package com.rplp.alfresco.repo.security;

import java.io.UnsupportedEncodingException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import javax.naming.AuthenticationException;
import javax.naming.NamingException;
import javax.naming.directory.BasicAttribute;
import javax.naming.directory.DirContext;
import javax.naming.directory.ModificationItem;
import javax.naming.ldap.Control;
import javax.naming.ldap.LdapContext;
import org.alfresco.error.AlfrescoRuntimeException;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.ldap.core.ContextExecutor;
import org.springframework.ldap.core.ContextSource;
import org.springframework.ldap.core.DistinguishedName;
import org.springframework.ldap.core.LdapTemplate;
import org.springframework.security.crypto.codec.Base64;
import org.springframework.security.ldap.LdapUsernameToDnMapper;
import org.springframework.security.ldap.LdapUtils;
import org.springframework.util.Assert;

/* loaded from: input_file:com/rplp/alfresco/repo/security/LdapChangeUserServiceImpl.class */
public class LdapChangeUserServiceImpl implements LdapChangeUserService, InitializingBean {
    private static final Log logger = LogFactory.getLog(LdapChangeUserServiceImpl.class);
    private LdapTemplate ldapTemplate;
    private ContextSource contextSource;
    private String passwordAttributeName;
    private LdapUsernameToDnMapper usernameMapper;

    @Override // com.rplp.alfresco.repo.security.LdapChangeUserService
    public void changePassword(String str, final String str2, String str3) {
        logger.debug("Changing password for user " + str);
        try {
            String hashMD5Password = hashMD5Password(str3);
            final DistinguishedName buildDn = this.usernameMapper.buildDn(str);
            final ModificationItem[] modificationItemArr = {new ModificationItem(2, new BasicAttribute(this.passwordAttributeName, hashMD5Password))};
            if (str2 != null) {
                this.ldapTemplate.executeReadWrite(new ContextExecutor() { // from class: com.rplp.alfresco.repo.security.LdapChangeUserServiceImpl.1
                    public Object executeWithContext(DirContext dirContext) throws NamingException {
                        LdapContext ldapContext = (LdapContext) dirContext;
                        ldapContext.removeFromEnvironment("com.sun.jndi.ldap.connect.pool");
                        ldapContext.addToEnvironment("java.naming.security.principal", LdapUtils.getFullDn(buildDn, ldapContext).toString());
                        ldapContext.addToEnvironment("java.naming.security.credentials", str2);
                        try {
                            ldapContext.reconnect((Control[]) null);
                            ldapContext.modifyAttributes(buildDn, modificationItemArr);
                            return null;
                        } catch (AuthenticationException e) {
                            LdapChangeUserServiceImpl.logger.error(e);
                            throw new org.alfresco.repo.security.authentication.AuthenticationException("Authentication for password change failed.");
                        }
                    }
                });
                return;
            }
            try {
                this.ldapTemplate.modifyAttributes(buildDn, modificationItemArr);
            } catch (Exception e) {
                logger.error(e);
                throw e;
            }
        } catch (UnsupportedEncodingException | NoSuchAlgorithmException e2) {
            logger.error(e2);
            throw new AlfrescoRuntimeException("Error hashing password", e2);
        }
    }

    private String hashMD5Password(String str) throws NoSuchAlgorithmException, UnsupportedEncodingException {
        MessageDigest messageDigest = MessageDigest.getInstance("MD5");
        messageDigest.update(str.getBytes("UTF8"));
        return "{MD5}" + new String(Base64.encode(messageDigest.digest()));
    }

    public void afterPropertiesSet() throws Exception {
        Assert.notNull(this.contextSource, "You have to provide an instance of ContextSource");
        Assert.notNull(this.usernameMapper);
        Assert.notNull(this.passwordAttributeName);
        this.ldapTemplate = new LdapTemplate(this.contextSource);
    }

    public void setUsernameMapper(LdapUsernameToDnMapper ldapUsernameToDnMapper) {
        this.usernameMapper = ldapUsernameToDnMapper;
    }

    public void setContextSource(ContextSource contextSource) {
        this.contextSource = contextSource;
    }

    public void setLdapTemplate(LdapTemplate ldapTemplate) {
        this.ldapTemplate = ldapTemplate;
    }

    public void setPasswordAttributeName(String str) {
        this.passwordAttributeName = str;
    }
}
