext dirContext, NamingEnumeration namingEnumeration) throws RPMException {
        SearchControls searchControls = new SearchControls();
        searchControls.setSearchScope(2);
        searchControls.setCountLimit(0L);
        searchControls.setTimeLimit(0);
        searchControls.setReturningAttributes(new String[]{getLdapProperty(LDAPUSERIDATTR)});
        try {
            return dirContext.search(getLdapProperty(LDAPSEARCHCONTEXT), new StringBuffer().append(getLdapProperty(LDAPUSERIDATTR)).append(TMXConverter.JAVA_LINE_MIDDLE).append(str).toString(), searchControls);
        } catch (NamingException e) {
            throw new RPMException(100009);
        } catch (Throwable th) {
            throw new RPMException(400092, new String[]{th.getMessage()}, th);
        }
    }

    /*  JADX ERROR: JadxRuntimeException in pass: BlockProcessor
        jadx.core.utils.exceptions.JadxRuntimeException: Unreachable block: B:38:0x01ae
        	at jadx.core.dex.visitors.blocks.BlockProcessor.checkForUnreachableBlocks(BlockProcessor.java:88)
        	at jadx.core.dex.visitors.blocks.BlockProcessor.processBlocksTree(BlockProcessor.java:52)
        	at jadx.core.dex.visitors.blocks.BlockProcessor.visit(BlockProcessor.java:44)
        */
    public boolean lookup(java.lang.String r9) throws com.ibm.rpm.framework.RPMException {
        /*
            Method dump skipped, instructions count: 450
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.ibm.rpm.authentication.LdapAuthenticationController.lookup(java.lang.String):boolean");
    }

    private String getLdapProperty(String str) {
        return this.properties.getProperty(str);
    }

    public void setProperties(Properties properties) {
        this.properties = (Properties) properties.clone();
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        if (class$com$ibm$rpm$authentication$LdapAuthenticationController == null) {
            cls = class$("com.ibm.rpm.authentication.LdapAuthenticationController");
            class$com$ibm$rpm$authentication$LdapAuthenticationController = cls;
        } else {
            cls = class$com$ibm$rpm$authentication$LdapAuthenticationController;
        }
        logger = LogFactory.getLog(cls);
    }
}
