package org.jboss.as.domain.management.security;

import java.io.IOException;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.DirContext;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import org.jboss.as.domain.management.DomainManagementLogger;
import org.jboss.as.domain.management.DomainManagementMessages;
import org.jboss.msc.service.Service;
import org.jboss.msc.service.StartContext;
import org.jboss.msc.service.StartException;
import org.jboss.msc.service.StopContext;

/* loaded from: input_file:org/jboss/as/domain/management/security/LdapUserSearcherService.class */
public class LdapUserSearcherService implements Service<LdapUserSearcher> {
    private final LdapUserSearcher searcher;
    protected static final int searchTimeLimit = 10000;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/jboss/as/domain/management/security/LdapUserSearcherService$LdapUserSearcherImpl.class */
    public static class LdapUserSearcherImpl implements LdapUserSearcher {
        final String baseDn;
        final boolean recursive;
        final String userDnAttribute;
        final String userNameAttribute;
        final String advancedFilter;

        private LdapUserSearcherImpl(String str, boolean z, String str2, String str3, String str4) {
            this.baseDn = str;
            this.recursive = z;
            this.userDnAttribute = str2;
            this.userNameAttribute = str3;
            this.advancedFilter = str4;
        }

        @Override // org.jboss.as.domain.management.security.LdapUserSearcher
        public LdapEntry userSearch(DirContext dirContext, String str) throws IOException, NamingException {
            Attribute attribute;
            NamingEnumeration namingEnumeration = null;
            try {
                SearchControls searchControls = new SearchControls();
                if (this.recursive) {
                    DomainManagementLogger.SECURITY_LOGGER.trace("Performing recursive search");
                    searchControls.setSearchScope(2);
                } else {
                    DomainManagementLogger.SECURITY_LOGGER.trace("Performing single level search");
                    searchControls.setSearchScope(1);
                }
                searchControls.setReturningAttributes(new String[]{this.userDnAttribute});
                searchControls.setTimeLimit(LdapUserSearcherService.searchTimeLimit);
                Object[] objArr = {str};
                String str2 = this.userNameAttribute != null ? "(" + this.userNameAttribute + "={0})" : this.advancedFilter;
                DomainManagementLogger.SECURITY_LOGGER.tracef("Searching for user '%s' using filter '%s'.", str, str2);
                NamingEnumeration search = dirContext.search(this.baseDn, str2, objArr, searchControls);
                if (!search.hasMore()) {
                    DomainManagementLogger.SECURITY_LOGGER.tracef("User '%s' not found in directory.", str);
                    throw DomainManagementMessages.MESSAGES.userNotFoundInDirectory(str);
                }
                String str3 = null;
                SearchResult searchResult = (SearchResult) search.next();
                Attributes attributes = searchResult.getAttributes();
                if (attributes != null && (attribute = attributes.get(this.userDnAttribute)) != null) {
                    str3 = (String) attribute.get();
                }
                if (str3 == null) {
                    if (!searchResult.isRelative()) {
                        DomainManagementLogger.SECURITY_LOGGER.tracef("Can't follow referral for authentication: %s", searchResult.getName());
                        throw DomainManagementMessages.MESSAGES.nameNotFound(str);
                    }
                    str3 = searchResult.getName() + ("".equals(this.baseDn) ? "" : "," + this.baseDn);
                }
                DomainManagementLogger.SECURITY_LOGGER.tracef("DN '%s' found for user '%s'", str3, str);
                LdapEntry ldapEntry = new LdapEntry(str, str3);
                if (search != null) {
                    try {
                        search.close();
                    } catch (Exception e) {
                    }
                }
                return ldapEntry;
            } catch (Throwable th) {
                if (0 != 0) {
                    try {
                        namingEnumeration.close();
                    } catch (Exception e2) {
                    }
                }
                throw th;
            }
        }
    }

    private LdapUserSearcherService(LdapUserSearcher ldapUserSearcher) {
        this.searcher = ldapUserSearcher;
    }

    /* renamed from: getValue, reason: merged with bridge method [inline-methods] */
    public LdapUserSearcher m82getValue() throws IllegalStateException, IllegalArgumentException {
        return this.searcher;
    }

    public void start(StartContext startContext) throws StartException {
    }

    public void stop(StopContext stopContext) {
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Service<LdapUserSearcher> createForUsernameIsDn() {
        return new LdapUserSearcherService(new LdapUserSearcher() { // from class: org.jboss.as.domain.management.security.LdapUserSearcherService.1
            @Override // org.jboss.as.domain.management.security.LdapUserSearcher
            public LdapEntry userSearch(DirContext dirContext, String str) {
                return new LdapEntry(str, str);
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Service<LdapUserSearcher> createForUsernameFilter(String str, boolean z, String str2, String str3) {
        return new LdapUserSearcherService(new LdapUserSearcherImpl(str, z, str2, str3, null));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Service<LdapUserSearcher> createForAdvancedFilter(String str, boolean z, String str2, String str3) {
        return new LdapUserSearcherService(new LdapUserSearcherImpl(str, z, str2, null, str3));
    }
}
