package net.bluemind.system.ldap.export;

import java.util.ArrayList;
import java.util.List;
import javax.net.ssl.TrustManager;
import net.bluemind.config.Token;
import net.bluemind.core.api.fault.ServerFault;
import net.bluemind.core.container.model.ItemValue;
import net.bluemind.domain.api.Domain;
import net.bluemind.lib.ldap.LdapConProxy;
import net.bluemind.server.api.Server;
import net.bluemind.system.ldap.export.objects.DomainDirectoryRoot;
import org.apache.directory.api.ldap.codec.api.DefaultConfigurableBinaryAttributeDetector;
import org.apache.directory.api.ldap.model.cursor.CursorException;
import org.apache.directory.api.ldap.model.cursor.SearchCursor;
import org.apache.directory.api.ldap.model.entry.Entry;
import org.apache.directory.api.ldap.model.exception.LdapEntryAlreadyExistsException;
import org.apache.directory.api.ldap.model.exception.LdapException;
import org.apache.directory.api.ldap.model.message.AliasDerefMode;
import org.apache.directory.api.ldap.model.message.BindRequestImpl;
import org.apache.directory.api.ldap.model.message.LdapResult;
import org.apache.directory.api.ldap.model.message.MessageTypeEnum;
import org.apache.directory.api.ldap.model.message.ModifyRequest;
import org.apache.directory.api.ldap.model.message.Response;
import org.apache.directory.api.ldap.model.message.ResultCodeEnum;
import org.apache.directory.api.ldap.model.message.SearchRequestImpl;
import org.apache.directory.api.ldap.model.message.SearchResultEntry;
import org.apache.directory.api.ldap.model.message.SearchScope;
import org.apache.directory.api.ldap.model.name.Dn;
import org.apache.directory.ldap.client.api.LdapConnection;
import org.apache.directory.ldap.client.api.LdapConnectionConfig;
import org.apache.directory.ldap.client.api.NoVerificationTrustManager;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:net/bluemind/system/ldap/export/LdapHelper.class */
public class LdapHelper {
    private static final Logger logger = LoggerFactory.getLogger(LdapHelper.class);
    public static final String DIRECTORY_ROOT_DN = "uid=admin,dc=local";
    private static final String CONFIG_ROOT_DN = "uid=admin,cn=config";

    public static LdapConnection connectDirectory(ItemValue<Server> itemValue) throws ServerFault {
        return connectLdap(itemValue, DIRECTORY_ROOT_DN, Token.admin0());
    }

    public static LdapConnection connectConfigDirectory(ItemValue<Server> itemValue) throws ServerFault {
        return connectLdap(itemValue, CONFIG_ROOT_DN, Token.admin0());
    }

    private static LdapConnection connectLdap(ItemValue<Server> itemValue, String str, String str2) throws ServerFault {
        try {
            LdapConProxy ldapCon = getLdapCon(((Server) itemValue.value).address());
            BindRequestImpl bindRequestImpl = new BindRequestImpl();
            bindRequestImpl.setSimple(true);
            bindRequestImpl.setName(str);
            bindRequestImpl.setCredentials(str2);
            if (ResultCodeEnum.SUCCESS == ldapCon.bind(bindRequestImpl).getLdapResult().getResultCode() && ldapCon.isAuthenticated()) {
                return ldapCon;
            }
            throw new ServerFault("Fail to authenticate to LDAP server: " + ((Server) itemValue.value).address() + " as: " + str);
        } catch (Exception e) {
            throw new ServerFault(e);
        } catch (ServerFault e2) {
            throw e2;
        }
    }

    private static LdapConProxy getLdapCon(String str) {
        LdapConnectionConfig ldapConnectionConfig = new LdapConnectionConfig();
        ldapConnectionConfig.setLdapHost(str);
        ldapConnectionConfig.setLdapPort(389);
        ldapConnectionConfig.setUseTls(true);
        ldapConnectionConfig.setUseSsl(false);
        ldapConnectionConfig.setTrustManagers(new TrustManager[]{new NoVerificationTrustManager()});
        ldapConnectionConfig.setTimeout(10000L);
        ldapConnectionConfig.setBinaryAttributeDetector(new DefaultConfigurableBinaryAttributeDetector());
        return new LdapConProxy(ldapConnectionConfig);
    }

    public static void addLdapEntry(LdapConnection ldapConnection, Entry entry) throws ServerFault {
        if (entry == null) {
            return;
        }
        try {
            ldapConnection.add(entry);
        } catch (LdapException e) {
            logger.error("Fail to add entry DN: " + String.valueOf(entry.getDn()), e);
            throw new ServerFault(e);
        } catch (LdapEntryAlreadyExistsException unused) {
            logger.warn(entry.getDn().getName() + " already exist");
        }
    }

    public static void deleteTree(LdapConnection ldapConnection, String str) throws ServerFault {
        SearchCursor searchCursor = null;
        try {
            try {
                SearchRequestImpl searchRequestImpl = new SearchRequestImpl();
                searchRequestImpl.setBase(new Dn(new String[]{str}));
                searchRequestImpl.setScope(SearchScope.ONELEVEL);
                searchRequestImpl.setFilter("(objectclass=*)");
                searchRequestImpl.addAttributes(new String[]{"dn"});
                searchRequestImpl.setDerefAliases(AliasDerefMode.NEVER_DEREF_ALIASES);
                searchCursor = ldapConnection.search(searchRequestImpl);
                while (searchCursor.next()) {
                    SearchResultEntry searchResultEntry = (Response) searchCursor.get();
                    if (searchResultEntry.getType() == MessageTypeEnum.SEARCH_RESULT_ENTRY) {
                        deleteTree(ldapConnection, searchResultEntry.getEntry().getDn().getName());
                    }
                }
                ldapConnection.delete(str);
                try {
                    searchCursor.close();
                } catch (Exception unused) {
                }
            } catch (Throwable th) {
                try {
                    searchCursor.close();
                } catch (Exception unused2) {
                }
                throw th;
            }
        } catch (Exception unused3) {
            throw new ServerFault("Fail to delete LDAP entry: " + str);
        } catch (ServerFault e) {
            throw e;
        }
    }

    public static List<Entry> getLdapEntryFromUid(LdapConnection ldapConnection, ItemValue<Domain> itemValue, String str, String... strArr) throws LdapException, CursorException {
        ArrayList arrayList = new ArrayList();
        SearchRequestImpl searchRequestImpl = new SearchRequestImpl();
        searchRequestImpl.setScope(SearchScope.SUBTREE);
        searchRequestImpl.setBase(new Dn(new String[]{new DomainDirectoryRoot(itemValue).getDn()}));
        searchRequestImpl.setFilter("(bmUid=" + str + ")");
        searchRequestImpl.addAttributes(strArr);
        SearchCursor search = ldapConnection.search(searchRequestImpl);
        while (search.next()) {
            SearchResultEntry searchResultEntry = (Response) search.get();
            if (searchResultEntry.getType() == MessageTypeEnum.SEARCH_RESULT_ENTRY) {
                arrayList.add(searchResultEntry.getEntry());
            }
        }
        LdapResult ldapResult = search.getSearchResultDone().getLdapResult();
        if (ldapResult.getResultCode() != ResultCodeEnum.SUCCESS) {
            throw new ServerFault("Error on search for bmUid:" + str + " - " + String.valueOf(ldapResult.getResultCode()) + " " + ldapResult.getDiagnosticMessage());
        }
        return arrayList;
    }

    public static void modifyLdapEntry(LdapConnection ldapConnection, ModifyRequest modifyRequest) throws ServerFault {
        if (modifyRequest == null || modifyRequest.getModifications().isEmpty()) {
            return;
        }
        try {
            LdapResult ldapResult = ldapConnection.modify(modifyRequest).getLdapResult();
            if (ldapResult.getResultCode() != ResultCodeEnum.SUCCESS) {
                throw new ServerFault("Modify failed: " + String.valueOf(ldapResult.getResultCode()) + " => " + ldapResult.getDiagnosticMessage());
            }
        } catch (LdapException e) {
            logger.error("Fail to update entry DN: " + modifyRequest.getName().getName(), e);
            throw new ServerFault(e);
        }
    }
}
