package org.jboss.as.domain.management.connections.ldap;

import java.net.URI;
import java.util.Hashtable;
import java.util.Set;
import javax.naming.NamingException;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import javax.net.ssl.SSLContext;
import org.jboss.as.domain.management.connections.ldap.LdapConnectionResourceDefinition;
import org.jboss.as.domain.management.logging.DomainManagementLogger;
import org.jboss.msc.inject.Injector;
import org.jboss.msc.service.Service;
import org.jboss.msc.service.ServiceBuilder;
import org.jboss.msc.service.ServiceName;
import org.jboss.msc.service.StartContext;
import org.jboss.msc.service.StartException;
import org.jboss.msc.service.StopContext;
import org.jboss.msc.value.InjectedValue;
import org.wildfly.security.manager.WildFlySecurityManager;

/* loaded from: input_file:m2repo/org/wildfly/core/wildfly-domain-management/2.0.10.Final/wildfly-domain-management-2.0.10.Final.jar:org/jboss/as/domain/management/connections/ldap/LdapConnectionManagerService.class */
public class LdapConnectionManagerService implements Service<LdapConnectionManager>, LdapConnectionManager {
    private static final ServiceName BASE_SERVICE_NAME = ServiceName.JBOSS.append("server", "controller", "management", "connection_manager");
    private final LdapConnectionManagerRegistry connectionManagerRegistry;
    private final String name;
    private volatile Config configuration;
    private final InjectedValue<SSLContext> fullSSLContext = new InjectedValue<>();
    private final InjectedValue<SSLContext> trustSSLContext = new InjectedValue<>();
    private volatile Hashtable<String, String> properties = new Hashtable<>();

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:m2repo/org/wildfly/core/wildfly-domain-management/2.0.10.Final/wildfly-domain-management-2.0.10.Final.jar:org/jboss/as/domain/management/connections/ldap/LdapConnectionManagerService$Config.class */
    public static class Config {
        private final String initialContextFactory;
        private final String url;
        private final String searchDn;
        private final String searchCredential;
        private final LdapConnectionResourceDefinition.ReferralHandling referralHandling;
        private final Set<URI> referralURIs;

        private Config(String str, String str2, String str3, String str4, LdapConnectionResourceDefinition.ReferralHandling referralHandling, Set<URI> set) {
            this.initialContextFactory = str;
            this.url = str2;
            this.searchDn = str3;
            this.searchCredential = str4;
            this.referralHandling = referralHandling;
            this.referralURIs = set;
        }

        private Config(String str, Config config) {
            this.url = str;
            this.initialContextFactory = config.initialContextFactory;
            this.searchDn = config.searchDn;
            this.searchCredential = config.searchCredential;
            this.referralHandling = config.referralHandling;
            this.referralURIs = config.referralURIs;
        }

        public String getInitialContextFactory() {
            return this.initialContextFactory;
        }

        public String getUrl() {
            return this.url;
        }

        public String getSearchDn() {
            return this.searchDn;
        }

        public String getSearchCredential() {
            return this.searchCredential;
        }

        public LdapConnectionResourceDefinition.ReferralHandling getReferralHandling() {
            return this.referralHandling;
        }

        public Set<URI> getReferralURIs() {
            return this.referralURIs;
        }
    }

    /* loaded from: input_file:m2repo/org/wildfly/core/wildfly-domain-management/2.0.10.Final/wildfly-domain-management-2.0.10.Final.jar:org/jboss/as/domain/management/connections/ldap/LdapConnectionManagerService$ServiceUtil.class */
    public static final class ServiceUtil {
        private ServiceUtil() {
        }

        public static ServiceName createServiceName(String str) {
            return LdapConnectionManagerService.BASE_SERVICE_NAME.append(str);
        }

        /* JADX WARN: Multi-variable type inference failed */
        public static ServiceBuilder<?> addDependency(ServiceBuilder<?> serviceBuilder, Injector<LdapConnectionManager> injector, String str, boolean z) {
            serviceBuilder.addDependency(z ? ServiceBuilder.DependencyType.OPTIONAL : ServiceBuilder.DependencyType.REQUIRED, createServiceName(str), LdapConnectionManager.class, injector);
            return serviceBuilder;
        }
    }

    public LdapConnectionManagerService(String str, LdapConnectionManagerRegistry ldapConnectionManagerRegistry) {
        this.name = str;
        this.connectionManagerRegistry = ldapConnectionManagerRegistry;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Config setConfiguration(String str, String str2, String str3, String str4, LdapConnectionResourceDefinition.ReferralHandling referralHandling, Set<URI> set) {
        Config config = new Config(str, str2, str3, str4, referralHandling, set);
        try {
            Config config2 = this.configuration;
            this.configuration = config;
            return config2;
        } catch (Throwable th) {
            this.configuration = config;
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setConfiguration(Config config) {
        this.configuration = config;
    }

    @Override // org.jboss.msc.service.Service
    public synchronized void start(final StartContext startContext) throws StartException {
        try {
            startContext.execute(new Runnable() { // from class: org.jboss.as.domain.management.connections.ldap.LdapConnectionManagerService.1
                @Override // java.lang.Runnable
                public void run() {
                    LdapConnectionManagerService.this.connectionManagerRegistry.addLdapConnectionManagerService(LdapConnectionManagerService.this.name, LdapConnectionManagerService.this);
                    startContext.complete();
                }
            });
        } finally {
            startContext.asynchronous();
        }
    }

    @Override // org.jboss.msc.service.Service
    public synchronized void stop(final StopContext stopContext) {
        try {
            stopContext.execute(new Runnable() { // from class: org.jboss.as.domain.management.connections.ldap.LdapConnectionManagerService.2
                @Override // java.lang.Runnable
                public void run() {
                    LdapConnectionManagerService.this.connectionManagerRegistry.removeLdapConnectionManagerService(LdapConnectionManagerService.this.name);
                    stopContext.complete();
                }
            });
        } finally {
            stopContext.asynchronous();
        }
    }

    @Override // org.jboss.msc.value.Value
    public synchronized LdapConnectionManagerService getValue() throws IllegalStateException, IllegalArgumentException {
        return this;
    }

    public InjectedValue<SSLContext> getFullSSLContextInjector() {
        return this.fullSSLContext;
    }

    public InjectedValue<SSLContext> getTrustOnlySSLContextInjector() {
        return this.trustSSLContext;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public synchronized void setProperty(String str, String str2) {
        Hashtable<String, String> hashtable = new Hashtable<>(this.properties);
        hashtable.put(str, str2);
        this.properties = hashtable;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public synchronized void removeProperty(String str) {
        Hashtable<String, String> hashtable = new Hashtable<>(this.properties);
        hashtable.remove(str);
        this.properties = hashtable;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setPropertyImmediate(String str, String str2) {
        this.properties.put(str, str2);
    }

    String getName() {
        return this.name;
    }

    boolean handlesReferralFor(URI uri) {
        return this.configuration.getReferralURIs().contains(uri);
    }

    @Override // org.jboss.as.domain.management.connections.ldap.LdapConnectionManager
    public DirContext getConnection() throws NamingException {
        return getConnection(this.configuration);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public DirContext getConnection(Config config) throws NamingException {
        return getConnection(getFullProperties(config), getSSLContext(false));
    }

    @Override // org.jboss.as.domain.management.connections.ldap.LdapConnectionManager
    public void verifyIdentity(String str, String str2) throws NamingException {
        verifyIdentity(this.configuration, str, str2);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void verifyIdentity(Config config, String str, String str2) throws NamingException {
        Hashtable<String, String> connectionOnlyProperties = getConnectionOnlyProperties(config);
        connectionOnlyProperties.put("java.naming.security.principal", str);
        connectionOnlyProperties.put("java.naming.security.credentials", str2);
        getConnection(connectionOnlyProperties, getSSLContext(true)).close();
    }

    @Override // org.jboss.as.domain.management.connections.ldap.LdapConnectionManager
    public LdapConnectionManager findForReferral(final URI uri) {
        switch (this.configuration.referralHandling) {
            case FOLLOW:
                return new LdapConnectionManager() { // from class: org.jboss.as.domain.management.connections.ldap.LdapConnectionManagerService.3
                    @Override // org.jboss.as.domain.management.connections.ldap.LdapConnectionManager
                    public void verifyIdentity(String str, String str2) throws NamingException {
                        LdapConnectionManagerService.this.verifyIdentity(new Config(uri.toString(), LdapConnectionManagerService.this.configuration), str, str2);
                    }

                    @Override // org.jboss.as.domain.management.connections.ldap.LdapConnectionManager
                    public DirContext getConnection() throws NamingException {
                        return LdapConnectionManagerService.this.getConnection(new Config(uri.toString(), LdapConnectionManagerService.this.configuration));
                    }

                    @Override // org.jboss.as.domain.management.connections.ldap.LdapConnectionManager
                    public LdapConnectionManager findForReferral(URI uri2) {
                        return LdapConnectionManagerService.this.findForReferral(uri2);
                    }
                };
            case THROW:
                if (handlesReferralFor(uri)) {
                    return this;
                }
                for (LdapConnectionManagerService ldapConnectionManagerService : this.connectionManagerRegistry.availableServices()) {
                    if (ldapConnectionManagerService != null && ldapConnectionManagerService.handlesReferralFor(uri)) {
                        return ldapConnectionManagerService;
                    }
                }
                return null;
            default:
                return null;
        }
    }

    private DirContext getConnection(Hashtable<String, String> hashtable, SSLContext sSLContext) throws NamingException {
        Hashtable<String, String> hashtable2;
        ClassLoader currentContextClassLoaderPrivileged = WildFlySecurityManager.getCurrentContextClassLoaderPrivileged();
        if (sSLContext != null) {
            try {
                ThreadLocalSSLSocketFactory.setSSLSocketFactory(sSLContext.getSocketFactory());
                WildFlySecurityManager.setCurrentContextClassLoaderPrivileged((Class<?>) ThreadLocalSSLSocketFactory.class);
                hashtable.put("java.naming.ldap.factory.socket", ThreadLocalSSLSocketFactory.class.getName());
            } catch (Throwable th) {
                if (sSLContext != null) {
                    ThreadLocalSSLSocketFactory.removeSSLSocketFactory();
                }
                WildFlySecurityManager.setCurrentContextClassLoaderPrivileged(currentContextClassLoaderPrivileged);
                throw th;
            }
        }
        if (DomainManagementLogger.SECURITY_LOGGER.isTraceEnabled()) {
            if (hashtable.containsKey("java.naming.security.credentials")) {
                hashtable2 = new Hashtable<>(hashtable);
                hashtable2.put("java.naming.security.credentials", "***");
            } else {
                hashtable2 = hashtable;
            }
            DomainManagementLogger.SECURITY_LOGGER.tracef("Connecting to LDAP with properties (%s)", hashtable2.toString());
        }
        InitialDirContext initialDirContext = new InitialDirContext(hashtable);
        if (sSLContext != null) {
            ThreadLocalSSLSocketFactory.removeSSLSocketFactory();
        }
        WildFlySecurityManager.setCurrentContextClassLoaderPrivileged(currentContextClassLoaderPrivileged);
        return initialDirContext;
    }

    private SSLContext getSSLContext(boolean z) {
        if (z) {
            return this.trustSSLContext.getOptionalValue();
        }
        SSLContext optionalValue = this.fullSSLContext.getOptionalValue();
        if (optionalValue == null) {
            optionalValue = this.trustSSLContext.getOptionalValue();
        }
        return optionalValue;
    }

    private Hashtable<String, String> getConnectionOnlyProperties(Config config) {
        Hashtable<String, String> hashtable = new Hashtable<>(this.properties);
        hashtable.put("java.naming.factory.initial", config.initialContextFactory);
        hashtable.put("java.naming.provider.url", config.url);
        hashtable.put("java.naming.referral", config.referralHandling.getValue());
        return hashtable;
    }

    private Hashtable<String, String> getFullProperties(Config config) {
        Hashtable<String, String> connectionOnlyProperties = getConnectionOnlyProperties(config);
        if (config.searchDn != null) {
            connectionOnlyProperties.put("java.naming.security.principal", config.searchDn);
        }
        if (config.searchCredential != null) {
            connectionOnlyProperties.put("java.naming.security.credentials", config.searchCredential);
        }
        return connectionOnlyProperties;
    }
}
