package org.apache.derby.impl.jdbc.authentication;

import java.sql.SQLException;
import java.util.Properties;
import javax.naming.AuthenticationException;
import javax.naming.Name;
import javax.naming.NameNotFoundException;
import javax.naming.NameParser;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import org.apache.axis.components.jms.JNDIVendorAdapter;
import org.apache.derby.iapi.services.monitor.Monitor;
import org.apache.derby.iapi.util.StringUtil;

/* loaded from: input_file:zips/geronimo-tomcat-j2ee-1.1.zip:geronimo-1.1/repository/org/apache/derby/derby/10.1.1.0/derby-10.1.1.0.jar:org/apache/derby/impl/jdbc/authentication/LDAPAuthenticationSchemeImpl.class */
public final class LDAPAuthenticationSchemeImpl extends JNDIAuthenticationSchemeBase {
    private static final String dfltLDAPURL = "ldap://";
    private String searchBaseDN;
    private String leftSearchFilter;
    private String rightSearchFilter;
    private boolean useUserPropertyAsDN;
    private String searchAuthDN;
    private String searchAuthPW;
    private static final String[] attrDN = {"dn"};
    private static final String LDAP_SEARCH_BASE = "derby.authentication.ldap.searchBase";
    private static final String LDAP_SEARCH_FILTER = "derby.authentication.ldap.searchFilter";
    private static final String LDAP_SEARCH_AUTH_DN = "derby.authentication.ldap.searchAuthDN";
    private static final String LDAP_SEARCH_AUTH_PW = "derby.authentication.ldap.searchAuthPW";
    private static final String LDAP_LOCAL_USER_DN = "derby.user";
    private static final String LDAP_SEARCH_FILTER_USERNAME = "%USERNAME%";

    public LDAPAuthenticationSchemeImpl(JNDIAuthenticationService jNDIAuthenticationService, Properties properties) {
        super(jNDIAuthenticationService, properties);
    }

    @Override // org.apache.derby.authentication.UserAuthenticator
    public boolean authenticateUser(String str, String str2, String str3, Properties properties) throws SQLException {
        if (str == null || str.length() == 0 || str2 == null || str2.length() == 0) {
            return false;
        }
        try {
            Properties properties2 = (Properties) this.initDirContextEnv.clone();
            String str4 = null;
            if (this.useUserPropertyAsDN) {
                str4 = this.authenticationService.getProperty("derby.user.");
            }
            if (str4 == ((String) null)) {
                str4 = getDNFromUID(str);
            }
            properties2.put("java.naming.security.principal", str4);
            properties2.put("java.naming.security.credentials", str2);
            new InitialDirContext(properties2);
            return true;
        } catch (AuthenticationException e) {
            return false;
        } catch (NamingException e2) {
            throw getLoginSQLException(e2);
        } catch (NameNotFoundException e3) {
            return false;
        }
    }

    @Override // org.apache.derby.impl.jdbc.authentication.JNDIAuthenticationSchemeBase
    protected void setJNDIProviderProperties() {
        if (this.initDirContextEnv.getProperty(JNDIVendorAdapter.CONTEXT_FACTORY) == ((String) null)) {
            this.initDirContextEnv.put(JNDIVendorAdapter.CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
        }
        if (this.initDirContextEnv.getProperty(JNDIVendorAdapter.PROVIDER_URL) == ((String) null)) {
            String property = this.authenticationService.getProperty("derby.authentication.server");
            if (property == ((String) null)) {
                Monitor.logTextMessage("A011", "derby.authentication.server");
                this.providerURL = "ldap:///";
            } else if (property.startsWith(dfltLDAPURL)) {
                this.providerURL = property;
            } else if (property.startsWith("//")) {
                this.providerURL = new StringBuffer().append("ldap:").append(property).toString();
            } else {
                this.providerURL = new StringBuffer().append(dfltLDAPURL).append(property).toString();
            }
            this.initDirContextEnv.put(JNDIVendorAdapter.PROVIDER_URL, this.providerURL);
        }
        if (this.initDirContextEnv.getProperty("java.naming.security.authentication") == ((String) null)) {
            this.initDirContextEnv.put("java.naming.security.authentication", "simple");
        }
        String property2 = this.authenticationService.getProperty(LDAP_SEARCH_BASE);
        if (property2 != ((String) null)) {
            this.searchBaseDN = property2;
        } else {
            this.searchBaseDN = "";
        }
        this.searchAuthDN = this.authenticationService.getProperty(LDAP_SEARCH_AUTH_DN);
        this.searchAuthPW = this.authenticationService.getProperty(LDAP_SEARCH_AUTH_PW);
        String property3 = this.authenticationService.getProperty(LDAP_SEARCH_FILTER);
        if (property3 == ((String) null)) {
            this.leftSearchFilter = "(&(objectClass=inetOrgPerson)(uid=";
            this.rightSearchFilter = "))";
            return;
        }
        if (StringUtil.SQLEqualsIgnoreCase(property3, LDAP_LOCAL_USER_DN)) {
            this.leftSearchFilter = "(&(objectClass=inetOrgPerson)(uid=";
            this.rightSearchFilter = "))";
            this.useUserPropertyAsDN = true;
        } else if (property3.indexOf(LDAP_SEARCH_FILTER_USERNAME) != -1) {
            this.leftSearchFilter = property3.substring(0, property3.indexOf(LDAP_SEARCH_FILTER_USERNAME));
            this.rightSearchFilter = property3.substring(property3.indexOf(LDAP_SEARCH_FILTER_USERNAME) + LDAP_SEARCH_FILTER_USERNAME.length());
        } else {
            this.leftSearchFilter = new StringBuffer().append("(&(").append(property3).append(")").append("(objectClass=inetOrgPerson)(uid=").toString();
            this.rightSearchFilter = "))";
        }
    }

    private String getDNFromUID(String str) throws NamingException {
        Properties properties;
        if (this.searchAuthDN != ((String) null)) {
            properties = (Properties) this.initDirContextEnv.clone();
            properties.put("java.naming.security.principal", this.searchAuthDN);
            properties.put("java.naming.security.credentials", this.searchAuthPW);
        } else {
            properties = this.initDirContextEnv;
        }
        InitialDirContext initialDirContext = new InitialDirContext(properties);
        SearchControls searchControls = new SearchControls();
        searchControls.setSearchScope(2);
        searchControls.setReturningAttributes(attrDN);
        NamingEnumeration search = initialDirContext.search(this.searchBaseDN, new StringBuffer().append(this.leftSearchFilter).append(str).append(this.rightSearchFilter).toString(), searchControls);
        if (search == null || !search.hasMore()) {
            throw new NameNotFoundException();
        }
        SearchResult searchResult = (SearchResult) search.next();
        if (search.hasMore()) {
            throw new NameNotFoundException();
        }
        NameParser nameParser = initialDirContext.getNameParser(this.searchBaseDN);
        Name parse = nameParser.parse(this.searchBaseDN);
        if (parse == ((Name) null)) {
            throw new NameNotFoundException();
        }
        parse.addAll(nameParser.parse(searchResult.getName()));
        return parse.toString();
    }
}
