package org.pac4j.ldap.profile.service;

import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import lombok.Generated;
import org.ldaptive.AddOperation;
import org.ldaptive.AddRequest;
import org.ldaptive.AttributeModification;
import org.ldaptive.ConnectionFactory;
import org.ldaptive.Credential;
import org.ldaptive.DeleteOperation;
import org.ldaptive.DeleteRequest;
import org.ldaptive.LdapAttribute;
import org.ldaptive.LdapEntry;
import org.ldaptive.LdapException;
import org.ldaptive.ModifyOperation;
import org.ldaptive.ModifyRequest;
import org.ldaptive.SearchOperation;
import org.ldaptive.SearchRequest;
import org.ldaptive.auth.AuthenticationRequest;
import org.ldaptive.auth.AuthenticationResponse;
import org.ldaptive.auth.AuthenticationResultCode;
import org.ldaptive.auth.Authenticator;
import org.ldaptive.handler.ResultPredicate;
import org.pac4j.core.context.CallContext;
import org.pac4j.core.credentials.Credentials;
import org.pac4j.core.credentials.UsernamePasswordCredentials;
import org.pac4j.core.exception.AccountNotFoundException;
import org.pac4j.core.exception.BadCredentialsException;
import org.pac4j.core.exception.TechnicalException;
import org.pac4j.core.profile.definition.CommonProfileDefinition;
import org.pac4j.core.profile.service.AbstractProfileService;
import org.pac4j.core.util.CommonHelper;
import org.pac4j.core.util.serializer.JsonSerializer;
import org.pac4j.ldap.profile.LdapProfile;

/* loaded from: input_file:org/pac4j/ldap/profile/service/LdapProfileService.class */
public class LdapProfileService extends AbstractProfileService<LdapProfile> {
    private Authenticator ldapAuthenticator;
    private ConnectionFactory connectionFactory;
    private String usersDn;

    public LdapProfileService() {
    }

    public LdapProfileService(Authenticator authenticator) {
        this.ldapAuthenticator = authenticator;
    }

    public LdapProfileService(Authenticator authenticator, String str) {
        this.ldapAuthenticator = authenticator;
        setAttributes(str);
    }

    public LdapProfileService(ConnectionFactory connectionFactory, Authenticator authenticator, String str) {
        this.connectionFactory = connectionFactory;
        this.ldapAuthenticator = authenticator;
        this.usersDn = str;
    }

    public LdapProfileService(ConnectionFactory connectionFactory, Authenticator authenticator, String str, String str2) {
        this.connectionFactory = connectionFactory;
        this.ldapAuthenticator = authenticator;
        setAttributes(str);
        this.usersDn = str2;
    }

    protected void internalInit(boolean z) {
        CommonHelper.assertNotNull("ldapAuthenticator", this.ldapAuthenticator);
        CommonHelper.assertNotNull("connectionFactory", this.connectionFactory);
        CommonHelper.assertNull("passwordEncoder", getPasswordEncoder());
        CommonHelper.assertNotBlank("usersDn", this.usersDn);
        setProfileDefinitionIfUndefined(new CommonProfileDefinition(objArr -> {
            return new LdapProfile();
        }));
        setSerializer(new JsonSerializer(LdapProfile.class));
        super.internalInit(z);
    }

    protected void insert(Map<String, Object> map) {
        map.put("objectClass", "person");
        LdapEntry build = LdapEntry.builder().dn(getEntryId(map)).attributes(getLdapAttributes(map)).build();
        try {
            AddOperation addOperation = new AddOperation(this.connectionFactory);
            addOperation.setThrowCondition(ResultPredicate.NOT_SUCCESS);
            addOperation.execute(new AddRequest(build.getDn(), build.getAttributes()));
        } catch (LdapException e) {
            throw new TechnicalException(e);
        }
    }

    protected String getEntryId(Map<String, Object> map) {
        return getIdAttribute() + "=" + map.get(getIdAttribute()) + "," + this.usersDn;
    }

    protected List<LdapAttribute> getLdapAttributes(Map<String, Object> map) {
        LdapAttribute ldapAttribute;
        ArrayList arrayList = new ArrayList();
        for (Map.Entry<String, Object> entry : map.entrySet()) {
            Object value = entry.getValue();
            if (value != null) {
                String key = entry.getKey();
                if (value instanceof String) {
                    ldapAttribute = new LdapAttribute(key, new String[]{(String) value});
                } else if (value instanceof List) {
                    List list = (List) value;
                    ldapAttribute = new LdapAttribute(key, (String[]) list.toArray(new String[list.size()]));
                } else {
                    ldapAttribute = new LdapAttribute(key, new String[]{value.toString()});
                }
                arrayList.add(ldapAttribute);
            }
        }
        return arrayList;
    }

    protected void update(Map<String, Object> map) {
        try {
            ModifyOperation modifyOperation = new ModifyOperation(this.connectionFactory);
            modifyOperation.setThrowCondition(ResultPredicate.NOT_SUCCESS);
            ArrayList arrayList = new ArrayList();
            Iterator<LdapAttribute> it = getLdapAttributes(map).iterator();
            while (it.hasNext()) {
                arrayList.add(new AttributeModification(AttributeModification.Type.REPLACE, it.next()));
            }
            modifyOperation.execute(new ModifyRequest(getEntryId(map), (AttributeModification[]) arrayList.toArray(new AttributeModification[arrayList.size()])));
        } catch (LdapException e) {
            throw new TechnicalException(e);
        }
    }

    protected void deleteById(String str) {
        try {
            DeleteOperation deleteOperation = new DeleteOperation(this.connectionFactory);
            deleteOperation.setThrowCondition(ResultPredicate.NOT_SUCCESS);
            deleteOperation.execute(new DeleteRequest(getIdAttribute() + "=" + str + "," + this.usersDn));
        } catch (LdapException e) {
            throw new TechnicalException(e);
        }
    }

    protected List<Map<String, Object>> read(List<String> list, String str, String str2) {
        ArrayList arrayList = new ArrayList();
        try {
            Iterator it = new SearchOperation(this.connectionFactory).execute(new SearchRequest(this.usersDn, str + "=" + str2, (String[]) list.toArray(new String[list.size()]))).getEntries().iterator();
            while (it.hasNext()) {
                arrayList.add(getAttributesFromEntry((LdapEntry) it.next()));
            }
            return arrayList;
        } catch (LdapException e) {
            throw new TechnicalException(e);
        }
    }

    protected Map<String, Object> getAttributesFromEntry(LdapEntry ldapEntry) {
        HashMap hashMap = new HashMap();
        for (LdapAttribute ldapAttribute : ldapEntry.getAttributes()) {
            String name = ldapAttribute.getName();
            if (ldapAttribute.size() > 1) {
                hashMap.put(name, ldapAttribute.getStringValues());
            } else {
                hashMap.put(name, ldapAttribute.getStringValue());
            }
        }
        return hashMap;
    }

    public Optional<Credentials> validate(CallContext callContext, Credentials credentials) {
        init();
        UsernamePasswordCredentials usernamePasswordCredentials = (UsernamePasswordCredentials) credentials;
        String username = usernamePasswordCredentials.getUsername();
        CommonHelper.assertNotBlank("username", username);
        try {
            this.logger.debug("Attempting LDAP authentication for: {}", usernamePasswordCredentials);
            List defineAttributesToRead = defineAttributesToRead();
            AuthenticationResponse authenticate = this.ldapAuthenticator.authenticate(new AuthenticationRequest(username, new Credential(usernamePasswordCredentials.getPassword()), (String[]) defineAttributesToRead.toArray(new String[defineAttributesToRead.size()])));
            this.logger.debug("LDAP response: {}", authenticate);
            if (!authenticate.isSuccess()) {
                if (AuthenticationResultCode.DN_RESOLUTION_FAILURE == authenticate.getAuthenticationResultCode()) {
                    throw new AccountNotFoundException(username + " not found");
                }
                throw new BadCredentialsException("Invalid credentials for: " + username);
            }
            LdapEntry ldapEntry = authenticate.getLdapEntry();
            ArrayList arrayList = new ArrayList();
            arrayList.add(getAttributesFromEntry(ldapEntry));
            usernamePasswordCredentials.setUserProfile((LdapProfile) convertAttributesToProfile(arrayList, username));
            return Optional.of(usernamePasswordCredentials);
        } catch (LdapException e) {
            throw new TechnicalException("Unexpected LDAP error", e);
        }
    }

    @SuppressFBWarnings(justification = "generated code")
    @Generated
    public Authenticator getLdapAuthenticator() {
        return this.ldapAuthenticator;
    }

    @SuppressFBWarnings(justification = "generated code")
    @Generated
    public ConnectionFactory getConnectionFactory() {
        return this.connectionFactory;
    }

    @SuppressFBWarnings(justification = "generated code")
    @Generated
    public String getUsersDn() {
        return this.usersDn;
    }

    @SuppressFBWarnings(justification = "generated code")
    @Generated
    public void setLdapAuthenticator(Authenticator authenticator) {
        this.ldapAuthenticator = authenticator;
    }

    @SuppressFBWarnings(justification = "generated code")
    @Generated
    public void setConnectionFactory(ConnectionFactory connectionFactory) {
        this.connectionFactory = connectionFactory;
    }

    @SuppressFBWarnings(justification = "generated code")
    @Generated
    public void setUsersDn(String str) {
        this.usersDn = str;
    }

    @SuppressFBWarnings(justification = "generated code")
    @Generated
    public String toString() {
        return "LdapProfileService(super=" + super.toString() + ", ldapAuthenticator=" + this.ldapAuthenticator + ", connectionFactory=" + this.connectionFactory + ", usersDn=" + this.usersDn + ")";
    }
}
