package org.ballerinalang.auth.ldap.nativeimpl;

import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.DirContext;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.naming.ldap.LdapName;
import javax.naming.ldap.Rdn;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.ballerinalang.auth.ldap.CommonLdapConfiguration;
import org.ballerinalang.auth.ldap.LdapConstants;
import org.ballerinalang.auth.ldap.UserStoreException;
import org.ballerinalang.auth.ldap.util.LdapUtils;
import org.ballerinalang.bre.Context;
import org.ballerinalang.bre.bvm.BlockingNativeCallableUnit;
import org.ballerinalang.model.types.BTypes;
import org.ballerinalang.model.types.TypeKind;
import org.ballerinalang.model.values.BMap;
import org.ballerinalang.model.values.BValue;
import org.ballerinalang.model.values.BValueArray;
import org.ballerinalang.natives.annotations.Argument;
import org.ballerinalang.natives.annotations.BallerinaFunction;
import org.ballerinalang.natives.annotations.ReturnType;
import org.ballerinalang.util.exceptions.BallerinaException;

@BallerinaFunction(orgName = "ballerina", packageName = "auth", functionName = "LdapAuthStoreProvider.getScopesOfUser", args = {@Argument(name = "username", type = TypeKind.STRING)}, returnType = {@ReturnType(type = TypeKind.ARRAY, elementType = TypeKind.STRING)}, isPublic = true)
/* loaded from: input_file:org/ballerinalang/auth/ldap/nativeimpl/GetLdapScopesOfUser.class */
public class GetLdapScopesOfUser extends BlockingNativeCallableUnit {
    private static final Log LOG = LogFactory.getLog(GetLdapScopesOfUser.class);
    private CommonLdapConfiguration ldapConfiguration;
    private DirContext ldapConnectionContext;

    public void execute(Context context) {
        try {
            BMap refArgument = context.getRefArgument(0);
            LdapUtils.setServiceName((String) refArgument.getNativeData(LdapConstants.ENDPOINT_INSTANCE_ID));
            this.ldapConnectionContext = (DirContext) refArgument.getNativeData(LdapConstants.LDAP_CONNECTION_CONTEXT);
            this.ldapConfiguration = (CommonLdapConfiguration) refArgument.getNativeData(LdapConstants.LDAP_CONFIGURATION);
            context.setReturnValues(new BValue[]{new BValueArray(doGetGroupsListOfUser(context.getStringArgument(0), this.ldapConfiguration))});
        } catch (UserStoreException | NamingException e) {
            context.setReturnValues(new BValue[]{new BValueArray(BTypes.typeString)});
        } finally {
            LdapUtils.removeServiceName();
        }
    }

    private String[] doGetGroupsListOfUser(String str, CommonLdapConfiguration commonLdapConfiguration) throws UserStoreException, NamingException {
        return getLDAPGroupsListOfUser(str, commonLdapConfiguration.getGroupSearchBase(), commonLdapConfiguration);
    }

    private String[] getLDAPGroupsListOfUser(String str, List<String> list, CommonLdapConfiguration commonLdapConfiguration) throws UserStoreException, NamingException {
        String escapeLdapNameForFilter;
        if (str == null) {
            throw new BallerinaException("userName value is null.");
        }
        SearchControls searchControls = new SearchControls();
        searchControls.setSearchScope(2);
        String groupNameListFilter = commonLdapConfiguration.getGroupNameListFilter();
        String groupNameAttribute = commonLdapConfiguration.getGroupNameAttribute();
        String membershipAttribute = commonLdapConfiguration.getMembershipAttribute();
        String nameInSpaceForUserName = getNameInSpaceForUserName(str, this.ldapConfiguration);
        if (membershipAttribute == null || membershipAttribute.length() < 1) {
            throw new BallerinaException("membershipAttribute not set in configuration");
        }
        if (nameInSpaceForUserName == null) {
            return new String[0];
        }
        LdapName ldapName = new LdapName(nameInSpaceForUserName);
        if (LdapConstants.MEMBER_UID.equals(commonLdapConfiguration.getMembershipAttribute())) {
            List rdns = ldapName.getRdns();
            escapeLdapNameForFilter = ((Rdn) rdns.get(rdns.size() - 1)).getValue().toString();
        } else {
            escapeLdapNameForFilter = escapeLdapNameForFilter(ldapName);
        }
        String str2 = "(&" + groupNameListFilter + "(" + membershipAttribute + "=" + escapeLdapNameForFilter + "))";
        searchControls.setReturningAttributes(new String[]{groupNameAttribute});
        if (LOG.isDebugEnabled()) {
            LOG.debug("Reading roles with the membershipProperty Property: " + membershipAttribute);
        }
        List<String> listOfNames = getListOfNames(list, str2, searchControls, groupNameAttribute, false);
        return (String[]) listOfNames.toArray(new String[listOfNames.size()]);
    }

    private List<String> getListOfNames(List<String> list, String str, SearchControls searchControls, String str2, boolean z) throws NamingException {
        Attribute attribute;
        if (LOG.isDebugEnabled()) {
            LOG.debug("Result for searchBase: " + list + " searchFilter: " + str + " property:" + str2 + " appendDN: " + z);
        }
        ArrayList arrayList = new ArrayList();
        NamingEnumeration namingEnumeration = null;
        try {
            Iterator<String> it = list.iterator();
            while (it.hasNext()) {
                namingEnumeration = this.ldapConnectionContext.search(LdapUtils.escapeDNForSearch(it.next()), str, searchControls);
                while (namingEnumeration.hasMoreElements()) {
                    SearchResult searchResult = (SearchResult) namingEnumeration.next();
                    if (searchResult.getAttributes() != null && (attribute = searchResult.getAttributes().get(str2)) != null) {
                        NamingEnumeration all = attribute.getAll();
                        while (all.hasMoreElements()) {
                            String str3 = (String) all.nextElement();
                            if (LOG.isDebugEnabled()) {
                                LOG.debug("Found user: " + str3);
                            }
                            arrayList.add(str3);
                        }
                    }
                }
                if (LOG.isDebugEnabled()) {
                    Iterator it2 = arrayList.iterator();
                    while (it2.hasNext()) {
                        LOG.debug("Result  :  " + ((String) it2.next()));
                    }
                }
            }
            return arrayList;
        } finally {
            LdapUtils.closeNamingEnumeration(namingEnumeration);
        }
    }

    private String getNameInSpaceForUserName(String str, CommonLdapConfiguration commonLdapConfiguration) throws UserStoreException, NamingException {
        return LdapUtils.getNameInSpaceForUsernameFromLDAP(str, commonLdapConfiguration, this.ldapConnectionContext);
    }

    private String escapeLdapNameForFilter(LdapName ldapName) {
        if (ldapName == null) {
            if (!LOG.isDebugEnabled()) {
                return null;
            }
            LOG.debug("Received null value to escape special characters. Returning null");
            return null;
        }
        StringBuilder sb = new StringBuilder();
        for (int size = ldapName.size() - 1; size > -1; size--) {
            sb = sb.append(escapeSpecialCharactersForFilterWithStarAsRegex(ldapName.get(size)));
            if (size != 0) {
                sb = sb.append(",");
            }
        }
        if (LOG.isDebugEnabled()) {
            LOG.debug("Escaped DN value for filter : " + sb.toString());
        }
        return sb.toString();
    }

    private String escapeSpecialCharactersForFilterWithStarAsRegex(String str) {
        StringBuilder sb = new StringBuilder();
        int i = 0;
        while (i < str.length()) {
            char charAt = str.charAt(i);
            switch (charAt) {
                case 0:
                    sb.append("\\00");
                    break;
                case '(':
                    sb.append("\\28");
                    break;
                case ')':
                    sb.append("\\29");
                    break;
                case '\\':
                    if (str.charAt(i + 1) != '*') {
                        sb.append("\\5c");
                        break;
                    } else {
                        sb.append("\\2a");
                        i++;
                        break;
                    }
                default:
                    sb.append(charAt);
                    break;
            }
            i++;
        }
        return sb.toString();
    }
}
