package org.jasig.portal.security.provider;

import java.util.Properties;
import javax.naming.AuthenticationException;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.DirContext;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.jasig.portal.ldap.ILdapServer;
import org.jasig.portal.ldap.LdapServices;
import org.jasig.portal.security.IConfigurableSecurityContext;
import org.jasig.portal.security.PortalSecurityException;

/* loaded from: input_file:org/jasig/portal/security/provider/SimpleLdapSecurityContext.class */
public class SimpleLdapSecurityContext extends ChainingSecurityContext implements IConfigurableSecurityContext {
    public static final int ATTR_UID = 0;
    public static final int ATTR_FIRSTNAME = 1;
    public static final int ATTR_LASTNAME = 2;
    public static final String LDAP_PROPERTIES_CONNECTION_NAME = "connection";
    private static final Log log = LogFactory.getLog(SimpleLdapSecurityContext.class);
    private static final String[] attributes = {"uid", "givenName", "sn"};
    private final int SIMPLE_LDAP_SECURITYAUTHTYPE = 65284;
    private Properties ctxProperties = new Properties();

    @Override // org.jasig.portal.security.IConfigurableSecurityContext
    public void setProperties(Properties properties) {
        this.ctxProperties = properties;
    }

    @Override // org.jasig.portal.security.ISecurityContext
    public int getAuthType() {
        getClass();
        return 65284;
    }

    /* JADX WARN: Finally extract failed */
    @Override // org.jasig.portal.security.provider.ChainingSecurityContext, org.jasig.portal.security.ISecurityContext
    public synchronized void authenticate() throws PortalSecurityException {
        this.isauth = false;
        String property = this.ctxProperties.getProperty(LDAP_PROPERTIES_CONNECTION_NAME);
        ILdapServer defaultLdapServer = (property == null || property.length() <= 0) ? LdapServices.getDefaultLdapServer() : LdapServices.getLdapServer(property);
        String str = new String(this.myOpaqueCredentials.credentialstring);
        if (this.myPrincipal.UID == null || this.myPrincipal.UID.trim().equals("") || this.myOpaqueCredentials.credentialstring == null || str.trim().equals("")) {
            log.error("Principal or OpaqueCredentials not initialized prior to authenticate");
        } else {
            StringBuffer stringBuffer = new StringBuffer("(");
            stringBuffer.append(defaultLdapServer.getUidAttribute()).append("=");
            stringBuffer.append(this.myPrincipal.UID).append(")");
            if (log.isDebugEnabled()) {
                log.debug("SimpleLdapSecurityContext: Looking for " + stringBuffer.toString());
            }
            try {
                DirContext connection = defaultLdapServer.getConnection();
                SearchControls searchControls = new SearchControls();
                searchControls.setReturningAttributes(attributes);
                searchControls.setSearchScope(2);
                try {
                    if (connection != null) {
                        try {
                            NamingEnumeration search = connection.search(defaultLdapServer.getBaseDN(), stringBuffer.toString(), searchControls);
                            if (search != null) {
                                if (!search.hasMore()) {
                                    log.error("SimpleLdapSecurityContext: user not found , " + this.myPrincipal.UID);
                                }
                                while (search != null && search.hasMore()) {
                                    SearchResult searchResult = (SearchResult) search.next();
                                    StringBuffer stringBuffer2 = new StringBuffer();
                                    stringBuffer2.append(searchResult.getName()).append(", ");
                                    stringBuffer2.append(defaultLdapServer.getBaseDN());
                                    Attributes attributes2 = searchResult.getAttributes();
                                    String attributeValue = getAttributeValue(attributes2, 1);
                                    String attributeValue2 = getAttributeValue(attributes2, 2);
                                    connection.removeFromEnvironment("java.naming.security.principal");
                                    connection.removeFromEnvironment("java.naming.security.credentials");
                                    connection.addToEnvironment("java.naming.security.principal", stringBuffer2.toString());
                                    connection.addToEnvironment("java.naming.security.credentials", this.myOpaqueCredentials.credentialstring);
                                    SearchControls searchControls2 = new SearchControls();
                                    searchControls2.setReturningAttributes(new String[0]);
                                    searchControls2.setSearchScope(0);
                                    String str2 = "(" + defaultLdapServer.getUidAttribute() + "=*)";
                                    log.debug("SimpleLdapSecurityContext: Looking in " + stringBuffer2.toString() + " for " + str2);
                                    connection.search(stringBuffer2.toString(), str2, searchControls2);
                                    this.isauth = true;
                                    this.myPrincipal.FullName = attributeValue + " " + attributeValue2;
                                    log.debug("SimpleLdapSecurityContext: User " + this.myPrincipal.UID + " (" + this.myPrincipal.FullName + ") is authenticated");
                                    this.myPrincipal.UID = this.myPrincipal.UID.toLowerCase();
                                }
                            } else {
                                log.error("SimpleLdapSecurityContext: No such user: " + this.myPrincipal.UID);
                            }
                            defaultLdapServer.releaseConnection(connection);
                        } catch (Exception e) {
                            log.error("SimpleLdapSecurityContext: LDAP Error with user: " + this.myPrincipal.UID + "; ", e);
                            throw new PortalSecurityException("SimpleLdapSecurityContext: LDAP Error" + e + " with user: " + this.myPrincipal.UID);
                        } catch (AuthenticationException e2) {
                            log.info("SimpleLdapSecurityContext: Password invalid for user: " + this.myPrincipal.UID);
                            defaultLdapServer.releaseConnection(connection);
                        }
                    } else {
                        log.error("LDAP Server Connection unavalable");
                    }
                } catch (Throwable th) {
                    defaultLdapServer.releaseConnection(connection);
                    throw th;
                }
            } catch (NamingException e3) {
                log.error("Error geting connection to LDAP server.", e3);
            }
        }
        super.authenticate();
    }

    private String getAttributeValue(Attributes attributes2, int i) throws NamingException {
        String str = "";
        if (!isAttribute(i)) {
            return str;
        }
        Attribute attribute = attributes2.get(attributes[i]);
        if (attribute != null) {
            NamingEnumeration all = attribute.getAll();
            if (all.hasMoreElements()) {
                str = (String) all.nextElement();
            }
        }
        return str;
    }

    private boolean isAttribute(int i) {
        return i >= 0 && i <= 2;
    }
}
