package org.picketlink.idm.ldap.internal;

import java.io.Serializable;
import java.text.ParseException;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.TimeZone;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attributes;
import javax.naming.directory.BasicAttribute;
import javax.naming.directory.BasicAttributes;
import javax.naming.directory.SearchResult;
import org.picketlink.idm.IdentityManagementException;
import org.picketlink.idm.SecurityConfigurationException;
import org.picketlink.idm.credential.Credentials;
import org.picketlink.idm.credential.spi.CredentialHandler;
import org.picketlink.idm.credential.spi.annotations.CredentialHandlers;
import org.picketlink.idm.internal.util.IDMUtil;
import org.picketlink.idm.model.Agent;
import org.picketlink.idm.model.Attribute;
import org.picketlink.idm.model.AttributedType;
import org.picketlink.idm.model.Grant;
import org.picketlink.idm.model.Group;
import org.picketlink.idm.model.GroupMembership;
import org.picketlink.idm.model.GroupRole;
import org.picketlink.idm.model.IdentityType;
import org.picketlink.idm.model.Realm;
import org.picketlink.idm.model.Relationship;
import org.picketlink.idm.model.Role;
import org.picketlink.idm.model.SimpleAgent;
import org.picketlink.idm.model.SimpleGroup;
import org.picketlink.idm.model.SimpleRole;
import org.picketlink.idm.model.SimpleUser;
import org.picketlink.idm.model.User;
import org.picketlink.idm.query.IdentityQuery;
import org.picketlink.idm.query.QueryParameter;
import org.picketlink.idm.query.RelationshipQuery;
import org.picketlink.idm.query.internal.DefaultIdentityQuery;
import org.picketlink.idm.query.internal.DefaultRelationshipQuery;
import org.picketlink.idm.spi.IdentityStore;
import org.picketlink.idm.spi.IdentityStoreInvocationContext;

@CredentialHandlers({LDAPPlainTextPasswordCredentialHandler.class})
/* loaded from: input_file:org/picketlink/idm/ldap/internal/LDAPIdentityStore.class */
public class LDAPIdentityStore implements IdentityStore<LDAPIdentityStoreConfiguration> {
    private LDAPIdentityStoreConfiguration configuration;
    private IdentityStoreInvocationContext context;

    public void setup(LDAPIdentityStoreConfiguration lDAPIdentityStoreConfiguration, IdentityStoreInvocationContext identityStoreInvocationContext) {
        this.configuration = lDAPIdentityStoreConfiguration;
        this.context = identityStoreInvocationContext;
        if (this.context.getRealm() == null) {
            this.context.setRealm(new Realm("default"));
        }
    }

    /* renamed from: getConfig, reason: merged with bridge method [inline-methods] */
    public LDAPIdentityStoreConfiguration m8getConfig() {
        return this.configuration;
    }

    public IdentityStoreInvocationContext getContext() {
        return this.context;
    }

    /* JADX WARN: Multi-variable type inference failed */
    public void add(AttributedType attributedType) {
        if (!IdentityType.class.isInstance(attributedType)) {
            if (!Relationship.class.isInstance(attributedType)) {
                throw createUnsupportedAttributedType(attributedType.getClass());
            }
            Grant grant = (Relationship) attributedType;
            if (Grant.class.isInstance(grant)) {
                addGrantRelationship(grant);
                return;
            } else {
                if (!GroupMembership.class.isInstance(grant)) {
                    throw createUnsupportedRelationshipType(grant.getClass());
                }
                addGroupMembership((GroupMembership) grant);
                if (GroupRole.class.isInstance(grant)) {
                    addGroupRoleRelationship((GroupRole) grant);
                    return;
                }
                return;
            }
        }
        IdentityType identityType = (IdentityType) attributedType;
        identityType.setPartition(getContext().getRealm());
        if (!Agent.class.isInstance(attributedType)) {
            if (Role.class.isInstance(attributedType)) {
                addRole((Role) attributedType);
                return;
            } else {
                if (!Group.class.isInstance(attributedType)) {
                    throw createUnsupportedIdentityTypeException(identityType.getClass());
                }
                addGroup((Group) attributedType);
                return;
            }
        }
        Agent agent = (Agent) attributedType;
        if (agent.getLoginName() == null) {
            throw new IdentityManagementException("No login name was provided.");
        }
        if (getAgent(agent.getLoginName()) != null) {
            throw new IdentityManagementException("Agent already exists with the given login name [" + agent.getLoginName() + "] for the given Realm [" + getContext().getRealm().getName() + "]");
        }
        if (User.class.isInstance(attributedType)) {
            addUser((User) attributedType);
        } else {
            addAgent(agent);
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    public void update(AttributedType attributedType) {
        if (!IdentityType.class.isInstance(attributedType)) {
            throw createUnsupportedAttributedType(attributedType.getClass());
        }
        User user = (IdentityType) attributedType;
        if (Agent.class.isInstance(user)) {
            if (User.class.isInstance(user)) {
                updateUser(user);
                return;
            } else {
                updateAgent((Agent) user);
                return;
            }
        }
        if (Role.class.isInstance(user)) {
            updateRole((Role) user);
        } else {
            if (!Group.class.isInstance(user)) {
                throw createUnsupportedIdentityTypeException(user.getClass());
            }
            updateGroup((Group) user);
        }
    }

    public void remove(AttributedType attributedType) {
        if (IdentityType.class.isInstance(attributedType)) {
            IdentityType identityType = (IdentityType) attributedType;
            if (identityType.getId() == null) {
                throw new IdentityManagementException("No identifier provided.");
            }
            if (Agent.class.isInstance(identityType)) {
                removeAgentRelationships((Agent) identityType);
            }
            getLDAPManager().removeEntryById(getBaseDN(identityType.getClass()), identityType.getId());
            return;
        }
        if (Relationship.class.isInstance(attributedType)) {
            Grant grant = (Relationship) attributedType;
            if (Grant.class.isInstance(grant)) {
                Grant grant2 = grant;
                LDAPRole lDAPRole = (LDAPRole) lookupEntryByDN(new LDAPRole(grant2.getRole().getName(), m8getConfig().getRoleDNSuffix()));
                LDAPAgent lDAPAgent = null;
                if (Agent.class.isInstance(grant2.getAssignee())) {
                    Agent assignee = grant2.getAssignee();
                    lDAPAgent = User.class.isInstance(grant2.getAssignee()) ? (LDAPAgent) lookupEntryByDN(new LDAPUser(assignee.getLoginName(), m8getConfig().getUserDNSuffix())) : (LDAPAgent) lookupEntryByDN(new LDAPAgent(assignee.getLoginName(), m8getConfig().getAgentDNSuffix()));
                }
                removeMember(lDAPRole, lDAPAgent);
                return;
            }
            if (GroupMembership.class.isInstance(grant)) {
                GroupRole groupRole = (GroupMembership) grant;
                LDAPGroup lDAPGroup = (LDAPGroup) lookupEntryByDN(new LDAPGroup(groupRole.getGroup().getName(), m8getConfig().getGroupDNSuffix()));
                LDAPAgent lDAPAgent2 = null;
                if (Agent.class.isInstance(groupRole.getMember())) {
                    Agent member = groupRole.getMember();
                    lDAPAgent2 = User.class.isInstance(groupRole.getMember()) ? (LDAPAgent) lookupEntryByDN(new LDAPUser(member.getLoginName(), m8getConfig().getUserDNSuffix())) : (LDAPAgent) lookupEntryByDN(new LDAPAgent(member.getLoginName(), m8getConfig().getAgentDNSuffix()));
                }
                removeMember(lDAPGroup, lDAPAgent2);
                if (GroupRole.class.isInstance(groupRole)) {
                    NamingEnumeration<SearchResult> lookupGroupRoleEntry = lookupGroupRoleEntry(lDAPAgent2, groupRole.getGroup());
                    try {
                        if (lookupGroupRoleEntry.hasMore()) {
                            getLDAPManager().destroySubcontext(((SearchResult) lookupGroupRoleEntry.next()).getNameInNamespace());
                        }
                    } catch (Exception e) {
                        throw new IdentityManagementException("Error removing GroupRole relationship.", e);
                    }
                }
            }
        }
    }

    private NamingEnumeration<SearchResult> lookupGroupRoleEntry(LDAPAgent lDAPAgent, Group group) {
        return getLDAPManager().search(lDAPAgent.getDN(), "cn=" + group.getName());
    }

    private void removeAgentRelationships(Agent agent) {
        DefaultRelationshipQuery defaultRelationshipQuery = new DefaultRelationshipQuery(Grant.class, this);
        defaultRelationshipQuery.setParameter(Grant.ASSIGNEE, agent);
        Iterator it = defaultRelationshipQuery.getResultList().iterator();
        while (it.hasNext()) {
            remove((Grant) it.next());
        }
        DefaultRelationshipQuery defaultRelationshipQuery2 = new DefaultRelationshipQuery(GroupMembership.class, this);
        defaultRelationshipQuery2.setParameter(GroupMembership.MEMBER, agent);
        Iterator it2 = defaultRelationshipQuery2.getResultList().iterator();
        while (it2.hasNext()) {
            remove((GroupMembership) it2.next());
        }
        DefaultRelationshipQuery defaultRelationshipQuery3 = new DefaultRelationshipQuery(GroupRole.class, this);
        defaultRelationshipQuery3.setParameter(GroupRole.MEMBER, agent);
        Iterator it3 = defaultRelationshipQuery3.getResultList().iterator();
        while (it3.hasNext()) {
            remove((GroupRole) it3.next());
        }
    }

    private void removeMember(LDAPEntry lDAPEntry, LDAPEntry lDAPEntry2) {
        lDAPEntry.removeMember(lDAPEntry2);
        getLDAPManager().modifyAttribute(lDAPEntry.getDN(), lDAPEntry.getLDAPAttributes().get(LDAPConstants.MEMBER));
    }

    public Agent getAgent(String str) {
        LDAPAgent lDAPAgent;
        IdentityType identityType = null;
        if (str != null && (lDAPAgent = (LDAPAgent) lookupEntryByDN(new LDAPAgent(str, m8getConfig().getAgentDNSuffix()))) != null) {
            identityType = new SimpleAgent(lDAPAgent.getLoginName());
            identityType.setLoginName(lDAPAgent.getLoginName());
            populateIdentityType(lDAPAgent, identityType);
        }
        if (identityType == null) {
            identityType = getUser(str);
        }
        return identityType;
    }

    public User getUser(String str) {
        LDAPUser lDAPUser;
        if (str == null || (lDAPUser = (LDAPUser) lookupEntryByDN(new LDAPUser(str, m8getConfig().getUserDNSuffix()))) == null) {
            return null;
        }
        IdentityType simpleUser = new SimpleUser(lDAPUser.getLoginName());
        simpleUser.setLoginName(lDAPUser.getLoginName());
        simpleUser.setFirstName(lDAPUser.getFirstName());
        simpleUser.setLastName(lDAPUser.getLastName());
        simpleUser.setEmail(lDAPUser.getEmail());
        populateIdentityType(lDAPUser, simpleUser);
        return simpleUser;
    }

    public Group getGroup(String str) {
        LDAPGroup lDAPGroup;
        if (str == null || (lDAPGroup = (LDAPGroup) lookupEntryByDN(new LDAPGroup(str, m8getConfig().getGroupDNSuffix()))) == null) {
            return null;
        }
        SimpleGroup simpleGroup = new SimpleGroup(lDAPGroup.getName(), getParentGroup(lDAPGroup));
        populateIdentityType(lDAPGroup, simpleGroup);
        return simpleGroup;
    }

    public Group getGroup(String str, Group group) {
        Group group2 = getGroup(str);
        if (group2.getParentGroup() == null || !group2.getParentGroup().getName().equals(group.getName())) {
            group2 = null;
        }
        return group2;
    }

    public Role getRole(String str) {
        LDAPRole lDAPRole;
        if (str == null || (lDAPRole = (LDAPRole) lookupEntryByDN(new LDAPRole(str, m8getConfig().getRoleDNSuffix()))) == null) {
            return null;
        }
        IdentityType simpleRole = new SimpleRole(lDAPRole.getName());
        populateIdentityType(lDAPRole, simpleRole);
        return simpleRole;
    }

    /* JADX WARN: Finally extract failed */
    public <T extends IdentityType> List<T> fetchQueryResults(IdentityQuery<T> identityQuery) {
        StringBuffer createManagedAttributesFilter = new LDAPQuery(identityQuery.getParameters()).createManagedAttributesFilter();
        if (createManagedAttributesFilter == null) {
            createManagedAttributesFilter = new StringBuffer("(&(objectClass=*))");
        }
        StringBuffer stringBuffer = new StringBuffer();
        if (IDMUtil.isAgentType(identityQuery.getIdentityType())) {
            if (identityQuery.getParameters().containsKey(User.HAS_ROLE)) {
                String createHasRoleFilter = createHasRoleFilter(identityQuery);
                if (createHasRoleFilter.isEmpty()) {
                    return Collections.emptyList();
                }
                stringBuffer.append(createHasRoleFilter);
            }
            if (identityQuery.getParameters().containsKey(User.MEMBER_OF)) {
                String createMemberOfFilter = createMemberOfFilter(identityQuery);
                if (createMemberOfFilter.isEmpty()) {
                    return Collections.emptyList();
                }
                stringBuffer.append(createMemberOfFilter);
            }
            if (identityQuery.getParameters().containsKey(IdentityType.HAS_GROUP_ROLE)) {
                String createGroupRoleFilter = createGroupRoleFilter(identityQuery);
                if (createGroupRoleFilter.isEmpty()) {
                    return Collections.emptyList();
                }
                stringBuffer.append(createGroupRoleFilter);
            }
        } else if (IDMUtil.isRoleType(identityQuery.getIdentityType())) {
            if (identityQuery.getParameters().containsKey(Role.ROLE_OF)) {
                String createRoleOfFilter = createRoleOfFilter(identityQuery);
                if (createRoleOfFilter.isEmpty()) {
                    return Collections.emptyList();
                }
                stringBuffer.append(createRoleOfFilter);
            }
        } else if (IDMUtil.isGroupType(identityQuery.getIdentityType())) {
            if (identityQuery.getParameters().containsKey(Group.HAS_MEMBER)) {
                String createHasMemberFilter = createHasMemberFilter(identityQuery);
                if (createHasMemberFilter.isEmpty()) {
                    return Collections.emptyList();
                }
                stringBuffer.append(createHasMemberFilter);
            }
            if (identityQuery.getParameters().containsKey(Group.PARENT)) {
                String createParentGroupFilter = createParentGroupFilter(identityQuery);
                if (createParentGroupFilter.isEmpty()) {
                    return Collections.emptyList();
                }
                stringBuffer.append(createParentGroupFilter);
            }
        }
        String idAttribute = getIdAttribute(identityQuery.getIdentityType());
        if (idAttribute != null) {
            createManagedAttributesFilter.insert(createManagedAttributesFilter.length() - 1, "(" + idAttribute + "=*)");
        }
        createManagedAttributesFilter.insert(createManagedAttributesFilter.length() - 1, "(!(cn=custom-attributes))");
        createManagedAttributesFilter.insert(createManagedAttributesFilter.length() - 1, stringBuffer.toString());
        NamingEnumeration<SearchResult> namingEnumeration = null;
        ArrayList arrayList = new ArrayList();
        try {
            try {
                namingEnumeration = getLDAPManager().search(getBaseDN(identityQuery.getIdentityType()), createManagedAttributesFilter.toString());
                while (namingEnumeration.hasMore()) {
                    String nameInNamespace = ((SearchResult) namingEnumeration.next()).getNameInNamespace();
                    String str = nameInNamespace.split(LDAPConstants.COMMA)[0].split(LDAPConstants.EQUAL)[1];
                    User user = null;
                    if (nameInNamespace.endsWith(m8getConfig().getUserDNSuffix())) {
                        user = getUser(str);
                    } else if (nameInNamespace.endsWith(m8getConfig().getAgentDNSuffix())) {
                        user = getAgent(str);
                    } else if (nameInNamespace.endsWith(m8getConfig().getRoleDNSuffix())) {
                        user = getRole(str);
                    } else if (nameInNamespace.endsWith(m8getConfig().getGroupDNSuffix())) {
                        user = getGroup(str);
                    }
                    if (identityQuery.getParameters().containsKey(IdentityType.ENABLED)) {
                        if (!String.valueOf(user.isEnabled()).equals(((Object[]) identityQuery.getParameters().get(IdentityType.ENABLED))[0].toString())) {
                        }
                    }
                    if (identityQuery.getParameters().containsKey(IdentityType.EXPIRY_DATE) || identityQuery.getParameters().containsKey(IdentityType.EXPIRY_BEFORE) || identityQuery.getParameters().containsKey(IdentityType.EXPIRY_AFTER)) {
                        if (user.getExpirationDate() != null) {
                            if (identityQuery.getParameters().containsKey(IdentityType.EXPIRY_DATE)) {
                                if (user.getExpirationDate().getTime() != ((Date) ((Object[]) identityQuery.getParameters().get(IdentityType.EXPIRY_DATE))[0]).getTime()) {
                                }
                            }
                            if (identityQuery.getParameters().containsKey(IdentityType.EXPIRY_BEFORE)) {
                                if (user.getExpirationDate().getTime() > ((Date) ((Object[]) identityQuery.getParameters().get(IdentityType.EXPIRY_BEFORE))[0]).getTime()) {
                                }
                            }
                            if (identityQuery.getParameters().containsKey(IdentityType.EXPIRY_AFTER)) {
                                if (user.getExpirationDate().getTime() < ((Date) ((Object[]) identityQuery.getParameters().get(IdentityType.EXPIRY_AFTER))[0]).getTime()) {
                                }
                            }
                        }
                    }
                    boolean z = true;
                    for (Map.Entry entry : identityQuery.getParameters(AttributedType.AttributeParameter.class).entrySet()) {
                        AttributedType.AttributeParameter attributeParameter = (QueryParameter) entry.getKey();
                        Object[] objArr = (Object[]) entry.getValue();
                        z = false;
                        AttributedType.AttributeParameter attributeParameter2 = attributeParameter;
                        Attribute attribute = user.getAttribute(attributeParameter2.getName());
                        if (user.getAttribute(attributeParameter2.getName()) != null) {
                            int length = objArr.length;
                            for (Object obj : objArr) {
                                if (attribute.getValue().getClass().isArray()) {
                                    for (Object obj2 : (Object[]) attribute.getValue()) {
                                        if (obj2.equals(obj)) {
                                            length--;
                                        }
                                    }
                                } else if (obj.equals(attribute.getValue())) {
                                    length--;
                                }
                            }
                            z = length <= 0;
                            if (!z) {
                                break;
                            }
                        }
                    }
                    if (z && user != null) {
                        arrayList.add(user);
                    }
                }
                if (namingEnumeration != null) {
                    try {
                        namingEnumeration.close();
                    } catch (NamingException e) {
                    }
                }
                return arrayList;
            } catch (Throwable th) {
                if (namingEnumeration != null) {
                    try {
                        namingEnumeration.close();
                    } catch (NamingException e2) {
                    }
                }
                throw th;
            }
        } catch (Exception e3) {
            throw new IdentityManagementException("Error during query execution.", e3);
        }
    }

    public <T extends IdentityType> int countQueryResults(IdentityQuery<T> identityQuery) {
        int limit = identityQuery.getLimit();
        int offset = identityQuery.getOffset();
        identityQuery.setLimit(0);
        identityQuery.setOffset(0);
        int size = identityQuery.getResultList().size();
        identityQuery.setLimit(limit);
        identityQuery.setOffset(offset);
        return size;
    }

    public <T extends Relationship> List<T> fetchQueryResults(RelationshipQuery<T> relationshipQuery) {
        LDAPGroup lDAPGroup;
        NamingEnumeration<SearchResult> search;
        javax.naming.directory.Attribute attribute;
        ArrayList arrayList = new ArrayList();
        Class relationshipType = relationshipQuery.getRelationshipType();
        if (Grant.class.equals(relationshipType)) {
            Agent agent = null;
            if (relationshipQuery.getParameter(Grant.ASSIGNEE) != null) {
                agent = (Agent) relationshipQuery.getParameter(Grant.ASSIGNEE)[0];
            }
            Role role = null;
            if (relationshipQuery.getParameter(Grant.ROLE) != null) {
                role = (Role) relationshipQuery.getParameter(Grant.ROLE)[0];
            }
            LDAPAgent lDAPAgent = null;
            if (Agent.class.isInstance(agent)) {
                lDAPAgent = User.class.isInstance(agent) ? (LDAPAgent) lookupEntryByDN(new LDAPUser(agent.getLoginName(), m8getConfig().getUserDNSuffix())) : (LDAPAgent) lookupEntryByDN(new LDAPAgent(agent.getLoginName(), m8getConfig().getAgentDNSuffix()));
            }
            if (agent == null || role == null) {
                if (agent != null) {
                    DefaultIdentityQuery defaultIdentityQuery = new DefaultIdentityQuery(Role.class, this);
                    defaultIdentityQuery.setParameter(Role.ROLE_OF, new Object[]{agent});
                    Iterator it = defaultIdentityQuery.getResultList().iterator();
                    while (it.hasNext()) {
                        arrayList.add(new Grant(agent, (Role) it.next()));
                    }
                } else if (role != null) {
                    DefaultIdentityQuery defaultIdentityQuery2 = new DefaultIdentityQuery(User.class, this);
                    defaultIdentityQuery2.setParameter(Role.HAS_ROLE, new Object[]{role.getName()});
                    Iterator it2 = defaultIdentityQuery2.getResultList().iterator();
                    while (it2.hasNext()) {
                        arrayList.add(new Grant((User) it2.next(), role));
                    }
                }
            } else if (((LDAPRole) lookupEntryByDN(new LDAPRole(role.getName(), m8getConfig().getRoleDNSuffix()))).isMember(lDAPAgent)) {
                arrayList.add(new Grant(agent, role));
            }
        } else if (GroupMembership.class.equals(relationshipType)) {
            Agent agent2 = null;
            if (relationshipQuery.getParameter(GroupMembership.MEMBER) != null) {
                agent2 = (Agent) relationshipQuery.getParameter(GroupMembership.MEMBER)[0];
            }
            Group group = null;
            if (relationshipQuery.getParameter(GroupMembership.GROUP) != null) {
                group = (Group) relationshipQuery.getParameter(GroupMembership.GROUP)[0];
            }
            if (agent2 != null && group != null) {
                LDAPGroup lDAPGroup2 = (LDAPGroup) lookupEntryByDN(new LDAPGroup(group.getName(), m8getConfig().getGroupDNSuffix()));
                LDAPAgent lDAPAgent2 = null;
                if (Agent.class.isInstance(agent2)) {
                    lDAPAgent2 = User.class.isInstance(agent2) ? (LDAPAgent) lookupEntryByDN(new LDAPUser(agent2.getLoginName(), m8getConfig().getUserDNSuffix())) : (LDAPAgent) lookupEntryByDN(new LDAPAgent(agent2.getLoginName(), m8getConfig().getAgentDNSuffix()));
                }
                if (lDAPAgent2 != null && lDAPGroup2.isMember(lDAPAgent2)) {
                    arrayList.add(new GroupMembership(agent2, group));
                }
            } else if (agent2 != null) {
                DefaultIdentityQuery defaultIdentityQuery3 = new DefaultIdentityQuery(Group.class, this);
                defaultIdentityQuery3.setParameter(Group.HAS_MEMBER, new Object[]{agent2});
                Iterator it3 = defaultIdentityQuery3.getResultList().iterator();
                while (it3.hasNext()) {
                    arrayList.add(new GroupMembership(agent2, (Group) it3.next()));
                }
            } else if (group != null) {
                DefaultIdentityQuery defaultIdentityQuery4 = new DefaultIdentityQuery(User.class, this);
                defaultIdentityQuery4.setParameter(User.MEMBER_OF, new Object[]{group.getName()});
                Iterator it4 = defaultIdentityQuery4.getResultList().iterator();
                while (it4.hasNext()) {
                    arrayList.add(new GroupMembership((User) it4.next(), group));
                }
            }
        } else if (GroupRole.class.equals(relationshipType)) {
            Agent agent3 = null;
            if (relationshipQuery.getParameter(GroupRole.MEMBER) != null) {
                agent3 = (Agent) relationshipQuery.getParameter(GroupRole.MEMBER)[0];
            }
            Role role2 = null;
            if (relationshipQuery.getParameter(GroupRole.ROLE) != null) {
                role2 = (Role) relationshipQuery.getParameter(GroupRole.ROLE)[0];
            }
            Group group2 = null;
            if (relationshipQuery.getParameter(GroupRole.GROUP) != null) {
                group2 = (Group) relationshipQuery.getParameter(GroupRole.GROUP)[0];
            }
            if (agent3 != null && group2 != null && role2 != null) {
                LDAPGroup lDAPGroup3 = (LDAPGroup) lookupEntryByDN(new LDAPGroup(group2.getName(), m8getConfig().getGroupDNSuffix()));
                LDAPRole lDAPRole = (LDAPRole) lookupEntryByDN(new LDAPRole(role2.getName(), m8getConfig().getRoleDNSuffix()));
                LDAPAgent lDAPAgent3 = null;
                if (Agent.class.isInstance(agent3)) {
                    lDAPAgent3 = User.class.isInstance(agent3) ? (LDAPAgent) lookupEntryByDN(new LDAPUser(agent3.getLoginName(), m8getConfig().getUserDNSuffix())) : (LDAPAgent) lookupEntryByDN(new LDAPAgent(agent3.getLoginName(), m8getConfig().getAgentDNSuffix()));
                }
                if (lDAPAgent3 != null && lDAPGroup3 != null && lDAPRole != null) {
                    LDAPGroupRole lDAPGroupRole = new LDAPGroupRole(lDAPAgent3, lDAPGroup3, lDAPRole);
                    search = getLDAPManager().search(lDAPAgent3.getDN(), lDAPGroupRole.getBidingName());
                    try {
                        try {
                            if (search.hasMore()) {
                                lDAPGroupRole.setLDAPAttributes(((SearchResult) search.next()).getAttributes());
                                if (lDAPGroupRole.isMember(lDAPRole)) {
                                    arrayList.add(new GroupRole(agent3, group2, role2));
                                }
                            }
                            try {
                                search.close();
                            } catch (NamingException e) {
                            }
                        } catch (Exception e2) {
                            throw new IdentityManagementException("Error looking up GroupRole relationship.", e2);
                        }
                    } finally {
                    }
                }
            } else if (agent3 != null && role2 == null && group2 == null) {
                LDAPAgent lDAPAgent4 = null;
                if (Agent.class.isInstance(agent3)) {
                    lDAPAgent4 = User.class.isInstance(agent3) ? (LDAPAgent) lookupEntryByDN(new LDAPUser(agent3.getLoginName(), m8getConfig().getUserDNSuffix())) : (LDAPAgent) lookupEntryByDN(new LDAPAgent(agent3.getLoginName(), m8getConfig().getAgentDNSuffix()));
                }
                if (lDAPAgent4 != null) {
                    search = getLDAPManager().search(lDAPAgent4.getDN(), "(&(objectClass=*)(cn=*)(member=*))");
                    while (search.hasMore()) {
                        try {
                            try {
                                SearchResult searchResult = (SearchResult) search.next();
                                Group group3 = getGroup((String) searchResult.getAttributes().get(LDAPConstants.CN).get());
                                if (group3 != null && (attribute = searchResult.getAttributes().get(LDAPConstants.MEMBER)) != null && attribute.size() > 0) {
                                    NamingEnumeration all = attribute.getAll();
                                    while (all.hasMoreElements()) {
                                        String str = (String) all.nextElement();
                                        arrayList.add(new GroupRole(agent3, group3, getRole(str.substring(str.indexOf(LDAPConstants.EQUAL) + 1, str.indexOf(LDAPConstants.COMMA)))));
                                    }
                                }
                            } catch (Exception e3) {
                                throw new IdentityManagementException(e3);
                            }
                        } finally {
                        }
                    }
                    try {
                        search.close();
                    } catch (NamingException e4) {
                    }
                }
            } else if (role2 != null) {
                LDAPRole lDAPRole2 = (LDAPRole) lookupEntryByDN(new LDAPRole(role2.getName(), m8getConfig().getRoleDNSuffix()));
                if (lDAPRole2 != null) {
                    search = getLDAPManager().search(m8getConfig().getUserDNSuffix(), "(&(objectClass=*)(cn=*)(member=" + lDAPRole2.getDN() + "))");
                    while (search.hasMore()) {
                        try {
                            try {
                                Group group4 = getGroup((String) ((SearchResult) search.next()).getAttributes().get(LDAPConstants.CN).get());
                                Role role3 = getRole(lDAPRole2.getName());
                                if (group4 != null && role3 != null) {
                                    arrayList.add(new GroupRole(agent3, group4, role3));
                                }
                            } catch (Exception e5) {
                                throw new IdentityManagementException(e5);
                            }
                        } finally {
                            try {
                                search.close();
                            } catch (NamingException e6) {
                            }
                        }
                    }
                    try {
                        search.close();
                    } catch (NamingException e7) {
                    }
                }
            } else if (group2 != null && (lDAPGroup = (LDAPGroup) lookupEntryByDN(new LDAPGroup(group2.getName(), m8getConfig().getGroupDNSuffix()))) != null) {
                NamingEnumeration<SearchResult> search2 = getLDAPManager().search(m8getConfig().getUserDNSuffix(), "(&(objectClass=*)(" + lDAPGroup.getBidingName() + ")(" + LDAPConstants.MEMBER + LDAPConstants.EQUAL + "*))");
                while (search2.hasMore()) {
                    try {
                        try {
                            SearchResult searchResult2 = (SearchResult) search2.next();
                            Group group5 = getGroup((String) searchResult2.getAttributes().get(LDAPConstants.CN).get());
                            if (group5 != null) {
                                String nameInNamespace = searchResult2.getNameInNamespace();
                                String substring = nameInNamespace.substring(nameInNamespace.indexOf(LDAPConstants.UID));
                                Agent agent4 = getAgent(substring.substring(substring.indexOf(LDAPConstants.EQUAL) + 1, substring.indexOf(LDAPConstants.COMMA)));
                                javax.naming.directory.Attribute attribute2 = searchResult2.getAttributes().get(LDAPConstants.MEMBER);
                                if (attribute2 != null && attribute2.size() > 0) {
                                    NamingEnumeration all2 = attribute2.getAll();
                                    while (all2.hasMoreElements()) {
                                        String str2 = (String) all2.nextElement();
                                        arrayList.add(new GroupRole(agent4, group5, getRole(str2.substring(str2.indexOf(LDAPConstants.EQUAL) + 1, str2.indexOf(LDAPConstants.COMMA)))));
                                    }
                                }
                            }
                        } finally {
                            try {
                                search2.close();
                            } catch (NamingException e8) {
                            }
                        }
                    } catch (Exception e9) {
                        throw new IdentityManagementException(e9);
                    }
                }
                try {
                    search2.close();
                } catch (NamingException e10) {
                }
            }
        }
        return arrayList;
    }

    public <T extends Relationship> int countQueryResults(RelationshipQuery<T> relationshipQuery) {
        return 0;
    }

    public void setAttribute(IdentityType identityType, Attribute<? extends Serializable> attribute) {
    }

    public <T extends Serializable> Attribute<T> getAttribute(IdentityType identityType, String str) {
        return null;
    }

    public void removeAttribute(IdentityType identityType, String str) {
    }

    public void validateCredentials(Credentials credentials) {
        CredentialHandler credentialValidator = getContext().getCredentialValidator(credentials.getClass(), this);
        if (credentialValidator == null) {
            throw new SecurityConfigurationException("No suitable CredentialHandler available for validating Credentials of type [" + credentials.getClass() + "] for IdentityStore [" + getClass() + "]");
        }
        credentialValidator.validate(credentials, this);
    }

    public void updateCredential(Agent agent, Object obj, Date date, Date date2) {
        CredentialHandler credentialUpdater = getContext().getCredentialUpdater(obj.getClass(), this);
        if (credentialUpdater == null) {
            throw new SecurityConfigurationException("No suitable CredentialHandler available for updating Credentials of type [" + obj.getClass() + "] for IdentityStore [" + getClass() + "]");
        }
        credentialUpdater.update(agent, obj, this, date, date2);
    }

    private void addIdentityType(IdentityType identityType, LDAPIdentityType lDAPIdentityType) {
        lDAPIdentityType.setId(identityType.getId());
        lDAPIdentityType.setEnabled(identityType.isEnabled());
        lDAPIdentityType.setCreatedDate(identityType.getCreatedDate());
        lDAPIdentityType.setExpirationDate(identityType.getExpirationDate());
        getLDAPManager().createSubContext(lDAPIdentityType.getDN(), lDAPIdentityType.getLDAPAttributes());
        getLDAPManager().rebind(getCustomAttributesDN(lDAPIdentityType.getDN()), lDAPIdentityType.getCustomAttributes());
        populateLDAPOperationAttributes(lDAPIdentityType);
        identityType.setId(lDAPIdentityType.getId());
    }

    private LDAPOperationManager getLDAPManager() {
        return m8getConfig().getLdapManager();
    }

    private String getCustomAttributesDN(String str) {
        return "cn=custom-attributes," + str;
    }

    private void updateIdentityType(IdentityType identityType, LDAPIdentityType lDAPIdentityType) {
        lDAPIdentityType.setEnabled(identityType.isEnabled());
        lDAPIdentityType.setExpirationDate(identityType.getExpirationDate());
        NamingEnumeration all = lDAPIdentityType.getLDAPAttributes().getAll();
        Attributes attributes = (Attributes) lDAPIdentityType.getLDAPAttributes().clone();
        while (all.hasMoreElements()) {
            javax.naming.directory.Attribute attribute = (javax.naming.directory.Attribute) all.nextElement();
            if (attributes.get(attribute.getID()) == null) {
                getLDAPManager().addAttribute(lDAPIdentityType.getDN(), attribute);
            } else if (!attribute.getID().equalsIgnoreCase(LDAPConstants.ENTRY_UUID) && !attribute.getID().equalsIgnoreCase(LDAPConstants.CREATE_TIMESTAMP)) {
                getLDAPManager().modifyAttribute(lDAPIdentityType.getDN(), attribute);
            }
        }
        lDAPIdentityType.getCustomAttributes().clear();
        for (Attribute attribute2 : identityType.getAttributes()) {
            lDAPIdentityType.getCustomAttributes().addAttribute(attribute2.getName(), attribute2.getValue());
        }
        getLDAPManager().rebind(getCustomAttributesDN(lDAPIdentityType.getDN()), lDAPIdentityType.getCustomAttributes());
    }

    private void populateIdentityType(LDAPIdentityType lDAPIdentityType, IdentityType identityType) {
        identityType.setId(lDAPIdentityType.getId());
        identityType.setEnabled(lDAPIdentityType.isEnabled());
        identityType.setCreatedDate(lDAPIdentityType.getCreatedDate());
        identityType.setExpirationDate(lDAPIdentityType.getExpirationDate());
        identityType.setPartition(lDAPIdentityType.getPartition());
        for (Map.Entry<String, Serializable> entry : lDAPIdentityType.getCustomAttributes().getAttributes().entrySet()) {
            if (!entry.getKey().equals(LDAPConstants.CUSTOM_ATTRIBUTE_ENABLED) && !entry.getKey().equals(LDAPConstants.CUSTOM_ATTRIBUTE_EXPIRY_DATE)) {
                identityType.setAttribute(new Attribute(entry.getKey(), entry.getValue()));
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public <T extends LDAPIdentityType> T lookupEntryById(Class<T> cls, String str) {
        T t = null;
        NamingEnumeration<SearchResult> lookupById = getLDAPManager().lookupById(getBaseDN(cls), str);
        try {
            try {
                if (lookupById.hasMore()) {
                    SearchResult searchResult = (SearchResult) lookupById.next();
                    t = cls.getConstructor(String.class).newInstance(getBaseDN(cls));
                    populateLDAPEntry(t, searchResult);
                }
                if (lookupById.hasMore()) {
                    throw new IdentityManagementException("Ambiguous entry found with the given id [" + str + "]");
                }
                if (t == null) {
                    throw new IdentityManagementException("No entry found for the given type [" + cls.getClass().getName() + "] and id [" + str + "]");
                }
                return t;
            } catch (Exception e) {
                throw new IdentityManagementException("Error creating instance for type [" + cls.getClass().getName() + "].", e);
            } catch (NamingException e2) {
                throw new IdentityManagementException("Error looking up entry.", e2);
            }
        } finally {
            if (lookupById != null) {
                try {
                    lookupById.close();
                } catch (NamingException e3) {
                }
            }
        }
    }

    private <T extends LDAPIdentityType> T lookupEntryByDN(T t) {
        NamingEnumeration<SearchResult> search = getLDAPManager().search(t.getDnSuffix(), "(&(objectClass=*)(" + t.getBidingName() + "))");
        try {
            try {
                if (search.hasMore()) {
                    populateLDAPEntry(t, (SearchResult) search.next());
                } else {
                    t = null;
                }
                return t;
            } catch (NamingException e) {
                throw new IdentityManagementException("Error looking up entry.", e);
            }
        } finally {
            if (search != null) {
                try {
                    search.close();
                } catch (NamingException e2) {
                }
            }
        }
    }

    private <T extends LDAPIdentityType> void populateLDAPEntry(T t, SearchResult searchResult) throws NamingException {
        t.setLDAPAttributes(searchResult.getAttributes());
        t.setCustomAttributes(getCustomAttributes(t));
        populateLDAPOperationAttributes(t);
        t.setPartition(new Realm("default"));
        t.setCustomAttributes(getCustomAttributes(t));
    }

    private <T extends LDAPIdentityType> void populateLDAPOperationAttributes(T t) {
        try {
            Attributes lookupOperationalAttributes = getLDAPManager().lookupOperationalAttributes(t.getDnSuffix(), t.getBidingName());
            t.setId(lookupOperationalAttributes.get(LDAPConstants.ENTRY_UUID).get().toString());
            String obj = lookupOperationalAttributes.get(LDAPConstants.CREATE_TIMESTAMP).get().toString();
            SimpleDateFormat simpleDateFormat = new SimpleDateFormat("yyyyMMddHHmmss");
            simpleDateFormat.setTimeZone(TimeZone.getTimeZone("GMT"));
            try {
                t.setCreatedDate(simpleDateFormat.parse(obj));
            } catch (ParseException e) {
                throw new IdentityManagementException("Error parsing created date.", e);
            }
        } catch (Exception e2) {
            throw new IdentityManagementException("Error populating operational attributes.", e2);
        }
    }

    private LDAPCustomAttributes getCustomAttributes(LDAPAttributedType lDAPAttributedType) {
        String customAttributesDN = getCustomAttributesDN(lDAPAttributedType.getDN());
        LDAPCustomAttributes lDAPCustomAttributes = null;
        try {
            lDAPCustomAttributes = (LDAPCustomAttributes) getLDAPManager().lookup(customAttributesDN);
        } catch (Exception e) {
        }
        if (lDAPCustomAttributes == null) {
            getLDAPManager().bind(customAttributesDN, lDAPAttributedType.getCustomAttributes());
        }
        return lDAPCustomAttributes;
    }

    private Group getParentGroup(LDAPGroup lDAPGroup) {
        BasicAttributes basicAttributes = new BasicAttributes(true);
        basicAttributes.put(new BasicAttribute(LDAPConstants.MEMBER, "cn=" + lDAPGroup.getName() + LDAPConstants.COMMA + this.configuration.getGroupDNSuffix()));
        NamingEnumeration<SearchResult> namingEnumeration = null;
        try {
            try {
                namingEnumeration = getLDAPManager().search(this.configuration.getGroupDNSuffix(), basicAttributes, new String[]{LDAPConstants.CN});
                if (namingEnumeration.hasMoreElements()) {
                    Group group = getGroup((String) ((SearchResult) namingEnumeration.nextElement()).getAttributes().get(LDAPConstants.CN).get());
                    if (namingEnumeration != null) {
                        try {
                            namingEnumeration.close();
                        } catch (NamingException e) {
                        }
                    }
                    return group;
                }
                if (namingEnumeration == null) {
                    return null;
                }
                try {
                    namingEnumeration.close();
                    return null;
                } catch (NamingException e2) {
                    return null;
                }
            } catch (NamingException e3) {
                throw new RuntimeException("Error looking parent group for [" + lDAPGroup.getDN() + "]", e3);
            }
        } catch (Throwable th) {
            if (namingEnumeration != null) {
                try {
                    namingEnumeration.close();
                } catch (NamingException e4) {
                }
            }
            throw th;
        }
    }

    private void addGroup(Group group) {
        if (group.getName() == null) {
            throw new IdentityManagementException("No name was provided.");
        }
        if (getGroup(group.getName()) != null) {
            throw new IdentityManagementException("Group already exists with the given name [" + group.getName() + "] for the given Partition [" + getContext().getPartition().getName() + "]");
        }
        LDAPGroup lDAPGroup = new LDAPGroup(m8getConfig().getGroupDNSuffix());
        lDAPGroup.setName(group.getName());
        addIdentityType(group, lDAPGroup);
        if (group.getParentGroup() != null) {
            String name = group.getParentGroup().getName();
            LDAPGroup lDAPGroup2 = (LDAPGroup) lookupEntryByDN(new LDAPGroup(name, m8getConfig().getGroupDNSuffix()));
            if (lDAPGroup2 == null) {
                throw new RuntimeException("Parent group [" + name + "] does not exists.");
            }
            lDAPGroup2.addChildGroup(lDAPGroup);
            lDAPGroup.setParentGroup(lDAPGroup2);
            getLDAPManager().modifyAttribute(lDAPGroup2.getDN(), lDAPGroup2.getLDAPAttributes().get(LDAPConstants.MEMBER));
        }
    }

    private void addRole(Role role) {
        if (role.getName() == null) {
            throw new IdentityManagementException("No name was provided.");
        }
        if (getRole(role.getName()) != null) {
            throw new IdentityManagementException("Role already exists with the given name [" + role.getName() + "] for the given Partition [" + getContext().getPartition().getName() + "]");
        }
        LDAPRole lDAPRole = new LDAPRole(m8getConfig().getRoleDNSuffix());
        lDAPRole.setName(role.getName());
        addIdentityType(role, lDAPRole);
    }

    private void addAgent(Agent agent) {
        LDAPAgent lDAPAgent = new LDAPAgent(m8getConfig().getAgentDNSuffix());
        lDAPAgent.setLoginName(agent.getLoginName());
        addIdentityType(agent, lDAPAgent);
    }

    private void addUser(User user) {
        LDAPUser lDAPUser = new LDAPUser(m8getConfig().getUserDNSuffix());
        lDAPUser.setLoginName(user.getLoginName());
        lDAPUser.setFirstName(user.getFirstName());
        lDAPUser.setLastName(user.getLastName());
        lDAPUser.setFullName(lDAPUser.getUserCN());
        lDAPUser.setEmail(user.getEmail());
        addIdentityType(user, lDAPUser);
    }

    private void updateGroup(Group group) {
        updateIdentityType(group, (LDAPGroup) lookupEntry(group));
    }

    private void updateRole(Role role) {
        updateIdentityType(role, (LDAPRole) lookupEntry(role));
    }

    private void updateAgent(Agent agent) {
        updateIdentityType(agent, (LDAPAgent) lookupEntry(agent));
    }

    private void updateUser(User user) {
        LDAPUser lDAPUser = (LDAPUser) lookupEntry(user);
        lDAPUser.setFirstName(user.getFirstName());
        lDAPUser.setLastName(user.getLastName());
        lDAPUser.setFullName(lDAPUser.getUserCN());
        lDAPUser.setEmail(user.getEmail());
        updateIdentityType(user, lDAPUser);
    }

    private String getBaseDN(Class<? extends IdentityType> cls) {
        return IDMUtil.isUserType(cls) ? m8getConfig().getUserDNSuffix() : IDMUtil.isRoleType(cls) ? m8getConfig().getRoleDNSuffix() : IDMUtil.isGroupType(cls) ? m8getConfig().getGroupDNSuffix() : IDMUtil.isAgentType(cls) ? m8getConfig().getAgentDNSuffix() : m8getConfig().getBaseDN();
    }

    private void addGroupRoleRelationship(GroupRole groupRole) {
        Group group = groupRole.getGroup();
        if (group == null) {
            throw new IdentityManagementException("You must specify a group for this relationship type.");
        }
        Role role = groupRole.getRole();
        if (role == null) {
            throw new IdentityManagementException("You must specify a role for this relationship type.");
        }
        Agent member = groupRole.getMember();
        if (!Agent.class.isInstance(member)) {
            throw new IdentityManagementException("You must assign a valid Agent instance for this relationship type.");
        }
        Agent agent = member;
        if (agent == null) {
            throw new IdentityManagementException("You must assign a agent for this relationship type.");
        }
        LDAPAgent lDAPAgent = (LDAPAgent) lookupEntry(agent);
        LDAPGroup lDAPGroup = (LDAPGroup) lookupEntry(group);
        LDAPRole lDAPRole = (LDAPRole) lookupEntry(role);
        LDAPEntry lDAPGroupRole = new LDAPGroupRole(lDAPAgent, lDAPGroup, lDAPRole);
        NamingEnumeration<SearchResult> search = getLDAPManager().search(lDAPAgent.getDN(), lDAPGroupRole.getBidingName());
        try {
            try {
                if (!search.hasMore()) {
                    getLDAPManager().createSubContext(lDAPGroupRole.getDN(), lDAPGroupRole.getLDAPAttributes());
                }
                addMember(lDAPGroupRole, lDAPRole);
                addGrantRelationship(new Grant(agent, role));
                addGroupMembership(new GroupMembership(agent, group));
            } catch (Exception e) {
                throw new IdentityManagementException("Error creating GroupRole relationship.", e);
            }
        } finally {
            if (search != null) {
                try {
                    search.close();
                } catch (NamingException e2) {
                }
            }
        }
    }

    private void addGroupMembership(GroupMembership groupMembership) {
        Group group = groupMembership.getGroup();
        if (group == null) {
            throw new IdentityManagementException("You must specify a group for this relationship type.");
        }
        LDAPGroup lDAPGroup = (LDAPGroup) lookupEntry(group);
        IdentityType member = groupMembership.getMember();
        if (!Agent.class.isInstance(member)) {
            throw new IdentityManagementException("Only Agent types are supported for this relationship type.");
        }
        addMember(lDAPGroup, (LDAPAgent) lookupEntry(member));
    }

    private void addGrantRelationship(Grant grant) {
        Role role = grant.getRole();
        if (role == null) {
            throw new IdentityManagementException("You must assign a role for this relationship type.");
        }
        LDAPRole lDAPRole = (LDAPRole) lookupEntry(role);
        if (!Agent.class.isInstance(grant.getAssignee())) {
            throw new IdentityManagementException("You must assign a valid Agent instance for this relationship type.");
        }
        Agent assignee = grant.getAssignee();
        if (assignee == null) {
            throw new IdentityManagementException("You must assign a agent for this relationship type.");
        }
        addMember(lDAPRole, (LDAPAgent) lookupEntry(assignee));
    }

    private void addMember(LDAPEntry lDAPEntry, LDAPEntry lDAPEntry2) {
        lDAPEntry.addMember(lDAPEntry2);
        getLDAPManager().modifyAttribute(lDAPEntry.getDN(), lDAPEntry.getLDAPAttributes().get(LDAPConstants.MEMBER));
    }

    private <T extends IdentityType> T lookupEntry(T t) {
        LDAPIdentityType lookupEntryById;
        if (Agent.class.isInstance(t)) {
            Agent agent = (Agent) t;
            lookupEntryById = User.class.isInstance(agent) ? lookupEntryById(LDAPUser.class, agent.getId()) : lookupEntryById(LDAPAgent.class, agent.getId());
        } else if (Role.class.isInstance(t)) {
            lookupEntryById = lookupEntryById(LDAPRole.class, t.getId());
        } else {
            if (!Group.class.isInstance(t)) {
                throw new IdentityManagementException("Unsupported type [" + t.getClass().getName() + "].");
            }
            lookupEntryById = lookupEntryById(LDAPGroup.class, t.getId());
        }
        return lookupEntryById;
    }

    private String createParentGroupFilter(IdentityQuery<?> identityQuery) {
        LDAPGroup lDAPGroup = (LDAPGroup) lookupEntryByDN(new LDAPGroup(((Object[]) identityQuery.getParameters().get(Group.PARENT))[0].toString(), m8getConfig().getGroupDNSuffix()));
        NamingEnumeration namingEnumeration = null;
        StringBuffer stringBuffer = new StringBuffer();
        try {
            try {
                namingEnumeration = lDAPGroup.getLDAPAttributes().get(LDAPConstants.MEMBER).getAll();
                while (namingEnumeration.hasMoreElements()) {
                    String str = (String) namingEnumeration.nextElement();
                    if (!str.toString().trim().isEmpty()) {
                        stringBuffer.append("(").append(str.split(LDAPConstants.COMMA)[0]).append(")");
                    }
                }
                if (namingEnumeration != null) {
                    try {
                        namingEnumeration.close();
                    } catch (NamingException e) {
                    }
                }
                return stringBuffer.toString();
            } catch (Throwable th) {
                if (namingEnumeration != null) {
                    try {
                        namingEnumeration.close();
                    } catch (NamingException e2) {
                    }
                }
                throw th;
            }
        } catch (NamingException e3) {
            throw new IdentityManagementException(e3);
        }
    }

    private String createHasMemberFilter(IdentityQuery<?> identityQuery) {
        Object[] objArr = (Object[]) identityQuery.getParameters().get(Group.HAS_MEMBER);
        Agent[] agentArr = new Agent[objArr.length];
        for (int i = 0; i < objArr.length; i++) {
            agentArr[i] = (Agent) objArr[i];
        }
        return createMembersFilter(agentArr, this.configuration.getGroupDNSuffix());
    }

    private String createRoleOfFilter(IdentityQuery<?> identityQuery) {
        Object[] objArr = (Object[]) identityQuery.getParameters().get(Role.ROLE_OF);
        Agent[] agentArr = new Agent[objArr.length];
        for (int i = 0; i < objArr.length; i++) {
            agentArr[i] = (Agent) objArr[i];
        }
        return createMembersFilter(agentArr, this.configuration.getRoleDNSuffix());
    }

    private String createGroupRoleFilter(IdentityQuery<?> identityQuery) {
        Object[] objArr = (Object[]) identityQuery.getParameters().get(User.HAS_GROUP_ROLE);
        StringBuffer stringBuffer = new StringBuffer();
        NamingEnumeration<SearchResult> namingEnumeration = null;
        try {
            try {
                for (Object obj : objArr) {
                    GroupRole groupRole = (GroupRole) obj;
                    Agent member = groupRole.getMember();
                    String agentDNSuffix = m8getConfig().getAgentDNSuffix();
                    if (User.class.isInstance(member)) {
                        agentDNSuffix = m8getConfig().getUserDNSuffix();
                    }
                    namingEnumeration = getLDAPManager().search(agentDNSuffix, "(cn=" + groupRole.getGroup().getName() + ")");
                    if (namingEnumeration.hasMoreElements()) {
                        while (namingEnumeration.hasMoreElements()) {
                            SearchResult searchResult = (SearchResult) namingEnumeration.next();
                            String str = searchResult.getNameInNamespace().split(LDAPConstants.COMMA)[1];
                            if (searchResult.getAttributes().get(LDAPConstants.MEMBER).contains("cn=" + groupRole.getRole().getName() + LDAPConstants.COMMA + this.configuration.getRoleDNSuffix())) {
                                stringBuffer.append("(").append(str).append(")");
                            }
                        }
                    }
                }
                return stringBuffer.toString();
            } finally {
                if (namingEnumeration != null) {
                    try {
                        namingEnumeration.close();
                    } catch (NamingException e) {
                    }
                }
            }
        } catch (Exception e2) {
            throw new IdentityManagementException(e2);
        }
    }

    private String createMemberOfFilter(IdentityQuery<?> identityQuery) {
        Object[] objArr = (Object[]) identityQuery.getParameters().get(User.MEMBER_OF);
        LDAPEntry[] lDAPEntryArr = new LDAPEntry[objArr.length];
        for (int i = 0; i < objArr.length; i++) {
            Object obj = objArr[i];
            if (obj != null) {
                lDAPEntryArr[i] = lookupEntryByDN(new LDAPGroup(obj.toString(), m8getConfig().getGroupDNSuffix()));
            }
        }
        return createParentMembersFilter(lDAPEntryArr);
    }

    private String createHasRoleFilter(IdentityQuery<?> identityQuery) {
        Object[] objArr = (Object[]) identityQuery.getParameters().get(User.HAS_ROLE);
        LDAPEntry[] lDAPEntryArr = new LDAPEntry[objArr.length];
        for (int i = 0; i < objArr.length; i++) {
            lDAPEntryArr[i] = lookupEntryByDN(new LDAPRole(objArr[i].toString(), m8getConfig().getRoleDNSuffix()));
        }
        return createParentMembersFilter(lDAPEntryArr);
    }

    /* JADX WARN: Finally extract failed */
    private String createMembersFilter(Agent[] agentArr, String str) {
        String str2 = "";
        for (Agent agent : agentArr) {
            LDAPAgent lDAPAgent = User.class.isInstance(agent) ? (LDAPAgent) lookupEntryByDN(new LDAPUser(agent.getLoginName(), m8getConfig().getUserDNSuffix())) : (LDAPAgent) lookupEntryByDN(new LDAPAgent(agent.getLoginName(), m8getConfig().getAgentDNSuffix()));
            if (lDAPAgent != null) {
                str2 = str2 + "(member=" + lDAPAgent.getDN() + ")";
            }
        }
        StringBuffer stringBuffer = new StringBuffer();
        if (str2.length() > 0) {
            NamingEnumeration<SearchResult> namingEnumeration = null;
            try {
                try {
                    namingEnumeration = getLDAPManager().search(str, str2.toString());
                    while (namingEnumeration.hasMoreElements()) {
                        stringBuffer.append("(").append(LDAPConstants.CN).append(LDAPConstants.EQUAL).append(((SearchResult) namingEnumeration.next()).getAttributes().get(LDAPConstants.CN).get().toString()).append(")");
                    }
                    if (namingEnumeration != null) {
                        try {
                            namingEnumeration.close();
                        } catch (NamingException e) {
                        }
                    }
                } catch (Throwable th) {
                    if (namingEnumeration != null) {
                        try {
                            namingEnumeration.close();
                        } catch (NamingException e2) {
                        }
                    }
                    throw th;
                }
            } catch (Exception e3) {
                throw new IdentityManagementException(e3);
            }
        }
        if (stringBuffer.length() > 0) {
            stringBuffer.insert(0, "(|");
            stringBuffer.append(")");
        }
        return stringBuffer.toString();
    }

    private String createParentMembersFilter(LDAPEntry[] lDAPEntryArr) {
        StringBuffer stringBuffer = new StringBuffer();
        HashMap hashMap = new HashMap();
        for (LDAPEntry lDAPEntry : lDAPEntryArr) {
            if (lDAPEntry != null) {
                NamingEnumeration namingEnumeration = null;
                try {
                    try {
                        namingEnumeration = lDAPEntry.getLDAPAttributes().get(LDAPConstants.MEMBER).getAll();
                        while (namingEnumeration.hasMoreElements()) {
                            String str = (String) namingEnumeration.nextElement();
                            if (!str.trim().isEmpty()) {
                                String str2 = str.split(LDAPConstants.COMMA)[0];
                                if (hashMap.containsKey(str2)) {
                                    hashMap.put(str2, Integer.valueOf(((Integer) hashMap.get(str2)).intValue() + 1));
                                } else {
                                    hashMap.put(str2, 1);
                                }
                                stringBuffer.append("(").append(str2).append(")");
                            }
                        }
                        if (namingEnumeration != null) {
                            try {
                                namingEnumeration.close();
                            } catch (NamingException e) {
                            }
                        }
                    } catch (Throwable th) {
                        if (namingEnumeration != null) {
                            try {
                                namingEnumeration.close();
                            } catch (NamingException e2) {
                            }
                        }
                        throw th;
                    }
                } catch (NamingException e3) {
                    throw new IdentityManagementException(e3);
                }
            }
        }
        for (Map.Entry entry : hashMap.entrySet()) {
            if (!((Integer) entry.getValue()).equals(Integer.valueOf(lDAPEntryArr.length))) {
                stringBuffer = new StringBuffer(stringBuffer.toString().replaceAll("\\(" + ((String) entry.getKey()) + "\\)", ""));
            }
        }
        if (stringBuffer.length() > 0) {
            stringBuffer.insert(0, "(|");
            stringBuffer.append(")");
        }
        return stringBuffer.toString();
    }

    private String getIdAttribute(Class<? extends IdentityType> cls) {
        String str = null;
        if (IDMUtil.isAgentType(cls)) {
            str = LDAPConstants.UID;
        } else if (IDMUtil.isRoleType(cls)) {
            str = LDAPConstants.CN;
        } else if (IDMUtil.isGroupType(cls)) {
            str = LDAPConstants.CN;
        }
        return str;
    }

    private IdentityManagementException createUnsupportedIdentityTypeException(Class<? extends IdentityType> cls) {
        return new IdentityManagementException("Unsupported IdentityType [" + cls.getName() + "].");
    }

    private IdentityManagementException createUnsupportedAttributedType(Class<? extends AttributedType> cls) {
        return new IdentityManagementException("Unsupported AttributedType [" + cls.getName() + "].");
    }

    private IdentityManagementException createUnsupportedRelationshipType(Class<? extends Relationship> cls) {
        return new IdentityManagementException("Unsupported Relationship type [" + cls.getName() + "].");
    }
}
