package org.wso2.carbon.user.core.ldap;

import java.text.MessageFormat;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import javax.naming.AuthenticationException;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.PartialResultException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.DirContext;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.sql.DataSource;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.context.CarbonContext;
import org.wso2.carbon.user.api.Properties;
import org.wso2.carbon.user.api.Property;
import org.wso2.carbon.user.api.RealmConfiguration;
import org.wso2.carbon.user.api.Tenant;
import org.wso2.carbon.user.core.UserCoreConstants;
import org.wso2.carbon.user.core.UserRealm;
import org.wso2.carbon.user.core.UserStoreException;
import org.wso2.carbon.user.core.claim.ClaimManager;
import org.wso2.carbon.user.core.common.AbstractUserStoreManager;
import org.wso2.carbon.user.core.common.RoleContext;
import org.wso2.carbon.user.core.jdbc.JDBCUserStoreManager;
import org.wso2.carbon.user.core.profile.ProfileConfigurationManager;
import org.wso2.carbon.user.core.util.DatabaseUtil;
import org.wso2.carbon.user.core.util.JNDIUtil;
import org.wso2.carbon.user.core.util.LDAPUtil;
import org.wso2.carbon.user.core.util.UserCoreUtil;

/* loaded from: input_file:org/wso2/carbon/user/core/ldap/ReadOnlyLDAPUserStoreManager.class */
public class ReadOnlyLDAPUserStoreManager extends AbstractUserStoreManager {
    protected LDAPConnectionContext connectionSource;
    private final int MAX_USER_CACHE = 200;
    Map<String, String> userCache;
    private static Log log = LogFactory.getLog(ReadOnlyLDAPUserStoreManager.class);
    protected String userSearchBase;
    protected String groupSearchBase;
    protected boolean emptyRolesAllowed;

    public ReadOnlyLDAPUserStoreManager() {
        this.connectionSource = null;
        this.MAX_USER_CACHE = 200;
        this.userCache = new ConcurrentHashMap(200);
        this.userSearchBase = null;
        this.groupSearchBase = null;
        this.emptyRolesAllowed = false;
    }

    public ReadOnlyLDAPUserStoreManager(RealmConfiguration realmConfiguration, Map<String, Object> map, ClaimManager claimManager, ProfileConfigurationManager profileConfigurationManager, UserRealm userRealm, Integer num) throws UserStoreException {
        this(realmConfiguration, map, claimManager, profileConfigurationManager, userRealm, num, false);
    }

    public ReadOnlyLDAPUserStoreManager(RealmConfiguration realmConfiguration, Map<String, Object> map, ClaimManager claimManager, ProfileConfigurationManager profileConfigurationManager, UserRealm userRealm, Integer num, boolean z) throws UserStoreException {
        this.connectionSource = null;
        this.MAX_USER_CACHE = 200;
        this.userCache = new ConcurrentHashMap(200);
        this.userSearchBase = null;
        this.groupSearchBase = null;
        this.emptyRolesAllowed = false;
        if (log.isDebugEnabled()) {
            log.debug("Initialization Started " + System.currentTimeMillis());
        }
        this.realmConfig = realmConfiguration;
        this.claimManager = claimManager;
        this.userRealm = userRealm;
        this.tenantId = num.intValue();
        checkRequiredUserStoreConfigurations();
        this.dataSource = (DataSource) map.get(UserCoreConstants.DATA_SOURCE);
        if (this.dataSource == null) {
            this.dataSource = DatabaseUtil.getRealmDataSource(realmConfiguration);
        }
        if (this.dataSource == null) {
            throw new UserStoreException("Data Source is null");
        }
        map.put(UserCoreConstants.DATA_SOURCE, this.dataSource);
        this.connectionSource = new LDAPConnectionContext(realmConfiguration);
        try {
            this.connectionSource.getContext();
            if (isReadOnly()) {
                log.info("LDAP connection created successfully in read-only mode");
            }
            this.userRealm = userRealm;
            persistDomain();
            doInitialSetup();
            if (realmConfiguration.isPrimary()) {
                addInitialAdminData(Boolean.parseBoolean(realmConfiguration.getAddAdmin()), !isInitSetupDone());
            }
            initUserRolesCache();
            if (log.isDebugEnabled()) {
                log.debug("Initialization Ended " + System.currentTimeMillis());
            }
        } catch (Exception e) {
            log.error(e.getMessage(), e);
            throw new UserStoreException("Cannot create connection to LDAP server. Error message " + e.getMessage());
        }
    }

    public ReadOnlyLDAPUserStoreManager(RealmConfiguration realmConfiguration, ClaimManager claimManager, ProfileConfigurationManager profileConfigurationManager) throws UserStoreException {
        this.connectionSource = null;
        this.MAX_USER_CACHE = 200;
        this.userCache = new ConcurrentHashMap(200);
        this.userSearchBase = null;
        this.groupSearchBase = null;
        this.emptyRolesAllowed = false;
        if (log.isDebugEnabled()) {
            log.debug("Started " + System.currentTimeMillis());
        }
        this.realmConfig = realmConfiguration;
        this.claimManager = claimManager;
        checkRequiredUserStoreConfigurations();
        this.connectionSource = new LDAPConnectionContext(realmConfiguration);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void checkRequiredUserStoreConfigurations() throws UserStoreException {
        log.debug("Checking LDAP configurations ");
        String userStoreProperty = this.realmConfig.getUserStoreProperty("ConnectionURL");
        String userStoreProperty2 = this.realmConfig.getUserStoreProperty(LDAPConstants.DNS_URL);
        if ((userStoreProperty == null || userStoreProperty.trim().length() == 0) && (userStoreProperty2 == null || userStoreProperty2.trim().length() == 0)) {
            throw new UserStoreException("Required ConnectionURL property is not set at the LDAP configurations");
        }
        String userStoreProperty3 = this.realmConfig.getUserStoreProperty("ConnectionName");
        if (userStoreProperty3 == null || userStoreProperty3.trim().length() == 0) {
            throw new UserStoreException("Required ConnectionNme property is not set at the LDAP configurations");
        }
        String userStoreProperty4 = this.realmConfig.getUserStoreProperty("ConnectionPassword");
        if (userStoreProperty4 == null || userStoreProperty4.trim().length() == 0) {
            throw new UserStoreException("Required ConnectionPassword property is not set at the LDAP configurations");
        }
        this.userSearchBase = this.realmConfig.getUserStoreProperty("UserSearchBase");
        if (this.userSearchBase == null || this.userSearchBase.trim().length() == 0) {
            throw new UserStoreException("Required UserSearchBase property is not set at the LDAP configurations");
        }
        String userStoreProperty5 = this.realmConfig.getUserStoreProperty("UserNameListFilter");
        if (userStoreProperty5 == null || userStoreProperty5.trim().length() == 0) {
            throw new UserStoreException("Required UserNameListFilter property is not set at the LDAP configurations");
        }
        String userStoreProperty6 = this.realmConfig.getUserStoreProperty("UserNameSearchFilter");
        if (userStoreProperty6 == null || userStoreProperty6.trim().length() == 0) {
            throw new UserStoreException("Required UserNameSearchFilter property is not set at the LDAP configurations");
        }
        String userStoreProperty7 = this.realmConfig.getUserStoreProperty("UserNameAttribute");
        if (userStoreProperty7 == null || userStoreProperty7.trim().length() == 0) {
            throw new UserStoreException("Required UserNameAttribute property is not set at the LDAP configurations");
        }
        this.writeGroupsEnabled = false;
        if (this.realmConfig.getUserStoreProperty("ReadGroups") != null) {
            this.readGroupsEnabled = Boolean.parseBoolean(this.realmConfig.getUserStoreProperty("ReadGroups"));
        }
        if (this.readGroupsEnabled) {
            this.groupSearchBase = this.realmConfig.getUserStoreProperty("GroupSearchBase");
            if (this.groupSearchBase == null || this.groupSearchBase.trim().length() == 0) {
                throw new UserStoreException("Required GroupSearchBase property is not set at the LDAP configurations");
            }
            String userStoreProperty8 = this.realmConfig.getUserStoreProperty("GroupNameListFilter");
            if (userStoreProperty8 == null || userStoreProperty8.trim().length() == 0) {
                throw new UserStoreException("Required GroupNameListFilter property is not set at the LDAP configurations");
            }
            String userStoreProperty9 = this.realmConfig.getUserStoreProperty("GroupNameSearchFilter");
            if (userStoreProperty9 == null || userStoreProperty9.trim().length() == 0) {
                throw new UserStoreException("Required GroupNameSearchFilter property is not set at the LDAP configurations");
            }
            String userStoreProperty10 = this.realmConfig.getUserStoreProperty("GroupNameAttribute");
            if (userStoreProperty10 == null || userStoreProperty10.trim().length() == 0) {
                throw new UserStoreException("Required GroupNameAttribute property is not set at the LDAP configurations");
            }
            String userStoreProperty11 = this.realmConfig.getUserStoreProperty("MembershipAttribute");
            if (userStoreProperty11 == null || userStoreProperty11.trim().length() == 0) {
                throw new UserStoreException("Required MembershipAttribute property is not set at the LDAP configurations");
            }
        }
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public boolean doAuthenticate(String str, Object obj) throws UserStoreException {
        boolean isDebugEnabled = log.isDebugEnabled();
        if (str == null || obj == null) {
            return false;
        }
        String replaceEscapeCharacters = replaceEscapeCharacters(str.trim());
        String trim = ((String) obj).trim();
        if (replaceEscapeCharacters.equals("") || trim.equals("")) {
            return false;
        }
        if (isDebugEnabled) {
            log.debug("Authenticating user " + replaceEscapeCharacters);
        }
        boolean z = false;
        String str2 = this.userCache.get(replaceEscapeCharacters);
        if (str2 != null) {
            if (isDebugEnabled) {
                try {
                    log.debug("Cache hit. Using DN " + str2);
                } catch (NamingException e) {
                    if (log.isDebugEnabled()) {
                        log.debug("Checking authentication with UserDN " + str2 + "failed " + e.getMessage(), e);
                    }
                }
            }
            z = bindAsUser(str2, (String) obj);
            if (z) {
                return z;
            }
        }
        String userStoreProperty = this.realmConfig.getUserStoreProperty("UserDNPattern");
        if (userStoreProperty == null || userStoreProperty.isEmpty()) {
            String nameInSpaceForUserName = getNameInSpaceForUserName(replaceEscapeCharacters);
            if (nameInSpaceForUserName != null) {
                if (isDebugEnabled) {
                    try {
                        log.debug("Authenticating with " + nameInSpaceForUserName);
                    } catch (NamingException e2) {
                        log.debug(e2.getMessage(), e2);
                        throw new UserStoreException(e2.getMessage());
                    }
                }
                z = bindAsUser(nameInSpaceForUserName, (String) obj);
                if (z) {
                    this.userCache.put(replaceEscapeCharacters, nameInSpaceForUserName);
                }
            }
        } else {
            if (isDebugEnabled) {
                log.debug("Using UserDNPatterns " + userStoreProperty);
            }
            String[] split = userStoreProperty.split("#");
            if (split.length > 0) {
                for (String str3 : split) {
                    String format = MessageFormat.format(str3, replaceEscapeCharacters);
                    if (isDebugEnabled) {
                        log.debug("Authenticating with " + format);
                    }
                    if (format != null) {
                        try {
                            z = bindAsUser(format, (String) obj);
                            if (z) {
                                this.userCache.put(replaceEscapeCharacters, format);
                                break;
                            }
                            continue;
                        } catch (NamingException e3) {
                            if (log.isDebugEnabled()) {
                                log.debug("Checking authentication with UserDN " + str3 + "failed " + e3.getMessage(), e3);
                            }
                        }
                    }
                }
            }
        }
        return z;
    }

    @Override // org.wso2.carbon.user.core.UserStoreManager
    public String[] getAllProfileNames() throws UserStoreException {
        return new String[]{"default"};
    }

    @Override // org.wso2.carbon.user.core.UserStoreManager
    public String[] getProfileNames(String str) throws UserStoreException {
        return new String[]{"default"};
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public Map<String, String> getUserPropertyValues(String str, String[] strArr, String str2) throws UserStoreException {
        NamingEnumeration<SearchResult> searchForUser;
        Attribute attribute;
        String userStoreProperty;
        String str3 = this.userCache.get(str);
        if (str3 == null && (userStoreProperty = this.realmConfig.getUserStoreProperty("UserDNPattern")) != null && !userStoreProperty.isEmpty()) {
            if (log.isDebugEnabled()) {
                log.debug("Using User DN Patterns " + userStoreProperty);
            }
            str3 = userStoreProperty.contains("#") ? getNameInSpaceForUserName(str) : MessageFormat.format(userStoreProperty, str);
        }
        HashMap hashMap = new HashMap();
        String[] split = str.split(UserCoreConstants.DOMAIN_SEPARATOR);
        if (split.length > 1) {
            str = split[1];
        }
        DirContext context = this.connectionSource.getContext();
        String replace = this.realmConfig.getUserStoreProperty("UserNameSearchFilter").replace("?", str);
        NamingEnumeration namingEnumeration = null;
        try {
            try {
                if (str3 != null) {
                    SearchControls searchControls = new SearchControls();
                    searchControls.setSearchScope(2);
                    if (strArr != null && strArr.length > 0) {
                        searchControls.setReturningAttributes(strArr);
                    }
                    if (log.isDebugEnabled()) {
                        try {
                            log.debug("Searching for user with SearchFilter: " + replace + " in SearchBase: " + context.getNameInNamespace());
                        } catch (NamingException e) {
                            log.debug("Error while getting DN of search base", e);
                        }
                        if (strArr == null) {
                            log.debug("No attributes requested");
                        } else {
                            for (String str4 : strArr) {
                                log.debug("Requesting attribute :" + str4);
                            }
                        }
                    }
                    try {
                        searchForUser = context.search(str3, replace, searchControls);
                    } catch (NamingException e2) {
                        log.debug(e2.getMessage(), e2);
                        throw new UserStoreException(e2.getMessage());
                    }
                } else {
                    searchForUser = searchForUser(replace, strArr, context);
                }
                while (searchForUser.hasMoreElements()) {
                    Attributes attributes = ((SearchResult) searchForUser.next()).getAttributes();
                    if (attributes != null) {
                        for (String str5 : strArr) {
                            if (str5 != null && (attribute = attributes.get(str5)) != null) {
                                StringBuffer stringBuffer = new StringBuffer();
                                namingEnumeration = attribute.getAll();
                                while (namingEnumeration.hasMore()) {
                                    Object next = namingEnumeration.next();
                                    String str6 = null;
                                    if (next instanceof String) {
                                        str6 = (String) next;
                                    } else if (next instanceof byte[]) {
                                        str6 = new String(Base64.encodeBase64((byte[]) next));
                                    }
                                    if (str6 != null && str6.trim().length() > 0) {
                                        stringBuffer.append(str6 + ",");
                                    }
                                }
                                String stringBuffer2 = stringBuffer.toString();
                                if (stringBuffer2 != null && stringBuffer2.trim().length() > 1) {
                                    hashMap.put(str5, stringBuffer2.substring(0, stringBuffer2.length() - 1));
                                }
                            }
                        }
                    }
                }
                JNDIUtil.closeNamingEnumeration(namingEnumeration);
                JNDIUtil.closeNamingEnumeration(searchForUser);
                JNDIUtil.closeContext(context);
                return hashMap;
            } catch (NamingException e3) {
                log.debug(e3.getMessage(), e3);
                throw new UserStoreException(e3.getMessage());
            }
        } catch (Throwable th) {
            JNDIUtil.closeNamingEnumeration(null);
            JNDIUtil.closeNamingEnumeration(null);
            JNDIUtil.closeContext(context);
            throw th;
        }
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public boolean doCheckExistingRole(String str) throws UserStoreException {
        return isExistingLDAPRole(createRoleContext(str));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean isExistingLDAPRole(RoleContext roleContext) throws UserStoreException {
        boolean isDebugEnabled = log.isDebugEnabled();
        boolean z = false;
        String roleName = roleContext.getRoleName();
        if (isDebugEnabled) {
            log.debug("Searching for role: " + roleName);
        }
        String listFilter = ((LDAPRoleContext) roleContext).getListFilter();
        String roleNameProperty = ((LDAPRoleContext) roleContext).getRoleNameProperty();
        String str = "(&" + listFilter + "(" + roleNameProperty + "=" + roleName + "))";
        String searchBase = ((LDAPRoleContext) roleContext).getSearchBase();
        if (isDebugEnabled) {
            log.debug("Using search filter: " + str);
        }
        SearchControls searchControls = new SearchControls();
        searchControls.setSearchScope(2);
        searchControls.setReturningAttributes(new String[]{roleNameProperty});
        NamingEnumeration namingEnumeration = null;
        DirContext dirContext = null;
        try {
            dirContext = this.connectionSource.getContext();
            if (((LDAPRoleContext) roleContext).getRoleDNPatterns().size() > 0) {
                for (String str2 : ((LDAPRoleContext) roleContext).getRoleDNPatterns()) {
                    if (isDebugEnabled) {
                        log.debug("Using pattern: " + str2);
                    }
                    try {
                        namingEnumeration = dirContext.search(MessageFormat.format(str2.trim(), roleName), str, searchControls);
                    } catch (NamingException e) {
                        if (log.isDebugEnabled()) {
                            log.debug(e);
                        }
                    }
                    if (namingEnumeration != null && namingEnumeration.hasMoreElements()) {
                        JNDIUtil.closeNamingEnumeration(namingEnumeration);
                        JNDIUtil.closeContext(dirContext);
                        return true;
                    }
                }
            }
            String[] split = searchBase.split("#");
            int length = split.length;
            int i = 0;
            while (true) {
                if (i >= length) {
                    break;
                }
                String str3 = split[i];
                if (isDebugEnabled) {
                    log.debug("Searching in " + str3);
                }
                try {
                    namingEnumeration = dirContext.search(str3, str, searchControls);
                } catch (NamingException e2) {
                    if (log.isDebugEnabled()) {
                        log.debug(e2);
                    }
                }
                if (namingEnumeration.hasMoreElements()) {
                    z = true;
                    break;
                }
                i++;
            }
            JNDIUtil.closeNamingEnumeration(namingEnumeration);
            JNDIUtil.closeContext(dirContext);
            if (isDebugEnabled) {
                log.debug("Is role: " + roleName + " exist: " + z);
            }
            return z;
        } catch (Throwable th) {
            JNDIUtil.closeNamingEnumeration(namingEnumeration);
            JNDIUtil.closeContext(dirContext);
            throw th;
        }
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public boolean doCheckExistingUser(String str) throws UserStoreException {
        boolean z = false;
        boolean isDebugEnabled = log.isDebugEnabled();
        if (isDebugEnabled) {
            try {
                log.debug("Searching for user " + str);
            } catch (Exception e) {
                throw new UserStoreException(e.getMessage(), e);
            }
        }
        String nameInSpaceForUserName = getNameInSpaceForUserName(str);
        if (nameInSpaceForUserName != null) {
            if (nameInSpaceForUserName.length() > 0) {
                z = true;
            }
        }
        if (isDebugEnabled) {
            log.debug("User: " + str + " exist: " + z);
        }
        return z;
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public String[] doListUsers(String str, int i) throws UserStoreException {
        int i2;
        int i3;
        String[] strArr;
        boolean isDebugEnabled = log.isDebugEnabled();
        String[] strArr2 = new String[0];
        if (i == 0) {
            return strArr2;
        }
        try {
            i2 = Integer.parseInt(this.realmConfig.getUserStoreProperty("MaxUserNameListLength"));
        } catch (Exception e) {
            i2 = 100;
        }
        try {
            i3 = Integer.parseInt(this.realmConfig.getUserStoreProperty(UserCoreConstants.RealmConfig.PROPERTY_MAX_SEARCH_TIME));
        } catch (Exception e2) {
            i3 = 10000;
        }
        if (i < 0 || i > i2) {
            i = i2;
        }
        SearchControls searchControls = new SearchControls();
        searchControls.setSearchScope(2);
        searchControls.setCountLimit(i);
        searchControls.setTimeLimit(i3);
        if (str.contains("?") || str.contains("**")) {
            throw new UserStoreException("Invalid character sequence entered for user serch. Please enter valid sequence.");
        }
        StringBuffer stringBuffer = new StringBuffer(this.realmConfig.getUserStoreProperty("UserNameListFilter"));
        String userStoreProperty = this.realmConfig.getUserStoreProperty("UserSearchBase");
        String userStoreProperty2 = this.realmConfig.getUserStoreProperty("UserNameAttribute");
        StringBuffer stringBuffer2 = new StringBuffer();
        String userStoreProperty3 = this.realmConfig.getUserStoreProperty(LDAPConstants.DISPLAY_NAME_ATTRIBUTE);
        if (userStoreProperty3 != null) {
            strArr = new String[]{userStoreProperty2, ReadWriteLDAPUserStoreManager.ATTR_NAME_SN, userStoreProperty3};
            stringBuffer2.append("(&").append(stringBuffer).append("(").append(userStoreProperty3).append("=").append(str).append("))");
        } else {
            strArr = new String[]{userStoreProperty2, ReadWriteLDAPUserStoreManager.ATTR_NAME_SN};
            stringBuffer2.append("(&").append(stringBuffer).append("(").append(userStoreProperty2).append("=").append(str).append("))");
        }
        if (isDebugEnabled) {
            log.debug("Listing users. SearchBase: " + userStoreProperty + " Constructed-Filter: " + stringBuffer2.toString());
            log.debug("Search controls. Max Limit: " + i + " Max Time: " + i3);
        }
        searchControls.setReturningAttributes(strArr);
        DirContext dirContext = null;
        NamingEnumeration namingEnumeration = null;
        ArrayList arrayList = new ArrayList();
        try {
            try {
                dirContext = this.connectionSource.getContext();
                for (String str2 : userStoreProperty.split("#")) {
                    namingEnumeration = dirContext.search(str2, stringBuffer2.toString(), searchControls);
                    while (namingEnumeration.hasMoreElements()) {
                        SearchResult searchResult = (SearchResult) namingEnumeration.next();
                        if (searchResult.getAttributes() != null) {
                            log.debug("Result found ..");
                            Attribute attribute = searchResult.getAttributes().get(userStoreProperty2);
                            Attribute attribute2 = searchResult.getAttributes().get(ReadWriteLDAPUserStoreManager.ATTR_NAME_SN);
                            if (attribute2 != null) {
                                if (isDebugEnabled) {
                                    log.debug(ReadWriteLDAPUserStoreManager.ATTR_NAME_SN + " : " + attribute2);
                                }
                                String str3 = (String) attribute2.get();
                                if (str3 != null && str3.equals(LDAPConstants.SERVER_PRINCIPAL_ATTRIBUTE_VALUE)) {
                                }
                            }
                            Attribute attribute3 = null;
                            if (userStoreProperty3 != null) {
                                attribute3 = searchResult.getAttributes().get(userStoreProperty3);
                                if (isDebugEnabled) {
                                    log.debug(userStoreProperty3 + " : " + attribute3);
                                }
                            }
                            if (attribute != null) {
                                arrayList.add(UserCoreUtil.getCombinedName(getRealmConfiguration().getUserStoreProperty("DomainName"), (String) attribute.get(), attribute3 != null ? (String) attribute3.get() : null));
                            }
                        }
                    }
                }
                String[] strArr3 = (String[]) arrayList.toArray(new String[arrayList.size()]);
                Arrays.sort(strArr3);
                if (isDebugEnabled) {
                    for (String str4 : strArr3) {
                        log.debug("result: " + str4);
                    }
                }
                JNDIUtil.closeNamingEnumeration(namingEnumeration);
                JNDIUtil.closeContext(dirContext);
                return strArr3;
            } catch (NamingException e3) {
                log.debug(e3.getMessage(), e3);
                throw new UserStoreException(e3.getMessage());
            }
        } catch (Throwable th) {
            JNDIUtil.closeNamingEnumeration(namingEnumeration);
            JNDIUtil.closeContext(dirContext);
            throw th;
        }
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    protected String[] doGetDisplayNamesForInternalRole(String[] strArr) throws UserStoreException {
        String userStoreProperty = this.realmConfig.getUserStoreProperty(LDAPConstants.DISPLAY_NAME_ATTRIBUTE);
        if (userStoreProperty == null) {
            return strArr;
        }
        String userStoreProperty2 = this.realmConfig.getUserStoreProperty("UserNameAttribute");
        String userStoreProperty3 = this.realmConfig.getUserStoreProperty("UserSearchBase");
        String userStoreProperty4 = this.realmConfig.getUserStoreProperty("UserNameListFilter");
        String[] strArr2 = {userStoreProperty};
        SearchControls searchControls = new SearchControls();
        searchControls.setReturningAttributes(strArr2);
        ArrayList arrayList = new ArrayList();
        if (strArr == null || strArr.length <= 0) {
            return strArr;
        }
        for (String str : strArr) {
            arrayList.add(UserCoreUtil.getCombinedName(this.realmConfig.getUserStoreProperty("DomainName"), str, getListOfNames(userStoreProperty3, "(&" + userStoreProperty4 + "(" + userStoreProperty2 + "=" + str + "))", searchControls, userStoreProperty, false).get(0)));
        }
        return (String[]) arrayList.toArray(new String[arrayList.size()]);
    }

    protected boolean bindAsUser(String str, String str2) throws NamingException, UserStoreException {
        boolean z = false;
        boolean isDebugEnabled = log.isDebugEnabled();
        DirContext dirContext = null;
        try {
            try {
                dirContext = this.connectionSource.getContextWithCredentials(str, str2);
                z = true;
                JNDIUtil.closeContext(dirContext);
            } catch (AuthenticationException e) {
                if (isDebugEnabled) {
                    log.debug("Authentication failed " + e);
                }
                JNDIUtil.closeContext(dirContext);
            }
            if (isDebugEnabled) {
                log.debug("User: " + str + " is authenticated: " + z);
            }
            return z;
        } catch (Throwable th) {
            JNDIUtil.closeContext(dirContext);
            throw th;
        }
    }

    protected NamingEnumeration<SearchResult> searchForUser(String str, String[] strArr, DirContext dirContext) throws UserStoreException {
        SearchControls searchControls = new SearchControls();
        searchControls.setSearchScope(2);
        String userStoreProperty = this.realmConfig.getUserStoreProperty("UserSearchBase");
        if (strArr != null && strArr.length > 0) {
            searchControls.setReturningAttributes(strArr);
        }
        if (log.isDebugEnabled()) {
            try {
                log.debug("Searching for user with SearchFilter: " + str + " in SearchBase: " + dirContext.getNameInNamespace());
            } catch (NamingException e) {
                log.debug("Error while getting DN of search base", e);
            }
            if (strArr == null) {
                log.debug("No attributes requested");
            } else {
                for (String str2 : strArr) {
                    log.debug("Requesting attribute :" + str2);
                }
            }
        }
        NamingEnumeration<SearchResult> namingEnumeration = null;
        try {
            for (String str3 : userStoreProperty.split("#")) {
                namingEnumeration = dirContext.search(str3, str, searchControls);
                if (namingEnumeration.hasMore()) {
                    return namingEnumeration;
                }
            }
            return namingEnumeration;
        } catch (NamingException e2) {
            log.debug(e2.getMessage(), e2);
            throw new UserStoreException(e2.getMessage());
        }
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public void doAddRole(String str, String[] strArr, boolean z) throws UserStoreException {
        throw new UserStoreException("User store is operating in read only mode. Cannot write into the user store.");
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public void doUpdateRoleName(String str, String str2) throws UserStoreException {
        throw new UserStoreException("User store is operating in read only mode. Cannot write into the user store.");
    }

    @Override // org.wso2.carbon.user.core.UserStoreManager
    public boolean isBulkImportSupported() {
        return false;
    }

    public boolean isMultipleProfilesAllowed() {
        return false;
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public void doDeleteRole(String str) throws UserStoreException {
        throw new UserStoreException("User store is operating in read only mode. Cannot write into the user store.");
    }

    protected List<String> getLDAPRoleNames(int i, String str, int i2, String str2, String str3, String str4, boolean z) throws UserStoreException {
        Attribute attribute;
        boolean isDebugEnabled = log.isDebugEnabled();
        ArrayList arrayList = new ArrayList();
        SearchControls searchControls = new SearchControls();
        searchControls.setSearchScope(2);
        searchControls.setCountLimit(i2);
        searchControls.setTimeLimit(i);
        searchControls.setReturningAttributes(new String[]{str3});
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append("(&").append(str2).append("(").append(str3).append("=").append(str).append("))");
        if (isDebugEnabled) {
            log.debug("Listing roles. SearchBase: " + str4 + " ConstructedFilter: " + stringBuffer.toString());
        }
        DirContext dirContext = null;
        NamingEnumeration namingEnumeration = null;
        try {
            try {
                dirContext = this.connectionSource.getContext();
                namingEnumeration = dirContext.search(str4, stringBuffer.toString(), searchControls);
                String userStoreProperty = getRealmConfiguration().getUserStoreProperty("DomainName");
                while (namingEnumeration.hasMoreElements()) {
                    SearchResult searchResult = (SearchResult) namingEnumeration.next();
                    if (searchResult.getAttributes() != null && (attribute = searchResult.getAttributes().get(str3)) != null) {
                        String addDomainToName = UserCoreUtil.addDomainToName((String) attribute.get(), userStoreProperty);
                        if (z) {
                            addDomainToName = UserCoreUtil.addTenantDomainToEntry(addDomainToName, getTenantDomainFromRoleDN(searchResult.getNameInNamespace(), addDomainToName));
                        }
                        arrayList.add(addDomainToName);
                    }
                }
                JNDIUtil.closeNamingEnumeration(namingEnumeration);
                JNDIUtil.closeContext(dirContext);
                if (isDebugEnabled) {
                    Iterator it = arrayList.iterator();
                    while (it.hasNext()) {
                        log.debug("result: " + ((String) it.next()));
                    }
                }
                return arrayList;
            } catch (NamingException e) {
                log.debug(e);
                throw new UserStoreException(e.getMessage());
            }
        } catch (Throwable th) {
            JNDIUtil.closeNamingEnumeration(namingEnumeration);
            JNDIUtil.closeContext(dirContext);
            throw th;
        }
    }

    private String getTenantDomainFromRoleDN(String str, String str2) {
        String lowerCase = str.toLowerCase();
        String lowerCase2 = str2.toLowerCase();
        String lowerCase3 = ((String) this.realmConfig.getUserStoreProperties().get(LDAPConstants.SHARED_GROUP_SEARCH_BASE)).toLowerCase();
        if (lowerCase.indexOf(lowerCase3) <= -1) {
            return CarbonContext.getThreadLocalCarbonContext().getTenantDomain();
        }
        String replace = lowerCase.replaceAll(lowerCase3, "").replace(this.realmConfig.getUserStoreProperty("GroupNameAttribute").toLowerCase() + "=" + lowerCase2, "");
        if (replace.indexOf(",") == 0) {
            replace = replace.substring(1);
        }
        int indexOf = replace.indexOf(",");
        if (indexOf > -1 && indexOf == replace.length() - 1) {
            replace = replace.substring(0, replace.length() - 1);
        }
        String replaceAll = replace.replaceAll(this.realmConfig.getUserStoreProperty(LDAPConstants.SHARED_TENANT_NAME_ATTRIBUTE).toLowerCase() + "=", "");
        if (replaceAll == null || replaceAll.isEmpty()) {
            replaceAll = "carbon.super";
        }
        return replaceAll;
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    protected void filterSharedRoles(List<String> list, String str) {
        String lowerCase = str.toLowerCase();
        if (lowerCase != null) {
            Iterator<String> it = list.iterator();
            while (it.hasNext()) {
                if (it.next().toLowerCase().indexOf(lowerCase) > -1) {
                    it.remove();
                }
            }
        }
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public String[] doGetRoleNames(String str, int i) throws UserStoreException {
        int i2;
        int i3;
        if (i == 0) {
            return new String[0];
        }
        try {
            i2 = Integer.parseInt(this.realmConfig.getUserStoreProperty("MaxRoleNameListLength"));
        } catch (Exception e) {
            i2 = 100;
        }
        try {
            i3 = Integer.parseInt(this.realmConfig.getUserStoreProperty(UserCoreConstants.RealmConfig.PROPERTY_MAX_SEARCH_TIME));
        } catch (Exception e2) {
            i3 = 10000;
        }
        if (i < 0 || i > i2) {
            i = i2;
        }
        ArrayList arrayList = new ArrayList();
        if (this.readGroupsEnabled) {
            for (String str2 : this.realmConfig.getUserStoreProperty("GroupSearchBase").split("#")) {
                arrayList.addAll(getLDAPRoleNames(i3, str, i, this.realmConfig.getUserStoreProperty("GroupNameListFilter"), this.realmConfig.getUserStoreProperty("GroupNameAttribute"), str2, false));
            }
        }
        return (String[]) arrayList.toArray(new String[arrayList.size()]);
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    protected String[] doGetSharedRoleNames(String str, String str2, int i) throws UserStoreException {
        int i2;
        int i3;
        String str3;
        if (!isSharedGroupEnabled()) {
            return new String[0];
        }
        if (i == 0) {
            return new String[0];
        }
        try {
            i2 = Integer.parseInt(this.realmConfig.getUserStoreProperty("MaxRoleNameListLength"));
        } catch (Exception e) {
            i2 = 100;
        }
        try {
            i3 = Integer.parseInt(this.realmConfig.getUserStoreProperty(UserCoreConstants.RealmConfig.PROPERTY_MAX_SEARCH_TIME));
        } catch (Exception e2) {
            i3 = 10000;
        }
        if (i < 0 || i > i2) {
            i = i2;
        }
        if ("carbon.super".equalsIgnoreCase(str)) {
            str3 = this.realmConfig.getUserStoreProperty(LDAPConstants.SHARED_GROUP_SEARCH_BASE);
        } else {
            String userStoreProperty = this.realmConfig.getUserStoreProperty(LDAPConstants.SHARED_TENANT_NAME_ATTRIBUTE);
            if (userStoreProperty == null || userStoreProperty.trim().length() == 0) {
                userStoreProperty = "ou";
            }
            str3 = userStoreProperty + "=" + str + "," + this.realmConfig.getUserStoreProperty(LDAPConstants.SHARED_GROUP_SEARCH_BASE);
        }
        List<String> lDAPRoleNames = getLDAPRoleNames(i3, str2, i, this.realmConfig.getUserStoreProperty("GroupNameListFilter"), this.realmConfig.getUserStoreProperty("GroupNameAttribute"), str3, true);
        filterSharedRoles(lDAPRoleNames, CarbonContext.getThreadLocalCarbonContext().getTenantDomain());
        return (String[]) lDAPRoleNames.toArray(new String[lDAPRoleNames.size()]);
    }

    @Override // org.wso2.carbon.user.core.UserStoreManager
    public RealmConfiguration getRealmConfiguration() {
        return this.realmConfig;
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public String[] doGetUserListOfRole(String str, String str2) throws UserStoreException {
        return getUserListOfLDAPRole(createRoleContext(str), str2);
    }

    public String[] getUserListOfLDAPRole(RoleContext roleContext, String str) throws UserStoreException {
        int i;
        int i2;
        int i3;
        boolean isDebugEnabled = log.isDebugEnabled();
        if (isDebugEnabled) {
            log.debug("Getting user list of role: " + roleContext.getRoleName() + " with filter: " + str);
        }
        ArrayList arrayList = new ArrayList();
        String[] strArr = new String[0];
        try {
            i = Integer.parseInt(this.realmConfig.getUserStoreProperty("MaxUserNameListLength"));
        } catch (Exception e) {
            i = 100;
        }
        try {
            i2 = Integer.parseInt(this.realmConfig.getUserStoreProperty(UserCoreConstants.RealmConfig.PROPERTY_MAX_SEARCH_TIME));
        } catch (Exception e2) {
            i2 = 10000;
        }
        DirContext dirContext = null;
        NamingEnumeration namingEnumeration = null;
        try {
            try {
                SearchControls searchControls = new SearchControls();
                searchControls.setSearchScope(2);
                searchControls.setTimeLimit(i2);
                searchControls.setCountLimit(i);
                String str2 = "(&" + ((LDAPRoleContext) roleContext).getListFilter() + "(" + ((LDAPRoleContext) roleContext).getRoleNameProperty() + "=" + roleContext.getRoleName() + "))";
                String userStoreProperty = this.realmConfig.getUserStoreProperty("MembershipAttribute");
                searchControls.setReturningAttributes(new String[]{userStoreProperty});
                ArrayList<String> arrayList2 = new ArrayList();
                SearchResult searchResult = null;
                dirContext = this.connectionSource.getContext();
                if (((LDAPRoleContext) roleContext).getRoleDNPatterns().size() > 0) {
                    for (String str3 : ((LDAPRoleContext) roleContext).getRoleDNPatterns()) {
                        if (isDebugEnabled) {
                            log.debug("Using pattern: " + str3);
                        }
                        try {
                            namingEnumeration = dirContext.search(MessageFormat.format(str3.trim(), roleContext.getRoleName()), str2, searchControls);
                        } catch (NamingException e3) {
                            if (log.isDebugEnabled()) {
                                log.debug(e3);
                            }
                        }
                        if (namingEnumeration.hasMore()) {
                            searchResult = (SearchResult) namingEnumeration.next();
                            break;
                        }
                    }
                }
                if (searchResult == null) {
                    loop1: for (String str4 : ((LDAPRoleContext) roleContext).getSearchBase().split("#")) {
                        if (isDebugEnabled) {
                            log.debug("Searching role: " + roleContext.getRoleName() + " SearchBase: " + str4 + " SearchFilter: " + str2);
                        }
                        try {
                            namingEnumeration = dirContext.search(str4, str2, searchControls);
                            i3 = 0;
                        } catch (NamingException e4) {
                            if (log.isDebugEnabled()) {
                                log.debug(e4);
                            }
                        }
                        if (namingEnumeration.hasMore()) {
                            while (namingEnumeration.hasMore()) {
                                if (i3 > 0) {
                                    throw new UserStoreException("More than one group exist with name");
                                    break;
                                }
                                searchResult = (SearchResult) namingEnumeration.next();
                                i3++;
                            }
                            break loop1;
                        }
                    }
                }
                if (isDebugEnabled) {
                    log.debug("Found role: " + searchResult.getNameInNamespace());
                }
                Attributes attributes = searchResult.getAttributes();
                if (attributes != null) {
                    NamingEnumeration all = attributes.getAll();
                    while (all.hasMore()) {
                        Attribute attribute = (Attribute) all.next();
                        if (userStoreProperty == null || userStoreProperty.equals(attribute.getID())) {
                            NamingEnumeration all2 = attribute.getAll();
                            while (all2.hasMore()) {
                                String obj = all2.next().toString();
                                arrayList2.add(obj);
                                if (isDebugEnabled) {
                                    log.debug("Found attribute: " + userStoreProperty + " value: " + obj);
                                }
                            }
                        }
                    }
                }
                String userStoreProperty2 = this.realmConfig.getUserStoreProperty("UserNameAttribute");
                String userStoreProperty3 = this.realmConfig.getUserStoreProperty(LDAPConstants.DISPLAY_NAME_ATTRIBUTE);
                String[] strArr2 = {userStoreProperty2, userStoreProperty3};
                for (String str5 : arrayList2) {
                    if (isDebugEnabled) {
                        log.debug("Getting name attributes of: " + str5);
                    }
                    try {
                        Attributes attributes2 = dirContext.getAttributes(str5, strArr2);
                        String str6 = null;
                        if (attributes2 != null) {
                            Attribute attribute2 = attributes2.get(userStoreProperty2);
                            if (attribute2 != null) {
                                str6 = (String) attribute2.get();
                                if (isDebugEnabled) {
                                    log.debug("UserName: " + str6);
                                }
                            }
                            if (userStoreProperty3 != null) {
                                Attribute attribute3 = attributes2.get(userStoreProperty3);
                                r30 = attribute3 != null ? (String) attribute3.get() : null;
                                if (isDebugEnabled) {
                                    log.debug("DisplayName: " + r30);
                                }
                            }
                        }
                        String userStoreProperty4 = this.realmConfig.getUserStoreProperty("DomainName");
                        if (str6 != null) {
                            String combinedName = UserCoreUtil.getCombinedName(userStoreProperty4, str6, r30);
                            arrayList.add(combinedName);
                            if (isDebugEnabled) {
                                log.debug(combinedName + " is added to the result list");
                            }
                        } else if (log.isDebugEnabled()) {
                            log.debug("User " + str5 + " doesn't have the user name property : " + userStoreProperty2);
                        }
                    } catch (NamingException e5) {
                        if (log.isDebugEnabled()) {
                            log.debug("Error in reading user information in the user store for the user " + str5 + e5.getMessage(), e5);
                        }
                    }
                }
                strArr = (String[]) arrayList.toArray(new String[arrayList.size()]);
                JNDIUtil.closeNamingEnumeration(namingEnumeration);
                JNDIUtil.closeContext(dirContext);
            } catch (Throwable th) {
                JNDIUtil.closeNamingEnumeration(namingEnumeration);
                JNDIUtil.closeContext(dirContext);
                throw th;
            }
        } catch (PartialResultException e6) {
            if (log.isDebugEnabled()) {
                log.debug(e6.getMessage(), e6);
            }
            JNDIUtil.closeNamingEnumeration(namingEnumeration);
            JNDIUtil.closeContext(dirContext);
        } catch (NamingException e7) {
            log.debug(e7.getMessage(), e7);
            throw new UserStoreException("Error in reading user information in the user store.");
        }
        return strArr;
    }

    protected String getEffectiveSearchBase(boolean z) {
        String userStoreProperty = this.realmConfig.getUserStoreProperty(LDAPConstants.BACK_LINKS_ENABLED);
        boolean z2 = false;
        if (userStoreProperty != null && !userStoreProperty.equals("")) {
            z2 = Boolean.parseBoolean(userStoreProperty);
        }
        return z2 ? this.realmConfig.getUserStoreProperty("UserSearchBase") : z ? this.realmConfig.getUserStoreProperty(LDAPConstants.SHARED_GROUP_SEARCH_BASE) : this.realmConfig.getUserStoreProperty("GroupSearchBase");
    }

    protected String[] getLDAPRoleListOfUser(String str, String str2, String str3, boolean z) throws UserStoreException {
        String userStoreProperty;
        String userStoreProperty2;
        boolean isDebugEnabled = log.isDebugEnabled();
        List<String> arrayList = new ArrayList();
        if (this.readGroupsEnabled && !UserCoreUtil.isRegistryAnnonymousUser(str) && !UserCoreUtil.isRegistrySystemUser(str)) {
            SearchControls searchControls = new SearchControls();
            searchControls.setSearchScope(2);
            String userStoreProperty3 = this.realmConfig.getUserStoreProperty("MemberOfAttribute");
            if (userStoreProperty3 == null || userStoreProperty3.length() <= 0) {
                if (z) {
                    userStoreProperty = this.realmConfig.getUserStoreProperty("GroupNameListFilter");
                    userStoreProperty2 = this.realmConfig.getUserStoreProperty("GroupNameAttribute");
                } else {
                    userStoreProperty = this.realmConfig.getUserStoreProperty("GroupNameListFilter");
                    userStoreProperty2 = this.realmConfig.getUserStoreProperty("GroupNameAttribute");
                }
                String userStoreProperty4 = this.realmConfig.getUserStoreProperty("MembershipAttribute");
                String userStoreProperty5 = this.realmConfig.getUserStoreProperty("UserDNPattern");
                String nameInSpaceForUserName = (userStoreProperty5 == null || userStoreProperty5.contains("#")) ? getNameInSpaceForUserName(str) : MessageFormat.format(userStoreProperty5, str);
                if (userStoreProperty4 == null || userStoreProperty4.length() < 1) {
                    throw new UserStoreException("Please set member of attribute or membership attribute");
                }
                String str4 = "(&" + userStoreProperty + "(" + userStoreProperty4 + "=" + nameInSpaceForUserName + "))";
                searchControls.setReturningAttributes(new String[]{userStoreProperty2});
                if (isDebugEnabled) {
                    log.debug("Reading roles with the membershipProperty Property: " + userStoreProperty4);
                }
                arrayList = getListOfNames(str3, str4, searchControls, userStoreProperty2, false);
            } else {
                String userStoreProperty6 = this.realmConfig.getUserStoreProperty("UserNameAttribute");
                String replace = this.realmConfig.getUserStoreProperty("UserNameSearchFilter").replace("?", str);
                String userStoreProperty7 = this.realmConfig.getUserStoreProperty(LDAPConstants.LDAP_ATTRIBUTES_BINARY);
                String userStoreProperty8 = this.realmConfig.getUserStoreProperty(LDAPConstants.PRIMARY_GROUP_ID);
                String[] strArr = {userStoreProperty3};
                if (userStoreProperty7 != null && userStoreProperty8 != null) {
                    strArr = new String[]{userStoreProperty3, userStoreProperty7, userStoreProperty8};
                }
                searchControls.setReturningAttributes(strArr);
                if (isDebugEnabled) {
                    log.debug("Reading roles with the memberOfProperty Property: " + userStoreProperty3);
                }
                if (userStoreProperty7 == null || userStoreProperty8 == null) {
                    String str5 = this.userCache.get(str);
                    if (str5 != null) {
                        str3 = str5;
                    } else {
                        String userStoreProperty9 = this.realmConfig.getUserStoreProperty("UserDNPattern");
                        if (userStoreProperty9 != null && !userStoreProperty9.contains("#")) {
                            str3 = MessageFormat.format(userStoreProperty9, str);
                        }
                    }
                    arrayList = getGroupNameAttributeValuesOfGroups(getListOfNames(str3, replace, searchControls, userStoreProperty3, false));
                } else {
                    arrayList = getAttributeListOfOneElementWithPrimarGroup(str3, replace, searchControls, userStoreProperty7, userStoreProperty8, userStoreProperty6, userStoreProperty3);
                }
            }
        } else if (UserCoreUtil.isRegistryAnnonymousUser(str)) {
            arrayList.add("system/wso2.anonymous.role");
        }
        String[] strArr2 = (String[]) arrayList.toArray(new String[arrayList.size()]);
        if (strArr2 != null) {
            for (String str6 : strArr2) {
                log.debug("Found role: " + str6);
            }
        }
        return strArr2;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public String[] doGetExternalRoleListOfUser(String str, String str2) throws UserStoreException {
        return getLDAPRoleListOfUser(str, str2, getEffectiveSearchBase(false), false);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public String[] doGetSharedRoleListOfUser(String str, String str2, String str3) throws UserStoreException {
        String effectiveSearchBase = getEffectiveSearchBase(true);
        if (str2 != null && str2.trim().length() > 0 && !"carbon.super".equalsIgnoreCase(str2.trim())) {
            String userStoreProperty = this.realmConfig.getUserStoreProperty(LDAPConstants.SHARED_TENANT_NAME_ATTRIBUTE);
            if (userStoreProperty == null || userStoreProperty.trim().length() == 0) {
                userStoreProperty = "ou";
            }
            effectiveSearchBase = userStoreProperty + "=" + str2 + "," + effectiveSearchBase;
        }
        return getLDAPRoleListOfUser(str, str3, effectiveSearchBase, true);
    }

    @Override // org.wso2.carbon.user.core.UserStoreManager
    public boolean isReadOnly() throws UserStoreException {
        return true;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getNameInSpaceForUserName(String str) throws UserStoreException {
        String str2 = this.userCache.get(str);
        if (str2 != null) {
            return str2;
        }
        String replace = this.realmConfig.getUserStoreProperty("UserNameSearchFilter").replace("?", str);
        String userStoreProperty = this.realmConfig.getUserStoreProperty("UserDNPattern");
        if (userStoreProperty != null && userStoreProperty.trim().length() > 0) {
            for (String str3 : userStoreProperty.split("#")) {
                String nameInSpaceForUserName = getNameInSpaceForUserName(str, MessageFormat.format(str3, str), replace);
                if (nameInSpaceForUserName != null) {
                    return nameInSpaceForUserName;
                }
            }
        }
        return getNameInSpaceForUserName(str, this.realmConfig.getUserStoreProperty("UserSearchBase"), replace);
    }

    /* JADX WARN: Finally extract failed */
    protected String getNameInSpaceForUserName(String str, String str2, String str3) throws UserStoreException {
        SearchResult searchResult;
        boolean isDebugEnabled = log.isDebugEnabled();
        String str4 = this.userCache.get(str);
        if (str4 != null) {
            return str4;
        }
        DirContext context = this.connectionSource.getContext();
        NamingEnumeration namingEnumeration = null;
        try {
            try {
                SearchControls searchControls = new SearchControls();
                searchControls.setSearchScope(2);
                if (log.isDebugEnabled()) {
                    try {
                        log.debug("Searching for user with SearchFilter: " + str3 + " in SearchBase: " + context.getNameInNamespace());
                    } catch (NamingException e) {
                        log.debug("Error while getting DN of search base", e);
                    }
                }
                String[] split = str2.split("#");
                int length = split.length;
                int i = 0;
                while (true) {
                    if (i >= length) {
                        break;
                    }
                    namingEnumeration = context.search(split[i], str3, searchControls);
                    if (namingEnumeration.hasMore() && (searchResult = (SearchResult) namingEnumeration.next()) != null) {
                        str4 = searchResult.getNameInNamespace();
                        break;
                    }
                    i++;
                }
                if (str4 != null) {
                    this.userCache.put(str, str4);
                }
                if (isDebugEnabled) {
                    log.debug("Name in space for " + str + " is " + str4);
                }
                JNDIUtil.closeNamingEnumeration(namingEnumeration);
                JNDIUtil.closeContext(context);
            } catch (Exception e2) {
                log.debug(e2.getMessage(), e2);
                JNDIUtil.closeNamingEnumeration(namingEnumeration);
                JNDIUtil.closeContext(context);
            }
            return str4;
        } catch (Throwable th) {
            JNDIUtil.closeNamingEnumeration(namingEnumeration);
            JNDIUtil.closeContext(context);
            throw th;
        }
    }

    private List<String> parseSearchResult(SearchResult searchResult, String str) {
        ArrayList arrayList = new ArrayList();
        Attributes attributes = searchResult.getAttributes();
        if (attributes != null) {
            try {
                NamingEnumeration all = attributes.getAll();
                while (all.hasMore()) {
                    Attribute attribute = (Attribute) all.next();
                    if (str == null || str.equals(attribute.getID())) {
                        NamingEnumeration all2 = attribute.getAll();
                        while (all2.hasMore()) {
                            String obj = all2.next().toString();
                            int indexOf = obj.indexOf("=") + 1;
                            int indexOf2 = obj.indexOf(",");
                            if (indexOf > -1 && indexOf2 > -1) {
                                obj = obj.substring(indexOf, indexOf2);
                            }
                            arrayList.add(obj);
                        }
                        JNDIUtil.closeNamingEnumeration(all2);
                    }
                }
                JNDIUtil.closeNamingEnumeration(all);
            } catch (NamingException e) {
                log.debug(e.getMessage(), e);
            }
        }
        return arrayList;
    }

    private List<String> getAttributeListOfOneElementWithPrimarGroup(String str, String str2, SearchControls searchControls, String str3, String str4, String str5, String str6) throws UserStoreException {
        boolean isDebugEnabled = log.isDebugEnabled();
        List<String> arrayList = new ArrayList();
        DirContext dirContext = null;
        NamingEnumeration namingEnumeration = null;
        if (isDebugEnabled) {
            log.debug("GetAttributeListOfOneElementWithPrimarGroup. SearchBase: " + str + " SearchFilter: " + str2);
        }
        try {
            try {
                try {
                    dirContext = this.connectionSource.getContext();
                    namingEnumeration = dirContext.search(str, str2, searchControls);
                    int i = 0;
                    while (namingEnumeration.hasMore()) {
                        if (i > 0) {
                            log.error("More than one user exist with name");
                            throw new UserStoreException("More than one user exist with name");
                        }
                        SearchResult searchResult = (SearchResult) namingEnumeration.next();
                        i++;
                        arrayList = parseSearchResult(searchResult, str6);
                        String findGroupBySID = LDAPUtil.findGroupBySID(dirContext, str, LDAPUtil.getPrimaryGroupSID(searchResult, str3, str4), str5);
                        if (findGroupBySID != null) {
                            arrayList.add(findGroupBySID);
                        }
                    }
                    JNDIUtil.closeNamingEnumeration(namingEnumeration);
                    JNDIUtil.closeContext(dirContext);
                } catch (NamingException e) {
                    log.debug(e.getMessage(), e);
                    throw new UserStoreException(e.getMessage());
                }
            } catch (PartialResultException e2) {
                if (log.isDebugEnabled()) {
                    log.debug("LDAP", e2);
                }
                JNDIUtil.closeNamingEnumeration(namingEnumeration);
                JNDIUtil.closeContext(dirContext);
            }
            if (isDebugEnabled) {
                log.debug("GetAttributeListOfOneElementWithPrimarGroup. SearchBase: " + str + " SearchFilter: " + str2);
                Iterator<String> it = arrayList.iterator();
                while (it.hasNext()) {
                    log.debug("result: " + it.next());
                }
            }
            return arrayList;
        } catch (Throwable th) {
            JNDIUtil.closeNamingEnumeration(namingEnumeration);
            JNDIUtil.closeContext(dirContext);
            throw th;
        }
    }

    protected List<String> getAttributeListOfOneElement(String str, String str2, SearchControls searchControls) throws UserStoreException {
        int i;
        List<String> arrayList = new ArrayList();
        DirContext dirContext = null;
        NamingEnumeration namingEnumeration = null;
        try {
            dirContext = this.connectionSource.getContext();
            loop0: for (String str3 : str.split("#")) {
                try {
                    namingEnumeration = dirContext.search(str3, str2, searchControls);
                    i = 0;
                } catch (NamingException e) {
                    if (log.isDebugEnabled()) {
                        log.debug(e);
                    }
                }
                if (namingEnumeration.hasMore()) {
                    while (namingEnumeration.hasMore()) {
                        if (i > 0) {
                            log.error("More than one user exist with name");
                            throw new UserStoreException("More than one user exist with name");
                            break;
                        }
                        i++;
                        arrayList = parseSearchResult((SearchResult) namingEnumeration.next(), null);
                    }
                    break loop0;
                }
            }
            JNDIUtil.closeNamingEnumeration(namingEnumeration);
            JNDIUtil.closeContext(dirContext);
            return arrayList;
        } catch (Throwable th) {
            JNDIUtil.closeNamingEnumeration(namingEnumeration);
            JNDIUtil.closeContext(dirContext);
            throw th;
        }
    }

    private List<String> getListOfNames(String str, String str2, SearchControls searchControls, String str3, boolean z) throws UserStoreException {
        Attribute attribute;
        boolean isDebugEnabled = log.isDebugEnabled();
        ArrayList arrayList = new ArrayList();
        DirContext dirContext = null;
        NamingEnumeration namingEnumeration = null;
        if (isDebugEnabled) {
            log.debug("Result for searchBase: " + str + " searchFilter: " + str2 + " property:" + str3 + " appendDN: " + z);
        }
        try {
            dirContext = this.connectionSource.getContext();
            for (String str4 : str.split("#")) {
                try {
                    namingEnumeration = dirContext.search(str4, str2, searchControls);
                    String userStoreProperty = getRealmConfiguration().getUserStoreProperty("DomainName");
                    while (namingEnumeration.hasMoreElements()) {
                        SearchResult searchResult = (SearchResult) namingEnumeration.next();
                        if (searchResult.getAttributes() != null && (attribute = searchResult.getAttributes().get(str3)) != null) {
                            NamingEnumeration all = attribute.getAll();
                            while (all.hasMoreElements()) {
                                String str5 = (String) all.nextElement();
                                if (isDebugEnabled) {
                                    log.debug("Found user: " + str5);
                                }
                                userStoreProperty = UserCoreUtil.addDomainToName(str5, userStoreProperty);
                                arrayList.add(str5);
                            }
                        }
                    }
                } catch (NamingException e) {
                    if (log.isDebugEnabled()) {
                        log.debug(e);
                    }
                }
                if (isDebugEnabled) {
                    Iterator it = arrayList.iterator();
                    while (it.hasNext()) {
                        log.debug("Result  :  " + ((String) it.next()));
                    }
                }
            }
            JNDIUtil.closeNamingEnumeration(namingEnumeration);
            JNDIUtil.closeContext(dirContext);
            return arrayList;
        } catch (Throwable th) {
            JNDIUtil.closeNamingEnumeration(namingEnumeration);
            JNDIUtil.closeContext(dirContext);
            throw th;
        }
    }

    public Map<String, String> getProperties(Tenant tenant) throws org.wso2.carbon.user.api.UserStoreException {
        return getProperties((org.wso2.carbon.user.core.tenant.Tenant) tenant);
    }

    @Override // org.wso2.carbon.user.core.UserStoreManager
    public int getTenantId() throws UserStoreException {
        return this.tenantId;
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public String[] getUserListFromProperties(String str, String str2, String str3) throws UserStoreException {
        Attribute attribute;
        boolean isDebugEnabled = log.isDebugEnabled();
        ArrayList arrayList = new ArrayList();
        String userStoreProperty = this.realmConfig.getUserStoreProperty("UserNameListFilter");
        String userStoreProperty2 = this.realmConfig.getUserStoreProperty("UserNameAttribute");
        String str4 = "(&" + userStoreProperty + "(" + str + "=" + str2 + "))";
        DirContext context = this.connectionSource.getContext();
        NamingEnumeration<SearchResult> namingEnumeration = null;
        NamingEnumeration namingEnumeration2 = null;
        if (isDebugEnabled) {
            log.debug("Listing users with Property: " + str + " SearchFilter: " + str4);
        }
        try {
            try {
                namingEnumeration = searchForUser(str4, new String[]{userStoreProperty2}, context);
                while (namingEnumeration.hasMoreElements()) {
                    Attributes attributes = ((SearchResult) namingEnumeration.next()).getAttributes();
                    if (attributes != null && (attribute = attributes.get(userStoreProperty2)) != null) {
                        StringBuffer stringBuffer = new StringBuffer();
                        namingEnumeration2 = attribute.getAll();
                        while (namingEnumeration2.hasMore()) {
                            String str5 = (String) namingEnumeration2.next();
                            if (str5 != null && str5.trim().length() > 0) {
                                stringBuffer.append(str5 + ",");
                                if (isDebugEnabled) {
                                    log.debug(userStoreProperty2 + " : " + str5);
                                }
                            }
                        }
                        String stringBuffer2 = stringBuffer.toString();
                        if (stringBuffer2 != null && stringBuffer2.trim().length() > 1) {
                            arrayList.add(stringBuffer2.substring(0, stringBuffer2.length() - 1));
                        }
                    }
                }
                JNDIUtil.closeNamingEnumeration(namingEnumeration2);
                JNDIUtil.closeNamingEnumeration(namingEnumeration);
                JNDIUtil.closeContext(context);
                if (isDebugEnabled) {
                    for (String str6 : (String[]) arrayList.toArray(new String[arrayList.size()])) {
                        log.debug("result: " + str6);
                    }
                }
                return (String[]) arrayList.toArray(new String[arrayList.size()]);
            } catch (NamingException e) {
                log.debug(e.getMessage(), e);
                throw new UserStoreException(e.getMessage());
            }
        } catch (Throwable th) {
            JNDIUtil.closeNamingEnumeration(namingEnumeration2);
            JNDIUtil.closeNamingEnumeration(namingEnumeration);
            JNDIUtil.closeContext(context);
            throw th;
        }
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public boolean doCheckIsUserInRole(String str, String str2) throws UserStoreException {
        List<String> attributeListOfOneElement;
        boolean isDebugEnabled = log.isDebugEnabled();
        SearchControls searchControls = new SearchControls();
        searchControls.setSearchScope(2);
        LDAPRoleContext lDAPRoleContext = (LDAPRoleContext) createRoleContext(str2);
        String effectiveSearchBase = getEffectiveSearchBase(lDAPRoleContext.isShared());
        String userStoreProperty = this.realmConfig.getUserStoreProperty("MemberOfAttribute");
        if (userStoreProperty != null && userStoreProperty.length() > 0) {
            String userStoreProperty2 = this.realmConfig.getUserStoreProperty("UserNameAttribute");
            String replace = this.realmConfig.getUserStoreProperty("UserNameSearchFilter").replace("?", str);
            String userStoreProperty3 = this.realmConfig.getUserStoreProperty(LDAPConstants.LDAP_ATTRIBUTES_BINARY);
            String userStoreProperty4 = this.realmConfig.getUserStoreProperty(LDAPConstants.PRIMARY_GROUP_ID);
            String[] strArr = {userStoreProperty};
            if (userStoreProperty3 != null && userStoreProperty4 != null) {
                strArr = new String[]{userStoreProperty, userStoreProperty3, userStoreProperty4};
            }
            searchControls.setReturningAttributes(strArr);
            if (isDebugEnabled) {
                log.debug("Do check whether the user: " + str + " is in role: " + str2);
                log.debug("Search filter: " + replace);
                for (String str3 : strArr) {
                    log.debug("Requesting attribute: " + str3);
                }
            }
            if (userStoreProperty3 == null || userStoreProperty4 == null) {
                String str4 = this.userCache.get(str);
                if (str4 != null) {
                    effectiveSearchBase = str4;
                } else {
                    String userStoreProperty5 = this.realmConfig.getUserStoreProperty("UserDNPattern");
                    if (userStoreProperty5 != null && !userStoreProperty5.contains("#")) {
                        effectiveSearchBase = MessageFormat.format(userStoreProperty5, str);
                    }
                }
                getListOfNames(effectiveSearchBase, replace, searchControls, userStoreProperty, false);
                attributeListOfOneElement = getAttributeListOfOneElement(effectiveSearchBase, replace, searchControls);
            } else {
                attributeListOfOneElement = getAttributeListOfOneElementWithPrimarGroup(effectiveSearchBase, replace, searchControls, userStoreProperty3, userStoreProperty4, userStoreProperty2, userStoreProperty);
            }
            if (isDebugEnabled) {
                if (attributeListOfOneElement != null) {
                    boolean z = false;
                    for (String str5 : attributeListOfOneElement) {
                        log.debug("Result: " + str5);
                        if (str5.equalsIgnoreCase(str2)) {
                            z = true;
                        }
                    }
                    log.debug("Is user: " + str + " in role: " + str2 + " ? " + z);
                } else {
                    log.debug("No results found !");
                }
            }
            if (attributeListOfOneElement == null) {
                return false;
            }
            addAllRolesToUserRolesCache(str, attributeListOfOneElement);
            Iterator<String> it = attributeListOfOneElement.iterator();
            while (it.hasNext()) {
                if (it.next().equalsIgnoreCase(str2)) {
                    return true;
                }
            }
            return false;
        }
        String userStoreProperty6 = this.realmConfig.getUserStoreProperty("GroupNameListFilter");
        String userStoreProperty7 = this.realmConfig.getUserStoreProperty("MembershipAttribute");
        if (userStoreProperty7 == null || userStoreProperty7.length() < 1) {
            throw new UserStoreException("Please set member of attribute or membership attribute");
        }
        String userStoreProperty8 = this.realmConfig.getUserStoreProperty("GroupNameAttribute");
        String userStoreProperty9 = this.realmConfig.getUserStoreProperty("UserDNPattern");
        String nameInSpaceForUserName = (userStoreProperty9 == null || userStoreProperty9.contains("#")) ? getNameInSpaceForUserName(str) : MessageFormat.format(userStoreProperty9, str);
        String str6 = "(&" + userStoreProperty6 + "(" + userStoreProperty7 + "=" + nameInSpaceForUserName + "))";
        String[] strArr2 = {userStoreProperty8};
        searchControls.setReturningAttributes(strArr2);
        if (isDebugEnabled) {
            log.debug("Do check whether the user : " + str + " is in role: " + str2);
            log.debug("Search filter : " + str6);
            for (String str7 : strArr2) {
                log.debug("Requesting attribute: " + str7);
            }
        }
        NamingEnumeration namingEnumeration = null;
        try {
            try {
                DirContext context = this.connectionSource.getContext();
                if (lDAPRoleContext.getRoleDNPatterns().size() > 0) {
                    for (String str8 : lDAPRoleContext.getRoleDNPatterns()) {
                        if (isDebugEnabled) {
                            log.debug("Using pattern: " + str8);
                        }
                        try {
                            namingEnumeration = context.search(MessageFormat.format(str8.trim(), str2), str6, searchControls);
                        } catch (NamingException e) {
                            if (log.isDebugEnabled()) {
                                log.debug(e);
                            }
                        }
                        if (namingEnumeration != null && namingEnumeration.hasMoreElements()) {
                            if (isDebugEnabled) {
                                log.debug("User: " + str + " in role: " + str2);
                            }
                            JNDIUtil.closeNamingEnumeration(namingEnumeration);
                            JNDIUtil.closeContext(context);
                            return true;
                        }
                        if (isDebugEnabled) {
                            log.debug("User: " + str + " NOT in role: " + str2);
                        }
                    }
                } else {
                    if (isDebugEnabled) {
                        log.debug("Do check whether the user: " + str + " is in role: " + str2);
                        log.debug("Search filter: " + str6);
                        for (String str9 : strArr2) {
                            log.debug("Requesting attribute: " + str9);
                        }
                    }
                    String str10 = "(&" + str6 + "(" + userStoreProperty7 + "=" + nameInSpaceForUserName + ") (" + userStoreProperty8 + "=" + str2 + "))";
                    for (String str11 : effectiveSearchBase.split("#")) {
                        namingEnumeration = context.search(str11, str10, searchControls);
                        if (namingEnumeration.hasMoreElements()) {
                            if (isDebugEnabled) {
                                log.debug("User: " + str + " in role: " + str2);
                            }
                            JNDIUtil.closeNamingEnumeration(namingEnumeration);
                            JNDIUtil.closeContext(context);
                            return true;
                        }
                        if (isDebugEnabled) {
                            log.debug("User: " + str + " NOT in role: " + str2);
                        }
                    }
                }
                JNDIUtil.closeNamingEnumeration(namingEnumeration);
                JNDIUtil.closeContext(context);
                return false;
            } catch (NamingException e2) {
                if (log.isDebugEnabled()) {
                    log.debug(e2.getMessage(), e2);
                }
                JNDIUtil.closeNamingEnumeration(null);
                JNDIUtil.closeContext(null);
                return false;
            }
        } catch (Throwable th) {
            JNDIUtil.closeNamingEnumeration(null);
            JNDIUtil.closeContext(null);
            throw th;
        }
    }

    private void addAllRolesToUserRolesCache(String str, List<String> list) throws UserStoreException {
        addToUserRolesCache(getTenantId(), str, UserCoreUtil.combineArrays((String[]) list.toArray(new String[list.size()]), doGetInternalRoleListOfUser(str, "*")));
    }

    @Override // org.wso2.carbon.user.core.UserStoreManager
    public Date getPasswordExpirationTime(String str) throws UserStoreException {
        return null;
    }

    @Override // org.wso2.carbon.user.core.UserStoreManager
    public int getTenantId(String str) throws UserStoreException {
        throw new UserStoreException("Invalid operation");
    }

    @Override // org.wso2.carbon.user.core.UserStoreManager
    public int getUserId(String str) throws UserStoreException {
        throw new UserStoreException("Invalid operation");
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public void doDeleteUserClaimValue(String str, String str2, String str3) throws UserStoreException {
        throw new UserStoreException("User store is operating in read only mode. Cannot write into the user store.");
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public void doDeleteUserClaimValues(String str, String[] strArr, String str2) throws UserStoreException {
        throw new UserStoreException("User store is operating in read only mode. Cannot write into the user store.");
    }

    public void doAddUser(String str, Object obj, String[] strArr, Map<String, String> map, String str2) throws UserStoreException {
        throw new UserStoreException("User store is operating in read only mode. Cannot write into the user store.");
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public void doAddUser(String str, Object obj, String[] strArr, Map<String, String> map, String str2, boolean z) throws UserStoreException {
        throw new UserStoreException("User store is operating in read only mode. Cannot write into the user store.");
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public void doDeleteUser(String str) throws UserStoreException {
        throw new UserStoreException("User store is operating in read only mode. Cannot write into the user store.");
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public void doSetUserClaimValue(String str, String str2, String str3, String str4) throws UserStoreException {
        throw new UserStoreException("User store is operating in read only mode. Cannot write into the user store.");
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public void doSetUserClaimValues(String str, Map<String, String> map, String str2) throws UserStoreException {
        throw new UserStoreException("User store is operating in read only mode. Cannot write into the user store.");
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public void doUpdateCredential(String str, Object obj, Object obj2) throws UserStoreException {
        throw new UserStoreException("User store is operating in read only mode. Cannot write into the user store.");
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public void doUpdateCredentialByAdmin(String str, Object obj) throws UserStoreException {
        throw new UserStoreException("User store is operating in read only mode. Cannot write into the user store.");
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public void doUpdateRoleListOfUser(String str, String[] strArr, String[] strArr2) throws UserStoreException {
        throw new UserStoreException("User store is operating in read only mode. Cannot write into the user store.");
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public void doUpdateUserListOfRole(String str, String[] strArr, String[] strArr2) throws UserStoreException {
        throw new UserStoreException("User store is operating in read only mode. Cannot write into the user store.");
    }

    @Override // org.wso2.carbon.user.core.UserStoreManager
    public Map<String, String> getProperties(org.wso2.carbon.user.core.tenant.Tenant tenant) throws UserStoreException {
        return this.realmConfig.getUserStoreProperties();
    }

    public void addRememberMe(String str, String str2) throws org.wso2.carbon.user.api.UserStoreException {
        new JDBCUserStoreManager(this.dataSource, this.realmConfig, this.realmConfig.getTenantId(), false).addRememberMe(str, str2);
    }

    public boolean isValidRememberMeToken(String str, String str2) throws org.wso2.carbon.user.api.UserStoreException {
        try {
            if (isExistingUser(str)) {
                return new JDBCUserStoreManager(this.dataSource, this.realmConfig, this.realmConfig.getTenantId(), false).isExistingRememberMeToken(str, str2);
            }
            return false;
        } catch (Exception e) {
            log.error("Validating remember me token failed for" + str);
            return false;
        }
    }

    private List<String> getGroupNameAttributeValuesOfGroups(List<String> list) throws UserStoreException {
        Attribute attribute;
        log.debug("GetGroupNameAttributeValuesOfGroups with DN");
        boolean isDebugEnabled = log.isDebugEnabled();
        String userStoreProperty = this.realmConfig.getUserStoreProperty("GroupNameAttribute");
        String[] strArr = {userStoreProperty};
        ArrayList arrayList = new ArrayList();
        try {
            DirContext context = this.connectionSource.getContext();
            for (String str : list) {
                if (isDebugEnabled) {
                    log.debug("Using DN: " + str);
                }
                Attributes attributes = context.getAttributes(str, strArr);
                if (attributes != null && (attribute = attributes.get(userStoreProperty)) != null) {
                    String str2 = (String) attribute.get();
                    if (isDebugEnabled) {
                        log.debug(userStoreProperty + " : " + str2);
                    }
                    arrayList.add(str2);
                }
            }
            return arrayList;
        } catch (NamingException e) {
            log.debug("LDAPError", e);
            throw new UserStoreException("Error in getting group name attribute values of groups");
        } catch (UserStoreException e2) {
            log.debug("LDAPError", e2);
            throw new UserStoreException("Error in getting group name attribute values of groups");
        }
    }

    public Properties getDefaultUserStoreProperties() {
        Properties properties = new Properties();
        properties.setMandatoryProperties((Property[]) ReadOnlyLDAPUserStoreConstants.ROLDAP_USERSTORE_PROPERTIES.toArray(new Property[ReadOnlyLDAPUserStoreConstants.ROLDAP_USERSTORE_PROPERTIES.size()]));
        properties.setOptionalProperties((Property[]) ReadOnlyLDAPUserStoreConstants.OPTIONAL_ROLDAP_USERSTORE_PROPERTIES.toArray(new Property[ReadOnlyLDAPUserStoreConstants.OPTIONAL_ROLDAP_USERSTORE_PROPERTIES.size()]));
        return properties;
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public boolean isSharedRole(String str, String str2) {
        return super.isSharedRole(str, str2) && str2 != null && str2.contains((String) this.realmConfig.getUserStoreProperties().get(LDAPConstants.SHARED_GROUP_SEARCH_BASE));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public boolean isOwnRole(String str) {
        String[] split = str.split(UserCoreConstants.TENANT_DOMAIN_COMBINER);
        return split.length > 1 ? CarbonContext.getThreadLocalCarbonContext().getTenantDomain().equalsIgnoreCase(split[1]) : super.isOwnRole(str);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public RoleContext createRoleContext(String str) {
        LDAPRoleContext lDAPRoleContext = new LDAPRoleContext();
        String[] split = str.split(UserCoreConstants.TENANT_DOMAIN_COMBINER);
        if (split.length > 1 && (split[1] == null || split[1].equals("null"))) {
            split = new String[]{split[0]};
        }
        boolean z = false;
        if (split.length == 1) {
            lDAPRoleContext.setSearchBase(this.realmConfig.getUserStoreProperty("GroupSearchBase"));
            lDAPRoleContext.setTenantDomain(CarbonContext.getThreadLocalCarbonContext().getTenantDomain());
        } else if (split.length > 1) {
            split[1].toLowerCase();
            lDAPRoleContext.setTenantDomain(split[1]);
            String userStoreProperty = this.realmConfig.getUserStoreProperty(LDAPConstants.SHARED_GROUP_SEARCH_BASE);
            if (!split[1].equalsIgnoreCase("carbon.super")) {
                userStoreProperty = this.realmConfig.getUserStoreProperty(LDAPConstants.SHARED_TENANT_NAME_ATTRIBUTE) + "=" + split[1] + "," + userStoreProperty;
            }
            String str2 = this.realmConfig.getUserStoreProperty("GroupNameAttribute") + "={0}," + userStoreProperty;
            lDAPRoleContext.setSearchBase(userStoreProperty);
            lDAPRoleContext.addRoleDNPatterns(str2);
            z = true;
        }
        if (z) {
            lDAPRoleContext.setSearchFilter(this.realmConfig.getUserStoreProperty("GroupNameSearchFilter"));
            lDAPRoleContext.setRoleNameProperty(this.realmConfig.getUserStoreProperty("GroupNameAttribute"));
            lDAPRoleContext.setListFilter(this.realmConfig.getUserStoreProperty("GroupNameListFilter"));
            lDAPRoleContext.setGroupEntryObjectClass(this.realmConfig.getUserStoreProperty("GroupEntryObjectClass"));
        } else {
            lDAPRoleContext.setSearchFilter(this.realmConfig.getUserStoreProperty("GroupNameSearchFilter"));
            lDAPRoleContext.setRoleNameProperty(this.realmConfig.getUserStoreProperty("GroupNameAttribute"));
            lDAPRoleContext.setListFilter(this.realmConfig.getUserStoreProperty("GroupNameListFilter"));
            lDAPRoleContext.setGroupEntryObjectClass(this.realmConfig.getUserStoreProperty("GroupEntryObjectClass"));
            String userStoreProperty2 = this.realmConfig.getUserStoreProperty(LDAPConstants.ROLE_DN_PATTERN);
            if (userStoreProperty2 != null && userStoreProperty2.trim().length() > 0) {
                if (userStoreProperty2.contains("#")) {
                    for (String str3 : userStoreProperty2.split("#")) {
                        lDAPRoleContext.addRoleDNPatterns(str3);
                    }
                } else {
                    lDAPRoleContext.addRoleDNPatterns(userStoreProperty2);
                }
            }
        }
        lDAPRoleContext.setRoleName(split[0]);
        lDAPRoleContext.setShared(z);
        return lDAPRoleContext;
    }
}
