package org.ldaptive.auth;

import java.util.Arrays;
import java.util.Iterator;
import org.ldaptive.DerefAliases;
import org.ldaptive.LdapEntry;
import org.ldaptive.LdapException;
import org.ldaptive.SearchFilter;
import org.ldaptive.SearchRequest;
import org.ldaptive.SearchResult;
import org.ldaptive.SearchScope;
import org.ldaptive.handler.SearchEntryHandler;
import org.ldaptive.referral.ReferralHandler;

/* loaded from: input_file:org/ldaptive/auth/AbstractSearchEntryResolver.class */
public abstract class AbstractSearchEntryResolver extends AbstractSearchOperationFactory implements EntryResolver {
    private String baseDn = "";
    private String userFilter;
    private Object[] userFilterParameters;
    private boolean allowMultipleEntries;
    private boolean subtreeSearch;
    private DerefAliases derefAliases;
    private ReferralHandler referralHandler;
    private SearchEntryHandler[] entryHandlers;

    public String getBaseDn() {
        return this.baseDn;
    }

    public void setBaseDn(String str) {
        this.logger.trace("setting baseDn: {}", str);
        this.baseDn = str;
    }

    public String getUserFilter() {
        return this.userFilter;
    }

    public void setUserFilter(String str) {
        this.logger.trace("setting userFilter: {}", str);
        this.userFilter = str;
    }

    public Object[] getUserFilterParameters() {
        return this.userFilterParameters;
    }

    public void setUserFilterParameters(Object[] objArr) {
        this.logger.trace("setting userFilterParameters: {}", Arrays.toString(objArr));
        this.userFilterParameters = objArr;
    }

    public boolean getAllowMultipleEntries() {
        return this.allowMultipleEntries;
    }

    public void setAllowMultipleEntries(boolean z) {
        this.logger.trace("setting allowMultipleEntries: {}", Boolean.valueOf(z));
        this.allowMultipleEntries = z;
    }

    public boolean getSubtreeSearch() {
        return this.subtreeSearch;
    }

    public void setSubtreeSearch(boolean z) {
        this.logger.trace("setting subtreeSearch: {}", Boolean.valueOf(z));
        this.subtreeSearch = z;
    }

    public DerefAliases getDerefAliases() {
        return this.derefAliases;
    }

    public void setDerefAliases(DerefAliases derefAliases) {
        this.logger.trace("setting derefAliases: {}", derefAliases);
        this.derefAliases = derefAliases;
    }

    public ReferralHandler getReferralHandler() {
        return this.referralHandler;
    }

    public void setReferralHandler(ReferralHandler referralHandler) {
        this.logger.trace("setting referralHandler: {}", referralHandler);
        this.referralHandler = referralHandler;
    }

    public SearchEntryHandler[] getSearchEntryHandlers() {
        return this.entryHandlers;
    }

    public void setSearchEntryHandlers(SearchEntryHandler... searchEntryHandlerArr) {
        this.entryHandlers = searchEntryHandlerArr;
    }

    protected abstract SearchResult performLdapSearch(AuthenticationCriteria authenticationCriteria, AuthenticationHandlerResponse authenticationHandlerResponse) throws LdapException;

    protected SearchFilter createSearchFilter(AuthenticationCriteria authenticationCriteria) {
        SearchFilter searchFilter = new SearchFilter();
        if (this.userFilter != null) {
            this.logger.debug("searching for entry using userFilter");
            searchFilter.setFilter(this.userFilter);
            if (this.userFilterParameters != null) {
                searchFilter.setParameters(this.userFilterParameters);
            }
            searchFilter.setParameter("user", authenticationCriteria.getAuthenticationRequest().getUser().getIdentifier());
            searchFilter.setParameter("context", authenticationCriteria.getAuthenticationRequest().getUser().getContext());
            searchFilter.setParameter("dn", authenticationCriteria.getDn());
        } else {
            this.logger.error("Invalid userFilter, cannot be null or empty.");
        }
        return searchFilter;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public SearchRequest createSearchRequest(AuthenticationCriteria authenticationCriteria) {
        SearchRequest newObjectScopeSearchRequest;
        if (this.userFilter != null) {
            newObjectScopeSearchRequest = new SearchRequest(this.baseDn, createSearchFilter(authenticationCriteria));
            newObjectScopeSearchRequest.setReturnAttributes(authenticationCriteria.getAuthenticationRequest().getReturnAttributes());
            if (this.subtreeSearch) {
                newObjectScopeSearchRequest.setSearchScope(SearchScope.SUBTREE);
            } else {
                newObjectScopeSearchRequest.setSearchScope(SearchScope.ONELEVEL);
            }
        } else {
            newObjectScopeSearchRequest = SearchRequest.newObjectScopeSearchRequest(authenticationCriteria.getDn(), authenticationCriteria.getAuthenticationRequest().getReturnAttributes());
        }
        newObjectScopeSearchRequest.setDerefAliases(this.derefAliases);
        newObjectScopeSearchRequest.setReferralHandler(this.referralHandler);
        newObjectScopeSearchRequest.setSearchEntryHandlers(this.entryHandlers);
        return newObjectScopeSearchRequest;
    }

    @Override // org.ldaptive.auth.EntryResolver
    public LdapEntry resolve(AuthenticationCriteria authenticationCriteria, AuthenticationHandlerResponse authenticationHandlerResponse) throws LdapException {
        this.logger.debug("resolve criteria={}", authenticationCriteria);
        SearchResult performLdapSearch = performLdapSearch(authenticationCriteria, authenticationHandlerResponse);
        this.logger.debug("resolved result={} for criteria={}", performLdapSearch, authenticationCriteria);
        LdapEntry ldapEntry = null;
        Iterator<LdapEntry> it = performLdapSearch.getEntries().iterator();
        if (it != null && it.hasNext()) {
            ldapEntry = it.next();
            if (it.hasNext()) {
                this.logger.debug("multiple results found for user={}", authenticationCriteria.getDn());
                if (!this.allowMultipleEntries) {
                    throw new LdapException("Found more than (1) entry for: " + authenticationCriteria.getDn());
                }
            }
        }
        return ldapEntry;
    }
}
