package org.traccar.database;

import java.util.Hashtable;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.traccar.config.Config;
import org.traccar.model.User;

/* loaded from: input_file:org/traccar/database/LdapProvider.class */
public class LdapProvider {
    private static final Logger LOGGER = LoggerFactory.getLogger(LdapProvider.class);
    private String url;
    private String searchBase;
    private String idAttribute;
    private String nameAttribute;
    private String mailAttribute;
    private String searchFilter;
    private String adminFilter;
    private String serviceUser;
    private String servicePassword;

    public LdapProvider(Config config) {
        String string = config.getString("ldap.url");
        if (string != null) {
            this.url = string;
        } else {
            this.url = "ldap://" + config.getString("ldap.server") + ":" + config.getInteger("ldap.port", 389);
        }
        this.searchBase = config.getString("ldap.base");
        this.idAttribute = config.getString("ldap.idAttribute", "uid");
        this.nameAttribute = config.getString("ldap.nameAttribute", "cn");
        this.mailAttribute = config.getString("ldap.mailAttribute", "mail");
        this.searchFilter = config.getString("ldap.searchFilter", "(" + this.idAttribute + "=:login)");
        String string2 = config.getString("ldap.adminGroup");
        this.adminFilter = config.getString("ldap.adminFilter");
        if (this.adminFilter == null && string2 != null) {
            this.adminFilter = "(&(" + this.idAttribute + "=:login)(memberOf=" + string2 + "))";
        }
        this.serviceUser = config.getString("ldap.user");
        this.servicePassword = config.getString("ldap.password");
    }

    private InitialDirContext auth(String str, String str2) throws NamingException {
        Hashtable hashtable = new Hashtable();
        hashtable.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
        hashtable.put("java.naming.provider.url", this.url);
        hashtable.put("java.naming.security.authentication", "simple");
        hashtable.put("java.naming.security.principal", str);
        hashtable.put("java.naming.security.credentials", str2);
        return new InitialDirContext(hashtable);
    }

    private boolean isAdmin(String str) {
        if (this.adminFilter == null) {
            return false;
        }
        try {
            InitialDirContext initContext = initContext();
            String replace = this.adminFilter.replace(":login", str);
            SearchControls searchControls = new SearchControls();
            searchControls.setSearchScope(2);
            NamingEnumeration search = initContext.search(this.searchBase, replace, searchControls);
            if (!search.hasMoreElements()) {
                return false;
            }
            search.nextElement();
            if (!search.hasMoreElements()) {
                return true;
            }
            LOGGER.warn("Matched multiple users for the accountName: " + str);
            return false;
        } catch (NamingException e) {
            return false;
        }
    }

    public InitialDirContext initContext() throws NamingException {
        return auth(this.serviceUser, this.servicePassword);
    }

    private SearchResult lookupUser(String str) throws NamingException {
        InitialDirContext initContext = initContext();
        String replace = this.searchFilter.replace(":login", str);
        SearchControls searchControls = new SearchControls();
        searchControls.setReturningAttributes(new String[]{this.idAttribute, this.nameAttribute, this.mailAttribute});
        searchControls.setSearchScope(2);
        NamingEnumeration search = initContext.search(this.searchBase, replace, searchControls);
        SearchResult searchResult = null;
        if (search.hasMoreElements()) {
            searchResult = (SearchResult) search.nextElement();
            if (search.hasMoreElements()) {
                LOGGER.warn("Matched multiple users for the accountName: " + str);
                return null;
            }
        }
        return searchResult;
    }

    public User getUser(String str) {
        User user = new User();
        try {
            SearchResult lookupUser = lookupUser(str);
            if (lookupUser != null) {
                Attribute attribute = lookupUser.getAttributes().get(this.idAttribute);
                if (attribute != null) {
                    user.setLogin((String) attribute.get());
                } else {
                    user.setLogin(str);
                }
                Attribute attribute2 = lookupUser.getAttributes().get(this.nameAttribute);
                if (attribute2 != null) {
                    user.setName((String) attribute2.get());
                } else {
                    user.setName(str);
                }
                Attribute attribute3 = lookupUser.getAttributes().get(this.mailAttribute);
                if (attribute3 != null) {
                    user.setEmail((String) attribute3.get());
                } else {
                    user.setEmail(str);
                }
            }
            user.setAdministrator(isAdmin(str));
        } catch (NamingException e) {
            user.setLogin(str);
            user.setName(str);
            user.setEmail(str);
            LOGGER.warn("User lookup error", e);
        }
        return user;
    }

    public boolean login(String str, String str2) {
        try {
            SearchResult lookupUser = lookupUser(str);
            if (lookupUser == null) {
                return false;
            }
            auth(lookupUser.getNameInNamespace(), str2).close();
            return true;
        } catch (NamingException e) {
            return false;
        }
    }
}
