package org.picketlink.idm.ldap.internal;

import java.io.ByteArrayInputStream;
import java.io.Serializable;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.BasicAttribute;
import javax.naming.directory.BasicAttributes;
import javax.naming.directory.ModificationItem;
import javax.naming.directory.SearchResult;
import org.picketlink.idm.SecurityException;
import org.picketlink.idm.credential.Credentials;
import org.picketlink.idm.credential.PlainTextPassword;
import org.picketlink.idm.credential.X509CertificateCredentials;
import org.picketlink.idm.internal.util.Base64;
import org.picketlink.idm.model.Agent;
import org.picketlink.idm.model.Group;
import org.picketlink.idm.model.GroupRole;
import org.picketlink.idm.model.IdentityType;
import org.picketlink.idm.model.Role;
import org.picketlink.idm.model.SimpleGroupRole;
import org.picketlink.idm.model.User;
import org.picketlink.idm.query.IdentityQuery;
import org.picketlink.idm.query.QueryParameter;
import org.picketlink.idm.spi.IdentityStore;
import org.picketlink.idm.spi.IdentityStoreInvocationContext;

/* loaded from: input_file:org/picketlink/idm/ldap/internal/LDAPIdentityStore.class */
public class LDAPIdentityStore implements IdentityStore<LDAPConfiguration> {
    private static final String USER_CERTIFICATE_ATTRIBUTE = "usercertificate";
    private static final String USER_PASSWORD_ATTRIBUTE = "userpassword";
    private LDAPConfiguration configuration;
    private IdentityStoreInvocationContext context;

    public void setup(LDAPConfiguration lDAPConfiguration, IdentityStoreInvocationContext identityStoreInvocationContext) {
        this.configuration = lDAPConfiguration;
        this.context = identityStoreInvocationContext;
    }

    /* renamed from: getConfig, reason: merged with bridge method [inline-methods] */
    public LDAPConfiguration m7getConfig() {
        return this.configuration;
    }

    public IdentityStoreInvocationContext getContext() {
        return this.context;
    }

    public void add(IdentityType identityType) {
        if (User.class.isInstance(identityType)) {
            User user = (User) identityType;
            if (user.getId() == null) {
                throw new RuntimeException("No identifier was provided. You should provide one before storing the user.");
            }
            LDAPUser convert = !(user instanceof LDAPUser) ? convert(user) : (LDAPUser) user;
            convert.setFullName(getUserCN(convert));
            store(convert);
            return;
        }
        if (!Group.class.isInstance(identityType)) {
            if (Role.class.isInstance(identityType)) {
                LDAPRole lDAPRole = new LDAPRole(this.configuration.getRoleDNSuffix());
                lDAPRole.setName(((Role) identityType).getName());
                store(lDAPRole);
                return;
            }
            return;
        }
        Group group = (Group) identityType;
        LDAPGroup lDAPGroup = new LDAPGroup(this.configuration.getGroupDNSuffix());
        lDAPGroup.setName(group.getName());
        store(lDAPGroup);
        if (group.getParentGroup() != null) {
            String name = group.getParentGroup().getName();
            LDAPGroup lDAPGroup2 = (LDAPGroup) getGroup(name);
            if (lDAPGroup2 == null) {
                throw new RuntimeException("Parent group [" + name + "] does not exists.");
            }
            lDAPGroup2.addChildGroup(lDAPGroup);
            lDAPGroup.setParentGroup(lDAPGroup2);
            getLdapManager().modifyAttribute(lDAPGroup2.getDN(), lDAPGroup2.getLDAPAttributes().get(LDAPConstants.MEMBER));
        }
    }

    public void update(IdentityType identityType) {
        if (!User.class.isInstance(identityType)) {
            if (Role.class.isInstance(identityType)) {
                Role role = (Role) identityType;
                if (((LDAPRole) getRole(role.getName())) == null) {
                    throw new RuntimeException("No role found with the given name [" + role.getName() + "].");
                }
                updateCustomAttributes((LDAPRole) role);
                return;
            }
            if (Group.class.isInstance(identityType)) {
                Group group = (Group) identityType;
                if (((LDAPGroup) getGroup(group.getName())) == null) {
                    throw new RuntimeException("No group found with the given name [" + group.getName() + "].");
                }
                updateCustomAttributes((LDAPGroup) group);
                return;
            }
            return;
        }
        User user = (User) identityType;
        LDAPUser convert = convert(user);
        try {
            LDAPUser lDAPUser = (LDAPUser) getUser(user.getId());
            if (lDAPUser == null) {
                throw new RuntimeException("User [" + user.getId() + "] does not exists.");
            }
            convert.setFullName(getUserCN(convert));
            NamingEnumeration all = lDAPUser.getLDAPAttributes().getAll();
            while (all.hasMore()) {
                Attribute attribute = (Attribute) all.next();
                Attribute attribute2 = convert.getLDAPAttributes().get(attribute.getID());
                if (attribute2 != null) {
                    getLdapManager().modifyAttribute(lDAPUser.getDN(), attribute2);
                } else {
                    getLdapManager().removeAttribute(lDAPUser.getDN(), attribute);
                }
            }
            NamingEnumeration all2 = convert.getLDAPAttributes().getAll();
            while (all2.hasMore()) {
                Attribute attribute3 = (Attribute) all2.next();
                if (lDAPUser.getLDAPAttributes().get(attribute3.getID()) == null && getLdapManager().isManagedAttribute(attribute3.getID())) {
                    getLdapManager().addAttribute(lDAPUser.getDN(), attribute3);
                }
            }
            updateCustomAttributes(convert);
        } catch (NamingException e) {
            throw new RuntimeException((Throwable) e);
        }
    }

    public void remove(IdentityType identityType) {
        if (User.class.isInstance(identityType)) {
            User user = (User) identityType;
            LDAPEntry lDAPEntry = (LDAPUser) getUser(user.getId());
            if (lDAPEntry == null) {
                throw new RuntimeException("User [" + user.getId() + "] does not exists.");
            }
            removeFromParent(this.configuration.getRoleDNSuffix(), lDAPEntry);
            removeFromParent(this.configuration.getGroupDNSuffix(), lDAPEntry);
            remove(lDAPEntry);
            return;
        }
        if (!Group.class.isInstance(identityType)) {
            if (Role.class.isInstance(identityType)) {
                Role role = (Role) identityType;
                LDAPEntry lDAPEntry2 = (LDAPRole) getRole(role.getName());
                if (lDAPEntry2 == null) {
                    throw new RuntimeException("Role [" + role.getName() + "] doest not exists.");
                }
                removeFromParent(this.configuration.getGroupDNSuffix(), lDAPEntry2);
                remove(lDAPEntry2);
                return;
            }
            return;
        }
        Group group = (Group) identityType;
        LDAPGroup lDAPGroup = (LDAPGroup) getGroup(group.getName());
        if (lDAPGroup == null) {
            throw new RuntimeException("Group [" + group.getName() + "] doest not exists.");
        }
        remove((LDAPEntry) lDAPGroup);
        NamingEnumeration<SearchResult> namingEnumeration = null;
        try {
            namingEnumeration = getLdapManager().search(this.configuration.getUserDNSuffix(), "(&(cn= " + lDAPGroup.getName() + "*))");
            while (namingEnumeration.hasMoreElements()) {
                getLdapManager().destroySubcontext(((SearchResult) namingEnumeration.nextElement()).getNameInNamespace());
            }
            if (namingEnumeration != null) {
                try {
                    namingEnumeration.close();
                } catch (NamingException e) {
                }
            }
        } catch (Throwable th) {
            if (namingEnumeration != null) {
                try {
                    namingEnumeration.close();
                } catch (NamingException e2) {
                }
            }
            throw th;
        }
    }

    public Agent getAgent(String str) {
        return getUser(str);
    }

    public User getUser(String str) {
        final String userDNSuffix = this.configuration.getUserDNSuffix();
        List searchByAttribute = getLdapManager().searchByAttribute(userDNSuffix, LDAPConstants.UID, str, new LDAPSearchCallback<User>() { // from class: org.picketlink.idm.ldap.internal.LDAPIdentityStore.1
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // org.picketlink.idm.ldap.internal.LDAPSearchCallback
            public User processResult(SearchResult searchResult) {
                LDAPUser lDAPUser = new LDAPUser(userDNSuffix, searchResult.getAttributes());
                lDAPUser.setCustomAttributes(LDAPIdentityStore.this.getCustomAttributes(lDAPUser.getDN()));
                return lDAPUser;
            }
        });
        if (searchByAttribute.isEmpty()) {
            return null;
        }
        return (User) searchByAttribute.get(0);
    }

    public Group getGroup(String str) {
        final String groupDNSuffix = this.configuration.getGroupDNSuffix();
        List searchByAttribute = getLdapManager().searchByAttribute(groupDNSuffix, LDAPConstants.CN, str, new LDAPSearchCallback<Group>() { // from class: org.picketlink.idm.ldap.internal.LDAPIdentityStore.2
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // org.picketlink.idm.ldap.internal.LDAPSearchCallback
            public Group processResult(SearchResult searchResult) {
                LDAPGroup lDAPGroup = new LDAPGroup(searchResult.getAttributes(), groupDNSuffix);
                lDAPGroup.setCustomAttributes(LDAPIdentityStore.this.getCustomAttributes(lDAPGroup.getDN()));
                Group parentGroup = LDAPIdentityStore.this.getParentGroup(lDAPGroup);
                if (parentGroup != null) {
                    lDAPGroup.setParentGroup(parentGroup);
                }
                return lDAPGroup;
            }
        });
        if (searchByAttribute.isEmpty()) {
            return null;
        }
        return (Group) searchByAttribute.get(0);
    }

    public Role getRole(String str) {
        final String roleDNSuffix = this.configuration.getRoleDNSuffix();
        List searchByAttribute = getLdapManager().searchByAttribute(roleDNSuffix, LDAPConstants.CN, str, new LDAPSearchCallback<Role>() { // from class: org.picketlink.idm.ldap.internal.LDAPIdentityStore.3
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // org.picketlink.idm.ldap.internal.LDAPSearchCallback
            public Role processResult(SearchResult searchResult) {
                LDAPRole lDAPRole = new LDAPRole(searchResult.getAttributes(), roleDNSuffix);
                lDAPRole.setCustomAttributes(LDAPIdentityStore.this.getCustomAttributes(lDAPRole.getDN()));
                return lDAPRole;
            }
        });
        if (searchByAttribute.isEmpty()) {
            return null;
        }
        return (Role) searchByAttribute.get(0);
    }

    public Group getGroup(String str, Group group) {
        Group group2 = getGroup(str);
        Group parentGroup = group2.getParentGroup();
        if (group == null || group2 == null || parentGroup == null || !parentGroup.getName().equals(group.getName())) {
            return null;
        }
        return group2;
    }

    public GroupRole createMembership(IdentityType identityType, Group group, Role role) {
        if (!(identityType instanceof User)) {
            if (identityType instanceof Group) {
                return null;
            }
            throw new IllegalArgumentException("The member parameter must be an instance of User or Group");
        }
        User user = getUser(((User) identityType).getId());
        LDAPRole lDAPRole = null;
        if (role != null) {
            lDAPRole = (LDAPRole) getRole(role.getName());
        }
        LDAPUser lDAPUser = null;
        if (user != null) {
            lDAPUser = (LDAPUser) getUser(user.getId());
        }
        LDAPGroup lDAPGroup = null;
        if (group != null) {
            lDAPGroup = (LDAPGroup) getGroup(group.getName());
        }
        if (lDAPRole == null || lDAPGroup == null) {
            if (lDAPUser != null && lDAPRole != null) {
                addMember(lDAPRole, lDAPUser);
            }
            if (lDAPGroup != null && lDAPRole != null) {
                addMember(lDAPGroup, lDAPRole);
            }
            if (lDAPGroup != null && lDAPUser != null) {
                addMember(lDAPGroup, lDAPUser);
            }
        } else {
            storeMembershipEntry(new LDAPGroupRole(lDAPUser, lDAPGroup, lDAPRole), lDAPRole);
        }
        return new SimpleGroupRole(lDAPUser, lDAPRole, lDAPGroup);
    }

    public void removeMembership(IdentityType identityType, Group group, Role role) {
        if (!(identityType instanceof User)) {
            if (identityType instanceof Group) {
            }
            return;
        }
        LDAPUser lDAPUser = (LDAPUser) getUser(((User) identityType).getId());
        LDAPRole lDAPRole = null;
        if (role != null) {
            lDAPRole = (LDAPRole) getRole(role.getName());
        }
        LDAPGroup lDAPGroup = null;
        if (group != null) {
            lDAPGroup = (LDAPGroup) getGroup(group.getName());
        }
        if (group != null && role != null) {
            removeMemberShipEntry(new LDAPGroupRole(lDAPUser, lDAPGroup, lDAPRole), lDAPRole);
            return;
        }
        if (lDAPRole != null) {
            removeMember(lDAPRole, lDAPUser);
        }
        if (lDAPGroup != null) {
            removeMember(lDAPGroup, lDAPUser);
        }
    }

    public GroupRole getMembership(IdentityType identityType, Group group, Role role) {
        GroupRole groupRole = null;
        LDAPUser lDAPUser = (LDAPUser) getUser(((User) identityType).getId());
        if (group == null || role == null) {
            if (role != null && ((LDAPRole) getRole(role.getName())).isMember(lDAPUser)) {
                groupRole = new SimpleGroupRole(lDAPUser, getRole(role.getName()), (Group) null);
            }
            if (group != null && ((LDAPGroup) getGroup(group.getName())).isMember(lDAPUser)) {
                groupRole = new SimpleGroupRole(lDAPUser, (Role) null, group);
            }
        } else {
            LDAPRole lDAPRole = (LDAPRole) getRole(role.getName());
            groupRole = (GroupRole) getLdapManager().lookup(new LDAPGroupRole(lDAPUser, (LDAPGroup) getGroup(group.getName()), lDAPRole).getDN());
            LDAPGroupRole lDAPGroupRole = (LDAPGroupRole) groupRole;
            if (groupRole == null || !lDAPGroupRole.isMember(lDAPRole)) {
                groupRole = null;
            }
        }
        return groupRole;
    }

    public void setAttribute(IdentityType identityType, org.picketlink.idm.model.Attribute<? extends Serializable> attribute) {
        throw new RuntimeException("Not implemented yet.");
    }

    public void removeAttribute(IdentityType identityType, String str) {
        throw new RuntimeException("Not implemented yet.");
    }

    public boolean validateCredential(User user, Object obj) {
        LDAPUser lDAPUser = (LDAPUser) getUser(user.getId());
        if (lDAPUser == null) {
            return false;
        }
        boolean z = false;
        if (obj instanceof PlainTextPassword) {
            z = getLdapManager().authenticate(lDAPUser.getDN(), new String(((PlainTextPassword) obj).getValue()));
        } else if (obj instanceof X509CertificateCredentials) {
            try {
                z = ((X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(Base64.decode(new String((byte[]) lDAPUser.getAttribute(USER_CERTIFICATE_ATTRIBUTE).getValue()))))).equals(((X509CertificateCredentials) obj).getCertificate());
            } catch (Exception e) {
                e.printStackTrace();
            }
        }
        return z;
    }

    public void updateCredential(User user, Object obj) {
        if (obj instanceof PlainTextPassword) {
            PlainTextPassword plainTextPassword = (PlainTextPassword) obj;
            if (this.configuration.isActiveDirectory()) {
                updateADPassword((LDAPUser) user, new String(plainTextPassword.getValue()));
                return;
            }
            LDAPUser convert = !(user instanceof LDAPUser) ? convert(user) : (LDAPUser) user;
            BasicAttribute basicAttribute = new BasicAttribute(USER_PASSWORD_ATTRIBUTE, plainTextPassword.getValue());
            new ModificationItem[1][0] = new ModificationItem(2, basicAttribute);
            getLdapManager().modifyAttribute(convert.getDN(), basicAttribute);
            return;
        }
        if (!(obj instanceof X509CertificateCredentials)) {
            throwsNotSupportedCredentialType(obj);
            return;
        }
        try {
            LDAPUser lDAPUser = (LDAPUser) user;
            String encodeBytes = Base64.encodeBytes(((X509CertificateCredentials) obj).getCertificate().getEncoded());
            lDAPUser.setAttribute(new org.picketlink.idm.model.Attribute<>(USER_CERTIFICATE_ATTRIBUTE, encodeBytes));
            getLdapManager().modifyAttribute(lDAPUser.getDN(), new BasicAttribute(USER_CERTIFICATE_ATTRIBUTE, encodeBytes));
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    /* JADX WARN: Finally extract failed */
    public <T extends IdentityType> List<T> fetchQueryResults(IdentityQuery<T> identityQuery) {
        ArrayList arrayList = new ArrayList();
        LDAPQuery lDAPQuery = new LDAPQuery(identityQuery.getParameters());
        Class identityType = identityQuery.getIdentityType();
        StringBuffer stringBuffer = new StringBuffer();
        String str = null;
        String str2 = null;
        NamingEnumeration<SearchResult> namingEnumeration = null;
        LDAPSearchCallback lDAPSearchCallback = null;
        boolean z = true;
        if (User.class.isAssignableFrom(identityType)) {
            str = this.configuration.getUserDNSuffix();
            str2 = LDAPConstants.UID;
            lDAPSearchCallback = new LDAPSearchCallback<T>() { // from class: org.picketlink.idm.ldap.internal.LDAPIdentityStore.4
                /* JADX WARN: Incorrect return type in method signature: (Ljavax/naming/directory/SearchResult;)TT; */
                @Override // org.picketlink.idm.ldap.internal.LDAPSearchCallback
                public IdentityType processResult(SearchResult searchResult) {
                    try {
                        return LDAPIdentityStore.this.getUser(searchResult.getAttributes().get(LDAPConstants.UID).get().toString());
                    } catch (NamingException e) {
                        throw new RuntimeException((Throwable) e);
                    }
                }
            };
            for (LDAPQueryParameter lDAPQueryParameter : lDAPQuery.getMemberShipParameters()) {
                QueryParameter queryParameter = lDAPQueryParameter.getQueryParameter();
                if (queryParameter.equals(User.HAS_ROLE) || queryParameter.equals(User.MEMBER_OF)) {
                    HashMap hashMap = new HashMap();
                    for (Object obj : lDAPQueryParameter.getValues()) {
                        try {
                            NamingEnumeration all = (queryParameter.equals(User.HAS_ROLE) ? ((LDAPRole) getRole(obj.toString())).getLDAPAttributes().get(LDAPConstants.MEMBER) : ((LDAPGroup) getGroup(obj.toString())).getLDAPAttributes().get(LDAPConstants.MEMBER)).getAll();
                            while (all.hasMoreElements()) {
                                String str3 = (String) all.nextElement();
                                if (!str3.toString().trim().isEmpty()) {
                                    String str4 = str3.split(LDAPConstants.COMMA)[0];
                                    if (hashMap.containsKey(str4)) {
                                        hashMap.put(str4, Integer.valueOf(((Integer) hashMap.get(str4)).intValue() + 1));
                                    } else {
                                        hashMap.put(str4, 1);
                                    }
                                    stringBuffer.append("(").append(str4).append(")");
                                }
                            }
                        } catch (NamingException e) {
                            e.printStackTrace();
                        }
                    }
                    for (Map.Entry entry : hashMap.entrySet()) {
                        if (!((Integer) entry.getValue()).equals(Integer.valueOf(lDAPQueryParameter.getValues().length))) {
                            stringBuffer = new StringBuffer(stringBuffer.toString().replaceAll("\\(" + ((String) entry.getKey()) + "\\)", ""));
                        }
                    }
                } else {
                    String str5 = "(|";
                    for (Object obj2 : lDAPQueryParameter.getValues()) {
                        str5 = str5 + "(cn=" + ((GroupRole) obj2).getGroup().getName() + ")";
                    }
                    NamingEnumeration<SearchResult> namingEnumeration2 = null;
                    try {
                        try {
                            namingEnumeration2 = getLdapManager().search(this.configuration.getUserDNSuffix(), (str5 + ")").toString());
                            if (namingEnumeration2.hasMoreElements()) {
                                for (Object obj3 : lDAPQueryParameter.getValues()) {
                                    GroupRole groupRole = (GroupRole) obj3;
                                    while (namingEnumeration2.hasMoreElements()) {
                                        SearchResult searchResult = (SearchResult) namingEnumeration2.next();
                                        String str6 = searchResult.getNameInNamespace().split(LDAPConstants.COMMA)[1];
                                        if (searchResult.getAttributes().get(LDAPConstants.MEMBER).contains("cn=" + groupRole.getRole().getName() + LDAPConstants.COMMA + this.configuration.getRoleDNSuffix())) {
                                            stringBuffer.append("(").append(str6).append(")");
                                        }
                                    }
                                }
                            }
                            if (namingEnumeration2 != null) {
                                try {
                                    namingEnumeration2.close();
                                } catch (NamingException e2) {
                                }
                            }
                        } catch (Throwable th) {
                            throw th;
                        }
                    } catch (Exception e3) {
                        throw new RuntimeException(e3);
                    }
                }
            }
            if (stringBuffer.length() == 0 && !lDAPQuery.getMemberShipParameters().isEmpty()) {
                return arrayList;
            }
        } else if (Role.class.isAssignableFrom(identityType)) {
            stringBuffer.append("(!(cn=custom-attributes))");
            str = this.configuration.getRoleDNSuffix();
            str2 = LDAPConstants.CN;
            z = false;
            lDAPSearchCallback = new LDAPSearchCallback<T>() { // from class: org.picketlink.idm.ldap.internal.LDAPIdentityStore.5
                /* JADX WARN: Incorrect return type in method signature: (Ljavax/naming/directory/SearchResult;)TT; */
                @Override // org.picketlink.idm.ldap.internal.LDAPSearchCallback
                public IdentityType processResult(SearchResult searchResult2) {
                    try {
                        return LDAPIdentityStore.this.getRole(searchResult2.getAttributes().get(LDAPConstants.CN).get().toString());
                    } catch (NamingException e4) {
                        throw new RuntimeException((Throwable) e4);
                    }
                }
            };
        } else if (Group.class.isAssignableFrom(identityType)) {
            stringBuffer.append("(!(cn=custom-attributes))");
            str = this.configuration.getGroupDNSuffix();
            str2 = LDAPConstants.CN;
            z = false;
            lDAPSearchCallback = new LDAPSearchCallback<T>() { // from class: org.picketlink.idm.ldap.internal.LDAPIdentityStore.6
                /* JADX WARN: Incorrect return type in method signature: (Ljavax/naming/directory/SearchResult;)TT; */
                @Override // org.picketlink.idm.ldap.internal.LDAPSearchCallback
                public IdentityType processResult(SearchResult searchResult2) {
                    try {
                        return LDAPIdentityStore.this.getGroup(searchResult2.getAttributes().get(LDAPConstants.CN).get().toString());
                    } catch (NamingException e4) {
                        throw new RuntimeException((Throwable) e4);
                    }
                }
            };
        }
        try {
            try {
                if (stringBuffer.length() > 0 && z) {
                    stringBuffer.insert(0, "(|");
                    stringBuffer.insert(stringBuffer.length() - 1, ")");
                }
                StringBuffer createManagedAttributesFilter = lDAPQuery.createManagedAttributesFilter();
                if (createManagedAttributesFilter == null) {
                    createManagedAttributesFilter = new StringBuffer("(&(objectClass=*)(" + str2 + "=*))");
                }
                createManagedAttributesFilter.insert(createManagedAttributesFilter.length() - 1, stringBuffer.toString());
                namingEnumeration = getLdapManager().search(str, createManagedAttributesFilter.toString());
                while (namingEnumeration.hasMoreElements()) {
                    SearchResult searchResult2 = (SearchResult) namingEnumeration.nextElement();
                    String str7 = (String) searchResult2.getAttributes().get(str2).get();
                    if (lDAPQuery.hasCustomAttributes()) {
                        LDAPCustomAttributes customAttributes = getCustomAttributes(str2 + LDAPConstants.EQUAL + str7 + LDAPConstants.COMMA + str);
                        if (customAttributes != null) {
                            Iterator<LDAPQueryParameter> it = lDAPQuery.getCustomParameters().iterator();
                            while (true) {
                                if (!it.hasNext()) {
                                    break;
                                }
                                LDAPQueryParameter next = it.next();
                                IdentityType.AttributeParameter queryParameter2 = next.getQueryParameter();
                                Object[] values = next.getValues();
                                boolean z2 = false;
                                if (!queryParameter2.equals(Group.PARENT)) {
                                    if (!next.isMappedToManagedAttribute()) {
                                        String id = next.getMappedTo() != null ? next.getMappedTo().getID() : queryParameter2 instanceof IdentityType.AttributeParameter ? queryParameter2.getName() : "";
                                        Object attribute = customAttributes.getAttribute(id);
                                        if (attribute != null) {
                                            z2 = true;
                                            if (id.equals(LDAPConstants.CUSTOM_ATTRIBUTE_CREATE_DATE) || id.equals(LDAPConstants.CUSTOM_ATTRIBUTE_EXPIRY_DATE)) {
                                                long time = ((Date) values[0]).getTime();
                                                long longValue = Long.valueOf(attribute.toString()).longValue();
                                                if (!queryParameter2.equals(User.CREATED_DATE) && !queryParameter2.equals(User.EXPIRY_DATE)) {
                                                    if (id.equals(LDAPConstants.CUSTOM_ATTRIBUTE_CREATE_DATE) || id.equals(LDAPConstants.CUSTOM_ATTRIBUTE_EXPIRY_DATE)) {
                                                        if ((queryParameter2.equals(User.CREATED_AFTER) || queryParameter2.equals(User.EXPIRY_AFTER)) && longValue < time) {
                                                            str7 = null;
                                                            break;
                                                        }
                                                        if ((queryParameter2.equals(User.CREATED_BEFORE) || queryParameter2.equals(User.EXPIRY_BEFORE)) && longValue > time) {
                                                            str7 = null;
                                                            break;
                                                        }
                                                    }
                                                } else if (time != longValue) {
                                                    str7 = null;
                                                    break;
                                                }
                                            } else if (!(queryParameter2 instanceof IdentityType.AttributeParameter) || !attribute.getClass().isArray()) {
                                                if (!values[0].toString().equals(attribute.toString())) {
                                                    str7 = null;
                                                    break;
                                                }
                                            } else if (id.equals(queryParameter2.getName())) {
                                                Object[] objArr = (Object[]) attribute;
                                                int length = values.length;
                                                int i = 0;
                                                while (true) {
                                                    if (i >= length) {
                                                        break;
                                                    }
                                                    Object obj4 = values[i];
                                                    boolean z3 = false;
                                                    int length2 = objArr.length;
                                                    int i2 = 0;
                                                    while (true) {
                                                        if (i2 >= length2) {
                                                            break;
                                                        }
                                                        if (objArr[i2].toString().equals(obj4.toString())) {
                                                            z3 = true;
                                                            break;
                                                        }
                                                        i2++;
                                                    }
                                                    if (!z3) {
                                                        str7 = null;
                                                        break;
                                                    }
                                                    i++;
                                                }
                                            }
                                        }
                                        if (!z2) {
                                            str7 = null;
                                            break;
                                        }
                                    } else {
                                        continue;
                                    }
                                } else {
                                    LDAPGroup lDAPGroup = new LDAPGroup(str);
                                    lDAPGroup.setName(str7);
                                    NamingEnumeration<SearchResult> findParentEntries = findParentEntries(str, lDAPGroup);
                                    boolean z4 = false;
                                    if (findParentEntries.hasMoreElements()) {
                                        while (true) {
                                            if (!findParentEntries.hasMoreElements()) {
                                                break;
                                            }
                                            if (((SearchResult) findParentEntries.nextElement()).getAttributes().get(LDAPConstants.CN).get().toString().equals(values[0].toString())) {
                                                z4 = true;
                                                break;
                                            }
                                        }
                                    }
                                    if (!z4) {
                                        str7 = null;
                                        break;
                                    }
                                }
                            }
                        } else {
                            str7 = null;
                        }
                    }
                    if (str7 != null) {
                        arrayList.add(lDAPSearchCallback.processResult(searchResult2));
                    }
                }
                if (namingEnumeration != null) {
                    try {
                        namingEnumeration.close();
                    } catch (NamingException e4) {
                    }
                }
                return arrayList;
            } catch (NamingException e5) {
                throw new RuntimeException((Throwable) e5);
            }
        } finally {
            if (namingEnumeration != null) {
                try {
                    namingEnumeration.close();
                } catch (NamingException e6) {
                }
            }
        }
    }

    public <T extends IdentityType> int countQueryResults(IdentityQuery<T> identityQuery) {
        throw new SecurityException("Not yet implemented") { // from class: org.picketlink.idm.ldap.internal.LDAPIdentityStore.7
        };
    }

    public <T extends Serializable> org.picketlink.idm.model.Attribute<T> getAttribute(IdentityType identityType, String str) {
        return null;
    }

    private void updateADPassword(LDAPUser lDAPUser, String str) {
        try {
            getLdapManager().modifyAttribute(lDAPUser.getDN(), new BasicAttribute("unicodePwd", ("\"" + str + "\"").getBytes("UTF-16LE")));
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    private void throwsNotSupportedCredentialType(Object obj) throws IllegalArgumentException {
        throw new IllegalArgumentException("Credential type not supported: " + obj.getClass());
    }

    private LDAPUser convert(User user) {
        LDAPUser lDAPUser;
        if (user instanceof LDAPUser) {
            lDAPUser = (LDAPUser) user;
        } else {
            lDAPUser = new LDAPUser(this.configuration.getUserDNSuffix());
            lDAPUser.setId(user.getId());
            lDAPUser.setFirstName(LDAPConstants.SPACE_STRING);
            lDAPUser.setLastName(LDAPConstants.SPACE_STRING);
            if (user.getFirstName() != null) {
                lDAPUser.setFirstName(user.getFirstName());
            }
            if (user.getLastName() != null) {
                lDAPUser.setLastName(user.getLastName());
            }
            if (user.getEmail() != null) {
                lDAPUser.setEmail(user.getEmail());
            }
            if (user.getExpirationDate() != null) {
                lDAPUser.setExpirationDate(user.getExpirationDate());
            }
            Iterator it = user.getAttributes().iterator();
            while (it.hasNext()) {
                lDAPUser.setAttribute((org.picketlink.idm.model.Attribute) it.next());
            }
        }
        return lDAPUser;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public LDAPCustomAttributes getCustomAttributes(String str) {
        LDAPCustomAttributes lDAPCustomAttributes = null;
        try {
            lDAPCustomAttributes = (LDAPCustomAttributes) getLdapManager().lookup(getCustomAttributesDN(str));
        } catch (Exception e) {
        }
        return lDAPCustomAttributes;
    }

    private String getCustomAttributesDN(String str) {
        return "cn=custom-attributes," + str;
    }

    private String getUserCN(LDAPUser lDAPUser) {
        String firstName = lDAPUser.getFirstName();
        if (lDAPUser.getLastName() != null) {
            firstName = firstName + LDAPConstants.SPACE_STRING + lDAPUser.getLastName();
        }
        return firstName;
    }

    private void store(LDAPEntry lDAPEntry) {
        getLdapManager().bind(lDAPEntry.getDN(), lDAPEntry);
        getLdapManager().bind(getCustomAttributesDN(lDAPEntry.getDN()), lDAPEntry.getCustomAttributes());
    }

    private void addMember(LDAPEntry lDAPEntry, LDAPEntry lDAPEntry2) {
        lDAPEntry.addMember(lDAPEntry2);
        getLdapManager().modifyAttribute(lDAPEntry.getDN(), lDAPEntry.getLDAPAttributes().get(LDAPConstants.MEMBER));
    }

    private void removeMember(LDAPEntry lDAPEntry, LDAPEntry lDAPEntry2) {
        lDAPEntry.removeMember(lDAPEntry2);
        getLdapManager().modifyAttribute(lDAPEntry.getDN(), lDAPEntry.getLDAPAttributes().get(LDAPConstants.MEMBER));
    }

    private void remove(LDAPEntry lDAPEntry) {
        getLdapManager().destroySubcontext(lDAPEntry.getDN());
    }

    /* JADX INFO: Access modifiers changed from: private */
    public Group getParentGroup(LDAPGroup lDAPGroup) {
        BasicAttributes basicAttributes = new BasicAttributes(true);
        basicAttributes.put(new BasicAttribute(LDAPConstants.MEMBER, "cn=" + lDAPGroup.getName() + LDAPConstants.COMMA + this.configuration.getGroupDNSuffix()));
        NamingEnumeration<SearchResult> namingEnumeration = null;
        try {
            try {
                namingEnumeration = getLdapManager().search(this.configuration.getGroupDNSuffix(), basicAttributes, new String[]{LDAPConstants.CN});
                if (namingEnumeration.hasMoreElements()) {
                    Group group = getGroup((String) ((SearchResult) namingEnumeration.nextElement()).getAttributes().get(LDAPConstants.CN).get());
                    if (namingEnumeration != null) {
                        try {
                            namingEnumeration.close();
                        } catch (NamingException e) {
                        }
                    }
                    return group;
                }
                if (namingEnumeration == null) {
                    return null;
                }
                try {
                    namingEnumeration.close();
                    return null;
                } catch (NamingException e2) {
                    return null;
                }
            } catch (NamingException e3) {
                throw new RuntimeException("Error looking parent group for [" + lDAPGroup.getDN() + "]", e3);
            }
        } catch (Throwable th) {
            if (namingEnumeration != null) {
                try {
                    namingEnumeration.close();
                } catch (NamingException e4) {
                }
            }
            throw th;
        }
    }

    private void updateCustomAttributes(LDAPEntry lDAPEntry) {
        LDAPCustomAttributes customAttributes = lDAPEntry.getCustomAttributes();
        for (Map.Entry entry : new HashMap(customAttributes.getAttributes()).entrySet()) {
            if (getLdapManager().isManagedAttribute((String) entry.getKey())) {
                lDAPEntry.getLDAPAttributes().put((String) entry.getKey(), entry.getValue());
                customAttributes.removeAttribute((String) entry.getKey());
            } else {
                lDAPEntry.getLDAPAttributes().remove((String) entry.getKey());
            }
        }
        getLdapManager().rebind(getCustomAttributesDN(lDAPEntry.getDN()), customAttributes);
    }

    private NamingEnumeration<SearchResult> findParentEntries(String str, LDAPEntry lDAPEntry) {
        return getLdapManager().search(str, "(member=" + lDAPEntry.getDN() + ")");
    }

    private void removeFromParent(String str, LDAPEntry lDAPEntry) {
        NamingEnumeration<SearchResult> namingEnumeration = null;
        try {
            try {
                namingEnumeration = findParentEntries(str, lDAPEntry);
                while (namingEnumeration.hasMoreElements()) {
                    Attribute attribute = ((SearchResult) namingEnumeration.nextElement()).getAttributes().get(LDAPConstants.MEMBER);
                    if (attribute != null) {
                        attribute.remove(lDAPEntry.getDN());
                    }
                    if (!attribute.getAll().hasMoreElements()) {
                        attribute.add(LDAPConstants.SPACE_STRING);
                    }
                }
                if (namingEnumeration != null) {
                    try {
                        namingEnumeration.close();
                    } catch (NamingException e) {
                    }
                }
            } catch (NamingException e2) {
                throw new RuntimeException((Throwable) e2);
            }
        } catch (Throwable th) {
            if (namingEnumeration != null) {
                try {
                    namingEnumeration.close();
                } catch (NamingException e3) {
                }
            }
            throw th;
        }
    }

    private void storeMembershipEntry(LDAPEntry lDAPEntry, LDAPEntry lDAPEntry2) {
        String dn = lDAPEntry.getDN();
        LDAPEntry lDAPEntry3 = (LDAPEntry) getLdapManager().lookup(dn);
        if (lDAPEntry3 == null) {
            getLdapManager().bind(dn, lDAPEntry);
            return;
        }
        Attribute attribute = lDAPEntry3.getLDAPAttributes().get(LDAPConstants.MEMBER);
        if (attribute.contains(lDAPEntry2.getDN())) {
            return;
        }
        attribute.add(lDAPEntry2.getDN());
        getLdapManager().modifyAttribute(dn, attribute);
        getLdapManager().rebind(dn, lDAPEntry3);
    }

    private void removeMemberShipEntry(LDAPEntry lDAPEntry, LDAPEntry lDAPEntry2) {
        String dn = lDAPEntry.getDN();
        LDAPEntry lDAPEntry3 = (LDAPEntry) getLdapManager().lookup(dn);
        if (lDAPEntry3 != null) {
            Attribute attribute = lDAPEntry3.getLDAPAttributes().get(LDAPConstants.MEMBER);
            if (attribute.contains(lDAPEntry2.getDN())) {
                attribute.remove(lDAPEntry2.getDN());
                attribute.add(LDAPConstants.SPACE_STRING);
                getLdapManager().modifyAttribute(dn, attribute);
                getLdapManager().rebind(dn, lDAPEntry3);
            }
        }
    }

    public LDAPOperationManager getLdapManager() {
        return this.configuration.getLdapManager();
    }

    public void validateCredentials(Credentials credentials) {
    }

    public void updateCredential(Agent agent, Object obj) {
    }
}
