package org.graylog2.security.ldap;

import com.google.common.util.concurrent.SimpleTimeLimiter;
import com.google.common.util.concurrent.UncheckedTimeoutException;
import java.text.MessageFormat;
import java.util.Iterator;
import java.util.concurrent.Callable;
import java.util.concurrent.Executors;
import java.util.concurrent.TimeUnit;
import org.apache.directory.api.ldap.model.cursor.CursorException;
import org.apache.directory.api.ldap.model.entry.Attribute;
import org.apache.directory.api.ldap.model.entry.Entry;
import org.apache.directory.api.ldap.model.exception.LdapException;
import org.apache.directory.api.ldap.model.message.BindRequestImpl;
import org.apache.directory.api.ldap.model.message.BindResponse;
import org.apache.directory.api.ldap.model.message.ResultCodeEnum;
import org.apache.directory.api.ldap.model.message.SearchScope;
import org.apache.directory.ldap.client.api.LdapConnectionConfig;
import org.apache.directory.ldap.client.api.LdapNetworkConnection;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/graylog2/security/ldap/LdapConnector.class */
public class LdapConnector {
    private static final Logger LOG = LoggerFactory.getLogger(LdapConnector.class);
    private final int connectionTimeout;

    public LdapConnector(int i) {
        this.connectionTimeout = i;
    }

    public LdapNetworkConnection connect(LdapConnectionConfig ldapConnectionConfig) throws LdapException {
        final LdapNetworkConnection ldapNetworkConnection = new LdapNetworkConnection(ldapConnectionConfig);
        ldapNetworkConnection.setTimeOut(this.connectionTimeout);
        if (LOG.isTraceEnabled()) {
            LOG.trace("Connecting to LDAP server {}:{}, binding with user {}", ldapConnectionConfig.getLdapHost(), Integer.valueOf(ldapConnectionConfig.getLdapPort()), ldapConnectionConfig.getName());
        }
        try {
            if (!((Boolean) ((Callable) new SimpleTimeLimiter(Executors.newSingleThreadExecutor()).newProxy(new Callable<Boolean>() { // from class: org.graylog2.security.ldap.LdapConnector.1
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // java.util.concurrent.Callable
                public Boolean call() throws Exception {
                    return Boolean.valueOf(ldapNetworkConnection.connect());
                }
            }, Callable.class, this.connectionTimeout, TimeUnit.MILLISECONDS)).call()).booleanValue()) {
                return null;
            }
            ldapNetworkConnection.bind();
            return ldapNetworkConnection;
        } catch (UncheckedTimeoutException e) {
            LOG.error("Timed out connecting to LDAP server", (Throwable) e);
            throw new LdapException("Could not connect to LDAP server", e.getCause());
        } catch (LdapException e2) {
            throw e2;
        } catch (Exception e3) {
            throw new LdapException("Unexpected error connecting to LDAP", e3);
        }
    }

    public LdapEntry search(LdapNetworkConnection ldapNetworkConnection, String str, String str2, String str3, boolean z) throws LdapException, CursorException {
        LdapEntry ldapEntry = new LdapEntry();
        String format = MessageFormat.format(str2, str3);
        if (LOG.isTraceEnabled()) {
            Logger logger = LOG;
            Object[] objArr = new Object[3];
            objArr[0] = z ? "ActiveDirectory" : "LDAP";
            objArr[1] = format;
            objArr[2] = str;
            logger.trace("Search {} for {}, starting at {}", objArr);
        }
        Iterator it = ldapNetworkConnection.search(str, format, SearchScope.SUBTREE, "*").iterator();
        if (!it.hasNext()) {
            LOG.trace("No LDAP entry found for filter {}", format);
            return null;
        }
        Entry entry = (Entry) it.next();
        if (!z) {
            ldapEntry.setDn(entry.getDn().getName());
        }
        for (Attribute attribute : entry.getAttributes()) {
            if (z && attribute.getId().equalsIgnoreCase("userPrincipalName")) {
                ldapEntry.setDn(attribute.getString());
            }
            if (attribute.isHumanReadable()) {
                ldapEntry.put(attribute.getId(), attribute.getString());
            }
        }
        LOG.trace("LDAP search found entry for DN {} with search filter {}", ldapEntry.getDn(), format);
        return ldapEntry;
    }

    public boolean authenticate(LdapNetworkConnection ldapNetworkConnection, String str, String str2) throws LdapException {
        BindRequestImpl bindRequestImpl = new BindRequestImpl();
        bindRequestImpl.setName(str);
        bindRequestImpl.setCredentials(str2);
        LOG.trace("Re-binding with DN {} using password", str);
        BindResponse bind = ldapNetworkConnection.bind(bindRequestImpl);
        if (bind.getLdapResult().getResultCode().equals(ResultCodeEnum.SUCCESS)) {
            LOG.trace("Binding DN {} did not throw, connection authenticated: {}", str, Boolean.valueOf(ldapNetworkConnection.isAuthenticated()));
            return ldapNetworkConnection.isAuthenticated();
        }
        LOG.trace("Re-binding DN {} failed", str);
        throw new RuntimeException(bind.toString());
    }
}
