package org.picketlink.idm.ldap.internal;

import java.util.Date;
import javax.naming.directory.BasicAttribute;
import javax.naming.directory.ModificationItem;
import org.picketlink.idm.IdentityManagementException;
import org.picketlink.idm.credential.Password;
import org.picketlink.idm.credential.UsernamePasswordCredentials;
import org.picketlink.idm.credential.handler.AbstractCredentialHandler;
import org.picketlink.idm.credential.handler.annotations.SupportsCredentials;
import org.picketlink.idm.credential.storage.CredentialStorage;
import org.picketlink.idm.model.Account;
import org.picketlink.idm.spi.IdentityContext;

@SupportsCredentials(credentialClass = {UsernamePasswordCredentials.class, Password.class}, credentialStorage = SupportsCredentials.NO_CREDENTIAL_STORAGE.class)
/* loaded from: input_file:WEB-INF/lib/picketlink-idm-impl-2.5.5.SP1.jar:org/picketlink/idm/ldap/internal/LDAPPlainTextPasswordCredentialHandler.class */
public class LDAPPlainTextPasswordCredentialHandler<S, V, U> extends AbstractCredentialHandler<LDAPIdentityStore, UsernamePasswordCredentials, Password> {
    private static final String USER_PASSWORD_ATTRIBUTE = "userpassword";

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.picketlink.idm.credential.handler.AbstractCredentialHandler
    public boolean validateCredential(IdentityContext identityContext, CredentialStorage credentialStorage, UsernamePasswordCredentials usernamePasswordCredentials, LDAPIdentityStore lDAPIdentityStore) {
        return lDAPIdentityStore.getOperationManager().authenticate(lDAPIdentityStore.getBindingDN(getAccount(identityContext, usernamePasswordCredentials.getUsername()), true), new String(usernamePasswordCredentials.getPassword().getValue()));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.picketlink.idm.credential.handler.AbstractCredentialHandler
    public Account getAccount(IdentityContext identityContext, UsernamePasswordCredentials usernamePasswordCredentials) {
        return getAccount(identityContext, usernamePasswordCredentials.getUsername());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.picketlink.idm.credential.handler.AbstractCredentialHandler
    public CredentialStorage getCredentialStorage(IdentityContext identityContext, Account account, UsernamePasswordCredentials usernamePasswordCredentials, LDAPIdentityStore lDAPIdentityStore) {
        return null;
    }

    @Override // org.picketlink.idm.credential.handler.AbstractCredentialHandler, org.picketlink.idm.credential.handler.CredentialHandler
    public void update(IdentityContext identityContext, Account account, Password password, LDAPIdentityStore lDAPIdentityStore, Date date, Date date2) {
        if (lDAPIdentityStore.getConfig().isActiveDirectory()) {
            updateADPassword(account, new String(password.getValue()), lDAPIdentityStore);
            return;
        }
        ModificationItem[] modificationItemArr = new ModificationItem[1];
        try {
            BasicAttribute basicAttribute = new BasicAttribute(USER_PASSWORD_ATTRIBUTE, new String(password.getValue()));
            modificationItemArr[0] = new ModificationItem(2, basicAttribute);
            lDAPIdentityStore.getOperationManager().modifyAttribute(lDAPIdentityStore.getBindingDN(account, true), basicAttribute);
        } catch (Exception e) {
            throw new IdentityManagementException("Error updating password.", e);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.picketlink.idm.credential.handler.AbstractCredentialHandler
    public CredentialStorage createCredentialStorage(IdentityContext identityContext, Account account, Password password, LDAPIdentityStore lDAPIdentityStore, Date date, Date date2) {
        throw new RuntimeException("This handler does not store passwords using a credential storage.");
    }

    private void updateADPassword(Account account, String str, LDAPIdentityStore lDAPIdentityStore) {
        try {
            lDAPIdentityStore.getOperationManager().modifyAttribute(lDAPIdentityStore.getBindingDN(account, true), new BasicAttribute("unicodePwd", ("\"" + str + "\"").getBytes("UTF-16LE")));
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }
}
