package org.apache.directory.server.kerberos.shared.store.operations;

import java.io.IOException;
import java.text.ParseException;
import javax.naming.directory.InvalidAttributeValueException;
import javax.security.auth.kerberos.KerberosPrincipal;
import org.apache.directory.server.core.CoreSession;
import org.apache.directory.server.i18n.I18n;
import org.apache.directory.server.kerberos.shared.messages.value.KerberosTime;
import org.apache.directory.server.kerberos.shared.messages.value.SamType;
import org.apache.directory.server.kerberos.shared.store.KerberosAttribute;
import org.apache.directory.server.kerberos.shared.store.PrincipalStoreEntry;
import org.apache.directory.server.kerberos.shared.store.PrincipalStoreEntryModifier;
import org.apache.directory.server.protocol.shared.store.DirectoryServiceOperation;
import org.apache.directory.shared.ldap.entry.ServerEntry;
import org.apache.directory.shared.ldap.name.DN;

/* loaded from: input_file:org/apache/directory/server/kerberos/shared/store/operations/GetPrincipal.class */
public class GetPrincipal implements DirectoryServiceOperation {
    private static final long serialVersionUID = 4598007518413451945L;
    private final KerberosPrincipal principal;

    public GetPrincipal(KerberosPrincipal kerberosPrincipal) {
        this.principal = kerberosPrincipal;
    }

    @Override // org.apache.directory.server.protocol.shared.store.DirectoryServiceOperation
    public Object execute(CoreSession coreSession, DN dn) throws Exception {
        if (this.principal == null) {
            return null;
        }
        return getEntry(StoreUtils.findPrincipalEntry(coreSession, dn, this.principal.getName()));
    }

    private PrincipalStoreEntry getEntry(ServerEntry serverEntry) throws Exception {
        PrincipalStoreEntryModifier principalStoreEntryModifier = new PrincipalStoreEntryModifier();
        principalStoreEntryModifier.setDistinguishedName(serverEntry.getDn().getName());
        principalStoreEntryModifier.setPrincipal(new KerberosPrincipal(serverEntry.get(KerberosAttribute.KRB5_PRINCIPAL_NAME_AT).getString()));
        principalStoreEntryModifier.setKeyVersionNumber(Integer.parseInt(serverEntry.get(KerberosAttribute.KRB5_KEY_VERSION_NUMBER_AT).getString()));
        if (serverEntry.get(KerberosAttribute.KRB5_ACCOUNT_DISABLED_AT) != null) {
            principalStoreEntryModifier.setDisabled("true".equalsIgnoreCase(serverEntry.get(KerberosAttribute.KRB5_ACCOUNT_DISABLED_AT).getString()));
        }
        if (serverEntry.get(KerberosAttribute.KRB5_ACCOUNT_LOCKEDOUT_AT) != null) {
            principalStoreEntryModifier.setLockedOut("true".equalsIgnoreCase(serverEntry.get(KerberosAttribute.KRB5_ACCOUNT_LOCKEDOUT_AT).getString()));
        }
        if (serverEntry.get(KerberosAttribute.KRB5_ACCOUNT_EXPIRATION_TIME_AT) != null) {
            String string = serverEntry.get(KerberosAttribute.KRB5_ACCOUNT_EXPIRATION_TIME_AT).getString();
            try {
                principalStoreEntryModifier.setExpiration(KerberosTime.getTime(string));
            } catch (ParseException e) {
                throw new InvalidAttributeValueException("Account expiration attribute krb5AccountExpirationTime contained an invalid value for generalizedTime: " + string);
            }
        }
        if (serverEntry.get(KerberosAttribute.APACHE_SAM_TYPE_AT) != null) {
            principalStoreEntryModifier.setSamType(SamType.getTypeByOrdinal(Integer.parseInt(serverEntry.get(KerberosAttribute.APACHE_SAM_TYPE_AT).getString())));
        }
        if (serverEntry.get(KerberosAttribute.KRB5_KEY_AT) != null) {
            try {
                principalStoreEntryModifier.setKeyMap(principalStoreEntryModifier.reconstituteKeyMap(serverEntry.get(KerberosAttribute.KRB5_KEY_AT)));
            } catch (IOException e2) {
                throw new InvalidAttributeValueException(I18n.err(I18n.ERR_623, KerberosAttribute.KRB5_KEY_AT));
            }
        }
        return principalStoreEntryModifier.getEntry();
    }
}
