package org.apache.turbine.services.security.ldap;

import java.util.Hashtable;
import java.util.List;
import java.util.Vector;
import javax.naming.AuthenticationException;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attributes;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import org.apache.commons.configuration.Configuration;
import org.apache.torque.util.Criteria;
import org.apache.turbine.om.security.User;
import org.apache.turbine.services.security.TurbineSecurity;
import org.apache.turbine.services.security.UserManager;
import org.apache.turbine.util.security.DataBackendException;
import org.apache.turbine.util.security.EntityExistsException;
import org.apache.turbine.util.security.PasswordMismatchException;
import org.apache.turbine.util.security.UnknownEntityException;

/* loaded from: input_file:org/apache/turbine/services/security/ldap/LDAPUserManager.class */
public class LDAPUserManager implements UserManager {
    @Override // org.apache.turbine.services.security.UserManager
    public void init(Configuration configuration) {
    }

    @Override // org.apache.turbine.services.security.UserManager
    public boolean accountExists(User user) throws DataBackendException {
        return accountExists(user.getName());
    }

    @Override // org.apache.turbine.services.security.UserManager
    public boolean accountExists(String str) throws DataBackendException {
        try {
            retrieve(str);
            return true;
        } catch (UnknownEntityException e) {
            return false;
        }
    }

    @Override // org.apache.turbine.services.security.UserManager
    public User retrieve(String str) throws UnknownEntityException, DataBackendException {
        try {
            NamingEnumeration search = bindAsAdmin().search(LDAPSecurityConstants.getBaseSearch(), new StringBuffer().append("(").append(LDAPSecurityConstants.getNameAttribute()).append("=").append(str).append(")").toString(), new SearchControls());
            if (!search.hasMore()) {
                throw new UnknownEntityException(new StringBuffer().append("The given user: ").append(str).append("\n does not exist.").toString());
            }
            Attributes attributes = ((SearchResult) search.next()).getAttributes();
            LDAPUser createLDAPUser = createLDAPUser();
            createLDAPUser.setLDAPAttributes(attributes);
            createLDAPUser.setTemp(User.SESSION_KEY, createLDAPUser);
            return createLDAPUser;
        } catch (NamingException e) {
            throw new DataBackendException("The LDAP server specified is unavailable", e);
        }
    }

    @Override // org.apache.turbine.services.security.UserManager
    public User retrieveById(Object obj) throws UnknownEntityException, DataBackendException {
        try {
            DirContext bindAsAdmin = bindAsAdmin();
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append(LDAPSecurityConstants.getUserIdAttribute());
            stringBuffer.append("=");
            stringBuffer.append(String.valueOf(obj));
            stringBuffer.append(",");
            stringBuffer.append(LDAPSecurityConstants.getBaseSearch());
            NamingEnumeration search = bindAsAdmin.search(stringBuffer.toString(), (Attributes) null);
            if (!search.hasMore()) {
                throw new UnknownEntityException(new StringBuffer().append("No user exists for the key: ").append(String.valueOf(obj)).append("\n").toString());
            }
            Attributes attributes = ((SearchResult) search.next()).getAttributes();
            LDAPUser createLDAPUser = createLDAPUser();
            createLDAPUser.setLDAPAttributes(attributes);
            createLDAPUser.setTemp(User.SESSION_KEY, createLDAPUser);
            return createLDAPUser;
        } catch (NamingException e) {
            throw new DataBackendException("The LDAP server specified is unavailable", e);
        }
    }

    @Override // org.apache.turbine.services.security.UserManager
    public User[] retrieve(Criteria criteria) throws DataBackendException {
        return (User[]) retrieveList(criteria).toArray(new User[0]);
    }

    @Override // org.apache.turbine.services.security.UserManager
    public List retrieveList(Criteria criteria) throws DataBackendException {
        Vector vector = new Vector(0);
        try {
            NamingEnumeration search = bindAsAdmin().search(LDAPSecurityConstants.getBaseSearch(), new StringBuffer().append("(").append(LDAPSecurityConstants.getNameAttribute()).append("=*)").toString(), new SearchControls());
            while (search.hasMore()) {
                Attributes attributes = ((SearchResult) search.next()).getAttributes();
                LDAPUser createLDAPUser = createLDAPUser();
                createLDAPUser.setLDAPAttributes(attributes);
                createLDAPUser.setTemp(User.SESSION_KEY, createLDAPUser);
                vector.add(createLDAPUser);
            }
            return vector;
        } catch (NamingException e) {
            throw new DataBackendException("The LDAP server specified is unavailable", e);
        }
    }

    @Override // org.apache.turbine.services.security.UserManager
    public User retrieve(String str, String str2) throws PasswordMismatchException, UnknownEntityException, DataBackendException {
        User retrieve = retrieve(str);
        authenticate(retrieve, str2);
        return retrieve;
    }

    @Override // org.apache.turbine.services.security.UserManager
    public void store(User user) throws UnknownEntityException, DataBackendException {
        if (!accountExists(user)) {
            throw new UnknownEntityException(new StringBuffer().append("The account '").append(user.getName()).append("' does not exist").toString());
        }
        try {
            LDAPUser lDAPUser = (LDAPUser) user;
            Attributes lDAPAttributes = lDAPUser.getLDAPAttributes();
            bindAsAdmin().modifyAttributes(lDAPUser.getDN(), 2, lDAPAttributes);
        } catch (NamingException e) {
            throw new DataBackendException("NamingException caught", e);
        }
    }

    @Override // org.apache.turbine.services.security.UserManager
    public void saveOnSessionUnbind(User user) throws UnknownEntityException, DataBackendException {
        if (!accountExists(user)) {
            throw new UnknownEntityException(new StringBuffer().append("The account '").append(user.getName()).append("' does not exist").toString());
        }
    }

    @Override // org.apache.turbine.services.security.UserManager
    public void authenticate(User user, String str) throws PasswordMismatchException, UnknownEntityException, DataBackendException {
        LDAPUser lDAPUser = (LDAPUser) user;
        try {
            bind(lDAPUser.getDN(), str);
        } catch (AuthenticationException e) {
            throw new PasswordMismatchException(new StringBuffer().append("The given password for: ").append(lDAPUser.getDN()).append(" is invalid\n").toString());
        } catch (NamingException e2) {
            throw new DataBackendException("NamingException caught:", e2);
        }
    }

    @Override // org.apache.turbine.services.security.UserManager
    public void changePassword(User user, String str, String str2) throws PasswordMismatchException, UnknownEntityException, DataBackendException {
        throw new DataBackendException("The method changePassword has no implementation.");
    }

    @Override // org.apache.turbine.services.security.UserManager
    public void forcePassword(User user, String str) throws UnknownEntityException, DataBackendException {
        throw new DataBackendException("The method forcePassword has no implementation.");
    }

    @Override // org.apache.turbine.services.security.UserManager
    public void createAccount(User user, String str) throws EntityExistsException, DataBackendException {
        if (accountExists(user)) {
            throw new EntityExistsException(new StringBuffer().append("The account '").append(user.getName()).append("' already exist").toString());
        }
        try {
            LDAPUser lDAPUser = (LDAPUser) user;
            Attributes lDAPAttributes = lDAPUser.getLDAPAttributes();
            bindAsAdmin().bind(lDAPUser.getDN(), (Object) null, lDAPAttributes);
        } catch (NamingException e) {
            throw new DataBackendException("NamingException caught", e);
        }
    }

    @Override // org.apache.turbine.services.security.UserManager
    public void removeAccount(User user) throws UnknownEntityException, DataBackendException {
        if (!accountExists(user)) {
            throw new UnknownEntityException(new StringBuffer().append("The account '").append(user.getName()).append("' does not exist").toString());
        }
        try {
            bindAsAdmin().unbind(((LDAPUser) user).getDN());
        } catch (NamingException e) {
            throw new DataBackendException("NamingException caught", e);
        }
    }

    public static DirContext bindAsAdmin() throws NamingException {
        return bind(LDAPSecurityConstants.getAdminUsername(), LDAPSecurityConstants.getAdminPassword());
    }

    public static DirContext bind(String str, String str2) throws NamingException {
        String lDAPHost = LDAPSecurityConstants.getLDAPHost();
        String str3 = new String(new StringBuffer().append("ldap://").append(lDAPHost).append(":").append(LDAPSecurityConstants.getLDAPPort()).toString());
        String lDAPProvider = LDAPSecurityConstants.getLDAPProvider();
        String lDAPAuthentication = LDAPSecurityConstants.getLDAPAuthentication();
        Hashtable hashtable = new Hashtable();
        hashtable.put("java.naming.factory.initial", lDAPProvider);
        hashtable.put("java.naming.provider.url", str3);
        hashtable.put("java.naming.security.authentication", lDAPAuthentication);
        hashtable.put("java.naming.security.principal", str);
        hashtable.put("java.naming.security.credentials", str2);
        return new InitialDirContext(hashtable);
    }

    private LDAPUser createLDAPUser() throws DataBackendException {
        try {
            return (LDAPUser) TurbineSecurity.getUserInstance();
        } catch (ClassCastException e) {
            throw new DataBackendException("ClassCastException:", e);
        } catch (UnknownEntityException e2) {
            throw new DataBackendException("UnknownEntityException:", e2);
        }
    }
}
