package org.redpill.alfresco.ldap.service.impl;

import java.io.UnsupportedEncodingException;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import javax.naming.AuthenticationException;
import javax.naming.NamingException;
import javax.naming.directory.BasicAttribute;
import javax.naming.directory.BasicAttributes;
import javax.naming.directory.DirContext;
import javax.naming.directory.ModificationItem;
import javax.naming.ldap.Control;
import javax.naming.ldap.LdapContext;
import org.alfresco.error.AlfrescoRuntimeException;
import org.apache.log4j.Logger;
import org.redpill.alfresco.ldap.service.LdapUserService;
import org.redpill.alfresco.ldap.util.LdapServiceUtils;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.ldap.core.ContextExecutor;
import org.springframework.ldap.core.ContextSource;
import org.springframework.ldap.core.DistinguishedName;
import org.springframework.ldap.core.LdapTemplate;
import org.springframework.security.ldap.LdapUsernameToDnMapper;
import org.springframework.security.ldap.LdapUtils;
import org.springframework.util.Assert;

/* loaded from: input_file:org/redpill/alfresco/ldap/service/impl/LdapUserServiceImpl.class */
public class LdapUserServiceImpl implements LdapUserService, InitializingBean {
    private static final Logger logger = Logger.getLogger(LdapUserServiceImpl.class);
    private LdapTemplate ldapTemplate;
    private ContextSource contextSource;
    private String passwordAttributeName;
    private String[] objectClasses;
    private String userIdAttributeName;
    private String givenNameAttributeName;
    private String cnAttributeName;
    private String snAttributeName;
    private String mailAttributeName;
    private LdapUsernameToDnMapper usernameMapper;

    @Override // org.redpill.alfresco.ldap.service.LdapUserService
    public void changePassword(String str, String str2, String str3) {
        logger.debug("Changing password for user " + str);
        try {
            executeUpdate(str, str2, new ModificationItem[]{new ModificationItem(2, new BasicAttribute(this.passwordAttributeName, LdapServiceUtils.hashMD5Password(str3)))});
        } catch (UnsupportedEncodingException | NoSuchAlgorithmException e) {
            logger.error(e);
            throw new AlfrescoRuntimeException("Error hashing password", e);
        }
    }

    @Override // org.redpill.alfresco.ldap.service.LdapUserService
    public void createUser(String str, String str2, String str3, String str4, String str5) {
        logger.debug("Creating user " + str);
        try {
            String hashMD5Password = LdapServiceUtils.hashMD5Password(str2);
            BasicAttributes basicAttributes = new BasicAttributes();
            BasicAttribute basicAttribute = new BasicAttribute("objectclass");
            for (String str6 : this.objectClasses) {
                basicAttribute.add(str6);
            }
            basicAttributes.put(basicAttribute);
            basicAttributes.put(this.userIdAttributeName, str);
            basicAttributes.put(this.givenNameAttributeName, str4);
            basicAttributes.put(this.cnAttributeName, str4);
            basicAttributes.put(this.snAttributeName, str5);
            basicAttributes.put(this.passwordAttributeName, hashMD5Password);
            basicAttributes.put(this.mailAttributeName, str3);
            this.ldapTemplate.bind(this.usernameMapper.buildDn(str), (Object) null, basicAttributes);
        } catch (UnsupportedEncodingException | NoSuchAlgorithmException e) {
            logger.error(e);
            throw new AlfrescoRuntimeException("Error hashing password", e);
        }
    }

    @Override // org.redpill.alfresco.ldap.service.LdapUserService
    public void editUser(String str, String str2, String str3, String str4, String str5, String str6) {
        logger.debug("Editing user " + str);
        ArrayList arrayList = new ArrayList();
        if (str3 != null) {
            try {
                arrayList.add(new ModificationItem(2, new BasicAttribute(this.passwordAttributeName, LdapServiceUtils.hashMD5Password(str3))));
            } catch (UnsupportedEncodingException | NoSuchAlgorithmException e) {
                logger.error(e);
                throw new AlfrescoRuntimeException("Error hashing password", e);
            }
        }
        if (str4 != null) {
            arrayList.add(new ModificationItem(2, new BasicAttribute(this.mailAttributeName, str4)));
        }
        if (str5 != null) {
            arrayList.add(new ModificationItem(2, new BasicAttribute(this.givenNameAttributeName, str5)));
            arrayList.add(new ModificationItem(2, new BasicAttribute(this.cnAttributeName, str5)));
        }
        if (str6 != null) {
            arrayList.add(new ModificationItem(2, new BasicAttribute(this.snAttributeName, str6)));
        }
        executeUpdate(str, str2, (ModificationItem[]) arrayList.toArray(new ModificationItem[0]));
    }

    protected void executeUpdate(String str, final String str2, final ModificationItem[] modificationItemArr) {
        final DistinguishedName buildDn = this.usernameMapper.buildDn(str);
        if (str2 != null) {
            this.ldapTemplate.executeReadWrite(new ContextExecutor() { // from class: org.redpill.alfresco.ldap.service.impl.LdapUserServiceImpl.1
                public Object executeWithContext(DirContext dirContext) throws NamingException {
                    LdapContext ldapContext = (LdapContext) dirContext;
                    ldapContext.removeFromEnvironment("com.sun.jndi.ldap.connect.pool");
                    String distinguishedName = LdapUtils.getFullDn(buildDn, ldapContext).toString();
                    LdapUserServiceImpl.logger.trace("Trying to connect with DN: " + distinguishedName);
                    ldapContext.addToEnvironment("java.naming.security.principal", distinguishedName);
                    ldapContext.addToEnvironment("java.naming.security.credentials", str2);
                    try {
                        ldapContext.reconnect((Control[]) null);
                        ldapContext.modifyAttributes(buildDn, modificationItemArr);
                        return null;
                    } catch (AuthenticationException e) {
                        LdapUserServiceImpl.logger.error(e);
                        throw new org.alfresco.repo.security.authentication.AuthenticationException("Authentication for password change failed.");
                    }
                }
            });
            return;
        }
        try {
            this.ldapTemplate.modifyAttributes(buildDn, modificationItemArr);
        } catch (Exception e) {
            logger.error(e);
            throw e;
        }
    }

    @Override // org.redpill.alfresco.ldap.service.LdapUserService
    public void deleteUser(String str) {
        logger.debug("Deleting user " + str);
        this.ldapTemplate.unbind(this.usernameMapper.buildDn(str));
    }

    public void afterPropertiesSet() throws Exception {
        Assert.notNull(this.contextSource, "You have to provide an instance of ContextSource");
        Assert.notNull(this.usernameMapper);
        Assert.notNull(this.passwordAttributeName);
        Assert.notNull(this.cnAttributeName);
        Assert.notNull(this.givenNameAttributeName);
        Assert.notNull(this.mailAttributeName);
        Assert.notNull(this.snAttributeName);
        Assert.notNull(this.userIdAttributeName);
        Assert.notNull(this.objectClasses);
        Assert.notEmpty(this.objectClasses);
        this.ldapTemplate = new LdapTemplate(this.contextSource);
        logger.info("Initalized" + getClass().getName());
    }

    public void setUsernameMapper(LdapUsernameToDnMapper ldapUsernameToDnMapper) {
        this.usernameMapper = ldapUsernameToDnMapper;
    }

    public void setContextSource(ContextSource contextSource) {
        this.contextSource = contextSource;
    }

    public void setPasswordAttributeName(String str) {
        this.passwordAttributeName = str;
    }

    public void setObjectClasses(String str) {
        String[] split = str.split(",");
        for (int i = 0; i < split.length; i++) {
            split[i] = split[i].trim();
        }
        this.objectClasses = split;
    }

    public void setGivenNameAttributeName(String str) {
        this.givenNameAttributeName = str;
    }

    public void setSnAttributeName(String str) {
        this.snAttributeName = str;
    }

    public void setMailAttributeName(String str) {
        this.mailAttributeName = str;
    }

    public void setCnAttributeName(String str) {
        this.cnAttributeName = str;
    }

    public void setUserIdAttributeName(String str) {
        this.userIdAttributeName = str;
    }
}
