package org.wildfly.security.auth.provider.ldap;

import java.security.spec.InvalidKeySpecException;
import java.util.HashMap;
import java.util.Map;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.DirContext;
import org.wildfly.security.auth.server.CredentialSupport;
import org.wildfly.security.password.Password;
import org.wildfly.security.password.interfaces.BSDUnixDESCryptPassword;
import org.wildfly.security.password.interfaces.ClearPassword;
import org.wildfly.security.password.interfaces.SaltedSimpleDigestPassword;
import org.wildfly.security.password.interfaces.SimpleDigestPassword;
import org.wildfly.security.password.interfaces.UnixDESCryptPassword;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:org/wildfly/security/auth/provider/ldap/UserPasswordCredentialLoader.class */
public class UserPasswordCredentialLoader implements CredentialLoader {
    static final String DEFAULT_USER_PASSWORD_ATTRIBUTE_NAME = "userPassword";
    static Map<Class<?>, CredentialSupport> DEFAULT_CREDENTIAL_SUPPORT = new HashMap();
    private final String userPasswordAttributeName;

    /* loaded from: input_file:org/wildfly/security/auth/provider/ldap/UserPasswordCredentialLoader$ForIdentityLoader.class */
    private class ForIdentityLoader implements IdentityCredentialLoader {
        private final DirContextFactory contextFactory;
        private final String distinguishedName;

        public ForIdentityLoader(DirContextFactory dirContextFactory, String str) {
            this.contextFactory = dirContextFactory;
            this.distinguishedName = str;
        }

        @Override // org.wildfly.security.auth.provider.ldap.IdentityCredentialLoader
        public CredentialSupport getCredentialSupport(Class<?> cls) {
            Object credential = getCredential(cls);
            return (credential == null || !cls.isInstance(credential)) ? CredentialSupport.UNSUPPORTED : CredentialSupport.FULLY_SUPPORTED;
        }

        @Override // org.wildfly.security.auth.provider.ldap.IdentityCredentialLoader
        public <C> C getCredential(Class<C> cls) {
            DirContext dirContext = null;
            try {
                try {
                    dirContext = this.contextFactory.obtainDirContext(null);
                    Attribute attribute = dirContext.getAttributes(this.distinguishedName, new String[]{UserPasswordCredentialLoader.this.userPasswordAttributeName}).get(UserPasswordCredentialLoader.this.userPasswordAttributeName);
                    for (int i = 0; i < attribute.size(); i++) {
                        Password parseUserPassword = UserPasswordPasswordUtil.parseUserPassword((byte[]) attribute.get(i));
                        if (cls.isInstance(parseUserPassword)) {
                            C cast = cls.cast(parseUserPassword);
                            this.contextFactory.returnContext(dirContext);
                            return cast;
                        }
                    }
                    this.contextFactory.returnContext(dirContext);
                    return null;
                } finally {
                    this.contextFactory.returnContext(dirContext);
                }
            } catch (NamingException | InvalidKeySpecException e) {
                return null;
            }
        }
    }

    public UserPasswordCredentialLoader(String str) {
        this.userPasswordAttributeName = str;
    }

    @Override // org.wildfly.security.auth.provider.ldap.CredentialLoader
    public CredentialSupport getCredentialSupport(DirContextFactory dirContextFactory, Class<?> cls) {
        CredentialSupport credentialSupport = DEFAULT_CREDENTIAL_SUPPORT.get(cls);
        if (credentialSupport == null) {
            credentialSupport = CredentialSupport.UNSUPPORTED;
        }
        return credentialSupport;
    }

    @Override // org.wildfly.security.auth.provider.ldap.CredentialLoader
    public IdentityCredentialLoader forIdentity(DirContextFactory dirContextFactory, String str) {
        return new ForIdentityLoader(dirContextFactory, str);
    }

    static {
        DEFAULT_CREDENTIAL_SUPPORT.put(ClearPassword.class, CredentialSupport.UNKNOWN);
        DEFAULT_CREDENTIAL_SUPPORT.put(SimpleDigestPassword.class, CredentialSupport.UNKNOWN);
        DEFAULT_CREDENTIAL_SUPPORT.put(SaltedSimpleDigestPassword.class, CredentialSupport.UNKNOWN);
        DEFAULT_CREDENTIAL_SUPPORT.put(BSDUnixDESCryptPassword.class, CredentialSupport.UNKNOWN);
        DEFAULT_CREDENTIAL_SUPPORT.put(UnixDESCryptPassword.class, CredentialSupport.UNKNOWN);
    }
}
