package org.wso2.carbon.user.core.ldap;

import java.nio.ByteBuffer;
import java.text.MessageFormat;
import java.util.ArrayList;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.UUID;
import java.util.concurrent.TimeUnit;
import java.util.stream.Stream;
import javax.cache.Cache;
import javax.cache.CacheBuilder;
import javax.cache.CacheConfiguration;
import javax.cache.Caching;
import javax.naming.CompositeName;
import javax.naming.InvalidNameException;
import javax.naming.Name;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.PartialResultException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.DirContext;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.naming.ldap.LdapName;
import org.apache.axis2.description.WSDL2Constants;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.lang.ArrayUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.tomcat.util.descriptor.web.SecurityConstraint;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.user.api.Properties;
import org.wso2.carbon.user.api.Property;
import org.wso2.carbon.user.api.RealmConfiguration;
import org.wso2.carbon.user.core.UserCoreConstants;
import org.wso2.carbon.user.core.UserRealm;
import org.wso2.carbon.user.core.UserStoreConfigConstants;
import org.wso2.carbon.user.core.UserStoreException;
import org.wso2.carbon.user.core.claim.ClaimManager;
import org.wso2.carbon.user.core.common.AuthenticationResult;
import org.wso2.carbon.user.core.common.FailureReason;
import org.wso2.carbon.user.core.common.LoginIdentifier;
import org.wso2.carbon.user.core.common.PaginatedSearchResult;
import org.wso2.carbon.user.core.common.RoleContext;
import org.wso2.carbon.user.core.common.UniqueIDPaginatedSearchResult;
import org.wso2.carbon.user.core.common.User;
import org.wso2.carbon.user.core.internal.UserStoreMgtDSComponent;
import org.wso2.carbon.user.core.jdbc.JDBCUserStoreManager;
import org.wso2.carbon.user.core.model.Condition;
import org.wso2.carbon.user.core.profile.ProfileConfigurationManager;
import org.wso2.carbon.user.core.service.RealmService;
import org.wso2.carbon.user.core.util.JNDIUtil;

/* loaded from: input_file:WEB-INF/lib/org.wso2.carbon.user.core-4.6.0.jar:org/wso2/carbon/user/core/ldap/UniqueIDReadOnlyLDAPUserStoreManager.class */
public class UniqueIDReadOnlyLDAPUserStoreManager extends ReadOnlyLDAPUserStoreManager {
    public static final String MEMBER_UID = "memberUid";
    private static final String OBJECT_GUID = "objectGUID";
    protected static final String MEMBERSHIP_ATTRIBUTE_RANGE = "MembershipAttributeRange";
    protected static final String MEMBERSHIP_ATTRIBUTE_RANGE_DISPLAY_NAME = "Membership Attribute Range";
    private static final String USER_CACHE_NAME_PREFIX = "$__local__$.UserCache-";
    private static final String USER_CACHE_MANAGER = "UserCacheManager";
    private static final String MULTI_ATTRIBUTE_SEPARATOR_DESCRIPTION = "This is the separator for multiple claim values";
    private static final String MULTI_ATTRIBUTE_SEPARATOR = "MultiAttributeSeparator";
    private static final String PROPERTY_REFERRAL_IGNORE = "ignore";
    private static final String LDAPConnectionTimeout = "LDAPConnectionTimeout";
    private static final String LDAPConnectionTimeoutDescription = "LDAP Connection Timeout";
    private static final String readTimeout = "ReadTimeout";
    private static final String readTimeoutDescription = "Configure this to define the read timeout for LDAP operations";
    private static final String RETRY_ATTEMPTS = "RetryAttempts";
    private static final String LDAPBinaryAttributesDescription = "Configure this to define the LDAP binary attributes seperated by a space. Ex:mpegVideo mySpecialKey";
    protected static final String USER_CACHE_EXPIRY_TIME_ATTRIBUTE_NAME = "User Cache Expiry milliseconds";
    protected static final String USER_DN_CACHE_ENABLED_ATTRIBUTE_NAME = "Enable User DN Cache";
    protected static final String USER_CACHE_EXPIRY_TIME_ATTRIBUTE_DESCRIPTION = "Configure the user cache expiry in milliseconds. Values  {0: expire immediately, -1: never expire, '': i.e. empty, system default}.";
    protected static final String USER_DN_CACHE_ENABLED_ATTRIBUTE_DESCRIPTION = "Enables the user cache. Default true, Unless set to false. Empty value is interpreted as true.";
    private static final String USE_ANONYMOUS_BIND = "AnonymousBind";
    protected static final int MEMBERSHIP_ATTRIBUTE_RANGE_VALUE = 0;
    private static final int MAX_ITEM_LIMIT_UNLIMITED = -1;
    private String cacheExpiryTimeAttribute;
    private long userDnCacheExpiryTime;
    private CacheBuilder userDnCacheBuilder;
    private String userDnCacheName;
    private boolean userDnCacheEnabled;
    private static Log log = LogFactory.getLog(UniqueIDReadOnlyLDAPUserStoreManager.class);
    private static final ArrayList<Property> UNIQUE_ID_RO_LDAP_UM_ADVANCED_PROPERTIES = new ArrayList<>();

    public UniqueIDReadOnlyLDAPUserStoreManager() {
        this.cacheExpiryTimeAttribute = "";
        this.userDnCacheExpiryTime = 0L;
        this.userDnCacheBuilder = null;
        this.userDnCacheEnabled = true;
    }

    public UniqueIDReadOnlyLDAPUserStoreManager(RealmConfiguration realmConfiguration, Map<String, Object> map, ClaimManager claimManager, ProfileConfigurationManager profileConfigurationManager, UserRealm userRealm, Integer num) throws UserStoreException {
        super(realmConfiguration, map, claimManager, profileConfigurationManager, userRealm, num, false);
        this.cacheExpiryTimeAttribute = "";
        this.userDnCacheExpiryTime = 0L;
        this.userDnCacheBuilder = null;
        this.userDnCacheEnabled = true;
    }

    public UniqueIDReadOnlyLDAPUserStoreManager(RealmConfiguration realmConfiguration, Map<String, Object> map, ClaimManager claimManager, ProfileConfigurationManager profileConfigurationManager, UserRealm userRealm, Integer num, boolean z) throws UserStoreException {
        super(realmConfiguration, map, claimManager, profileConfigurationManager, userRealm, num, z);
        this.cacheExpiryTimeAttribute = "";
        this.userDnCacheExpiryTime = 0L;
        this.userDnCacheBuilder = null;
        this.userDnCacheEnabled = true;
    }

    public UniqueIDReadOnlyLDAPUserStoreManager(RealmConfiguration realmConfiguration, ClaimManager claimManager, ProfileConfigurationManager profileConfigurationManager) throws UserStoreException {
        super(realmConfiguration, claimManager, profileConfigurationManager);
        this.cacheExpiryTimeAttribute = "";
        this.userDnCacheExpiryTime = 0L;
        this.userDnCacheBuilder = null;
        this.userDnCacheEnabled = true;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager
    public void checkRequiredUserStoreConfigurations() throws UserStoreException {
        if (log.isDebugEnabled()) {
            log.debug("Checking LDAP configurations ");
        }
        String userStoreProperty = this.realmConfig.getUserStoreProperty("ConnectionURL");
        String userStoreProperty2 = this.realmConfig.getUserStoreProperty(LDAPConstants.DNS_URL);
        String userStoreProperty3 = this.realmConfig.getUserStoreProperty(USE_ANONYMOUS_BIND);
        if ((userStoreProperty == null || userStoreProperty.trim().length() == 0) && (userStoreProperty2 == null || userStoreProperty2.trim().length() == 0)) {
            throw new UserStoreException("Required ConnectionURL property is not set at the LDAP configurations");
        }
        if (!Boolean.parseBoolean(userStoreProperty3)) {
            if (StringUtils.isEmpty(this.realmConfig.getUserStoreProperty("ConnectionName"))) {
                throw new UserStoreException("Required ConnectionNme property is not set at the LDAP configurations");
            }
            if (StringUtils.isEmpty(this.realmConfig.getUserStoreProperty("ConnectionPassword"))) {
                throw new UserStoreException("Required ConnectionPassword property is not set at the LDAP configurations");
            }
        }
        this.userSearchBase = this.realmConfig.getUserStoreProperty("UserSearchBase");
        if (this.userSearchBase == null || this.userSearchBase.trim().length() == 0) {
            throw new UserStoreException("Required UserSearchBase property is not set at the LDAP configurations");
        }
        String userStoreProperty4 = this.realmConfig.getUserStoreProperty("UserNameListFilter");
        if (userStoreProperty4 == null || userStoreProperty4.trim().length() == 0) {
            throw new UserStoreException("Required UserNameListFilter property is not set at the LDAP configurations");
        }
        String userStoreProperty5 = this.realmConfig.getUserStoreProperty("UserNameSearchFilter");
        if (userStoreProperty5 == null || userStoreProperty5.trim().length() == 0) {
            throw new UserStoreException("Required UserNameSearchFilter property is not set at the LDAP configurations");
        }
        String userStoreProperty6 = this.realmConfig.getUserStoreProperty("UserNameAttribute");
        if (userStoreProperty6 == null || userStoreProperty6.trim().length() == 0) {
            throw new UserStoreException("Required UserNameAttribute property is not set at the LDAP configurations");
        }
        String userStoreProperty7 = this.realmConfig.getUserStoreProperty("UserIDAttribute");
        if (userStoreProperty7 == null || userStoreProperty7.trim().length() == 0) {
            throw new UserStoreException("Required userIDAttribute property is not set at the LDAP configurations");
        }
        this.writeGroupsEnabled = false;
        if (this.realmConfig.getUserStoreProperty("ReadGroups") != null) {
            this.readGroupsEnabled = Boolean.parseBoolean(this.realmConfig.getUserStoreProperty("ReadGroups"));
        }
        if (log.isDebugEnabled()) {
            if (this.readGroupsEnabled) {
                log.debug("ReadGroups is enabled for " + getMyDomainName());
            } else {
                log.debug("ReadGroups is disabled for " + getMyDomainName());
            }
        }
        if (this.readGroupsEnabled) {
            this.groupSearchBase = this.realmConfig.getUserStoreProperty("GroupSearchBase");
            if (this.groupSearchBase == null || this.groupSearchBase.trim().length() == 0) {
                throw new UserStoreException("Required GroupSearchBase property is not set at the LDAP configurations");
            }
            String userStoreProperty8 = this.realmConfig.getUserStoreProperty("GroupNameListFilter");
            if (userStoreProperty8 == null || userStoreProperty8.trim().length() == 0) {
                throw new UserStoreException("Required GroupNameListFilter property is not set at the LDAP configurations");
            }
            String userStoreProperty9 = this.realmConfig.getUserStoreProperty("GroupNameSearchFilter");
            if (userStoreProperty9 == null || userStoreProperty9.trim().length() == 0) {
                throw new UserStoreException("Required GroupNameSearchFilter property is not set at the LDAP configurations");
            }
            String userStoreProperty10 = this.realmConfig.getUserStoreProperty("GroupNameAttribute");
            if (userStoreProperty10 == null || userStoreProperty10.trim().length() == 0) {
                throw new UserStoreException("Required GroupNameAttribute property is not set at the LDAP configurations");
            }
            String userStoreProperty11 = this.realmConfig.getUserStoreProperty("MembershipAttribute");
            if (userStoreProperty11 == null || userStoreProperty11.trim().length() == 0) {
                throw new UserStoreException("Required MembershipAttribute property is not set at the LDAP configurations");
            }
        }
        this.cacheExpiryTimeAttribute = this.realmConfig.getUserStoreProperty(LDAPConstants.USER_CACHE_EXPIRY_MILLISECONDS);
        String userStoreProperty12 = this.realmConfig.getUserStoreProperty(LDAPConstants.USER_DN_CACHE_ENABLED);
        if (StringUtils.isNotEmpty(userStoreProperty12)) {
            this.userDnCacheEnabled = Boolean.parseBoolean(userStoreProperty12);
        }
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public AuthenticationResult doAuthenticateWithID(String str, String str2, Object obj, String str3) throws UserStoreException {
        if (!validateForWildCardCharacters(str2)) {
            return handleAuthenticationFailure("preferredUserNameValue is not valid. It contains LDAP special character/characters: " + str2);
        }
        String[] userListFromProperties = super.getUserListFromProperties(str, str2, str3);
        if (ArrayUtils.isEmpty(userListFromProperties)) {
            return handleAuthenticationFailure("Invalid scenario. No users found for the given username property: " + str2 + " and value: " + str2);
        }
        if (userListFromProperties.length > 1) {
            return handleAuthenticationFailure("Invalid scenario. Multiple users found for the given username property: " + str2 + " and value: " + str2);
        }
        if (!super.doAuthenticate(userListFromProperties[0], obj)) {
            return handleAuthenticationFailure("Authentication failed for the given username property: " + str2 + " and value: " + str2);
        }
        String str4 = userListFromProperties[0];
        User user = getUser(getUserIDFromUserName(str4), str4);
        user.setPreferredUsername(str2);
        AuthenticationResult authenticationResult = new AuthenticationResult(AuthenticationResult.AuthenticationStatus.SUCCESS);
        authenticationResult.setAuthenticatedUser(user);
        return authenticationResult;
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public AuthenticationResult doAuthenticateWithID(List<LoginIdentifier> list, Object obj) throws UserStoreException {
        List<String> doGetUserListFromProperties = doGetUserListFromProperties(list);
        if (doGetUserListFromProperties.isEmpty()) {
            return handleAuthenticationFailure("Invalid scenario. No users found for the given username properties");
        }
        if (doGetUserListFromProperties.size() > 1) {
            return handleAuthenticationFailure("Invalid scenario. Multiple users found for the given username properties");
        }
        if (!super.doAuthenticate(doGetUserListFromProperties.get(0), obj)) {
            return handleAuthenticationFailure("Authentication failed for the given username properties");
        }
        String str = doGetUserListFromProperties.get(0);
        User user = getUser(getUserIDFromUserName(str), str);
        AuthenticationResult authenticationResult = new AuthenticationResult(AuthenticationResult.AuthenticationStatus.SUCCESS);
        authenticationResult.setAuthenticatedUser(user);
        return authenticationResult;
    }

    /* JADX WARN: Finally extract failed */
    protected List<String> doGetUserListFromProperties(List<LoginIdentifier> list) throws UserStoreException {
        Attribute attribute;
        boolean isDebugEnabled = log.isDebugEnabled();
        String str = ",";
        ArrayList arrayList = new ArrayList();
        String userStoreProperty = this.realmConfig.getUserStoreProperty("UserNameAttribute");
        String searchFilter = getSearchFilter(list);
        DirContext context = this.connectionSource.getContext();
        NamingEnumeration<SearchResult> namingEnumeration = null;
        NamingEnumeration namingEnumeration2 = null;
        if (isDebugEnabled) {
            log.debug("Listing users with SearchFilter: " + searchFilter);
        }
        String[] strArr = {userStoreProperty, "sn"};
        try {
            try {
                SearchControls searchControls = new SearchControls();
                searchControls.setSearchScope(2);
                if (ArrayUtils.isNotEmpty(strArr)) {
                    searchControls.setReturningAttributes(strArr);
                }
                String str2 = null;
                try {
                    str2 = context.getNameInNamespace();
                } catch (NamingException e) {
                    log.error("Error while getting DN of search base", e);
                }
                if (log.isDebugEnabled()) {
                    log.debug("Searching for user with SearchFilter: " + searchFilter + " in SearchBase: " + str2);
                    if (ArrayUtils.isEmpty(strArr)) {
                        log.debug("No attributes requested");
                    } else {
                        for (String str3 : strArr) {
                            log.debug("Requesting attribute :" + str3);
                        }
                    }
                }
                String userStoreProperty2 = this.realmConfig.getUserStoreProperty("UserSearchBase");
                for (String str4 : userStoreProperty2.split("#")) {
                    namingEnumeration = searchForUsers(searchFilter, str4, userStoreProperty2, -1, strArr);
                    if (namingEnumeration.hasMore()) {
                        break;
                    }
                }
                while (namingEnumeration.hasMoreElements()) {
                    Attributes attributes = ((SearchResult) namingEnumeration.next()).getAttributes();
                    if (attributes != null && (attribute = attributes.get(userStoreProperty)) != null) {
                        StringBuffer stringBuffer = new StringBuffer();
                        namingEnumeration2 = attribute.getAll();
                        while (namingEnumeration2.hasMore()) {
                            String str5 = (String) namingEnumeration2.next();
                            if (str5 != null && str5.trim().length() > 0) {
                                String userStoreProperty3 = this.realmConfig.getUserStoreProperty("MultiAttributeSeparator");
                                if (userStoreProperty3 != null && !userStoreProperty3.trim().isEmpty()) {
                                    str = userStoreProperty3;
                                }
                                stringBuffer.append(str5 + str);
                                if (isDebugEnabled) {
                                    log.debug(userStoreProperty + " : " + str5);
                                }
                            }
                        }
                        String stringBuffer2 = stringBuffer.toString();
                        Attribute attribute2 = attributes.get("sn");
                        String str6 = attribute2 != null ? (String) attribute2.get() : null;
                        if (stringBuffer2 != null && stringBuffer2.trim().length() > str.length()) {
                            if (!LDAPConstants.SERVER_PRINCIPAL_ATTRIBUTE_VALUE.equals(str6)) {
                                arrayList.add(stringBuffer2.substring(0, stringBuffer2.length() - str.length()));
                            }
                        }
                    }
                }
                JNDIUtil.closeNamingEnumeration(namingEnumeration2);
                JNDIUtil.closeNamingEnumeration(namingEnumeration);
                JNDIUtil.closeContext(context);
                if (isDebugEnabled) {
                    Iterator it = arrayList.iterator();
                    while (it.hasNext()) {
                        log.debug("result: " + ((String) it.next()));
                    }
                }
                return arrayList;
            } catch (NamingException e2) {
                String str7 = "Error occurred while getting user list with SearchFilter: " + searchFilter;
                if (log.isDebugEnabled()) {
                    log.debug(str7, e2);
                }
                throw new UserStoreException(str7, e2);
            }
        } catch (Throwable th) {
            JNDIUtil.closeNamingEnumeration(namingEnumeration2);
            JNDIUtil.closeNamingEnumeration(namingEnumeration);
            JNDIUtil.closeContext(context);
            throw th;
        }
    }

    private String getSearchFilter(List<LoginIdentifier> list) {
        StringBuilder sb = new StringBuilder("(&" + this.realmConfig.getUserStoreProperty("UserNameListFilter"));
        for (LoginIdentifier loginIdentifier : list) {
            String loginKey = loginIdentifier.getLoginKey();
            String loginValue = loginIdentifier.getLoginValue();
            if (OBJECT_GUID.equalsIgnoreCase(loginKey)) {
                String userStoreProperty = this.realmConfig.getUserStoreProperty(ActiveDirectoryUserStoreConstants.TRANSFORM_OBJECTGUID_TO_UUID);
                sb.append("(").append(loginKey).append("=").append(StringUtils.isEmpty(userStoreProperty) || Boolean.parseBoolean(userStoreProperty) ? transformUUIDToObjectGUID(loginValue) : convertBytesToHexString(Base64.decodeBase64(loginValue.getBytes()))).append(")");
            } else {
                sb.append("(").append(loginKey).append("=").append(escapeSpecialCharactersForFilterWithStarAsRegex(loginValue)).append(")");
            }
        }
        sb.append(")");
        return sb.toString();
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public AuthenticationResult doAuthenticateWithID(String str, Object obj) throws UserStoreException {
        if (!validateForWildCardCharacters(str)) {
            return handleAuthenticationFailure("preferredUserNameValue is not valid. It contains LDAP special character/characters: " + str);
        }
        String[] userListFromProperties = super.getUserListFromProperties(this.realmConfig.getUserStoreProperty("UserIDAttribute"), str, null);
        if (ArrayUtils.isEmpty(userListFromProperties)) {
            return handleAuthenticationFailure("Invalid scenario. No users found for the given userID: " + str);
        }
        if (userListFromProperties.length > 1) {
            return handleAuthenticationFailure("Invalid scenario. Multiple users found for the given userID: " + str);
        }
        if (!super.doAuthenticate(userListFromProperties[0], obj)) {
            return handleAuthenticationFailure("Authentication failed for the given userID: " + str);
        }
        User user = getUser(str, userListFromProperties[0]);
        AuthenticationResult authenticationResult = new AuthenticationResult(AuthenticationResult.AuthenticationStatus.SUCCESS);
        authenticationResult.setAuthenticatedUser(user);
        return authenticationResult;
    }

    private AuthenticationResult handleAuthenticationFailure(String str) {
        if (log.isDebugEnabled()) {
            log.debug(str);
        }
        AuthenticationResult authenticationResult = new AuthenticationResult(AuthenticationResult.AuthenticationStatus.FAIL);
        authenticationResult.setFailureReason(new FailureReason(str));
        return authenticationResult;
    }

    private boolean validateForWildCardCharacters(String str) {
        String[] strArr = {"*", "<", ">", "~", WSDL2Constants.TEMPLATE_ENCODE_ESCAPING_CHARACTER, ")", "("};
        if (!StringUtils.isNotEmpty(str)) {
            return true;
        }
        for (String str2 : strArr) {
            if (str.contains(str2)) {
                return false;
            }
        }
        return true;
    }

    @Override // org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager, org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public boolean doAuthenticate(String str, Object obj) throws UserStoreException {
        throw new UserStoreException("Operation is not supported.");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public String doGetUserIDFromUserNameWithID(String str) throws UserStoreException {
        return getUserIDFromProperty(this.realmConfig.getUserStoreProperty("UserNameAttribute"), str);
    }

    private String getUserIDFromProperty(String str, String str2) throws UserStoreException {
        try {
            List<String> doGetUserListFromPropertiesWithID = doGetUserListFromPropertiesWithID(str, str2, null);
            if (!doGetUserListFromPropertiesWithID.isEmpty()) {
                if (doGetUserListFromPropertiesWithID.size() > 1) {
                    throw new UserStoreException("Invalid scenario. Multiple users cannot be found for the given value: " + str2 + "of the property: " + str);
                }
                return doGetUserListFromPropertiesWithID.get(0);
            }
            if (!log.isDebugEnabled()) {
                return null;
            }
            log.debug("No UserID found for the property: " + str + ", value: " + str2 + ", in domain: " + getMyDomainName());
            return null;
        } catch (org.wso2.carbon.user.api.UserStoreException e) {
            throw new UserStoreException("Error occurred while retrieving the userId of domain : " + getMyDomainName() + " and property" + str + " value: " + str2, e);
        }
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public String getUserIDFromProperties(String str, String str2, String str3) throws UserStoreException {
        try {
            String attributeName = this.claimManager.getAttributeName(getMyDomainName(), str);
            if (attributeName != null) {
                return getUserIDFromProperty(attributeName, str2);
            }
            if (!log.isDebugEnabled()) {
                return null;
            }
            log.debug("Could not find the matching property for claim URI: " + str + " in user domain: " + getMyDomainName());
            return null;
        } catch (org.wso2.carbon.user.api.UserStoreException e) {
            throw new UserStoreException("Error occurred while retrieving the userId of domain : " + getMyDomainName() + " and claim" + str + " value: " + str2, e);
        }
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public String doGetUserNameFromUserIDWithID(String str) throws UserStoreException {
        String[] userListFromProperties = super.getUserListFromProperties(this.realmConfig.getUserStoreProperty("UserIDAttribute"), str, null);
        if (userListFromProperties.length > 1) {
            throw new UserStoreException("Invalid scenario. Multiple users cannot be found for the given userID: " + str);
        }
        if (userListFromProperties.length != 0) {
            return userListFromProperties[0];
        }
        if (!log.isDebugEnabled()) {
            return null;
        }
        log.debug("No user ID found for the given userID: " + str);
        return null;
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager, org.wso2.carbon.user.core.UniqueIDUserStoreManager
    public String[] getProfileNamesWithID(String str) throws UserStoreException {
        return new String[]{"default"};
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public Map<String, String> getUserPropertyValuesWithID(String str, String[] strArr, String str2) throws UserStoreException {
        return super.getUserPropertyValues(doGetUserNameFromUserID(str), strArr, str2);
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public boolean doCheckExistingUserNameWithIDImpl(String str) throws UserStoreException {
        return super.doCheckExistingUser(str);
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public boolean doCheckExistingUserWithID(String str) throws UserStoreException {
        if (log.isDebugEnabled()) {
            log.debug("Searching for userID " + str);
        }
        return (str == null || doGetUserNameFromUserID(str) == null) ? false : true;
    }

    @Override // org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager, org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public String[] doListUsers(String str, int i) throws UserStoreException {
        throw new UserStoreException("Operation is not supported.");
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public List<User> doListUsersWithID(String str, int i) throws UserStoreException {
        int i2;
        int i3;
        String[] strArr;
        ArrayList arrayList = new ArrayList();
        if (i == 0) {
            return arrayList;
        }
        try {
            i2 = Integer.parseInt(this.realmConfig.getUserStoreProperty("MaxUserNameListLength"));
        } catch (Exception e) {
            i2 = 100;
        }
        try {
            i3 = Integer.parseInt(this.realmConfig.getUserStoreProperty(UserCoreConstants.RealmConfig.PROPERTY_MAX_SEARCH_TIME));
        } catch (NumberFormatException e2) {
            i3 = 10000;
        }
        if (i < 0 || i > i2) {
            i = i2;
        }
        SearchControls searchControls = new SearchControls();
        searchControls.setSearchScope(2);
        searchControls.setCountLimit(i);
        searchControls.setTimeLimit(i3);
        if (str.contains(JDBCUserStoreManager.QUERY_BINDING_SYMBOL) || str.contains(SecurityConstraint.ROLE_ALL_AUTHENTICATED_USERS)) {
            throw new UserStoreException("Invalid character sequence entered for user serch. Please enter valid sequence.");
        }
        StringBuilder sb = new StringBuilder(this.realmConfig.getUserStoreProperty("UserNameListFilter"));
        String userStoreProperty = this.realmConfig.getUserStoreProperty("UserSearchBase");
        String userStoreProperty2 = this.realmConfig.getUserStoreProperty("UserNameAttribute");
        String userStoreProperty3 = this.realmConfig.getUserStoreProperty("UserIDAttribute");
        StringBuilder sb2 = new StringBuilder();
        String userStoreProperty4 = this.realmConfig.getUserStoreProperty(LDAPConstants.DISPLAY_NAME_ATTRIBUTE);
        if (StringUtils.isNotEmpty(userStoreProperty4)) {
            strArr = new String[]{userStoreProperty2, "sn", userStoreProperty4, userStoreProperty3};
            sb2.append("(&").append((CharSequence) sb).append("(").append(userStoreProperty4).append("=").append(escapeSpecialCharactersForFilterWithStarAsRegex(str)).append("))");
        } else {
            strArr = new String[]{userStoreProperty2, "sn", userStoreProperty3};
            sb2.append("(&").append((CharSequence) sb).append("(").append(userStoreProperty2).append("=").append(escapeSpecialCharactersForFilterWithStarAsRegex(str)).append("))");
        }
        if (log.isDebugEnabled()) {
            log.debug("Listing users. SearchBase: " + userStoreProperty + " Constructed-Filter: " + sb2.toString());
            log.debug("Search controls. Max Limit: " + i + " Max Time: " + i3);
        }
        searchControls.setReturningAttributes(strArr);
        DirContext dirContext = null;
        NamingEnumeration namingEnumeration = null;
        ArrayList arrayList2 = new ArrayList();
        try {
            try {
                dirContext = this.connectionSource.getContext();
                for (String str2 : userStoreProperty.split("#")) {
                    namingEnumeration = dirContext.search(escapeDNForSearch(str2), sb2.toString(), searchControls);
                    while (namingEnumeration.hasMoreElements()) {
                        SearchResult searchResult = (SearchResult) namingEnumeration.next();
                        if (searchResult.getAttributes() != null) {
                            log.debug("Result found ..");
                            Attribute attribute = searchResult.getAttributes().get(userStoreProperty2);
                            Attribute attribute2 = searchResult.getAttributes().get(userStoreProperty3);
                            Attribute attribute3 = searchResult.getAttributes().get("sn");
                            if (attribute3 != null) {
                                if (log.isDebugEnabled()) {
                                    log.debug("sn : " + attribute3);
                                }
                                String str3 = (String) attribute3.get();
                                if (str3 != null && str3.equals(LDAPConstants.SERVER_PRINCIPAL_ATTRIBUTE_VALUE)) {
                                }
                            }
                            Attribute attribute4 = null;
                            if (StringUtils.isNotEmpty(userStoreProperty4)) {
                                attribute4 = searchResult.getAttributes().get(userStoreProperty4);
                                if (log.isDebugEnabled()) {
                                    log.debug(userStoreProperty4 + " : " + attribute4);
                                }
                            }
                            String str4 = null;
                            String str5 = null;
                            if (attribute != null) {
                                str4 = resolveLdapAttributeValue(attribute.get());
                                r34 = attribute4 != null ? resolveLdapAttributeValue(attribute4.get()) : null;
                                str5 = getRealmConfiguration().getUserStoreProperty("DomainName");
                            }
                            User user = getUser(attribute2 != null ? resolveLdapAttributeValue(attribute2.get()) : null, str4);
                            user.setDisplayName(r34);
                            user.setUserStoreDomain(str5);
                            user.setTenantDomain(getTenantDomain(this.tenantId));
                            arrayList2.add(user);
                        }
                    }
                }
                arrayList = arrayList2;
                if (log.isDebugEnabled()) {
                    Iterator it = arrayList.iterator();
                    while (it.hasNext()) {
                        log.debug("result: " + ((User) it.next()).getUsername());
                    }
                }
                JNDIUtil.closeNamingEnumeration(namingEnumeration);
                JNDIUtil.closeContext(dirContext);
            } catch (Throwable th) {
                JNDIUtil.closeNamingEnumeration(namingEnumeration);
                JNDIUtil.closeContext(dirContext);
                throw th;
            }
        } catch (PartialResultException e3) {
            String str6 = "Error occurred while getting user list for filter : " + str + "max limit : " + i;
            if (!isIgnorePartialResultException()) {
                throw new UserStoreException(str6, e3);
            }
            if (log.isDebugEnabled()) {
                log.debug(str6, e3);
            }
            JNDIUtil.closeNamingEnumeration(namingEnumeration);
            JNDIUtil.closeContext(dirContext);
        } catch (NamingException e4) {
            String str7 = "Error occurred while getting user list for filter : " + str + "max limit : " + i;
            if (log.isDebugEnabled()) {
                log.debug(str7, e4);
            }
            throw new UserStoreException(str7, e4);
        }
        return arrayList;
    }

    @Override // org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager, org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public String[] doGetUserListOfRole(String str, String str2) throws UserStoreException {
        throw new UserStoreException("Operation is not supported.");
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public List<User> doGetUserListOfRoleWithID(String str, String str2) throws UserStoreException {
        return getUserListOfLDAPRoleWithID(createRoleContext(str), str2);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String resolveLdapAttributeValue(Object obj) {
        String str = null;
        if (obj instanceof String) {
            str = (String) obj;
        } else if (obj instanceof byte[]) {
            byte[] bArr = (byte[]) obj;
            if (bArr.length == 16) {
                ByteBuffer wrap = ByteBuffer.wrap(swapBytes(bArr));
                str = new UUID(wrap.getLong(), wrap.getLong()).toString();
            } else {
                str = new String(Base64.encodeBase64((byte[]) obj));
            }
        }
        return str;
    }

    protected List<User> getUserListOfLDAPRoleWithID(RoleContext roleContext, String str) throws UserStoreException {
        int i;
        int i2;
        int i3;
        if (log.isDebugEnabled()) {
            log.debug("Getting user list of role: " + roleContext.getRoleName() + " with filter: " + str);
        }
        ArrayList arrayList = new ArrayList();
        try {
            i = Integer.parseInt(this.realmConfig.getUserStoreProperty("MaxUserNameListLength"));
        } catch (Exception e) {
            i = 100;
        }
        try {
            i2 = Integer.parseInt(this.realmConfig.getUserStoreProperty(UserCoreConstants.RealmConfig.PROPERTY_MAX_SEARCH_TIME));
        } catch (Exception e2) {
            i2 = 10000;
        }
        DirContext dirContext = null;
        NamingEnumeration namingEnumeration = null;
        try {
            try {
                try {
                    SearchControls searchControls = new SearchControls();
                    searchControls.setSearchScope(2);
                    searchControls.setTimeLimit(i2);
                    searchControls.setCountLimit(i);
                    String str2 = "(&" + ((LDAPRoleContext) roleContext).getListFilter() + "(" + ((LDAPRoleContext) roleContext).getRoleNameProperty() + "=" + escapeSpecialCharactersForFilter(roleContext.getRoleName()) + "))";
                    int i4 = 0;
                    boolean z = false;
                    String userStoreProperty = this.realmConfig.getUserStoreProperty(MEMBERSHIP_ATTRIBUTE_RANGE);
                    int parseInt = StringUtils.isNotEmpty(userStoreProperty) ? Integer.parseInt(userStoreProperty) : 0;
                    int i5 = parseInt > 0 ? parseInt - 1 : 0;
                    String userStoreProperty2 = this.realmConfig.getUserStoreProperty("MembershipAttribute");
                    ArrayList<String> arrayList2 = new ArrayList();
                    String str3 = userStoreProperty2;
                    loop0: while (!z) {
                        if (i5 > 0 && StringUtils.isNotEmpty(userStoreProperty2)) {
                            str3 = userStoreProperty2 + String.format(";range=%1$d-%2$d", Integer.valueOf(i4), Integer.valueOf(i5));
                        }
                        searchControls.setReturningAttributes(new String[]{str3});
                        SearchResult searchResult = null;
                        dirContext = this.connectionSource.getContext();
                        if (!((LDAPRoleContext) roleContext).getRoleDNPatterns().isEmpty()) {
                            Iterator<String> it = ((LDAPRoleContext) roleContext).getRoleDNPatterns().iterator();
                            while (true) {
                                if (!it.hasNext()) {
                                    break;
                                }
                                String next = it.next();
                                if (log.isDebugEnabled()) {
                                    log.debug("Using pattern: " + next);
                                }
                                try {
                                    namingEnumeration = dirContext.search(escapeDNForSearch(MessageFormat.format(next.trim(), escapeSpecialCharactersForDN(roleContext.getRoleName()))), str2, searchControls);
                                } catch (NamingException e3) {
                                    if (log.isDebugEnabled()) {
                                        log.debug(e3);
                                    }
                                }
                                if (namingEnumeration.hasMore()) {
                                    searchResult = (SearchResult) namingEnumeration.next();
                                    break;
                                }
                            }
                        }
                        if (searchResult == null) {
                            for (String str4 : ((LDAPRoleContext) roleContext).getSearchBase().split("#")) {
                                if (log.isDebugEnabled()) {
                                    log.debug("Searching role: " + roleContext.getRoleName() + " SearchBase: " + str4 + " SearchFilter: " + str2);
                                }
                                try {
                                    namingEnumeration = dirContext.search(escapeDNForSearch(str4), str2, searchControls);
                                    i3 = 0;
                                } catch (NamingException e4) {
                                    if (log.isDebugEnabled()) {
                                        log.debug(e4);
                                    }
                                }
                                if (namingEnumeration.hasMore()) {
                                    while (namingEnumeration.hasMore()) {
                                        if (i3 > 0) {
                                            throw new UserStoreException("More than one group exist with name");
                                            break loop0;
                                        }
                                        searchResult = (SearchResult) namingEnumeration.next();
                                        i3++;
                                    }
                                    break;
                                }
                            }
                        }
                        if (log.isDebugEnabled()) {
                            log.debug("Found role: " + searchResult.getNameInNamespace());
                        }
                        Attributes attributes = searchResult.getAttributes();
                        if (attributes != null) {
                            int i6 = 0;
                            NamingEnumeration all = attributes.getAll();
                            while (all.hasMore()) {
                                Attribute attribute = (Attribute) all.next();
                                if (userStoreProperty2 == null || isAttributeEqualsProperty(userStoreProperty2, attribute.getID())) {
                                    NamingEnumeration all2 = attribute.getAll();
                                    while (all2.hasMore()) {
                                        String obj = all2.next().toString();
                                        arrayList2.add(obj);
                                        i6++;
                                        if (log.isDebugEnabled()) {
                                            log.debug("Found attribute: " + userStoreProperty2 + " value: " + obj);
                                        }
                                    }
                                }
                            }
                            if (parseInt == 0 || i6 < parseInt) {
                                z = true;
                            } else {
                                i4 += parseInt;
                                i5 += parseInt;
                            }
                        }
                    }
                    if ("memberUid".equals(this.realmConfig.getUserStoreProperty("MembershipAttribute"))) {
                        ArrayList arrayList3 = new ArrayList();
                        Iterator it2 = arrayList2.iterator();
                        while (it2.hasNext()) {
                            arrayList3.add(getNameInSpaceForUserName((String) it2.next()));
                        }
                        arrayList2 = arrayList3;
                    }
                    String userStoreProperty3 = this.realmConfig.getUserStoreProperty("UserNameAttribute");
                    String userStoreProperty4 = this.realmConfig.getUserStoreProperty(LDAPConstants.DISPLAY_NAME_ATTRIBUTE);
                    String userStoreProperty5 = this.realmConfig.getUserStoreProperty("UserIDAttribute");
                    String[] strArr = {userStoreProperty3, userStoreProperty4, userStoreProperty5};
                    User user = null;
                    for (String str5 : arrayList2) {
                        if (log.isDebugEnabled()) {
                            log.debug("Getting name attributes of: " + str5);
                        }
                        try {
                            Attributes attributes2 = dirContext.getAttributes(escapeDNForSearch(str5), strArr);
                            String str6 = null;
                            if (attributes2 != null) {
                                Attribute attribute2 = attributes2.get(userStoreProperty3);
                                if (attribute2 != null) {
                                    str6 = (String) attribute2.get();
                                    if (log.isDebugEnabled()) {
                                        log.debug("UserName: " + str6);
                                    }
                                }
                                if (StringUtils.isNotEmpty(userStoreProperty4)) {
                                    Attribute attribute3 = attributes2.get(userStoreProperty4);
                                    r34 = attribute3 != null ? (String) attribute3.get() : null;
                                    if (log.isDebugEnabled()) {
                                        log.debug("DisplayName: " + r34);
                                    }
                                }
                                if (StringUtils.isNotEmpty(userStoreProperty5)) {
                                    Attribute attribute4 = attributes2.get(userStoreProperty5);
                                    r36 = attribute4 != null ? resolveLdapAttributeValue(attribute4.get()) : null;
                                    if (log.isDebugEnabled()) {
                                        log.debug("UserID: " + r36);
                                    }
                                }
                            }
                            String userStoreProperty6 = this.realmConfig.getUserStoreProperty("DomainName");
                            user = getUser(r36, str6);
                            user.setDisplayName(r34);
                            user.setUserStoreDomain(userStoreProperty6);
                            user.setTenantDomain(getTenantDomain(this.tenantId));
                            arrayList.add(user);
                            if (log.isDebugEnabled()) {
                                log.debug(user.getUsername() + " is added to the result list");
                            }
                        } catch (NamingException e5) {
                            if (log.isDebugEnabled()) {
                                log.debug("Error in reading user information in the user store for the user " + user.getUsername() + e5.getMessage(), e5);
                            }
                        }
                    }
                    JNDIUtil.closeNamingEnumeration(namingEnumeration);
                    JNDIUtil.closeContext(dirContext);
                } catch (Throwable th) {
                    JNDIUtil.closeNamingEnumeration(namingEnumeration);
                    JNDIUtil.closeContext(dirContext);
                    throw th;
                }
            } catch (PartialResultException e6) {
                String str7 = "Error in reading user information in the user store for filter : " + str;
                if (!isIgnorePartialResultException()) {
                    throw new UserStoreException(str7, e6);
                }
                if (log.isDebugEnabled()) {
                    log.debug(str7, e6);
                }
                JNDIUtil.closeNamingEnumeration(namingEnumeration);
                JNDIUtil.closeContext(dirContext);
            }
            return arrayList;
        } catch (NamingException e7) {
            String str8 = "Error in reading user information in the user store for filter : " + str;
            if (log.isDebugEnabled()) {
                log.debug(str8, e7);
            }
            throw new UserStoreException(str8, e7);
        }
    }

    private boolean isAttributeEqualsProperty(String str, String str2) {
        if (StringUtils.isEmpty(str) || StringUtils.isEmpty(str2)) {
            return false;
        }
        return str.equals(str2) || str.equals(str2.substring(0, str2.indexOf(";")));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager, org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public String[] doGetExternalRoleListOfUser(String str, String str2) throws UserStoreException {
        throw new UserStoreException("Operation is not supported.");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public String[] doGetExternalRoleListOfUserWithID(String str, String str2) throws UserStoreException {
        return getLDAPRoleListOfUser(doGetUserNameFromUserID(str), str2, getEffectiveSearchBase(false), false);
    }

    @Override // org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager, org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public String[] doGetSharedRoleListOfUser(String str, String str2, String str3) throws UserStoreException {
        throw new UserStoreException("Operation is not supported.");
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public String[] doGetSharedRoleListOfUserWithID(String str, String str2, String str3) throws UserStoreException {
        String effectiveSearchBase = getEffectiveSearchBase(true);
        if (str2 != null && str2.trim().length() > 0 && !"carbon.super".equalsIgnoreCase(str2.trim())) {
            String userStoreProperty = this.realmConfig.getUserStoreProperty(LDAPConstants.SHARED_TENANT_NAME_ATTRIBUTE);
            if (userStoreProperty == null || userStoreProperty.trim().length() == 0) {
                userStoreProperty = "ou";
            }
            effectiveSearchBase = userStoreProperty + "=" + str2 + "," + effectiveSearchBase;
        }
        return getLDAPRoleListOfUser(doGetUserNameFromUserID(str), str3, effectiveSearchBase, true);
    }

    @Override // org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager, org.wso2.carbon.user.core.UserStoreManager, org.wso2.carbon.user.api.UserStoreManager
    public boolean isReadOnly() throws UserStoreException {
        return true;
    }

    private List<String> parseSearchResult(SearchResult searchResult, String str) {
        ArrayList arrayList = new ArrayList();
        Attributes attributes = searchResult.getAttributes();
        if (attributes != null) {
            try {
                NamingEnumeration all = attributes.getAll();
                while (all.hasMore()) {
                    Attribute attribute = (Attribute) all.next();
                    if (str == null || str.equals(attribute.getID())) {
                        NamingEnumeration all2 = attribute.getAll();
                        while (all2.hasMore()) {
                            String obj = all2.next().toString();
                            int indexOf = obj.indexOf("=") + 1;
                            int indexOf2 = obj.indexOf(",");
                            if (indexOf > -1 && indexOf2 > -1) {
                                obj = obj.substring(indexOf, indexOf2);
                            }
                            arrayList.add(obj);
                        }
                        JNDIUtil.closeNamingEnumeration(all2);
                    }
                }
                JNDIUtil.closeNamingEnumeration(all);
            } catch (NamingException e) {
                log.debug(e.getMessage(), e);
            }
        }
        return arrayList;
    }

    @Override // org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager
    protected List<String> getAttributeListOfOneElement(String str, String str2, SearchControls searchControls) throws UserStoreException {
        int i;
        List<String> arrayList = new ArrayList();
        DirContext dirContext = null;
        NamingEnumeration namingEnumeration = null;
        try {
            dirContext = this.connectionSource.getContext();
            loop0: for (String str3 : str.split("#")) {
                try {
                    namingEnumeration = dirContext.search(escapeDNForSearch(str3), str2, searchControls);
                    i = 0;
                } catch (NamingException e) {
                    if (log.isDebugEnabled()) {
                        log.debug(e);
                    }
                }
                if (namingEnumeration.hasMore()) {
                    while (namingEnumeration.hasMore()) {
                        if (i > 0) {
                            log.error("More than element user exist with name");
                            throw new UserStoreException("More than element user exist with name");
                            break;
                        }
                        i++;
                        arrayList = parseSearchResult((SearchResult) namingEnumeration.next(), null);
                    }
                    break loop0;
                }
            }
            JNDIUtil.closeNamingEnumeration(namingEnumeration);
            JNDIUtil.closeContext(dirContext);
            return arrayList;
        } catch (Throwable th) {
            JNDIUtil.closeNamingEnumeration(namingEnumeration);
            JNDIUtil.closeContext(dirContext);
            throw th;
        }
    }

    /* JADX WARN: Finally extract failed */
    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public List<String> doGetUserListFromPropertiesWithID(String str, String str2, String str3) throws UserStoreException {
        String str4;
        Attribute attribute;
        if (str2 == null) {
            return new ArrayList();
        }
        String str5 = ",";
        ArrayList arrayList = new ArrayList();
        String userStoreProperty = this.realmConfig.getUserStoreProperty("UserNameListFilter");
        String userStoreProperty2 = this.realmConfig.getUserStoreProperty("UserIDAttribute");
        if (OBJECT_GUID.equalsIgnoreCase(str)) {
            String userStoreProperty3 = this.realmConfig.getUserStoreProperty(ActiveDirectoryUserStoreConstants.TRANSFORM_OBJECTGUID_TO_UUID);
            str4 = "(&" + userStoreProperty + "(" + str + "=" + (StringUtils.equals(str2, "*") ? str2 : StringUtils.isEmpty(userStoreProperty3) || Boolean.parseBoolean(userStoreProperty3) ? transformUUIDToObjectGUID(str2) : convertBytesToHexString(Base64.decodeBase64(str2.getBytes()))) + "))";
        } else {
            str4 = "(&" + userStoreProperty + "(" + str + "=" + escapeSpecialCharactersForFilterWithStarAsRegex(str2) + "))";
        }
        DirContext context = this.connectionSource.getContext();
        NamingEnumeration<SearchResult> namingEnumeration = null;
        NamingEnumeration namingEnumeration2 = null;
        if (log.isDebugEnabled()) {
            log.debug("Listing users with Property: " + str + " SearchFilter: " + str4);
        }
        String[] strArr = {userStoreProperty2, "sn"};
        try {
            try {
                SearchControls searchControls = new SearchControls();
                searchControls.setSearchScope(2);
                if (ArrayUtils.isNotEmpty(strArr)) {
                    searchControls.setReturningAttributes(strArr);
                }
                String str6 = null;
                try {
                    str6 = context.getNameInNamespace();
                } catch (NamingException e) {
                    log.error("Error while getting DN of search base", e);
                }
                if (log.isDebugEnabled()) {
                    log.debug("Searching for user with SearchFilter: " + str4 + " in SearchBase: " + str6);
                    if (ArrayUtils.isEmpty(strArr)) {
                        log.debug("No attributes requested");
                    } else {
                        for (String str7 : strArr) {
                            log.debug("Requesting attribute :" + str7);
                        }
                    }
                }
                String userStoreProperty4 = this.realmConfig.getUserStoreProperty("UserSearchBase");
                for (String str8 : userStoreProperty4.split("#")) {
                    namingEnumeration = searchForUsers(str4, str8, userStoreProperty4, -1, strArr);
                    if (namingEnumeration.hasMore()) {
                        break;
                    }
                }
                while (namingEnumeration.hasMoreElements()) {
                    Attributes attributes = ((SearchResult) namingEnumeration.next()).getAttributes();
                    if (attributes != null && (attribute = attributes.get(userStoreProperty2)) != null) {
                        StringBuilder sb = new StringBuilder();
                        namingEnumeration2 = attribute.getAll();
                        while (namingEnumeration2.hasMore()) {
                            Object next = namingEnumeration2.next();
                            String str9 = null;
                            if (next instanceof String) {
                                str9 = (String) next;
                            } else if (next instanceof byte[]) {
                                byte[] bArr = (byte[]) next;
                                if (bArr.length != 16 || !userStoreProperty2.toLowerCase().endsWith(LDAPConstants.UID)) {
                                    str9 = new String(Base64.encodeBase64((byte[]) next));
                                } else if (userStoreProperty2.equalsIgnoreCase(OBJECT_GUID)) {
                                    String userStoreProperty5 = this.realmConfig.getUserStoreProperty(ActiveDirectoryUserStoreConstants.TRANSFORM_OBJECTGUID_TO_UUID);
                                    if (StringUtils.isEmpty(userStoreProperty5) || Boolean.parseBoolean(userStoreProperty5)) {
                                        ByteBuffer wrap = ByteBuffer.wrap(swapBytes(bArr));
                                        str9 = new UUID(wrap.getLong(), wrap.getLong()).toString();
                                    } else {
                                        str9 = new String(Base64.encodeBase64((byte[]) next));
                                    }
                                }
                            }
                            if (StringUtils.isNotEmpty(str9)) {
                                String userStoreProperty6 = this.realmConfig.getUserStoreProperty("MultiAttributeSeparator");
                                if (userStoreProperty6 != null && !userStoreProperty6.trim().isEmpty()) {
                                    str5 = userStoreProperty6;
                                }
                                sb.append(str9).append(str5);
                                if (log.isDebugEnabled()) {
                                    log.debug(userStoreProperty2 + " : " + str9);
                                }
                            }
                        }
                        String sb2 = sb.toString();
                        Attribute attribute2 = attributes.get("sn");
                        String str10 = attribute2 != null ? (String) attribute2.get() : null;
                        if (sb2 != null && sb2.trim().length() > str5.length()) {
                            if (!LDAPConstants.SERVER_PRINCIPAL_ATTRIBUTE_VALUE.equals(str10)) {
                                arrayList.add(sb2.substring(0, sb2.length() - str5.length()));
                            }
                        }
                    }
                }
                JNDIUtil.closeNamingEnumeration(namingEnumeration2);
                JNDIUtil.closeNamingEnumeration(namingEnumeration);
                JNDIUtil.closeContext(context);
                if (log.isDebugEnabled()) {
                    for (String str11 : (String[]) arrayList.toArray(new String[0])) {
                        log.debug("result: " + str11);
                    }
                }
                return arrayList;
            } catch (NamingException e2) {
                String str12 = "Error occurred while getting user list from property : " + str + " & value : " + str2 + " & profile name : " + str3;
                if (log.isDebugEnabled()) {
                    log.debug(str12, e2);
                }
                throw new UserStoreException(str12, e2);
            }
        } catch (Throwable th) {
            JNDIUtil.closeNamingEnumeration(namingEnumeration2);
            JNDIUtil.closeNamingEnumeration(namingEnumeration);
            JNDIUtil.closeContext(context);
            throw th;
        }
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    protected UniqueIDPaginatedSearchResult doGetUserListWithID(Condition condition, String str, int i, int i2, String str2, String str3) throws UserStoreException {
        PaginatedSearchResult doGetUserList = super.doGetUserList(condition, str, i, i2, str2, str3);
        UniqueIDPaginatedSearchResult uniqueIDPaginatedSearchResult = new UniqueIDPaginatedSearchResult();
        uniqueIDPaginatedSearchResult.setPaginatedSearchResult(doGetUserList);
        uniqueIDPaginatedSearchResult.setSkippedUserCount(doGetUserList.getSkippedUserCount());
        ArrayList arrayList = new ArrayList();
        for (String str4 : doGetUserList.getUsers()) {
            arrayList.add(getUser(null, str4));
        }
        uniqueIDPaginatedSearchResult.setUsers(arrayList);
        return uniqueIDPaginatedSearchResult;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager, org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public PaginatedSearchResult doGetUserList(Condition condition, String str, int i, int i2, String str2, String str3) throws UserStoreException {
        throw new UserStoreException("Operation is not supported.");
    }

    @Override // org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager, org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public boolean doCheckIsUserInRole(String str, String str2) throws UserStoreException {
        throw new UserStoreException("Operation is not supported.");
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public boolean doCheckIsUserInRoleWithID(String str, String str2) throws UserStoreException {
        return super.doCheckIsUserInRole(doGetUserNameFromUserID(str), str2);
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager, org.wso2.carbon.user.core.UniqueIDUserStoreManager
    public Date getPasswordExpirationTimeWithID(String str) throws UserStoreException {
        return super.getPasswordExpirationTime(getUserNameFromUserID(str));
    }

    @Override // org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager, org.wso2.carbon.user.core.UserStoreManager, org.wso2.carbon.user.api.UserStoreManager
    public int getTenantId(String str) throws UserStoreException {
        throw new UserStoreException("Operation is not supported.");
    }

    @Override // org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager, org.wso2.carbon.user.core.UserStoreManager, org.wso2.carbon.user.api.UserStoreManager
    public int getUserId(String str) throws UserStoreException {
        throw new UserStoreException("Operation is not supported.");
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    protected void doSetUserAttributeWithID(String str, String str2, String str3, String str4) throws UserStoreException {
        throw new UserStoreException("User store is operating in read only mode. Cannot write into the user store.");
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    protected void doSetUserAttributesWithID(String str, Map<String, String> map, String str2) throws UserStoreException {
        throw new UserStoreException("User store is operating in read only mode. Cannot write into the user store.");
    }

    @Override // org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager, org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public void doDeleteUserClaimValue(String str, String str2, String str3) throws UserStoreException {
        throw new UserStoreException("Operation is not supported.");
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public void doDeleteUserClaimValueWithID(String str, String str2, String str3) throws UserStoreException {
        throw new UserStoreException("User store is operating in read only mode. Cannot write into the user store.");
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public void doDeleteUserClaimValuesWithID(String str, String[] strArr, String str2) throws UserStoreException {
        throw new UserStoreException("User store is operating in read only mode. Cannot write into the user store.");
    }

    @Override // org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager, org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public void doDeleteUserClaimValues(String str, String[] strArr, String str2) throws UserStoreException {
        throw new UserStoreException("Operation is not supported.");
    }

    @Override // org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager
    public void doAddUser(String str, Object obj, String[] strArr, Map<String, String> map, String str2) throws UserStoreException {
        throw new UserStoreException("Operation is not supported.");
    }

    @Override // org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager, org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public void doAddUser(String str, Object obj, String[] strArr, Map<String, String> map, String str2, boolean z) throws UserStoreException {
        throw new UserStoreException("Operation is not supported.");
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public User doAddUserWithID(String str, Object obj, String[] strArr, Map<String, String> map, String str2, boolean z) throws UserStoreException {
        throw new UserStoreException("User store is operating in read only mode. Cannot write into the user store.");
    }

    @Override // org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager, org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public void doDeleteUser(String str) throws UserStoreException {
        throw new UserStoreException("Operation is not supported.");
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public void doDeleteUserWithID(String str) throws UserStoreException {
        throw new UserStoreException("User store is operating in read only mode. Cannot write into the user store.");
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public void doSetUserClaimValue(String str, String str2, String str3, String str4) throws UserStoreException {
        throw new UserStoreException("Operation is not supported.");
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public void doSetUserClaimValues(String str, Map<String, String> map, String str2) throws UserStoreException {
        throw new UserStoreException("Operation is not supported.");
    }

    @Override // org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager, org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public void doUpdateCredential(String str, Object obj, Object obj2) throws UserStoreException {
        throw new UserStoreException("Operation is not supported.");
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public void doUpdateCredentialWithID(String str, Object obj, Object obj2) throws UserStoreException {
        throw new UserStoreException("User store is operating in read only mode. Cannot write into the user store.");
    }

    @Override // org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager, org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public void doUpdateCredentialByAdmin(String str, Object obj) throws UserStoreException {
        throw new UserStoreException("Operation is not supported.");
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public void doUpdateCredentialByAdminWithID(String str, Object obj) throws UserStoreException {
        throw new UserStoreException("User store is operating in read only mode. Cannot write into the user store.");
    }

    @Override // org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager, org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public void doUpdateRoleListOfUser(String str, String[] strArr, String[] strArr2) throws UserStoreException {
        throw new UserStoreException("Operation is not supported.");
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public void doUpdateRoleListOfUserWithID(String str, String[] strArr, String[] strArr2) throws UserStoreException {
        throw new UserStoreException("User store is operating in read only mode. Cannot write into the user store.");
    }

    @Override // org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager, org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public void doUpdateUserListOfRole(String str, String[] strArr, String[] strArr2) throws UserStoreException {
        throw new UserStoreException("Operation is not supported.");
    }

    @Override // org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public void doUpdateUserListOfRoleWithID(String str, String[] strArr, String[] strArr2) throws UserStoreException {
        throw new UserStoreException("User store is operating in read only mode. Cannot write into the user store.");
    }

    private String escapeSpecialCharactersForFilterWithStarAsRegex(String str) {
        boolean z = true;
        String userStoreProperty = this.realmConfig.getUserStoreProperty(UserCoreConstants.RealmConfig.PROPERTY_REPLACE_ESCAPE_CHARACTERS_AT_USER_LOGIN);
        if (userStoreProperty != null) {
            z = Boolean.parseBoolean(userStoreProperty);
            if (log.isDebugEnabled()) {
                log.debug("Replace escape characters configured to: " + userStoreProperty);
            }
        }
        if (!z) {
            return str;
        }
        StringBuilder sb = new StringBuilder();
        int i = 0;
        while (i < str.length()) {
            char charAt = str.charAt(i);
            switch (charAt) {
                case 0:
                    sb.append("\\00");
                    break;
                case '(':
                    sb.append("\\28");
                    break;
                case ')':
                    sb.append("\\29");
                    break;
                case '\\':
                    if (str.charAt(i + 1) != '*') {
                        sb.append("\\5c");
                        break;
                    } else {
                        sb.append("\\2a");
                        i++;
                        break;
                    }
                default:
                    sb.append(charAt);
                    break;
            }
            i++;
        }
        return sb.toString();
    }

    private String escapeSpecialCharactersForFilter(String str) {
        boolean z = true;
        str.replace("\\*", "*");
        String userStoreProperty = this.realmConfig.getUserStoreProperty(UserCoreConstants.RealmConfig.PROPERTY_REPLACE_ESCAPE_CHARACTERS_AT_USER_LOGIN);
        if (userStoreProperty != null) {
            z = Boolean.parseBoolean(userStoreProperty);
            if (log.isDebugEnabled()) {
                log.debug("Replace escape characters configured to: " + userStoreProperty);
            }
        }
        if (!z) {
            return str;
        }
        StringBuilder sb = new StringBuilder();
        for (int i = 0; i < str.length(); i++) {
            char charAt = str.charAt(i);
            switch (charAt) {
                case 0:
                    sb.append("\\00");
                    break;
                case '(':
                    sb.append("\\28");
                    break;
                case ')':
                    sb.append("\\29");
                    break;
                case '*':
                    sb.append("\\2a");
                    break;
                case '\\':
                    sb.append("\\5c");
                    break;
                default:
                    sb.append(charAt);
                    break;
            }
        }
        return sb.toString();
    }

    private String escapeSpecialCharactersForDN(String str) {
        boolean z = true;
        str.replace("\\*", "*");
        String userStoreProperty = this.realmConfig.getUserStoreProperty(UserCoreConstants.RealmConfig.PROPERTY_REPLACE_ESCAPE_CHARACTERS_AT_USER_LOGIN);
        if (userStoreProperty != null) {
            z = Boolean.parseBoolean(userStoreProperty);
            if (log.isDebugEnabled()) {
                log.debug("Replace escape characters configured to: " + userStoreProperty);
            }
        }
        if (!z) {
            return str;
        }
        StringBuilder sb = new StringBuilder();
        if (str.length() > 0 && (str.charAt(0) == ' ' || str.charAt(0) == '#')) {
            sb.append('\\');
        }
        for (int i = 0; i < str.length(); i++) {
            char charAt = str.charAt(i);
            switch (charAt) {
                case '\"':
                    sb.append("\\\"");
                    break;
                case '*':
                    sb.append("\\2a");
                    break;
                case '+':
                    sb.append("\\+");
                    break;
                case ',':
                    sb.append("\\,");
                    break;
                case ';':
                    sb.append("\\;");
                    break;
                case '<':
                    sb.append("\\<");
                    break;
                case '>':
                    sb.append("\\>");
                    break;
                case '\\':
                    sb.append("\\\\");
                    break;
                default:
                    sb.append(charAt);
                    break;
            }
        }
        if (str.length() > 1 && str.charAt(str.length() - 1) == ' ') {
            sb.insert(sb.length() - 1, '\\');
        }
        if (log.isDebugEnabled()) {
            log.debug("value after escaping special characters in " + str + " : " + sb.toString());
        }
        return sb.toString();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager
    public Name escapeDNForSearch(String str) throws InvalidNameException {
        return new CompositeName().add(str);
    }

    private boolean isIgnorePartialResultException() {
        return "ignore".equals(this.realmConfig.getUserStoreProperty(LDAPConstants.PROPERTY_REFERRAL));
    }

    @Override // org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager, org.wso2.carbon.user.api.UserStoreManager
    public Properties getDefaultUserStoreProperties() {
        Properties properties = new Properties();
        properties.setMandatoryProperties((Property[]) Stream.concat(ReadOnlyLDAPUserStoreConstants.ROLDAP_USERSTORE_PROPERTIES.stream(), ReadOnlyLDAPUserStoreConstants.UNIQUE_ID_ROLDAP_USERSTORE_PROPERTIES.stream()).toArray(i -> {
            return new Property[i];
        }));
        properties.setOptionalProperties((Property[]) ReadOnlyLDAPUserStoreConstants.OPTIONAL_ROLDAP_USERSTORE_PROPERTIES.toArray(new Property[0]));
        properties.setAdvancedProperties((Property[]) UNIQUE_ID_RO_LDAP_UM_ADVANCED_PROPERTIES.toArray(new Property[0]));
        return properties;
    }

    private static void setAdvancedProperties() {
        UNIQUE_ID_RO_LDAP_UM_ADVANCED_PROPERTIES.clear();
        setAdvancedProperty("PasswordHashMethod", "Password Hashing Algorithm", UserCoreConstants.RealmConfig.PASSWORD_HASH_METHOD_PLAIN_TEXT, UserStoreConfigConstants.passwordHashMethodDescription);
        setAdvancedProperty("MultiAttributeSeparator", "Multiple Attribute Separator", ",", MULTI_ATTRIBUTE_SEPARATOR_DESCRIPTION);
        setAdvancedProperty("MaxUserNameListLength", "Maximum User List Length", UserCoreConstants.RealmConfig.PROPERTY_VALUE_DEFAULT_MAX_COUNT, UserStoreConfigConstants.maxUserNameListLengthDescription);
        setAdvancedProperty("MaxRoleNameListLength", "Maximum Role List Length", UserCoreConstants.RealmConfig.PROPERTY_VALUE_DEFAULT_MAX_COUNT, UserStoreConfigConstants.maxRoleNameListLengthDescription);
        setAdvancedProperty("UserRolesCacheEnabled", "Enable User Role Cache", "true", UserStoreConfigConstants.userRolesCacheEnabledDescription);
        setAdvancedProperty("ConnectionPoolingEnabled", "Enable LDAP Connection Pooling", "false", UserStoreConfigConstants.connectionPoolingEnabledDescription);
        setAdvancedProperty(LDAPConnectionTimeout, LDAPConnectionTimeoutDescription, "5000", LDAPConnectionTimeoutDescription);
        setAdvancedProperty(readTimeout, "LDAP Read Timeout", "5000", readTimeoutDescription);
        setAdvancedProperty(RETRY_ATTEMPTS, "Retry Attempts", "0", "Number of retries for authentication in case ldap read timed out.");
        setAdvancedProperty("CountRetrieverClass", "Count Implementation", "", "Name of the class that implements the count functionality");
        setAdvancedProperty("java.naming.ldap.attributes.binary", "LDAP binary attributes", " ", LDAPBinaryAttributesDescription);
        setAdvancedProperty(UserStoreConfigConstants.claimOperationsSupported, UserStoreConfigConstants.getClaimOperationsSupportedDisplayName, "false", UserStoreConfigConstants.claimOperationsSupportedDescription);
        setAdvancedProperty(MEMBERSHIP_ATTRIBUTE_RANGE, MEMBERSHIP_ATTRIBUTE_RANGE_DISPLAY_NAME, String.valueOf(0), "Number of maximum users of role returned by the LDAP");
        setAdvancedProperty(LDAPConstants.USER_CACHE_EXPIRY_MILLISECONDS, USER_CACHE_EXPIRY_TIME_ATTRIBUTE_NAME, "", USER_CACHE_EXPIRY_TIME_ATTRIBUTE_DESCRIPTION);
        setAdvancedProperty(LDAPConstants.USER_DN_CACHE_ENABLED, USER_DN_CACHE_ENABLED_ATTRIBUTE_NAME, "true", USER_DN_CACHE_ENABLED_ATTRIBUTE_DESCRIPTION);
        setAdvancedProperty(UserStoreConfigConstants.STARTTLS_ENABLED, UserStoreConfigConstants.STARTTLS_ENABLED_DISPLAY_NAME, "false", UserStoreConfigConstants.STARTTLS_ENABLED_DESCRIPTION);
        setAdvancedProperty(UserStoreConfigConstants.CONNECTION_RETRY_DELAY, UserStoreConfigConstants.CONNECTION_RETRY_DELAY_DISPLAY_NAME, String.valueOf(120000), UserStoreConfigConstants.CONNECTION_RETRY_DELAY_DESCRIPTION);
    }

    private static void setAdvancedProperty(String str, String str2, String str3, String str4) {
        UNIQUE_ID_RO_LDAP_UM_ADVANCED_PROPERTIES.add(new Property(str, str3, str2 + "#" + str4, null));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager
    public void initUserCache() throws UserStoreException {
        if (!this.userDnCacheEnabled) {
            if (log.isDebugEnabled()) {
                log.debug("User DN cache is disabled in configuration on UserStore having SearchBase: " + this.userSearchBase);
                return;
            }
            return;
        }
        boolean z = false;
        if (StringUtils.isNotEmpty(this.cacheExpiryTimeAttribute)) {
            if (log.isDebugEnabled()) {
                log.debug("Cache expiry time : " + this.cacheExpiryTimeAttribute + " configured for the user DN cache having search base: " + this.userSearchBase);
            }
            try {
                this.userDnCacheExpiryTime = Long.parseLong(this.cacheExpiryTimeAttribute);
                z = true;
            } catch (NumberFormatException e) {
                log.error("Could not convert the cache expiry time to Number (long) : " + this.cacheExpiryTimeAttribute + " . Will default to system wide expiry settings.", e);
            }
        }
        RealmService realmService = UserStoreMgtDSComponent.getRealmService();
        if (realmService != null && realmService.getTenantManager() != null) {
            try {
                this.tenantDomain = realmService.getTenantManager().getDomain(this.tenantId);
                if (log.isDebugEnabled()) {
                    log.debug("Tenant domain : " + this.tenantDomain + " found for the tenant ID : " + this.tenantId);
                }
            } catch (org.wso2.carbon.user.api.UserStoreException e2) {
                throw new UserStoreException("Could not get the tenant domain for tenant id : " + this.tenantId, e2);
            }
        }
        if (this.tenantDomain == null && this.tenantId == -1234) {
            this.tenantDomain = "carbon.super";
        }
        if (this.tenantDomain == null) {
            if (log.isDebugEnabled()) {
                log.debug("Could not find a tenant domain for the tenant ID : " + this.tenantId + ". Not initializing the User DN cache.");
                return;
            }
            return;
        }
        try {
            startTenantFlow();
            this.userDnCacheName = USER_CACHE_NAME_PREFIX + hashCode();
            this.cacheManager = Caching.getCacheManagerFactory().getCacheManager(USER_CACHE_MANAGER);
            this.cacheManager.removeCache(this.userDnCacheName);
            if (z) {
                if (log.isDebugEnabled()) {
                    log.debug("Using cache expiry time : " + this.userDnCacheExpiryTime + " configured for the user DN cache having search base: " + this.userSearchBase);
                }
                this.userDnCacheBuilder = this.cacheManager.createCacheBuilder(this.userDnCacheName);
                this.userDnCacheBuilder.setExpiry(CacheConfiguration.ExpiryType.ACCESSED, new CacheConfiguration.Duration(TimeUnit.MILLISECONDS, this.userDnCacheExpiryTime)).setExpiry(CacheConfiguration.ExpiryType.MODIFIED, new CacheConfiguration.Duration(TimeUnit.MILLISECONDS, this.userDnCacheExpiryTime)).setStoreByValue(false);
            }
        } finally {
            PrivilegedCarbonContext.endTenantFlow();
        }
    }

    @Override // org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager
    protected void putToUserCache(String str, LdapName ldapName) {
        try {
            startTenantFlow();
            Cache<String, LdapName> createOrGetUserDnCache = createOrGetUserDnCache();
            if (createOrGetUserDnCache == null) {
                return;
            }
            createOrGetUserDnCache.put(str, ldapName);
        } catch (IllegalStateException e) {
            log.error("Error occurred while putting User DN to the cache having search base : " + this.userSearchBase, e);
        } finally {
            PrivilegedCarbonContext.endTenantFlow();
        }
    }

    @Override // org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager
    protected LdapName getFromUserCache(String str) {
        try {
            try {
                startTenantFlow();
                Cache<String, LdapName> createOrGetUserDnCache = createOrGetUserDnCache();
                if (createOrGetUserDnCache == null) {
                    PrivilegedCarbonContext.endTenantFlow();
                    return null;
                }
                LdapName ldapName = createOrGetUserDnCache.get(str);
                PrivilegedCarbonContext.endTenantFlow();
                return ldapName;
            } catch (IllegalStateException e) {
                log.error("Error occurred while getting User DN from cache having search base : " + this.userSearchBase, e);
                PrivilegedCarbonContext.endTenantFlow();
                return null;
            }
        } catch (Throwable th) {
            PrivilegedCarbonContext.endTenantFlow();
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager
    public boolean removeFromUserCache(String str) {
        try {
            try {
                startTenantFlow();
                Cache<String, LdapName> createOrGetUserDnCache = createOrGetUserDnCache();
                if (createOrGetUserDnCache == null) {
                    PrivilegedCarbonContext.endTenantFlow();
                    return true;
                }
                boolean remove = createOrGetUserDnCache.remove(str);
                PrivilegedCarbonContext.endTenantFlow();
                return remove;
            } catch (IllegalStateException e) {
                log.error("Error occurred while removing User DN from cache having search base : " + this.userSearchBase, e);
                PrivilegedCarbonContext.endTenantFlow();
                return true;
            }
        } catch (Throwable th) {
            PrivilegedCarbonContext.endTenantFlow();
            throw th;
        }
    }

    private void startTenantFlow() {
        PrivilegedCarbonContext.startTenantFlow();
        PrivilegedCarbonContext threadLocalCarbonContext = PrivilegedCarbonContext.getThreadLocalCarbonContext();
        threadLocalCarbonContext.setTenantId(this.tenantId);
        threadLocalCarbonContext.setTenantDomain(this.tenantDomain);
    }

    private Cache<String, LdapName> createOrGetUserDnCache() {
        Cache<String, LdapName> cache;
        if (this.cacheManager == null || !this.userDnCacheEnabled) {
            if (!log.isDebugEnabled()) {
                return null;
            }
            log.debug("Not using the cache on UserDN. cacheManager: " + this.cacheManager + " , Enabled : " + this.userDnCacheEnabled);
            return null;
        }
        if (this.userDnCacheBuilder != null) {
            if (log.isDebugEnabled()) {
                log.debug("Using cache bulder to get the cache, for UserSearchBase: " + this.userSearchBase);
            }
            cache = this.userDnCacheBuilder.build();
        } else {
            if (log.isDebugEnabled()) {
                log.debug("Using default configurations for the user DN cache, having search base : " + this.userSearchBase);
            }
            cache = this.cacheManager.getCache(this.userDnCacheName);
        }
        return cache;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager
    public void finalize() throws Throwable {
        if (this.cacheManager != null && this.userDnCacheName != null) {
            try {
                startTenantFlow();
                this.cacheManager.removeCache(this.userDnCacheName);
                PrivilegedCarbonContext.endTenantFlow();
            } catch (Throwable th) {
                PrivilegedCarbonContext.endTenantFlow();
                throw th;
            }
        }
        super.finalize();
    }

    @Override // org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager, org.wso2.carbon.user.core.common.AbstractUserStoreManager
    public boolean isUniqueUserIdEnabled() {
        return true;
    }

    static {
        setAdvancedProperties();
    }
}
