package org.apache.hive.service.auth;

import java.util.Hashtable;
import javax.naming.NamingException;
import javax.naming.directory.InitialDirContext;
import javax.security.sasl.AuthenticationException;
import jodd.util.StringPool;
import org.apache.hadoop.hive.conf.HiveConf;
import org.apache.hive.service.ServiceUtils;

/* loaded from: input_file:lib/hive-jdbc-1.2.2-standalone.jar:org/apache/hive/service/auth/LdapAuthenticationProviderImpl.class */
public class LdapAuthenticationProviderImpl implements PasswdAuthenticationProvider {
    private final String ldapURL;
    private final String baseDN;
    private final String ldapDomain;

    /* JADX INFO: Access modifiers changed from: package-private */
    public LdapAuthenticationProviderImpl() {
        HiveConf hiveConf = new HiveConf();
        this.ldapURL = hiveConf.getVar(HiveConf.ConfVars.HIVE_SERVER2_PLAIN_LDAP_URL);
        this.baseDN = hiveConf.getVar(HiveConf.ConfVars.HIVE_SERVER2_PLAIN_LDAP_BASEDN);
        this.ldapDomain = hiveConf.getVar(HiveConf.ConfVars.HIVE_SERVER2_PLAIN_LDAP_DOMAIN);
    }

    @Override // org.apache.hive.service.auth.PasswdAuthenticationProvider
    public void Authenticate(String str, String str2) throws AuthenticationException {
        Hashtable hashtable = new Hashtable();
        hashtable.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
        hashtable.put("java.naming.provider.url", this.ldapURL);
        if (!hasDomain(str) && this.ldapDomain != null) {
            str = str + StringPool.AT + this.ldapDomain;
        }
        if (str2 == null || str2.isEmpty() || str2.getBytes()[0] == 0) {
            throw new AuthenticationException("Error validating LDAP user: a null or blank password has been provided");
        }
        String str3 = this.baseDN == null ? str : "uid=" + str + "," + this.baseDN;
        hashtable.put("java.naming.security.authentication", "simple");
        hashtable.put("java.naming.security.principal", str3);
        hashtable.put("java.naming.security.credentials", str2);
        try {
            new InitialDirContext(hashtable).close();
        } catch (NamingException e) {
            throw new AuthenticationException("Error validating LDAP user", e);
        }
    }

    private boolean hasDomain(String str) {
        return ServiceUtils.indexOfDomainMatch(str) > 0;
    }
}
