package us.jts.fortress.ldap.openldap;

import com.unboundid.ldap.sdk.migrate.ldapjdk.LDAPConnection;
import com.unboundid.ldap.sdk.migrate.ldapjdk.LDAPControl;
import java.util.Arrays;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import us.jts.fortress.GlobalIds;
import us.jts.fortress.rbac.GlobalPwMsgIds;
import us.jts.fortress.rbac.PwMessage;
import us.jts.fortress.rbac.PwPolicyControl;

/* loaded from: input_file:us/jts/fortress/ldap/openldap/OLPWControlImpl.class */
public class OLPWControlImpl implements PwPolicyControl {
    private static final String CLS_NM = OLPWControlImpl.class.getName();
    private static final Logger LOG = LoggerFactory.getLogger(CLS_NM);

    @Override // us.jts.fortress.rbac.PwPolicyControl
    public void checkPasswordPolicy(LDAPConnection lDAPConnection, boolean z, PwMessage pwMessage) {
        pwMessage.setErrorId(0);
        pwMessage.setWarningId(0);
        pwMessage.setAuthenticated(z);
        LDAPControl[] responseControls = lDAPConnection.getResponseControls();
        if (responseControls == null) {
            pwMessage.setWarningId(10);
            LOG.debug("checkPasswordPolicy controls is null");
            return;
        }
        if (responseControls.length >= 1) {
            for (int i = 0; i < responseControls.length; i++) {
                if (LOG.isDebugEnabled()) {
                    LOG.debug("checkPasswordPolicy controls[" + i + "]=" + responseControls[i]);
                }
                LDAPControl lDAPControl = responseControls[i];
                if (lDAPControl.getID().compareTo(GlobalIds.OPENLDAP_PW_RESPONSE_CONTROL) == 0) {
                    byte[] value = lDAPControl.getValue();
                    if (LOG.isDebugEnabled()) {
                        LOG.debug("checkPasswordPolicy control value length=" + value.length);
                        String str = "";
                        for (byte b : value) {
                            str = str + printRawData(b);
                        }
                        LOG.debug("checkPasswordPolicy printRawData:");
                        LOG.debug(str);
                    }
                    if (value == null || value[1] == 0) {
                        LOG.debug("checkPasswordPolicy no password control found");
                        pwMessage.setWarningId(10);
                    }
                    if (LOG.isDebugEnabled()) {
                        LOG.debug("checkPasswordPolicy byte[]=" + Arrays.toString(value));
                        LOG.debug("control.toString()=" + lDAPControl.toString());
                    }
                    int i2 = 0 + 1;
                    int i3 = getInt(value[0]);
                    if (LOG.isDebugEnabled()) {
                        LOG.debug("checkPasswordPolicy BER encoded object type=" + i3);
                    }
                    int i4 = i2 + 1;
                    int i5 = getInt(value[i2]);
                    while (i4 < i5) {
                        int i6 = i4;
                        i4++;
                        switch (value[i6]) {
                            case -127:
                            case -95:
                                int i7 = i4 + 1;
                                getInt(value[i4]);
                                i4 = i7 + 1;
                                int i8 = getInt(value[i7]);
                                if (LOG.isDebugEnabled()) {
                                    LOG.debug("checkPasswordPolicy UserId:" + pwMessage.getUserId() + " PPOLICY_ERROR=" + i8);
                                }
                                switch (i8) {
                                    case 0:
                                        pwMessage.setErrorId(100);
                                        break;
                                    case 1:
                                        pwMessage.setErrorId(101);
                                        break;
                                    case 2:
                                        pwMessage.setErrorId(GlobalPwMsgIds.CHANGE_AFTER_RESET);
                                        break;
                                    case 3:
                                        pwMessage.setErrorId(103);
                                        break;
                                    case 4:
                                        pwMessage.setErrorId(104);
                                        break;
                                    case 5:
                                        pwMessage.setErrorId(105);
                                        break;
                                    case 6:
                                        pwMessage.setErrorId(106);
                                        break;
                                    case 7:
                                        pwMessage.setErrorId(107);
                                        break;
                                    case 8:
                                        pwMessage.setErrorId(108);
                                        break;
                                    case 65535:
                                        pwMessage.setErrorId(0);
                                        break;
                                    default:
                                        pwMessage.setErrorId(-10);
                                        break;
                                }
                            case -96:
                                int i9 = i4 + 1;
                                getInt(value[i4]);
                                i4 = i9 + 1;
                                switch (value[i9]) {
                                    case Byte.MIN_VALUE:
                                    case -96:
                                        pwMessage.setWarningId(11);
                                        int i10 = i4 + 1;
                                        int i11 = getInt(value[i4]);
                                        i4 = i10 + 1;
                                        int i12 = getInt(value[i10]);
                                        for (int i13 = 1; i13 < i11; i13++) {
                                            int i14 = i4;
                                            i4++;
                                            i12 = (i12 << 8) | getInt(value[i14]);
                                        }
                                        pwMessage.setExpirationSeconds(i12);
                                        if (LOG.isDebugEnabled()) {
                                            LOG.debug("checkPasswordPolicy User:" + pwMessage.getUserId() + " password expires in " + i12 + " seconds.");
                                            break;
                                        } else {
                                            break;
                                        }
                                    case -127:
                                    case -95:
                                        pwMessage.setWarningId(12);
                                        int i15 = i4 + 1;
                                        int i16 = getInt(value[i4]);
                                        i4 = i15 + 1;
                                        int i17 = getInt(value[i15]);
                                        for (int i18 = 1; i18 < i16; i18++) {
                                            int i19 = i4;
                                            i4++;
                                            i17 = (i17 << 8) | getInt(value[i19]);
                                        }
                                        pwMessage.setGraceLogins(i17);
                                        if (LOG.isDebugEnabled()) {
                                            LOG.debug("checkPasswordPolicy UserId:" + pwMessage.getUserId() + " # logins left=" + i17);
                                            break;
                                        } else {
                                            break;
                                        }
                                    default:
                                        pwMessage.setWarningId(-10);
                                        if (LOG.isDebugEnabled()) {
                                            LOG.debug("checkPasswordPolicy UserId:" + pwMessage.getUserId() + " Invalid PPOlicy Type");
                                            break;
                                        } else {
                                            break;
                                        }
                                }
                            default:
                                pwMessage.setWarningId(-10);
                                if (LOG.isDebugEnabled()) {
                                    LOG.debug("checkPasswordPolicy userId: " + pwMessage.getUserId() + " Invalid PPOlicy Message Type");
                                    break;
                                } else {
                                    break;
                                }
                        }
                    }
                } else {
                    pwMessage.setWarningId(-10);
                    if (LOG.isDebugEnabled()) {
                        LOG.debug("checkPasswordPolicy UserId: " + pwMessage.getUserId() + " Can't process LDAP control...");
                    }
                }
            }
        }
    }

    private static int getInt(byte b) {
        return b & 255;
    }

    private static String printRawData(byte b) {
        String str = (b & 128) != 0 ? "1" : "0";
        String str2 = (b & 64) != 0 ? str + "1" : str + "0";
        String str3 = (b & 32) != 0 ? str2 + "1" : str2 + "0";
        String str4 = (b & 16) != 0 ? str3 + "1" : str3 + "0";
        String str5 = (b & 8) != 0 ? str4 + "1" : str4 + "0";
        String str6 = (b & 4) != 0 ? str5 + "1" : str5 + "0";
        String str7 = (b & 2) != 0 ? str6 + "1" : str6 + "0";
        return ((b & 1) != 0 ? str7 + "1" : str7 + "0") + " ";
    }
}
