package com.apusic.security;

import com.apusic.deploy.runtime.Tags;
import com.apusic.security.auth.login.PasswordCredential;
import com.apusic.security.config.RealmConfig;
import com.apusic.security.realm.AuthenticationProvider;
import com.apusic.security.realm.InitialException;
import java.security.Principal;
import netscape.ldap.LDAPConnection;
import netscape.ldap.LDAPEntry;
import netscape.ldap.LDAPException;
import netscape.ldap.LDAPSearchResults;
import netscape.ldap.util.ConnectionPool;

/* loaded from: input_file:com/apusic/security/LdapAuthenticationProviderImpl.class */
public class LdapAuthenticationProviderImpl implements AuthenticationProvider {
    private ConnectionPool pool;
    private String searchBaseDN;
    private String userField;
    private String passwordField;
    private int min = 5;
    private int max = 30;
    private String realmName;

    @Override // com.apusic.security.realm.AuthenticationProvider
    public Principal authenticate(Object obj, Object obj2) {
        LDAPEntry user = getUser((String) obj);
        if (user == null) {
            return null;
        }
        String str = new String(((PasswordCredential) obj2).getPassword());
        String[] stringValueArray = user.getAttribute(this.passwordField).getStringValueArray();
        if (stringValueArray == null || stringValueArray.length == 0 || !str.equals(stringValueArray[0])) {
            return null;
        }
        return new PrincipalImpl((String) obj, this.realmName);
    }

    @Override // com.apusic.security.realm.AuthenticationProvider
    public Principal authenticate(Object obj, Object obj2, byte[] bArr) {
        return null;
    }

    private LDAPEntry getUser(String str) {
        if (str.indexOf(64) != -1) {
            str = str.substring(0, str.indexOf(64));
        }
        LDAPConnection connection = this.pool.getConnection();
        try {
            try {
                LDAPSearchResults search = connection.search(this.searchBaseDN, 2, "(" + this.userField + "=" + str + ")", new String[0], false);
                if (!search.hasMoreElements()) {
                    throw new LDAPException("No Such Object:" + str, 32);
                }
                LDAPEntry next = search.next();
                if (connection != null) {
                    try {
                        this.pool.close(connection);
                    } catch (Exception e) {
                    }
                }
                return next;
            } catch (Throwable th) {
                if (connection != null) {
                    try {
                        this.pool.close(connection);
                    } catch (Exception e2) {
                        throw th;
                    }
                }
                throw th;
            }
        } catch (LDAPException e3) {
            e3.printStackTrace();
            if (connection != null) {
                try {
                    this.pool.close(connection);
                } catch (Exception e4) {
                    return null;
                }
            }
            return null;
        }
    }

    @Override // com.apusic.security.realm.AuthenticationProvider
    public void init(String str, RealmConfig realmConfig) throws InitialException {
        this.realmName = str;
        String providerProperty = realmConfig.getProviderProperty("min_connections");
        String providerProperty2 = realmConfig.getProviderProperty("max_connections");
        if (providerProperty != null) {
            this.min = Integer.parseInt(providerProperty);
        }
        if (providerProperty2 != null) {
            this.max = Integer.parseInt(providerProperty2);
        }
        String providerProperty3 = realmConfig.getProviderProperty("host");
        int parseInt = Integer.parseInt(realmConfig.getProviderProperty("port"));
        String providerProperty4 = realmConfig.getProviderProperty("rootDN");
        String providerProperty5 = realmConfig.getProviderProperty(Tags.PASSWORD);
        this.searchBaseDN = realmConfig.getProviderProperty("searchBaseDN");
        this.userField = realmConfig.getProviderProperty("userField");
        this.passwordField = realmConfig.getProviderProperty(com.apusic.security.config.Tags.PWD_FIELD_RDBMS);
        try {
            this.pool = new ConnectionPool(this.min, this.max, providerProperty3, parseInt, providerProperty4, providerProperty5);
        } catch (LDAPException e) {
            throw new InitialException((Throwable) e);
        }
    }

    @Override // com.apusic.security.realm.AuthenticationProvider
    public void destroy() {
        this.pool.destroy();
    }

    @Override // com.apusic.security.realm.AuthenticationProvider
    public Object findUser(String str) {
        LDAPEntry user = getUser(str);
        if (user == null) {
            return null;
        }
        String[] stringValueArray = user.getAttribute(this.passwordField).getStringValueArray();
        if (stringValueArray == null || stringValueArray.length == 0) {
            new Password("");
        }
        return new User(str, new Password(stringValueArray[0]));
    }
}
