package edu.vt.middleware.ldap.auth.handler;

import edu.vt.middleware.ldap.LdapConfig;
import edu.vt.middleware.ldap.LdapUtil;
import edu.vt.middleware.ldap.auth.AuthenticatorConfig;
import edu.vt.middleware.ldap.handler.ConnectionHandler;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import javax.naming.AuthenticationException;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;

/* loaded from: input_file:edu/vt/middleware/ldap/auth/handler/CompareAuthenticationHandler.class */
public class CompareAuthenticationHandler extends AbstractAuthenticationHandler {
    private static final int DIGEST_SIZE = 256;
    private String passwordScheme = "SHA";

    public CompareAuthenticationHandler() {
    }

    public CompareAuthenticationHandler(AuthenticatorConfig authenticatorConfig) {
        setAuthenticatorConfig(authenticatorConfig);
    }

    public String getPasswordScheme() {
        return this.passwordScheme;
    }

    public void setPasswordScheme(String str) {
        this.passwordScheme = str;
    }

    @Override // edu.vt.middleware.ldap.auth.handler.AbstractAuthenticationHandler, edu.vt.middleware.ldap.auth.handler.AuthenticationHandler
    public void authenticate(ConnectionHandler connectionHandler, AuthenticationCriteria authenticationCriteria) throws NamingException {
        byte[] bArr = new byte[DIGEST_SIZE];
        try {
            MessageDigest messageDigest = MessageDigest.getInstance(this.passwordScheme);
            messageDigest.update(((String) authenticationCriteria.getCredential()).getBytes());
            byte[] digest = messageDigest.digest();
            connectionHandler.connect(this.config.getBindDn(), this.config.getBindCredential());
            NamingEnumeration namingEnumeration = null;
            try {
                namingEnumeration = connectionHandler.getLdapContext().search(authenticationCriteria.getDn(), "userPassword={0}", new Object[]{String.format("{%s}%s", this.passwordScheme, LdapUtil.base64Encode(digest)).getBytes()}, LdapConfig.getCompareSearchControls());
                if (!namingEnumeration.hasMore()) {
                    throw new AuthenticationException("Compare authentication failed.");
                }
                if (namingEnumeration != null) {
                    namingEnumeration.close();
                }
            } catch (Throwable th) {
                if (namingEnumeration != null) {
                    namingEnumeration.close();
                }
                throw th;
            }
        } catch (NoSuchAlgorithmException e) {
            throw new NamingException(e.getMessage());
        }
    }

    @Override // edu.vt.middleware.ldap.auth.handler.AbstractAuthenticationHandler, edu.vt.middleware.ldap.auth.handler.AuthenticationHandler
    public CompareAuthenticationHandler newInstance() {
        return new CompareAuthenticationHandler(this.config);
    }
}
