package weblogic.security.ldaprealmv2;

import com.oroinc.text.regex.MalformedPatternException;
import com.oroinc.text.regex.Pattern;
import com.oroinc.text.regex.PatternMatcherInput;
import com.oroinc.text.regex.Perl5Compiler;
import com.oroinc.text.regex.Perl5Matcher;
import java.io.IOException;
import java.lang.reflect.InvocationTargetException;
import java.net.Socket;
import java.security.acl.Group;
import java.util.Enumeration;
import java.util.Properties;
import java.util.Stack;
import java.util.Vector;
import javafx.fxml.FXMLLoader;
import javax.net.ssl.SSLSocket;
import netscape.ldap.LDAPAttribute;
import netscape.ldap.LDAPCache;
import netscape.ldap.LDAPConnection;
import netscape.ldap.LDAPDN;
import netscape.ldap.LDAPEntry;
import netscape.ldap.LDAPException;
import netscape.ldap.LDAPSearchConstraints;
import netscape.ldap.LDAPSearchResults;
import netscape.ldap.LDAPSocketFactory;
import netscape.ldap.LDAPv3;
import netscape.ldap.client.opers.JDAPSearchRequest;
import weblogic.ejb20.cmp.rdbms.RDBMSUtils;
import weblogic.logging.LogOutputStream;
import weblogic.management.configuration.CachingRealmMBean;
import weblogic.management.configuration.ConfigurationException;
import weblogic.management.configuration.CustomRealmMBean;
import weblogic.management.configuration.RealmMBean;
import weblogic.security.SSL.SSLSocketFactory;
import weblogic.security.utils.Factory;
import weblogic.security.utils.Pool;
import weblogic.security.utils.SSLContextManager;
import weblogic.security.utils.SignaturePredicate;
import weblogic.server.Server;
import weblogic.utils.enumerations.MappingEnumerator;
import weblogic.utils.enumerations.SequencingEnumerator;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:weblogic.jar:weblogic/security/ldaprealmv2/LDAPDelegate.class */
public class LDAPDelegate {
    private static final int LDAP_VERSION = 3;
    private static final int POOL_SIZE = 6;
    private static final String LDAP_PREFIX = "";
    private static final int DEFAULT_SSL_PORT = 636;
    private static final int DEFAULT_CACHE_TTL = 60;
    private static final int DEFAULT_CACHE_SIZE = 32;
    private static final int MAX_RESULTS_ENUM = 100;
    private static boolean useSSL;
    private static String serverHost;
    private static int serverPort;
    private static int cacheTTL;
    private static int cacheSize;
    private static String serverPrincipal;
    private static String serverCredential;
    private static String[] userBaseDNs;
    private static int[] userScopes;
    private static String[] userFilters;
    private static String[][] userNameAttributes;
    private static LDAPSearchConstraints userConstraints;
    private static LDAPSearchConstraints getUserConstraints;
    private static String[] groupBaseDNs;
    private static int[] groupScopes;
    private static String[] groupFilters;
    private static String[][] groupNameAttributes;
    private static LDAPSearchConstraints groupConstraints;
    private static LDAPSearchConstraints getGroupConstraints;
    private static int[] memberScopes;
    private static String[] memberFilters;
    private static String[][] memberAttributes;
    private static boolean membershipSearch;
    private static int groupScopeDepth;
    private static LDAPSearchConstraints memberConstraints;
    private static boolean allowEnumeration;
    private Pool connPool = new Pool(new LDAPFactory(this), 6);
    private LDAPRealm owner;
    LogOutputStream log;
    private static final boolean membershipDebug = false;
    private static final String[] USER_ATTRS = {LDAPv3.NO_ATTRS};
    private static final String[] GROUP_ATTRS = {LDAPv3.NO_ATTRS};
    private static final String[] MEMBER_ATTRS = {LDAPv3.NO_ATTRS};
    private static boolean caseSensitive = true;
    static LDAPSocketFactory boxOfSocks = new FocketSactory();

    /* loaded from: input_file:weblogic.jar:weblogic/security/ldaprealmv2/LDAPDelegate$FocketSactory.class */
    static class FocketSactory implements LDAPSocketFactory {
        FocketSactory() {
        }

        @Override // netscape.ldap.LDAPSocketFactory
        public Socket makeSocket(String str, int i) throws LDAPException {
            try {
                Socket createSocket = SSLSocketFactory.getDefaultJSSE().createSocket(str, i);
                if (createSocket instanceof SSLSocket) {
                    SSLContextManager.getInstance().getDefaultSSLContext().forceHandshakeOnAcceptedSocket((SSLSocket) createSocket);
                }
                return createSocket;
            } catch (IOException e) {
                throw new LDAPException(e.getMessage(), 91);
            } catch (ConfigurationException e2) {
                throw new LDAPException(e2.getMessage(), 91);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:weblogic.jar:weblogic/security/ldaprealmv2/LDAPDelegate$GroupMangler.class */
    public class GroupMangler extends MappingEnumerator {
        String[] attrNames;
        private final LDAPDelegate this$0;

        GroupMangler(LDAPDelegate lDAPDelegate, String[] strArr, Enumeration enumeration) {
            super(enumeration);
            this.this$0 = lDAPDelegate;
            this.attrNames = strArr;
        }

        @Override // weblogic.utils.enumerations.MappingEnumerator
        protected Object map(Object obj) {
            if (obj instanceof LDAPEntry) {
                LDAPEntry lDAPEntry = (LDAPEntry) obj;
                String dn = lDAPEntry.getDN();
                for (int i = 0; i < this.attrNames.length; i++) {
                    LDAPAttribute attribute = lDAPEntry.getAttribute(this.attrNames[i]);
                    if (attribute != null) {
                        return new LDAPGroup(attribute.getStringValueArray()[0], dn, this.this$0, this.this$0.owner);
                    }
                }
            } else if (obj instanceof Exception) {
                this.this$0.handleException((Exception) obj);
            }
            throw new LDAPRealmException(new StringBuffer().append("ClassCastException: received a ").append(obj.getClass().getName()).append("[").append(obj.toString()).append("]").append(", expected a netscape.ldap.LDAPEntry").toString());
        }
    }

    /* loaded from: input_file:weblogic.jar:weblogic/security/ldaprealmv2/LDAPDelegate$LDAPFactory.class */
    class LDAPFactory implements Factory {
        private final LDAPDelegate this$0;

        LDAPFactory(LDAPDelegate lDAPDelegate) {
            this.this$0 = lDAPDelegate;
        }

        @Override // weblogic.security.utils.Factory
        public Object newInstance() throws InvocationTargetException {
            try {
                if (this.this$0.log != null) {
                    this.this$0.log.debug("new LDAP connection");
                }
                LDAPConnection lDAPConnection = LDAPDelegate.useSSL ? new LDAPConnection(LDAPDelegate.boxOfSocks) : new LDAPConnection();
                lDAPConnection.connect(LDAPDelegate.serverHost, LDAPDelegate.serverPort);
                lDAPConnection.bind(3, LDAPDelegate.serverPrincipal, LDAPDelegate.serverCredential);
                if (LDAPDelegate.cacheTTL > 0 && LDAPDelegate.cacheSize > 0) {
                    lDAPConnection.setCache(new LDAPCache(LDAPDelegate.cacheTTL, LDAPDelegate.cacheSize * 1024));
                    if (this.this$0.log != null) {
                        this.this$0.log.debug(new StringBuffer().append("connection succeeded - cacheTTL ").append(LDAPDelegate.cacheTTL).append(", cacheSize ").append(LDAPDelegate.cacheSize * 1024).toString());
                    }
                } else if (this.this$0.log != null) {
                    this.this$0.log.debug("connection succeeded");
                }
                return lDAPConnection;
            } catch (LDAPException e) {
                throw new InvocationTargetException(e);
            }
        }

        @Override // weblogic.security.utils.Factory
        public void destroyInstance(Object obj) {
            try {
                if (this.this$0.log != null) {
                    this.this$0.log.debug("destroy LDAP connection");
                }
                ((LDAPConnection) obj).disconnect();
            } catch (LDAPException e) {
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:weblogic.jar:weblogic/security/ldaprealmv2/LDAPDelegate$UserMangler.class */
    public class UserMangler extends MappingEnumerator {
        String[] attrNames;
        private final LDAPDelegate this$0;

        UserMangler(LDAPDelegate lDAPDelegate, String[] strArr, Enumeration enumeration) {
            super(enumeration);
            this.this$0 = lDAPDelegate;
            this.attrNames = strArr;
        }

        @Override // weblogic.utils.enumerations.MappingEnumerator
        protected Object map(Object obj) {
            if (!(obj instanceof LDAPEntry)) {
                if (obj instanceof Exception) {
                    this.this$0.handleException((Exception) obj);
                }
                throw new LDAPRealmException(new StringBuffer().append("ClassCastException: received a ").append(obj.getClass().getName()).append("[").append(obj.toString()).append("]").append(", expected an netscape.ldap.LDAPEntry").toString());
            }
            String dn = ((LDAPEntry) obj).getDN();
            String attributeValue = this.this$0.getAttributeValue(this.attrNames[0], dn);
            if (attributeValue != null) {
                return new LDAPUser(attributeValue, dn, this.this$0.owner);
            }
            if (LDAPDelegate.membershipSearch) {
                return this.this$0.readDNForUser(dn);
            }
            return null;
        }
    }

    private static void setupProperties() {
        RealmMBean realm = Server.getSecurityConfig().getRealm();
        allowEnumeration = realm.isEnumerationAllowed();
        CachingRealmMBean cachingRealm = realm.getCachingRealm();
        caseSensitive = cachingRealm.getCacheCaseSensitive();
        CustomRealmMBean customRealmMBean = (CustomRealmMBean) cachingRealm.getBasicRealm();
        Properties configurationData = customRealmMBean.getConfigurationData();
        String property = configurationData.getProperty("server.alias");
        String stringBuffer = property == null ? "" : new StringBuffer().append(property).append(".").toString();
        serverHost = configurationData.getProperty(new StringBuffer().append(stringBuffer).append(weblogic.marathon.server.Server.PROP_SERVER_HOST).toString(), "ldapserver");
        useSSL = getBoolean(configurationData, new StringBuffer().append(stringBuffer).append("useSSL").toString(), false);
        serverPort = getInteger(configurationData, new StringBuffer().append(stringBuffer).append(weblogic.marathon.server.Server.PROP_SERVER_PORT).toString(), useSSL ? 636 : 389);
        cacheTTL = getInteger(configurationData, new StringBuffer().append(stringBuffer).append("cache.ttl").toString(), 60);
        cacheSize = getInteger(configurationData, new StringBuffer().append(stringBuffer).append("cache.size").toString(), 32);
        membershipSearch = getBoolean(configurationData, new StringBuffer().append(stringBuffer).append("membership.search").toString(), false);
        serverPrincipal = configurationData.getProperty(new StringBuffer().append(stringBuffer).append("server.principal").toString());
        serverCredential = customRealmMBean.getPassword();
        if (serverCredential == null) {
            serverCredential = configurationData.getProperty(new StringBuffer().append(stringBuffer).append("server.credential").toString());
        }
        String[] properties = getProperties(configurationData, new StringBuffer().append(stringBuffer).append("user.dn").toString());
        userBaseDNs = properties;
        if (properties.length == 0) {
            throw new LDAPRealmException("no base DNs specified for finding users!");
        }
        for (int i = 0; i < userBaseDNs.length; i++) {
            userBaseDNs[i] = LDAPDN.normalize(userBaseDNs[i]);
        }
        getProperties(configurationData, new StringBuffer().append(stringBuffer).append("user.scope").toString());
        String[] properties2 = getProperties(configurationData, new StringBuffer().append(stringBuffer).append("user.filter").toString());
        userFilters = properties2;
        if (properties2.length == 0) {
            throw new LDAPRealmException("no search filters specified for finding users!");
        }
        if (userFilters.length > 1 && userBaseDNs.length > 1 && userFilters.length != userBaseDNs.length) {
            throw new LDAPRealmException(new StringBuffer().append("number of user search filters (").append(userFilters.length).append(") does not match ").append("number of user base DNs (").append(userBaseDNs.length).append("), but both are > 1").toString());
        }
        userScopes = makeScopes("user", getProperties(configurationData, new StringBuffer().append(stringBuffer).append("user.scope").toString()));
        if (userFilters.length > 1 && userScopes.length > 1 && userFilters.length != userScopes.length) {
            throw new LDAPRealmException(new StringBuffer().append("number of user search filters (").append(userFilters.length).append(") does not match ").append("number of user search scopes (").append(userScopes.length).append("), but both are > 1").toString());
        }
        for (int i2 = 0; i2 < userFilters.length; i2++) {
            if (userFilters[i2].indexOf("%u") == -1) {
                throw new LDAPRealmException(new StringBuffer().append("user search filter ").append(i2 + 1).append(" doesn't contain a '%u' clause").toString());
            }
        }
        userNameAttributes = makeAttributes('u', userFilters);
        String[] properties3 = getProperties(configurationData, new StringBuffer().append(stringBuffer).append("group.dn").toString());
        groupBaseDNs = properties3;
        if (properties3.length == 0) {
            throw new LDAPRealmException("no base DNs specified for finding groups!");
        }
        for (int i3 = 0; i3 < groupBaseDNs.length; i3++) {
            groupBaseDNs[i3] = LDAPDN.normalize(groupBaseDNs[i3]);
        }
        String[] properties4 = getProperties(configurationData, new StringBuffer().append(stringBuffer).append("group.filter").toString());
        groupFilters = properties4;
        if (properties4.length == 0) {
            throw new LDAPRealmException("no search filters specified for finding groups!");
        }
        groupNameAttributes = makeAttributes('g', groupFilters);
        groupScopes = makeScopes(SignaturePredicate.GROUP_TYPE, getProperties(configurationData, new StringBuffer().append(stringBuffer).append("group.scope").toString()));
        if (groupFilters.length > 1 && groupScopes.length > 1 && groupFilters.length != groupScopes.length) {
            throw new LDAPRealmException(new StringBuffer().append("number of group search filters (").append(groupFilters.length).append(") does not match ").append("number of group search scopes (").append(groupScopes.length).append("), but both are > 1").toString());
        }
        if (groupFilters.length > 1 && groupBaseDNs.length > 1 && groupFilters.length != groupBaseDNs.length) {
            throw new LDAPRealmException(new StringBuffer().append("number of group search filters (").append(groupFilters.length).append(") does not match ").append("number of group base DNs (").append(groupBaseDNs.length).append("), but both are > 1").toString());
        }
        for (int i4 = 0; i4 < groupFilters.length; i4++) {
            if (groupFilters[i4].indexOf("%g") == -1) {
                throw new LDAPRealmException(new StringBuffer().append("group search filter ").append(i4 + 1).append(" doesn't contain a '%g' clause").toString());
            }
        }
        groupScopeDepth = getInteger(configurationData, new StringBuffer().append(stringBuffer).append("membership.scope.depth").toString(), -1);
        String[] properties5 = getProperties(configurationData, new StringBuffer().append(stringBuffer).append("membership.filter").toString());
        memberFilters = properties5;
        if (properties5.length == 0) {
            throw new LDAPRealmException("no search filters specified for finding group memberships!");
        }
        memberAttributes = makeAttributes('M', memberFilters);
        memberScopes = makeScopes("membership", getProperties(configurationData, new StringBuffer().append(stringBuffer).append("membership.scope").toString()));
        if (memberFilters.length > 1 && groupBaseDNs.length > 1 && memberFilters.length != groupBaseDNs.length) {
            throw new LDAPRealmException(new StringBuffer().append("number of membership search filters (").append(memberFilters.length).append(") does not match ").append("number of group base DNs (").append(groupBaseDNs.length).append("), but both are > 1").toString());
        }
        if (memberFilters.length > 1 && memberScopes.length > 1 && memberFilters.length != memberScopes.length) {
            throw new LDAPRealmException(new StringBuffer().append("number of membership search filters (").append(memberFilters.length).append(") does not match ").append("number of membership search scopes (").append(memberScopes.length).append("), but both are > 1").toString());
        }
        for (int i5 = 0; i5 < memberFilters.length; i5++) {
            if (memberFilters[i5].indexOf("%M") == -1 && memberFilters[i5].indexOf("%G") == -1) {
                throw new LDAPRealmException(new StringBuffer().append("membership search filter ").append(i5 + 1).append(" contains neither a '%M' nor a '%G' clause").toString());
            }
        }
    }

    private static int[] makeScopes(String str, String[] strArr) {
        int[] iArr;
        if (strArr.length > 0) {
            iArr = new int[strArr.length];
            for (int i = 0; i < strArr.length; i++) {
                String lowerCase = strArr[i].toLowerCase();
                if (lowerCase.startsWith("sub")) {
                    iArr[i] = 2;
                } else if (lowerCase.startsWith(RDBMSUtils.ONE)) {
                    iArr[i] = 1;
                } else {
                    if (!lowerCase.startsWith("base")) {
                        throw new LDAPRealmException(new StringBuffer().append(str).append(" search scope ").append(i + 1).append(" (").append(strArr[i]).append(")  not recognized").toString());
                    }
                    iArr[i] = 0;
                }
            }
        } else {
            iArr = new int[]{2};
        }
        return iArr;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v4, types: [java.lang.String[], java.lang.String[][]] */
    private static String[][] makeAttributes(char c, String[] strArr) {
        Perl5Compiler perl5Compiler = new Perl5Compiler();
        Perl5Matcher perl5Matcher = new Perl5Matcher();
        ?? r0 = new String[strArr.length];
        try {
            Pattern compile = perl5Compiler.compile(new StringBuffer().append("\\(\\s*(\\w+)\\s*[>~<=]+([^)]*%").append(c).append("[^)]*)\\)").toString());
            for (int i = 0; i < strArr.length; i++) {
                PatternMatcherInput patternMatcherInput = new PatternMatcherInput(strArr[i]);
                Vector vector = new Vector();
                while (perl5Matcher.contains(patternMatcherInput, compile)) {
                    vector.addElement(perl5Matcher.getMatch().group(1));
                }
                r0[i] = new String[vector.size()];
                vector.copyInto(r0[i]);
            }
            return r0;
        } catch (MalformedPatternException e) {
            throw new LDAPRealmException("internal LDAPRealm bug", e);
        }
    }

    private static String scopeToString(int i) {
        switch (i) {
            case 0:
                return "base DN only";
            case 1:
                return "base DN + 1";
            case 2:
                return "base DN & below";
            default:
                return "unknown or invalid scope";
        }
    }

    static int getInteger(Properties properties, String str, int i) {
        String property = properties.getProperty(str);
        return property == null ? i : Integer.parseInt(property);
    }

    static boolean getBoolean(Properties properties, String str, boolean z) {
        String property = properties.getProperty(str);
        return property == null ? z : Boolean.valueOf(property).booleanValue();
    }

    static String[] getProperties(Properties properties, String str) {
        Vector vector = new Vector();
        String property = properties.getProperty(str);
        if (property != null) {
            vector.addElement(property);
        }
        int i = 1;
        while (true) {
            String property2 = properties.getProperty(new StringBuffer().append(str).append(".").append(i).toString());
            if (property2 == null) {
                String[] strArr = new String[vector.size()];
                vector.copyInto(strArr);
                return strArr;
            }
            vector.addElement(property2);
            i++;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean getAllowEnumeration() {
        return allowEnumeration;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public LDAPDelegate(LDAPRealm lDAPRealm) {
        this.owner = lDAPRealm;
        this.log = lDAPRealm.log;
        setupProperties();
        userConstraints = new LDAPSearchConstraints();
        userConstraints.setMaxResults(1);
        groupConstraints = new LDAPSearchConstraints();
        groupConstraints.setMaxResults(1);
        getUserConstraints = new LDAPSearchConstraints();
        getUserConstraints.setMaxResults(0);
        getUserConstraints.setBatchSize(1);
        getGroupConstraints = new LDAPSearchConstraints();
        getGroupConstraints.setMaxResults(0);
        getGroupConstraints.setBatchSize(1);
        memberConstraints = new LDAPSearchConstraints();
        memberConstraints.setMaxResults(0);
        memberConstraints.setBatchSize(1);
    }

    LDAPConnection getConnection() {
        try {
            return (LDAPConnection) this.connPool.getInstance();
        } catch (InvocationTargetException e) {
            throw new LDAPRealmException("could not get connection", e);
        }
    }

    void returnConnection(LDAPConnection lDAPConnection) {
        if (lDAPConnection != null) {
            this.connPool.returnInstance(lDAPConnection);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public LDAPUser authenticate(String str, String str2) {
        LDAPUser user = getUser(replaceChar(str, "*", ""));
        if (user == null || str2 == null || "".equals(str2)) {
            return null;
        }
        LDAPConnection connection = getConnection();
        LDAPUser lDAPUser = null;
        try {
            try {
                if (this.log != null) {
                    this.log.debug(new StringBuffer().append("bind(").append(user.getDN()).append(")").toString());
                }
                connection.bind(3, user.getDN(), str2);
                lDAPUser = user;
            } catch (LDAPException e) {
                handleException(e);
            } finally {
                returnConnection(connection);
            }
        } catch (LDAPException e2) {
            switch (e2.getLDAPResultCode()) {
                case 19:
                    if (connection != null) {
                        this.connPool.destroyInstance(connection);
                    }
                    connection = getConnection();
                    break;
                case 48:
                case 49:
                    break;
                case 53:
                    if (connection != null) {
                        this.connPool.destroyInstance(connection);
                    }
                    getConnection();
                    throw new LDAPRealmException(e2.getLDAPErrorMessage(), e2);
                default:
                    handleException(e2);
                    break;
            }
        }
        if (connection != null) {
            connection.bind(3, serverPrincipal, serverCredential);
        }
        connection = connection;
        return lDAPUser;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public LDAPUser getUser(String str) {
        LDAPConnection connection = getConnection();
        try {
            int length = userBaseDNs.length > userFilters.length ? userBaseDNs.length : userFilters.length;
            for (int i = 0; i < length; i++) {
                String printf = printf(userFilters[userFilters.length > 1 ? i : 0], 'u', getEncodedStringRepresentation(str));
                String encodedStringRepresentation = getEncodedStringRepresentation(userBaseDNs[userBaseDNs.length > 1 ? i : 0]);
                int i2 = userScopes[userScopes.length > 1 ? i : 0];
                if (this.log != null) {
                    this.log.debug(new StringBuffer().append("search(\"").append(encodedStringRepresentation).append("\", \"").append(printf).append("\", ").append(scopeToString(i2)).append(")").toString());
                }
                LDAPSearchResults search = connection.search(encodedStringRepresentation, i2, printf, USER_ATTRS, false, userConstraints);
                if (search.hasMoreElements()) {
                    String dn = search.next().getDN();
                    String unescapeCommaForDN = dn.indexOf("\\,") > -1 ? unescapeCommaForDN(dn) : dn;
                    if (!caseSensitive || unescapeCommaForDN.indexOf(str) != -1) {
                        if (this.log != null) {
                            this.log.debug(new StringBuffer().append("DN for user ").append(str).append(": ").append(dn).toString());
                        }
                        return new LDAPUser(str, dn, this.owner);
                    }
                    if (this.log != null && dn.toLowerCase().indexOf(str.toLowerCase()) != -1) {
                        this.log.debug(new StringBuffer().append("incorrect case for user: ").append(str).toString());
                    }
                    return null;
                }
            }
        } catch (LDAPException e) {
            handleException(e);
        } finally {
            returnConnection(connection);
        }
        if (this.log == null) {
            return null;
        }
        this.log.debug(new StringBuffer().append("User ").append(str).append(" not found.").toString());
        return null;
    }

    private static String getEncodedStringRepresentation(Object obj) {
        if (obj == null) {
            return null;
        }
        if (obj instanceof byte[]) {
            byte[] bArr = (byte[]) obj;
            StringBuffer stringBuffer = new StringBuffer(bArr.length * 3);
            for (byte b : bArr) {
                stringBuffer.append('\\');
                hexDigit(stringBuffer, b);
            }
            return stringBuffer.toString();
        }
        String obj2 = !(obj instanceof String) ? obj.toString() : (String) obj;
        int length = obj2.length();
        StringBuffer stringBuffer2 = new StringBuffer(length);
        for (int i = 0; i < length; i++) {
            char charAt = obj2.charAt(i);
            switch (charAt) {
                case 0:
                    stringBuffer2.append("\\00");
                    break;
                case '(':
                    stringBuffer2.append("\\28");
                    break;
                case ')':
                    stringBuffer2.append("\\29");
                    break;
                case '*':
                    stringBuffer2.append("\\2a");
                    break;
                case '\\':
                    stringBuffer2.append("\\5c");
                    break;
                default:
                    stringBuffer2.append(charAt);
                    break;
            }
        }
        return stringBuffer2.toString();
    }

    private static void hexDigit(StringBuffer stringBuffer, byte b) {
        char c = (char) ((b >> 4) & 15);
        stringBuffer.append(c > '\t' ? (char) ((c - '\n') + 65) : (char) (c + '0'));
        char c2 = (char) (b & 15);
        stringBuffer.append(c2 > '\t' ? (char) ((c2 - '\n') + 65) : (char) (c2 + '0'));
    }

    private String replaceChar(String str, String str2, String str3) {
        while (str.indexOf(str2) != -1) {
            int indexOf = str.indexOf(str2);
            str = new StringBuffer().append(str.substring(0, indexOf)).append(str3).append(str.substring(indexOf + str2.length())).toString();
        }
        return str;
    }

    void handleException(Exception exc) {
        throw new LDAPRealmException("caught unexpected exception", exc);
    }

    static String printf(String str, char c, String str2) {
        StringBuffer stringBuffer = new StringBuffer();
        int length = str.length();
        boolean z = false;
        for (int i = 0; i < length; i++) {
            char charAt = str.charAt(i);
            if (!z) {
                switch (charAt) {
                    case '%':
                        z = true;
                        break;
                    default:
                        stringBuffer.append(charAt);
                        break;
                }
            } else {
                if (charAt != c) {
                    switch (charAt) {
                        case '%':
                            stringBuffer.append(charAt);
                            break;
                        default:
                            stringBuffer.append('%');
                            stringBuffer.append(charAt);
                            break;
                    }
                } else {
                    stringBuffer.append(str2);
                }
                z = false;
            }
        }
        return stringBuffer.toString();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Group getGroup(String str) {
        LDAPConnection connection = getConnection();
        try {
            int length = groupBaseDNs.length > groupFilters.length ? groupBaseDNs.length : groupFilters.length;
            for (int i = 0; i < length; i++) {
                String printf = printf(groupFilters[groupFilters.length > 1 ? i : 0], 'g', getEncodedStringRepresentation(str));
                String encodedStringRepresentation = getEncodedStringRepresentation(groupBaseDNs[groupBaseDNs.length > 1 ? i : 0]);
                int i2 = groupScopes[groupScopes.length > 1 ? i : 0];
                if (this.log != null) {
                    this.log.debug(new StringBuffer().append("search(\"").append(encodedStringRepresentation).append("\", \"").append(printf).append("\", ").append(scopeToString(i2)).append(")").toString());
                }
                LDAPSearchResults search = connection.search(encodedStringRepresentation, i2, printf, GROUP_ATTRS, false, groupConstraints);
                if (search.hasMoreElements()) {
                    String dn = search.next().getDN();
                    if (this.log != null) {
                        this.log.debug(new StringBuffer().append("DN for group ").append(str).append(": ").append(dn).toString());
                    }
                    return new LDAPGroup(str, dn, this, this.owner);
                }
            }
            return null;
        } catch (LDAPException e) {
            handleException(e);
            return null;
        } finally {
            returnConnection(connection);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Enumeration groupMembers(String str) {
        LDAPConnection connection = getConnection();
        Enumeration enumeration = null;
        try {
            try {
                enumeration = groupMembersInternal(str, connection);
                returnConnection(connection);
            } catch (LDAPException e) {
                connection = null;
                handleException(e);
                returnConnection(null);
            }
            return enumeration;
        } catch (Throwable th) {
            returnConnection(connection);
            throw th;
        }
    }

    private Enumeration groupMembersInternal(String str, LDAPConnection lDAPConnection) throws LDAPException {
        LDAPUser readDNForUser;
        Vector vector = new Vector();
        String encodedStringRepresentation = getEncodedStringRepresentation(str);
        for (int i = 0; i < memberFilters.length; i++) {
            String printf = printf(printf(memberFilters[memberFilters.length > 1 ? i : 0], 'G', encodedStringRepresentation), 'M', "*");
            String[] strArr = memberAttributes[memberFilters.length > 1 ? i : 0];
            int i2 = memberScopes[memberScopes.length > 1 ? i : 0];
            if (this.log != null) {
                this.log.debug(new StringBuffer().append("search(\"").append(encodedStringRepresentation).append("\", \"").append(printf).append("\", ").append(scopeToString(i2)).append(")").toString());
            }
            LDAPSearchResults search = lDAPConnection.search(encodedStringRepresentation, i2, printf, strArr, false, memberConstraints);
            while (search.hasMoreElements()) {
                LDAPEntry next = search.next();
                next.getDN();
                Enumeration attributes = next.getAttributeSet().getAttributes();
                while (attributes.hasMoreElements()) {
                    LDAPAttribute lDAPAttribute = (LDAPAttribute) attributes.nextElement();
                    lDAPAttribute.getName();
                    Enumeration stringValues = lDAPAttribute.getStringValues();
                    while (stringValues.hasMoreElements()) {
                        String str2 = (String) stringValues.nextElement();
                        LDAPDN.normalize(str2);
                        LDAPUser searchDNForUser = searchDNForUser(str2);
                        boolean z = false;
                        if (searchDNForUser != null) {
                            z = true;
                            vector.addElement(searchDNForUser);
                        } else {
                            LDAPGroup searchDNForGroup = searchDNForGroup(str2);
                            if (searchDNForGroup != null) {
                                z = true;
                                vector.addElement(searchDNForGroup);
                            }
                        }
                        if (!z && membershipSearch && (readDNForUser = readDNForUser(str2)) != null) {
                            vector.addElement(readDNForUser);
                        }
                    }
                }
            }
        }
        return vector.elements();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public LDAPUser readDNForUser(String str) {
        LDAPConnection connection = getConnection();
        try {
            if (this.log != null) {
                this.log.debug(new StringBuffer().append("search(\"").append(str).append("\", \"(objectclass=*)\", ").append(scopeToString(2)).append(")").toString());
            }
            LDAPSearchResults lDAPSearchResults = null;
            try {
                lDAPSearchResults = connection.search(str, 2, JDAPSearchRequest.DEFAULT_FILTER, new String[]{"*"}, false, userConstraints);
            } catch (LDAPException e) {
                if (this.log != null) {
                    this.log.debug(new StringBuffer().append("ignoring ").append(e.getMessage()).toString());
                }
            }
            if (lDAPSearchResults != null) {
                while (lDAPSearchResults.hasMoreElements()) {
                    LDAPUser checkEntryForUser = checkEntryForUser(lDAPSearchResults.next());
                    if (checkEntryForUser != null) {
                        return checkEntryForUser;
                    }
                }
            }
            return null;
        } catch (Exception e2) {
            handleException(e2);
            return null;
        } finally {
            returnConnection(connection);
        }
    }

    private LDAPUser checkEntryForUser(LDAPEntry lDAPEntry) {
        Enumeration attributes = lDAPEntry.getAttributeSet().getAttributes();
        if (!attributes.hasMoreElements()) {
            return searchDNForUser(lDAPEntry.getDN());
        }
        while (attributes.hasMoreElements()) {
            LDAPAttribute lDAPAttribute = (LDAPAttribute) attributes.nextElement();
            String baseName = lDAPAttribute.getBaseName();
            Enumeration stringValues = lDAPAttribute.getStringValues();
            for (int i = 0; i < userNameAttributes.length; i++) {
                for (int i2 = 0; i2 < userNameAttributes[i].length; i2++) {
                    if (stringValues.hasMoreElements()) {
                        String str = (String) stringValues.nextElement();
                        if (baseName.equals(userNameAttributes[i][i2]) && getUser(str) != null) {
                            return new LDAPUser(str, lDAPEntry.getDN(), this.owner);
                        }
                    }
                }
            }
        }
        return null;
    }

    private LDAPUser searchDNForUser(String str) {
        String attributeValue;
        for (int i = 0; i < userNameAttributes.length; i++) {
            for (int i2 = 0; i2 < userNameAttributes[i].length; i2++) {
                if (str.indexOf(userNameAttributes[i][i2]) > -1 && (attributeValue = getAttributeValue(userNameAttributes[i][i2], str)) != null && getUser(attributeValue) != null) {
                    return new LDAPUser(attributeValue, str, this.owner);
                }
            }
        }
        return null;
    }

    private LDAPGroup searchDNForGroup(String str) {
        String attributeValue;
        for (int i = 0; i < groupNameAttributes.length; i++) {
            for (int i2 = 0; i2 < groupNameAttributes[i].length; i2++) {
                if (str.indexOf(groupNameAttributes[i][i2]) > -1 && (attributeValue = getAttributeValue(groupNameAttributes[i][i2], str)) != null && getGroup(attributeValue) != null) {
                    return new LDAPGroup(attributeValue, str, this, this.owner);
                }
            }
        }
        return null;
    }

    private String unescapeCommaForDN(String str) {
        StringBuffer stringBuffer = new StringBuffer();
        for (int i = 0; i < str.length(); i++) {
            char charAt = str.charAt(i);
            if (charAt != '\\') {
                stringBuffer.append(charAt);
            }
        }
        return stringBuffer.toString();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public String getAttributeValue(String str, String str2) {
        String stringBuffer = new StringBuffer().append(str).append("=").toString();
        int indexOf = str2.indexOf(stringBuffer);
        if (indexOf == -1) {
            return null;
        }
        String substring = str2.substring(indexOf + stringBuffer.length());
        if (substring.startsWith("=")) {
            substring = substring.substring(1);
        }
        int indexOf2 = substring.indexOf(",");
        int indexOf3 = substring.indexOf(FXMLLoader.ESCAPE_PREFIX);
        if (indexOf3 == -1 || indexOf2 - indexOf3 != 1) {
            return substring.substring(0, indexOf2).trim();
        }
        for (int i = 0; i < substring.length(); i++) {
            String substring2 = substring.substring(0, i);
            if (substring2.endsWith(",") && !substring2.endsWith("\\,")) {
                return unescapeCommaForDN(substring2.substring(0, substring2.length() - 1));
            }
        }
        if (this.log == null) {
            return null;
        }
        this.log.debug(new StringBuffer().append("Could not find an unescaped comma in the following DN - ").append(substring).toString());
        return null;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean groupContains(String str, String str2) {
        LDAPConnection connection = getConnection();
        boolean z = false;
        try {
            z = groupContainsInternal(connection, str, str2, new Stack());
        } catch (LDAPException e) {
            handleException(e);
        } finally {
            returnConnection(connection);
        }
        return z;
    }

    private boolean groupContainsInternal(LDAPConnection lDAPConnection, String str, String str2, Stack stack) throws LDAPException {
        if (str.equals(str2)) {
            return true;
        }
        checkForCircularity(str, str2, stack);
        stack.push(str2);
        int length = groupBaseDNs.length > memberFilters.length ? groupBaseDNs.length : memberFilters.length;
        for (int i = 0; i < length; i++) {
            String printf = printf(printf(memberFilters[memberFilters.length > 1 ? i : 0], 'G', str), 'M', getEncodedStringRepresentation(str2));
            String encodedStringRepresentation = getEncodedStringRepresentation(groupBaseDNs[groupBaseDNs.length > 1 ? i : 0]);
            int i2 = memberScopes[memberScopes.length > 1 ? i : 0];
            if (this.log != null) {
                this.log.debug(new StringBuffer().append("search(\"").append(encodedStringRepresentation).append("\", \"").append(printf).append("\", ").append(scopeToString(i2)).append(")").toString());
            }
            LDAPSearchResults search = lDAPConnection.search(encodedStringRepresentation, i2, printf, MEMBER_ATTRS, false, memberConstraints);
            new Vector();
            while (search.hasMoreElements()) {
                String dn = search.next().getDN();
                if (groupScopeDepth > 0) {
                    for (int i3 = groupScopeDepth; i3 >= 0; i3--) {
                        if (i3 > 0) {
                            int indexOf = dn.indexOf(44);
                            if (indexOf == -1) {
                                throw new LDAPRealmException(new StringBuffer().append("group scope depth is greater than the number of RDNs in '").append(dn).append("'").toString());
                            }
                            dn = dn.substring(indexOf + 1).trim();
                        }
                        if (str.equals(dn) || groupContainsInternal(lDAPConnection, str, dn, stack)) {
                            return true;
                        }
                    }
                } else if (str.equals(dn) || groupContainsInternal(lDAPConnection, str, dn, stack)) {
                    return true;
                }
            }
        }
        stack.pop();
        return false;
    }

    private static void checkForCircularity(String str, String str2, Stack stack) throws LDAPRealmException {
        if (stack.contains(str2)) {
            StringBuffer stringBuffer = new StringBuffer("circular group: while checking '");
            stringBuffer.append(str);
            stringBuffer.append("', found ");
            stringBuffer.append(str2);
            do {
                stringBuffer.append(" -> ");
                String str3 = (String) stack.pop();
                stringBuffer.append(str3);
                if (str3.equals(str2)) {
                    break;
                }
            } while (!stack.empty());
            throw new LDAPRealmException(stringBuffer.toString());
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Enumeration getUsers() {
        int length = userBaseDNs.length > userFilters.length ? userBaseDNs.length : userFilters.length;
        Enumeration[] enumerationArr = new Enumeration[length];
        LDAPConnection connection = getConnection();
        LDAPSearchConstraints searchConstraints = connection.getSearchConstraints();
        searchConstraints.getMaxResults();
        searchConstraints.setMaxResults(100);
        try {
            for (int i = 0; i < length; i++) {
                enumerationArr[i] = new UserMangler(this, userNameAttributes[userFilters.length > 1 ? i : 0], connection.search(getEncodedStringRepresentation(userBaseDNs[userBaseDNs.length > 1 ? i : 0]), userScopes[userScopes.length > 1 ? i : 0], printf(userFilters[userFilters.length > 1 ? i : 0], 'u', "*"), USER_ATTRS, false, getUserConstraints));
            }
        } catch (LDAPException e) {
            handleException(e);
        } finally {
        }
        return new SequencingEnumerator(enumerationArr);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Enumeration getGroups() {
        int length = groupBaseDNs.length > groupFilters.length ? groupBaseDNs.length : groupFilters.length;
        Enumeration[] enumerationArr = new Enumeration[length];
        LDAPConnection connection = getConnection();
        for (int i = 0; i < length; i++) {
            try {
                String printf = printf(groupFilters[groupFilters.length > 1 ? i : 0], 'g', "*");
                String[] strArr = groupNameAttributes[groupFilters.length > 1 ? i : 0];
                String encodedStringRepresentation = getEncodedStringRepresentation(groupBaseDNs[groupBaseDNs.length > 1 ? i : 0]);
                int i2 = groupScopes[groupScopes.length > 1 ? i : 0];
                if (this.log != null) {
                    this.log.debug(new StringBuffer().append("search(\"").append(encodedStringRepresentation).append("\", \"").append(printf).append("\", ").append(scopeToString(i2)).append(", \"").append(strArr[0]).append("\")").toString());
                }
                enumerationArr[i] = new GroupMangler(this, strArr, connection.search(encodedStringRepresentation, i2, printf, strArr, false, getGroupConstraints));
            } catch (LDAPException e) {
                handleException(e);
            } finally {
            }
        }
        return new SequencingEnumerator(enumerationArr);
    }

    void close() {
        this.connPool.close();
        this.connPool = null;
    }

    public void setDebugLog(LogOutputStream logOutputStream) {
        if (logOutputStream != null) {
            this.log = logOutputStream;
        }
    }

    public LogOutputStream getDebugLog() {
        return this.log;
    }
}
