package org.apache.ldap.server.authn;

import java.util.Collection;
import java.util.Collections;
import java.util.HashSet;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import org.apache.ldap.common.aci.AuthenticationLevel;
import org.apache.ldap.common.exception.LdapAuthenticationException;
import org.apache.ldap.common.name.LdapName;
import org.apache.ldap.common.util.ArrayUtils;
import org.apache.ldap.server.invocation.InvocationStack;
import org.apache.ldap.server.jndi.ServerContext;
import org.springframework.beans.factory.xml.DefaultXmlBeanDefinitionParser;

/* loaded from: input_file:org/apache/ldap/server/authn/SimpleAuthenticator.class */
public class SimpleAuthenticator extends AbstractAuthenticator {
    private static final Collection USERLOOKUP_BYPASS;

    public SimpleAuthenticator() {
        super(DefaultXmlBeanDefinitionParser.DEPENDENCY_CHECK_SIMPLE_ATTRIBUTE_VALUE);
    }

    /* JADX WARN: Type inference failed for: r0v22, types: [java.lang.Throwable, org.apache.ldap.common.exception.LdapAuthenticationException] */
    @Override // org.apache.ldap.server.authn.AbstractAuthenticator, org.apache.ldap.server.authn.Authenticator
    public LdapPrincipal authenticate(ServerContext serverContext) throws NamingException {
        Object obj;
        Object obj2 = serverContext.getEnvironment().get("java.naming.security.credentials");
        if (obj2 == null) {
            obj2 = ArrayUtils.EMPTY_BYTE_ARRAY;
        } else if (obj2 instanceof String) {
            obj2 = ((String) obj2).getBytes();
        }
        if (!serverContext.getEnvironment().containsKey("java.naming.security.principal")) {
            throw new LdapAuthenticationException();
        }
        String str = (String) serverContext.getEnvironment().get("java.naming.security.principal");
        if (str == null) {
            throw new LdapAuthenticationException();
        }
        LdapName ldapName = new LdapName(str);
        try {
            Attributes lookup = InvocationStack.getInstance().peek().getProxy().lookup(ldapName, new String[]{"userPassword"}, USERLOOKUP_BYPASS);
            if (lookup == null) {
                throw new LdapAuthenticationException(new StringBuffer().append("Failed to lookup user for authentication: ").append(str).toString());
            }
            Attribute attribute = lookup.get("userPassword");
            if (attribute == null) {
                obj = ArrayUtils.EMPTY_BYTE_ARRAY;
            } else {
                obj = attribute.get();
                if (obj instanceof String) {
                    obj = ((String) obj).getBytes();
                }
            }
            if (ArrayUtils.isEquals(obj2, obj)) {
                return new LdapPrincipal(ldapName, AuthenticationLevel.SIMPLE);
            }
            throw new LdapAuthenticationException();
        } catch (Exception e) {
            ?? ldapAuthenticationException = new LdapAuthenticationException();
            ldapAuthenticationException.setRootCause(ldapAuthenticationException);
            throw ldapAuthenticationException;
        }
    }

    static {
        HashSet hashSet = new HashSet();
        hashSet.add("authenticationService");
        hashSet.add("authorizationService");
        hashSet.add("oldAuthorizationService");
        hashSet.add("schemaService");
        hashSet.add("subentryService");
        hashSet.add("operationalAttributeService");
        hashSet.add("eventService");
        USERLOOKUP_BYPASS = Collections.unmodifiableCollection(hashSet);
    }
}
