package org.ballerinalang.stdlib.ldap.nativeimpl;

import java.nio.charset.Charset;
import javax.naming.NamingException;
import javax.naming.directory.DirContext;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.ballerinalang.jvm.scheduling.Strand;
import org.ballerinalang.jvm.values.ErrorValue;
import org.ballerinalang.jvm.values.MapValue;
import org.ballerinalang.natives.annotations.BallerinaFunction;
import org.ballerinalang.stdlib.ldap.CommonLdapConfiguration;
import org.ballerinalang.stdlib.ldap.LdapConnectionContext;
import org.ballerinalang.stdlib.ldap.LdapConstants;
import org.ballerinalang.stdlib.ldap.UserStoreException;
import org.ballerinalang.stdlib.ldap.util.LdapUtils;

@BallerinaFunction(orgName = "ballerina", packageName = "ldap", functionName = "doAuthenticate", isPublic = true)
/* loaded from: input_file:org/ballerinalang/stdlib/ldap/nativeimpl/Authenticate.class */
public class Authenticate {
    private static final Log LOG = LogFactory.getLog(Authenticate.class);
    private static LdapConnectionContext connectionSource;

    public static Object doAuthenticate(Strand strand, MapValue<?, ?> mapValue, String str, String str2) {
        byte[] bytes = str2.getBytes(Charset.forName(LdapConstants.UTF_8_CHARSET));
        connectionSource = (LdapConnectionContext) mapValue.getNativeData(LdapConstants.LDAP_CONNECTION_SOURCE);
        DirContext dirContext = (DirContext) mapValue.getNativeData(LdapConstants.LDAP_CONNECTION_CONTEXT);
        CommonLdapConfiguration commonLdapConfiguration = (CommonLdapConfiguration) mapValue.getNativeData(LdapConstants.LDAP_CONFIGURATION);
        LdapUtils.setServiceName((String) mapValue.getNativeData(LdapConstants.ENDPOINT_INSTANCE_ID));
        try {
            if (LdapUtils.isNullOrEmptyAfterTrim(str)) {
                return LdapUtils.createError("Username or credential value is empty or null.");
            }
            try {
                if (LOG.isDebugEnabled()) {
                    LOG.debug("Authenticating user " + str);
                }
                String nameInSpaceForUsernameFromLDAP = LdapUtils.getNameInSpaceForUsernameFromLDAP(str.trim(), commonLdapConfiguration, dirContext);
                if (nameInSpaceForUsernameFromLDAP == null) {
                    LdapUtils.removeServiceName();
                    return false;
                }
                if (LOG.isDebugEnabled()) {
                    LOG.debug("Authenticating with " + nameInSpaceForUsernameFromLDAP);
                }
                Boolean valueOf = Boolean.valueOf(bindAsUser(nameInSpaceForUsernameFromLDAP, bytes));
                LdapUtils.removeServiceName();
                return valueOf;
            } catch (UserStoreException e) {
                LOG.error(e.getMessage(), e);
                ErrorValue createError = LdapUtils.createError(e.getMessage());
                LdapUtils.removeServiceName();
                return createError;
            } catch (NamingException e2) {
                LOG.error("Cannot bind user: " + str, e2);
                ErrorValue createError2 = LdapUtils.createError(e2.getMessage());
                LdapUtils.removeServiceName();
                return createError2;
            }
        } catch (Throwable th) {
            LdapUtils.removeServiceName();
            throw th;
        }
    }

    private static boolean bindAsUser(String str, byte[] bArr) throws NamingException {
        DirContext dirContext = null;
        try {
            dirContext = connectionSource.getContextWithCredentials(str, bArr);
            LdapUtils.closeContext(dirContext);
            if (LOG.isDebugEnabled()) {
                LOG.debug("User: " + str + " is authenticated: true");
            }
            return true;
        } catch (Throwable th) {
            LdapUtils.closeContext(dirContext);
            throw th;
        }
    }
}
