package org.alfresco.repo.security.sync.ldap;

import java.text.DateFormat;
import java.text.ParseException;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.TimeZone;
import java.util.TreeSet;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import org.alfresco.error.AlfrescoRuntimeException;
import org.alfresco.repo.management.subsystems.ActivateableBean;
import org.alfresco.repo.security.authentication.ldap.LDAPInitialDirContextFactory;
import org.alfresco.repo.security.sync.NodeDescription;
import org.alfresco.repo.security.sync.UserRegistry;
import org.alfresco.service.namespace.NamespaceService;
import org.alfresco.service.namespace.QName;
import org.alfresco.util.PropertyMap;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.beans.factory.InitializingBean;

/* loaded from: input_file:WEB-INF/lib/alfresco-repository-3.2.jar:org/alfresco/repo/security/sync/ldap/LDAPUserRegistry.class */
public class LDAPUserRegistry implements UserRegistry, InitializingBean, ActivateableBean {
    private static Log logger = LogFactory.getLog(LDAPUserRegistry.class);
    private String groupSearchBase;
    private String userSearchBase;
    private LDAPInitialDirContextFactory ldapInitialContextFactory;
    private Map<String, String> attributeMapping;
    private NamespaceService namespaceService;
    private Map<String, String> attributeDefaults;
    private int queryBatchSize;
    private boolean errorOnMissingMembers;
    private boolean errorOnDuplicateGID;
    private String[] userAttributeNames;
    private String[] groupAttributeNames;
    private DateFormat timestampFormat;
    private boolean active = true;
    private String groupQuery = "(objectclass=groupOfNames)";
    private String groupDifferentialQuery = "(&(objectclass=groupOfNames)(!(modifyTimestamp<={0})))";
    private String personQuery = "(objectclass=inetOrgPerson)";
    private String personDifferentialQuery = "(&(objectclass=inetOrgPerson)(!(modifyTimestamp<={0})))";
    private String groupIdAttributeName = "cn";
    private String userIdAttributeName = "uid";
    private String memberAttributeName = "member";
    private String modifyTimestampAttributeName = "modifyTimestamp";
    private String groupType = "groupOfNames";
    private String personType = "inetOrgPerson";
    private boolean errorOnMissingGID = true;
    private boolean errorOnMissingUID = true;

    /* loaded from: input_file:WEB-INF/lib/alfresco-repository-3.2.jar:org/alfresco/repo/security/sync/ldap/LDAPUserRegistry$PersonIterator.class */
    public class PersonIterator implements Iterator<NodeDescription> {
        private InitialDirContext ctx;
        private SearchControls userSearchCtls;
        private Date modifiedSince;
        private NamingEnumeration<SearchResult> searchResults;
        private HashSet<String> uids;
        private NodeDescription next;
        final /* synthetic */ LDAPUserRegistry this$0;

        /*  JADX ERROR: JadxRuntimeException in pass: BlockProcessor
            jadx.core.utils.exceptions.JadxRuntimeException: Unreachable block: B:7:0x007d
            	at jadx.core.dex.visitors.blocks.BlockProcessor.checkForUnreachableBlocks(BlockProcessor.java:88)
            	at jadx.core.dex.visitors.blocks.BlockProcessor.processBlocksTree(BlockProcessor.java:52)
            	at jadx.core.dex.visitors.blocks.BlockProcessor.visit(BlockProcessor.java:44)
            */
        public PersonIterator(org.alfresco.repo.security.sync.ldap.LDAPUserRegistry r6, java.util.Date r7) {
            /*
                r5 = this;
                r0 = r5
                r1 = r6
                r0.this$0 = r1
                r0 = r5
                r0.<init>()
                r0 = r5
                java.util.HashSet r1 = new java.util.HashSet
                r2 = r1
                r2.<init>()
                r0.uids = r1
                r0 = r5
                r1 = r6
                org.alfresco.repo.security.authentication.ldap.LDAPInitialDirContextFactory r1 = org.alfresco.repo.security.sync.ldap.LDAPUserRegistry.access$100(r1)     // Catch: javax.naming.NamingException -> L56 java.lang.Throwable -> L62
                r2 = r6
                int r2 = org.alfresco.repo.security.sync.ldap.LDAPUserRegistry.access$000(r2)     // Catch: javax.naming.NamingException -> L56 java.lang.Throwable -> L62
                javax.naming.directory.InitialDirContext r1 = r1.getDefaultIntialDirContext(r2)     // Catch: javax.naming.NamingException -> L56 java.lang.Throwable -> L62
                r0.ctx = r1     // Catch: javax.naming.NamingException -> L56 java.lang.Throwable -> L62
                r0 = r5
                javax.naming.directory.SearchControls r1 = new javax.naming.directory.SearchControls     // Catch: javax.naming.NamingException -> L56 java.lang.Throwable -> L62
                r2 = r1
                r2.<init>()     // Catch: javax.naming.NamingException -> L56 java.lang.Throwable -> L62
                r0.userSearchCtls = r1     // Catch: javax.naming.NamingException -> L56 java.lang.Throwable -> L62
                r0 = r5
                javax.naming.directory.SearchControls r0 = r0.userSearchCtls     // Catch: javax.naming.NamingException -> L56 java.lang.Throwable -> L62
                r1 = 2
                r0.setSearchScope(r1)     // Catch: javax.naming.NamingException -> L56 java.lang.Throwable -> L62
                r0 = r5
                javax.naming.directory.SearchControls r0 = r0.userSearchCtls     // Catch: javax.naming.NamingException -> L56 java.lang.Throwable -> L62
                r1 = r6
                java.lang.String[] r1 = org.alfresco.repo.security.sync.ldap.LDAPUserRegistry.access$200(r1)     // Catch: javax.naming.NamingException -> L56 java.lang.Throwable -> L62
                r0.setReturningAttributes(r1)     // Catch: javax.naming.NamingException -> L56 java.lang.Throwable -> L62
                r0 = r5
                r1 = r7
                r0.modifiedSince = r1     // Catch: javax.naming.NamingException -> L56 java.lang.Throwable -> L62
                r0 = r5
                r1 = r5
                org.alfresco.repo.security.sync.NodeDescription r1 = r1.fetchNext()     // Catch: javax.naming.NamingException -> L56 java.lang.Throwable -> L62
                r0.next = r1     // Catch: javax.naming.NamingException -> L56 java.lang.Throwable -> L62
                r0 = jsr -> L6a
            L53:
                goto L86
            L56:
                r8 = move-exception
                org.alfresco.error.AlfrescoRuntimeException r0 = new org.alfresco.error.AlfrescoRuntimeException     // Catch: java.lang.Throwable -> L62
                r1 = r0
                java.lang.String r2 = "Failed to import people."
                r3 = r8
                r1.<init>(r2, r3)     // Catch: java.lang.Throwable -> L62
                throw r0     // Catch: java.lang.Throwable -> L62
            L62:
                r9 = move-exception
                r0 = jsr -> L6a
            L67:
                r1 = r9
                throw r1
            L6a:
                r10 = r0
                r0 = r5
                javax.naming.NamingEnumeration<javax.naming.directory.SearchResult> r0 = r0.searchResults
                if (r0 != 0) goto L84
                r0 = r5
                javax.naming.directory.InitialDirContext r0 = r0.ctx     // Catch: java.lang.Exception -> L7d
                r0.close()     // Catch: java.lang.Exception -> L7d
                goto L7f
            L7d:
                r11 = move-exception
            L7f:
                r0 = r5
                r1 = 0
                r0.ctx = r1
            L84:
                ret r10
            L86:
                return
            */
            throw new UnsupportedOperationException("Method not decompiled: org.alfresco.repo.security.sync.ldap.LDAPUserRegistry.PersonIterator.<init>(org.alfresco.repo.security.sync.ldap.LDAPUserRegistry, java.util.Date):void");
        }

        @Override // java.util.Iterator
        public boolean hasNext() {
            return this.next != null;
        }

        /* JADX WARN: Can't rename method to resolve collision */
        @Override // java.util.Iterator
        public NodeDescription next() {
            if (this.next == null) {
                throw new IllegalStateException();
            }
            NodeDescription nodeDescription = this.next;
            try {
                this.next = fetchNext();
                return nodeDescription;
            } catch (NamingException e) {
                throw new AlfrescoRuntimeException("Failed to import people.", (Throwable) e);
            }
        }

        private NodeDescription fetchNext() throws NamingException {
            boolean z;
            do {
                z = this.searchResults == null;
                while (!z && this.searchResults.hasMoreElements()) {
                    Attributes attributes = ((SearchResult) this.searchResults.next()).getAttributes();
                    Attribute attribute = attributes.get(this.this$0.userIdAttributeName);
                    if (attribute != null) {
                        String str = (String) attribute.get(0);
                        if (this.uids.contains(str)) {
                            LDAPUserRegistry.logger.warn("Duplicate uid found - there will be more than one person object for this user - " + str);
                        }
                        this.uids.add(str);
                        if (LDAPUserRegistry.logger.isDebugEnabled()) {
                            LDAPUserRegistry.logger.debug("Adding user for " + str);
                        }
                        NodeDescription nodeDescription = new NodeDescription();
                        Attribute attribute2 = attributes.get(this.this$0.modifyTimestampAttributeName);
                        if (attribute2 != null) {
                            try {
                                nodeDescription.setLastModified(this.this$0.timestampFormat.parse(attribute2.get().toString()));
                            } catch (ParseException e) {
                                throw new AlfrescoRuntimeException("Failed to import people.", e);
                            }
                        }
                        PropertyMap properties = nodeDescription.getProperties();
                        for (String str2 : this.this$0.attributeMapping.keySet()) {
                            QName createQName = QName.createQName(str2, this.this$0.namespaceService);
                            String str3 = (String) this.this$0.attributeMapping.get(str2);
                            if (str3 != null) {
                                Attribute attribute3 = attributes.get(str3);
                                if (attribute3 != null) {
                                    String str4 = (String) attribute3.get(0);
                                    if (str4 != null) {
                                        properties.put(createQName, str4);
                                    }
                                } else {
                                    String str5 = (String) this.this$0.attributeDefaults.get(str2);
                                    if (str5 != null) {
                                        properties.put(createQName, str5);
                                    }
                                }
                            } else {
                                String str6 = (String) this.this$0.attributeDefaults.get(str2);
                                if (str6 != null) {
                                    properties.put(createQName, str6);
                                }
                            }
                        }
                        return nodeDescription;
                    }
                    if (this.this$0.errorOnMissingUID) {
                        throw new AlfrescoRuntimeException("User returned by user search does not have mandatory user id attribute " + attributes);
                    }
                    LDAPUserRegistry.logger.warn("User returned by user search does not have mandatory user id attribute " + attributes);
                }
                if (!z) {
                    z = this.this$0.ldapInitialContextFactory.hasNextPage(this.ctx, this.this$0.queryBatchSize);
                }
                if (z) {
                    if (this.modifiedSince == null) {
                        this.searchResults = this.ctx.search(this.this$0.userSearchBase, this.this$0.personQuery, this.userSearchCtls);
                    } else {
                        this.searchResults = this.ctx.search(this.this$0.userSearchBase, this.this$0.personDifferentialQuery, new Object[]{this.this$0.timestampFormat.format(this.modifiedSince)}, this.userSearchCtls);
                    }
                }
            } while (z);
            this.searchResults.close();
            this.searchResults = null;
            this.ctx.close();
            this.ctx = null;
            return null;
        }

        @Override // java.util.Iterator
        public void remove() {
            throw new UnsupportedOperationException();
        }
    }

    public LDAPUserRegistry() {
        setTimestampFormat("yyyyMMddHHmmss'Z'");
    }

    public void setActive(boolean z) {
        this.active = z;
    }

    public void setGroupIdAttributeName(String str) {
        this.groupIdAttributeName = str;
    }

    public void setGroupQuery(String str) {
        this.groupQuery = str;
    }

    public void setGroupDifferentialQuery(String str) {
        this.groupDifferentialQuery = str;
    }

    public void setPersonQuery(String str) {
        this.personQuery = str;
    }

    public void setPersonDifferentialQuery(String str) {
        this.personDifferentialQuery = str;
    }

    public void setGroupType(String str) {
        this.groupType = str;
    }

    public void setMemberAttribute(String str) {
        this.memberAttributeName = str;
    }

    public void setPersonType(String str) {
        this.personType = str;
    }

    public void setGroupSearchBase(String str) {
        this.groupSearchBase = str;
    }

    public void setUserSearchBase(String str) {
        this.userSearchBase = str;
    }

    public void setUserIdAttributeName(String str) {
        this.userIdAttributeName = str;
    }

    public void setModifyTimestampAttributeName(String str) {
        this.modifyTimestampAttributeName = str;
    }

    public void setTimestampFormat(String str) {
        this.timestampFormat = new SimpleDateFormat(str);
        this.timestampFormat.setTimeZone(TimeZone.getTimeZone("GMT"));
    }

    public void setErrorOnMissingMembers(boolean z) {
        this.errorOnMissingMembers = z;
    }

    public void setErrorOnMissingGID(boolean z) {
        this.errorOnMissingGID = z;
    }

    public void setErrorOnMissingUID(boolean z) {
        this.errorOnMissingUID = z;
    }

    public void setErrorOnDuplicateGID(boolean z) {
        this.errorOnDuplicateGID = z;
    }

    public void setLDAPInitialDirContextFactory(LDAPInitialDirContextFactory lDAPInitialDirContextFactory) {
        this.ldapInitialContextFactory = lDAPInitialDirContextFactory;
    }

    public void setAttributeDefaults(Map<String, String> map) {
        this.attributeDefaults = map;
    }

    public void setNamespaceService(NamespaceService namespaceService) {
        this.namespaceService = namespaceService;
    }

    public void setAttributeMapping(Map<String, String> map) {
        this.attributeMapping = map;
    }

    public void setQueryBatchSize(int i) {
        this.queryBatchSize = i;
    }

    @Override // org.alfresco.repo.management.subsystems.ActivateableBean
    public boolean isActive() {
        return this.active;
    }

    @Override // org.springframework.beans.factory.InitializingBean
    public void afterPropertiesSet() throws Exception {
        TreeSet treeSet = new TreeSet();
        treeSet.add(this.userIdAttributeName);
        treeSet.add(this.modifyTimestampAttributeName);
        for (String str : this.attributeMapping.values()) {
            if (str != null) {
                treeSet.add(str);
            }
        }
        this.userAttributeNames = new String[treeSet.size()];
        treeSet.toArray(this.userAttributeNames);
        this.groupAttributeNames = new String[]{this.groupIdAttributeName, this.modifyTimestampAttributeName, this.memberAttributeName};
    }

    @Override // org.alfresco.repo.security.sync.UserRegistry
    public Iterator<NodeDescription> getPersons(Date date) {
        return new PersonIterator(this, date);
    }

    /*  JADX ERROR: JadxRuntimeException in pass: BlockProcessor
        jadx.core.utils.exceptions.JadxRuntimeException: Unreachable block: B:94:0x04b7
        	at jadx.core.dex.visitors.blocks.BlockProcessor.checkForUnreachableBlocks(BlockProcessor.java:88)
        	at jadx.core.dex.visitors.blocks.BlockProcessor.processBlocksTree(BlockProcessor.java:52)
        	at jadx.core.dex.visitors.blocks.BlockProcessor.visit(BlockProcessor.java:44)
        */
    @Override // org.alfresco.repo.security.sync.UserRegistry
    public java.util.Iterator<org.alfresco.repo.security.sync.NodeDescription> getGroups(java.util.Date r10) {
        /*
            Method dump skipped, instructions count: 1211
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.alfresco.repo.security.sync.ldap.LDAPUserRegistry.getGroups(java.util.Date):java.util.Iterator");
    }

    private boolean hasAttributeValue(Attribute attribute, String str) throws NamingException {
        NamingEnumeration all = attribute.getAll();
        while (all.hasMore()) {
            if (str.equalsIgnoreCase((String) all.next())) {
                return true;
            }
        }
        return false;
    }

    static /* synthetic */ int access$000(LDAPUserRegistry lDAPUserRegistry) {
        return lDAPUserRegistry.queryBatchSize;
    }

    static /* synthetic */ LDAPInitialDirContextFactory access$100(LDAPUserRegistry lDAPUserRegistry) {
        return lDAPUserRegistry.ldapInitialContextFactory;
    }

    static /* synthetic */ String[] access$200(LDAPUserRegistry lDAPUserRegistry) {
        return lDAPUserRegistry.userAttributeNames;
    }
}
