package org.sakaiproject.unboundid;

import com.unboundid.ldap.sdk.DereferencePolicy;
import com.unboundid.ldap.sdk.GetEntryLDAPConnectionPoolHealthCheck;
import com.unboundid.ldap.sdk.LDAPConnection;
import com.unboundid.ldap.sdk.LDAPConnectionOptions;
import com.unboundid.ldap.sdk.LDAPConnectionPool;
import com.unboundid.ldap.sdk.LDAPException;
import com.unboundid.ldap.sdk.LDAPSearchException;
import com.unboundid.ldap.sdk.ResultCode;
import com.unboundid.ldap.sdk.SearchResult;
import com.unboundid.ldap.sdk.SearchResultEntry;
import com.unboundid.ldap.sdk.SearchScope;
import com.unboundid.ldap.sdk.SimpleBindRequest;
import com.unboundid.ldap.sdk.SingleServerSet;
import com.unboundid.ldap.sdk.migrate.ldapjdk.LDAPEntry;
import com.unboundid.util.ssl.SSLUtil;
import java.security.GeneralSecurityException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.apache.commons.lang3.StringUtils;
import org.sakaiproject.authz.api.SecurityService;
import org.sakaiproject.memory.api.Cache;
import org.sakaiproject.memory.api.MemoryService;
import org.sakaiproject.user.api.AuthenticationIdUDP;
import org.sakaiproject.user.api.DisplayAdvisorUDP;
import org.sakaiproject.user.api.ExternalUserSearchUDP;
import org.sakaiproject.user.api.User;
import org.sakaiproject.user.api.UserDirectoryProvider;
import org.sakaiproject.user.api.UserEdit;
import org.sakaiproject.user.api.UserFactory;
import org.sakaiproject.user.api.UsersShareEmailUDP;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/sakaiproject/unboundid/UnboundidDirectoryProvider.class */
public class UnboundidDirectoryProvider implements UserDirectoryProvider, LdapConnectionManagerConfig, ExternalUserSearchUDP, UsersShareEmailUDP, DisplayAdvisorUDP, AuthenticationIdUDP {
    private SecurityService securityService;
    private MemoryService memoryService;
    public static final boolean DEFAULT_IS_SECURE_CONNECTION = false;
    public static final int DEFAULT_OPERATION_TIMEOUT_MILLIS = 9000;
    public static final boolean DEFAULT_IS_FOLLOW_REFERRALS = false;
    public static final boolean DEFAULT_IS_SEARCH_ALIASES = false;
    public static final int DEFAULT_POOL_MAX_CONNS = 10;
    public static final boolean DEFAULT_RETRY_FAILED_OPERATIONS_DUE_TO_INVALID_CONNECTIONS = false;
    public static final long DEFAULT_HEALTH_CHECK_INTERVAL_MILLIS = 180000;
    public static final int DEFAULT_MAX_RESULT_SIZE = 1000;
    public static final int DEFAULT_BATCH_SIZE = 200;
    public static final boolean DEFAULT_ALLOW_AUTHENTICATION = true;
    public static final boolean DEFAULT_ALLOW_AUTHENTICATION_EXTERNAL = true;
    public static final boolean DEFAULT_ALLOW_AUTHENTICATION_ADMIN = false;
    public static final boolean DEFAULT_ALLOW_SEARCH_EXTERNAL = true;
    public static final boolean DEFAULT_ALLOW_GET_EXTERNAL = true;
    public static final boolean DEFAULT_AUTHENTICATE_WITH_PROVIDER_FIRST = false;
    private String[] ldapHost;
    private String ldapUser;
    private String ldapPassword;
    private boolean autoBind;
    private String basePath;
    private Map<String, String> attributeMappings;
    private LDAPConnectionPool connectionPool;
    private LdapAttributeMapper ldapAttributeMapper;
    private EidValidator eidValidator;
    private Cache negativeCache;
    private static final Logger log = LoggerFactory.getLogger(UnboundidDirectoryProvider.class);
    public static final int[] DEFAULT_LDAP_PORT = {389};
    public static final SearchScope DEFAULT_SEARCH_SCOPE = SearchScope.SUB;
    public static final String DISPLAY_ID_PROPERTY = UnboundidDirectoryProvider.class + "-displayId";
    public static final String DISPLAY_NAME_PROPERTY = UnboundidDirectoryProvider.class + "-displayName";
    private int[] ldapPort = DEFAULT_LDAP_PORT;
    private boolean secureConnection = false;
    private int poolMaxConns = 10;
    private boolean retryFailedOperationsDueToInvalidConnections = false;
    private long healthCheckIntervalMillis = DEFAULT_HEALTH_CHECK_INTERVAL_MILLIS;
    private Map<String, String> healthCheckMappings = null;
    private int maxResultSize = DEFAULT_MAX_RESULT_SIZE;
    private int batchSize = DEFAULT_BATCH_SIZE;
    private boolean followReferrals = false;
    private boolean searchAliases = false;
    private int operationTimeout = DEFAULT_OPERATION_TIMEOUT_MILLIS;
    private SearchScope searchScope = DEFAULT_SEARCH_SCOPE;
    private boolean enableAid = false;
    protected LdapEntryMapper defaultLdapEntryMapper = new LdapEntryMapper() { // from class: org.sakaiproject.unboundid.UnboundidDirectoryProvider.1
        @Override // org.sakaiproject.unboundid.LdapEntryMapper
        public Object mapLdapEntry(LDAPEntry lDAPEntry, int i) {
            return UnboundidDirectoryProvider.this.mapLdapEntryOntoUserData(lDAPEntry);
        }
    };
    private boolean allowAuthentication = true;
    private boolean allowAuthenticationExternal = true;
    private boolean allowAuthenticationAdmin = false;
    private boolean allowSearchExternal = true;
    private boolean allowGetExternal = true;
    private boolean authenticateWithProviderFirst = false;

    public UnboundidDirectoryProvider() {
        log.debug("instantating UnboundidDirectoryProvider");
    }

    public void init() {
        log.debug("init()");
        if (this.batchSize > this.maxResultSize) {
            this.batchSize = this.maxResultSize;
            log.warn("Unboundid batchSize is larger than maxResultSize, batchSize has been reduced from: " + this.batchSize + " to: " + this.maxResultSize);
        }
        this.negativeCache = this.memoryService.getCache(getClass().getName() + ".negativeCache");
        createConnectionPool();
        initLdapAttributeMapper();
    }

    protected synchronized boolean createConnectionPool() {
        SingleServerSet singleServerSet;
        if (this.connectionPool != null) {
            return true;
        }
        LDAPConnectionOptions lDAPConnectionOptions = new LDAPConnectionOptions();
        lDAPConnectionOptions.setAbandonOnTimeout(false);
        lDAPConnectionOptions.setConnectTimeoutMillis(this.operationTimeout);
        lDAPConnectionOptions.setResponseTimeoutMillis(this.operationTimeout);
        lDAPConnectionOptions.setUseSynchronousMode(true);
        if (isSecureConnection()) {
            try {
                singleServerSet = new SingleServerSet(this.ldapHost[0], this.ldapPort[0], new SSLUtil().createSSLSocketFactory(), lDAPConnectionOptions);
            } catch (GeneralSecurityException e) {
                log.error("Error while initializing LDAP SSLSocketFactory");
                throw new RuntimeException(e);
            }
        } else {
            singleServerSet = new SingleServerSet(this.ldapHost[0], this.ldapPort[0], lDAPConnectionOptions);
        }
        SimpleBindRequest simpleBindRequest = new SimpleBindRequest(this.ldapUser, this.ldapPassword);
        try {
            log.info("Creating LDAP connection pool of size {}", Integer.valueOf(this.poolMaxConns));
            this.connectionPool = new LDAPConnectionPool(singleServerSet, simpleBindRequest, this.poolMaxConns);
            this.connectionPool.setRetryFailedOperationsDueToInvalidConnections(this.retryFailedOperationsDueToInvalidConnections);
            this.connectionPool.setHealthCheckIntervalMillis(this.healthCheckIntervalMillis);
            if (this.healthCheckMappings != null) {
                this.connectionPool.setHealthCheck(new GetEntryLDAPConnectionPoolHealthCheck(this.ldapUser, Long.parseLong(this.healthCheckMappings.get("maxResponseTime")), Boolean.parseBoolean(this.healthCheckMappings.get("invokeOnCreate")), Boolean.parseBoolean(this.healthCheckMappings.get("invokeAfterAuthentication")), Boolean.parseBoolean(this.healthCheckMappings.get("invokeOnCheckout")), Boolean.parseBoolean(this.healthCheckMappings.get("invokeOnRelease")), Boolean.parseBoolean(this.healthCheckMappings.get("invokeForBackgroundChecks")), Boolean.parseBoolean(this.healthCheckMappings.get("invokeOnException"))));
            }
            return true;
        } catch (LDAPException e2) {
            log.error("Could not init LDAP pool", e2);
            return false;
        }
    }

    protected void initLdapAttributeMapper() {
        log.debug("initLdapAttributeMapper()");
        if (this.ldapAttributeMapper == null) {
            this.ldapAttributeMapper = newDefaultLdapAttributeMapper();
            this.ldapAttributeMapper.setAttributeMappings(this.attributeMappings);
            this.ldapAttributeMapper.init();
        }
    }

    protected LdapAttributeMapper newDefaultLdapAttributeMapper() {
        log.debug("newDefaultLdapAttributeMapper(): returning a new SimpleLdapAttributeMapper");
        return new SimpleLdapAttributeMapper();
    }

    public void destroy() {
        log.debug("destroy()");
        clearCache();
    }

    public void clearCache() {
        log.debug("clearCache()");
        this.negativeCache.clear();
    }

    public boolean authenticateUser(String str, UserEdit userEdit, String str2) {
        log.debug("authenticateUser(): [userLogin = {}]", str);
        if (!this.allowAuthentication) {
            log.debug("authenticateUser(): denying authentication attempt [userLogin = " + str + "]. All authentication has been disabled via configuration");
            return false;
        }
        if (StringUtils.isBlank(str2)) {
            log.debug("authenticateUser(): returning false, blank password");
            return false;
        }
        if (!this.allowAuthenticationExternal && userEdit.getId() == null) {
            log.debug("authenticateUser(): returning false, not authenticating for external users");
            return false;
        }
        if (!this.allowAuthenticationAdmin && this.securityService.isSuperUser(userEdit.getId())) {
            log.debug("authenticateUser(): returning false, not authenticating for superuser (admin) {}", userEdit.getEid());
            return false;
        }
        if (this.connectionPool == null && !createConnectionPool()) {
            log.error("No LDAP connection pool available: unable to authenticate");
            return false;
        }
        try {
            try {
                long currentTimeMillis = System.currentTimeMillis();
                String lookupUserBindDn = lookupUserBindDn(str);
                if (lookupUserBindDn == null) {
                    log.debug("authenticateUser(): failed to find bind dn for login [userLogin = {}], returning false", str);
                    this.connectionPool.releaseDefunctConnection((LDAPConnection) null);
                    return false;
                }
                log.debug("authenticateUser(): attempting to allocate bound connection [userLogin = {}][bind dn [{}]", str, lookupUserBindDn);
                LDAPConnection connection = this.connectionPool.getConnection();
                if (connection.bind(lookupUserBindDn, str2).getResultCode().equals(ResultCode.SUCCESS)) {
                    log.info("Authenticated {} ({}) from LDAP in {} ms", new Object[]{str, lookupUserBindDn, Long.valueOf(System.currentTimeMillis() - currentTimeMillis)});
                    this.connectionPool.releaseDefunctConnection(connection);
                    return true;
                }
                log.debug("authenticateUser(): unsuccessfull bind attempt [userLogin = {}][bind dn [{}]", str, lookupUserBindDn);
                this.connectionPool.releaseDefunctConnection(connection);
                return false;
            } catch (LDAPException e) {
                if (e.getResultCode().intValue() != 49) {
                    throw new RuntimeException("authenticateUser(): LDAPException during authentication attempt [userLogin = " + str + "][result code = " + e.getResultCode().toString() + "][error message = " + e.getExceptionMessage() + "]", e);
                }
                log.info("authenticateUser(): invalid credentials [userLogin = {}]", str);
                this.connectionPool.releaseDefunctConnection((LDAPConnection) null);
                return false;
            } catch (Exception e2) {
                throw new RuntimeException("authenticateUser(): Exception during authentication attempt [userLogin = " + str + "]", e2);
            }
        } catch (Throwable th) {
            this.connectionPool.releaseDefunctConnection((LDAPConnection) null);
            throw th;
        }
    }

    public boolean findUserByEmail(UserEdit userEdit, String str) {
        try {
            boolean z = !(this.ldapAttributeMapper instanceof EidDerivedEmailAddressHandler);
            LdapUserData ldapUserData = null;
            if (!z) {
                try {
                    String trimToNull = StringUtils.trimToNull(((EidDerivedEmailAddressHandler) this.ldapAttributeMapper).unpackEidFromAddress(str));
                    if (trimToNull == null) {
                        throw new InvalidEmailAddressException("Attempting to unpack an EID from [" + str + "] resulted in a null or empty string");
                    }
                    ldapUserData = getUserByEid(trimToNull);
                } catch (InvalidEmailAddressException e) {
                    log.error("findUserByEmail(): Attempted to look up user at an invalid email address [" + str + "]", e);
                    z = true;
                }
            }
            if (z) {
                ldapUserData = (LdapUserData) searchDirectoryForSingleEntry(this.ldapAttributeMapper.getFindUserByEmailFilter(str), null, null, null);
            }
            if (ldapUserData == null) {
                log.debug("findUserByEmail(): failed to find user by email [email = {}]", str);
                return false;
            }
            log.debug("findUserByEmail(): found user by email [email = {}]", str);
            if (userEdit == null) {
                return true;
            }
            mapUserDataOntoUserEdit(ldapUserData, userEdit);
            return true;
        } catch (Exception e2) {
            log.error("findUserByEmail(): failed [email = " + str + "]");
            log.debug("Exception: ", e2);
            return false;
        }
    }

    public boolean getUser(UserEdit userEdit) {
        if (!this.allowGetExternal) {
            log.debug("getUser() external get not enabled");
            return false;
        }
        try {
            boolean userByEid = getUserByEid(userEdit, userEdit.getEid());
            if (!userByEid) {
                Object obj = this.negativeCache.get(userEdit.getEid());
                Integer num = 0;
                if (obj != null) {
                    num = (Integer) obj;
                }
                this.negativeCache.put(userEdit.getEid(), Integer.valueOf(num.intValue() + 1));
            }
            return userByEid;
        } catch (com.unboundid.ldap.sdk.migrate.ldapjdk.LDAPException e) {
            log.error("getUser() failed [eid: " + userEdit.getEid() + "]", e);
            return false;
        }
    }

    public boolean getUserbyAid(String str, UserEdit userEdit) {
        LdapUserData userByAid;
        if (!this.enableAid || (userByAid = getUserByAid(str)) == null) {
            return false;
        }
        if (userEdit == null) {
            return true;
        }
        mapUserDataOntoUserEdit(userByAid, userEdit);
        return true;
    }

    public LdapUserData getUserByAid(String str) {
        LdapUserData ldapUserData = null;
        try {
            ldapUserData = (LdapUserData) searchDirectoryForSingleEntry(this.ldapAttributeMapper.getFindUserByAidFilter(str), null, null, null);
        } catch (com.unboundid.ldap.sdk.migrate.ldapjdk.LDAPException e) {
            log.error("Failed to find user for AID: " + str, e);
        }
        return ldapUserData;
    }

    public void getUsers(Collection<UserEdit> collection) {
        log.debug("getUsers(): [Collection size = {}]", Integer.valueOf(collection.size()));
        int maxObjectsToQueryFor = getMaxObjectsToQueryFor();
        UserEdit userEdit = null;
        HashMap hashMap = new HashMap();
        ArrayList<UserEdit> arrayList = new ArrayList();
        try {
            try {
                int i = 0;
                Iterator<UserEdit> it = collection.iterator();
                while (it.hasNext()) {
                    userEdit = it.next();
                    String eid = userEdit.getEid();
                    if (isSearchableEid(eid)) {
                        hashMap.put(eid, userEdit);
                        i++;
                    } else {
                        it.remove();
                    }
                    if ((!it.hasNext() || i == maxObjectsToQueryFor) && !hashMap.isEmpty()) {
                        for (LdapUserData ldapUserData : searchDirectory(this.ldapAttributeMapper.getManyUsersInOneSearch(hashMap.keySet()), null, null, null, maxObjectsToQueryFor)) {
                            String eid2 = ldapUserData.getEid();
                            if (!StringUtils.isEmpty(eid2)) {
                                String lowerCase = eid2.toLowerCase();
                                mapUserDataOntoUserEdit(ldapUserData, (UserEdit) hashMap.get(lowerCase));
                                hashMap.remove(lowerCase);
                            }
                        }
                        Iterator it2 = hashMap.entrySet().iterator();
                        while (it2.hasNext()) {
                            arrayList.add(((Map.Entry) it2.next()).getValue());
                        }
                        hashMap.clear();
                        i = 0;
                    }
                }
                for (UserEdit userEdit2 : arrayList) {
                    log.debug("Unboundid getUsers could not find user: {}", userEdit2.getEid());
                    collection.remove(userEdit2);
                    Integer num = 0;
                    Object obj = this.negativeCache.get(userEdit2.getEid());
                    if (obj != null) {
                        num = (Integer) obj;
                    }
                    this.negativeCache.put(userEdit2.getEid(), Integer.valueOf(num.intValue() + 1));
                }
            } catch (com.unboundid.ldap.sdk.migrate.ldapjdk.LDAPException e) {
                throw new RuntimeException("getUsers(): LDAPException during search [eid = " + (userEdit == null ? null : userEdit.getEid()) + "][result code = " + e.errorCodeToString() + "][error message = " + e.getLDAPErrorMessage() + "]", e);
            } catch (Exception e2) {
                throw new RuntimeException("getUsers(): RuntimeException during search eid = " + (userEdit == null ? null : userEdit.getEid()) + "]", e2);
            }
        } finally {
            if (0 != 0) {
                log.debug("getUsers(): abortive search, clearing received users collection");
                collection.clear();
            }
        }
    }

    public boolean authenticateWithProviderFirst(String str) {
        return this.authenticateWithProviderFirst;
    }

    public boolean userExists(String str) {
        log.debug("userExists(): [eid = {}]", str);
        try {
            return getUserByEid(null, str);
        } catch (com.unboundid.ldap.sdk.migrate.ldapjdk.LDAPException e) {
            log.error("userExists() failed: [eid = " + str + "]", e);
            return false;
        }
    }

    protected boolean getUserByEid(UserEdit userEdit, String str) throws com.unboundid.ldap.sdk.migrate.ldapjdk.LDAPException {
        LdapUserData userByEid = getUserByEid(str);
        if (userByEid == null) {
            return false;
        }
        if (userEdit == null) {
            return true;
        }
        mapUserDataOntoUserEdit(userByEid, userEdit);
        return true;
    }

    protected LdapUserData getUserByEid(String str) throws com.unboundid.ldap.sdk.migrate.ldapjdk.LDAPException {
        if (isSearchableEid(str)) {
            log.debug("getUserByEid(): [eid = {}]", str);
            return (LdapUserData) searchDirectoryForSingleEntry(this.ldapAttributeMapper.getFindUserByEidFilter(str), null, null, null);
        }
        if (str == null) {
            log.debug("User EID not searchable (eid is null)");
            return null;
        }
        log.info("User EID not searchable (possibly blacklisted or otherwise syntactically invalid) [{}]", str);
        return null;
    }

    protected boolean isSearchableEid(String str) {
        if (this.negativeCache == null) {
            this.negativeCache = this.memoryService.getCache(getClass().getName() + ".negativeCache");
            log.debug("negativeCache initialized in isSearchableEid");
        }
        Object obj = this.negativeCache.get(str);
        if (obj != null) {
            Integer num = (Integer) obj;
            log.debug("negativeCache count for {}={}", str, num);
            if (num.intValue() > 3) {
                return false;
            }
        }
        if (this.eidValidator == null) {
            return true;
        }
        return this.eidValidator.isSearchableEid(str);
    }

    protected String lookupUserBindDn(String str) throws com.unboundid.ldap.sdk.migrate.ldapjdk.LDAPException {
        log.debug("lookupUserEntryDN(): [eid = {}]", str);
        LdapUserData userByAid = this.enableAid ? getUserByAid(str) : getUserByEid(str);
        if (userByAid != null) {
            return this.ldapAttributeMapper.getUserBindDn(userByAid);
        }
        log.debug("lookupUserEntryDN(): no directory entried found [eid = {}]", str);
        return null;
    }

    protected Object searchDirectoryForSingleEntry(String str, LdapEntryMapper ldapEntryMapper, String[] strArr, String str2) throws com.unboundid.ldap.sdk.migrate.ldapjdk.LDAPException {
        log.debug("searchDirectoryForSingleEntry(): [filter = {}]", str);
        List<LdapUserData> searchDirectory = searchDirectory(str, ldapEntryMapper, strArr, str2, 1);
        if (searchDirectory.isEmpty()) {
            return null;
        }
        return searchDirectory.iterator().next();
    }

    protected List<LdapUserData> searchDirectory(String str, LdapEntryMapper ldapEntryMapper, String[] strArr, String str2, int i) throws com.unboundid.ldap.sdk.migrate.ldapjdk.LDAPException {
        SearchResult searchResult;
        log.debug("searchDirectory(): [filter = {}]", str);
        if (this.connectionPool == null && !createConnectionPool()) {
            throw new com.unboundid.ldap.sdk.migrate.ldapjdk.LDAPException("No LDAP connection pool available: unable to search");
        }
        try {
            String[] scrubSearchResultPhysicalAttributeNames = scrubSearchResultPhysicalAttributeNames(strArr);
            String scrubSearchBaseDn = scrubSearchBaseDn(str2);
            LdapEntryMapper ldapEntryMapper2 = this.defaultLdapEntryMapper;
            if (ldapEntryMapper != null) {
                ldapEntryMapper2 = ldapEntryMapper;
            }
            DereferencePolicy dereferencePolicy = DereferencePolicy.NEVER;
            if (isSearchAliases()) {
                dereferencePolicy = DereferencePolicy.ALWAYS;
            }
            log.debug("searchDirectory(): [baseDN = {}][filter = {}][return attribs = {}][max results = {}][search scope = {}]", new Object[]{scrubSearchBaseDn, str, Arrays.toString(scrubSearchResultPhysicalAttributeNames), Integer.valueOf(i), this.searchScope});
            long currentTimeMillis = System.currentTimeMillis();
            try {
                searchResult = this.connectionPool.search(scrubSearchBaseDn, this.searchScope, dereferencePolicy, i, this.operationTimeout, false, str, scrubSearchResultPhysicalAttributeNames);
            } catch (LDAPSearchException e) {
                if (!e.getResultCode().equals(ResultCode.SIZE_LIMIT_EXCEEDED)) {
                    throw e;
                }
                searchResult = e.getSearchResult();
                log.warn("Hit ResultCode.SIZE_LIMIT_EXCEEDED: {}", e.getDiagnosticMessage());
            }
            List searchEntries = searchResult.getSearchEntries();
            ArrayList arrayList = new ArrayList();
            int i2 = 0;
            Iterator it = searchEntries.iterator();
            while (it.hasNext()) {
                i2++;
                Object mapLdapEntry = ldapEntryMapper2.mapLdapEntry(new LDAPEntry((SearchResultEntry) it.next()), i2);
                if (mapLdapEntry != null) {
                    arrayList.add((LdapUserData) mapLdapEntry);
                }
            }
            log.debug("Query took: {}ms", Long.valueOf(System.currentTimeMillis() - currentTimeMillis));
            return arrayList;
        } catch (Exception e2) {
            throw new RuntimeException("searchDirectory(): RuntimeException while executing search [baseDN = " + str2 + "][filter = " + str + "][return attribs = " + Arrays.toString(strArr) + "][max results = " + i + "]", e2);
        }
    }

    protected String scrubSearchBaseDn(String str) {
        return str == null ? this.basePath : str;
    }

    protected String[] scrubSearchResultPhysicalAttributeNames(String[] strArr) {
        String[] strArr2 = strArr;
        if (strArr2 == null) {
            strArr2 = this.ldapAttributeMapper.getSearchResultAttributes();
        }
        if (strArr2 == null) {
            strArr2 = new String[0];
        }
        return strArr2;
    }

    protected LdapUserData mapLdapEntryOntoUserData(LDAPEntry lDAPEntry) {
        log.debug("mapLdapEntryOntoUserData() [dn = {}]", lDAPEntry.getDN());
        LdapUserData newLdapUserData = newLdapUserData();
        this.ldapAttributeMapper.mapLdapEntryOntoUserData(lDAPEntry, newLdapUserData);
        return newLdapUserData;
    }

    protected LdapUserData newLdapUserData() {
        return new LdapUserData();
    }

    protected void mapUserDataOntoUserEdit(LdapUserData ldapUserData, UserEdit userEdit) {
        log.debug("mapUserDataOntoUserEdit() [userData = {}]", ldapUserData);
        this.ldapAttributeMapper.mapUserDataOntoUserEdit(ldapUserData, userEdit);
        userEdit.setEid(StringUtils.lowerCase(ldapUserData.getEid()));
    }

    @Override // org.sakaiproject.unboundid.LdapConnectionManagerConfig
    public String[] getLdapHost() {
        return this.ldapHost;
    }

    @Override // org.sakaiproject.unboundid.LdapConnectionManagerConfig
    public void setLdapHost(String[] strArr) {
        this.ldapHost = strArr;
    }

    @Override // org.sakaiproject.unboundid.LdapConnectionManagerConfig
    public int[] getLdapPort() {
        return this.ldapPort;
    }

    @Override // org.sakaiproject.unboundid.LdapConnectionManagerConfig
    public void setLdapPort(int[] iArr) {
        this.ldapPort = iArr;
    }

    @Override // org.sakaiproject.unboundid.LdapConnectionManagerConfig
    public String getLdapUser() {
        return this.ldapUser;
    }

    @Override // org.sakaiproject.unboundid.LdapConnectionManagerConfig
    public void setLdapUser(String str) {
        this.ldapUser = str;
    }

    @Override // org.sakaiproject.unboundid.LdapConnectionManagerConfig
    public String getLdapPassword() {
        return this.ldapPassword;
    }

    @Override // org.sakaiproject.unboundid.LdapConnectionManagerConfig
    public void setLdapPassword(String str) {
        this.ldapPassword = str;
    }

    @Override // org.sakaiproject.unboundid.LdapConnectionManagerConfig
    public boolean isSecureConnection() {
        return this.secureConnection;
    }

    @Override // org.sakaiproject.unboundid.LdapConnectionManagerConfig
    public void setSecureConnection(boolean z) {
        this.secureConnection = z;
    }

    public String getBasePath() {
        return this.basePath;
    }

    public void setBasePath(String str) {
        this.basePath = str;
    }

    @Override // org.sakaiproject.unboundid.LdapConnectionManagerConfig
    public int getOperationTimeout() {
        return this.operationTimeout;
    }

    @Override // org.sakaiproject.unboundid.LdapConnectionManagerConfig
    public void setOperationTimeout(int i) {
        this.operationTimeout = i;
    }

    public Map<String, String> getAttributeMappings() {
        return this.attributeMappings;
    }

    public void setAttributeMappings(Map<String, String> map) {
        this.attributeMappings = map;
    }

    @Override // org.sakaiproject.unboundid.LdapConnectionManagerConfig
    public boolean isFollowReferrals() {
        return this.followReferrals;
    }

    @Override // org.sakaiproject.unboundid.LdapConnectionManagerConfig
    public void setFollowReferrals(boolean z) {
        this.followReferrals = z;
    }

    @Override // org.sakaiproject.unboundid.LdapConnectionManagerConfig
    public boolean isAutoBind() {
        return this.autoBind;
    }

    @Override // org.sakaiproject.unboundid.LdapConnectionManagerConfig
    public void setAutoBind(boolean z) {
        this.autoBind = z;
    }

    @Override // org.sakaiproject.unboundid.LdapConnectionManagerConfig
    public int getPoolMaxConns() {
        return this.poolMaxConns;
    }

    @Override // org.sakaiproject.unboundid.LdapConnectionManagerConfig
    public void setPoolMaxConns(int i) {
        this.poolMaxConns = i;
    }

    public boolean getRetryFailedOperationsDueToInvalidConnections() {
        return this.retryFailedOperationsDueToInvalidConnections;
    }

    public void setRetryFailedOperationsDueToInvalidConnections(boolean z) {
        this.retryFailedOperationsDueToInvalidConnections = z;
    }

    public long getHealthCheckIntervalMillis() {
        return this.healthCheckIntervalMillis;
    }

    public void setHealthCheckIntervalMillis(long j) {
        this.healthCheckIntervalMillis = j;
    }

    public Map<String, String> getHealthCheckMappings() {
        return this.healthCheckMappings;
    }

    public void setHealthCheckMappings(Map<String, String> map) {
        this.healthCheckMappings = map;
    }

    public int getMaxObjectsToQueryFor() {
        return getBatchSize();
    }

    public void setMaxObjectsToQueryFor(int i) {
        log.info("maxObjectToQueryFor is deprecated please use batchSize@org.sakaiproject.user.api.UserDirectoryProvider instead");
        setBatchSize(i);
    }

    @Override // org.sakaiproject.unboundid.LdapConnectionManagerConfig
    public int getBatchSize() {
        return this.batchSize;
    }

    @Override // org.sakaiproject.unboundid.LdapConnectionManagerConfig
    public void setBatchSize(int i) {
        this.batchSize = i;
    }

    @Override // org.sakaiproject.unboundid.LdapConnectionManagerConfig
    public void setEnableAid(boolean z) {
        this.enableAid = z;
    }

    @Override // org.sakaiproject.unboundid.LdapConnectionManagerConfig
    public int getMaxResultSize() {
        return this.maxResultSize;
    }

    @Override // org.sakaiproject.unboundid.LdapConnectionManagerConfig
    public void setMaxResultSize(int i) {
        this.maxResultSize = i;
    }

    public LdapAttributeMapper getLdapAttributeMapper() {
        return this.ldapAttributeMapper;
    }

    public void setLdapAttributeMapper(LdapAttributeMapper ldapAttributeMapper) {
        this.ldapAttributeMapper = ldapAttributeMapper;
    }

    public EidValidator getEidValidator() {
        return this.eidValidator;
    }

    public void setEidValidator(EidValidator eidValidator) {
        this.eidValidator = eidValidator;
    }

    public boolean isAllowAuthentication() {
        return this.allowAuthentication;
    }

    public void setAllowAuthentication(boolean z) {
        this.allowAuthentication = z;
    }

    public void setAuthenticateAllowed(boolean z) {
        setAllowAuthentication(z);
    }

    public boolean isAuthenticateWithProviderFirst() {
        return this.authenticateWithProviderFirst;
    }

    public void setAuthenticateWithProviderFirst(boolean z) {
        this.authenticateWithProviderFirst = z;
    }

    public String getDisplayId(User user) {
        String property = user.getProperties().getProperty(DISPLAY_ID_PROPERTY);
        if (property == null || property.length() <= 0) {
            return null;
        }
        return property;
    }

    public String getDisplayName(User user) {
        String property = user.getProperties().getProperty(DISPLAY_NAME_PROPERTY);
        if (property == null || property.length() <= 0) {
            return null;
        }
        return property;
    }

    public SearchScope getSearchScope() {
        return this.searchScope;
    }

    public void setSearchScope(int i) throws IllegalArgumentException {
        switch (i) {
            case 0:
                this.searchScope = SearchScope.BASE;
                return;
            case 1:
                this.searchScope = SearchScope.ONE;
                return;
            case 2:
                this.searchScope = SearchScope.SUB;
                return;
            default:
                throw new IllegalArgumentException("Invalid search scope [" + i + "]");
        }
    }

    public List<UserEdit> searchExternalUsers(String str, int i, int i2, UserFactory userFactory) {
        if (!this.allowSearchExternal) {
            log.debug("External search is disabled");
            return null;
        }
        String findUserByCrossAttributeSearchFilter = this.ldapAttributeMapper.getFindUserByCrossAttributeSearchFilter(str);
        ArrayList arrayList = new ArrayList();
        try {
            for (LdapUserData ldapUserData : searchDirectory(findUserByCrossAttributeSearchFilter, null, null, null, this.maxResultSize)) {
                UserEdit newUser = userFactory.newUser(ldapUserData.getEid());
                mapUserDataOntoUserEdit(ldapUserData, newUser);
                arrayList.add(newUser);
            }
            return arrayList;
        } catch (com.unboundid.ldap.sdk.migrate.ldapjdk.LDAPException e) {
            log.warn("An error occurred searching for users: " + e.getClass().getName() + ": (" + e.getLDAPResultCode() + ") " + e.getMessage());
            return null;
        }
    }

    public Collection findUsersByEmail(String str, UserFactory userFactory) {
        ArrayList arrayList = new ArrayList();
        if (!this.allowSearchExternal) {
            log.debug("External search is disabled");
            return arrayList;
        }
        try {
            for (LdapUserData ldapUserData : searchDirectory(this.ldapAttributeMapper.getFindUserByEmailFilter(str), null, null, null, this.maxResultSize)) {
                UserEdit newUser = userFactory.newUser(ldapUserData.getEid());
                mapUserDataOntoUserEdit(ldapUserData, newUser);
                arrayList.add(newUser);
            }
            return arrayList;
        } catch (com.unboundid.ldap.sdk.migrate.ldapjdk.LDAPException e) {
            log.warn("An error occurred finding users by email: " + e.getClass().getName() + ": (" + e.getLDAPResultCode() + ") " + e.getMessage());
            return null;
        }
    }

    public boolean isSearchAliases() {
        return this.searchAliases;
    }

    public void setSearchAliases(boolean z) {
        this.searchAliases = z;
    }

    public void setSecurityService(SecurityService securityService) {
        this.securityService = securityService;
    }

    public void setMemoryService(MemoryService memoryService) {
        this.memoryService = memoryService;
    }

    public boolean isAllowAuthenticationExternal() {
        return this.allowAuthenticationExternal;
    }

    public void setAllowAuthenticationExternal(boolean z) {
        this.allowAuthenticationExternal = z;
    }

    public boolean isAllowAuthenticationAdmin() {
        return this.allowAuthenticationAdmin;
    }

    public void setAllowAuthenticationAdmin(boolean z) {
        this.allowAuthenticationAdmin = z;
    }

    public boolean isAllowSearchExternal() {
        return this.allowSearchExternal;
    }

    public void setAllowSearchExternal(boolean z) {
        this.allowSearchExternal = z;
    }

    public boolean isAllowGetExternal() {
        return this.allowGetExternal;
    }

    public void setAllowGetExternal(boolean z) {
        this.allowGetExternal = z;
    }
}
