package org.jahia.services.usermanager.ldap;

import java.security.Principal;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import java.util.Set;
import java.util.StringTokenizer;
import java.util.concurrent.ConcurrentHashMap;
import javax.jcr.ItemNotFoundException;
import javax.jcr.Node;
import javax.jcr.Property;
import javax.jcr.PropertyIterator;
import javax.jcr.RepositoryException;
import javax.naming.CannotProceedException;
import javax.naming.CommunicationException;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.NoInitialContextException;
import javax.naming.PartialResultException;
import javax.naming.ServiceUnavailableException;
import javax.naming.SizeLimitExceededException;
import javax.naming.TimeLimitExceededException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.BasicAttribute;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import net.sf.ehcache.CacheManager;
import net.sf.ehcache.Ehcache;
import net.sf.ehcache.Element;
import org.apache.commons.lang.StringUtils;
import org.htmlcleaner.CleanerProperties;
import org.jahia.exceptions.JahiaException;
import org.jahia.exceptions.JahiaInitializationException;
import org.jahia.registries.ServicesRegistry;
import org.jahia.services.SpringContextSingleton;
import org.jahia.services.cache.CacheHelper;
import org.jahia.services.cache.ModuleClassLoaderAwareCacheEntry;
import org.jahia.services.cache.ehcache.EhCacheProvider;
import org.jahia.services.content.JCRCallback;
import org.jahia.services.content.JCRNodeWrapper;
import org.jahia.services.content.JCRSessionWrapper;
import org.jahia.services.content.JCRTemplate;
import org.jahia.services.content.decorator.JCRSiteNode;
import org.jahia.services.sites.JahiaSite;
import org.jahia.services.sites.JahiaSiteTools;
import org.jahia.services.sites.JahiaSitesService;
import org.jahia.services.usermanager.JahiaGroup;
import org.jahia.services.usermanager.JahiaGroupManagerProvider;
import org.jahia.services.usermanager.JahiaUser;
import org.jahia.services.usermanager.JahiaUserManagerProvider;
import org.jahia.services.usermanager.JahiaUserManagerService;
import org.jahia.services.usermanager.jcr.JCRGroup;
import org.jahia.services.usermanager.jcr.JCRGroupManagerProvider;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.wikimodel.wem.xml.ISaxConst;

/* loaded from: input_file:WEB-INF/var/modules/ldap-2.0.0.jar:org/jahia/services/usermanager/ldap/JahiaGroupManagerLDAPProvider.class */
public class JahiaGroupManagerLDAPProvider extends JahiaGroupManagerProvider {
    public static final String LDAP_GROUP_CACHE = "LDAPGroupsCache";
    public static final String LDAP_NONEXISTANT_GROUP_CACHE = "LDAPNonExistantGroupsCache";
    public static final String USERS_GROUPNAME = null;
    public static final String ADMINISTRATORS_GROUPNAME = null;
    public static final String GUEST_GROUPNAME = null;
    private static Logger logger = LoggerFactory.getLogger(JahiaGroupManagerLDAPProvider.class);
    public static String CONTEXT_FACTORY_PROP = "context.factory";
    public static String LDAP_URL_PROP = ISaxConst.PROPERTY_URL;
    public static String AUTHENTIFICATION_MODE_PROP = "authentification.mode";
    public static String PUBLIC_BIND_DN_PROP = "public.bind.dn";
    public static String PUBLIC_BIND_PASSWORD_PROP = "public.bind.password";
    public static String PRELOAD_GROUP_MEMBERS = "preload";
    public static String SEARCH_ATTRIBUTE_PROP = "search.attribute";
    public static String SEARCH_NAME_PROP = "search.name";
    public static String GROUP_OBJECTCLASS_ATTRIBUTE = "search.objectclass";
    public static String DYNGROUP_OBJECTCLASS_ATTRIBUTE = "dynamic.search.objectclass";
    public static String SEARCH_COUNT_LIMIT_PROP = "search.countlimit";
    public static String SEARCH_WILDCARD_ATTRIBUTE_LIST = "search.wildcards.attributes";
    public static String GROUP_MEMBERS_ATTRIBUTE = "members.attribute";
    public static String DYNGROUP_MEMBERS_ATTRIBUTE = "dynamic.members.attribute";
    public static String LDAP_REFFERAL_PROP = "refferal";
    public static String USE_CONNECTION_POOL = "ldap.connect.pool";
    public static String CONNECTION_TIMEOUT = "ldap.connect.timeout";
    public static String AD_RANGE_STEP = "ad.range.step";
    public static String SEARCH_USER_ATTRIBUTE_NAME = "members.user.attibute.map";
    public static final String DEFAULT_CTX_FACTORY = "com.sun.jndi.ldap.LdapCtxFactory";
    public static final String DEFAULT_AUTHENTIFICATION_MODE = "simple";
    private Ehcache groupCache;
    private Ehcache nonExistantGroupCache;
    private EhCacheProvider cacheProvider;
    private Map<String, String> ldapProperties = null;
    private Map<String, String> defaultLdapProperties = null;
    private Map<String, String> mappedProperties = null;
    private List<String> searchWildCardAttributeList = null;
    private List<String> nonExistentGroups;
    private JahiaUserManagerLDAPProvider userProvider;
    private JahiaUserManagerService jahiaUserManagerService;
    private Map<String, String> overridenLdapProperties;
    private String providerKeyPrefix;
    private boolean postponePropertiesInit;

    public void setCacheProvider(EhCacheProvider ehCacheProvider) {
        this.cacheProvider = ehCacheProvider;
    }

    private static boolean containsMembersRange(Attributes attributes, String str) throws NamingException {
        boolean z = false;
        String str2 = str + ";range=";
        NamingEnumeration iDs = attributes.getIDs();
        while (iDs.hasMore() && !z) {
            z = ((String) iDs.next()).toLowerCase().startsWith(str2);
        }
        return z;
    }

    private static String escapeFilterValue(String str) {
        return StringUtils.replace(StringUtils.replace(StringUtils.replace(str, "\\", "\\5c"), "(", "\\28"), ")", "\\29");
    }

    private static void loadMembersUsingRange(SearchResult searchResult, DirContext dirContext, SearchControls searchControls, String str, String str2, String str3, String str4, int i) throws NamingException {
        if (logger.isDebugEnabled()) {
            logger.debug("Loading members for group entry '" + searchResult.getName() + "'");
        }
        String[] returningAttributes = searchControls.getReturningAttributes();
        int i2 = 0;
        int i3 = 0 + i;
        boolean z = false;
        BasicAttribute basicAttribute = new BasicAttribute(str4);
        while (!z) {
            z = false;
            String str5 = str4 + ";range=" + i2 + "-" + i3;
            searchControls.setReturningAttributes(new String[]{str5});
            StringBuilder sb = new StringBuilder(str);
            sb.insert(0, "(&").append("(").append(str3).append("=").append(escapeFilterValue(searchResult.getAttributes().get(str3).get().toString())).append("))");
            if (logger.isDebugEnabled()) {
                logger.debug("Retrieving attribute values range for attribute '" + str5 + "'");
            }
            NamingEnumeration search = dirContext.search(str2, sb.toString(), searchControls);
            while (search.hasMore()) {
                SearchResult searchResult2 = (SearchResult) search.next();
                if (logger.isDebugEnabled()) {
                    logger.debug("Got result '" + searchResult2.getName() + "' with attributes: " + searchResult2.getAttributes());
                }
                if (searchResult2.getName().equals(searchResult.getName())) {
                    NamingEnumeration iDs = searchResult2.getAttributes().getIDs();
                    boolean z2 = false;
                    while (iDs.hasMore()) {
                        String str6 = (String) iDs.next();
                        if (str6.startsWith(str4)) {
                            z2 = true;
                            Attribute attribute = searchResult2.getAttributes().get(str6);
                            if (logger.isDebugEnabled()) {
                                logger.debug("Found attribute '" + str6 + "' with members: " + attribute.get());
                            }
                            NamingEnumeration all = attribute.getAll();
                            while (all.hasMore()) {
                                basicAttribute.add(all.next());
                            }
                            if (str6.endsWith("*")) {
                                z = true;
                                if (logger.isDebugEnabled()) {
                                    logger.debug("We got last value chunk, so we are done");
                                }
                            }
                        }
                    }
                    if (!z2) {
                        z = true;
                        if (logger.isDebugEnabled()) {
                            logger.debug("No members attribute found, so we are done");
                        }
                    }
                } else {
                    logger.warn("Search for a group '" + searchResult.getName() + "' (" + searchResult.getNameInNamespace() + " ::: " + str3 + "=" + searchResult.getAttributes().get(str3).get().toString() + ") returned another entry: " + searchResult2.getName());
                }
            }
            i2 = i3 + 1;
            i3 = i2 + i;
        }
        searchResult.getAttributes().put(basicAttribute);
        searchControls.setReturningAttributes(returningAttributes);
    }

    protected JahiaGroupManagerLDAPProvider() throws JahiaException {
        this.nonExistentGroups = null;
        this.nonExistentGroups = new ArrayList();
        this.nonExistentGroups.add("administrators");
        this.nonExistentGroups.add("guest");
        this.nonExistentGroups.add("users");
        initializeDefaults();
    }

    public void setJahiaUserManagerService(JahiaUserManagerService jahiaUserManagerService) {
        this.jahiaUserManagerService = jahiaUserManagerService;
    }

    public void setLdapProperties(Map<String, String> map) {
        this.overridenLdapProperties = map;
    }

    public void start() {
    }

    public void stop() {
    }

    public JahiaGroup createGroup(int i, String str, Properties properties, boolean z) {
        throw new UnsupportedOperationException("Method createGroup() not yet implemented.");
    }

    public boolean deleteGroup(JahiaGroup jahiaGroup) {
        return false;
    }

    public List<JahiaSite> getAdminGrantedSites(JahiaUser jahiaUser) {
        ArrayList arrayList = new ArrayList();
        try {
            JahiaSitesService jahiaSitesService = ServicesRegistry.getInstance().getJahiaSitesService();
            for (JCRSiteNode jCRSiteNode : jahiaSitesService.getSitesNodeList()) {
                if (logger.isDebugEnabled()) {
                    logger.debug("check granted site " + jCRSiteNode.getSiteKey());
                }
                if (JahiaSiteTools.getAdminGroup(jahiaSitesService.getSite(jCRSiteNode.getName())).isMember(jahiaUser)) {
                    if (logger.isDebugEnabled()) {
                        logger.debug("granted site for " + jCRSiteNode.getSiteKey());
                    }
                    arrayList.add(jahiaSitesService.getSite(jCRSiteNode.getName()));
                }
            }
        } catch (RepositoryException e) {
            logger.error(e.getMessage(), e);
        } catch (JahiaException e2) {
            logger.error("getAdminGrantedSites", e2);
        }
        return arrayList;
    }

    public JahiaGroup getAdministratorGroup(int i) {
        if (ADMINISTRATORS_GROUPNAME != null) {
            return lookupGroup(i, ADMINISTRATORS_GROUPNAME);
        }
        return null;
    }

    public List<String> getGroupList(int i) {
        return getGroupList();
    }

    public Map<String, Principal> getGroupMembers(String str, boolean z) {
        Map<String, Principal> map = null;
        DirContext dirContext = null;
        try {
            try {
                dirContext = getPublicContext();
                map = getGroupMembers(getPublicGroup(dirContext, str), z);
                invalidateCtx(dirContext);
            } catch (NamingException e) {
                logger.warn("JNDI warning", e);
                invalidateCtx(dirContext);
            }
            return map;
        } catch (Throwable th) {
            invalidateCtx(dirContext);
            throw th;
        }
    }

    public List<String> getGroupnameList() {
        return getGroupList();
    }

    public List<String> getGroupList() {
        ArrayList arrayList = new ArrayList();
        DirContext dirContext = null;
        try {
            try {
                try {
                    dirContext = getPublicContext();
                    Iterator<SearchResult> it = getGroups(dirContext, null).iterator();
                    while (it.hasNext()) {
                        JahiaLDAPGroup ldapToJahiaGroup = ldapToJahiaGroup(it.next());
                        if (ldapToJahiaGroup != null) {
                            arrayList.add(ldapToJahiaGroup.getGroupKey());
                        }
                    }
                    invalidateCtx(dirContext);
                } catch (NamingException e) {
                    logger.warn("JNDI warning", e);
                    arrayList = new ArrayList();
                    invalidateCtx(dirContext);
                }
            } catch (SizeLimitExceededException e2) {
                if (logger.isDebugEnabled()) {
                    logger.debug("Search generated more than configured maximum search limit, limiting to " + this.ldapProperties.get(SEARCH_COUNT_LIMIT_PROP) + " first results...");
                }
                invalidateCtx(dirContext);
            }
            return arrayList;
        } catch (Throwable th) {
            invalidateCtx(dirContext);
            throw th;
        }
    }

    public List<String> getGroupnameList(int i) {
        ArrayList arrayList = new ArrayList();
        DirContext dirContext = null;
        try {
            try {
                dirContext = getPublicContext();
                Iterator<SearchResult> it = getGroups(dirContext, null).iterator();
                while (it.hasNext()) {
                    JahiaLDAPGroup ldapToJahiaGroup = ldapToJahiaGroup(it.next());
                    if (ldapToJahiaGroup != null) {
                        arrayList.add(ldapToJahiaGroup.getGroupname());
                    }
                }
                invalidateCtx(dirContext);
            } catch (SizeLimitExceededException e) {
                if (logger.isDebugEnabled()) {
                    logger.debug("Search generated more than configured maximum search limit in, limiting to " + this.ldapProperties.get(SEARCH_COUNT_LIMIT_PROP) + " first results...");
                }
                invalidateCtx(dirContext);
            } catch (NamingException e2) {
                logger.warn("JNDI warning", e2);
                arrayList = new ArrayList();
                invalidateCtx(dirContext);
            }
            return arrayList;
        } catch (Throwable th) {
            invalidateCtx(dirContext);
            throw th;
        }
    }

    private List<SearchResult> getGroups(DirContext dirContext, Properties properties) throws NamingException {
        if (dirContext == null) {
            throw new NamingException("Context is null !");
        }
        StringBuilder sb = new StringBuilder();
        sb.append("(|(objectClass=").append(StringUtils.defaultString(this.ldapProperties.get(GROUP_OBJECTCLASS_ATTRIBUTE), "groupOfNames")).append(")(objectClass=").append(StringUtils.defaultString(this.ldapProperties.get(DYNGROUP_OBJECTCLASS_ATTRIBUTE), "groupOfURLs")).append("))");
        Properties properties2 = new Properties();
        if (properties != null) {
            properties2.putAll(properties);
        }
        mapJahiaPropertiesToLDAP(properties2);
        if (properties2.size() > 0) {
            sb.insert(0, "(&");
            for (String str : properties2.keySet()) {
                String escapeFilterValue = escapeFilterValue(properties2.getProperty(str));
                if (!"*".equals(str)) {
                    sb.append("(");
                    sb.append(str);
                    sb.append("=");
                    sb.append(escapeFilterValue);
                    sb.append(")");
                } else if (this.searchWildCardAttributeList != null) {
                    if (this.searchWildCardAttributeList.size() > 1) {
                        sb.append("(|");
                    }
                    for (String str2 : this.searchWildCardAttributeList) {
                        sb.append("(");
                        sb.append(str2);
                        sb.append("=");
                        sb.append(escapeFilterValue);
                        sb.append(")");
                    }
                    if (this.searchWildCardAttributeList.size() > 1) {
                        sb.append(")");
                    }
                }
            }
            sb.append(")");
        }
        SearchControls searchControls = new SearchControls();
        searchControls.setSearchScope(2);
        searchControls.setCountLimit(Integer.parseInt(this.ldapProperties.get(SEARCH_COUNT_LIMIT_PROP)));
        return getGroups(dirContext, searchControls, sb);
    }

    private void mapJahiaPropertiesToLDAP(Properties properties) {
        for (Map.Entry<String, String> entry : this.mappedProperties.entrySet()) {
            if (properties.getProperty(entry.getKey()) != null) {
                properties.put(entry.getValue(), properties.remove(entry.getKey()));
            }
        }
        if (properties.containsKey("members")) {
            properties.put(this.ldapProperties.get(GROUP_MEMBERS_ATTRIBUTE), properties.remove("members"));
        }
    }

    public DirContext getPublicContext() throws NamingException {
        DirContext dirContext = null;
        try {
            dirContext = connectToPublicDir();
        } catch (NamingException e) {
            logger.warn("JNDI warning", e);
        }
        return dirContext;
    }

    private DirContext connectToPublicDir() throws NamingException {
        if (logger.isDebugEnabled()) {
            logger.debug("Attempting connection to LDAP repository on " + this.ldapProperties.get(LDAP_URL_PROP) + "...");
        }
        Hashtable hashtable = new Hashtable(11);
        hashtable.put("java.naming.factory.initial", StringUtils.defaultString(this.ldapProperties.get(CONTEXT_FACTORY_PROP), "com.sun.jndi.ldap.LdapCtxFactory"));
        hashtable.put("java.naming.provider.url", this.ldapProperties.get(LDAP_URL_PROP));
        hashtable.put("java.naming.security.authentication", StringUtils.defaultString(this.ldapProperties.get(AUTHENTIFICATION_MODE_PROP), "simple"));
        if (this.ldapProperties.get(PUBLIC_BIND_DN_PROP) != null) {
            hashtable.put("java.naming.security.principal", this.ldapProperties.get(PUBLIC_BIND_DN_PROP));
        }
        hashtable.put("java.naming.referral", StringUtils.defaultString(this.ldapProperties.get(LDAP_REFFERAL_PROP), "ignore"));
        hashtable.put("com.sun.jndi.ldap.connect.pool", StringUtils.defaultString(this.ldapProperties.get(USE_CONNECTION_POOL), CleanerProperties.BOOL_ATT_TRUE));
        String defaultString = StringUtils.defaultString(this.ldapProperties.get(CONNECTION_TIMEOUT), "-1");
        if (!defaultString.equals("-1") && !defaultString.equals("0")) {
            hashtable.put("com.sun.jndi.ldap.connect.timeout", defaultString);
        }
        if (this.ldapProperties.get(PUBLIC_BIND_PASSWORD_PROP) != null) {
            if (logger.isDebugEnabled()) {
                logger.debug("Using authentification mode to connect to public dir...");
            }
            hashtable.put("java.naming.security.credentials", this.ldapProperties.get(PUBLIC_BIND_PASSWORD_PROP));
        }
        return new InitialDirContext(hashtable);
    }

    private JahiaLDAPGroup ldapToJahiaGroup(SearchResult searchResult) {
        JahiaLDAPGroup jahiaLDAPGroup;
        Properties properties = new Properties();
        String str = null;
        NamingEnumeration all = searchResult.getAttributes().getAll();
        while (all.hasMoreElements()) {
            Attribute attribute = (Attribute) all.nextElement();
            String id = attribute.getID();
            StringBuilder sb = new StringBuilder();
            try {
                NamingEnumeration all2 = attribute.getAll();
                while (all2.hasMoreElements()) {
                    Object nextElement = all2.nextElement();
                    if (nextElement instanceof String) {
                        sb.append((String) nextElement);
                    } else {
                        if (logger.isDebugEnabled()) {
                            logger.debug("Converting attribute <" + id + "> from class " + nextElement.getClass().toString() + " to String...");
                        }
                        sb.append(nextElement);
                    }
                    sb.append('\n');
                }
            } catch (NamingException e) {
                logger.warn("JNDI warning", e);
                sb = new StringBuilder();
            }
            String sb2 = sb.toString();
            if (sb2.endsWith("\n")) {
                sb2 = sb2.substring(0, sb2.length() - 1);
            }
            if (id != null && sb2 != null) {
                if (str == null && id.equals(this.ldapProperties.get(SEARCH_ATTRIBUTE_PROP))) {
                    str = sb2;
                }
                properties.setProperty(id, sb2);
                if (id.equalsIgnoreCase("objectClass")) {
                    properties.setProperty("objectClass", sb2);
                }
            }
        }
        if (str == null) {
            if (!logger.isDebugEnabled()) {
                return null;
            }
            logger.debug("Ignoring entry " + searchResult.getName() + " because it has no valid " + this.ldapProperties.get(SEARCH_ATTRIBUTE_PROP) + " attribute to be mapped onto user key...");
            return null;
        }
        mapLDAPToJahiaProperties(properties);
        mapDBToJahiaProperties(properties, str);
        boolean z = properties.getProperty("objectClass").indexOf(StringUtils.defaultString(this.ldapProperties.get(DYNGROUP_OBJECTCLASS_ATTRIBUTE), "groupOfURLs")) != -1;
        if (StringUtils.defaultString(this.ldapProperties.get(PRELOAD_GROUP_MEMBERS), CleanerProperties.BOOL_ATT_TRUE).equalsIgnoreCase(CleanerProperties.BOOL_ATT_TRUE)) {
            Map<String, Principal> map = null;
            try {
                map = getGroupMembers(searchResult, z);
            } catch (NamingException e2) {
                logger.warn("JNDI warning", e2);
            }
            jahiaLDAPGroup = new JahiaLDAPGroup(getKey(), 0, str, str, 0, map, properties, z, true);
        } else {
            jahiaLDAPGroup = new JahiaLDAPGroup(getKey(), 0, str, str, 0, null, properties, z, false);
        }
        return jahiaLDAPGroup;
    }

    private void mapLDAPToJahiaProperties(Properties properties) {
        for (Map.Entry<String, String> entry : this.mappedProperties.entrySet()) {
            if (properties.getProperty(entry.getValue()) != null) {
                properties.setProperty(entry.getKey(), properties.getProperty(entry.getValue()));
            }
        }
    }

    private void mapDBToJahiaProperties(Properties properties, String str) {
    }

    private Map<String, Principal> getGroupMembers(SearchResult searchResult, boolean z) throws NamingException {
        ConcurrentHashMap concurrentHashMap = new ConcurrentHashMap();
        Attributes attributes = searchResult.getAttributes();
        NamingEnumeration namingEnumeration = null;
        try {
            namingEnumeration = z ? attributes.get(StringUtils.defaultString(this.ldapProperties.get(DYNGROUP_MEMBERS_ATTRIBUTE), "memberurl")).getAll() : attributes.get(this.ldapProperties.get(GROUP_MEMBERS_ATTRIBUTE)).getAll();
        } catch (NullPointerException e) {
            if (logger.isDebugEnabled()) {
                logger.debug("No members");
            }
        }
        String str = this.ldapProperties.get(SEARCH_USER_ATTRIBUTE_NAME);
        boolean z2 = str != null && str.length() > 0;
        if (logger.isDebugEnabled()) {
            logger.debug("Getting members for group, dynamic=" + z + ", searchUserDefined=" + z2);
        }
        if (namingEnumeration != null) {
            while (namingEnumeration.hasMore()) {
                String str2 = (String) namingEnumeration.next();
                if (z) {
                    Properties properties = new Properties();
                    properties.put("ldap.url", str2);
                    for (JahiaUser jahiaUser : getUserManagerProvider().searchUsers(properties)) {
                        concurrentHashMap.put(jahiaUser.getUserKey(), jahiaUser);
                    }
                } else {
                    JahiaUser lookupUserByKey = z2 ? getUserManagerProvider().lookupUserByKey(str2, this.ldapProperties.get(SEARCH_USER_ATTRIBUTE_NAME)) : getUserManagerProvider().lookupUserFromDN(str2);
                    if (lookupUserByKey != null) {
                        concurrentHashMap.put(lookupUserByKey.getUserKey(), lookupUserByKey);
                    }
                }
            }
        }
        return concurrentHashMap;
    }

    private void invalidateCtx(DirContext dirContext) {
        try {
            if (dirContext == null) {
                if (logger.isDebugEnabled()) {
                    logger.debug("Context passed is null, ignoring it...");
                }
            } else {
                try {
                    dirContext.close();
                } catch (Exception e) {
                    logger.warn(e.getMessage(), e);
                }
            }
        } catch (Throwable th) {
            throw th;
        }
    }

    public JahiaGroup getGuestGroup(int i) {
        if (GUEST_GROUPNAME != null) {
            return lookupGroup(i, GUEST_GROUPNAME);
        }
        return null;
    }

    public void setUserProvider(JahiaUserManagerLDAPProvider jahiaUserManagerLDAPProvider) {
        this.userProvider = jahiaUserManagerLDAPProvider;
    }

    public JahiaUserManagerLDAPProvider getUserManagerProvider() {
        if (this.userProvider == null) {
            synchronized (JahiaGroupManagerLDAPProvider.class) {
                if (this.userProvider == null) {
                    for (JahiaUserManagerProvider jahiaUserManagerProvider : this.jahiaUserManagerService.getProviderList()) {
                        if (jahiaUserManagerProvider.getClass().getName().equals(JahiaUserManagerLDAPProvider.class.getName())) {
                            JahiaUserManagerLDAPProvider jahiaUserManagerLDAPProvider = (JahiaUserManagerLDAPProvider) jahiaUserManagerProvider;
                            if (jahiaUserManagerLDAPProvider.getUrl().equals(this.ldapProperties.get(LDAP_URL_PROP))) {
                                this.userProvider = jahiaUserManagerLDAPProvider;
                            }
                        }
                    }
                }
            }
        }
        return this.userProvider;
    }

    public List<String> getUserMembership(JahiaUser jahiaUser) {
        if (!(jahiaUser instanceof JahiaLDAPUser)) {
            return new ArrayList();
        }
        List<String> groups = ((JahiaLDAPUser) jahiaUser).getGroups();
        if (groups != null) {
            return groups;
        }
        ArrayList arrayList = new ArrayList();
        StringBuilder sb = new StringBuilder();
        sb.append("(&(objectclass=");
        sb.append(StringUtils.defaultString(this.ldapProperties.get(GROUP_OBJECTCLASS_ATTRIBUTE), "groupOfNames"));
        sb.append(")(");
        sb.append(this.ldapProperties.get(GROUP_MEMBERS_ATTRIBUTE));
        sb.append("=");
        sb.append(((JahiaLDAPUser) jahiaUser).getDN());
        sb.append("))");
        SearchControls searchControls = new SearchControls();
        searchControls.setSearchScope(2);
        searchControls.setReturningAttributes(new String[]{this.ldapProperties.get(SEARCH_ATTRIBUTE_PROP)});
        DirContext dirContext = null;
        try {
            try {
                dirContext = getPublicContext();
                Iterator<SearchResult> it = getGroups(dirContext, searchControls, sb).iterator();
                while (it.hasNext()) {
                    String obj = it.next().getAttributes().get(this.ldapProperties.get(SEARCH_ATTRIBUTE_PROP)).get().toString();
                    arrayList.add(this.providerKeyPrefix + obj);
                    if (logger.isDebugEnabled()) {
                        logger.debug("groupKey=" + obj);
                    }
                }
                StringBuilder sb2 = new StringBuilder();
                sb2.append("(objectclass=");
                sb2.append(StringUtils.defaultString(this.ldapProperties.get(DYNGROUP_OBJECTCLASS_ATTRIBUTE), "groupOfURLs"));
                sb2.append(")");
                SearchControls searchControls2 = new SearchControls();
                searchControls2.setSearchScope(2);
                searchControls2.setReturningAttributes(new String[]{this.ldapProperties.get(SEARCH_ATTRIBUTE_PROP), StringUtils.defaultString(this.ldapProperties.get(DYNGROUP_MEMBERS_ATTRIBUTE), "memberurl")});
                Iterator<SearchResult> it2 = getGroups(dirContext, searchControls2, sb2).iterator();
                while (it2.hasNext()) {
                    Attributes attributes = it2.next().getAttributes();
                    String obj2 = attributes.get(this.ldapProperties.get(SEARCH_ATTRIBUTE_PROP)).get().toString();
                    if (logger.isDebugEnabled()) {
                        logger.debug("groupKey=" + obj2);
                    }
                    Attribute attribute = attributes.get(StringUtils.defaultString(this.ldapProperties.get(DYNGROUP_MEMBERS_ATTRIBUTE), "memberurl"));
                    if (attribute != null) {
                        NamingEnumeration all = attribute.getAll();
                        while (true) {
                            if (all.hasMore()) {
                                String str = (String) all.next();
                                Properties properties = new Properties();
                                properties.put("ldap.url", str);
                                properties.put("user.key", removeKeyPrefix(jahiaUser.getUserKey()));
                                if (!getUserManagerProvider().searchUsers(properties).isEmpty()) {
                                    arrayList.add(this.providerKeyPrefix + obj2);
                                    if (all.hasMore()) {
                                        all.close();
                                    }
                                }
                            }
                        }
                    }
                }
                invalidateCtx(dirContext);
                List emptyList = Collections.emptyList();
                try {
                    final ArrayList arrayList2 = new ArrayList(arrayList);
                    emptyList = (List) JCRTemplate.getInstance().doExecuteWithSystemSession(new JCRCallback<List<String>>() { // from class: org.jahia.services.usermanager.ldap.JahiaGroupManagerLDAPProvider.1
                        /* renamed from: doInJCR, reason: merged with bridge method [inline-methods] */
                        public List<String> m412doInJCR(JCRSessionWrapper jCRSessionWrapper) throws RepositoryException {
                            JCRGroupManagerProvider jCRGroupManagerProvider = (JCRGroupManagerProvider) SpringContextSingleton.getBean("JCRGroupManagerProvider");
                            ArrayList arrayList3 = new ArrayList();
                            for (String str2 : arrayList2) {
                                try {
                                    JCRGroup lookupExternalGroup = jCRGroupManagerProvider.lookupExternalGroup(StringUtils.substringAfter(str2, JahiaGroupManagerLDAPProvider.this.providerKeyPrefix));
                                    if (lookupExternalGroup != null) {
                                        recurseOnGroups(jCRSessionWrapper, arrayList3, lookupExternalGroup.getIdentifier());
                                    }
                                } catch (JahiaException e) {
                                    JahiaGroupManagerLDAPProvider.logger.warn("Error retrieving membership for user " + str2, e);
                                }
                            }
                            return arrayList3;
                        }

                        private void recurseOnGroups(JCRSessionWrapper jCRSessionWrapper, List<String> list, String str2) throws RepositoryException, JahiaException {
                            JCRNodeWrapper nodeByUUID = jCRSessionWrapper.getNodeByUUID(str2);
                            PropertyIterator weakReferences = nodeByUUID.getWeakReferences();
                            while (weakReferences.hasNext()) {
                                try {
                                    Property nextProperty = weakReferences.nextProperty();
                                    if (nextProperty.getPath().contains("j:members")) {
                                        Node parent = nextProperty.getParent().getParent().getParent();
                                        if (parent.isNodeType("jnt:group")) {
                                            int i = 0;
                                            try {
                                                String name = parent.getParent().getParent().getName();
                                                if (!StringUtils.isEmpty(name)) {
                                                    i = ServicesRegistry.getInstance().getJahiaSitesService().getSiteByKey(name).getID();
                                                }
                                            } catch (NullPointerException e) {
                                                i = 0;
                                            }
                                            list.add(parent.getName() + ":" + i);
                                            recurseOnGroups(jCRSessionWrapper, list, parent.getIdentifier());
                                        }
                                    }
                                } catch (ItemNotFoundException e2) {
                                    JahiaGroupManagerLDAPProvider.logger.warn("Cannot find group for " + nodeByUUID.getPath(), e2);
                                }
                            }
                        }
                    });
                } catch (RepositoryException e) {
                    logger.error("Error retrieving user membership", e);
                }
                arrayList.addAll(new HashSet(emptyList));
                ((JahiaLDAPUser) jahiaUser).setGroups(arrayList);
                return arrayList;
            } catch (NamingException e2) {
                logger.warn(e2.getMessage(), e2);
                ArrayList arrayList3 = new ArrayList();
                invalidateCtx(dirContext);
                return arrayList3;
            }
        } catch (Throwable th) {
            invalidateCtx(dirContext);
            throw th;
        }
    }

    private List<SearchResult> getGroups(DirContext dirContext, SearchControls searchControls, StringBuilder sb) throws NamingException {
        List<SearchResult> arrayList = new ArrayList();
        try {
            arrayList = doGroupSearch(dirContext, searchControls, sb);
        } catch (NamingException e) {
            logger.warn("Unable to retrieve all LDAP groups. Cause: " + e.getMessage(), e);
        } catch (CannotProceedException e2) {
            if (logger.isDebugEnabled()) {
                logger.debug("Reconnection required", e2);
            }
        } catch (ServiceUnavailableException e3) {
            if (logger.isDebugEnabled()) {
                logger.debug("Reconnection required", e3);
            }
        } catch (SizeLimitExceededException e4) {
            logger.warn("Search count limit reached", e4);
        } catch (CommunicationException e5) {
            if (logger.isDebugEnabled()) {
                logger.debug("Reconnection required", e5);
            }
        } catch (TimeLimitExceededException e6) {
            if (logger.isDebugEnabled()) {
                logger.debug("Reconnection required", e6);
            }
        } catch (NoInitialContextException e7) {
            if (logger.isDebugEnabled()) {
                logger.debug("Reconnection required", e7);
            }
        }
        return arrayList;
    }

    private List<SearchResult> doGroupSearch(DirContext dirContext, SearchControls searchControls, StringBuilder sb) throws NamingException {
        String sb2 = sb.toString();
        if (logger.isDebugEnabled()) {
            logger.debug("Using filter string [" + sb2 + "]...");
        }
        ArrayList arrayList = new ArrayList();
        String str = this.ldapProperties.get(SEARCH_NAME_PROP);
        String str2 = this.ldapProperties.get(SEARCH_ATTRIBUTE_PROP);
        int parseInt = Integer.parseInt(StringUtils.defaultString(this.ldapProperties.get(AD_RANGE_STEP), "0"));
        if (parseInt == 0 || searchControls.getReturningAttributes() != null) {
            NamingEnumeration search = dirContext.search(str, sb2, searchControls);
            while (search.hasMore()) {
                try {
                    arrayList.add(search.next());
                } catch (SizeLimitExceededException e) {
                    if (logger.isDebugEnabled()) {
                        logger.debug("Search generated more than configured maximum search limit, limiting to " + this.ldapProperties.get(SEARCH_COUNT_LIMIT_PROP) + " first results...", e);
                    } else {
                        logger.warn("Search generated more than configured maximum search limit, limiting to " + this.ldapProperties.get(SEARCH_COUNT_LIMIT_PROP) + " first results...");
                    }
                }
            }
        } else {
            String str3 = this.ldapProperties.get(GROUP_MEMBERS_ATTRIBUTE);
            try {
                NamingEnumeration search2 = dirContext.search(str, sb2, searchControls);
                while (search2.hasMore()) {
                    SearchResult searchResult = (SearchResult) search2.next();
                    if (containsMembersRange(searchResult.getAttributes(), str3)) {
                        if (logger.isDebugEnabled()) {
                            logger.debug("Got range of members in group '" + searchResult.getName() + "'");
                        }
                        loadMembersUsingRange(searchResult, dirContext, searchControls, sb2, str, str2, str3, parseInt);
                    }
                    arrayList.add(searchResult);
                }
            } catch (SizeLimitExceededException e2) {
                if (logger.isDebugEnabled()) {
                    logger.debug("Search generated more than configured maximum search limit, limiting to " + this.ldapProperties.get(SEARCH_COUNT_LIMIT_PROP) + " first results...", e2);
                } else {
                    logger.warn("Search generated more than configured maximum search limit, limiting to " + this.ldapProperties.get(SEARCH_COUNT_LIMIT_PROP) + " first results...");
                }
            }
        }
        return arrayList;
    }

    private String removeKeyPrefix(String str) {
        return str.startsWith(this.providerKeyPrefix) ? str.substring(this.providerKeyPrefix.length()) : str;
    }

    public JahiaGroup getUsersGroup(int i) {
        if (USERS_GROUPNAME != null) {
            return lookupGroup(i, USERS_GROUPNAME);
        }
        return null;
    }

    public boolean groupExists(int i, String str) {
        return lookupGroup(i, str) != null;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v11, types: [org.jahia.services.usermanager.JahiaGroup] */
    public JahiaGroup lookupGroup(int i, String str) {
        if (str == null) {
            return null;
        }
        String str2 = getKey() + "n" + i + "_" + str;
        JahiaLDAPGroup jahiaLDAPGroup = (JahiaGroup) CacheHelper.getObjectValue(this.groupCache, str2);
        if (jahiaLDAPGroup == null) {
            if (this.nonExistantGroupCache.get(str2) != null) {
                return null;
            }
            jahiaLDAPGroup = lookupGroupInLDAP(i, str);
            if (jahiaLDAPGroup != null) {
                cachePut(getKey() + "k" + jahiaLDAPGroup.getGroupKey(), jahiaLDAPGroup);
                cachePut(getKey() + "n" + jahiaLDAPGroup.getSiteID() + "_" + jahiaLDAPGroup.getGroupname(), jahiaLDAPGroup);
            } else {
                this.nonExistantGroupCache.put(new Element(str2, true));
            }
        }
        return jahiaLDAPGroup;
    }

    private JahiaLDAPGroup lookupGroupInLDAP(int i, String str) {
        JahiaLDAPGroup lookupGroupInLDAP = lookupGroupInLDAP(str);
        if (lookupGroupInLDAP == null) {
            return null;
        }
        lookupGroupInLDAP.setSiteID(i);
        return lookupGroupInLDAP;
    }

    public boolean removeUserFromAllGroups(JahiaUser jahiaUser) {
        return jahiaUser == null || !getKey().equals(jahiaUser.getProviderName());
    }

    public Set<JahiaGroup> searchGroups(int i, Properties properties) {
        HashSet hashSet = new HashSet();
        Iterator<String> it = searchLDAPGroupsByDBProperties(i, properties).iterator();
        while (it.hasNext()) {
            hashSet.add(lookupGroup(it.next()));
        }
        DirContext dirContext = null;
        try {
            try {
                dirContext = getPublicContext();
                Iterator<SearchResult> it2 = getGroups(dirContext, properties).iterator();
                while (it2.hasNext()) {
                    JahiaLDAPGroup ldapToJahiaGroup = ldapToJahiaGroup(it2.next());
                    if (ldapToJahiaGroup != null) {
                        hashSet.add(ldapToJahiaGroup);
                    }
                }
                invalidateCtx(dirContext);
            } catch (SizeLimitExceededException e) {
                if (logger.isDebugEnabled()) {
                    logger.debug("Search generated more than configured maximum search limit in, limiting to " + this.ldapProperties.get(SEARCH_COUNT_LIMIT_PROP) + " first results...");
                }
                invalidateCtx(dirContext);
            } catch (NamingException e2) {
                logger.warn("JNDI warning", e2);
                hashSet = new HashSet();
                invalidateCtx(dirContext);
            } catch (PartialResultException e3) {
                logger.warn(e3.getMessage(), e3);
                invalidateCtx(dirContext);
            }
            return hashSet;
        } catch (Throwable th) {
            invalidateCtx(dirContext);
            throw th;
        }
    }

    private Set<String> searchLDAPGroupsByDBProperties(int i, Properties properties) {
        return Collections.emptySet();
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v8, types: [org.jahia.services.usermanager.JahiaGroup] */
    public JahiaGroup lookupGroup(String str) {
        String str2 = getKey() + "k" + str;
        JahiaLDAPGroup jahiaLDAPGroup = (JahiaGroup) CacheHelper.getObjectValue(this.groupCache, str2);
        if (jahiaLDAPGroup == null) {
            if (this.nonExistantGroupCache.get(str2) != null) {
                return null;
            }
            jahiaLDAPGroup = lookupGroupInLDAP(removeKeyPrefix(str));
            if (jahiaLDAPGroup != null) {
                cachePut(str2, jahiaLDAPGroup);
                cachePut(getKey() + "n" + jahiaLDAPGroup.getSiteID() + "_" + jahiaLDAPGroup.getGroupname(), jahiaLDAPGroup);
            } else {
                this.nonExistantGroupCache.put(new Element(str2, true));
            }
        }
        return jahiaLDAPGroup;
    }

    private JahiaLDAPGroup lookupGroupInLDAP(String str) {
        SearchResult publicGroup;
        JahiaLDAPGroup jahiaLDAPGroup = null;
        Iterator<String> it = this.nonExistentGroups.iterator();
        if (logger.isDebugEnabled()) {
            logger.debug("lookupGroupInLDAP :: " + str);
        }
        while (it.hasNext()) {
            if (str.indexOf(it.next() + ":") != -1) {
                return null;
            }
        }
        DirContext dirContext = null;
        try {
            try {
                try {
                    try {
                        dirContext = getPublicContext();
                        publicGroup = getPublicGroup(dirContext, str);
                    } catch (NamingException e) {
                        logger.warn("JNDI warning", e);
                        jahiaLDAPGroup = null;
                        invalidateCtx(dirContext);
                    }
                } catch (SizeLimitExceededException e2) {
                    logger.warn("Search generated more than configured maximum search limit, limiting to " + this.ldapProperties.get(SEARCH_COUNT_LIMIT_PROP) + " first results...");
                    jahiaLDAPGroup = null;
                    invalidateCtx(dirContext);
                }
            } catch (PartialResultException e3) {
                logger.warn(e3.getMessage(), e3);
                invalidateCtx(dirContext);
            }
            if (publicGroup == null) {
                invalidateCtx(dirContext);
                return null;
            }
            jahiaLDAPGroup = ldapToJahiaGroup(publicGroup);
            invalidateCtx(dirContext);
            return jahiaLDAPGroup;
        } catch (Throwable th) {
            invalidateCtx(dirContext);
            throw th;
        }
    }

    private SearchResult getPublicGroup(DirContext dirContext, String str) throws NamingException {
        Properties properties = new Properties();
        properties.setProperty(this.ldapProperties.get(SEARCH_ATTRIBUTE_PROP), str);
        List<SearchResult> groups = getGroups(dirContext, properties);
        SearchResult searchResult = null;
        if (!groups.isEmpty()) {
            searchResult = groups.get(0);
            if (groups.size() > 1) {
                logger.info("Warning : multiple groups with same CN in LDAP repository.");
            }
        }
        return searchResult;
    }

    public void updateCache(JahiaGroup jahiaGroup) {
        String str = getKey() + "k" + jahiaGroup.getGroupKey();
        String str2 = getKey() + "n" + jahiaGroup.getSiteID() + "_" + jahiaGroup.getGroupname();
        cachePut(str, jahiaGroup);
        cachePut(str2, jahiaGroup);
        this.nonExistantGroupCache.remove(str);
        this.nonExistantGroupCache.remove(str2);
    }

    public Map<String, String> getLdapProperties() {
        return this.ldapProperties;
    }

    public void setDefaultLdapProperties(Map<String, String> map) {
        this.defaultLdapProperties = map;
    }

    public void afterPropertiesSet() throws Exception {
        if (this.postponePropertiesInit) {
            return;
        }
        try {
            initProperties();
        } catch (JahiaInitializationException e) {
            logger.error("A problem occured during properties initialization", e);
        }
    }

    public void initProperties() throws JahiaInitializationException {
        if (this.defaultLdapProperties == null) {
            this.defaultLdapProperties = new HashMap();
        }
        this.ldapProperties = this.defaultLdapProperties != null ? new HashMap(this.defaultLdapProperties) : new HashMap();
        if (this.overridenLdapProperties != null) {
            this.ldapProperties.putAll(this.overridenLdapProperties);
        }
        if (this.ldapProperties.containsKey("priority")) {
            setPriority(Integer.parseInt(this.ldapProperties.get("priority")));
        }
        if (this.groupManagerService != null) {
            this.groupManagerService.registerProvider(this);
        }
        this.mappedProperties = new HashMap();
        for (Map.Entry<String, String> entry : this.ldapProperties.entrySet()) {
            if (entry.getKey().endsWith(".attribute.map")) {
                this.mappedProperties.put(StringUtils.substringBeforeLast(entry.getKey(), ".attribute.map"), entry.getValue());
            }
        }
        if (this.cacheProvider == null) {
            this.cacheProvider = (EhCacheProvider) SpringContextSingleton.getBean("ehCacheProvider");
        }
        if (this.jahiaUserManagerService == null) {
            this.jahiaUserManagerService = (JahiaUserManagerService) SpringContextSingleton.getBean("JahiaUserManagerService");
        }
        CacheManager cacheManager = this.cacheProvider.getCacheManager();
        this.groupCache = cacheManager.getCache(LDAP_GROUP_CACHE);
        if (this.groupCache == null) {
            cacheManager.addCache(LDAP_GROUP_CACHE);
            this.groupCache = cacheManager.getCache(LDAP_GROUP_CACHE);
        }
        this.nonExistantGroupCache = cacheManager.getCache(LDAP_NONEXISTANT_GROUP_CACHE);
        if (this.nonExistantGroupCache == null) {
            cacheManager.addCache(LDAP_NONEXISTANT_GROUP_CACHE);
            this.nonExistantGroupCache = cacheManager.getCache(LDAP_NONEXISTANT_GROUP_CACHE);
        }
        String str = this.ldapProperties.get(SEARCH_WILDCARD_ATTRIBUTE_LIST);
        if (str != null) {
            this.searchWildCardAttributeList = new ArrayList();
            StringTokenizer stringTokenizer = new StringTokenizer(str, ", ");
            while (stringTokenizer.hasMoreTokens()) {
                this.searchWildCardAttributeList.add(stringTokenizer.nextToken().trim());
            }
        }
        logger.debug("Initialized and connected to public repository");
    }

    public void unregister() {
        if (this.groupManagerService != null) {
            this.groupManagerService.unregisterProvider(this);
        }
    }

    private void initializeDefaults() {
        setKey("ldap");
        setPriority(2);
        setReadOnly(true);
        this.defaultLdapProperties = iniDefaultProperties();
    }

    private Map<String, String> iniDefaultProperties() {
        HashMap hashMap = new HashMap();
        hashMap.put("context.factory", "com.sun.jndi.ldap.LdapCtxFactory");
        hashMap.put("authentification.mode", "simple");
        hashMap.put("ldap.connect.pool", CleanerProperties.BOOL_ATT_TRUE);
        hashMap.put("ldap.connect.timeout", "5000");
        hashMap.put("preload", "false");
        hashMap.put("search.countlimit", "100");
        hashMap.put("refferal", "ignore");
        hashMap.put("ad.range.step", "0");
        hashMap.put("search.attribute", "cn");
        hashMap.put("search.objectclass", "groupOfUniqueNames");
        hashMap.put("members.attribute", "uniqueMember");
        hashMap.put("dynamic.search.objectclass", "groupOfURLs");
        hashMap.put("dynamic.members.attribute", "memberurl");
        hashMap.put("search.wildcards.attributes", "cn,description,uniqueMember");
        hashMap.put("groupname.attribute.map", "cn");
        hashMap.put("description.attribute.map", "description");
        return hashMap;
    }

    public void setKey(String str) {
        super.setKey(str);
        this.providerKeyPrefix = "{" + getKey() + "}";
    }

    public void setPostponePropertiesInit(boolean z) {
        this.postponePropertiesInit = z;
    }

    protected void cachePut(String str, JahiaGroup jahiaGroup) {
        this.groupCache.put(new Element(str, new ModuleClassLoaderAwareCacheEntry(jahiaGroup, "ldap")));
    }
}
