package org.jbpm.task.service;

import java.io.IOException;
import java.io.InputStream;
import java.util.ArrayList;
import java.util.List;
import java.util.Properties;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.naming.ldap.Control;
import javax.naming.ldap.InitialLdapContext;
import org.drools.RuleBaseConfiguration;
import org.jbpm.task.service.jms.TaskServiceConstants;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:lib/jbpm-human-task.jar:org/jbpm/task/service/LDAPUserGroupCallbackImpl.class */
public class LDAPUserGroupCallbackImpl implements UserGroupCallback {
    protected static final String DEFAULT_PROPERTIES_NAME = "/jbpm.usergroup.callback.properties";
    protected static final String BIND_USER = "ldap.bind.user";
    protected static final String BIND_PWD = "ldap.bind.pwd";
    protected static final String USER_ROLES_CTX = "ldap.user.roles.ctx";
    protected static final String USER_ATTR_ID = "ldap.user.attr.id";
    protected static final String ROLE_ATTR_ID = "ldap.roles.attr.id";
    protected static final String IS_USER_ID_DN = "ldap.user.id.dn";
    private Properties config;
    private static final Logger logger = LoggerFactory.getLogger(LDAPUserGroupCallbackImpl.class);
    protected static final String USER_CTX = "ldap.user.ctx";
    protected static final String ROLE_CTX = "ldap.role.ctx";
    protected static final String USER_FILTER = "ldap.user.filter";
    protected static final String ROLE_FILTER = "ldap.role.filter";
    protected static final String USER_ROLES_FILTER = "ldap.user.roles.filter";
    protected static final String[] requiredProperties = {USER_CTX, ROLE_CTX, USER_FILTER, ROLE_FILTER, USER_ROLES_FILTER};

    public LDAPUserGroupCallbackImpl() {
        String property = System.getProperty("jbpm.usergroup.callback.properties");
        property = property == null ? DEFAULT_PROPERTIES_NAME : property;
        logger.debug("Callback properties will be loaded from " + property);
        InputStream resourceAsStream = getClass().getResourceAsStream(property);
        if (resourceAsStream != null) {
            this.config = new Properties();
            try {
                this.config.load(resourceAsStream);
            } catch (IOException e) {
                e.printStackTrace();
                this.config = null;
            }
        }
        UserGroupCallbackManager.getInstance().setProperty("disable.all.groups", "true");
        validate();
    }

    public LDAPUserGroupCallbackImpl(Properties properties) {
        this.config = properties;
        UserGroupCallbackManager.getInstance().setProperty("disable.all.groups", "true");
        validate();
    }

    @Override // org.jbpm.task.service.UserGroupCallback
    public boolean existsUser(String str) {
        InitialLdapContext initialLdapContext = null;
        boolean z = false;
        try {
            try {
                initialLdapContext = buildInitialLdapContext();
                String property = this.config.getProperty(USER_CTX);
                String property2 = this.config.getProperty(USER_FILTER);
                String property3 = this.config.getProperty(USER_ATTR_ID, "uid");
                String replaceAll = property2.replaceAll("\\{0\\}", str);
                if (logger.isDebugEnabled()) {
                    logger.debug("Seaching for user existence with filter " + replaceAll + " on context " + property);
                }
                NamingEnumeration search = initialLdapContext.search(property, replaceAll, new SearchControls());
                if (search.hasMore()) {
                    if (((SearchResult) search.next()).getAttributes().get(property3).contains(str)) {
                        z = true;
                    }
                    if (logger.isDebugEnabled()) {
                        logger.debug("Entry in LDAP found and result of matching with given user id is " + z);
                    }
                }
                search.close();
                if (initialLdapContext != null) {
                    try {
                        initialLdapContext.close();
                    } catch (NamingException e) {
                        e.printStackTrace();
                    }
                }
            } catch (Exception e2) {
                e2.printStackTrace();
                if (initialLdapContext != null) {
                    try {
                        initialLdapContext.close();
                    } catch (NamingException e3) {
                        e3.printStackTrace();
                    }
                }
            }
            return z;
        } catch (Throwable th) {
            if (initialLdapContext != null) {
                try {
                    initialLdapContext.close();
                } catch (NamingException e4) {
                    e4.printStackTrace();
                }
            }
            throw th;
        }
    }

    @Override // org.jbpm.task.service.UserGroupCallback
    public boolean existsGroup(String str) {
        InitialLdapContext initialLdapContext = null;
        boolean z = false;
        try {
            try {
                initialLdapContext = buildInitialLdapContext();
                String property = this.config.getProperty(ROLE_CTX);
                String property2 = this.config.getProperty(ROLE_FILTER);
                String property3 = this.config.getProperty(ROLE_ATTR_ID, "cn");
                NamingEnumeration search = initialLdapContext.search(property, property2.replaceAll("\\{0\\}", str), new SearchControls());
                if (search.hasMore() && ((SearchResult) search.next()).getAttributes().get(property3).contains(str)) {
                    z = true;
                }
                search.close();
                if (initialLdapContext != null) {
                    try {
                        initialLdapContext.close();
                    } catch (NamingException e) {
                        e.printStackTrace();
                    }
                }
            } catch (Throwable th) {
                if (initialLdapContext != null) {
                    try {
                        initialLdapContext.close();
                    } catch (NamingException e2) {
                        e2.printStackTrace();
                    }
                }
                throw th;
            }
        } catch (Exception e3) {
            e3.printStackTrace();
            if (initialLdapContext != null) {
                try {
                    initialLdapContext.close();
                } catch (NamingException e4) {
                    e4.printStackTrace();
                }
            }
        }
        return z;
    }

    @Override // org.jbpm.task.service.UserGroupCallback
    public List<String> getGroupsForUser(String str, List<String> list, List<String> list2) {
        InitialLdapContext initialLdapContext = null;
        ArrayList arrayList = new ArrayList();
        try {
            try {
                initialLdapContext = buildInitialLdapContext();
                String str2 = null;
                if (!Boolean.parseBoolean(this.config.getProperty(IS_USER_ID_DN, RuleBaseConfiguration.DEFAULT_SIGN_ON_SERIALIZATION))) {
                    if (logger.isDebugEnabled()) {
                        logger.debug("User id is not DN, looking up user first...");
                    }
                    String property = this.config.getProperty(USER_CTX);
                    String replaceAll = this.config.getProperty(USER_FILTER).replaceAll("\\{0\\}", str);
                    SearchControls searchControls = new SearchControls();
                    if (logger.isDebugEnabled()) {
                        logger.debug("Searching for user DN with filter " + replaceAll + " on context " + property);
                    }
                    NamingEnumeration search = initialLdapContext.search(property, replaceAll, searchControls);
                    if (search.hasMore()) {
                        str2 = ((SearchResult) search.nextElement()).getNameInNamespace();
                        if (logger.isDebugEnabled()) {
                            logger.debug("User DN found, DN is " + str2);
                        }
                    }
                    search.close();
                }
                String property2 = this.config.getProperty(USER_ROLES_CTX, ROLE_CTX);
                String property3 = this.config.getProperty(USER_ROLES_FILTER);
                String property4 = this.config.getProperty(ROLE_ATTR_ID, "cn");
                String replaceAll2 = property3.replaceAll("\\{0\\}", str2 != null ? str2 : str);
                SearchControls searchControls2 = new SearchControls();
                if (logger.isDebugEnabled()) {
                    logger.debug("Searching for groups for user with filter " + replaceAll2 + " on context " + property2);
                }
                NamingEnumeration search2 = initialLdapContext.search(property2, replaceAll2, searchControls2);
                if (search2.hasMore()) {
                    while (search2.hasMore()) {
                        String str3 = (String) ((SearchResult) search2.nextElement()).getAttributes().get(property4).get();
                        if (logger.isDebugEnabled()) {
                            logger.debug("Found group " + str3);
                        }
                        arrayList.add(str3);
                    }
                }
                search2.close();
                if (initialLdapContext != null) {
                    try {
                        initialLdapContext.close();
                    } catch (NamingException e) {
                        e.printStackTrace();
                    }
                }
            } catch (Exception e2) {
                e2.printStackTrace();
                if (initialLdapContext != null) {
                    try {
                        initialLdapContext.close();
                    } catch (NamingException e3) {
                        e3.printStackTrace();
                    }
                }
            }
            return arrayList;
        } catch (Throwable th) {
            if (initialLdapContext != null) {
                try {
                    initialLdapContext.close();
                } catch (NamingException e4) {
                    e4.printStackTrace();
                }
            }
            throw th;
        }
    }

    protected void validate() {
        if (this.config == null) {
            throw new IllegalArgumentException("No configuration found for LDAPUserGroupCallbackImpl, aborting...");
        }
        StringBuffer stringBuffer = new StringBuffer();
        for (String str : requiredProperties) {
            if (!this.config.containsKey(str)) {
                if (stringBuffer.length() > 0) {
                    stringBuffer.append(", ");
                }
                stringBuffer.append(str);
            }
        }
        if (stringBuffer.length() > 0) {
            if (logger.isDebugEnabled()) {
                logger.debug("Validation failed due to missing required properties: " + stringBuffer.toString());
            }
            throw new IllegalArgumentException("Missing required properties to configure LDAPUserGroupCallbackImpl: " + stringBuffer.toString());
        }
    }

    protected InitialLdapContext buildInitialLdapContext() throws NamingException {
        if (this.config.getProperty(TaskServiceConstants.NAMING_FACTORY_INITIAL_NAME) == null) {
            this.config.setProperty(TaskServiceConstants.NAMING_FACTORY_INITIAL_NAME, "com.sun.jndi.ldap.LdapCtxFactory");
        }
        if (this.config.getProperty("java.naming.security.authentication") == null) {
            this.config.setProperty("java.naming.security.authentication", "simple");
        }
        String property = this.config.getProperty("java.naming.security.protocol");
        if (this.config.getProperty(TaskServiceConstants.NAMING_PROVIDER_URL_NAME) == null) {
            this.config.setProperty(TaskServiceConstants.NAMING_PROVIDER_URL_NAME, "ldap://localhost:" + ((property == null || !property.equals("ssl")) ? "389" : "636"));
        }
        if (logger.isDebugEnabled()) {
            logger.debug("Using following InitialLdapContext properties:");
            logger.debug("Factory " + this.config.getProperty(TaskServiceConstants.NAMING_FACTORY_INITIAL_NAME));
            logger.debug("Authentication " + this.config.getProperty("java.naming.security.authentication"));
            logger.debug("Protocol " + this.config.getProperty("java.naming.security.protocol"));
            logger.debug("Provider URL " + this.config.getProperty(TaskServiceConstants.NAMING_PROVIDER_URL_NAME));
        }
        return new InitialLdapContext(this.config, (Control[]) null);
    }
}
