package org.picketlink.idm.ldap.internal;

import javax.naming.directory.BasicAttribute;
import javax.naming.directory.ModificationItem;
import org.apache.commons.lang.CharEncoding;
import org.picketlink.idm.credential.Credentials;
import org.picketlink.idm.credential.PlainTextPassword;
import org.picketlink.idm.credential.UsernamePasswordCredentials;
import org.picketlink.idm.credential.internal.PlainTextPasswordCredentialHandler;
import org.picketlink.idm.credential.spi.annotations.SupportsCredentials;
import org.picketlink.idm.credential.spi.annotations.SupportsStores;
import org.picketlink.idm.model.Agent;
import org.picketlink.idm.spi.IdentityStore;

@SupportsStores({LDAPIdentityStore.class})
@SupportsCredentials({UsernamePasswordCredentials.class, PlainTextPassword.class})
/* loaded from: input_file:WEB-INF/lib/picketlink-idm-impl-3.0-2013Jan04.jar:org/picketlink/idm/ldap/internal/LDAPPlainTextPasswordCredentialHandler.class */
public class LDAPPlainTextPasswordCredentialHandler extends PlainTextPasswordCredentialHandler {
    private static final String USER_PASSWORD_ATTRIBUTE = "userpassword";

    @Override // org.picketlink.idm.credential.internal.PlainTextPasswordCredentialHandler
    protected void doUpdate(Agent agent, IdentityStore<?> identityStore, PlainTextPassword plainTextPassword) {
        LDAPIdentityStore lDAPIdentityStore = getLDAPIdentityStore(identityStore);
        LDAPUser lDAPUser = (LDAPUser) lDAPIdentityStore.getUser(agent.getId());
        if (lDAPIdentityStore.getConfig().isActiveDirectory()) {
            updateADPassword(lDAPUser, new String(plainTextPassword.getValue()), lDAPIdentityStore);
            return;
        }
        ModificationItem[] modificationItemArr = new ModificationItem[1];
        try {
            BasicAttribute basicAttribute = new BasicAttribute(USER_PASSWORD_ATTRIBUTE, new String(plainTextPassword.getValue()));
            modificationItemArr[0] = new ModificationItem(2, basicAttribute);
            lDAPIdentityStore.getLdapManager().modifyAttribute(lDAPUser.getDN(), basicAttribute);
        } catch (Exception e) {
        }
    }

    private LDAPIdentityStore getLDAPIdentityStore(IdentityStore<?> identityStore) {
        if (LDAPIdentityStore.class.isInstance(identityStore)) {
            return (LDAPIdentityStore) identityStore;
        }
        throw new IllegalArgumentException("IdentityStore class [" + identityStore.getClass() + "] not supported by this handler.");
    }

    @Override // org.picketlink.idm.credential.internal.PlainTextPasswordCredentialHandler
    protected void doValidate(Agent agent, UsernamePasswordCredentials usernamePasswordCredentials, IdentityStore<?> identityStore) {
        if (getLDAPIdentityStore(identityStore).getLdapManager().authenticate(((LDAPUser) getLDAPIdentityStore(identityStore).getUser(agent.getId())).getDN(), new String(usernamePasswordCredentials.getPassword().getValue()))) {
            usernamePasswordCredentials.setStatus(Credentials.Status.VALID);
        }
    }

    private void updateADPassword(LDAPUser lDAPUser, String str, LDAPIdentityStore lDAPIdentityStore) {
        try {
            lDAPIdentityStore.getLdapManager().modifyAttribute(lDAPUser.getDN(), new BasicAttribute("unicodePwd", ("\"" + str + "\"").getBytes(CharEncoding.UTF_16LE)));
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }
}
