package org.apache.directory.fortress.core.impl;

import java.io.IOException;
import java.util.ArrayList;
import java.util.List;
import java.util.Set;
import java.util.TreeSet;
import org.apache.commons.lang3.StringUtils;
import org.apache.directory.api.ldap.model.constants.SchemaConstants;
import org.apache.directory.api.ldap.model.cursor.CursorException;
import org.apache.directory.api.ldap.model.cursor.SearchCursor;
import org.apache.directory.api.ldap.model.entry.DefaultEntry;
import org.apache.directory.api.ldap.model.entry.DefaultModification;
import org.apache.directory.api.ldap.model.entry.Entry;
import org.apache.directory.api.ldap.model.entry.ModificationOperation;
import org.apache.directory.api.ldap.model.exception.LdapException;
import org.apache.directory.api.ldap.model.exception.LdapInvalidAttributeValueException;
import org.apache.directory.api.ldap.model.exception.LdapNoSuchObjectException;
import org.apache.directory.api.ldap.model.message.SearchScope;
import org.apache.directory.fortress.core.CreateException;
import org.apache.directory.fortress.core.FinderException;
import org.apache.directory.fortress.core.GlobalErrIds;
import org.apache.directory.fortress.core.GlobalIds;
import org.apache.directory.fortress.core.RemoveException;
import org.apache.directory.fortress.core.UpdateException;
import org.apache.directory.fortress.core.ldap.LdapDataProvider;
import org.apache.directory.fortress.core.model.ObjectFactory;
import org.apache.directory.fortress.core.model.PwPolicy;
import org.apache.directory.fortress.core.model.User;
import org.apache.directory.fortress.core.util.Config;
import org.apache.directory.ldap.client.api.LdapConnection;

/* loaded from: input_file:WEB-INF/lib/fortress-core-3.0.1.jar:org/apache/directory/fortress/core/impl/PolicyDAO.class */
final class PolicyDAO extends LdapDataProvider {
    private static final String OLPW_POLICY_EXTENSION = "2.5.4.35";
    private static final String PW_POLICY_EXTENSION;
    private static final String ADS_BASE_CLASS = "ads-base";
    private static final String PW_POLICY_CLASS;
    private static String[] PWPOLICY_OBJ_CLASS;
    private static final String PW_PWD_ID;
    private static final String PW_MIN_AGE;
    private static final String PW_MAX_AGE;
    private static final String PW_IN_HISTORY;
    private static final String PW_CHECK_QUALITY;
    private static final String PW_MIN_LENGTH;
    private static final String PW_EXPIRE_WARNING;
    private static final String PW_GRACE_LOGIN_LIMIT;
    private static final String PW_LOCKOUT;
    private static final String PW_LOCKOUT_DURATION;
    private static final String PW_MAX_FAILURE;
    private static final String PW_FAILURE_COUNT_INTERVAL;
    private static final String PW_MUST_CHANGE;
    private static final String PW_ALLOW_USER_CHANGE;
    private static final String PW_SAFE_MODIFY;
    private static final String PW_ATTRIBUTE;
    private static final String[] PASSWORD_POLICY_ATRS;
    private static final String[] PASSWORD_POLICY_NAME_ATR;

    /* JADX INFO: Access modifiers changed from: package-private */
    public PwPolicy create(PwPolicy pwPolicy) throws CreateException {
        LdapConnection ldapConnection = null;
        try {
            try {
                DefaultEntry defaultEntry = new DefaultEntry(getDn(pwPolicy));
                defaultEntry.add(SchemaConstants.OBJECT_CLASS_AT, PWPOLICY_OBJ_CLASS);
                defaultEntry.add(PW_PWD_ID, pwPolicy.getName());
                defaultEntry.add(PW_ATTRIBUTE, PW_POLICY_EXTENSION);
                if (pwPolicy.getMinAge() != null) {
                    defaultEntry.add(PW_MIN_AGE, pwPolicy.getMinAge().toString());
                }
                if (pwPolicy.getMaxAge() != null) {
                    defaultEntry.add(PW_MAX_AGE, pwPolicy.getMaxAge().toString());
                }
                if (pwPolicy.getInHistory() != null) {
                    defaultEntry.add(PW_IN_HISTORY, pwPolicy.getInHistory().toString());
                }
                if (pwPolicy.getCheckQuality() != null) {
                    defaultEntry.add(PW_CHECK_QUALITY, pwPolicy.getCheckQuality().toString());
                }
                if (pwPolicy.getMinLength() != null) {
                    defaultEntry.add(PW_MIN_LENGTH, pwPolicy.getMinLength().toString());
                }
                if (pwPolicy.getExpireWarning() != null) {
                    defaultEntry.add(PW_EXPIRE_WARNING, pwPolicy.getExpireWarning().toString());
                }
                if (pwPolicy.getGraceLoginLimit() != null) {
                    defaultEntry.add(PW_GRACE_LOGIN_LIMIT, pwPolicy.getGraceLoginLimit().toString());
                }
                if (pwPolicy.getLockout() != null) {
                    defaultEntry.add(PW_LOCKOUT, pwPolicy.getLockout().toString().toUpperCase());
                }
                if (pwPolicy.getLockoutDuration() != null) {
                    defaultEntry.add(PW_LOCKOUT_DURATION, pwPolicy.getLockoutDuration().toString());
                }
                if (pwPolicy.getMaxFailure() != null) {
                    defaultEntry.add(PW_MAX_FAILURE, pwPolicy.getMaxFailure().toString());
                }
                if (pwPolicy.getFailureCountInterval() != null) {
                    defaultEntry.add(PW_FAILURE_COUNT_INTERVAL, pwPolicy.getFailureCountInterval().toString());
                }
                if (pwPolicy.getMustChange() != null) {
                    defaultEntry.add(PW_MUST_CHANGE, pwPolicy.getMustChange().toString().toUpperCase());
                }
                if (pwPolicy.getAllowUserChange() != null) {
                    defaultEntry.add(PW_ALLOW_USER_CHANGE, pwPolicy.getAllowUserChange().toString().toUpperCase());
                }
                if (pwPolicy.getSafeModify() != null) {
                    defaultEntry.add(PW_SAFE_MODIFY, pwPolicy.getSafeModify().toString().toUpperCase());
                }
                ldapConnection = getAdminConnection();
                add(ldapConnection, defaultEntry, pwPolicy);
                closeAdminConnection(ldapConnection);
                return pwPolicy;
            } catch (LdapException e) {
                throw new CreateException(GlobalErrIds.PSWD_CREATE_FAILED, "create name [" + pwPolicy.getName() + "] caught LdapException=" + e, e);
            }
        } catch (Throwable th) {
            closeAdminConnection(ldapConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void update(PwPolicy pwPolicy) throws UpdateException {
        LdapConnection ldapConnection = null;
        String dn = getDn(pwPolicy);
        try {
            try {
                ArrayList arrayList = new ArrayList();
                if (pwPolicy.getMinAge() != null) {
                    arrayList.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, PW_MIN_AGE, pwPolicy.getMinAge().toString()));
                }
                if (pwPolicy.getMaxAge() != null) {
                    arrayList.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, PW_MAX_AGE, pwPolicy.getMaxAge().toString()));
                }
                if (pwPolicy.getInHistory() != null) {
                    arrayList.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, PW_IN_HISTORY, pwPolicy.getInHistory().toString()));
                }
                if (pwPolicy.getCheckQuality() != null) {
                    arrayList.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, PW_CHECK_QUALITY, pwPolicy.getCheckQuality().toString()));
                }
                if (pwPolicy.getMinLength() != null) {
                    arrayList.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, PW_MIN_LENGTH, pwPolicy.getMinLength().toString()));
                }
                if (pwPolicy.getExpireWarning() != null) {
                    arrayList.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, PW_EXPIRE_WARNING, pwPolicy.getExpireWarning().toString()));
                }
                if (pwPolicy.getGraceLoginLimit() != null) {
                    arrayList.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, PW_GRACE_LOGIN_LIMIT, pwPolicy.getGraceLoginLimit().toString()));
                }
                if (pwPolicy.getLockout() != null) {
                    arrayList.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, PW_LOCKOUT, pwPolicy.getLockout().toString().toUpperCase()));
                }
                if (pwPolicy.getLockoutDuration() != null) {
                    arrayList.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, PW_LOCKOUT_DURATION, pwPolicy.getLockoutDuration().toString()));
                }
                if (pwPolicy.getMaxFailure() != null) {
                    arrayList.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, PW_MAX_FAILURE, pwPolicy.getMaxFailure().toString()));
                }
                if (pwPolicy.getFailureCountInterval() != null) {
                    arrayList.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, PW_FAILURE_COUNT_INTERVAL, pwPolicy.getFailureCountInterval().toString()));
                }
                if (pwPolicy.getMustChange() != null) {
                    arrayList.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, PW_MUST_CHANGE, pwPolicy.getMustChange().toString().toUpperCase()));
                }
                if (pwPolicy.getAllowUserChange() != null) {
                    arrayList.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, PW_ALLOW_USER_CHANGE, pwPolicy.getAllowUserChange().toString().toUpperCase()));
                }
                if (pwPolicy.getSafeModify() != null) {
                    arrayList.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, PW_SAFE_MODIFY, pwPolicy.getSafeModify().toString().toUpperCase()));
                }
                if (arrayList != null && arrayList.size() > 0) {
                    ldapConnection = getAdminConnection();
                    modify(ldapConnection, dn, arrayList, pwPolicy);
                }
            } catch (LdapException e) {
                throw new UpdateException(GlobalErrIds.PSWD_UPDATE_FAILED, "update name [" + pwPolicy.getName() + "] caught LdapException=" + e, e);
            }
        } finally {
            closeAdminConnection(ldapConnection);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void remove(PwPolicy pwPolicy) throws RemoveException {
        LdapConnection ldapConnection = null;
        String dn = getDn(pwPolicy);
        try {
            try {
                ldapConnection = getAdminConnection();
                delete(ldapConnection, dn, pwPolicy);
                closeAdminConnection(ldapConnection);
            } catch (LdapException e) {
                throw new RemoveException(GlobalErrIds.PSWD_DELETE_FAILED, "remove name [" + pwPolicy.getName() + "] caught LdapException=" + e, e);
            }
        } catch (Throwable th) {
            closeAdminConnection(ldapConnection);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public PwPolicy getPolicy(PwPolicy pwPolicy) throws FinderException {
        LdapConnection ldapConnection = null;
        String dn = getDn(pwPolicy);
        try {
            try {
                try {
                    ldapConnection = getAdminConnection();
                    PwPolicy unloadLdapEntry = unloadLdapEntry(read(ldapConnection, dn, PASSWORD_POLICY_ATRS), 0L);
                    closeAdminConnection(ldapConnection);
                    return unloadLdapEntry;
                } catch (LdapNoSuchObjectException e) {
                    throw new FinderException(GlobalErrIds.PSWD_NOT_FOUND, "getPolicy Obj COULD NOT FIND ENTRY for dn [" + dn + "]");
                }
            } catch (LdapException e2) {
                throw new FinderException(4000, "getPolicy name [" + pwPolicy.getName() + "] caught LdapException=" + e2, e2);
            }
        } catch (Throwable th) {
            closeAdminConnection(ldapConnection);
            throw th;
        }
    }

    private PwPolicy unloadLdapEntry(Entry entry, long j) throws LdapInvalidAttributeValueException {
        PwPolicy createPswdPolicy = new ObjectFactory().createPswdPolicy();
        createPswdPolicy.setSequenceId(j);
        createPswdPolicy.setName(getAttribute(entry, PW_PWD_ID));
        String attribute = getAttribute(entry, PW_MIN_AGE);
        if (StringUtils.isNotEmpty(attribute)) {
            createPswdPolicy.setMinAge(Integer.valueOf(attribute));
        }
        String attribute2 = getAttribute(entry, PW_MAX_AGE);
        if (StringUtils.isNotEmpty(attribute2)) {
            createPswdPolicy.setMaxAge(Long.valueOf(attribute2));
        }
        String attribute3 = getAttribute(entry, PW_IN_HISTORY);
        if (StringUtils.isNotEmpty(attribute3)) {
            createPswdPolicy.setInHistory(Short.valueOf(attribute3));
        }
        String attribute4 = getAttribute(entry, PW_CHECK_QUALITY);
        if (StringUtils.isNotEmpty(attribute4)) {
            createPswdPolicy.setCheckQuality(Short.valueOf(attribute4));
        }
        String attribute5 = getAttribute(entry, PW_MIN_LENGTH);
        if (StringUtils.isNotEmpty(attribute5)) {
            createPswdPolicy.setMinLength(Short.valueOf(attribute5));
        }
        String attribute6 = getAttribute(entry, PW_EXPIRE_WARNING);
        if (StringUtils.isNotEmpty(attribute6)) {
            createPswdPolicy.setExpireWarning(Long.valueOf(attribute6));
        }
        String attribute7 = getAttribute(entry, PW_GRACE_LOGIN_LIMIT);
        if (StringUtils.isNotEmpty(attribute7)) {
            createPswdPolicy.setGraceLoginLimit(Short.valueOf(attribute7));
        }
        String attribute8 = getAttribute(entry, PW_LOCKOUT);
        if (StringUtils.isNotEmpty(attribute8)) {
            createPswdPolicy.setLockout(Boolean.valueOf(attribute8));
        }
        String attribute9 = getAttribute(entry, PW_LOCKOUT_DURATION);
        if (StringUtils.isNotEmpty(attribute9)) {
            createPswdPolicy.setLockoutDuration(Integer.valueOf(attribute9));
        }
        String attribute10 = getAttribute(entry, PW_MAX_FAILURE);
        if (StringUtils.isNotEmpty(attribute10)) {
            createPswdPolicy.setMaxFailure(Short.valueOf(attribute10));
        }
        String attribute11 = getAttribute(entry, PW_FAILURE_COUNT_INTERVAL);
        if (StringUtils.isNotEmpty(attribute11)) {
            createPswdPolicy.setFailureCountInterval(Short.valueOf(attribute11));
        }
        String attribute12 = getAttribute(entry, PW_MUST_CHANGE);
        if (StringUtils.isNotEmpty(attribute12)) {
            createPswdPolicy.setMustChange(Boolean.valueOf(attribute12));
        }
        String attribute13 = getAttribute(entry, PW_ALLOW_USER_CHANGE);
        if (StringUtils.isNotEmpty(attribute13)) {
            createPswdPolicy.setAllowUserChange(Boolean.valueOf(attribute13));
        }
        String attribute14 = getAttribute(entry, PW_SAFE_MODIFY);
        if (StringUtils.isNotEmpty(attribute14)) {
            createPswdPolicy.setSafeModify(Boolean.valueOf(attribute14));
        }
        return createPswdPolicy;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r3v4, types: [long, org.apache.directory.api.ldap.model.entry.Entry] */
    public List<PwPolicy> findPolicy(PwPolicy pwPolicy) throws FinderException {
        ArrayList arrayList = new ArrayList();
        String policyRoot = getPolicyRoot(pwPolicy.getContextId());
        try {
            try {
                String encodeSafeText = encodeSafeText(pwPolicy.getName(), 40);
                String str = "(&(objectClass=" + PW_POLICY_CLASS + ")(" + PW_PWD_ID + "=" + encodeSafeText + "*))";
                LdapConnection adminConnection = getAdminConnection();
                try {
                    SearchCursor search = search(adminConnection, policyRoot, SearchScope.ONELEVEL, str, PASSWORD_POLICY_ATRS, false, Config.getInstance().getInt(GlobalIds.CONFIG_LDAP_MAX_BATCH_SIZE, 1000));
                    long j = 0;
                    while (search.next()) {
                        try {
                            search.getEntry();
                            ?? r3 = j;
                            j = r3 + 1;
                            arrayList.add(unloadLdapEntry(r3, r3));
                        } catch (Throwable th) {
                            if (search != null) {
                                try {
                                    search.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            }
                            throw th;
                        }
                    }
                    if (search != null) {
                        search.close();
                    }
                    closeAdminConnection(adminConnection);
                    return arrayList;
                } catch (IOException e) {
                    throw new FinderException(GlobalErrIds.PSWD_SEARCH_FAILED, "findPolicy name [" + encodeSafeText + "] caught IOException=" + e.getMessage(), e);
                } catch (CursorException e2) {
                    throw new FinderException(GlobalErrIds.PSWD_SEARCH_FAILED, "findPolicy name [" + encodeSafeText + "] caught CursorException=" + e2.getMessage(), e2);
                }
            } catch (LdapException e3) {
                throw new FinderException(GlobalErrIds.PSWD_SEARCH_FAILED, "findPolicy name [" + 0 + "] caught LdapException=" + e3, e3);
            }
        } catch (Throwable th3) {
            closeAdminConnection(null);
            throw th3;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Set<String> getPolicies(String str) throws FinderException {
        TreeSet treeSet = new TreeSet(String.CASE_INSENSITIVE_ORDER);
        String policyRoot = getPolicyRoot(str);
        try {
            try {
                String str2 = "(objectclass=" + PW_POLICY_CLASS + ")";
                LdapConnection adminConnection = getAdminConnection();
                try {
                    SearchCursor search = search(adminConnection, policyRoot, SearchScope.ONELEVEL, str2, PASSWORD_POLICY_NAME_ATR, false, Config.getInstance().getInt(GlobalIds.CONFIG_LDAP_MAX_BATCH_SIZE, 1000));
                    while (search.next()) {
                        try {
                            treeSet.add(getAttribute(search.getEntry(), PW_PWD_ID));
                        } catch (Throwable th) {
                            if (search != null) {
                                try {
                                    search.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            }
                            throw th;
                        }
                    }
                    if (search != null) {
                        search.close();
                    }
                    closeAdminConnection(adminConnection);
                    return treeSet;
                } catch (IOException e) {
                    throw new FinderException(GlobalErrIds.PSWD_SEARCH_FAILED, "getPolicies caught IOException=" + e.getMessage(), e);
                } catch (CursorException e2) {
                    throw new FinderException(GlobalErrIds.PSWD_SEARCH_FAILED, "getPolicies caught CursorException=" + e2.getMessage(), e2);
                }
            } catch (LdapException e3) {
                throw new FinderException(GlobalErrIds.PSWD_SEARCH_FAILED, "getPolicies caught LdapException=" + e3, e3);
            }
        } catch (Throwable th3) {
            closeAdminConnection(null);
            throw th3;
        }
    }

    private String getDn(PwPolicy pwPolicy) {
        return PW_PWD_ID + "=" + pwPolicy.getName() + "," + getPolicyRoot(pwPolicy.getContextId());
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String getPolicyDn(User user) {
        return PW_PWD_ID + "=" + user.getPwPolicy() + "," + getPolicyRoot(user.getContextId());
    }

    private static String getPolicyRoot(String str) {
        return Config.getInstance().isApacheds() ? getRootDn(str, GlobalIds.ADS_PPOLICY_ROOT) : getRootDn(str, GlobalIds.PPOLICY_ROOT);
    }

    static {
        PW_POLICY_EXTENSION = Config.getInstance().isOpenldap() ? "2.5.4.35" : SchemaConstants.USER_PASSWORD_AT;
        PW_POLICY_CLASS = Config.getInstance().isOpenldap() ? "pwdPolicy" : "ads-passwordPolicy";
        PWPOLICY_OBJ_CLASS = Config.getInstance().isOpenldap() ? new String[]{SchemaConstants.TOP_OC, SchemaConstants.DEVICE_OC, PW_POLICY_CLASS, GlobalIds.FT_MODIFIER_AUX_OBJECT_CLASS_NAME} : new String[]{SchemaConstants.TOP_OC, ADS_BASE_CLASS, PW_POLICY_CLASS, GlobalIds.FT_MODIFIER_AUX_OBJECT_CLASS_NAME};
        PW_PWD_ID = Config.getInstance().isOpenldap() ? "cn" : "ads-pwdid";
        PW_MIN_AGE = Config.getInstance().isOpenldap() ? "pwdMinAge" : "ads-pwdMinAge";
        PW_MAX_AGE = Config.getInstance().isOpenldap() ? "pwdMaxAge" : "ads-pwdMaxAge";
        PW_IN_HISTORY = Config.getInstance().isOpenldap() ? "pwdInHistory" : "ads-pwdInHistory";
        PW_CHECK_QUALITY = Config.getInstance().isOpenldap() ? "pwdCheckQuality" : "ads-pwdCheckQuality";
        PW_MIN_LENGTH = Config.getInstance().isOpenldap() ? "pwdMinLength" : "ads-pwdMinLength";
        PW_EXPIRE_WARNING = Config.getInstance().isOpenldap() ? "pwdExpireWarning" : "ads-pwdExpireWarning";
        PW_GRACE_LOGIN_LIMIT = Config.getInstance().isOpenldap() ? "pwdGraceAuthNLimit" : "ads-pwdGraceAuthNLimit";
        PW_LOCKOUT = Config.getInstance().isOpenldap() ? "pwdLockout" : "ads-pwdLockout";
        PW_LOCKOUT_DURATION = Config.getInstance().isOpenldap() ? "pwdLockoutDuration" : "ads-pwdLockoutDuration";
        PW_MAX_FAILURE = Config.getInstance().isOpenldap() ? "pwdMaxFailure" : "ads-pwdMaxFailure";
        PW_FAILURE_COUNT_INTERVAL = Config.getInstance().isOpenldap() ? "pwdFailureCountInterval" : "ads-pwdFailureCountInterval";
        PW_MUST_CHANGE = Config.getInstance().isOpenldap() ? "pwdMustChange" : "ads-pwdMustChange";
        PW_ALLOW_USER_CHANGE = Config.getInstance().isOpenldap() ? "pwdAllowUserChange" : "ads-pwdAllowUserChange";
        PW_SAFE_MODIFY = Config.getInstance().isOpenldap() ? "pwdSafeModify" : "ads-pwdSafeModify";
        PW_ATTRIBUTE = Config.getInstance().isOpenldap() ? "pwdAttribute" : "ads-pwdAttribute";
        PASSWORD_POLICY_ATRS = new String[]{PW_PWD_ID, PW_MIN_AGE, PW_MAX_AGE, PW_IN_HISTORY, PW_CHECK_QUALITY, PW_MIN_LENGTH, PW_EXPIRE_WARNING, PW_GRACE_LOGIN_LIMIT, PW_LOCKOUT, PW_LOCKOUT_DURATION, PW_MAX_FAILURE, PW_FAILURE_COUNT_INTERVAL, PW_MUST_CHANGE, PW_ALLOW_USER_CHANGE, PW_SAFE_MODIFY};
        PASSWORD_POLICY_NAME_ATR = new String[]{PW_PWD_ID};
    }
}
