package net.gencat.ctti.canigo.services.security.acegi.providers.ldap;

import java.text.MessageFormat;
import java.util.ArrayList;
import javax.naming.AuthenticationException;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import net.gencat.ctti.canigo.services.security.acegi.providers.dao.AuthoritiesDAO;
import net.sf.acegisecurity.BadCredentialsException;
import net.sf.acegisecurity.GrantedAuthority;
import net.sf.acegisecurity.GrantedAuthorityImpl;
import net.sf.acegisecurity.UserDetails;
import net.sf.acegisecurity.providers.dao.PasswordAuthenticationDao;
import net.sf.acegisecurity.providers.dao.User;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.dao.DataAccessException;
import org.springframework.dao.DataAccessResourceFailureException;

/* loaded from: input_file:net/gencat/ctti/canigo/services/security/acegi/providers/ldap/LdapPasswordAuthenticationDao.class */
public class LdapPasswordAuthenticationDao extends InitialDirContextFactoryBean implements PasswordAuthenticationDao {
    private static final Log logger;
    public static final String BAD_CREDENTIALS_EXCEPTION_MESSAGE = "Invalid username, password or server configuration (JNDI Context).";
    private MessageFormat usernameFormat = new MessageFormat("cn={0}");
    private MessageFormat userLookupNameFormat = null;
    private String[] roleAttributes = {"memberOf"};
    private String defaultRole = null;
    private AuthoritiesDAO authoritiesDAO;
    static Class class$net$gencat$ctti$canigo$services$security$acegi$providers$ldap$LdapPasswordAuthenticationDao;

    public UserDetails loadUserByUsernameAndPassword(String str, String str2) throws DataAccessException, BadCredentialsException {
        if (str2 == null || str2.length() == 0) {
            throw new BadCredentialsException("Empty password");
        }
        String format = null == this.usernameFormat ? str : this.usernameFormat.format(new Object[]{str});
        if (logger.isDebugEnabled()) {
            logger.debug(new StringBuffer().append("Connecting to ").append(getUrl()).append(" as ").append(format).toString());
        }
        try {
            if (null == newInitialDirContext(format, str2)) {
                throw new BadCredentialsException(BAD_CREDENTIALS_EXCEPTION_MESSAGE);
            }
            return new User(str, str2, true, true, true, true, this.authoritiesDAO.getAuthorities(str));
        } catch (AuthenticationException e) {
            throw new BadCredentialsException(BAD_CREDENTIALS_EXCEPTION_MESSAGE, e);
        }
    }

    protected String[] getRoleFromLDAP(String str, String str2, InitialDirContext initialDirContext) {
        String[] strArr = null;
        if (null != this.roleAttributes) {
            try {
                strArr = getRolesFromContext(initialDirContext, null == this.userLookupNameFormat ? "" : this.userLookupNameFormat.format(new Object[]{str, str2}));
            } catch (NamingException e) {
                throw new DataAccessResourceFailureException("Unable to retrieve role information from LDAP Server.", e);
            }
        }
        if (null == strArr && null != this.defaultRole) {
            strArr = new String[]{this.defaultRole};
        }
        return strArr;
    }

    protected GrantedAuthority[] toGrantedAuthority(String[] strArr) {
        if (null == strArr || strArr.length == 0) {
            return null;
        }
        GrantedAuthority[] grantedAuthorityArr = new GrantedAuthority[strArr.length];
        for (int i = 0; i < strArr.length; i++) {
            grantedAuthorityArr[i] = toGrantedAuthority(strArr[i]);
        }
        return grantedAuthorityArr;
    }

    protected GrantedAuthority toGrantedAuthority(String str) {
        return new GrantedAuthorityImpl(str);
    }

    protected String[] getRolesFromContext(DirContext dirContext, String str) throws NamingException {
        ArrayList rolesFromAttribute;
        if (null == this.roleAttributes) {
            return null;
        }
        if (logger.isDebugEnabled()) {
            String str2 = "";
            for (int i = 0; i < this.roleAttributes.length; i++) {
                str2 = new StringBuffer().append(str2).append(", ").append(this.roleAttributes[i]).toString();
            }
            logger.debug(new StringBuffer().append("Searching ldap context for roles using attributes: ").append(str2.substring(1)).toString());
        }
        ArrayList arrayList = new ArrayList();
        Attributes attributes = null == this.usernameFormat ? dirContext.getAttributes("", this.roleAttributes) : dirContext.getAttributes(str, this.roleAttributes);
        if (null != attributes) {
            NamingEnumeration all = attributes.getAll();
            while (all != null && all.hasMore()) {
                Attribute attribute = (Attribute) all.next();
                if (null != attribute && null != (rolesFromAttribute = getRolesFromAttribute(attribute))) {
                    arrayList.addAll(rolesFromAttribute);
                }
            }
        }
        if (arrayList.isEmpty()) {
            return null;
        }
        return (String[]) arrayList.toArray(new String[arrayList.size()]);
    }

    protected ArrayList getRolesFromAttribute(Attribute attribute) throws NamingException {
        NamingEnumeration all = attribute.getAll();
        if (null == all) {
            return null;
        }
        ArrayList arrayList = new ArrayList();
        while (all.hasMore()) {
            String str = (String) all.next();
            if (null != str) {
                arrayList.add(convertLdapRolename(str));
            }
        }
        return arrayList;
    }

    protected String convertLdapRolename(String str) {
        return str.toUpperCase();
    }

    public String getDefaultRole() {
        return this.defaultRole;
    }

    public void setDefaultRole(String str) {
        this.defaultRole = str;
    }

    public String[] getRoleAttributes() {
        return this.roleAttributes;
    }

    public void setRoleAttributes(String[] strArr) {
        this.roleAttributes = strArr;
    }

    public void setRoleAttribute(String str) {
        setRoleAttributes(new String[]{str});
    }

    public String getUsernameFormat() {
        if (null == this.usernameFormat) {
            return null;
        }
        return this.usernameFormat.toPattern();
    }

    public void setUsernameFormat(String str) {
        if (null == str) {
            this.usernameFormat = null;
        } else {
            this.usernameFormat = new MessageFormat(str);
        }
    }

    public String getUserLookupNameFormat() {
        if (null == this.userLookupNameFormat) {
            return null;
        }
        return this.userLookupNameFormat.toPattern();
    }

    public void setUserLookupNameFormat(String str) {
        if (null == str) {
            this.userLookupNameFormat = null;
        } else {
            this.userLookupNameFormat = new MessageFormat(str);
        }
    }

    public void setAuthoritiesDAO(AuthoritiesDAO authoritiesDAO) {
        this.authoritiesDAO = authoritiesDAO;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        if (class$net$gencat$ctti$canigo$services$security$acegi$providers$ldap$LdapPasswordAuthenticationDao == null) {
            cls = class$("net.gencat.ctti.canigo.services.security.acegi.providers.ldap.LdapPasswordAuthenticationDao");
            class$net$gencat$ctti$canigo$services$security$acegi$providers$ldap$LdapPasswordAuthenticationDao = cls;
        } else {
            cls = class$net$gencat$ctti$canigo$services$security$acegi$providers$ldap$LdapPasswordAuthenticationDao;
        }
        logger = LogFactory.getLog(cls);
    }
}
