package de.mhus.osgi.sop.impl.aaa.util;

import de.mhus.lib.core.IReadProperties;
import de.mhus.lib.core.MCast;
import de.mhus.lib.core.MLdap;
import de.mhus.lib.core.MLog;
import de.mhus.lib.core.MPassword;
import de.mhus.lib.core.MProperties;
import de.mhus.lib.core.MString;
import de.mhus.lib.core.crypt.MCrypt;
import de.mhus.lib.core.parser.StringCompiler;
import de.mhus.lib.core.security.Account;
import de.mhus.lib.core.security.AccountSource;
import de.mhus.lib.core.security.ModifyAccountApi;
import de.mhus.lib.core.util.MUri;
import de.mhus.lib.errors.NotSupportedException;
import java.util.Date;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.UUID;
import javax.naming.AuthenticationException;
import javax.naming.NamingEnumeration;
import javax.naming.directory.DirContext;
import javax.naming.directory.SearchControls;

/* loaded from: input_file:de/mhus/osgi/sop/impl/aaa/util/AccountFromLdap.class */
public class AccountFromLdap extends MLog implements AccountSource {
    public static final SearchControls SEARCH_CONTROLS_ALL = MLdap.getSimpleSearchControls();
    public static final SearchControls SEARCH_CONTROLS_EMPTY = MLdap.getSimpleSearchControls();
    public static final Date STARTED_DATE;
    private String url;
    private String principal;
    private String password;
    private String userSearchName;
    private String userSearchFilter;
    private MProperties userAttributeMapping;
    private String userAttributesDisplayName;
    private String userAttributesActive;
    private String userAttributesUuid;
    private String groupsSearchName;
    private String groupsSearchFilter;

    /* loaded from: input_file:de/mhus/osgi/sop/impl/aaa/util/AccountFromLdap$LdapAccount.class */
    private class LdapAccount implements Account {
        private static final String UUID_PREFIX = "ldapAccount:";
        private MProperties params;
        private String account;
        private String displayName;
        private HashSet<String> groups;
        private boolean active;
        private UUID uuid;
        private String fqdn;
        private boolean valid;

        public LdapAccount(String str) {
            this.account = str;
        }

        public boolean hasGroup(String str) {
            return this.groups.contains(str.toUpperCase());
        }

        public String getName() {
            return this.account;
        }

        public boolean isValid() {
            return this.valid;
        }

        public boolean validatePassword(String str) {
            try {
                MLdap.getConnection(AccountFromLdap.this.url, this.fqdn, MPassword.decode(str)).close();
                return true;
            } catch (AuthenticationException e) {
                return false;
            } catch (Throwable th) {
                AccountFromLdap.this.log().e(new Object[]{this.account, th});
                return false;
            }
        }

        public boolean isSynthetic() {
            return false;
        }

        public String getDisplayName() {
            return this.displayName;
        }

        public IReadProperties getAttributes() {
            return this.params;
        }

        public void putAttributes(IReadProperties iReadProperties) throws NotSupportedException {
            throw new NotSupportedException(new Object[0]);
        }

        public String[] getGroups() throws NotSupportedException {
            return (String[]) this.groups.toArray(new String[this.groups.size()]);
        }

        public boolean reloadAccount() {
            try {
                MProperties mProperties = new MProperties();
                mProperties.setString("account", this.account);
                this.valid = true;
                DirContext connection = MLdap.getConnection(AccountFromLdap.this.url, AccountFromLdap.this.principal, MPassword.decode(AccountFromLdap.this.password));
                Map first = MLdap.getFirst(connection.search(StringCompiler.compile(AccountFromLdap.this.userSearchName).execute(mProperties), StringCompiler.compile(AccountFromLdap.this.userSearchFilter).execute(mProperties), AccountFromLdap.SEARCH_CONTROLS_ALL));
                if (first == null) {
                    this.valid = false;
                    return false;
                }
                this.fqdn = String.valueOf(first.get(".fqdn"));
                mProperties.setString("fqdn", this.fqdn);
                this.params = new MProperties();
                if (AccountFromLdap.this.userAttributeMapping != null) {
                    for (Map.Entry entry : AccountFromLdap.this.userAttributeMapping.entrySet()) {
                        this.params.put((String) entry.getKey(), first.get(entry.getValue()));
                    }
                } else {
                    this.params.putAll(first);
                }
                this.displayName = AccountFromLdap.this.userAttributesDisplayName == null ? this.account : StringCompiler.compile(AccountFromLdap.this.userAttributesDisplayName).execute(first);
                this.displayName = this.displayName.trim();
                this.active = AccountFromLdap.this.userAttributesActive == null ? true : MCast.toboolean(first.get(AccountFromLdap.this.userAttributesActive), false);
                this.uuid = AccountFromLdap.this.userAttributesUuid == null ? MCrypt.toUuidHash("ldapAccount:" + this.fqdn) : UUID.fromString(String.valueOf(first.get(AccountFromLdap.this.userAttributesUuid)));
                NamingEnumeration search = connection.search(StringCompiler.compile(AccountFromLdap.this.groupsSearchName).execute(mProperties), StringCompiler.compile(AccountFromLdap.this.groupsSearchFilter).execute(mProperties), AccountFromLdap.SEARCH_CONTROLS_EMPTY);
                List names = MLdap.getNames(search);
                names.replaceAll(str -> {
                    return MString.afterIndex(str, '=').toUpperCase();
                });
                this.groups = new HashSet<>();
                this.groups.addAll(names);
                search.close();
                connection.close();
                return true;
            } catch (Throwable th) {
                AccountFromLdap.this.log().e(new Object[]{this.account, th});
                return false;
            }
        }

        public Date getCreationDate() {
            return AccountFromLdap.STARTED_DATE;
        }

        public Date getModifyDate() {
            return AccountFromLdap.STARTED_DATE;
        }

        public UUID getUUID() {
            return this.uuid;
        }

        public boolean isActive() {
            return this.active;
        }
    }

    public Account findAccount(String str) {
        LdapAccount ldapAccount = new LdapAccount(str);
        if (ldapAccount.reloadAccount()) {
            return ldapAccount;
        }
        return null;
    }

    public ModifyAccountApi getModifyApi() {
        return null;
    }

    public String getUrl() {
        return this.url;
    }

    public void setUrl(String str) {
        this.url = str;
    }

    public String getPrincipal() {
        return this.principal;
    }

    public void setPrincipal(String str) {
        this.principal = str;
    }

    public void setPassword(String str) {
        this.password = str;
    }

    public String getUserSearchName() {
        return this.userSearchName;
    }

    public void setUserSearchName(String str) {
        this.userSearchName = str;
    }

    public String getUserSearchFilter() {
        return this.userSearchFilter;
    }

    public void setUserSearchFilter(String str) {
        this.userSearchFilter = str;
    }

    public void setUserAttributeMapping(String str) {
        this.userAttributeMapping = MProperties.explodeToMProperties(MUri.explodeArray(str, ';'), '=', ':', 0, Integer.MAX_VALUE);
    }

    public String getUserAttributesDisplayName() {
        return this.userAttributesDisplayName;
    }

    public void setUserAttributesDisplayName(String str) {
        this.userAttributesDisplayName = str;
    }

    public String getGroupsSearchName() {
        return this.groupsSearchName;
    }

    public void setGroupsSearchName(String str) {
        this.groupsSearchName = str;
    }

    public String getGroupsSearchFilter() {
        return this.groupsSearchFilter;
    }

    public void setGroupsSearchFilter(String str) {
        this.groupsSearchFilter = str;
    }

    public String getUserAttributesActive() {
        return this.userAttributesActive;
    }

    public void setUserAttributesActive(String str) {
        this.userAttributesActive = str;
    }

    public String getUserAttributesUuid() {
        return this.userAttributesUuid;
    }

    public void setUserAttributesUuid(String str) {
        this.userAttributesUuid = str;
    }

    static {
        SEARCH_CONTROLS_EMPTY.setReturningAttributes(new String[0]);
        STARTED_DATE = new Date();
    }
}
