package org.lsc.jndi;

import java.io.File;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.Hashtable;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import javax.naming.CommunicationException;
import javax.naming.ContextNotEmptyException;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.ServiceUnavailableException;
import javax.naming.SizeLimitExceededException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.BasicAttributes;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.ModificationItem;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.naming.ldap.Control;
import javax.naming.ldap.InitialLdapContext;
import javax.naming.ldap.LdapContext;
import javax.naming.ldap.LdapName;
import javax.naming.ldap.PagedResultsControl;
import javax.naming.ldap.PagedResultsResponseControl;
import javax.naming.ldap.SortControl;
import javax.naming.ldap.StartTlsRequest;
import javax.naming.ldap.StartTlsResponse;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import org.apache.commons.lang.StringUtils;
import org.apache.directory.shared.ldap.codec.api.LdapApiService;
import org.apache.directory.shared.ldap.codec.api.LdapApiServiceFactory;
import org.apache.directory.shared.ldap.codec.controls.search.persistentSearch.PersistentSearchFactory;
import org.apache.directory.shared.ldap.extras.controls.syncrepl_impl.SyncStateValueFactory;
import org.apache.directory.shared.ldap.model.exception.LdapInvalidDnException;
import org.apache.directory.shared.ldap.model.exception.LdapURLEncodingException;
import org.apache.directory.shared.ldap.model.name.Dn;
import org.apache.directory.shared.ldap.model.name.Rdn;
import org.apache.directory.shared.ldap.model.url.LdapUrl;
import org.lsc.Configuration;
import org.lsc.LscDatasets;
import org.lsc.beans.syncoptions.ISyncOptions;
import org.lsc.configuration.LdapAuthenticationType;
import org.lsc.configuration.LdapConnectionType;
import org.lsc.configuration.LdapDerefAliasesType;
import org.lsc.configuration.LdapReferralType;
import org.lsc.configuration.LdapVersionType;
import org.lsc.exception.LscConfigurationException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/lsc/jndi/JndiServices.class */
public final class JndiServices {
    public static final String DEFAULT_FILTER = "objectClass=*";
    private LdapContext ctx;
    private StartTlsResponse tlsResponse;
    private Dn contextDn;
    private int pageSize;
    private LdapUrl namingContext;
    private boolean recursiveDelete;
    private String sortedBy;
    private Properties connProps;
    private static final Logger LOGGER = LoggerFactory.getLogger(JndiServices.class);
    private static Map<Properties, JndiServices> cache = new HashMap();

    private JndiServices(Properties properties) throws NamingException, IOException {
        this.connProps = properties;
        initConnection();
    }

    private void initConnection() throws NamingException, IOException {
        logConnectingTo(this.connProps);
        if (Boolean.parseBoolean((String) this.connProps.get("java.naming.tls"))) {
            Properties properties = new Properties();
            properties.putAll(this.connProps);
            String property = properties.getProperty("java.naming.security.authentication");
            String property2 = properties.getProperty("java.naming.security.principal");
            String property3 = properties.getProperty("java.naming.security.credentials");
            properties.remove("java.naming.security.authentication");
            properties.remove("java.naming.security.principal");
            properties.remove("java.naming.security.credentials");
            this.ctx = new InitialLdapContext(properties, (Control[]) null);
            try {
                this.tlsResponse = this.ctx.extendedOperation(new StartTlsRequest());
                this.tlsResponse.negotiate();
                this.ctx.addToEnvironment("java.naming.security.authentication", property);
                this.ctx.addToEnvironment("java.naming.security.principal", property2);
                this.ctx.addToEnvironment("java.naming.security.credentials", property3);
            } catch (IOException e) {
                LOGGER.error("Error starting TLS encryption on connection to {}", properties.getProperty("java.naming.provider.url"));
                LOGGER.debug(e.toString(), e);
                throw e;
            } catch (NamingException e2) {
                LOGGER.error("Error starting TLS encryption on connection to {}", properties.getProperty("java.naming.provider.url"));
                LOGGER.debug(e2.toString(), e2);
                throw e2;
            }
        } else {
            this.ctx = new InitialLdapContext(this.connProps, (Control[]) null);
        }
        try {
            this.namingContext = new LdapUrl((String) this.ctx.getEnvironment().get("java.naming.provider.url"));
            this.contextDn = this.namingContext.getDn() != null ? this.namingContext.getDn() : null;
            String str = (String) this.ctx.getEnvironment().get("java.naming.ldap.pageSize");
            if (str != null) {
                this.pageSize = Integer.parseInt(str);
            } else {
                this.pageSize = -1;
            }
            this.sortedBy = (String) this.ctx.getEnvironment().get("java.naming.ldap.sortedBy");
            String str2 = (String) this.ctx.getEnvironment().get("java.naming.recursivedelete");
            if (str2 != null) {
                this.recursiveDelete = Boolean.parseBoolean(str2);
            } else {
                this.recursiveDelete = false;
            }
            LdapApiService singleton = LdapApiServiceFactory.getSingleton();
            singleton.registerControl(new SyncStateValueFactory(singleton));
            singleton.registerControl(new PersistentSearchFactory(singleton));
        } catch (LdapURLEncodingException e3) {
            LOGGER.error(e3.toString());
            LOGGER.debug(e3.toString(), e3);
            throw new NamingException(e3.getMessage());
        }
    }

    private void logConnectingTo(Properties properties) {
        if (LOGGER.isInfoEnabled()) {
            StringBuilder sb = new StringBuilder();
            sb.append("Connecting to LDAP server ");
            sb.append(properties.getProperty("java.naming.provider.url"));
            if (properties.getProperty("java.naming.security.authentication") == null || properties.getProperty("java.naming.security.authentication").equals("none")) {
                sb.append(" anonymously");
            } else {
                sb.append(" as ");
                sb.append(properties.getProperty("java.naming.security.principal"));
            }
            if (Boolean.parseBoolean((String) properties.get("java.naming.tls"))) {
                sb.append(" with STARTTLS extended operation");
            }
            LOGGER.info(sb.toString());
        }
    }

    @Deprecated
    public static JndiServices getSrcInstance() {
        try {
            Properties srcProperties = Configuration.getSrcProperties();
            if (srcProperties == null || srcProperties.size() <= 0) {
                return null;
            }
            return getInstance(srcProperties);
        } catch (Exception e) {
            LOGGER.error("Error opening the LDAP connection to the source!");
            throw new RuntimeException(e);
        }
    }

    @Deprecated
    public static JndiServices getDstInstance() {
        try {
            return getInstance(Configuration.getDstProperties());
        } catch (Exception e) {
            LOGGER.error("Error opening the LDAP connection to the destination!");
            throw new RuntimeException(e);
        }
    }

    public static JndiServices getInstance(Properties properties) throws NamingException, IOException {
        return getInstance(properties, false);
    }

    public static JndiServices getInstance(Properties properties, boolean z) throws NamingException, IOException {
        if (z) {
            return new JndiServices(properties);
        }
        if (!cache.containsKey(properties)) {
            cache.put(properties, new JndiServices(properties));
        }
        return cache.get(properties);
    }

    public static Properties getLdapProperties(LdapConnectionType ldapConnectionType) throws LscConfigurationException {
        String lookupLdapSrvThroughDNS;
        Properties properties = new Properties();
        properties.setProperty("java.naming.factory.initial", ldapConnectionType.getFactory() != null ? ldapConnectionType.getFactory() : "com.sun.jndi.ldap.LdapCtxFactory");
        if (ldapConnectionType.getUsername() != null) {
            properties.setProperty("java.naming.security.authentication", ldapConnectionType.getAuthentication().value());
            properties.setProperty("java.naming.security.principal", ldapConnectionType.getUsername());
            if (!ldapConnectionType.getAuthentication().equals(LdapAuthenticationType.GSSAPI)) {
                properties.setProperty("java.naming.security.credentials", ldapConnectionType.getPassword());
            } else {
                if (System.getProperty("java.security.krb5.conf") != null) {
                    throw new RuntimeException("Multiple Kerberos connections not supported (existing value: " + System.getProperty("java.security.krb5.conf") + "). Need to set another LSC instance or unset system property !");
                }
                System.setProperty("java.security.krb5.conf", new File(Configuration.getConfigurationDirectory(), "krb5.ini").getAbsolutePath());
                if (System.getProperty("java.security.auth.login.config") != null) {
                    throw new RuntimeException("Multiple JAAS not supported (existing value: " + System.getProperty("java.security.auth.login.config") + "). Need to set another LSC instance or unset system property !");
                }
                System.setProperty("java.security.auth.login.config", new File(Configuration.getConfigurationDirectory(), "gsseg_jaas.conf").getAbsolutePath());
                properties.setProperty("javax.security.sasl.server.authentication", "" + ldapConnectionType.isSaslMutualAuthentication());
                properties.put("javax.security.auth.useSubjectCredsOnly", ISyncOptions.DEFAULT_CONDITION);
                properties.put("com.sun.jndi.ldap.trace.ber", System.err);
                try {
                    new LoginContext(JndiServices.class.getName(), new KerberosCallbackHandler(ldapConnectionType.getUsername(), ldapConnectionType.getPassword())).login();
                } catch (LoginException e) {
                    e.printStackTrace();
                }
            }
        } else {
            properties.setProperty("java.naming.security.authentication", "none");
        }
        try {
            LdapUrl ldapUrl = new LdapUrl(ldapConnectionType.getUrl());
            if (ldapUrl.getHost() == null) {
                if (LOGGER.isDebugEnabled()) {
                    LOGGER.debug("Hostname is empty in LDAP URL, will try to lookup through the naming context ...");
                }
                String convertToDomainExtension = convertToDomainExtension(ldapUrl.getDn());
                if (convertToDomainExtension != null && (lookupLdapSrvThroughDNS = lookupLdapSrvThroughDNS("_ldap._tcp." + convertToDomainExtension)) != null) {
                    ldapUrl.setHost(lookupLdapSrvThroughDNS.substring(0, lookupLdapSrvThroughDNS.indexOf(":")));
                    ldapUrl.setPort(Integer.parseInt(lookupLdapSrvThroughDNS.substring(lookupLdapSrvThroughDNS.indexOf(":") + 1)));
                    ldapConnectionType.setUrl(ldapUrl.toString());
                }
            }
            properties.setProperty("java.naming.provider.url", ldapConnectionType.getUrl());
            if (ldapConnectionType.getReferral() != null) {
                properties.setProperty("java.naming.referral", ldapConnectionType.getReferral().value().toLowerCase());
            } else {
                properties.setProperty("java.naming.referral", LdapReferralType.IGNORE.value().toLowerCase());
            }
            if (ldapConnectionType.getDerefAliases() != null) {
                properties.setProperty("java.naming.ldap.derefAliases", getDerefJndiValue(ldapConnectionType.getDerefAliases()));
            } else {
                properties.setProperty("java.naming.ldap.derefAliases", getDerefJndiValue(LdapDerefAliasesType.NEVER));
            }
            if (ldapConnectionType.getBinaryAttributes() != null) {
                properties.setProperty("java.naming.ldap.attributes.binary", StringUtils.join(ldapConnectionType.getBinaryAttributes().getString(), " "));
            }
            if (ldapConnectionType.getPageSize() != null) {
                properties.setProperty("java.naming.ldap.pageSize", "" + ldapConnectionType.getPageSize());
            }
            if (ldapConnectionType.getSortedBy() != null) {
                properties.setProperty("java.naming.ldap.sortedBy", ldapConnectionType.getSortedBy());
            }
            properties.setProperty("java.naming.ldap.version", ldapConnectionType.getVersion() == LdapVersionType.VERSION_2 ? "2" : "3");
            if (ldapConnectionType.isRecursiveDelete() != null) {
                properties.setProperty("java.naming.recursivedelete", Boolean.toString(ldapConnectionType.isRecursiveDelete().booleanValue()));
            }
            return properties;
        } catch (LdapURLEncodingException e2) {
            throw new LscConfigurationException((Exception) e2);
        }
    }

    private static String lookupLdapSrvThroughDNS(String str) {
        Properties properties = new Properties();
        properties.put("java.naming.factory.initial", "com.sun.jndi.dns.DnsContextFactory");
        properties.put("java.naming.provider.url", "dns:");
        try {
            InitialDirContext initialDirContext = new InitialDirContext(properties);
            if (initialDirContext != null) {
                String[] split = ((String) ((Attribute) initialDirContext.getAttributes(str, new String[]{"SRV"}).getAll().next()).get()).split(" ");
                return split[3] + ":" + split[2];
            }
        } catch (NamingException e) {
        }
        return str + ":389";
    }

    private static String convertToDomainExtension(Dn dn) {
        String str = "";
        for (Rdn rdn : dn.getRdns()) {
            if (!rdn.getAva().getType().equalsIgnoreCase("dc")) {
                return null;
            }
            str = str.length() > 0 ? rdn.getNormValue().getString() + "." + str : rdn.getNormValue().getString();
        }
        return str;
    }

    private static String getDerefJndiValue(LdapDerefAliasesType ldapDerefAliasesType) {
        switch (ldapDerefAliasesType) {
            case ALWAYS:
                return "always";
            case FIND:
                return "finding";
            case SEARCH:
                return "searching";
            case NEVER:
                return "never";
            default:
                return "";
        }
    }

    public static JndiServices getInstance(LdapConnectionType ldapConnectionType) {
        try {
            return getInstance(getLdapProperties(ldapConnectionType));
        } catch (Exception e) {
            LOGGER.error("Error opening the LDAP connection to the destination! (" + e.toString() + ")");
            throw new RuntimeException(e);
        }
    }

    public SearchResult getEntry(String str, String str2) throws NamingException {
        return getEntry(str, str2, new SearchControls());
    }

    public SearchResult getEntry(String str, String str2, SearchControls searchControls) throws NamingException {
        return getEntry(str, str2, searchControls, 2);
    }

    public SearchResult getEntry(String str, String str2, SearchControls searchControls, int i) throws NamingException {
        try {
            return doGetEntry(str, str2, searchControls, i);
        } catch (NamingException e) {
            if (!(e instanceof CommunicationException) && !(e instanceof ServiceUnavailableException)) {
                throw e;
            }
            LOGGER.warn("Communication error, retrying: " + e.getMessage());
            LOGGER.debug(e.getMessage(), e);
            try {
                initConnection();
                return doGetEntry(str, str2, searchControls, i);
            } catch (IOException e2) {
                LOGGER.error("I/O error: " + e2.getMessage());
                LOGGER.debug(e2.getMessage(), e2);
                throw e;
            }
        }
    }

    private SearchResult doGetEntry(String str, String str2, SearchControls searchControls, int i) throws NamingException {
        String str3 = str == null ? "" : str;
        String str4 = str2 == null ? DEFAULT_FILTER : str2;
        try {
            searchControls.setSearchScope(i);
            NamingEnumeration search = this.ctx.search((this.contextDn == null || !str3.toLowerCase().endsWith(this.contextDn.toString().toLowerCase())) ? str3 : !str3.equalsIgnoreCase(this.contextDn.toString()) ? str3.substring(0, str3.toLowerCase().lastIndexOf(this.contextDn.toString().toLowerCase()) - 1) : "", str4, searchControls);
            if (!search.hasMoreElements()) {
                search.hasMore();
                return null;
            }
            SearchResult searchResult = (SearchResult) search.nextElement();
            if (!search.hasMoreElements()) {
                return searchResult;
            }
            LOGGER.error("Too many entries returned (base: \"{}\", filter: \"{}\")", str3, str4);
            throw new SizeLimitExceededException("Too many entries returned (base: \"" + str3 + "\", filter: \"" + str4 + "\")");
        } catch (NamingException e) {
            LOGGER.error("Error while looking for {} in {}: {}", new Object[]{str4, str3, e});
            throw e;
        }
    }

    public boolean exists(String str, String str2) {
        try {
            return readEntry(str, str2, true) != null;
        } catch (NamingException e) {
            LOGGER.error(e.toString());
            LOGGER.debug(e.toString(), e);
            return false;
        }
    }

    public boolean exists(String str) {
        return exists(str, DEFAULT_FILTER);
    }

    public SearchResult readEntry(String str, boolean z) throws NamingException {
        return readEntry(str, DEFAULT_FILTER, z);
    }

    public SearchResult readEntry(String str, String str2, boolean z) throws NamingException {
        return readEntry(str, str2, z, new SearchControls());
    }

    public String rewriteBase(String str) {
        try {
            Dn dn = new Dn(new String[]{str});
            return !dn.isDescendantOf(this.contextDn) ? str : dn.equals(this.contextDn) ? "" : dn.getDescendantOf(this.contextDn).toString();
        } catch (LdapInvalidDnException e) {
            throw new RuntimeException((Throwable) e);
        }
    }

    public SearchResult readEntry(String str, String str2, boolean z, SearchControls searchControls) throws NamingException {
        try {
            return doReadEntry(str, str2, z, searchControls);
        } catch (NamingException e) {
            if (!(e instanceof CommunicationException) && !(e instanceof ServiceUnavailableException)) {
                throw e;
            }
            LOGGER.warn("Communication error, retrying: " + e.getMessage());
            LOGGER.debug(e.getMessage(), e);
            try {
                initConnection();
                return doReadEntry(str, str2, z, searchControls);
            } catch (IOException e2) {
                LOGGER.error("I/O error: " + e2.getMessage());
                LOGGER.debug(e2.getMessage(), e2);
                throw e;
            }
        }
    }

    private SearchResult doReadEntry(String str, String str2, boolean z, SearchControls searchControls) throws NamingException {
        searchControls.setSearchScope(0);
        try {
            NamingEnumeration search = this.ctx.search(rewriteBase(str), str2, searchControls);
            SearchResult searchResult = null;
            if (search.hasMore()) {
                searchResult = (SearchResult) search.next();
                if (!search.hasMore()) {
                    return searchResult;
                }
                LOGGER.error("Too many entries returned (base: \"{}\")", str);
            }
            return searchResult;
        } catch (NamingException e) {
            if (z) {
                return null;
            }
            LOGGER.error("Error while reading entry {}: {}", str, e);
            LOGGER.debug(e.toString(), e);
            return null;
        }
    }

    public List<String> getDnList(String str, String str2, int i) throws NamingException {
        try {
            return doGetDnList(str, str2, i);
        } catch (NamingException e) {
            if (!(e instanceof CommunicationException) && !(e instanceof ServiceUnavailableException)) {
                throw e;
            }
            LOGGER.warn("Communication error, retrying: " + e.getMessage());
            LOGGER.debug(e.getMessage(), e);
            try {
                initConnection();
                return doGetDnList(str, str2, i);
            } catch (IOException e2) {
                LOGGER.error("I/O error: " + e2.getMessage());
                LOGGER.debug(e2.getMessage(), e2);
                throw e;
            }
        }
    }

    private List<String> doGetDnList(String str, String str2, int i) throws NamingException {
        ArrayList arrayList = new ArrayList();
        try {
            SearchControls searchControls = new SearchControls();
            searchControls.setDerefLinkFlag(false);
            searchControls.setReturningAttributes(new String[]{"1.1"});
            searchControls.setSearchScope(i);
            searchControls.setReturningObjFlag(true);
            NamingEnumeration search = this.ctx.search(str, str2, searchControls);
            String str3 = str.length() > 0 ? "," + str : "";
            while (search.hasMoreElements()) {
                arrayList.add(((SearchResult) search.next()).getName() + str3);
            }
            return arrayList;
        } catch (NamingException e) {
            LOGGER.error(e.toString());
            LOGGER.debug(e.toString(), e);
            throw e;
        }
    }

    public boolean apply(JndiModifications jndiModifications) throws CommunicationException {
        try {
            return doApply(jndiModifications);
        } catch (CommunicationException e) {
            LOGGER.warn("Communication error, retrying: " + e.getMessage());
            LOGGER.debug(e.getMessage(), e);
            try {
                initConnection();
                return doApply(jndiModifications);
            } catch (IOException e2) {
                LOGGER.error("I/O error: " + e2.getMessage());
                LOGGER.debug(e2.getMessage(), e2);
                throw e;
            } catch (NamingException e3) {
                LOGGER.error("Naming error: " + e3.getMessage());
                LOGGER.debug(e3.getMessage(), e3);
                throw e;
            }
        }
    }

    private boolean doApply(JndiModifications jndiModifications) throws CommunicationException {
        if (jndiModifications == null) {
            return true;
        }
        try {
            switch (jndiModifications.getOperation()) {
                case ADD_ENTRY:
                    this.ctx.createSubcontext(new LdapName(rewriteBase(jndiModifications.getDistinguishName())), getAttributes(jndiModifications.getModificationItems(), true));
                    return true;
                case DELETE_ENTRY:
                    if (this.recursiveDelete) {
                        deleteChildrenRecursively(rewriteBase(jndiModifications.getDistinguishName()));
                        return true;
                    }
                    this.ctx.destroySubcontext(new LdapName(rewriteBase(jndiModifications.getDistinguishName())));
                    return true;
                case MODIFY_ENTRY:
                    Object[] array = jndiModifications.getModificationItems().toArray();
                    ModificationItem[] modificationItemArr = new ModificationItem[array.length];
                    System.arraycopy(array, 0, modificationItemArr, 0, array.length);
                    this.ctx.modifyAttributes(new LdapName(rewriteBase(jndiModifications.getDistinguishName())), modificationItemArr);
                    return true;
                case MODRDN_ENTRY:
                    LOGGER.warn("WARNING: updating the RDN of the entry will cancel other modifications! Relaunch synchronization to complete update.");
                    this.ctx.rename(new LdapName(rewriteBase(jndiModifications.getDistinguishName())), new LdapName(rewriteBase(jndiModifications.getNewDistinguishName())));
                    return true;
                default:
                    LOGGER.error("Unable to identify the right modification type: {}", jndiModifications.getOperation());
                    return false;
            }
        } catch (NamingException e) {
            if (LOGGER.isErrorEnabled()) {
                StringBuilder sb = new StringBuilder("Error while ");
                switch (jndiModifications.getOperation()) {
                    case ADD_ENTRY:
                        sb.append("adding");
                        break;
                    case DELETE_ENTRY:
                        if (this.recursiveDelete) {
                            sb.append("recursively ");
                        }
                        sb.append("deleting");
                        break;
                    case MODIFY_ENTRY:
                        sb.append("modifying");
                        break;
                    case MODRDN_ENTRY:
                        sb.append("renaming");
                        break;
                }
                sb.append(" entry ").append(jndiModifications.getDistinguishName());
                sb.append(" in directory :").append(e.toString());
                LOGGER.error(sb.toString());
            }
            if (e instanceof CommunicationException) {
                throw e;
            }
            if (!(e instanceof ServiceUnavailableException)) {
                return false;
            }
            CommunicationException communicationException = new CommunicationException(e.getExplanation());
            communicationException.setRootCause(e);
            throw communicationException;
        } catch (ContextNotEmptyException e2) {
            LOGGER.error("Object {} not deleted because it has children (LDAP error code 66 received). To delete this entry and it's subtree, set the dst.java.naming.recursivedelete property to true", jndiModifications.getDistinguishName());
            return false;
        }
    }

    private void deleteChildrenRecursively(String str) throws NamingException {
        try {
            doDeleteChildrenRecursively(str);
        } catch (NamingException e) {
            if (!(e instanceof CommunicationException) && !(e instanceof ServiceUnavailableException)) {
                throw e;
            }
            LOGGER.warn("Communication error, retrying: " + e.getMessage());
            LOGGER.debug(e.getMessage(), e);
            try {
                initConnection();
                doDeleteChildrenRecursively(str);
            } catch (IOException e2) {
                LOGGER.error("I/O error: " + e2.getMessage());
                LOGGER.debug(e2.getMessage(), e2);
                throw e;
            }
        }
    }

    private void doDeleteChildrenRecursively(String str) throws NamingException {
        SearchControls searchControls = new SearchControls();
        searchControls.setSearchScope(1);
        NamingEnumeration search = this.ctx.search(str, DEFAULT_FILTER, searchControls);
        while (search.hasMore()) {
            deleteChildrenRecursively(rewriteBase(((SearchResult) search.next()).getName() + "," + str));
        }
        this.ctx.destroySubcontext(new LdapName(str));
    }

    private Attributes getAttributes(List<ModificationItem> list, boolean z) {
        BasicAttributes basicAttributes = new BasicAttributes();
        for (ModificationItem modificationItem : list) {
            if (!z || modificationItem.getAttribute().size() != 0) {
                basicAttributes.put(modificationItem.getAttribute());
            }
        }
        return basicAttributes;
    }

    public Map<String, List<String>> getSchema(String[] strArr) throws NamingException {
        HashMap hashMap = new HashMap();
        Hashtable environment = this.ctx.getEnvironment();
        String str = (String) environment.get("java.naming.provider.url");
        environment.put("java.naming.provider.url", str.substring(0, str.lastIndexOf(47)));
        InitialLdapContext initialLdapContext = new InitialLdapContext(environment, (Control[]) null);
        SearchControls searchControls = new SearchControls();
        searchControls.setSearchScope(0);
        searchControls.setReturningAttributes(new String[]{"subschemaSubentry"});
        NamingEnumeration search = initialLdapContext.search("", "(objectclass=*)", searchControls);
        String str2 = null;
        SearchResult searchResult = search.hasMore() ? (SearchResult) search.next() : null;
        Attribute attribute = searchResult != null ? searchResult.getAttributes().get("subschemaSubentry") : null;
        if (attribute != null && attribute.size() > 0) {
            str2 = (String) attribute.get();
        }
        if (str2 != null) {
            Attributes attributes = initialLdapContext.getAttributes(str2, strArr != null ? strArr : new String[]{"*", "+"});
            if (attributes != null) {
                for (String str3 : strArr) {
                    Attribute attribute2 = attributes.get(str3);
                    if (attribute2 != null) {
                        hashMap.put(attribute2.getID(), Collections.list(attribute2.getAll()));
                    }
                }
            }
        }
        return hashMap;
    }

    public List<String> sup(String str, int i) throws NamingException {
        int size = new LdapName(this.contextDn.toString()).size();
        LdapName ldapName = new LdapName(str);
        ArrayList arrayList = new ArrayList();
        if (i <= 0) {
            if (i != 0) {
                return null;
            }
            arrayList.add(ldapName.toString());
            int size2 = ldapName.size();
            for (int i2 = 0; i2 < size2 - 1 && i2 < size2 - size; i2++) {
                ldapName.remove(ldapName.size() - 1);
                arrayList.add(ldapName.toString());
            }
        } else if (ldapName.size() > i) {
            for (int i3 = 0; i3 < i; i3++) {
                ldapName.remove(ldapName.size() - 1);
            }
            arrayList.add(ldapName.toString());
        }
        return arrayList;
    }

    public Map<String, LscDatasets> getAttrsList(String str, String str2, int i, List<String> list) throws NamingException {
        try {
            return doGetAttrsList(str, str2, i, list);
        } catch (NamingException e) {
            if (!(e instanceof CommunicationException) && !(e instanceof ServiceUnavailableException)) {
                throw e;
            }
            LOGGER.warn("Communication error, retrying: " + e.getMessage());
            LOGGER.debug(e.getMessage(), e);
            try {
                initConnection();
                return doGetAttrsList(str, str2, i, list);
            } catch (IOException e2) {
                LOGGER.error("I/O error: " + e2.getMessage());
                LOGGER.debug(e2.getMessage(), e2);
                throw e;
            }
        }
    }

    public Map<String, LscDatasets> doGetAttrsList(String str, String str2, int i, List<String> list) throws NamingException {
        String rewriteBase = str == null ? "" : rewriteBase(str);
        String str3 = str2 == null ? DEFAULT_FILTER : str2;
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        if (list == null || list.size() == 0) {
            LOGGER.error("No attribute names to read! Check configuration.");
            return linkedHashMap;
        }
        String[] strArr = (String[]) list.toArray(new String[list.size()]);
        SearchControls searchControls = new SearchControls();
        searchControls.setDerefLinkFlag(false);
        searchControls.setReturningAttributes(strArr);
        searchControls.setSearchScope(i);
        searchControls.setReturningObjFlag(true);
        try {
            boolean z = false;
            ArrayList arrayList = new ArrayList();
            if (this.pageSize > 0) {
                z = true;
                LOGGER.debug("Using pagedResults control for {} entries at a time", Integer.valueOf(this.pageSize));
            }
            if (z) {
                arrayList.add(new PagedResultsControl(this.pageSize, true));
            }
            if (this.sortedBy != null) {
                arrayList.add(new SortControl(this.sortedBy, true));
            }
            if (arrayList.size() > 0) {
                this.ctx.setRequestControls((Control[]) arrayList.toArray(new Control[arrayList.size()]));
            }
            byte[] bArr = null;
            do {
                NamingEnumeration search = this.ctx.search(rewriteBase, str3, searchControls);
                if (search != null) {
                    while (search.hasMoreElements()) {
                        HashMap hashMap = new HashMap();
                        SearchResult searchResult = (SearchResult) search.next();
                        for (String str4 : list) {
                            Attribute attribute = searchResult.getAttributes().get(str4);
                            if (attribute != null && attribute.get() != null) {
                                hashMap.put(str4, (String) attribute.get());
                            }
                        }
                        linkedHashMap.put(searchResult.getNameInNamespace(), new LscDatasets(hashMap));
                    }
                }
                PagedResultsResponseControl[] responseControls = this.ctx.getResponseControls();
                if (responseControls != null) {
                    for (PagedResultsResponseControl pagedResultsResponseControl : responseControls) {
                        if (z && (pagedResultsResponseControl instanceof PagedResultsResponseControl)) {
                            bArr = pagedResultsResponseControl.getCookie();
                        }
                    }
                }
                if (z && bArr != null) {
                    this.ctx.setRequestControls(new Control[]{new PagedResultsControl(this.pageSize, bArr, true)});
                }
            } while (bArr != null);
            if (z) {
                this.ctx.setRequestControls((Control[]) null);
            }
        } catch (CommunicationException e) {
            throw e;
        } catch (IOException e2) {
            this.ctx.setRequestControls((Control[]) null);
            LOGGER.error(e2.toString());
            LOGGER.debug(e2.toString(), e2);
        } catch (ServiceUnavailableException e3) {
            throw e3;
        } catch (NamingException e4) {
            this.ctx.setRequestControls((Control[]) null);
            LOGGER.error(e4.toString());
            LOGGER.debug(e4.toString(), e4);
        }
        return linkedHashMap;
    }

    public String getContextDn() {
        return this.contextDn.toString();
    }

    protected void finalize() throws Throwable {
        if (this.tlsResponse != null) {
            this.tlsResponse.close();
        }
        this.ctx.close();
        super.finalize();
    }

    public LdapContext getContext() {
        return this.ctx;
    }

    public String completeDn(String str) {
        return !str.toLowerCase().endsWith(this.contextDn.toString().toLowerCase()) ? str.length() > 0 ? str + "," + this.contextDn.toString() : this.contextDn.toString() : str;
    }

    public static CallbackHandler getCallbackHandler(String str, String str2) {
        return new KerberosCallbackHandler(str, str2);
    }
}
