package org.apache.ldap.server.authn;

import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import javax.naming.Name;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attributes;
import javax.naming.directory.ModificationItem;
import javax.naming.directory.SearchControls;
import org.apache.ldap.common.exception.LdapAuthenticationException;
import org.apache.ldap.common.exception.LdapAuthenticationNotSupportedException;
import org.apache.ldap.common.filter.ExprNode;
import org.apache.ldap.common.message.ResultCodeEnum;
import org.apache.ldap.common.util.StringTools;
import org.apache.ldap.server.DirectoryServiceConfiguration;
import org.apache.ldap.server.configuration.AuthenticatorConfiguration;
import org.apache.ldap.server.configuration.InterceptorConfiguration;
import org.apache.ldap.server.interceptor.BaseInterceptor;
import org.apache.ldap.server.interceptor.NextInterceptor;
import org.apache.ldap.server.invocation.InvocationStack;
import org.apache.ldap.server.jndi.ServerContext;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.xml.DefaultXmlBeanDefinitionParser;

/* loaded from: input_file:org/apache/ldap/server/authn/AuthenticationService.class */
public class AuthenticationService extends BaseInterceptor {
    private static final Logger log;
    public Map authenticators = new HashMap();
    private DirectoryServiceConfiguration factoryCfg;
    static Class class$org$apache$ldap$server$authn$AuthenticationService;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: org.apache.ldap.server.authn.AuthenticationService$1, reason: invalid class name */
    /* loaded from: input_file:org/apache/ldap/server/authn/AuthenticationService$1.class */
    public static class AnonymousClass1 {
    }

    /* loaded from: input_file:org/apache/ldap/server/authn/AuthenticationService$TrustedPrincipalWrapper.class */
    public final class TrustedPrincipalWrapper {
        private final LdapPrincipal principal;
        private final AuthenticationService this$0;

        private TrustedPrincipalWrapper(AuthenticationService authenticationService, LdapPrincipal ldapPrincipal) {
            this.this$0 = authenticationService;
            this.principal = ldapPrincipal;
        }

        public LdapPrincipal getPrincipal() {
            return this.principal;
        }

        TrustedPrincipalWrapper(AuthenticationService authenticationService, LdapPrincipal ldapPrincipal, AnonymousClass1 anonymousClass1) {
            this(authenticationService, ldapPrincipal);
        }
    }

    @Override // org.apache.ldap.server.interceptor.BaseInterceptor, org.apache.ldap.server.interceptor.Interceptor
    public void init(DirectoryServiceConfiguration directoryServiceConfiguration, InterceptorConfiguration interceptorConfiguration) throws NamingException {
        this.factoryCfg = directoryServiceConfiguration;
        Iterator it = directoryServiceConfiguration.getStartupConfiguration().getAuthenticatorConfigurations().iterator();
        while (it.hasNext()) {
            try {
                register((AuthenticatorConfiguration) it.next());
            } catch (Exception e) {
                destroy();
                throw new NamingException("Failed to register authenticator.").initCause(e);
            }
        }
    }

    @Override // org.apache.ldap.server.interceptor.BaseInterceptor, org.apache.ldap.server.interceptor.Interceptor
    public void destroy() {
        Iterator it = new ArrayList(this.authenticators.values()).iterator();
        while (it.hasNext()) {
            Iterator it2 = new ArrayList((Collection) it.next()).iterator();
            while (it2.hasNext()) {
                unregister((Authenticator) it2.next());
            }
        }
        this.authenticators.clear();
    }

    private void register(AuthenticatorConfiguration authenticatorConfiguration) throws NamingException {
        authenticatorConfiguration.getAuthenticator().init(this.factoryCfg, authenticatorConfiguration);
        Collection authenticators = getAuthenticators(authenticatorConfiguration.getAuthenticator().getAuthenticatorType());
        if (authenticators == null) {
            authenticators = new ArrayList();
            this.authenticators.put(authenticatorConfiguration.getAuthenticator().getAuthenticatorType(), authenticators);
        }
        authenticators.add(authenticatorConfiguration.getAuthenticator());
    }

    private void unregister(Authenticator authenticator) {
        Collection authenticators = getAuthenticators(authenticator.getAuthenticatorType());
        if (authenticators == null) {
            return;
        }
        authenticators.remove(authenticator);
        try {
            authenticator.destroy();
        } catch (Throwable th) {
            log.warn("Failed to destroy an authenticator.", th);
        }
    }

    private Collection getAuthenticators(String str) {
        Collection collection = (Collection) this.authenticators.get(str);
        if (collection == null || collection.size() <= 0) {
            return null;
        }
        return collection;
    }

    @Override // org.apache.ldap.server.interceptor.BaseInterceptor, org.apache.ldap.server.interceptor.Interceptor
    public void add(NextInterceptor nextInterceptor, String str, Name name, Attributes attributes) throws NamingException {
        authenticate();
        nextInterceptor.add(str, name, attributes);
    }

    @Override // org.apache.ldap.server.interceptor.BaseInterceptor, org.apache.ldap.server.interceptor.Interceptor
    public void delete(NextInterceptor nextInterceptor, Name name) throws NamingException {
        authenticate();
        nextInterceptor.delete(name);
    }

    @Override // org.apache.ldap.server.interceptor.BaseInterceptor, org.apache.ldap.server.interceptor.Interceptor
    public Name getMatchedName(NextInterceptor nextInterceptor, Name name, boolean z) throws NamingException {
        authenticate();
        return nextInterceptor.getMatchedName(name, z);
    }

    @Override // org.apache.ldap.server.interceptor.BaseInterceptor, org.apache.ldap.server.interceptor.Interceptor
    public Attributes getRootDSE(NextInterceptor nextInterceptor) throws NamingException {
        authenticate();
        return nextInterceptor.getRootDSE();
    }

    @Override // org.apache.ldap.server.interceptor.BaseInterceptor, org.apache.ldap.server.interceptor.Interceptor
    public Name getSuffix(NextInterceptor nextInterceptor, Name name, boolean z) throws NamingException {
        authenticate();
        return nextInterceptor.getSuffix(name, z);
    }

    @Override // org.apache.ldap.server.interceptor.BaseInterceptor, org.apache.ldap.server.interceptor.Interceptor
    public boolean hasEntry(NextInterceptor nextInterceptor, Name name) throws NamingException {
        authenticate();
        return nextInterceptor.hasEntry(name);
    }

    @Override // org.apache.ldap.server.interceptor.BaseInterceptor, org.apache.ldap.server.interceptor.Interceptor
    public boolean isSuffix(NextInterceptor nextInterceptor, Name name) throws NamingException {
        authenticate();
        return nextInterceptor.isSuffix(name);
    }

    @Override // org.apache.ldap.server.interceptor.BaseInterceptor, org.apache.ldap.server.interceptor.Interceptor
    public NamingEnumeration list(NextInterceptor nextInterceptor, Name name) throws NamingException {
        authenticate();
        return nextInterceptor.list(name);
    }

    @Override // org.apache.ldap.server.interceptor.BaseInterceptor, org.apache.ldap.server.interceptor.Interceptor
    public Iterator listSuffixes(NextInterceptor nextInterceptor, boolean z) throws NamingException {
        authenticate();
        return nextInterceptor.listSuffixes(z);
    }

    @Override // org.apache.ldap.server.interceptor.BaseInterceptor, org.apache.ldap.server.interceptor.Interceptor
    public Attributes lookup(NextInterceptor nextInterceptor, Name name, String[] strArr) throws NamingException {
        authenticate();
        return nextInterceptor.lookup(name, strArr);
    }

    @Override // org.apache.ldap.server.interceptor.BaseInterceptor, org.apache.ldap.server.interceptor.Interceptor
    public Attributes lookup(NextInterceptor nextInterceptor, Name name) throws NamingException {
        authenticate();
        return nextInterceptor.lookup(name);
    }

    @Override // org.apache.ldap.server.interceptor.BaseInterceptor, org.apache.ldap.server.interceptor.Interceptor
    public void modify(NextInterceptor nextInterceptor, Name name, int i, Attributes attributes) throws NamingException {
        authenticate();
        nextInterceptor.modify(name, i, attributes);
    }

    @Override // org.apache.ldap.server.interceptor.BaseInterceptor, org.apache.ldap.server.interceptor.Interceptor
    public void modify(NextInterceptor nextInterceptor, Name name, ModificationItem[] modificationItemArr) throws NamingException {
        authenticate();
        nextInterceptor.modify(name, modificationItemArr);
    }

    @Override // org.apache.ldap.server.interceptor.BaseInterceptor, org.apache.ldap.server.interceptor.Interceptor
    public void modifyRn(NextInterceptor nextInterceptor, Name name, String str, boolean z) throws NamingException {
        authenticate();
        nextInterceptor.modifyRn(name, str, z);
    }

    @Override // org.apache.ldap.server.interceptor.BaseInterceptor, org.apache.ldap.server.interceptor.Interceptor
    public void move(NextInterceptor nextInterceptor, Name name, Name name2, String str, boolean z) throws NamingException {
        authenticate();
        nextInterceptor.move(name, name2, str, z);
    }

    @Override // org.apache.ldap.server.interceptor.BaseInterceptor, org.apache.ldap.server.interceptor.Interceptor
    public void move(NextInterceptor nextInterceptor, Name name, Name name2) throws NamingException {
        authenticate();
        nextInterceptor.move(name, name2);
    }

    @Override // org.apache.ldap.server.interceptor.BaseInterceptor, org.apache.ldap.server.interceptor.Interceptor
    public NamingEnumeration search(NextInterceptor nextInterceptor, Name name, Map map, ExprNode exprNode, SearchControls searchControls) throws NamingException {
        authenticate();
        return nextInterceptor.search(name, map, exprNode, searchControls);
    }

    private void authenticate() throws NamingException {
        ServerContext caller = InvocationStack.getInstance().peek().getCaller();
        if (caller.getPrincipal() != null) {
            if (caller.getEnvironment().containsKey("java.naming.security.credentials")) {
                caller.removeFromEnvironment("java.naming.security.credentials");
                return;
            }
            return;
        }
        String str = (String) caller.getEnvironment().get("java.naming.security.authentication");
        if (str == null) {
            str = caller.getEnvironment().containsKey("java.naming.security.credentials") ? DefaultXmlBeanDefinitionParser.DEPENDENCY_CHECK_SIMPLE_ATTRIBUTE_VALUE : "none";
        }
        Collection<Authenticator> collection = null;
        for (String str2 : StringTools.deepTrim(str).split(" ")) {
            collection = getAuthenticators(str2);
            if (collection != null) {
                break;
            }
        }
        if (collection == null) {
            caller.getEnvironment();
            throw new LdapAuthenticationNotSupportedException(ResultCodeEnum.AUTHMETHODNOTSUPPORTED);
        }
        for (Authenticator authenticator : collection) {
            try {
                caller.setPrincipal(new TrustedPrincipalWrapper(this, authenticator.authenticate(caller), null));
                caller.removeFromEnvironment("java.naming.security.credentials");
                return;
            } catch (Exception e) {
                log.warn(new StringBuffer().append("Unexpected exception from ").append(authenticator.getClass()).toString(), (Throwable) e);
            } catch (LdapAuthenticationException e2) {
            }
        }
        throw new LdapAuthenticationException();
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        if (class$org$apache$ldap$server$authn$AuthenticationService == null) {
            cls = class$("org.apache.ldap.server.authn.AuthenticationService");
            class$org$apache$ldap$server$authn$AuthenticationService = cls;
        } else {
            cls = class$org$apache$ldap$server$authn$AuthenticationService;
        }
        log = LoggerFactory.getLogger(cls);
    }
}
