package imcode.server.user;

import com.imcode.imcms.servlet.SearchDocumentsPage;
import com.imcode.net.ldap.LdapClient;
import com.imcode.net.ldap.LdapClientException;
import com.imcode.net.ldap.LdapConnection;
import java.beans.PropertyDescriptor;
import java.lang.reflect.InvocationTargetException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashSet;
import java.util.Map;
import java.util.Properties;
import java.util.StringTokenizer;
import java.util.TreeSet;
import javax.naming.CommunicationException;
import javax.naming.directory.SearchControls;
import org.apache.commons.beanutils.BeanUtils;
import org.apache.commons.beanutils.PropertyUtils;
import org.apache.commons.collections.ExtendedProperties;
import org.apache.commons.lang.ArrayUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.lang.UnhandledException;
import org.apache.log4j.Logger;

/* loaded from: input_file:imcode/server/user/LdapUserAndRoleRegistry.class */
public class LdapUserAndRoleRegistry implements Authenticator, UserAndRoleRegistry {
    public static final String DEFAULT_LDAP_ROLE = "LDAP";
    private static final String ORGANIZATIONALPERSON_TITLE = "title";
    private final LdapClient ldapClient;
    private LdapConnection ldapConnection;
    private final String ldapUserObjectClass;
    private final String[] ldapAttributesAutoMappedToRoles;
    private Properties userPropertyNameToLdapAttributeNameMap;
    private String ldapUsername;
    private String ldapPassword;
    private static final String LDAP_USER_OBJECTCLASS__INETORGPERSON = "inetOrgPerson";
    private static final String LDAP_USER_OBJECTCLASS_DEFAULT = "inetOrgPerson";
    private static final Logger LOG = Logger.getLogger(LdapUserAndRoleRegistry.class);
    static final String INETORGPERSON_USER_IDENTITY = "uid";
    private static final String INETORGPERSON_GIVEN_NAME = "givenName";
    private static final String PERSON_SURNAME = "sn";
    private static final String INETORGPERSON_ORGANIZATION = "o";
    private static final String ORGANIZATIONALPERSON_STREET_ADRESS = "streetAddress";
    private static final String INETORGPERSON_LOCALITY_NAME = "l";
    private static final String ORGANIZATIONALPERSON_POSTAL_CODE = "postalCode";
    private static final String ORGANIZATIONALPERSON_STATE_OR_PROVINCE_NAME = "st";
    private static final String INETORGPERSON_MAIL = "mail";
    private static final String PERSON_TELEPHONE_NUMBER = "telephoneNumber";
    private static final String INETORGPERSON_MOBILE = "mobile";
    private static final String INETORGPERSON_HOME_PHONE = "homePhone";
    private static final Map DEFAULT_USER_PROPERTY_NAME_TO_LDAP_ATTRIBUTE_NAME_MAP = ArrayUtils.toMap(new String[]{new String[]{"LoginName", INETORGPERSON_USER_IDENTITY}, new String[]{"FirstName", INETORGPERSON_GIVEN_NAME}, new String[]{"LastName", PERSON_SURNAME}, new String[]{"Title", "title"}, new String[]{"Company", INETORGPERSON_ORGANIZATION}, new String[]{"Address", ORGANIZATIONALPERSON_STREET_ADRESS}, new String[]{"City", INETORGPERSON_LOCALITY_NAME}, new String[]{"Zip", ORGANIZATIONALPERSON_POSTAL_CODE}, new String[]{"Province", ORGANIZATIONALPERSON_STATE_OR_PROVINCE_NAME}, new String[]{"EmailAddress", INETORGPERSON_MAIL}, new String[]{"WorkPhone", PERSON_TELEPHONE_NUMBER}, new String[]{"MobilePhone", INETORGPERSON_MOBILE}, new String[]{"HomePhone", INETORGPERSON_HOME_PHONE}});

    public LdapUserAndRoleRegistry(Properties properties) throws LdapClientException {
        this(properties.getProperty("LdapUrl", "ldap://localhost/"), properties.getProperty("LdapUserObjectClass", "inetOrgPerson"), properties.getProperty("LdapBindDn", SearchDocumentsPage.USER_DOCUMENTS_RESTRICTION__NONE), properties.getProperty("LdapPassword", SearchDocumentsPage.USER_DOCUMENTS_RESTRICTION__NONE), buildAttributesMappedToRoles(properties), buildUserAttributes(properties));
    }

    private static String[] buildAttributesMappedToRoles(Properties properties) {
        return splitStringOnCommasAndSpaces(properties.getProperty("LdapAttributesMappedToRoles", SearchDocumentsPage.USER_DOCUMENTS_RESTRICTION__NONE));
    }

    private static Properties buildUserAttributes(Properties properties) {
        Properties properties2 = new Properties();
        ExtendedProperties subset = ExtendedProperties.convertProperties(properties).subset("LdapUserAttribute");
        if (null != subset) {
            properties2.putAll(subset);
        }
        return properties2;
    }

    public LdapUserAndRoleRegistry(String str, String str2, String str3, String str4, String[] strArr, Properties properties) throws LdapClientException {
        this.userPropertyNameToLdapAttributeNameMap = new Properties();
        this.ldapAttributesAutoMappedToRoles = strArr;
        initLdapUserAttributesMap(properties);
        this.ldapUserObjectClass = str2;
        this.ldapClient = new LdapClient(str);
        this.ldapUsername = str3;
        this.ldapPassword = str4;
        createLdapConnection();
    }

    private void createLdapConnection() throws LdapClientException {
        this.ldapConnection = this.ldapClient.bind(this.ldapUsername, this.ldapPassword);
    }

    @Override // imcode.server.user.UserAndRoleRegistry
    public String[] getAllRoleNames() {
        return new String[]{DEFAULT_LDAP_ROLE};
    }

    private void initLdapUserAttributesMap(Properties properties) throws LdapClientException {
        this.userPropertyNameToLdapAttributeNameMap.putAll(DEFAULT_USER_PROPERTY_NAME_TO_LDAP_ATTRIBUTE_NAME_MAP);
        this.userPropertyNameToLdapAttributeNameMap.putAll(properties);
        TreeSet treeSet = new TreeSet(this.userPropertyNameToLdapAttributeNameMap.keySet());
        treeSet.removeAll(Arrays.asList(getCapitalizedSettableBeanPropertyNames(UserDomainObject.class)));
        if (!treeSet.isEmpty()) {
            throw new LdapClientException("Unrecognized LdapUserAttributes: " + StringUtils.join(treeSet.iterator(), ", "));
        }
    }

    @Override // imcode.server.user.Authenticator
    public boolean authenticate(String str, String str2) {
        try {
            Map<String, String> searchForUserAttributes = searchForUserAttributes(str, new String[]{"dn"});
            if (null != searchForUserAttributes) {
                return this.ldapClient.canBind(searchForUserAttributes.get("dn"), str2);
            }
            return false;
        } catch (LdapClientException e) {
            LOG.warn("Failed to get ldap context.", e);
            return false;
        }
    }

    @Override // imcode.server.user.UserAndRoleRegistry
    public UserDomainObject getUser(String str) {
        UserDomainObject userDomainObject = null;
        Map<String, String> searchForUserAttributes = searchForUserAttributes(str, null);
        if (null != searchForUserAttributes) {
            userDomainObject = createUserFromLdapAttributes(searchForUserAttributes);
            userDomainObject.setLoginName(str);
            userDomainObject.setActive(true);
        }
        return userDomainObject;
    }

    private UserDomainObject createUserFromLdapAttributes(Map<String, String> map) {
        String str;
        UserDomainObject userDomainObject = new UserDomainObject();
        try {
            for (PropertyDescriptor propertyDescriptor : PropertyUtils.getPropertyDescriptors(userDomainObject)) {
                if (null != propertyDescriptor.getWriteMethod()) {
                    String name = propertyDescriptor.getName();
                    String property = this.userPropertyNameToLdapAttributeNameMap.getProperty(StringUtils.capitalize(name));
                    if (null != property && null != (str = map.get(property))) {
                        BeanUtils.setProperty(userDomainObject, name, str);
                    }
                }
            }
            return userDomainObject;
        } catch (IllegalAccessException e) {
            throw new UnhandledException(e);
        } catch (InvocationTargetException e2) {
            throw new UnhandledException(e2);
        }
    }

    @Override // imcode.server.user.UserAndRoleRegistry
    public String[] getRoleNames(UserDomainObject userDomainObject) {
        HashSet hashSet = new HashSet(searchForUserAttributes(userDomainObject.getLoginName(), this.ldapAttributesAutoMappedToRoles).values());
        hashSet.add(DEFAULT_LDAP_ROLE);
        return (String[]) hashSet.toArray(new String[hashSet.size()]);
    }

    private Map<String, String> searchForUserAttributes(String str, String[] strArr) {
        Map<String, String> map = null;
        try {
            String property = this.userPropertyNameToLdapAttributeNameMap.getProperty("LoginName");
            SearchControls searchControls = new SearchControls();
            searchControls.setSearchScope(2);
            searchControls.setReturningAttributes(strArr);
            searchControls.setReturningObjFlag(true);
            try {
                map = this.ldapConnection.search("(&(objectClass={0})({1}={2}))", new Object[]{this.ldapUserObjectClass, property, str}, searchControls);
            } catch (LdapClientException e) {
                if (!(e.getCause() instanceof CommunicationException)) {
                    throw e;
                }
                createLdapConnection();
                map = this.ldapConnection.search("(&(objectClass={0})({1}={2}))", new Object[]{this.ldapUserObjectClass, property, str}, searchControls);
            }
        } catch (LdapClientException e2) {
            LOG.warn("Could not find user " + str, e2);
        }
        return map;
    }

    private static String[] splitStringOnCommasAndSpaces(String str) {
        StringTokenizer stringTokenizer = new StringTokenizer(str, ", ");
        String[] strArr = new String[stringTokenizer.countTokens()];
        for (int i = 0; i < strArr.length; i++) {
            strArr[i] = stringTokenizer.nextToken();
        }
        return strArr;
    }

    private static String[] getCapitalizedSettableBeanPropertyNames(Class cls) {
        PropertyDescriptor[] propertyDescriptors = PropertyUtils.getPropertyDescriptors(cls);
        ArrayList arrayList = new ArrayList();
        for (PropertyDescriptor propertyDescriptor : propertyDescriptors) {
            if (null != propertyDescriptor.getWriteMethod()) {
                arrayList.add(StringUtils.capitalize(propertyDescriptor.getName()));
            }
        }
        return (String[]) arrayList.toArray(new String[arrayList.size()]);
    }

    public void setUserPropertyLdapAttribute(String str, String str2) {
        this.userPropertyNameToLdapAttributeNameMap.put(str, str2);
    }
}
