package org.wso2.carbon.user.core.ldap;

import java.io.IOException;
import java.nio.ByteBuffer;
import java.text.MessageFormat;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.LinkedHashSet;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import java.util.UUID;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.TimeUnit;
import javax.cache.Cache;
import javax.cache.CacheBuilder;
import javax.cache.CacheConfiguration;
import javax.cache.CacheManager;
import javax.cache.Caching;
import javax.naming.AuthenticationException;
import javax.naming.CompositeName;
import javax.naming.InvalidNameException;
import javax.naming.Name;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.PartialResultException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.DirContext;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.naming.ldap.Control;
import javax.naming.ldap.LdapContext;
import javax.naming.ldap.LdapName;
import javax.naming.ldap.PagedResultsControl;
import javax.naming.ldap.PagedResultsResponseControl;
import javax.naming.ldap.Rdn;
import javax.naming.ldap.SortControl;
import javax.sql.DataSource;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.lang.ArrayUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.tomcat.util.descriptor.web.SecurityConstraint;
import org.wso2.carbon.CarbonConstants;
import org.wso2.carbon.context.CarbonContext;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.registry.core.RegistryConstants;
import org.wso2.carbon.user.api.Properties;
import org.wso2.carbon.user.api.Property;
import org.wso2.carbon.user.api.RealmConfiguration;
import org.wso2.carbon.user.api.Tenant;
import org.wso2.carbon.user.core.UserCoreConstants;
import org.wso2.carbon.user.core.UserRealm;
import org.wso2.carbon.user.core.UserStoreConfigConstants;
import org.wso2.carbon.user.core.UserStoreException;
import org.wso2.carbon.user.core.claim.ClaimManager;
import org.wso2.carbon.user.core.common.AbstractUserStoreManager;
import org.wso2.carbon.user.core.common.PaginatedSearchResult;
import org.wso2.carbon.user.core.common.RoleContext;
import org.wso2.carbon.user.core.internal.UserStoreMgtDSComponent;
import org.wso2.carbon.user.core.jdbc.JDBCUserStoreManager;
import org.wso2.carbon.user.core.model.Condition;
import org.wso2.carbon.user.core.model.ExpressionAttribute;
import org.wso2.carbon.user.core.model.ExpressionCondition;
import org.wso2.carbon.user.core.model.ExpressionOperation;
import org.wso2.carbon.user.core.model.OperationalCondition;
import org.wso2.carbon.user.core.profile.ProfileConfigurationManager;
import org.wso2.carbon.user.core.service.RealmService;
import org.wso2.carbon.user.core.util.DatabaseUtil;
import org.wso2.carbon.user.core.util.JNDIUtil;
import org.wso2.carbon.user.core.util.LDAPUtil;
import org.wso2.carbon.user.core.util.UserCoreUtil;

/* loaded from: input_file:lib/org.wso2.carbon.user.core-4.6.0.jar:org/wso2/carbon/user/core/ldap/ReadOnlyLDAPUserStoreManager.class */
public class ReadOnlyLDAPUserStoreManager extends AbstractUserStoreManager {
    public static final String MEMBER_UID = "memberUid";
    private static final String OBJECT_GUID = "objectGUID";
    protected static final String MEMBERSHIP_ATTRIBUTE_RANGE = "MembershipAttributeRange";
    protected static final String MEMBERSHIP_ATTRIBUTE_RANGE_DISPLAY_NAME = "Membership Attribute Range";
    private static final String USER_CACHE_NAME_PREFIX = "$__local__$.UserCache-";
    private static final String USER_CACHE_MANAGER = "UserCacheManager";
    protected static final int MAX_USER_CACHE = 200;
    private static final String MULTI_ATTRIBUTE_SEPARATOR_DESCRIPTION = "This is the separator for multiple claim values";
    private static final String MULTI_ATTRIBUTE_SEPARATOR = "MultiAttributeSeparator";
    private static final String PROPERTY_REFERRAL_IGNORE = "ignore";
    private static final String LDAPConnectionTimeout = "LDAPConnectionTimeout";
    private static final String LDAPConnectionTimeoutDescription = "LDAP Connection Timeout";
    private static final String readTimeout = "ReadTimeout";
    private static final String readTimeoutDescription = "Configure this to define the read timeout for LDAP operations";
    private static final String RETRY_ATTEMPTS = "RetryAttempts";
    private static final String LDAPBinaryAttributesDescription = "Configure this to define the LDAP binary attributes seperated by a space. Ex:mpegVideo mySpecialKey";
    protected static final String USER_CACHE_EXPIRY_TIME_ATTRIBUTE_NAME = "User Cache Expiry milliseconds";
    protected static final String USER_DN_CACHE_ENABLED_ATTRIBUTE_NAME = "Enable User DN Cache";
    protected static final String USER_CACHE_EXPIRY_TIME_ATTRIBUTE_DESCRIPTION = "Configure the user cache expiry in milliseconds. Values  {0: expire immediately, -1: never expire, '': i.e. empty, system default}.";
    protected static final String USER_DN_CACHE_ENABLED_ATTRIBUTE_DESCRIPTION = "Enables the user cache. Default true, Unless set to false. Empty value is interpreted as true.";
    private static final String USE_ANONYMOUS_BIND = "AnonymousBind";
    protected static final int MEMBERSHIP_ATTRIBUTE_RANGE_VALUE = 0;
    private static final int MAX_ITEM_LIMIT_UNLIMITED = -1;
    private String cacheExpiryTimeAttribute;
    private long userDnCacheExpiryTime;
    private CacheBuilder userDnCacheBuilder;
    private String userDnCacheName;
    private boolean userDnCacheEnabled;
    protected CacheManager cacheManager;
    protected String tenantDomain;

    @Deprecated
    Map<String, Object> userCache;
    protected LDAPConnectionContext connectionSource;
    protected String userSearchBase;
    protected String groupSearchBase;
    protected boolean emptyRolesAllowed;
    private static Log log = LogFactory.getLog(ReadOnlyLDAPUserStoreManager.class);
    private static final ArrayList<Property> RO_LDAP_UM_ADVANCED_PROPERTIES = new ArrayList<>();

    public ReadOnlyLDAPUserStoreManager() {
        this.cacheExpiryTimeAttribute = "";
        this.userDnCacheExpiryTime = 0L;
        this.userDnCacheBuilder = null;
        this.userDnCacheEnabled = true;
        this.userCache = new ConcurrentHashMap(200);
        this.connectionSource = null;
        this.userSearchBase = null;
        this.groupSearchBase = null;
        this.emptyRolesAllowed = false;
    }

    public ReadOnlyLDAPUserStoreManager(RealmConfiguration realmConfiguration, Map<String, Object> map, ClaimManager claimManager, ProfileConfigurationManager profileConfigurationManager, UserRealm userRealm, Integer num) throws UserStoreException {
        this(realmConfiguration, map, claimManager, profileConfigurationManager, userRealm, num, false);
    }

    public ReadOnlyLDAPUserStoreManager(RealmConfiguration realmConfiguration, Map<String, Object> map, ClaimManager claimManager, ProfileConfigurationManager profileConfigurationManager, UserRealm userRealm, Integer num, boolean z) throws UserStoreException {
        this.cacheExpiryTimeAttribute = "";
        this.userDnCacheExpiryTime = 0L;
        this.userDnCacheBuilder = null;
        this.userDnCacheEnabled = true;
        this.userCache = new ConcurrentHashMap(200);
        this.connectionSource = null;
        this.userSearchBase = null;
        this.groupSearchBase = null;
        this.emptyRolesAllowed = false;
        if (log.isDebugEnabled()) {
            log.debug("Initialization Started " + System.currentTimeMillis());
        }
        this.realmConfig = realmConfiguration;
        this.claimManager = claimManager;
        this.userRealm = userRealm;
        this.tenantId = num.intValue();
        checkRequiredUserStoreConfigurations();
        this.dataSource = (DataSource) map.get(UserCoreConstants.DATA_SOURCE);
        if (this.dataSource == null) {
            this.dataSource = DatabaseUtil.getRealmDataSource(realmConfiguration);
        }
        if (this.dataSource == null) {
            throw new UserStoreException("Data Source is null");
        }
        map.put(UserCoreConstants.DATA_SOURCE, this.dataSource);
        this.connectionSource = new LDAPConnectionContext(realmConfiguration);
        DirContext dirContext = null;
        try {
            try {
                dirContext = this.connectionSource.getContext();
                if (isReadOnly()) {
                    log.info("LDAP connection created successfully in read-only mode");
                }
                JNDIUtil.closeContext(dirContext);
            } catch (Exception e) {
                log.error("Cannot create connection to LDAP server. Connection URL: " + realmConfiguration.getUserStoreProperty("ConnectionURL") + " Error message: " + e.getMessage());
                JNDIUtil.closeContext(dirContext);
            }
            this.userRealm = userRealm;
            persistDomain();
            doInitialSetup();
            if (realmConfiguration.isPrimary()) {
                addInitialAdminData(Boolean.parseBoolean(realmConfiguration.getAddAdmin()), !isInitSetupDone());
            }
            initUserRolesCache();
            initUserCache();
            if (log.isDebugEnabled()) {
                log.debug("Initialization Ended " + System.currentTimeMillis());
            }
        } catch (Throwable th) {
            JNDIUtil.closeContext(dirContext);
            throw th;
        }
    }

    public ReadOnlyLDAPUserStoreManager(RealmConfiguration realmConfiguration, ClaimManager claimManager, ProfileConfigurationManager profileConfigurationManager) throws UserStoreException {
        this.cacheExpiryTimeAttribute = "";
        this.userDnCacheExpiryTime = 0L;
        this.userDnCacheBuilder = null;
        this.userDnCacheEnabled = true;
        this.userCache = new ConcurrentHashMap(200);
        this.connectionSource = null;
        this.userSearchBase = null;
        this.groupSearchBase = null;
        this.emptyRolesAllowed = false;
        if (log.isDebugEnabled()) {
            log.debug("Started " + System.currentTimeMillis());
        }
        this.realmConfig = realmConfiguration;
        this.claimManager = claimManager;
        checkRequiredUserStoreConfigurations();
        this.connectionSource = new LDAPConnectionContext(realmConfiguration);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void checkRequiredUserStoreConfigurations() throws UserStoreException {
        log.debug("Checking LDAP configurations ");
        String userStoreProperty = this.realmConfig.getUserStoreProperty("ConnectionURL");
        String userStoreProperty2 = this.realmConfig.getUserStoreProperty(LDAPConstants.DNS_URL);
        String userStoreProperty3 = this.realmConfig.getUserStoreProperty(USE_ANONYMOUS_BIND);
        if ((userStoreProperty == null || userStoreProperty.trim().length() == 0) && (userStoreProperty2 == null || userStoreProperty2.trim().length() == 0)) {
            throw new UserStoreException("Required ConnectionURL property is not set at the LDAP configurations");
        }
        if (!Boolean.parseBoolean(userStoreProperty3)) {
            if (StringUtils.isEmpty(this.realmConfig.getUserStoreProperty("ConnectionName"))) {
                throw new UserStoreException("Required ConnectionNme property is not set at the LDAP configurations");
            }
            if (StringUtils.isEmpty(this.realmConfig.getUserStoreProperty("ConnectionPassword"))) {
                throw new UserStoreException("Required ConnectionPassword property is not set at the LDAP configurations");
            }
        }
        this.userSearchBase = this.realmConfig.getUserStoreProperty("UserSearchBase");
        if (this.userSearchBase == null || this.userSearchBase.trim().length() == 0) {
            throw new UserStoreException("Required UserSearchBase property is not set at the LDAP configurations");
        }
        String userStoreProperty4 = this.realmConfig.getUserStoreProperty("UserNameListFilter");
        if (userStoreProperty4 == null || userStoreProperty4.trim().length() == 0) {
            throw new UserStoreException("Required UserNameListFilter property is not set at the LDAP configurations");
        }
        String userStoreProperty5 = this.realmConfig.getUserStoreProperty("UserNameSearchFilter");
        if (userStoreProperty5 == null || userStoreProperty5.trim().length() == 0) {
            throw new UserStoreException("Required UserNameSearchFilter property is not set at the LDAP configurations");
        }
        String userStoreProperty6 = this.realmConfig.getUserStoreProperty("UserNameAttribute");
        if (userStoreProperty6 == null || userStoreProperty6.trim().length() == 0) {
            throw new UserStoreException("Required UserNameAttribute property is not set at the LDAP configurations");
        }
        this.writeGroupsEnabled = false;
        if (this.realmConfig.getUserStoreProperty("ReadGroups") != null) {
            this.readGroupsEnabled = Boolean.parseBoolean(this.realmConfig.getUserStoreProperty("ReadGroups"));
        }
        if (log.isDebugEnabled()) {
            if (this.readGroupsEnabled) {
                log.debug("ReadGroups is enabled for " + getMyDomainName());
            } else {
                log.debug("ReadGroups is disabled for " + getMyDomainName());
            }
        }
        if (this.readGroupsEnabled) {
            this.groupSearchBase = this.realmConfig.getUserStoreProperty("GroupSearchBase");
            if (this.groupSearchBase == null || this.groupSearchBase.trim().length() == 0) {
                throw new UserStoreException("Required GroupSearchBase property is not set at the LDAP configurations");
            }
            String userStoreProperty7 = this.realmConfig.getUserStoreProperty("GroupNameListFilter");
            if (userStoreProperty7 == null || userStoreProperty7.trim().length() == 0) {
                throw new UserStoreException("Required GroupNameListFilter property is not set at the LDAP configurations");
            }
            String userStoreProperty8 = this.realmConfig.getUserStoreProperty("GroupNameSearchFilter");
            if (userStoreProperty8 == null || userStoreProperty8.trim().length() == 0) {
                throw new UserStoreException("Required GroupNameSearchFilter property is not set at the LDAP configurations");
            }
            String userStoreProperty9 = this.realmConfig.getUserStoreProperty("GroupNameAttribute");
            if (userStoreProperty9 == null || userStoreProperty9.trim().length() == 0) {
                throw new UserStoreException("Required GroupNameAttribute property is not set at the LDAP configurations");
            }
            String userStoreProperty10 = this.realmConfig.getUserStoreProperty("MembershipAttribute");
            if (userStoreProperty10 == null || userStoreProperty10.trim().length() == 0) {
                throw new UserStoreException("Required MembershipAttribute property is not set at the LDAP configurations");
            }
        }
        this.cacheExpiryTimeAttribute = this.realmConfig.getUserStoreProperty(LDAPConstants.USER_CACHE_EXPIRY_MILLISECONDS);
        String userStoreProperty11 = this.realmConfig.getUserStoreProperty(LDAPConstants.USER_DN_CACHE_ENABLED);
        if (StringUtils.isNotEmpty(userStoreProperty11)) {
            this.userDnCacheEnabled = Boolean.parseBoolean(userStoreProperty11);
        }
    }

    /* JADX WARN: Code restructure failed: missing block: B:115:0x02c3, code lost:
    
        if (r11.equalsIgnoreCase(r0) == false) goto L96;
     */
    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public boolean doAuthenticate(java.lang.String r8, java.lang.Object r9) throws org.wso2.carbon.user.core.UserStoreException {
        /*
            Method dump skipped, instructions count: 866
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager.doAuthenticate(java.lang.String, java.lang.Object):boolean");
    }

    @Override // org.wso2.carbon.user.core.UserStoreManager, org.wso2.carbon.user.api.UserStoreManager
    public String[] getAllProfileNames() throws UserStoreException {
        return new String[]{"default"};
    }

    @Override // org.wso2.carbon.user.core.UserStoreManager, org.wso2.carbon.user.api.UserStoreManager
    public String[] getProfileNames(String str) throws UserStoreException {
        return new String[]{"default"};
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public Map<String, String> getUserPropertyValues(String str, String[] strArr, String str2) throws UserStoreException {
        Attribute attribute;
        if (str == null) {
            throw new UserStoreException("userName value is null.");
        }
        String str3 = ",";
        String str4 = null;
        LdapName fromUserCache = getFromUserCache(str);
        if (fromUserCache == null) {
            String userStoreProperty = this.realmConfig.getUserStoreProperty("UserDNPattern");
            if (userStoreProperty != null && !userStoreProperty.isEmpty()) {
                if (log.isDebugEnabled()) {
                    log.debug("Using User DN Patterns " + userStoreProperty);
                }
                str4 = userStoreProperty.contains("#") ? getNameInSpaceForUserName(str) : MessageFormat.format(userStoreProperty, escapeSpecialCharactersForDN(str));
            }
        } else {
            str4 = fromUserCache.toString();
        }
        HashMap hashMap = new HashMap();
        String[] split = str.split(CarbonConstants.DOMAIN_SEPARATOR);
        if (split.length > 1) {
            str = split[1];
        }
        DirContext context = this.connectionSource.getContext();
        String replace = this.realmConfig.getUserStoreProperty("UserNameSearchFilter").replace("?", escapeSpecialCharactersForFilter(str));
        NamingEnumeration<SearchResult> namingEnumeration = null;
        NamingEnumeration namingEnumeration2 = null;
        try {
            try {
                if (str4 != null) {
                    SearchControls searchControls = new SearchControls();
                    searchControls.setSearchScope(2);
                    if (strArr != null && strArr.length > 0) {
                        searchControls.setReturningAttributes(strArr);
                    }
                    if (log.isDebugEnabled()) {
                        try {
                            log.debug("Searching for user with SearchFilter: " + replace + " in SearchBase: " + context.getNameInNamespace());
                        } catch (NamingException e) {
                            log.debug("Error while getting DN of search base", e);
                        }
                        if (strArr == null) {
                            log.debug("No attributes requested");
                        } else {
                            for (String str5 : strArr) {
                                log.debug("Requesting attribute :" + str5);
                            }
                        }
                    }
                    try {
                        namingEnumeration = context.search(escapeDNForSearch(str4), replace, searchControls);
                    } catch (NamingException e2) {
                        String str6 = "Error occurred while searching directory context for user : " + str4 + " searchFilter : " + replace;
                        if (log.isDebugEnabled()) {
                            log.debug(str6, e2);
                        }
                        throw new UserStoreException(str6, e2);
                    } catch (PartialResultException e3) {
                        String str7 = "Error occurred while searching directory context for user : " + str4 + " searchFilter : " + replace;
                        if (!isIgnorePartialResultException()) {
                            throw new UserStoreException(str7, e3);
                        }
                        if (log.isDebugEnabled()) {
                            log.debug(str7, e3);
                        }
                    }
                } else {
                    namingEnumeration = searchForUser(replace, strArr, context);
                }
                while (namingEnumeration != null && namingEnumeration.hasMoreElements()) {
                    Attributes attributes = ((SearchResult) namingEnumeration.next()).getAttributes();
                    if (attributes != null) {
                        for (String str8 : strArr) {
                            if (str8 != null && (attribute = attributes.get(str8)) != null) {
                                StringBuffer stringBuffer = new StringBuffer();
                                namingEnumeration2 = attribute.getAll();
                                while (namingEnumeration2.hasMore()) {
                                    Object next = namingEnumeration2.next();
                                    String str9 = null;
                                    if (next instanceof String) {
                                        str9 = (String) next;
                                    } else if (next instanceof byte[]) {
                                        byte[] bArr = (byte[]) next;
                                        if (bArr.length != 16 || !str8.toLowerCase().endsWith(LDAPConstants.UID)) {
                                            str9 = new String(Base64.encodeBase64((byte[]) next));
                                        } else if (str8.equalsIgnoreCase(OBJECT_GUID)) {
                                            String userStoreProperty2 = this.realmConfig.getUserStoreProperty(ActiveDirectoryUserStoreConstants.TRANSFORM_OBJECTGUID_TO_UUID);
                                            if (StringUtils.isEmpty(userStoreProperty2) || Boolean.parseBoolean(userStoreProperty2)) {
                                                ByteBuffer wrap = ByteBuffer.wrap(swapBytes(bArr));
                                                str9 = new UUID(wrap.getLong(), wrap.getLong()).toString();
                                            } else {
                                                str9 = new String(Base64.encodeBase64((byte[]) next));
                                            }
                                        }
                                    }
                                    if (str9 != null && str9.trim().length() > 0) {
                                        String userStoreProperty3 = this.realmConfig.getUserStoreProperty(MULTI_ATTRIBUTE_SEPARATOR);
                                        if (userStoreProperty3 != null && !userStoreProperty3.trim().isEmpty()) {
                                            str3 = userStoreProperty3;
                                        }
                                        stringBuffer.append(str9 + str3);
                                    }
                                    String stringBuffer2 = stringBuffer.toString();
                                    if (stringBuffer2 != null && stringBuffer2.trim().length() > str3.length()) {
                                        hashMap.put(str8, stringBuffer2.substring(0, stringBuffer2.length() - str3.length()));
                                    }
                                }
                            }
                        }
                    }
                }
                JNDIUtil.closeNamingEnumeration(namingEnumeration2);
                JNDIUtil.closeNamingEnumeration(namingEnumeration);
                JNDIUtil.closeContext(context);
                return hashMap;
            } catch (NamingException e4) {
                String str10 = "Error occurred while getting user property values for user : " + str;
                if (log.isDebugEnabled()) {
                    log.debug(str10, e4);
                }
                throw new UserStoreException(str10, e4);
            }
        } catch (Throwable th) {
            JNDIUtil.closeNamingEnumeration(null);
            JNDIUtil.closeNamingEnumeration(null);
            JNDIUtil.closeContext(context);
            throw th;
        }
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public boolean doCheckExistingRole(String str) throws UserStoreException {
        return isExistingLDAPRole(createRoleContext(str));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean isExistingLDAPRole(RoleContext roleContext) throws UserStoreException {
        boolean isDebugEnabled = log.isDebugEnabled();
        boolean z = false;
        String roleName = roleContext.getRoleName();
        if (isDebugEnabled) {
            log.debug("Searching for role: " + roleName);
        }
        String listFilter = ((LDAPRoleContext) roleContext).getListFilter();
        String roleNameProperty = ((LDAPRoleContext) roleContext).getRoleNameProperty();
        String str = "(&" + listFilter + "(" + roleNameProperty + "=" + escapeSpecialCharactersForFilter(roleName) + "))";
        String searchBase = ((LDAPRoleContext) roleContext).getSearchBase();
        if (isDebugEnabled) {
            log.debug("Using search filter: " + str);
        }
        SearchControls searchControls = new SearchControls();
        searchControls.setSearchScope(2);
        searchControls.setReturningAttributes(new String[]{roleNameProperty});
        NamingEnumeration namingEnumeration = null;
        DirContext dirContext = null;
        try {
            dirContext = this.connectionSource.getContext();
            if (((LDAPRoleContext) roleContext).getRoleDNPatterns().size() > 0) {
                for (String str2 : ((LDAPRoleContext) roleContext).getRoleDNPatterns()) {
                    if (isDebugEnabled) {
                        log.debug("Using pattern: " + str2);
                    }
                    try {
                        namingEnumeration = dirContext.search(escapeDNForSearch(MessageFormat.format(str2.trim(), escapeSpecialCharactersForDN(roleName))), str, searchControls);
                    } catch (NamingException e) {
                        if (log.isDebugEnabled()) {
                            log.debug(e);
                        }
                    }
                    if (namingEnumeration != null && namingEnumeration.hasMoreElements()) {
                        JNDIUtil.closeNamingEnumeration(namingEnumeration);
                        JNDIUtil.closeContext(dirContext);
                        return true;
                    }
                }
            }
            String[] split = searchBase.split("#");
            int length = split.length;
            int i = 0;
            while (true) {
                if (i >= length) {
                    break;
                }
                String str3 = split[i];
                if (isDebugEnabled) {
                    log.debug("Searching in " + str3);
                }
                try {
                    namingEnumeration = dirContext.search(escapeDNForSearch(str3), str, searchControls);
                } catch (NamingException e2) {
                    if (log.isDebugEnabled()) {
                        log.debug(e2);
                    }
                }
                if (namingEnumeration.hasMoreElements()) {
                    z = true;
                    break;
                }
                i++;
            }
            JNDIUtil.closeNamingEnumeration(namingEnumeration);
            JNDIUtil.closeContext(dirContext);
            if (isDebugEnabled) {
                log.debug("Is role: " + roleName + " exist: " + z);
            }
            return z;
        } catch (Throwable th) {
            JNDIUtil.closeNamingEnumeration(namingEnumeration);
            JNDIUtil.closeContext(dirContext);
            throw th;
        }
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public boolean doCheckExistingUser(String str) throws UserStoreException {
        String nameInSpaceForUserName;
        if (log.isDebugEnabled()) {
            log.debug("Searching for user " + str);
        }
        if (str == null) {
            return false;
        }
        boolean z = false;
        String replace = this.realmConfig.getUserStoreProperty("UserNameSearchFilter").replace("?", escapeSpecialCharactersForFilter(str));
        try {
            LdapName fromUserCache = getFromUserCache(str);
            if (fromUserCache == null) {
                String userStoreProperty = this.realmConfig.getUserStoreProperty("UserDNPattern");
                if (userStoreProperty != null && userStoreProperty.trim().length() > 0) {
                    String[] split = userStoreProperty.split("#");
                    int length = split.length;
                    int i = 0;
                    while (true) {
                        if (i < length) {
                            String nameInSpaceForUserName2 = getNameInSpaceForUserName(str, MessageFormat.format(split[i], escapeSpecialCharactersForDN(str)), replace);
                            if (nameInSpaceForUserName2 != null && nameInSpaceForUserName2.length() > 0) {
                                z = true;
                                putToUserCache(str, new LdapName(nameInSpaceForUserName2));
                                break;
                            }
                            i++;
                        } else {
                            break;
                        }
                    }
                }
            } else {
                String nameInSpaceForUserName3 = getNameInSpaceForUserName(str, MessageFormat.format(fromUserCache.toString(), escapeSpecialCharactersForDN(str)), replace);
                if (nameInSpaceForUserName3 == null || nameInSpaceForUserName3.length() <= 0) {
                    removeFromUserCache(str);
                } else {
                    z = true;
                }
            }
            if (!z && (nameInSpaceForUserName = getNameInSpaceForUserName(str, this.realmConfig.getUserStoreProperty("UserSearchBase"), replace)) != null) {
                if (nameInSpaceForUserName.length() > 0) {
                    z = true;
                }
            }
            if (log.isDebugEnabled()) {
                log.debug("User: " + str + " exist: " + z);
            }
            return z;
        } catch (Exception e) {
            String str2 = "Error occurred while checking existence of user : " + str;
            if (log.isDebugEnabled()) {
                log.debug(str2, e);
            }
            throw new UserStoreException(str2, e);
        }
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public String[] doListUsers(String str, int i) throws UserStoreException {
        String[] strArr;
        boolean isDebugEnabled = log.isDebugEnabled();
        String[] strArr2 = new String[0];
        if (i == 0) {
            return strArr2;
        }
        if (str.contains("?") || str.contains(SecurityConstraint.ROLE_ALL_AUTHENTICATED_USERS)) {
            throw new UserStoreException("Invalid character sequence entered for user serch. Please enter valid sequence.");
        }
        StringBuffer stringBuffer = new StringBuffer(this.realmConfig.getUserStoreProperty("UserNameListFilter"));
        String userStoreProperty = this.realmConfig.getUserStoreProperty("UserSearchBase");
        String userStoreProperty2 = this.realmConfig.getUserStoreProperty("UserNameAttribute");
        StringBuffer stringBuffer2 = new StringBuffer();
        String userStoreProperty3 = this.realmConfig.getUserStoreProperty(LDAPConstants.DISPLAY_NAME_ATTRIBUTE);
        if (StringUtils.isNotEmpty(userStoreProperty3)) {
            strArr = new String[]{userStoreProperty2, "sn", userStoreProperty3};
            stringBuffer2.append("(&").append(stringBuffer).append("(").append(userStoreProperty3).append("=").append(escapeSpecialCharactersForFilterWithStarAsRegex(str)).append("))");
        } else {
            strArr = new String[]{userStoreProperty2, "sn"};
            stringBuffer2.append("(&").append(stringBuffer).append("(").append(userStoreProperty2).append("=").append(escapeSpecialCharactersForFilterWithStarAsRegex(str)).append("))");
        }
        NamingEnumeration<SearchResult> namingEnumeration = null;
        ArrayList arrayList = new ArrayList();
        try {
            try {
                for (String str2 : userStoreProperty.split("#")) {
                    namingEnumeration = searchForUsers(stringBuffer2.toString(), str2, userStoreProperty, i, strArr);
                    while (namingEnumeration.hasMoreElements()) {
                        SearchResult searchResult = (SearchResult) namingEnumeration.next();
                        if (searchResult.getAttributes() != null) {
                            log.debug("Result found ..");
                            Attribute attribute = searchResult.getAttributes().get(userStoreProperty2);
                            Attribute attribute2 = searchResult.getAttributes().get("sn");
                            if (attribute2 != null) {
                                if (isDebugEnabled) {
                                    log.debug("sn : " + attribute2);
                                }
                                String str3 = (String) attribute2.get();
                                if (str3 != null && str3.equals(LDAPConstants.SERVER_PRINCIPAL_ATTRIBUTE_VALUE)) {
                                }
                            }
                            Attribute attribute3 = null;
                            if (StringUtils.isNotEmpty(userStoreProperty3)) {
                                attribute3 = searchResult.getAttributes().get(userStoreProperty3);
                                if (isDebugEnabled) {
                                    log.debug(userStoreProperty3 + " : " + attribute3);
                                }
                            }
                            if (attribute != null) {
                                arrayList.add(UserCoreUtil.getCombinedName(getRealmConfiguration().getUserStoreProperty("DomainName"), (String) attribute.get(), attribute3 != null ? (String) attribute3.get() : null));
                            }
                        }
                    }
                }
                strArr2 = (String[]) arrayList.toArray(new String[arrayList.size()]);
                Arrays.sort(strArr2);
                if (isDebugEnabled) {
                    for (String str4 : strArr2) {
                        log.debug("result: " + str4);
                    }
                }
                JNDIUtil.closeNamingEnumeration(namingEnumeration);
            } catch (NamingException e) {
                String str5 = "Error occurred while getting user list for filter : " + str + "max limit : " + i;
                if (log.isDebugEnabled()) {
                    log.debug(str5, e);
                }
                throw new UserStoreException(str5, e);
            } catch (PartialResultException e2) {
                String str6 = "Error occurred while getting user list for filter : " + str + "max limit : " + i;
                if (!isIgnorePartialResultException()) {
                    throw new UserStoreException(str6, e2);
                }
                if (log.isDebugEnabled()) {
                    log.debug(str6, e2);
                }
                JNDIUtil.closeNamingEnumeration(namingEnumeration);
            }
            return strArr2;
        } catch (Throwable th) {
            JNDIUtil.closeNamingEnumeration(namingEnumeration);
            throw th;
        }
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public long doCountUsersWithClaims(String str, String str2) throws UserStoreException {
        throw new UserStoreException("Error occurred while getting users count with claims ");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public NamingEnumeration<SearchResult> searchForUsers(String str, String str2, String str3, int i, String[] strArr) throws UserStoreException {
        int i2;
        int i3;
        try {
            i2 = Integer.parseInt(this.realmConfig.getUserStoreProperty("MaxUserNameListLength"));
        } catch (Exception e) {
            i2 = 100;
        }
        try {
            i3 = Integer.parseInt(this.realmConfig.getUserStoreProperty(UserCoreConstants.RealmConfig.PROPERTY_MAX_SEARCH_TIME));
        } catch (Exception e2) {
            i3 = 10000;
        }
        if (i < 0 || i > i2) {
            i = i2;
        }
        SearchControls searchControls = new SearchControls();
        searchControls.setSearchScope(2);
        searchControls.setCountLimit(i);
        searchControls.setTimeLimit(i3);
        searchControls.setReturningAttributes(strArr);
        if (log.isDebugEnabled()) {
            log.debug("Listing users. SearchBase: " + str3 + " Constructed-Filter: " + str);
            log.debug("Search controls. Max Limit: " + i + " Max Time: " + i3);
        }
        DirContext context = this.connectionSource.getContext();
        try {
            try {
                NamingEnumeration<SearchResult> search = context.search(escapeDNForSearch(str2), str, searchControls);
                JNDIUtil.closeContext(context);
                return search;
            } catch (NamingException e3) {
                String str4 = "Error occurred while getting user list for filter : " + str + "max limit : " + i;
                if (log.isDebugEnabled()) {
                    log.debug(str4, e3);
                }
                throw new UserStoreException(str4, e3);
            }
        } catch (Throwable th) {
            JNDIUtil.closeContext(context);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public String[] doGetDisplayNamesForInternalRole(String[] strArr) throws UserStoreException {
        String userStoreProperty = this.realmConfig.getUserStoreProperty(LDAPConstants.DISPLAY_NAME_ATTRIBUTE);
        if (!StringUtils.isNotEmpty(userStoreProperty)) {
            return strArr;
        }
        String userStoreProperty2 = this.realmConfig.getUserStoreProperty("UserNameAttribute");
        String userStoreProperty3 = this.realmConfig.getUserStoreProperty("UserSearchBase");
        String userStoreProperty4 = this.realmConfig.getUserStoreProperty("UserNameListFilter");
        String[] strArr2 = {userStoreProperty};
        SearchControls searchControls = new SearchControls();
        searchControls.setReturningAttributes(strArr2);
        ArrayList arrayList = new ArrayList();
        if (strArr == null || strArr.length <= 0) {
            return strArr;
        }
        for (String str : strArr) {
            List<String> listOfNames = getListOfNames(userStoreProperty3, "(&" + userStoreProperty4 + "(" + userStoreProperty2 + "=" + escapeSpecialCharactersForFilter(str) + "))", searchControls, userStoreProperty, false);
            if (listOfNames != null && !listOfNames.isEmpty()) {
                arrayList.add(UserCoreUtil.getCombinedName(this.realmConfig.getUserStoreProperty("DomainName"), str, listOfNames.get(0)));
            }
        }
        return (String[]) arrayList.toArray(new String[arrayList.size()]);
    }

    protected boolean bindAsUser(String str, String str2) throws NamingException, UserStoreException {
        int i;
        boolean z = false;
        boolean isDebugEnabled = log.isDebugEnabled();
        LdapContext ldapContext = null;
        try {
            try {
                try {
                    i = Integer.parseInt(this.realmConfig.getUserStoreProperty(RETRY_ATTEMPTS));
                } catch (AuthenticationException e) {
                    if (isDebugEnabled) {
                        log.debug("Authentication failed " + e);
                    }
                    JNDIUtil.closeContext(ldapContext);
                }
            } catch (Throwable th) {
                JNDIUtil.closeContext(ldapContext);
                throw th;
            }
        } catch (NullPointerException | NumberFormatException e2) {
            i = 0;
        }
        do {
            i--;
            boolean z2 = false;
            try {
                ldapContext = this.connectionSource.getContextWithCredentials(str, str2);
                z = true;
            } catch (UserStoreException e3) {
                if (e3.getMessage().contains("TimeLimitExceeded")) {
                    z2 = true;
                }
            }
            if (!z2) {
                break;
            }
        } while (i >= 0);
        JNDIUtil.closeContext(ldapContext);
        if (isDebugEnabled) {
            log.debug("User: " + str + " is authenticated: " + z);
        }
        return z;
    }

    private boolean bindAsUser(String str, String str2, Object obj) throws NamingException, UserStoreException {
        boolean z = false;
        boolean isDebugEnabled = log.isDebugEnabled();
        DirContext dirContext = null;
        try {
            try {
                dirContext = this.connectionSource.getContextWithCredentials(str2, obj);
                z = true;
                JNDIUtil.closeContext(dirContext);
            } catch (AuthenticationException e) {
                if (isDebugEnabled) {
                    log.debug("Authentication failed " + e);
                    log.debug("Clearing cache for DN: " + str2);
                }
                if (str != null) {
                    removeFromUserCache(str);
                }
                JNDIUtil.closeContext(dirContext);
            }
            if (isDebugEnabled) {
                log.debug("User: " + str2 + " is authnticated: " + z);
            }
            return z;
        } catch (Throwable th) {
            JNDIUtil.closeContext(dirContext);
            throw th;
        }
    }

    protected NamingEnumeration<SearchResult> searchForUser(String str, String[] strArr, DirContext dirContext) throws UserStoreException {
        SearchControls searchControls = new SearchControls();
        searchControls.setSearchScope(2);
        String userStoreProperty = this.realmConfig.getUserStoreProperty("UserSearchBase");
        if (strArr != null && strArr.length > 0) {
            searchControls.setReturningAttributes(strArr);
        }
        if (log.isDebugEnabled()) {
            try {
                log.debug("Searching for user with SearchFilter: " + str + " in SearchBase: " + dirContext.getNameInNamespace());
            } catch (NamingException e) {
                log.debug("Error while getting DN of search base", e);
            }
            if (strArr == null) {
                log.debug("No attributes requested");
            } else {
                for (String str2 : strArr) {
                    log.debug("Requesting attribute :" + str2);
                }
            }
        }
        NamingEnumeration<SearchResult> namingEnumeration = null;
        try {
            for (String str3 : userStoreProperty.split("#")) {
                namingEnumeration = dirContext.search(escapeDNForSearch(str3), str, searchControls);
                if (namingEnumeration.hasMore()) {
                    return namingEnumeration;
                }
            }
        } catch (NamingException e2) {
            String str4 = "Error occurred while search user for filter : " + str;
            if (log.isDebugEnabled()) {
                log.debug(str4, e2);
            }
            throw new UserStoreException(str4, e2);
        } catch (PartialResultException e3) {
            String str5 = "Error occurred while search user for filter : " + str;
            if (!isIgnorePartialResultException()) {
                throw new UserStoreException(str5, e3);
            }
            if (log.isDebugEnabled()) {
                log.debug(str5, e3);
            }
        }
        return namingEnumeration;
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public void doAddRole(String str, String[] strArr, boolean z) throws UserStoreException {
        throw new UserStoreException("User store is operating in read only mode. Cannot write into the user store.");
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public void doUpdateRoleName(String str, String str2) throws UserStoreException {
        throw new UserStoreException("User store is operating in read only mode. Cannot write into the user store.");
    }

    @Override // org.wso2.carbon.user.api.UserStoreManager
    public boolean isMultipleProfilesAllowed() {
        return false;
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public void doDeleteRole(String str) throws UserStoreException {
        throw new UserStoreException("User store is operating in read only mode. Cannot write into the user store.");
    }

    protected List<String> getLDAPRoleNames(int i, String str, int i2, String str2, String str3, String str4, boolean z) throws UserStoreException {
        Attribute attribute;
        boolean isDebugEnabled = log.isDebugEnabled();
        ArrayList arrayList = new ArrayList();
        SearchControls searchControls = new SearchControls();
        searchControls.setSearchScope(2);
        searchControls.setCountLimit(i2);
        searchControls.setTimeLimit(i);
        searchControls.setReturningAttributes(new String[]{str3});
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append("(&").append(str2).append("(").append(str3).append("=").append(escapeSpecialCharactersForFilterWithStarAsRegex(str)).append("))");
        if (isDebugEnabled) {
            log.debug("Listing roles. SearchBase: " + str4 + " ConstructedFilter: " + stringBuffer.toString());
        }
        DirContext dirContext = null;
        NamingEnumeration namingEnumeration = null;
        try {
            try {
                dirContext = this.connectionSource.getContext();
                namingEnumeration = dirContext.search(escapeDNForSearch(str4), stringBuffer.toString(), searchControls);
                String userStoreProperty = getRealmConfiguration().getUserStoreProperty("DomainName");
                while (namingEnumeration.hasMoreElements()) {
                    SearchResult searchResult = (SearchResult) namingEnumeration.next();
                    if (searchResult.getAttributes() != null && (attribute = searchResult.getAttributes().get(str3)) != null) {
                        String addDomainToName = UserCoreUtil.addDomainToName((String) attribute.get(), userStoreProperty);
                        if (z) {
                            addDomainToName = UserCoreUtil.addTenantDomainToEntry(addDomainToName, getTenantDomainFromRoleDN(searchResult.getNameInNamespace(), addDomainToName));
                        }
                        arrayList.add(addDomainToName);
                    }
                }
                JNDIUtil.closeNamingEnumeration(namingEnumeration);
                JNDIUtil.closeContext(dirContext);
            } catch (NamingException e) {
                String str5 = "Error occurred while getting LDAP role names. SearchBase: " + str4 + " ConstructedFilter: " + stringBuffer.toString();
                if (log.isDebugEnabled()) {
                    log.debug(str5, e);
                }
                throw new UserStoreException(str5, e);
            } catch (PartialResultException e2) {
                String str6 = "Error occurred while getting LDAP role names. SearchBase: " + str4 + " ConstructedFilter: " + stringBuffer.toString();
                if (!isIgnorePartialResultException()) {
                    throw new UserStoreException(str6, e2);
                }
                if (log.isDebugEnabled()) {
                    log.debug(str6, e2);
                }
                JNDIUtil.closeNamingEnumeration(namingEnumeration);
                JNDIUtil.closeContext(dirContext);
            }
            if (isDebugEnabled) {
                Iterator it = arrayList.iterator();
                while (it.hasNext()) {
                    log.debug("result: " + ((String) it.next()));
                }
            }
            return arrayList;
        } catch (Throwable th) {
            JNDIUtil.closeNamingEnumeration(namingEnumeration);
            JNDIUtil.closeContext(dirContext);
            throw th;
        }
    }

    private String getTenantDomainFromRoleDN(String str, String str2) {
        String lowerCase = str.toLowerCase();
        String lowerCase2 = str2.toLowerCase();
        String lowerCase3 = this.realmConfig.getUserStoreProperties().get(LDAPConstants.SHARED_GROUP_SEARCH_BASE).toLowerCase();
        if (lowerCase.indexOf(lowerCase3) <= -1) {
            return CarbonContext.getThreadLocalCarbonContext().getTenantDomain();
        }
        String replace = lowerCase.replaceAll(lowerCase3, "").replace(this.realmConfig.getUserStoreProperty("GroupNameAttribute").toLowerCase() + "=" + lowerCase2, "");
        if (replace.indexOf(",") == 0) {
            replace = replace.substring(1);
        }
        int indexOf = replace.indexOf(",");
        if (indexOf > -1 && indexOf == replace.length() - 1) {
            replace = replace.substring(0, replace.length() - 1);
        }
        String replaceAll = replace.replaceAll(this.realmConfig.getUserStoreProperty(LDAPConstants.SHARED_TENANT_NAME_ATTRIBUTE).toLowerCase() + "=", "");
        if (replaceAll == null || replaceAll.isEmpty()) {
            replaceAll = "carbon.super";
        }
        return replaceAll;
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    protected void filterSharedRoles(List<String> list, String str) {
        String lowerCase = str.toLowerCase();
        if (lowerCase != null) {
            Iterator<String> it = list.iterator();
            while (it.hasNext()) {
                if (it.next().toLowerCase().indexOf(lowerCase) > -1) {
                    it.remove();
                }
            }
        }
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public String[] doGetRoleNames(String str, int i) throws UserStoreException {
        int i2;
        int i3;
        if (i == 0) {
            return new String[0];
        }
        try {
            i2 = Integer.parseInt(this.realmConfig.getUserStoreProperty("MaxRoleNameListLength"));
        } catch (Exception e) {
            i2 = 100;
        }
        try {
            i3 = Integer.parseInt(this.realmConfig.getUserStoreProperty(UserCoreConstants.RealmConfig.PROPERTY_MAX_SEARCH_TIME));
        } catch (Exception e2) {
            i3 = 10000;
        }
        if (i < 0 || i > i2) {
            i = i2;
        }
        ArrayList arrayList = new ArrayList();
        if (this.readGroupsEnabled) {
            for (String str2 : this.realmConfig.getUserStoreProperty("GroupSearchBase").split("#")) {
                arrayList.addAll(getLDAPRoleNames(i3, str, i, this.realmConfig.getUserStoreProperty("GroupNameListFilter"), this.realmConfig.getUserStoreProperty("GroupNameAttribute"), str2, false));
            }
        }
        return (String[]) arrayList.toArray(new String[arrayList.size()]);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public String[] doGetSharedRoleNames(String str, String str2, int i) throws UserStoreException {
        int i2;
        int i3;
        String str3;
        if (!isSharedGroupEnabled()) {
            return new String[0];
        }
        if (i == 0) {
            return new String[0];
        }
        try {
            i2 = Integer.parseInt(this.realmConfig.getUserStoreProperty("MaxRoleNameListLength"));
        } catch (Exception e) {
            i2 = 100;
        }
        try {
            i3 = Integer.parseInt(this.realmConfig.getUserStoreProperty(UserCoreConstants.RealmConfig.PROPERTY_MAX_SEARCH_TIME));
        } catch (Exception e2) {
            i3 = 10000;
        }
        if (i < 0 || i > i2) {
            i = i2;
        }
        if ("carbon.super".equalsIgnoreCase(str)) {
            str3 = this.realmConfig.getUserStoreProperty(LDAPConstants.SHARED_GROUP_SEARCH_BASE);
        } else {
            String userStoreProperty = this.realmConfig.getUserStoreProperty(LDAPConstants.SHARED_TENANT_NAME_ATTRIBUTE);
            if (userStoreProperty == null || userStoreProperty.trim().length() == 0) {
                userStoreProperty = "ou";
            }
            str3 = userStoreProperty + "=" + str + "," + this.realmConfig.getUserStoreProperty(LDAPConstants.SHARED_GROUP_SEARCH_BASE);
        }
        List<String> lDAPRoleNames = getLDAPRoleNames(i3, str2, i, this.realmConfig.getUserStoreProperty("GroupNameListFilter"), this.realmConfig.getUserStoreProperty("GroupNameAttribute"), str3, true);
        filterSharedRoles(lDAPRoleNames, CarbonContext.getThreadLocalCarbonContext().getTenantDomain());
        return (String[]) lDAPRoleNames.toArray(new String[lDAPRoleNames.size()]);
    }

    @Override // org.wso2.carbon.user.core.UserStoreManager
    public RealmConfiguration getRealmConfiguration() {
        return this.realmConfig;
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public String[] doGetUserListOfRole(String str, String str2) throws UserStoreException {
        return getUserListOfLDAPRole(createRoleContext(str), str2);
    }

    public String[] getUserListOfLDAPRole(RoleContext roleContext, String str) throws UserStoreException {
        int i;
        int i2;
        int i3;
        boolean isDebugEnabled = log.isDebugEnabled();
        if (isDebugEnabled) {
            log.debug("Getting user list of role: " + roleContext.getRoleName() + " with filter: " + str);
        }
        ArrayList arrayList = new ArrayList();
        String[] strArr = new String[0];
        try {
            i = Integer.parseInt(this.realmConfig.getUserStoreProperty("MaxUserNameListLength"));
        } catch (Exception e) {
            i = 100;
        }
        try {
            i2 = Integer.parseInt(this.realmConfig.getUserStoreProperty(UserCoreConstants.RealmConfig.PROPERTY_MAX_SEARCH_TIME));
        } catch (Exception e2) {
            i2 = 10000;
        }
        DirContext dirContext = null;
        NamingEnumeration namingEnumeration = null;
        try {
            try {
                SearchControls searchControls = new SearchControls();
                searchControls.setSearchScope(2);
                searchControls.setTimeLimit(i2);
                searchControls.setCountLimit(i);
                String str2 = "(&" + ((LDAPRoleContext) roleContext).getListFilter() + "(" + ((LDAPRoleContext) roleContext).getRoleNameProperty() + "=" + escapeSpecialCharactersForFilter(roleContext.getRoleName()) + "))";
                int i4 = 0;
                boolean z = false;
                String userStoreProperty = this.realmConfig.getUserStoreProperty(MEMBERSHIP_ATTRIBUTE_RANGE);
                int parseInt = StringUtils.isNotEmpty(userStoreProperty) ? Integer.parseInt(userStoreProperty) : 0;
                int i5 = parseInt > 0 ? parseInt - 1 : 0;
                String userStoreProperty2 = this.realmConfig.getUserStoreProperty("MembershipAttribute");
                ArrayList<String> arrayList2 = new ArrayList();
                String str3 = userStoreProperty2;
                loop0: while (!z) {
                    if (i5 > 0 && StringUtils.isNotEmpty(userStoreProperty2)) {
                        str3 = userStoreProperty2 + String.format(";range=%1$d-%2$d", Integer.valueOf(i4), Integer.valueOf(i5));
                    }
                    searchControls.setReturningAttributes(new String[]{str3});
                    SearchResult searchResult = null;
                    dirContext = this.connectionSource.getContext();
                    if (!((LDAPRoleContext) roleContext).getRoleDNPatterns().isEmpty()) {
                        Iterator<String> it = ((LDAPRoleContext) roleContext).getRoleDNPatterns().iterator();
                        while (true) {
                            if (!it.hasNext()) {
                                break;
                            }
                            String next = it.next();
                            if (isDebugEnabled) {
                                log.debug("Using pattern: " + next);
                            }
                            try {
                                namingEnumeration = dirContext.search(escapeDNForSearch(MessageFormat.format(next.trim(), escapeSpecialCharactersForDN(roleContext.getRoleName()))), str2, searchControls);
                            } catch (NamingException e3) {
                                if (log.isDebugEnabled()) {
                                    log.debug(e3);
                                }
                            }
                            if (namingEnumeration.hasMore()) {
                                searchResult = (SearchResult) namingEnumeration.next();
                                break;
                            }
                        }
                    }
                    if (searchResult == null) {
                        for (String str4 : ((LDAPRoleContext) roleContext).getSearchBase().split("#")) {
                            if (isDebugEnabled) {
                                log.debug("Searching role: " + roleContext.getRoleName() + " SearchBase: " + str4 + " SearchFilter: " + str2);
                            }
                            try {
                                namingEnumeration = dirContext.search(escapeDNForSearch(str4), str2, searchControls);
                                i3 = 0;
                            } catch (NamingException e4) {
                                if (log.isDebugEnabled()) {
                                    log.debug(e4);
                                }
                            }
                            if (namingEnumeration.hasMore()) {
                                while (namingEnumeration.hasMore()) {
                                    if (i3 > 0) {
                                        throw new UserStoreException("More than one group exist with name");
                                        break loop0;
                                    }
                                    searchResult = (SearchResult) namingEnumeration.next();
                                    i3++;
                                }
                                break;
                            }
                        }
                    }
                    if (isDebugEnabled) {
                        log.debug("Found role: " + searchResult.getNameInNamespace());
                    }
                    Attributes attributes = searchResult.getAttributes();
                    if (attributes != null) {
                        int i6 = 0;
                        NamingEnumeration all = attributes.getAll();
                        while (all.hasMore()) {
                            Attribute attribute = (Attribute) all.next();
                            if (userStoreProperty2 == null || isAttributeEqualsProperty(userStoreProperty2, attribute.getID())) {
                                NamingEnumeration all2 = attribute.getAll();
                                while (all2.hasMore()) {
                                    String obj = all2.next().toString();
                                    arrayList2.add(obj);
                                    i6++;
                                    if (isDebugEnabled) {
                                        log.debug("Found attribute: " + userStoreProperty2 + " value: " + obj);
                                    }
                                }
                            }
                        }
                        if (parseInt == 0 || i6 < parseInt) {
                            z = true;
                        } else {
                            i4 += parseInt;
                            i5 += parseInt;
                        }
                    }
                }
                if ("memberUid".equals(this.realmConfig.getUserStoreProperty("MembershipAttribute"))) {
                    ArrayList arrayList3 = new ArrayList();
                    Iterator it2 = arrayList2.iterator();
                    while (it2.hasNext()) {
                        arrayList3.add(getNameInSpaceForUserName((String) it2.next()));
                    }
                    arrayList2 = arrayList3;
                }
                String userStoreProperty3 = this.realmConfig.getUserStoreProperty("UserNameAttribute");
                String userStoreProperty4 = this.realmConfig.getUserStoreProperty(LDAPConstants.DISPLAY_NAME_ATTRIBUTE);
                String[] strArr2 = {userStoreProperty3, userStoreProperty4};
                for (String str5 : arrayList2) {
                    if (isDebugEnabled) {
                        log.debug("Getting name attributes of: " + str5);
                    }
                    try {
                        Attributes attributes2 = dirContext.getAttributes(escapeDNForSearch(str5), strArr2);
                        String str6 = null;
                        if (attributes2 != null) {
                            Attribute attribute2 = attributes2.get(userStoreProperty3);
                            if (attribute2 != null) {
                                str6 = (String) attribute2.get();
                                if (isDebugEnabled) {
                                    log.debug("UserName: " + str6);
                                }
                            }
                            if (StringUtils.isNotEmpty(userStoreProperty4)) {
                                Attribute attribute3 = attributes2.get(userStoreProperty4);
                                r34 = attribute3 != null ? (String) attribute3.get() : null;
                                if (isDebugEnabled) {
                                    log.debug("DisplayName: " + r34);
                                }
                            }
                        }
                        String userStoreProperty5 = this.realmConfig.getUserStoreProperty("DomainName");
                        if (str6 != null) {
                            String combinedName = UserCoreUtil.getCombinedName(userStoreProperty5, str6, r34);
                            arrayList.add(combinedName);
                            if (isDebugEnabled) {
                                log.debug(combinedName + " is added to the result list");
                            }
                        } else if (log.isDebugEnabled()) {
                            log.debug("User " + str5 + " doesn't have the user name property : " + userStoreProperty3);
                        }
                    } catch (NamingException e5) {
                        if (log.isDebugEnabled()) {
                            log.debug("Error in reading user information in the user store for the user " + str5 + e5.getMessage(), e5);
                        }
                    }
                }
                strArr = (String[]) arrayList.toArray(new String[arrayList.size()]);
                JNDIUtil.closeNamingEnumeration(namingEnumeration);
                JNDIUtil.closeContext(dirContext);
            } catch (Throwable th) {
                JNDIUtil.closeNamingEnumeration(namingEnumeration);
                JNDIUtil.closeContext(dirContext);
                throw th;
            }
        } catch (NamingException e6) {
            String str7 = "Error in reading user information in the user store for filter : " + str;
            if (log.isDebugEnabled()) {
                log.debug(str7, e6);
            }
            throw new UserStoreException(str7, e6);
        } catch (PartialResultException e7) {
            String str8 = "Error in reading user information in the user store for filter : " + str;
            if (!isIgnorePartialResultException()) {
                throw new UserStoreException(str8, e7);
            }
            if (log.isDebugEnabled()) {
                log.debug(str8, e7);
            }
            JNDIUtil.closeNamingEnumeration(namingEnumeration);
            JNDIUtil.closeContext(dirContext);
        }
        return strArr;
    }

    private boolean isAttributeEqualsProperty(String str, String str2) {
        if (StringUtils.isEmpty(str) || StringUtils.isEmpty(str2)) {
            return false;
        }
        return str.equals(str2) || str.equals(str2.substring(0, str2.indexOf(RegistryConstants.URL_SEPARATOR)));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getEffectiveSearchBase(boolean z) {
        String userStoreProperty = this.realmConfig.getUserStoreProperty(LDAPConstants.BACK_LINKS_ENABLED);
        boolean z2 = false;
        if (userStoreProperty != null && !userStoreProperty.equals("")) {
            z2 = Boolean.parseBoolean(userStoreProperty);
        }
        return z2 ? this.realmConfig.getUserStoreProperty("UserSearchBase") : z ? this.realmConfig.getUserStoreProperty(LDAPConstants.SHARED_GROUP_SEARCH_BASE) : this.realmConfig.getUserStoreProperty("GroupSearchBase");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String[] getLDAPRoleListOfUser(String str, String str2, String str3, boolean z) throws UserStoreException {
        String userStoreProperty;
        String userStoreProperty2;
        String escapeLdapNameForFilter;
        if (str == null) {
            throw new UserStoreException("userName value is null.");
        }
        boolean isDebugEnabled = log.isDebugEnabled();
        List<String> arrayList = new ArrayList();
        if (this.readGroupsEnabled && !UserCoreUtil.isRegistryAnnonymousUser(str) && !UserCoreUtil.isRegistrySystemUser(str)) {
            SearchControls searchControls = new SearchControls();
            searchControls.setSearchScope(2);
            String userStoreProperty3 = this.realmConfig.getUserStoreProperty("MemberOfAttribute");
            if (userStoreProperty3 == null || userStoreProperty3.length() <= 0) {
                if (z) {
                    userStoreProperty = this.realmConfig.getUserStoreProperty("GroupNameListFilter");
                    userStoreProperty2 = this.realmConfig.getUserStoreProperty("GroupNameAttribute");
                } else {
                    userStoreProperty = this.realmConfig.getUserStoreProperty("GroupNameListFilter");
                    userStoreProperty2 = this.realmConfig.getUserStoreProperty("GroupNameAttribute");
                }
                String userStoreProperty4 = this.realmConfig.getUserStoreProperty("MembershipAttribute");
                String userStoreProperty5 = this.realmConfig.getUserStoreProperty("UserDNPattern");
                String nameInSpaceForUserName = (userStoreProperty5 == null || userStoreProperty5.trim().length() <= 0 || userStoreProperty5.contains("#")) ? getNameInSpaceForUserName(str) : MessageFormat.format(userStoreProperty5, escapeSpecialCharactersForDN(str));
                if (userStoreProperty4 == null || userStoreProperty4.length() < 1) {
                    throw new UserStoreException("Please set member of attribute or membership attribute");
                }
                if (nameInSpaceForUserName == null) {
                    return new String[0];
                }
                try {
                    LdapName ldapName = new LdapName(nameInSpaceForUserName);
                    if ("memberUid".equals(this.realmConfig.getUserStoreProperty("MembershipAttribute"))) {
                        List rdns = ldapName.getRdns();
                        escapeLdapNameForFilter = ((Rdn) rdns.get(rdns.size() - 1)).getValue().toString();
                    } else {
                        escapeLdapNameForFilter = escapeLdapNameForFilter(ldapName);
                    }
                    String str4 = "(&" + userStoreProperty + "(" + userStoreProperty4 + "=" + escapeLdapNameForFilter + "))";
                    searchControls.setReturningAttributes(new String[]{userStoreProperty2});
                    if (isDebugEnabled) {
                        log.debug("Reading roles with the membershipProperty Property: " + userStoreProperty4);
                    }
                    arrayList = getListOfNames(str3, str4, searchControls, userStoreProperty2, false);
                } catch (InvalidNameException e) {
                    log.error("Error while creating LDAP name from: " + nameInSpaceForUserName);
                    throw new UserStoreException("Invalid naming exception for : " + nameInSpaceForUserName, (Throwable) e);
                }
            } else {
                String userStoreProperty6 = this.realmConfig.getUserStoreProperty("UserNameAttribute");
                String replace = this.realmConfig.getUserStoreProperty("UserNameSearchFilter").replace("?", escapeSpecialCharactersForFilter(str));
                String userStoreProperty7 = this.realmConfig.getUserStoreProperty(LDAPConstants.LDAP_ATTRIBUTES_BINARY);
                String userStoreProperty8 = this.realmConfig.getUserStoreProperty(LDAPConstants.PRIMARY_GROUP_ID);
                String[] strArr = {userStoreProperty3};
                if (userStoreProperty7 != null && userStoreProperty8 != null) {
                    strArr = new String[]{userStoreProperty3, userStoreProperty7, userStoreProperty8};
                }
                searchControls.setReturningAttributes(strArr);
                if (isDebugEnabled) {
                    log.debug("Reading roles with the memberOfProperty Property: " + userStoreProperty3);
                }
                if (userStoreProperty7 == null || userStoreProperty8 == null) {
                    LdapName fromUserCache = getFromUserCache(str);
                    if (fromUserCache != null) {
                        str3 = fromUserCache.toString();
                    } else {
                        String userStoreProperty9 = this.realmConfig.getUserStoreProperty("UserDNPattern");
                        if (userStoreProperty9 != null && userStoreProperty9.trim().length() > 0 && !userStoreProperty9.contains("#")) {
                            str3 = MessageFormat.format(userStoreProperty9, escapeSpecialCharactersForDN(str));
                        }
                    }
                    List<String> listOfNames = getListOfNames(str3, replace, searchControls, userStoreProperty3, false);
                    ArrayList arrayList2 = new ArrayList();
                    Iterator<String> it = listOfNames.iterator();
                    while (it.hasNext()) {
                        try {
                            arrayList2.add(new LdapName(it.next()));
                        } catch (InvalidNameException e2) {
                            if (log.isDebugEnabled()) {
                                log.debug("LDAP Name error :", e2);
                            }
                        }
                    }
                    arrayList = getGroupNameAttributeValuesOfGroups(arrayList2);
                } else {
                    arrayList = getAttributeListOfOneElementWithPrimarGroup(str3, replace, searchControls, userStoreProperty7, userStoreProperty8, userStoreProperty6, userStoreProperty3);
                }
            }
        } else if (UserCoreUtil.isRegistryAnnonymousUser(str)) {
            arrayList.add(CarbonConstants.REGISTRY_ANONNYMOUS_ROLE_NAME);
        }
        String[] strArr2 = (String[]) arrayList.toArray(new String[arrayList.size()]);
        if (strArr2 != null) {
            for (String str5 : strArr2) {
                log.debug("Found role: " + str5);
            }
        }
        return strArr2;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public String[] doGetExternalRoleListOfUser(String str, String str2) throws UserStoreException {
        return getLDAPRoleListOfUser(str, str2, getEffectiveSearchBase(false), false);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public String[] doGetSharedRoleListOfUser(String str, String str2, String str3) throws UserStoreException {
        String effectiveSearchBase = getEffectiveSearchBase(true);
        if (str2 != null && str2.trim().length() > 0 && !"carbon.super".equalsIgnoreCase(str2.trim())) {
            String userStoreProperty = this.realmConfig.getUserStoreProperty(LDAPConstants.SHARED_TENANT_NAME_ATTRIBUTE);
            if (userStoreProperty == null || userStoreProperty.trim().length() == 0) {
                userStoreProperty = "ou";
            }
            effectiveSearchBase = userStoreProperty + "=" + str2 + "," + effectiveSearchBase;
        }
        return getLDAPRoleListOfUser(str, str3, effectiveSearchBase, true);
    }

    @Override // org.wso2.carbon.user.core.UserStoreManager, org.wso2.carbon.user.api.UserStoreManager
    public boolean isReadOnly() throws UserStoreException {
        return true;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getNameInSpaceForUserName(String str) throws UserStoreException {
        if (str == null) {
            throw new UserStoreException("userName value is null.");
        }
        LdapName fromUserCache = getFromUserCache(str);
        return fromUserCache != null ? fromUserCache.toString() : getNameInSpaceForUsernameFromLDAP(str);
    }

    protected String getNameInSpaceForUsernameFromLDAP(String str) throws UserStoreException {
        String replace = this.realmConfig.getUserStoreProperty("UserNameSearchFilter").replace("?", escapeSpecialCharactersForFilter(str));
        String userStoreProperty = this.realmConfig.getUserStoreProperty("UserDNPattern");
        if (userStoreProperty != null && userStoreProperty.trim().length() > 0) {
            for (String str2 : userStoreProperty.split("#")) {
                String nameInSpaceForUserName = getNameInSpaceForUserName(str, MessageFormat.format(str2, escapeSpecialCharactersForDN(str)), replace);
                if (nameInSpaceForUserName != null) {
                    return nameInSpaceForUserName;
                }
            }
        }
        return getNameInSpaceForUserName(str, this.realmConfig.getUserStoreProperty("UserSearchBase"), replace);
    }

    /* JADX WARN: Finally extract failed */
    protected String getNameInSpaceForUserName(String str, String str2, String str3) throws UserStoreException {
        SearchResult searchResult;
        boolean isDebugEnabled = log.isDebugEnabled();
        if (str == null) {
            throw new UserStoreException("userName value is null.");
        }
        LdapName fromUserCache = getFromUserCache(str);
        if (fromUserCache != null) {
            return fromUserCache.toString();
        }
        String str4 = null;
        DirContext context = this.connectionSource.getContext();
        NamingEnumeration namingEnumeration = null;
        try {
            try {
                SearchControls searchControls = new SearchControls();
                searchControls.setSearchScope(2);
                if (log.isDebugEnabled()) {
                    try {
                        log.debug("Searching for user with SearchFilter: " + str3 + " in SearchBase: " + context.getNameInNamespace());
                    } catch (NamingException e) {
                        log.debug("Error while getting DN of search base", e);
                    }
                }
                String[] split = str2.split("#");
                int length = split.length;
                int i = 0;
                while (true) {
                    if (i >= length) {
                        break;
                    }
                    namingEnumeration = context.search(escapeDNForSearch(split[i]), str3, searchControls);
                    if (namingEnumeration.hasMore() && (searchResult = (SearchResult) namingEnumeration.next()) != null) {
                        str4 = searchResult.getNameInNamespace();
                        break;
                    }
                    i++;
                }
                if (str4 != null) {
                    putToUserCache(str, new LdapName(str4));
                }
                if (isDebugEnabled) {
                    log.debug("Name in space for " + str + " is " + str4);
                }
                JNDIUtil.closeNamingEnumeration(namingEnumeration);
                JNDIUtil.closeContext(context);
            } catch (Exception e2) {
                log.debug(e2.getMessage(), e2);
                JNDIUtil.closeNamingEnumeration(namingEnumeration);
                JNDIUtil.closeContext(context);
            }
            return str4;
        } catch (Throwable th) {
            JNDIUtil.closeNamingEnumeration(namingEnumeration);
            JNDIUtil.closeContext(context);
            throw th;
        }
    }

    private List<String> parseSearchResult(SearchResult searchResult, String str) {
        ArrayList arrayList = new ArrayList();
        Attributes attributes = searchResult.getAttributes();
        if (attributes != null) {
            try {
                NamingEnumeration all = attributes.getAll();
                while (all.hasMore()) {
                    Attribute attribute = (Attribute) all.next();
                    if (str == null || str.equals(attribute.getID())) {
                        NamingEnumeration all2 = attribute.getAll();
                        while (all2.hasMore()) {
                            String obj = all2.next().toString();
                            int indexOf = obj.indexOf("=") + 1;
                            int indexOf2 = obj.indexOf(",");
                            if (indexOf > -1 && indexOf2 > -1) {
                                obj = obj.substring(indexOf, indexOf2);
                            }
                            arrayList.add(obj);
                        }
                        JNDIUtil.closeNamingEnumeration(all2);
                    }
                }
                JNDIUtil.closeNamingEnumeration(all);
            } catch (NamingException e) {
                log.debug(e.getMessage(), e);
            }
        }
        return arrayList;
    }

    private List<String> getAttributeListOfOneElementWithPrimarGroup(String str, String str2, SearchControls searchControls, String str3, String str4, String str5, String str6) throws UserStoreException {
        boolean isDebugEnabled = log.isDebugEnabled();
        List<String> arrayList = new ArrayList();
        DirContext dirContext = null;
        NamingEnumeration namingEnumeration = null;
        if (isDebugEnabled) {
            log.debug("GetAttributeListOfOneElementWithPrimarGroup. SearchBase: " + str + " SearchFilter: " + str2);
        }
        try {
            try {
                dirContext = this.connectionSource.getContext();
                namingEnumeration = dirContext.search(escapeDNForSearch(str), str2, searchControls);
                int i = 0;
                while (namingEnumeration.hasMore()) {
                    if (i > 0) {
                        log.error("More than element user exist with name");
                        throw new UserStoreException("More than element user exist with name");
                    }
                    SearchResult searchResult = (SearchResult) namingEnumeration.next();
                    i++;
                    arrayList = parseSearchResult(searchResult, str6);
                    String findGroupBySID = LDAPUtil.findGroupBySID(dirContext, str, LDAPUtil.getPrimaryGroupSID(searchResult, str3, str4), str5);
                    if (findGroupBySID != null) {
                        arrayList.add(findGroupBySID);
                    }
                }
                JNDIUtil.closeNamingEnumeration(namingEnumeration);
                JNDIUtil.closeContext(dirContext);
            } catch (NamingException e) {
                if (log.isDebugEnabled()) {
                    log.debug(e.getMessage(), e);
                }
                throw new UserStoreException(e.getMessage(), e);
            } catch (PartialResultException e2) {
                String str7 = "Error occurred while GetAttributeListOfOneElementWithPrimarGroup. SearchBase: " + str + " SearchFilter: " + str2;
                if (!isIgnorePartialResultException()) {
                    throw new UserStoreException(str7, e2);
                }
                if (log.isDebugEnabled()) {
                    log.debug(str7, e2);
                }
                JNDIUtil.closeNamingEnumeration(namingEnumeration);
                JNDIUtil.closeContext(dirContext);
            }
            if (isDebugEnabled) {
                log.debug("GetAttributeListOfOneElementWithPrimarGroup. SearchBase: " + str + " SearchFilter: " + str2);
                Iterator<String> it = arrayList.iterator();
                while (it.hasNext()) {
                    log.debug("result: " + it.next());
                }
            }
            return arrayList;
        } catch (Throwable th) {
            JNDIUtil.closeNamingEnumeration(namingEnumeration);
            JNDIUtil.closeContext(dirContext);
            throw th;
        }
    }

    protected List<String> getAttributeListOfOneElement(String str, String str2, SearchControls searchControls) throws UserStoreException {
        int i;
        List<String> arrayList = new ArrayList();
        DirContext dirContext = null;
        NamingEnumeration namingEnumeration = null;
        try {
            dirContext = this.connectionSource.getContext();
            loop0: for (String str3 : str.split("#")) {
                try {
                    namingEnumeration = dirContext.search(escapeDNForSearch(str3), str2, searchControls);
                    i = 0;
                } catch (NamingException e) {
                    if (log.isDebugEnabled()) {
                        log.debug(e);
                    }
                }
                if (namingEnumeration.hasMore()) {
                    while (namingEnumeration.hasMore()) {
                        if (i > 0) {
                            log.error("More than element user exist with name");
                            throw new UserStoreException("More than element user exist with name");
                            break;
                        }
                        i++;
                        arrayList = parseSearchResult((SearchResult) namingEnumeration.next(), null);
                    }
                    break loop0;
                }
            }
            JNDIUtil.closeNamingEnumeration(namingEnumeration);
            JNDIUtil.closeContext(dirContext);
            return arrayList;
        } catch (Throwable th) {
            JNDIUtil.closeNamingEnumeration(namingEnumeration);
            JNDIUtil.closeContext(dirContext);
            throw th;
        }
    }

    private List<String> getListOfNames(String str, String str2, SearchControls searchControls, String str3, boolean z) throws UserStoreException {
        Attribute attribute;
        boolean isDebugEnabled = log.isDebugEnabled();
        ArrayList arrayList = new ArrayList();
        DirContext dirContext = null;
        NamingEnumeration namingEnumeration = null;
        if (isDebugEnabled) {
            log.debug("Result for searchBase: " + str + " searchFilter: " + str2 + " property:" + str3 + " appendDN: " + z);
        }
        try {
            dirContext = this.connectionSource.getContext();
            for (String str4 : str.split("#")) {
                try {
                    namingEnumeration = dirContext.search(escapeDNForSearch(str4), str2, searchControls);
                    String userStoreProperty = getRealmConfiguration().getUserStoreProperty("DomainName");
                    while (namingEnumeration.hasMoreElements()) {
                        SearchResult searchResult = (SearchResult) namingEnumeration.next();
                        if (searchResult.getAttributes() != null && (attribute = searchResult.getAttributes().get(str3)) != null) {
                            NamingEnumeration all = attribute.getAll();
                            while (all.hasMoreElements()) {
                                String str5 = (String) all.nextElement();
                                if (isDebugEnabled) {
                                    log.debug("Found user: " + str5);
                                }
                                userStoreProperty = UserCoreUtil.addDomainToName(str5, userStoreProperty);
                                arrayList.add(str5);
                            }
                        }
                    }
                } catch (NamingException e) {
                    if (log.isDebugEnabled()) {
                        log.debug(e);
                    }
                }
                if (isDebugEnabled) {
                    Iterator it = arrayList.iterator();
                    while (it.hasNext()) {
                        log.debug("Result  :  " + ((String) it.next()));
                    }
                }
            }
            JNDIUtil.closeNamingEnumeration(namingEnumeration);
            JNDIUtil.closeContext(dirContext);
            return arrayList;
        } catch (Throwable th) {
            JNDIUtil.closeNamingEnumeration(namingEnumeration);
            JNDIUtil.closeContext(dirContext);
            throw th;
        }
    }

    @Override // org.wso2.carbon.user.api.UserStoreManager
    public Map<String, String> getProperties(Tenant tenant) throws org.wso2.carbon.user.api.UserStoreException {
        return getProperties((org.wso2.carbon.user.core.tenant.Tenant) tenant);
    }

    @Override // org.wso2.carbon.user.core.UserStoreManager, org.wso2.carbon.user.api.UserStoreManager
    public int getTenantId() throws UserStoreException {
        return this.tenantId;
    }

    /* JADX WARN: Finally extract failed */
    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public String[] getUserListFromProperties(String str, String str2, String str3) throws UserStoreException {
        String str4;
        Attribute attribute;
        if (str2 == null) {
            return new String[0];
        }
        boolean isDebugEnabled = log.isDebugEnabled();
        String str5 = ",";
        ArrayList arrayList = new ArrayList();
        String userStoreProperty = this.realmConfig.getUserStoreProperty("UserNameListFilter");
        String userStoreProperty2 = this.realmConfig.getUserStoreProperty("UserNameAttribute");
        if (OBJECT_GUID.equalsIgnoreCase(str)) {
            String userStoreProperty3 = this.realmConfig.getUserStoreProperty(ActiveDirectoryUserStoreConstants.TRANSFORM_OBJECTGUID_TO_UUID);
            str4 = "(&" + userStoreProperty + "(" + str + "=" + (StringUtils.equals(str2, "*") ? str2 : StringUtils.isEmpty(userStoreProperty3) || Boolean.parseBoolean(userStoreProperty3) ? transformUUIDToObjectGUID(str2) : convertBytesToHexString(Base64.decodeBase64(str2.getBytes()))) + "))";
        } else {
            str4 = "(&" + userStoreProperty + "(" + str + "=" + escapeSpecialCharactersForFilterWithStarAsRegex(str2) + "))";
        }
        DirContext context = this.connectionSource.getContext();
        NamingEnumeration<SearchResult> namingEnumeration = null;
        NamingEnumeration namingEnumeration2 = null;
        if (isDebugEnabled) {
            log.debug("Listing users with Property: " + str + " SearchFilter: " + str4);
        }
        String[] strArr = {userStoreProperty2, "sn"};
        try {
            try {
                SearchControls searchControls = new SearchControls();
                searchControls.setSearchScope(2);
                if (ArrayUtils.isNotEmpty(strArr)) {
                    searchControls.setReturningAttributes(strArr);
                }
                String str6 = null;
                try {
                    str6 = context.getNameInNamespace();
                } catch (NamingException e) {
                    log.error("Error while getting DN of search base", e);
                }
                if (log.isDebugEnabled()) {
                    log.debug("Searching for user with SearchFilter: " + str4 + " in SearchBase: " + str6);
                    if (ArrayUtils.isEmpty(strArr)) {
                        log.debug("No attributes requested");
                    } else {
                        for (String str7 : strArr) {
                            log.debug("Requesting attribute :" + str7);
                        }
                    }
                }
                String userStoreProperty4 = this.realmConfig.getUserStoreProperty("UserSearchBase");
                for (String str8 : userStoreProperty4.split("#")) {
                    namingEnumeration = searchForUsers(str4, str8, userStoreProperty4, -1, strArr);
                    if (namingEnumeration.hasMore()) {
                        break;
                    }
                }
                while (namingEnumeration.hasMoreElements()) {
                    Attributes attributes = ((SearchResult) namingEnumeration.next()).getAttributes();
                    if (attributes != null && (attribute = attributes.get(userStoreProperty2)) != null) {
                        StringBuffer stringBuffer = new StringBuffer();
                        namingEnumeration2 = attribute.getAll();
                        while (namingEnumeration2.hasMore()) {
                            String str9 = (String) namingEnumeration2.next();
                            if (str9 != null && str9.trim().length() > 0) {
                                String userStoreProperty5 = this.realmConfig.getUserStoreProperty(MULTI_ATTRIBUTE_SEPARATOR);
                                if (userStoreProperty5 != null && !userStoreProperty5.trim().isEmpty()) {
                                    str5 = userStoreProperty5;
                                }
                                stringBuffer.append(str9 + str5);
                                if (isDebugEnabled) {
                                    log.debug(userStoreProperty2 + " : " + str9);
                                }
                            }
                        }
                        String stringBuffer2 = stringBuffer.toString();
                        Attribute attribute2 = attributes.get("sn");
                        String str10 = attribute2 != null ? (String) attribute2.get() : null;
                        if (stringBuffer2 != null && stringBuffer2.trim().length() > str5.length()) {
                            if (!LDAPConstants.SERVER_PRINCIPAL_ATTRIBUTE_VALUE.equals(str10)) {
                                arrayList.add(stringBuffer2.substring(0, stringBuffer2.length() - str5.length()));
                            }
                        }
                    }
                }
                JNDIUtil.closeNamingEnumeration(namingEnumeration2);
                JNDIUtil.closeNamingEnumeration(namingEnumeration);
                JNDIUtil.closeContext(context);
                if (isDebugEnabled) {
                    for (String str11 : (String[]) arrayList.toArray(new String[arrayList.size()])) {
                        log.debug("result: " + str11);
                    }
                }
                return (String[]) arrayList.toArray(new String[arrayList.size()]);
            } catch (NamingException e2) {
                String str12 = "Error occurred while getting user list from property : " + str + " & value : " + str2 + " & profile name : " + str3;
                if (log.isDebugEnabled()) {
                    log.debug(str12, e2);
                }
                throw new UserStoreException(str12, e2);
            }
        } catch (Throwable th) {
            JNDIUtil.closeNamingEnumeration(namingEnumeration2);
            JNDIUtil.closeNamingEnumeration(namingEnumeration);
            JNDIUtil.closeContext(context);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public PaginatedSearchResult doGetUserList(Condition condition, String str, int i, int i2, String str2, String str3) throws UserStoreException {
        PaginatedSearchResult paginatedSearchResult = new PaginatedSearchResult();
        List<ExpressionCondition> expressionConditions = getExpressionConditions(condition);
        LDAPSearchSpecification lDAPSearchSpecification = new LDAPSearchSpecification(this.realmConfig, expressionConditions);
        int limit = getLimit(i, lDAPSearchSpecification.isMemberShipPropertyFound());
        int offset = getOffset(i2);
        if (limit == 0) {
            return paginatedSearchResult;
        }
        DirContext context = this.connectionSource.getContext();
        LdapContext ldapContext = (LdapContext) context;
        ArrayList arrayList = new ArrayList();
        try {
            try {
                ldapContext.setRequestControls(new Control[]{new PagedResultsControl(limit, true), new SortControl(this.realmConfig.getUserStoreProperty("UserNameAttribute"), false)});
                Iterator<String> it = performLDAPSearch(ldapContext, lDAPSearchSpecification, limit, offset, expressionConditions).iterator();
                while (it.hasNext()) {
                    arrayList.add(UserCoreUtil.addDomainToName(it.next(), getMyDomainName()));
                }
                paginatedSearchResult.setUsers((String[]) arrayList.toArray(new String[0]));
                JNDIUtil.closeContext(context);
                JNDIUtil.closeContext(ldapContext);
                return paginatedSearchResult;
            } catch (NamingException e) {
                log.error(String.format("Error occurred while performing paginated search, %s", e.getMessage()));
                throw new UserStoreException(e.getMessage(), (Throwable) e);
            } catch (IOException e2) {
                log.error(String.format("Error occurred while setting paged results controls for paginated search, %s", e2.getMessage()));
                throw new UserStoreException(e2.getMessage(), e2);
            }
        } catch (Throwable th) {
            JNDIUtil.closeContext(context);
            JNDIUtil.closeContext(ldapContext);
            throw th;
        }
    }

    private int getOffset(int i) {
        return i <= 0 ? 0 : i - 1;
    }

    private int getLimit(int i, boolean z) {
        int i2;
        try {
            i2 = Integer.parseInt(this.realmConfig.getUserStoreProperty("MaxUserNameListLength"));
        } catch (Exception e) {
            i2 = 100;
        }
        if (z || i > i2) {
            i = i2;
        }
        return i;
    }

    private static byte[] parseControls(Control[] controlArr) {
        byte[] bArr = null;
        if (controlArr != null) {
            for (int i = 0; i < controlArr.length; i++) {
                if (controlArr[i] instanceof PagedResultsResponseControl) {
                    bArr = ((PagedResultsResponseControl) controlArr[i]).getCookie();
                }
            }
        }
        return bArr;
    }

    private List<ExpressionCondition> getExpressionConditions(Condition condition) {
        ArrayList arrayList = new ArrayList();
        getExpressionConditionsAsList(condition, arrayList);
        return arrayList;
    }

    private void getExpressionConditionsAsList(Condition condition, List<ExpressionCondition> list) {
        if (condition instanceof ExpressionCondition) {
            ExpressionCondition expressionCondition = (ExpressionCondition) condition;
            expressionCondition.setAttributeValue(escapeSpecialCharactersForFilterWithStarAsRegex(expressionCondition.getAttributeValue()));
            list.add(expressionCondition);
        } else if (condition instanceof OperationalCondition) {
            getExpressionConditionsAsList(((OperationalCondition) condition).getLeftCondition(), list);
            getExpressionConditionsAsList(((OperationalCondition) condition).getRightCondition(), list);
        }
    }

    private List<String> performLDAPSearch(LdapContext ldapContext, LDAPSearchSpecification lDAPSearchSpecification, int i, int i2, List<ExpressionCondition> list) throws UserStoreException {
        int i3 = -1;
        boolean isGroupFiltering = lDAPSearchSpecification.isGroupFiltering();
        boolean isUsernameFiltering = lDAPSearchSpecification.isUsernameFiltering();
        boolean isClaimFiltering = lDAPSearchSpecification.isClaimFiltering();
        boolean isMemberShipPropertyFound = lDAPSearchSpecification.isMemberShipPropertyFound();
        String[] split = lDAPSearchSpecification.getSearchBases().split("#");
        String searchFilterQuery = lDAPSearchSpecification.getSearchFilterQuery();
        SearchControls searchControls = lDAPSearchSpecification.getSearchControls();
        List<String> asList = Arrays.asList(searchControls.getReturningAttributes());
        NamingEnumeration<SearchResult> namingEnumeration = null;
        List<String> arrayList = new ArrayList();
        if (log.isDebugEnabled()) {
            log.debug(String.format("Searching for user(s) with SearchFilter: %s and page size %d", searchFilterQuery, Integer.valueOf(i)));
        }
        try {
            try {
                try {
                    for (String str : split) {
                        while (true) {
                            List<String> arrayList2 = new ArrayList();
                            namingEnumeration = ldapContext.search(escapeDNForSearch(str), searchFilterQuery, searchControls);
                            if (namingEnumeration.hasMore()) {
                                arrayList2 = getUserListFromSearch(isGroupFiltering, asList, namingEnumeration, isSingleAttributeFilterOperation(list));
                                i3++;
                            }
                            if (CollectionUtils.isNotEmpty(arrayList2)) {
                                if (isMemberShipPropertyFound) {
                                    arrayList = membershipGroupFilterPostProcessing(isUsernameFiltering, isClaimFiltering, list, arrayList2);
                                    break;
                                }
                                generatePaginatedUserList(i3, i2, i, arrayList2, arrayList);
                                if (i - arrayList.size() == 0) {
                                    break;
                                }
                            }
                            byte[] parseControls = parseControls(ldapContext.getResponseControls());
                            ldapContext.setRequestControls(new Control[]{new PagedResultsControl(i, parseControls, true), new SortControl(this.realmConfig.getUserStoreProperty("UserNameAttribute"), false)});
                            if (parseControls != null && parseControls.length != 0) {
                            }
                        }
                    }
                    JNDIUtil.closeNamingEnumeration(namingEnumeration);
                } catch (NamingException e) {
                    log.error(String.format("Error occurred while searching for user(s) for filter: %s, %s", searchFilterQuery, e.getMessage()));
                    throw new UserStoreException(e.getMessage(), (Throwable) e);
                }
            } catch (PartialResultException e2) {
                if (!isIgnorePartialResultException()) {
                    log.error(String.format("Error occurred while searching for user(s) for filter: %s", searchFilterQuery));
                    throw new UserStoreException(e2.getMessage(), (Throwable) e2);
                }
                if (log.isDebugEnabled()) {
                    log.debug(String.format("Error occurred while searching for user(s) for filter: %s", searchFilterQuery));
                }
                JNDIUtil.closeNamingEnumeration(namingEnumeration);
            } catch (IOException e3) {
                log.error(String.format("Error occurred while doing paginated search, %s", e3.getMessage()));
                throw new UserStoreException(e3.getMessage(), e3);
            }
            return arrayList;
        } catch (Throwable th) {
            JNDIUtil.closeNamingEnumeration(namingEnumeration);
            throw th;
        }
    }

    private boolean isSingleAttributeFilterOperation(List<ExpressionCondition> list) {
        return list.size() == 1;
    }

    private List<String> getUserListFromSearch(boolean z, List<String> list, NamingEnumeration<SearchResult> namingEnumeration, boolean z2) throws UserStoreException {
        return z ? getUserListFromGroupFilterResult(namingEnumeration, list, z2) : getUserListFromNonGroupFilterResult(namingEnumeration, list);
    }

    private List<String> getUserListFromGroupFilterResult(NamingEnumeration<SearchResult> namingEnumeration, List<String> list, boolean z) throws UserStoreException {
        List<String> arrayList = new ArrayList<>();
        int i = 0;
        while (namingEnumeration.hasMoreElements()) {
            try {
                try {
                    i++;
                    ArrayList arrayList2 = new ArrayList();
                    Attributes attributes = ((SearchResult) namingEnumeration.next()).getAttributes();
                    if (attributes != null) {
                        NamingEnumeration all = attributes.getAll();
                        while (all.hasMore()) {
                            Attribute attribute = (Attribute) all.next();
                            if (isAttributeEqualsProperty(list.get(0), attribute.getID())) {
                                NamingEnumeration all2 = attribute.getAll();
                                while (all2.hasMore()) {
                                    arrayList2.add(all2.next().toString());
                                }
                            }
                        }
                        if (z) {
                            arrayList.addAll(arrayList2);
                        } else if (!list.contains(this.realmConfig.getUserStoreProperty("MembershipAttribute")) || i == 1) {
                            arrayList.addAll(arrayList2);
                        } else {
                            arrayList.retainAll(arrayList2);
                        }
                    }
                } catch (NamingException e) {
                    log.error(String.format("Error occurred while getting user list from group filter %s", e.getMessage()));
                    throw new UserStoreException(e.getMessage(), (Throwable) e);
                }
            } finally {
                JNDIUtil.closeNamingEnumeration(null);
            }
        }
        return list.contains(this.realmConfig.getUserStoreProperty("MembershipAttribute")) ? getUserNamesFromDNList(arrayList) : arrayList;
    }

    private List<String> getUserNamesFromDNList(List<String> list) throws UserStoreException {
        Attribute attribute;
        ArrayList arrayList = new ArrayList();
        DirContext context = this.connectionSource.getContext();
        String userStoreProperty = this.realmConfig.getUserStoreProperty("UserNameAttribute");
        String userStoreProperty2 = this.realmConfig.getUserStoreProperty(LDAPConstants.DISPLAY_NAME_ATTRIBUTE);
        String[] strArr = {userStoreProperty, userStoreProperty2};
        for (String str : list) {
            try {
                String str2 = null;
                Attributes attributes = context.getAttributes(escapeDNForSearch(str), strArr);
                if (attributes != null) {
                    Attribute attribute2 = attributes.get(userStoreProperty);
                    r17 = attribute2 != null ? (String) attribute2.get() : null;
                    if (StringUtils.isNotEmpty(userStoreProperty2) && (attribute = attributes.get(userStoreProperty2)) != null) {
                        str2 = (String) attribute.get();
                    }
                }
                String userStoreProperty3 = this.realmConfig.getUserStoreProperty("DomainName");
                if (r17 != null) {
                    arrayList.add(UserCoreUtil.getCombinedName(userStoreProperty3, r17, str2));
                } else if (log.isDebugEnabled()) {
                    log.debug(String.format("User %s doesn't have the user name property %s", str, userStoreProperty));
                }
            } catch (NamingException e) {
                log.error(String.format("Error in reading user information in the user store for the user %s, %s", str, e.getMessage()));
                throw new UserStoreException(e.getMessage(), (Throwable) e);
            }
        }
        return arrayList;
    }

    private List<String> getUserListFromNonGroupFilterResult(NamingEnumeration<SearchResult> namingEnumeration, List<String> list) throws UserStoreException {
        Attribute attribute;
        ArrayList arrayList = new ArrayList();
        String str = ",";
        NamingEnumeration namingEnumeration2 = null;
        while (namingEnumeration.hasMoreElements()) {
            try {
                try {
                    Attributes attributes = ((SearchResult) namingEnumeration.next()).getAttributes();
                    if (attributes != null && (attribute = attributes.get(list.get(0))) != null) {
                        StringBuffer stringBuffer = new StringBuffer();
                        namingEnumeration2 = attribute.getAll();
                        while (namingEnumeration2.hasMore()) {
                            String str2 = (String) namingEnumeration2.next();
                            if (StringUtils.isNotEmpty(str2.trim())) {
                                String userStoreProperty = this.realmConfig.getUserStoreProperty(MULTI_ATTRIBUTE_SEPARATOR);
                                if (StringUtils.isNotEmpty(userStoreProperty.trim())) {
                                    str = userStoreProperty;
                                }
                                stringBuffer.append(str2 + str);
                                if (log.isDebugEnabled()) {
                                    log.debug(list.get(0) + " : " + str2);
                                }
                            }
                        }
                        String stringBuffer2 = stringBuffer.toString();
                        Attribute attribute2 = attributes.get(list.get(1));
                        String str3 = null;
                        if (attribute2 != null) {
                            str3 = (String) attribute2.get();
                        }
                        if (stringBuffer2.trim().length() > str.length()) {
                            if (!LDAPConstants.SERVER_PRINCIPAL_ATTRIBUTE_VALUE.equals(str3)) {
                                arrayList.add(stringBuffer2.substring(0, stringBuffer2.length() - str.length()));
                            }
                        }
                    }
                } catch (NamingException e) {
                    log.error(String.format("Error occurred while getting user list from non group filter %s", e.getMessage()));
                    throw new UserStoreException(e.getMessage(), (Throwable) e);
                }
            } finally {
                JNDIUtil.closeNamingEnumeration(namingEnumeration2);
            }
        }
        return arrayList;
    }

    private void generatePaginatedUserList(int i, int i2, int i3, List<String> list, List<String> list2) {
        if (i == i2 / i3) {
            int i4 = i2 % i3;
            if (i4 < list.size() - 1) {
                list2.addAll(list.subList(i4, list.size()));
                return;
            } else {
                if (i4 == list.size() - 1) {
                    list2.add(list.get(list.size() - 1));
                    return;
                }
                return;
            }
        }
        if (i == (i2 / i3) + 1) {
            int size = i3 - list2.size();
            if (list.size() >= size) {
                list2.addAll(list.subList(0, size));
            } else {
                list2.addAll(list);
            }
        }
    }

    private List<String> getMatchUsersFromMemberList(List<ExpressionCondition> list, List<String> list2) {
        ArrayList arrayList = new ArrayList();
        for (ExpressionCondition expressionCondition : list) {
            if (ExpressionAttribute.USERNAME.toString().equals(expressionCondition.getAttributeName())) {
                arrayList.addAll(getMatchUserNames(expressionCondition, list2));
            }
        }
        LinkedHashSet linkedHashSet = new LinkedHashSet();
        linkedHashSet.addAll(arrayList);
        arrayList.clear();
        arrayList.addAll(linkedHashSet);
        return arrayList;
    }

    private List<String> getMatchUserNames(ExpressionCondition expressionCondition, List<String> list) {
        ArrayList arrayList = new ArrayList();
        for (String str : list) {
            if (ExpressionOperation.SW.toString().equals(expressionCondition.getOperation()) && str.startsWith(expressionCondition.getAttributeValue()) && !arrayList.contains(str)) {
                arrayList.add(str);
            } else if (ExpressionOperation.EQ.toString().equals(expressionCondition.getOperation()) && str.equals(expressionCondition.getAttributeValue()) && !arrayList.contains(str)) {
                arrayList.add(str);
            } else if (ExpressionOperation.CO.toString().equals(expressionCondition.getOperation()) && str.contains(expressionCondition.getAttributeValue()) && !arrayList.contains(str)) {
                arrayList.add(str);
            } else if (ExpressionOperation.EW.toString().equals(expressionCondition.getOperation()) && str.endsWith(expressionCondition.getAttributeValue()) && !arrayList.contains(str)) {
                arrayList.add(str);
            }
        }
        return arrayList;
    }

    private List<String> membershipGroupFilterPostProcessing(boolean z, boolean z2, List<ExpressionCondition> list, List<String> list2) throws UserStoreException {
        if (z) {
            list2 = getMatchUsersFromMemberList(list, list2);
        }
        return z2 ? getUserListFromClaimFiltering(list, list2) : list2;
    }

    private List<String> getUserListFromClaimFiltering(List<ExpressionCondition> list, List<String> list2) throws UserStoreException {
        List<String> arrayList = new ArrayList();
        Iterator<ExpressionCondition> it = list.iterator();
        while (it.hasNext()) {
            if (ExpressionAttribute.ROLE.toString().equals(it.next().getAttributeName())) {
                it.remove();
            }
        }
        LDAPSearchSpecification lDAPSearchSpecification = new LDAPSearchSpecification(this.realmConfig, list);
        SearchControls searchControls = lDAPSearchSpecification.getSearchControls();
        DirContext context = this.connectionSource.getContext();
        NamingEnumeration<SearchResult> namingEnumeration = null;
        try {
            try {
                namingEnumeration = context.search(lDAPSearchSpecification.getSearchBases(), lDAPSearchSpecification.getSearchFilterQuery(), searchControls);
                if (namingEnumeration.hasMore()) {
                    arrayList = getUserListFromNonGroupFilterResult(namingEnumeration, Arrays.asList(searchControls.getReturningAttributes()));
                }
                JNDIUtil.closeContext(context);
                JNDIUtil.closeNamingEnumeration(namingEnumeration);
                list2.retainAll(arrayList);
                return list2;
            } catch (NamingException e) {
                log.error(String.format("Error occurred while doing claim filtering for user(s) with filter: %s, %s", lDAPSearchSpecification.getSearchFilterQuery(), e.getMessage()));
                throw new UserStoreException(e.getMessage(), (Throwable) e);
            }
        } catch (Throwable th) {
            JNDIUtil.closeContext(context);
            JNDIUtil.closeNamingEnumeration(namingEnumeration);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String convertBytesToHexString(byte[] bArr) {
        StringBuilder sb = new StringBuilder();
        for (byte b : bArr) {
            sb.append("\\").append(String.format("%02x", Byte.valueOf(b)));
        }
        return sb.toString();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String transformUUIDToObjectGUID(String str) {
        ByteBuffer wrap = ByteBuffer.wrap(new byte[16]);
        wrap.putLong(UUID.fromString(str).getMostSignificantBits());
        wrap.putLong(UUID.fromString(str).getLeastSignificantBits());
        return convertBytesToHexString(swapBytes(wrap.array()));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public byte[] swapBytes(byte[] bArr) {
        byte b = bArr[3];
        bArr[3] = bArr[0];
        bArr[0] = b;
        byte b2 = bArr[2];
        bArr[2] = bArr[1];
        bArr[1] = b2;
        byte b3 = bArr[5];
        bArr[5] = bArr[4];
        bArr[4] = b3;
        byte b4 = bArr[7];
        bArr[7] = bArr[6];
        bArr[6] = b4;
        return bArr;
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public boolean doCheckIsUserInRole(String str, String str2) throws UserStoreException {
        List<String> attributeListOfOneElement;
        boolean isDebugEnabled = log.isDebugEnabled();
        if (str == null) {
            return false;
        }
        SearchControls searchControls = new SearchControls();
        searchControls.setSearchScope(2);
        LDAPRoleContext lDAPRoleContext = (LDAPRoleContext) createRoleContext(str2);
        String effectiveSearchBase = getEffectiveSearchBase(lDAPRoleContext.isShared());
        String userStoreProperty = this.realmConfig.getUserStoreProperty("MemberOfAttribute");
        if (userStoreProperty != null && userStoreProperty.length() > 0) {
            String userStoreProperty2 = this.realmConfig.getUserStoreProperty("UserNameAttribute");
            String replace = this.realmConfig.getUserStoreProperty("UserNameSearchFilter").replace("?", escapeSpecialCharactersForFilter(str));
            String userStoreProperty3 = this.realmConfig.getUserStoreProperty(LDAPConstants.LDAP_ATTRIBUTES_BINARY);
            String userStoreProperty4 = this.realmConfig.getUserStoreProperty(LDAPConstants.PRIMARY_GROUP_ID);
            String[] strArr = {userStoreProperty};
            if (userStoreProperty3 != null && userStoreProperty4 != null) {
                strArr = new String[]{userStoreProperty, userStoreProperty3, userStoreProperty4};
            }
            searchControls.setReturningAttributes(strArr);
            if (isDebugEnabled) {
                log.debug("Do check whether the user: " + str + " is in role: " + str2);
                log.debug("Search filter: " + replace);
                for (String str3 : strArr) {
                    log.debug("Requesting attribute: " + str3);
                }
            }
            if (userStoreProperty3 == null || userStoreProperty4 == null) {
                LdapName fromUserCache = getFromUserCache(str);
                if (fromUserCache != null) {
                    effectiveSearchBase = fromUserCache.toString();
                } else {
                    String userStoreProperty5 = this.realmConfig.getUserStoreProperty("UserDNPattern");
                    if (StringUtils.isNotEmpty(userStoreProperty5) && !userStoreProperty5.contains("#")) {
                        effectiveSearchBase = MessageFormat.format(userStoreProperty5, escapeSpecialCharactersForDN(str));
                    }
                }
                getListOfNames(effectiveSearchBase, replace, searchControls, userStoreProperty, false);
                attributeListOfOneElement = getAttributeListOfOneElement(effectiveSearchBase, replace, searchControls);
            } else {
                attributeListOfOneElement = getAttributeListOfOneElementWithPrimarGroup(effectiveSearchBase, replace, searchControls, userStoreProperty3, userStoreProperty4, userStoreProperty2, userStoreProperty);
            }
            if (isDebugEnabled) {
                if (attributeListOfOneElement != null) {
                    boolean z = false;
                    for (String str4 : attributeListOfOneElement) {
                        log.debug("Result: " + str4);
                        if (str4.equalsIgnoreCase(str2)) {
                            z = true;
                        }
                    }
                    log.debug("Is user: " + str + " in role: " + str2 + " ? " + z);
                } else {
                    log.debug("No results found !");
                }
            }
            if (attributeListOfOneElement == null) {
                return false;
            }
            RealmService realmService = UserStoreMgtDSComponent.getRealmService();
            if (realmService != null && realmService.getCachedUserRealm(this.tenantId) != null) {
                addAllRolesToUserRolesCache(str, attributeListOfOneElement);
            }
            Iterator<String> it = attributeListOfOneElement.iterator();
            while (it.hasNext()) {
                if (it.next().equalsIgnoreCase(str2)) {
                    return true;
                }
            }
            return false;
        }
        String userStoreProperty6 = this.realmConfig.getUserStoreProperty("GroupNameListFilter");
        String userStoreProperty7 = this.realmConfig.getUserStoreProperty("MembershipAttribute");
        if (userStoreProperty7 == null || userStoreProperty7.length() < 1) {
            throw new UserStoreException("Please set member of attribute or membership attribute");
        }
        String userStoreProperty8 = this.realmConfig.getUserStoreProperty("GroupNameAttribute");
        String userStoreProperty9 = this.realmConfig.getUserStoreProperty("UserDNPattern");
        String nameInSpaceForUserName = (!StringUtils.isNotEmpty(userStoreProperty9) || userStoreProperty9.contains("#")) ? getNameInSpaceForUserName(str) : MessageFormat.format(userStoreProperty9, escapeSpecialCharactersForDN(str));
        if (nameInSpaceForUserName == null) {
            return false;
        }
        try {
            String escapeLdapNameForFilter = escapeLdapNameForFilter(new LdapName(nameInSpaceForUserName));
            String str5 = "(&" + userStoreProperty6 + "(" + userStoreProperty7 + "=" + escapeLdapNameForFilter + "))";
            String[] strArr2 = {userStoreProperty8};
            searchControls.setReturningAttributes(strArr2);
            if (isDebugEnabled) {
                log.debug("Do check whether the user : " + str + " is in role: " + str2);
                log.debug("Search filter : " + str5);
                for (String str6 : strArr2) {
                    log.debug("Requesting attribute: " + str6);
                }
            }
            NamingEnumeration namingEnumeration = null;
            try {
                try {
                    DirContext context = this.connectionSource.getContext();
                    if (lDAPRoleContext.getRoleDNPatterns().size() > 0) {
                        for (String str7 : lDAPRoleContext.getRoleDNPatterns()) {
                            if (isDebugEnabled) {
                                log.debug("Using pattern: " + str7);
                            }
                            try {
                                namingEnumeration = context.search(escapeDNForSearch(MessageFormat.format(str7.trim(), escapeSpecialCharactersForDN(str2))), str5, searchControls);
                            } catch (NamingException e) {
                                if (log.isDebugEnabled()) {
                                    log.debug(e);
                                }
                            }
                            if (namingEnumeration != null && namingEnumeration.hasMoreElements()) {
                                if (isDebugEnabled) {
                                    log.debug("User: " + str + " in role: " + str2);
                                }
                                JNDIUtil.closeNamingEnumeration(namingEnumeration);
                                JNDIUtil.closeContext(context);
                                return true;
                            }
                            if (isDebugEnabled) {
                                log.debug("User: " + str + " NOT in role: " + str2);
                            }
                        }
                    } else {
                        if (isDebugEnabled) {
                            log.debug("Do check whether the user: " + str + " is in role: " + str2);
                            log.debug("Search filter: " + str5);
                            for (String str8 : strArr2) {
                                log.debug("Requesting attribute: " + str8);
                            }
                        }
                        String str9 = "(&" + str5 + "(" + userStoreProperty7 + "=" + escapeLdapNameForFilter + ") (" + userStoreProperty8 + "=" + escapeSpecialCharactersForFilter(str2) + "))";
                        for (String str10 : effectiveSearchBase.split("#")) {
                            namingEnumeration = context.search(escapeDNForSearch(str10), str9, searchControls);
                            if (namingEnumeration.hasMoreElements()) {
                                if (isDebugEnabled) {
                                    log.debug("User: " + str + " in role: " + str2);
                                }
                                JNDIUtil.closeNamingEnumeration(namingEnumeration);
                                JNDIUtil.closeContext(context);
                                return true;
                            }
                            if (isDebugEnabled) {
                                log.debug("User: " + str + " NOT in role: " + str2);
                            }
                        }
                    }
                    JNDIUtil.closeNamingEnumeration(namingEnumeration);
                    JNDIUtil.closeContext(context);
                    return false;
                } catch (NamingException e2) {
                    if (log.isDebugEnabled()) {
                        log.debug(e2.getMessage(), e2);
                    }
                    JNDIUtil.closeNamingEnumeration(null);
                    JNDIUtil.closeContext(null);
                    return false;
                }
            } catch (Throwable th) {
                JNDIUtil.closeNamingEnumeration(null);
                JNDIUtil.closeContext(null);
                throw th;
            }
        } catch (InvalidNameException e3) {
            log.error("Error while creating LDAP name from: " + nameInSpaceForUserName);
            throw new UserStoreException("Invalid naming exception for : " + nameInSpaceForUserName, (Throwable) e3);
        }
    }

    private void addAllRolesToUserRolesCache(String str, List<String> list) throws UserStoreException {
        addToUserRolesCache(getTenantId(), str, UserCoreUtil.combineArrays((String[]) list.toArray(new String[list.size()]), doGetInternalRoleListOfUser(str, "*")));
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager, org.wso2.carbon.user.core.UserStoreManager, org.wso2.carbon.user.api.UserStoreManager
    public Date getPasswordExpirationTime(String str) throws UserStoreException {
        if (str == null || !str.contains(CarbonConstants.DOMAIN_SEPARATOR)) {
            return null;
        }
        return super.getPasswordExpirationTime(str);
    }

    @Override // org.wso2.carbon.user.core.UserStoreManager, org.wso2.carbon.user.api.UserStoreManager
    public int getTenantId(String str) throws UserStoreException {
        throw new UserStoreException("Invalid operation");
    }

    @Override // org.wso2.carbon.user.core.UserStoreManager, org.wso2.carbon.user.api.UserStoreManager
    public int getUserId(String str) throws UserStoreException {
        throw new UserStoreException("Invalid operation");
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public void doDeleteUserClaimValue(String str, String str2, String str3) throws UserStoreException {
        throw new UserStoreException("User store is operating in read only mode. Cannot write into the user store.");
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public void doDeleteUserClaimValues(String str, String[] strArr, String str2) throws UserStoreException {
        throw new UserStoreException("User store is operating in read only mode. Cannot write into the user store.");
    }

    public void doAddUser(String str, Object obj, String[] strArr, Map<String, String> map, String str2) throws UserStoreException {
        throw new UserStoreException("User store is operating in read only mode. Cannot write into the user store.");
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public void doAddUser(String str, Object obj, String[] strArr, Map<String, String> map, String str2, boolean z) throws UserStoreException {
        throw new UserStoreException("User store is operating in read only mode. Cannot write into the user store.");
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    protected void doSetUserAttribute(String str, String str2, String str3, String str4) throws UserStoreException {
        throw new UserStoreException("User store is operating in read only mode. Cannot write into the user store.");
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    protected void doSetUserAttributes(String str, Map<String, String> map, String str2) throws UserStoreException {
        throw new UserStoreException("User store is operating in read only mode. Cannot write into the user store.");
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public void doDeleteUser(String str) throws UserStoreException {
        throw new UserStoreException("User store is operating in read only mode. Cannot write into the user store.");
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public void doUpdateCredential(String str, Object obj, Object obj2) throws UserStoreException {
        throw new UserStoreException("User store is operating in read only mode. Cannot write into the user store.");
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public void doUpdateCredentialByAdmin(String str, Object obj) throws UserStoreException {
        throw new UserStoreException("User store is operating in read only mode. Cannot write into the user store.");
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public void doUpdateRoleListOfUser(String str, String[] strArr, String[] strArr2) throws UserStoreException {
        throw new UserStoreException("User store is operating in read only mode. Cannot write into the user store.");
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public void doUpdateUserListOfRole(String str, String[] strArr, String[] strArr2) throws UserStoreException {
        throw new UserStoreException("User store is operating in read only mode. Cannot write into the user store.");
    }

    @Override // org.wso2.carbon.user.core.UserStoreManager
    public Map<String, String> getProperties(org.wso2.carbon.user.core.tenant.Tenant tenant) throws UserStoreException {
        return this.realmConfig.getUserStoreProperties();
    }

    @Override // org.wso2.carbon.user.core.UserStoreManager
    public boolean isBulkImportSupported() throws UserStoreException {
        return new Boolean(this.realmConfig.getUserStoreProperty("IsBulkImportSupported")).booleanValue();
    }

    @Override // org.wso2.carbon.user.api.UserStoreManager
    public void addRememberMe(String str, String str2) throws org.wso2.carbon.user.api.UserStoreException {
        new JDBCUserStoreManager(this.dataSource, this.realmConfig, this.realmConfig.getTenantId(), false).addRememberMe(str, str2);
    }

    @Override // org.wso2.carbon.user.api.UserStoreManager
    public boolean isValidRememberMeToken(String str, String str2) throws org.wso2.carbon.user.api.UserStoreException {
        try {
            if (isExistingUser(str)) {
                return new JDBCUserStoreManager(this.dataSource, this.realmConfig, this.realmConfig.getTenantId(), false).isExistingRememberMeToken(str, str2);
            }
            return false;
        } catch (Exception e) {
            log.error("Validating remember me token failed for" + str);
            return false;
        }
    }

    private boolean isInSearchBase(LdapName ldapName, LdapName ldapName2) {
        return ldapName.startsWith(ldapName2.getRdns());
    }

    private List<String> getGroupNameAttributeValuesOfGroups(List<LdapName> list) throws UserStoreException {
        Attribute attribute;
        log.debug("GetGroupNameAttributeValuesOfGroups with DN");
        boolean isDebugEnabled = log.isDebugEnabled();
        String userStoreProperty = this.realmConfig.getUserStoreProperty("GroupNameAttribute");
        String[] strArr = {userStoreProperty};
        ArrayList arrayList = new ArrayList();
        DirContext dirContext = null;
        try {
            try {
                dirContext = this.connectionSource.getContext();
                for (LdapName ldapName : list) {
                    if (isInSearchBase(ldapName, new LdapName(this.groupSearchBase))) {
                        if (isDebugEnabled) {
                            log.debug("Using DN: " + ldapName);
                        }
                        Rdn rdn = ldapName.getRdn(ldapName.getRdns().size() - 1);
                        if (rdn.getType().equalsIgnoreCase(userStoreProperty)) {
                            arrayList.add(rdn.getValue().toString());
                        } else {
                            Attributes attributes = dirContext.getAttributes(ldapName, strArr);
                            if (attributes != null && (attribute = attributes.get(userStoreProperty)) != null) {
                                String str = (String) attribute.get();
                                if (isDebugEnabled) {
                                    log.debug(userStoreProperty + " : " + str);
                                }
                                arrayList.add(str);
                            }
                        }
                    }
                }
                JNDIUtil.closeContext(dirContext);
                return arrayList;
            } catch (UserStoreException e) {
                if (log.isDebugEnabled()) {
                    log.debug("Error in getting group name attribute values of groups", e);
                }
                throw new UserStoreException("Error in getting group name attribute values of groups", e);
            } catch (NamingException e2) {
                if (log.isDebugEnabled()) {
                    log.debug("Error in getting group name attribute values of groups", e2);
                }
                throw new UserStoreException("Error in getting group name attribute values of groups", e2);
            }
        } catch (Throwable th) {
            JNDIUtil.closeContext(dirContext);
            throw th;
        }
    }

    public Properties getDefaultUserStoreProperties() {
        Properties properties = new Properties();
        properties.setMandatoryProperties((Property[]) ReadOnlyLDAPUserStoreConstants.ROLDAP_USERSTORE_PROPERTIES.toArray(new Property[ReadOnlyLDAPUserStoreConstants.ROLDAP_USERSTORE_PROPERTIES.size()]));
        properties.setOptionalProperties((Property[]) ReadOnlyLDAPUserStoreConstants.OPTIONAL_ROLDAP_USERSTORE_PROPERTIES.toArray(new Property[ReadOnlyLDAPUserStoreConstants.OPTIONAL_ROLDAP_USERSTORE_PROPERTIES.size()]));
        properties.setAdvancedProperties((Property[]) RO_LDAP_UM_ADVANCED_PROPERTIES.toArray(new Property[RO_LDAP_UM_ADVANCED_PROPERTIES.size()]));
        return properties;
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public boolean isSharedRole(String str, String str2) {
        return super.isSharedRole(str, str2) && str2 != null && str2.contains(this.realmConfig.getUserStoreProperties().get(LDAPConstants.SHARED_GROUP_SEARCH_BASE));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public boolean isOwnRole(String str) {
        String[] split = str.split("@");
        return split.length > 1 ? CarbonContext.getThreadLocalCarbonContext().getTenantDomain().equalsIgnoreCase(split[1]) : super.isOwnRole(str);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public RoleContext createRoleContext(String str) {
        String[] strArr;
        LDAPRoleContext lDAPRoleContext = new LDAPRoleContext();
        if (isSharedGroupEnabled()) {
            strArr = str.split("@");
            if (strArr.length > 1 && (strArr[1] == null || strArr[1].equals("null"))) {
                strArr = new String[]{strArr[0]};
            }
        } else {
            strArr = new String[]{str};
        }
        boolean z = false;
        if (strArr.length == 1) {
            lDAPRoleContext.setSearchBase(this.realmConfig.getUserStoreProperty("GroupSearchBase"));
            lDAPRoleContext.setTenantDomain(CarbonContext.getThreadLocalCarbonContext().getTenantDomain());
        } else if (strArr.length > 1) {
            lDAPRoleContext.setTenantDomain(strArr[1]);
            String userStoreProperty = this.realmConfig.getUserStoreProperty(LDAPConstants.SHARED_GROUP_SEARCH_BASE);
            if (!strArr[1].equalsIgnoreCase("carbon.super")) {
                userStoreProperty = this.realmConfig.getUserStoreProperty(LDAPConstants.SHARED_TENANT_NAME_ATTRIBUTE) + "=" + escapeSpecialCharactersForDN(strArr[1]) + "," + userStoreProperty;
            }
            String str2 = this.realmConfig.getUserStoreProperty("GroupNameAttribute") + "={0}," + userStoreProperty;
            lDAPRoleContext.setSearchBase(userStoreProperty);
            lDAPRoleContext.addRoleDNPatterns(str2);
            z = true;
        }
        if (z) {
            lDAPRoleContext.setSearchFilter(this.realmConfig.getUserStoreProperty("GroupNameSearchFilter"));
            lDAPRoleContext.setRoleNameProperty(this.realmConfig.getUserStoreProperty("GroupNameAttribute"));
            lDAPRoleContext.setListFilter(this.realmConfig.getUserStoreProperty("GroupNameListFilter"));
            lDAPRoleContext.setGroupEntryObjectClass(this.realmConfig.getUserStoreProperty("GroupEntryObjectClass"));
        } else {
            lDAPRoleContext.setSearchFilter(this.realmConfig.getUserStoreProperty("GroupNameSearchFilter"));
            lDAPRoleContext.setRoleNameProperty(this.realmConfig.getUserStoreProperty("GroupNameAttribute"));
            lDAPRoleContext.setListFilter(this.realmConfig.getUserStoreProperty("GroupNameListFilter"));
            lDAPRoleContext.setGroupEntryObjectClass(this.realmConfig.getUserStoreProperty("GroupEntryObjectClass"));
            String userStoreProperty2 = this.realmConfig.getUserStoreProperty(LDAPConstants.ROLE_DN_PATTERN);
            if (userStoreProperty2 != null && userStoreProperty2.trim().length() > 0) {
                if (userStoreProperty2.contains("#")) {
                    for (String str3 : userStoreProperty2.split("#")) {
                        lDAPRoleContext.addRoleDNPatterns(str3);
                    }
                } else {
                    lDAPRoleContext.addRoleDNPatterns(userStoreProperty2);
                }
            }
        }
        lDAPRoleContext.setRoleName(strArr[0]);
        lDAPRoleContext.setShared(z);
        return lDAPRoleContext;
    }

    private String escapeLdapNameForFilter(LdapName ldapName) {
        if (ldapName == null) {
            if (!log.isDebugEnabled()) {
                return null;
            }
            log.debug("Received null value to escape special characters. Returning null");
            return null;
        }
        boolean z = true;
        String userStoreProperty = this.realmConfig.getUserStoreProperty(UserCoreConstants.RealmConfig.PROPERTY_REPLACE_ESCAPE_CHARACTERS_AT_USER_LOGIN);
        if (userStoreProperty != null) {
            z = Boolean.parseBoolean(userStoreProperty);
            if (log.isDebugEnabled()) {
                log.debug("Replace escape characters configured to: " + userStoreProperty);
            }
        }
        if (!z) {
            return ldapName.toString();
        }
        String str = "";
        for (int size = ldapName.size() - 1; size > -1; size--) {
            str = str + escapeSpecialCharactersForFilterWithStarAsRegex(ldapName.get(size));
            if (size != 0) {
                str = str + ",";
            }
        }
        if (log.isDebugEnabled()) {
            log.debug("Escaped DN value for filter : " + str);
        }
        return str;
    }

    private String escapeSpecialCharactersForFilterWithStarAsRegex(String str) {
        boolean z = true;
        String userStoreProperty = this.realmConfig.getUserStoreProperty(UserCoreConstants.RealmConfig.PROPERTY_REPLACE_ESCAPE_CHARACTERS_AT_USER_LOGIN);
        if (userStoreProperty != null) {
            z = Boolean.parseBoolean(userStoreProperty);
            if (log.isDebugEnabled()) {
                log.debug("Replace escape characters configured to: " + userStoreProperty);
            }
        }
        if (!z) {
            return str;
        }
        StringBuilder sb = new StringBuilder();
        int i = 0;
        while (i < str.length()) {
            char charAt = str.charAt(i);
            switch (charAt) {
                case 0:
                    sb.append("\\00");
                    break;
                case '(':
                    sb.append("\\28");
                    break;
                case ')':
                    sb.append("\\29");
                    break;
                case '\\':
                    if (str.charAt(i + 1) != '*') {
                        sb.append("\\5c");
                        break;
                    } else {
                        sb.append("\\2a");
                        i++;
                        break;
                    }
                default:
                    sb.append(charAt);
                    break;
            }
            i++;
        }
        return sb.toString();
    }

    private String escapeSpecialCharactersForFilter(String str) {
        boolean z = true;
        str.replace("\\*", "*");
        String userStoreProperty = this.realmConfig.getUserStoreProperty(UserCoreConstants.RealmConfig.PROPERTY_REPLACE_ESCAPE_CHARACTERS_AT_USER_LOGIN);
        if (userStoreProperty != null) {
            z = Boolean.parseBoolean(userStoreProperty);
            if (log.isDebugEnabled()) {
                log.debug("Replace escape characters configured to: " + userStoreProperty);
            }
        }
        if (!z) {
            return str;
        }
        StringBuilder sb = new StringBuilder();
        for (int i = 0; i < str.length(); i++) {
            char charAt = str.charAt(i);
            switch (charAt) {
                case 0:
                    sb.append("\\00");
                    break;
                case '(':
                    sb.append("\\28");
                    break;
                case ')':
                    sb.append("\\29");
                    break;
                case '*':
                    sb.append("\\2a");
                    break;
                case '\\':
                    sb.append("\\5c");
                    break;
                default:
                    sb.append(charAt);
                    break;
            }
        }
        return sb.toString();
    }

    private String escapeSpecialCharactersForDN(String str) {
        boolean z = true;
        str.replace("\\*", "*");
        String userStoreProperty = this.realmConfig.getUserStoreProperty(UserCoreConstants.RealmConfig.PROPERTY_REPLACE_ESCAPE_CHARACTERS_AT_USER_LOGIN);
        if (userStoreProperty != null) {
            z = Boolean.parseBoolean(userStoreProperty);
            if (log.isDebugEnabled()) {
                log.debug("Replace escape characters configured to: " + userStoreProperty);
            }
        }
        if (!z) {
            return str;
        }
        StringBuilder sb = new StringBuilder();
        if (str.length() > 0 && (str.charAt(0) == ' ' || str.charAt(0) == '#')) {
            sb.append('\\');
        }
        for (int i = 0; i < str.length(); i++) {
            char charAt = str.charAt(i);
            switch (charAt) {
                case '\"':
                    sb.append("\\\"");
                    break;
                case '*':
                    sb.append("\\2a");
                    break;
                case '+':
                    sb.append("\\+");
                    break;
                case ',':
                    sb.append("\\,");
                    break;
                case ';':
                    sb.append("\\;");
                    break;
                case '<':
                    sb.append("\\<");
                    break;
                case '>':
                    sb.append("\\>");
                    break;
                case '\\':
                    sb.append("\\\\");
                    break;
                default:
                    sb.append(charAt);
                    break;
            }
        }
        if (str.length() > 1 && str.charAt(str.length() - 1) == ' ') {
            sb.insert(sb.length() - 1, '\\');
        }
        if (log.isDebugEnabled()) {
            log.debug("value after escaping special characters in " + str + " : " + sb.toString());
        }
        return sb.toString();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Name escapeDNForSearch(String str) throws InvalidNameException {
        return new CompositeName().add(str);
    }

    private boolean isIgnorePartialResultException() {
        return "ignore".equals(this.realmConfig.getUserStoreProperty(LDAPConstants.PROPERTY_REFERRAL));
    }

    private static void setAdvancedProperties() {
        RO_LDAP_UM_ADVANCED_PROPERTIES.clear();
        setAdvancedProperty("PasswordHashMethod", "Password Hashing Algorithm", UserCoreConstants.RealmConfig.PASSWORD_HASH_METHOD_PLAIN_TEXT, UserStoreConfigConstants.passwordHashMethodDescription);
        setAdvancedProperty(MULTI_ATTRIBUTE_SEPARATOR, "Multiple Attribute Separator", ",", MULTI_ATTRIBUTE_SEPARATOR_DESCRIPTION);
        setAdvancedProperty("MaxUserNameListLength", "Maximum User List Length", UserCoreConstants.RealmConfig.PROPERTY_VALUE_DEFAULT_MAX_COUNT, UserStoreConfigConstants.maxUserNameListLengthDescription);
        setAdvancedProperty("MaxRoleNameListLength", "Maximum Role List Length", UserCoreConstants.RealmConfig.PROPERTY_VALUE_DEFAULT_MAX_COUNT, UserStoreConfigConstants.maxRoleNameListLengthDescription);
        setAdvancedProperty("UserRolesCacheEnabled", "Enable User Role Cache", "true", UserStoreConfigConstants.userRolesCacheEnabledDescription);
        setAdvancedProperty("ConnectionPoolingEnabled", "Enable LDAP Connection Pooling", "false", UserStoreConfigConstants.connectionPoolingEnabledDescription);
        setAdvancedProperty(LDAPConnectionTimeout, LDAPConnectionTimeoutDescription, "5000", LDAPConnectionTimeoutDescription);
        setAdvancedProperty(readTimeout, "LDAP Read Timeout", "5000", readTimeoutDescription);
        setAdvancedProperty(RETRY_ATTEMPTS, "Retry Attempts", "0", "Number of retries for authentication in case ldap read timed out.");
        setAdvancedProperty("CountRetrieverClass", "Count Implementation", "", "Name of the class that implements the count functionality");
        setAdvancedProperty(LDAPConstants.LDAP_ATTRIBUTES_BINARY, "LDAP binary attributes", " ", LDAPBinaryAttributesDescription);
        setAdvancedProperty(UserStoreConfigConstants.claimOperationsSupported, UserStoreConfigConstants.getClaimOperationsSupportedDisplayName, "false", UserStoreConfigConstants.claimOperationsSupportedDescription);
        setAdvancedProperty(MEMBERSHIP_ATTRIBUTE_RANGE, MEMBERSHIP_ATTRIBUTE_RANGE_DISPLAY_NAME, String.valueOf(0), "Number of maximum users of role returned by the LDAP");
        setAdvancedProperty(LDAPConstants.USER_CACHE_EXPIRY_MILLISECONDS, USER_CACHE_EXPIRY_TIME_ATTRIBUTE_NAME, "", USER_CACHE_EXPIRY_TIME_ATTRIBUTE_DESCRIPTION);
        setAdvancedProperty(LDAPConstants.USER_DN_CACHE_ENABLED, USER_DN_CACHE_ENABLED_ATTRIBUTE_NAME, "true", USER_DN_CACHE_ENABLED_ATTRIBUTE_DESCRIPTION);
        setAdvancedProperty(UserStoreConfigConstants.STARTTLS_ENABLED, UserStoreConfigConstants.STARTTLS_ENABLED_DISPLAY_NAME, "false", UserStoreConfigConstants.STARTTLS_ENABLED_DESCRIPTION);
        setAdvancedProperty(UserStoreConfigConstants.CONNECTION_RETRY_DELAY, UserStoreConfigConstants.CONNECTION_RETRY_DELAY_DISPLAY_NAME, String.valueOf(120000), UserStoreConfigConstants.CONNECTION_RETRY_DELAY_DESCRIPTION);
        setAdvancedProperty(UserStoreConfigConstants.SSLCertificateValidationEnabled, "Enable SSL certificate validation", "true", UserStoreConfigConstants.SSLCertificateValidationEnabledDescription);
    }

    private static void setAdvancedProperty(String str, String str2, String str3, String str4) {
        RO_LDAP_UM_ADVANCED_PROPERTIES.add(new Property(str, str3, str2 + "#" + str4, null));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void initUserCache() throws UserStoreException {
        if (!this.userDnCacheEnabled) {
            if (log.isDebugEnabled()) {
                log.debug("User DN cache is disabled in configuration on UserStore having SearchBase: " + this.userSearchBase);
                return;
            }
            return;
        }
        boolean z = false;
        if (StringUtils.isNotEmpty(this.cacheExpiryTimeAttribute)) {
            if (log.isDebugEnabled()) {
                log.debug("Cache expiry time : " + this.cacheExpiryTimeAttribute + " configured for the user DN cache having search base: " + this.userSearchBase);
            }
            try {
                this.userDnCacheExpiryTime = Long.parseLong(this.cacheExpiryTimeAttribute);
                z = true;
            } catch (NumberFormatException e) {
                log.error("Could not convert the cache expiry time to Number (long) : " + this.cacheExpiryTimeAttribute + " . Will default to system wide expiry settings.", e);
            }
        }
        RealmService realmService = UserStoreMgtDSComponent.getRealmService();
        if (realmService != null && realmService.getTenantManager() != null) {
            try {
                this.tenantDomain = realmService.getTenantManager().getDomain(this.tenantId);
                if (log.isDebugEnabled()) {
                    log.debug("Tenant domain : " + this.tenantDomain + " found for the tenant ID : " + this.tenantId);
                }
            } catch (org.wso2.carbon.user.api.UserStoreException e2) {
                throw new UserStoreException("Could not get the tenant domain for tenant id : " + this.tenantId, e2);
            }
        }
        if (this.tenantDomain == null && this.tenantId == -1234) {
            this.tenantDomain = "carbon.super";
        }
        if (this.tenantDomain == null) {
            if (log.isDebugEnabled()) {
                log.debug("Could not find a tenant domain for the tenant ID : " + this.tenantId + ". Not initializing the User DN cache.");
                return;
            }
            return;
        }
        try {
            startTenantFlow();
            this.userDnCacheName = USER_CACHE_NAME_PREFIX + hashCode();
            this.cacheManager = Caching.getCacheManagerFactory().getCacheManager(USER_CACHE_MANAGER);
            this.cacheManager.removeCache(this.userDnCacheName);
            if (z) {
                if (log.isDebugEnabled()) {
                    log.debug("Using cache expiry time : " + this.userDnCacheExpiryTime + " configured for the user DN cache having search base: " + this.userSearchBase);
                }
                this.userDnCacheBuilder = this.cacheManager.createCacheBuilder(this.userDnCacheName);
                this.userDnCacheBuilder.setExpiry(CacheConfiguration.ExpiryType.ACCESSED, new CacheConfiguration.Duration(TimeUnit.MILLISECONDS, this.userDnCacheExpiryTime)).setExpiry(CacheConfiguration.ExpiryType.MODIFIED, new CacheConfiguration.Duration(TimeUnit.MILLISECONDS, this.userDnCacheExpiryTime)).setStoreByValue(false);
            }
        } finally {
            PrivilegedCarbonContext.endTenantFlow();
        }
    }

    protected void putToUserCache(String str, LdapName ldapName) {
        try {
            startTenantFlow();
            Cache<String, LdapName> createOrGetUserDnCache = createOrGetUserDnCache();
            if (createOrGetUserDnCache == null) {
                return;
            }
            createOrGetUserDnCache.put(str, ldapName);
        } catch (IllegalStateException e) {
            log.error("Error occurred while putting User DN to the cache having search base : " + this.userSearchBase, e);
        } finally {
            PrivilegedCarbonContext.endTenantFlow();
        }
    }

    protected LdapName getFromUserCache(String str) {
        try {
            try {
                startTenantFlow();
                Cache<String, LdapName> createOrGetUserDnCache = createOrGetUserDnCache();
                if (createOrGetUserDnCache == null) {
                    PrivilegedCarbonContext.endTenantFlow();
                    return null;
                }
                LdapName ldapName = createOrGetUserDnCache.get(str);
                PrivilegedCarbonContext.endTenantFlow();
                return ldapName;
            } catch (IllegalStateException e) {
                log.error("Error occurred while getting User DN from cache having search base : " + this.userSearchBase, e);
                PrivilegedCarbonContext.endTenantFlow();
                return null;
            }
        } catch (Throwable th) {
            PrivilegedCarbonContext.endTenantFlow();
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean removeFromUserCache(String str) {
        try {
            try {
                startTenantFlow();
                Cache<String, LdapName> createOrGetUserDnCache = createOrGetUserDnCache();
                if (createOrGetUserDnCache == null) {
                    PrivilegedCarbonContext.endTenantFlow();
                    return true;
                }
                boolean remove = createOrGetUserDnCache.remove(str);
                PrivilegedCarbonContext.endTenantFlow();
                return remove;
            } catch (IllegalStateException e) {
                log.error("Error occurred while removing User DN from cache having search base : " + this.userSearchBase, e);
                PrivilegedCarbonContext.endTenantFlow();
                return true;
            }
        } catch (Throwable th) {
            PrivilegedCarbonContext.endTenantFlow();
            throw th;
        }
    }

    private void startTenantFlow() {
        PrivilegedCarbonContext.startTenantFlow();
        PrivilegedCarbonContext threadLocalCarbonContext = PrivilegedCarbonContext.getThreadLocalCarbonContext();
        threadLocalCarbonContext.setTenantId(this.tenantId);
        threadLocalCarbonContext.setTenantDomain(this.tenantDomain);
    }

    private Cache<String, LdapName> createOrGetUserDnCache() {
        Cache<String, LdapName> cache;
        if (this.cacheManager == null || !this.userDnCacheEnabled) {
            if (!log.isDebugEnabled()) {
                return null;
            }
            log.debug("Not using the cache on UserDN. cacheManager: " + this.cacheManager + " , Enabled : " + this.userDnCacheEnabled);
            return null;
        }
        if (this.userDnCacheBuilder != null) {
            if (log.isDebugEnabled()) {
                log.debug("Using cache bulder to get the cache, for UserSearchBase: " + this.userSearchBase);
            }
            cache = this.userDnCacheBuilder.build();
        } else {
            if (log.isDebugEnabled()) {
                log.debug("Using default configurations for the user DN cache, having search base : " + this.userSearchBase);
            }
            cache = this.cacheManager.getCache(this.userDnCacheName);
        }
        return cache;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void finalize() throws Throwable {
        if (this.cacheManager != null && this.userDnCacheName != null) {
            try {
                startTenantFlow();
                this.cacheManager.removeCache(this.userDnCacheName);
                PrivilegedCarbonContext.endTenantFlow();
            } catch (Throwable th) {
                PrivilegedCarbonContext.endTenantFlow();
                throw th;
            }
        }
        super.finalize();
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public boolean isUniqueUserIdEnabled() {
        return false;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean isBinaryUserAttribute(String str) {
        String[] split = StringUtils.split((String) Optional.ofNullable(this.realmConfig.getUserStoreProperty(LDAPConstants.LDAP_ATTRIBUTES_BINARY)).orElse(""), ",");
        if (!ArrayUtils.isNotEmpty(split)) {
            return false;
        }
        if (log.isDebugEnabled()) {
            log.debug("LDAP binary attributes: " + Arrays.toString(split));
        }
        return ArrayUtils.contains(split, str);
    }

    static {
        setAdvancedProperties();
    }
}
