package org.exoplatform.services.organization.ldap;

import javax.naming.NamingException;
import javax.naming.directory.Attributes;
import javax.naming.directory.BasicAttribute;
import javax.naming.directory.ModificationItem;
import javax.naming.ldap.LdapContext;
import org.exoplatform.services.ldap.LDAPService;
import org.exoplatform.services.organization.User;

/* loaded from: input_file:org/exoplatform/services/organization/ldap/ADUserDAOImpl.class */
public class ADUserDAOImpl extends UserDAOImpl {
    int UF_ACCOUNTDISABLE;
    int UF_PASSWD_NOTREQD;
    int UF_NORMAL_ACCOUNT;
    int UF_PASSWORD_EXPIRED;

    public ADUserDAOImpl(LDAPAttributeMapping lDAPAttributeMapping, LDAPService lDAPService) throws Exception {
        super(lDAPAttributeMapping, lDAPService);
        this.UF_ACCOUNTDISABLE = 2;
        this.UF_PASSWD_NOTREQD = 32;
        this.UF_NORMAL_ACCOUNT = 512;
        this.UF_PASSWORD_EXPIRED = 8388608;
        LDAPUserPageList.SEARCH_CONTROL = true;
    }

    @Override // org.exoplatform.services.organization.ldap.UserDAOImpl
    public void createUser(User user, boolean z) throws Exception {
        String str = this.ldapAttrMapping.userDNKey + "=" + user.getUserName() + "," + this.ldapAttrMapping.userURL;
        Attributes userToAttributes = this.ldapAttrMapping.userToAttributes(user);
        userToAttributes.put("userAccountControl", Integer.toString(this.UF_NORMAL_ACCOUNT + this.UF_PASSWD_NOTREQD + this.UF_PASSWORD_EXPIRED + this.UF_ACCOUNTDISABLE));
        userToAttributes.remove(this.ldapAttrMapping.userPassword);
        LdapContext ldapContext = this.ldapService.getLdapContext();
        int i = 0;
        while (true) {
            if (z) {
                try {
                    preSave(user, true);
                } catch (NamingException e) {
                    try {
                        if (!isConnectionError(e) || i >= getMaxConnectionError()) {
                            throw e;
                        }
                        ldapContext = this.ldapService.getLdapContext(true);
                        i++;
                    } finally {
                        this.ldapService.release(ldapContext);
                    }
                }
            }
            ldapContext.createSubcontext(str, userToAttributes);
            if (!z) {
                break;
            }
            postSave(user, true);
            break;
        }
        saveUserPassword(user, str);
    }

    @Override // org.exoplatform.services.organization.ldap.UserDAOImpl
    void saveUserPassword(User user, String str) throws Exception {
        Object obj = this.ldapService.getLdapContext().getEnvironment().get("java.naming.security.protocol");
        if (obj != null && String.valueOf(obj).equalsIgnoreCase("ssl")) {
            ModificationItem[] modificationItemArr = {new ModificationItem(2, new BasicAttribute(this.ldapAttrMapping.userPassword, ("\"" + user.getPassword() + "\"").getBytes("UTF-16LE"))), new ModificationItem(2, new BasicAttribute("userAccountControl", Integer.toString(this.UF_NORMAL_ACCOUNT + this.UF_PASSWORD_EXPIRED)))};
            LdapContext ldapContext = this.ldapService.getLdapContext();
            int i = 0;
            while (true) {
                try {
                    try {
                        ldapContext.modifyAttributes(str, modificationItemArr);
                        return;
                    } catch (NamingException e) {
                        if (!isConnectionError(e) || i >= getMaxConnectionError()) {
                            throw e;
                        }
                        ldapContext = this.ldapService.getLdapContext(true);
                        i++;
                    }
                } finally {
                    this.ldapService.release(ldapContext);
                }
            }
            throw e;
        }
    }
}
