package org.apache.jetspeed.security.spi.impl.ldap;

import java.util.Properties;
import javax.naming.Name;
import javax.naming.NameParser;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.DirContext;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.naming.ldap.Control;
import javax.naming.ldap.InitialLdapContext;
import javax.naming.ldap.LdapContext;
import org.apache.commons.lang.StringUtils;
import org.apache.jetspeed.security.InvalidDnException;
import org.apache.jetspeed.security.InvalidPasswordException;
import org.apache.jetspeed.security.InvalidUidException;
import org.apache.jetspeed.security.SecurityException;

/* loaded from: input_file:installpack.zip:webapps/jetspeed.war:WEB-INF/lib/jetspeed-security-2.0.jar:org/apache/jetspeed/security/spi/impl/ldap/AbstractLdapDao.class */
public abstract class AbstractLdapDao {
    private LdapBindingConfig ldapBindingConfig;
    protected LdapContext ctx;

    public AbstractLdapDao() {
        this.ldapBindingConfig = null;
        throw new UnsupportedOperationException("Must be instantiated with LDAP binding configuration.");
    }

    public AbstractLdapDao(LdapBindingConfig ldapBindingConfig) throws SecurityException {
        this.ldapBindingConfig = null;
        this.ldapBindingConfig = ldapBindingConfig;
        bindToServer(ldapBindingConfig.getRootDn(), ldapBindingConfig.getRootPassword());
    }

    protected void bindToServer(String str, String str2) throws SecurityException {
        validateDn(str);
        validatePassword(str2);
        try {
            Properties properties = new Properties();
            properties.put("java.naming.factory.initial", this.ldapBindingConfig.getInitialContextFactory());
            properties.put("java.naming.provider.url", new StringBuffer().append("ldap://").append(this.ldapBindingConfig.getLdapServerName()).append(":").append(this.ldapBindingConfig.getLdapServerPort()).append("/").append(this.ldapBindingConfig.getRootContext()).toString());
            properties.put("java.naming.security.principal", str);
            properties.put("java.naming.security.credentials", str2);
            properties.put("java.naming.security.authentication", "simple");
            this.ctx = new InitialLdapContext(properties, (Control[]) null);
        } catch (NamingException e) {
            throw new SecurityException((Throwable) e);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getSubcontextName(String str) throws NamingException {
        NameParser nameParser = this.ctx.getNameParser("");
        Name parse = nameParser.parse(str);
        Name parse2 = nameParser.parse(this.ctx.getNameInNamespace());
        return parse.startsWith(parse2) ? parse.getSuffix(parse2.size()).toString() : str;
    }

    protected void validateDn(String str) throws SecurityException {
        if (StringUtils.isEmpty(str)) {
            throw new InvalidDnException();
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void validatePassword(String str) throws SecurityException {
        if (StringUtils.isEmpty(str)) {
            throw new InvalidPasswordException();
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public SearchControls setSearchControls() {
        SearchControls searchControls = new SearchControls();
        searchControls.setSearchScope(2);
        searchControls.setReturningObjFlag(true);
        return searchControls;
    }

    public String lookupByUid(String str) throws SecurityException {
        validateUid(str);
        try {
            return getFirstDnForUid(searchByWildcardedUid(str, setSearchControls()));
        } catch (NamingException e) {
            throw new SecurityException((Throwable) e);
        }
    }

    private String getFirstDnForUid(NamingEnumeration namingEnumeration) throws NamingException {
        String str = null;
        while (null != namingEnumeration && namingEnumeration.hasMore()) {
            SearchResult searchResult = (SearchResult) namingEnumeration.next();
            if (searchResult.getObject() instanceof DirContext) {
                str = ((DirContext) searchResult.getObject()).getNameInNamespace();
            }
        }
        return str;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void validateUid(String str) throws SecurityException {
        if (StringUtils.isEmpty(str) || str.matches(".*\\(.*|.*\\[.*|.*\\{.*|.*\\\\.*|.*\\^.*|.*\\$.*|.*\\|.*|.*\\).*|.*\\?.*|.*\\*.*|.*\\+.*|.*\\..*")) {
            throw new InvalidUidException();
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public NamingEnumeration searchByWildcardedUid(String str, SearchControls searchControls) throws NamingException {
        return this.ctx.search("", new StringBuffer().append("(&(uid=").append(StringUtils.isEmpty(str) ? "*" : str).append(") (objectclass=").append(getObjectClass()).append("))").toString(), searchControls);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getDefaultDnSuffix() {
        return this.ldapBindingConfig.getDefaultDnSuffix();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getGroupsOu() {
        return this.ldapBindingConfig.getGroupsOu();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getUsersOu() {
        return this.ldapBindingConfig.getUsersOu();
    }

    protected String getRootContext() {
        return this.ldapBindingConfig.getRootContext();
    }

    protected abstract String getObjectClass();
}
