package org.openanzo.security.ldap;

import com.novell.ldap.LDAPConnection;
import com.novell.ldap.LDAPEntry;
import com.novell.ldap.LDAPException;
import com.novell.ldap.LDAPReferralException;
import com.novell.ldap.LDAPSearchConstraints;
import com.novell.ldap.LDAPSearchResults;
import java.io.UnsupportedEncodingException;
import java.nio.charset.Charset;
import java.text.MessageFormat;
import java.util.ArrayList;
import java.util.Collection;
import org.openanzo.exceptions.AnzoException;
import org.openanzo.exceptions.AnzoRuntimeException;
import org.openanzo.exceptions.ExceptionConstants;
import org.openanzo.exceptions.LogUtils;
import org.openanzo.rdf.Constants;
import org.openanzo.rdf.URI;
import org.openanzo.security.ldap.LdapAuthenticationProvider;
import org.openanzo.services.IOperationContext;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/openanzo/security/ldap/LdapAuthenticationStrategy.class */
public class LdapAuthenticationStrategy implements ILdapAuthenticationStrategy {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) LdapAuthenticationStrategy.class);

    @Override // org.openanzo.security.ldap.ILdapAuthenticationStrategy
    public void bindUser(LDAPConnection lDAPConnection, String str, String str2) throws LDAPException, UnsupportedEncodingException {
        lDAPConnection.bind(3, str, str2.getBytes(Charset.forName("UTF-8")));
    }

    @Override // org.openanzo.security.ldap.ILdapAuthenticationStrategy
    public LdapAuthenticationProvider.UserResult searchForUser(LDAPConnection lDAPConnection, MessageFormat messageFormat, String str, String str2, String[] strArr, LDAPSearchConstraints lDAPSearchConstraints, IOperationContext iOperationContext) throws AnzoException, LDAPException {
        LDAPSearchResults search = lDAPConnection.search(str2, 2, messageFormat.format(new String[]{str}), strArr, false, lDAPSearchConstraints);
        if (search == null || !search.hasMore()) {
            throw new AnzoException(ExceptionConstants.SERVER.UNKNOWN_USER_ERROR, str);
        }
        LDAPEntry next = search.next();
        if (search.hasMore()) {
            try {
                search.next();
                throw new AnzoException(ExceptionConstants.SERVER.USERID_MULTIPLE_USERS, str);
            } catch (LDAPReferralException e) {
                log.debug(LogUtils.SECURITY_MARKER, "Error dereferencing referral", e);
            }
        }
        String dn = next.getDN();
        String str3 = dn;
        if (strArr != null) {
            str3 = next.getAttribute(strArr[0]).getStringValue();
        }
        return new LdapAuthenticationProvider.UserResult(dn, str3);
    }

    @Override // org.openanzo.security.ldap.ILdapAuthenticationStrategy
    public Collection<URI> getRoles(LDAPConnection lDAPConnection, MessageFormat messageFormat, String str, String str2, String[] strArr, LDAPSearchConstraints lDAPSearchConstraints, IOperationContext iOperationContext) throws AnzoException, LDAPException {
        String format = messageFormat.format(new String[]{Utils.escapeDN(str)});
        ArrayList arrayList = new ArrayList();
        LDAPSearchResults search = lDAPConnection.search(str2, 2, format, strArr, false, lDAPSearchConstraints);
        while (search != null && search.hasMore()) {
            try {
                arrayList.add(dnToUri(search.next().getDN()));
            } catch (LDAPReferralException e) {
                log.debug(LogUtils.SECURITY_MARKER, "Error dereferencing referral", e);
            }
        }
        return arrayList;
    }

    private static URI dnToUri(String str) throws AnzoException {
        try {
            return Constants.valueFactory.createURI(Utils.encodeLdapUri("ldap:///" + str));
        } catch (AnzoRuntimeException e) {
            throw e.getAnzoException();
        }
    }
}
