package com.vertexinc.common.fw.rba.persist;

import com.vertexinc.common.fw.rba.domain.AppRole;
import com.vertexinc.common.fw.rba.domain.AppUser;
import com.vertexinc.common.fw.rba.domain.PasswordReset;
import com.vertexinc.common.fw.rba.idomain.IAppUser;
import com.vertexinc.common.fw.rba.idomain.UserFieldType;
import com.vertexinc.common.fw.rba.ipersist.AppResourcePersister;
import com.vertexinc.common.fw.rba.ipersist.AppResourcePersisterException;
import com.vertexinc.common.fw.rba.ipersist.AppRolePersister;
import com.vertexinc.common.fw.rba.ipersist.AppRolePersisterException;
import com.vertexinc.common.fw.rba.ipersist.AppUserPersisterException;
import com.vertexinc.common.fw.rba.ipersist.VertexLdapUserDeleteException;
import com.vertexinc.common.fw.rba.ipersist.VertexLdapUserReadException;
import com.vertexinc.common.fw.sprt.domain.Source;
import com.vertexinc.common.fw.sprt.ipersist.SourcePersister;
import com.vertexinc.common.fw.sprt.ipersist.SourcePersisterException;
import com.vertexinc.util.config.MatchRule;
import com.vertexinc.util.config.SysConfig;
import com.vertexinc.util.db.IPersistable;
import com.vertexinc.util.db.action.ActionSequence;
import com.vertexinc.util.db.action.VertexActionException;
import com.vertexinc.util.db.primkey.PrimaryKeyGenerator;
import com.vertexinc.util.error.VertexException;
import com.vertexinc.util.error.VertexInitializationException;
import com.vertexinc.util.i18n.Message;
import com.vertexinc.util.iface.RepositoryType;
import com.vertexinc.util.log.Log;
import com.vertexinc.util.sec.SymDecryption;
import java.net.MalformedURLException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Hashtable;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.stream.Collectors;
import javax.naming.NamingException;
import javax.naming.directory.BasicAttributes;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Profile;
import org.springframework.ldap.core.LdapTemplate;
import org.springframework.ldap.filter.EqualsFilter;
import org.springframework.ldap.query.LdapQueryBuilder;
import org.springframework.stereotype.Repository;

/* JADX WARN: Classes with same name are omitted:
  input_file:com/vertexinc/common/fw/rba/persist/AppUserLdapPersister.class
  input_file:patchedFiles.zip:lib/vertex-oseries-components-common.jar:com/vertexinc/common/fw/rba/persist/AppUserLdapPersister.class
 */
@Profile({"LDAP"})
@Repository
/* loaded from: input_file:patchedFiles.zip:web/vertex-ws.war:WEB-INF/lib/vertex-oseries-components-common.jar:com/vertexinc/common/fw/rba/persist/AppUserLdapPersister.class */
public class AppUserLdapPersister extends AbstractAppUserPersister {

    @Autowired
    LdapConfiguration configuration = new LdapConfiguration();

    @Autowired
    private LdapTemplate ldapTemplate = this.configuration.ldapTemplate();
    public static final String VTXPRM_MAPPING_PARTITION_PREFIX = "ldap.mapping.systemPartition.";
    public static final String VTXPRM_MAPPING_ROLE_PREFIX = "ldap.mapping.role.";
    public static final String VTXPRM_AUTHENTICATION_MODE = "ldap.service.authenticationMode";
    public static final String VTXDEF_AUTHENTICATION_MODE = "BIND";
    public static final String VTXPRM_AUTHENTICATION_BINDING_PATTERN = "ldap.service.authentication.bindingPattern";
    public static final String VTXPRM_DEFAULT_USER_PARTITION = "ldap.default.user.systemPartition";
    public static final String VTXDEF_DEFAULT_USER_PARTITION = "admin";
    public static final String VTXPRM_DEFAULT_USER_ROLE = "ldap.default.user.role";
    public static final String VTXPRM_DEFAULT_USER_LOCALE = "ldap.default.user.locale";
    public static final String VTXDEF_DEFAULT_USER_LOCALE = "en_US";
    private static final String JNDI_FACTORY = "com.sun.jndi.ldap.LdapCtxFactory";
    public static final String VTXPRM_LDAP_PROVIDER_URL = "ldap.service.connectionUrl";
    public static final String VTXDEF_LDAP_PROVIDER_URL = "ldap://localhost:389/";
    public static final String VTXPRM_LDAP_PROVIDER_USER = "ldap.directoryManager.userName";
    public static final String VTXPRM_LDAP_PROVIDER_PASSWORD = "ldap.directoryManager.password";
    public static final String VTXPRM_LDAP_USER_DIR_CONTEXT = "ldap.user.dirContext";
    public static final String VTXPRM_LDAP_DIR_CONTEXT_SEARCH_SCOPE = "ldap.dirContext.searchScope";
    public static final int VTXDEF_LDAP_DIR_CONTEXT_OBJEECT_SCOPE = 0;
    public static final int VTXDEF_LDAP_DIR_CONTEXT_ONELEVEL_SCOPE = 1;
    public static final int VTXDEF_LDAP_DIR_CONTEXT_SUBTREE_SCOPE = 2;
    public static final int VTXDEF_LDAP_DIR_CONTEXT_SEARCH_SCOPE = 1;
    public static final String VTXPRM_LDAP_DIR_CONTEXT_IGNORE_PARTIAL_EXCEPTION = "ldap.dirContext.ignorePartialResultException";
    public static final boolean VTXDEF_LDAP_DIR_CONTEXT_IGNORE_PARTIAL_EXCEPTION = true;
    public static final String VTXPRM_LDAP_USER_OBJECT_CLASS = "ldap.user.objectClass";
    public static final String VTXDEF_LDAP_USER_OBJECT_CLASS = "organizationalPerson";
    public static final String VTXPRM_LDAP_GROUP_OBJECT_CLASS = "ldap.group.objectClass";
    public static final String VTXDEF_LDAP_GROUP_OBJECT_CLASS = "groupOfNames";
    public static final String VTXPRM_LDAP_GROUP_MEMBER_OBJECT_CLASS = "ldap.group.member.objectClass";
    public static final String VTXDEF_LDAP_GROUP_MEMBER_OBJECT_CLASS = "member";
    public static final String VTXPRM_LDAP_GROUP_NAME = "ldap.group.name.";
    public static final String VTXPRM_LDAP_GROUP_ROLE = "ldap.group.role.";
    public static final String VTXPRM_LDAP_ATTR_USER_ID = "ldap.user.attrName.userName";
    public static final String VTXDEF_LDAP_ATTR_USER_ID = "uid";
    public static final String VTXPRM_LDAP_ATTR_USER_PASSWORD = "ldap.user.attrName.password";
    public static final String VTXDEF_LDAP_ATTR_USER_PASSWORD = "userPassword";
    public static final String VTXPRM_LDAP_ATTR_USER_FULLNAME = "ldap.user.attrName.fullName";
    public static final String VTXDEF_LDAP_ATTR_USER_FULLNAME = "sn";
    public static final String VTXPRM_LDAP_ATTR_PARTITION = "ldap.user.attrName.systemPartition";
    public static final String VTXPRM_LDAP_ATTR_ROLE = "ldap.user.attrName.role";
    public static final String VTXPRM_LDAP_ATTR_LOCALE = "ldap.user.attrName.locale";
    static final /* synthetic */ boolean $assertionsDisabled;

    public AppUserLdapPersister() throws MalformedURLException, VertexInitializationException, SourcePersisterException, AppRolePersisterException, AppResourcePersisterException {
        setSourcePersister(SourcePersister.getInstance());
        setAppRolePersister(AppRolePersister.getInstance());
        setAppResourcePersister(AppResourcePersister.getInstance());
    }

    @Override // com.vertexinc.common.fw.rba.ipersist.IAppUserPersister
    public void delete(IAppUser iAppUser) throws AppUserPersisterException {
        Long valueOf = Long.valueOf(iAppUser.getId());
        String userName = iAppUser.getUserName();
        try {
            createActionSequence().appendAction(new UserSourceRoleDeleteAction(valueOf.longValue())).appendAction(new LdapUserResetAction(valueOf.longValue())).execute();
            clearCache();
        } catch (VertexActionException e) {
            throw new VertexLdapUserDeleteException(Message.format(AppUserLdapPersister.class, "AppUserLdapPersister.delete.databaseFailure", "Unable to delete specified user from LDAP user override tables.  (user={0})", userName), e);
        }
    }

    @Override // com.vertexinc.common.fw.rba.ipersist.AppUserPersister
    public void deletePasswordResetByUserId(long j) throws AppUserPersisterException {
    }

    @Override // com.vertexinc.common.fw.rba.persist.AbstractAppUserPersister
    protected Map<Long, AppUser> findAllUsers() throws VertexException {
        List<AppUser> readLdapUsers = readLdapUsers();
        LdapUserSelectAction createLdapUserSelectAction = createLdapUserSelectAction();
        createLdapUserSelectAction.execute();
        Map<String, AppUser> overrides = createLdapUserSelectAction.getOverrides();
        HashMap hashMap = new HashMap();
        for (AppUser appUser : readLdapUsers) {
            AppUser appUser2 = overrides.get(appUser.getUserName());
            if (appUser2 == null) {
                appUser2 = new AppUser();
                appUser2.setUserName(appUser.getUserName());
                if (null == appUser.getUserName()) {
                    Log.logError(AppUserLdapPersister.class, Message.format(AppUserLdapPersister.class, "AppUserLdapPersister.findAllUsers.noPartition", "Username not found for LDAP user.  (user={0})", appUser.getName()));
                } else {
                    save(appUser2);
                }
            }
            appUser.setId(appUser2.getId());
            hashMap.put(Long.valueOf(appUser.getId()), appUser);
            if (appUser.getSourceId() == null) {
                Long sourceId = appUser2.getSourceId();
                if (sourceId == null) {
                    String env = SysConfig.getEnv(VTXPRM_DEFAULT_USER_PARTITION, "admin");
                    Source findByName = env != null ? SourcePersister.getInstance().findByName(env) : null;
                    if (findByName == null) {
                        findByName = SourcePersister.getInstance().findByPK(11L);
                    }
                    if (findByName == null) {
                        findByName = SourcePersister.getInstance().findByPK(10L);
                    }
                    if (findByName != null) {
                        sourceId = Long.valueOf(findByName.getId());
                    }
                }
                if (sourceId != null) {
                    appUser.setSourceId(sourceId);
                } else {
                    Log.logWarning(AppUserLdapPersister.class, Message.format(AppUserLdapPersister.class, "AppUserLdapPersister.findAllUsers.noPartition", "No partition has been defined for LDAP user.  (user={0})", appUser.getUserName()));
                }
            }
            appUser.getPartitionRoles().add(appUser2.getPartitionRoles().getAll());
            AppRole defaultRole = getDefaultRole();
            if (!appUser.getPartitionRoles().isEmpty() || defaultRole == null) {
                Log.logWarning(AppUserLdapPersister.class, Message.format(AppUserLdapPersister.class, "AppUserLdapPersister.findAllUsers.noPartitionRole", "No user partition role has been defined for LDAP user.  (user={0} partition={1})", appUser.getUserName(), appUser.getSourceId()));
            } else {
                appUser.addRole(defaultRole);
            }
        }
        return hashMap;
    }

    @Override // com.vertexinc.common.fw.rba.ipersist.AppUserPersister
    public IPersistable findPasswordReset(String str) {
        return null;
    }

    @Override // com.vertexinc.common.fw.rba.ipersist.AppUserPersister
    public IPersistable findRecentPasswordReq(long j) throws AppUserPersisterException {
        return null;
    }

    @Override // com.vertexinc.common.fw.rba.ipersist.IAppUserPersister
    public RepositoryType getRepositoryType() {
        return RepositoryType.LDAP;
    }

    @Override // com.vertexinc.common.fw.rba.ipersist.AppUserPersister
    public boolean isAddOrDeleteEnabled() {
        return false;
    }

    private List<AppUser> readLdapUsers() throws VertexException {
        DirContext dirContext = null;
        try {
            try {
                dirContext = intializeJndiContext();
                String env = SysConfig.getEnv(VTXPRM_LDAP_USER_DIR_CONTEXT, "");
                String env2 = SysConfig.getEnv(VTXPRM_LDAP_USER_OBJECT_CLASS, VTXDEF_LDAP_USER_OBJECT_CLASS);
                BasicAttributes basicAttributes = new BasicAttributes();
                if (env2 != null) {
                    basicAttributes.put("objectClass", env2);
                }
                Map<String, String> readLdapMappings = readLdapMappings(VTXPRM_MAPPING_ROLE_PREFIX);
                Map<String, String> readLdapMappings2 = readLdapMappings(VTXPRM_MAPPING_PARTITION_PREFIX);
                Map<String, String> readLdapMappings3 = readLdapMappings(VTXPRM_LDAP_GROUP_NAME);
                EqualsFilter equalsFilter = new EqualsFilter("objectclass", env2);
                this.ldapTemplate.setDefaultSearchScope(SysConfig.getEnv(VTXPRM_LDAP_DIR_CONTEXT_SEARCH_SCOPE, 1));
                List<AppUser> search = this.ldapTemplate.search(env, equalsFilter.encode(), new AppUserContextMapper(readLdapMappings, readLdapMappings2, this.ldapTemplate));
                this.ldapTemplate.setDefaultSearchScope(2);
                if (null != readLdapMappings3 || readLdapMappings3.size() > 0) {
                    search.addAll(findGroup(readLdapMappings3, new AppUserContextMapper(readLdapMappings, readLdapMappings2, this.ldapTemplate)));
                }
                if (dirContext != null) {
                    try {
                        dirContext.close();
                    } catch (NamingException e) {
                        Log.logException(AppUserLdapPersister.class, Message.format(AppUserLdapPersister.class, "AppUserLdapPersister.readLdapUsers.contextClose", "Context close failed for LDAP enabled repository."), e);
                    }
                }
                return search;
            } catch (Exception e2) {
                throw new VertexLdapUserReadException(Message.format(AppUserLdapPersister.class, "AppUserLdapPersister.readLdapUsers.jndiError", "Unable to read users from LDAP enabled repository.  Check LDAP settings vertex.cfg."), e2);
            }
        } catch (Throwable th) {
            if (dirContext != null) {
                try {
                    dirContext.close();
                } catch (NamingException e3) {
                    Log.logException(AppUserLdapPersister.class, Message.format(AppUserLdapPersister.class, "AppUserLdapPersister.readLdapUsers.contextClose", "Context close failed for LDAP enabled repository."), e3);
                }
            }
            throw th;
        }
    }

    private List<AppUser> findGroup(Map<String, String> map, AppUserContextMapper appUserContextMapper) {
        ArrayList arrayList = new ArrayList();
        String env = SysConfig.getEnv(VTXPRM_LDAP_GROUP_OBJECT_CLASS, VTXDEF_LDAP_GROUP_OBJECT_CLASS);
        String env2 = SysConfig.getEnv(VTXPRM_LDAP_GROUP_MEMBER_OBJECT_CLASS, VTXDEF_LDAP_GROUP_MEMBER_OBJECT_CLASS);
        for (Map.Entry<String, String> entry : map.entrySet()) {
            List<LdapGroup> search = this.ldapTemplate.search(LdapQueryBuilder.query().base(entry.getValue()).where("objectclass").is(env), new LdapGroupAttributesMapper(env2));
            new EqualsFilter("objectclass", VTXDEF_LDAP_USER_OBJECT_CLASS);
            for (LdapGroup ldapGroup : search) {
                Map<String, String> readLdapMappings = readLdapMappings(VTXPRM_LDAP_GROUP_ROLE + ((Object) entry.getKey()));
                String[] strArr = (String[]) ((List) readLdapMappings.entrySet().stream().map((v0) -> {
                    return v0.getValue();
                }).collect(Collectors.toList())).toArray(new String[readLdapMappings.size()]);
                for (String str : ldapGroup.getMembers()) {
                    System.out.println(str.toString());
                    arrayList.add((AppUser) ((null == strArr || strArr.length <= 0) ? this.ldapTemplate.lookup(str, new AppUserContextMapper(appUserContextMapper.ldapRoles, appUserContextMapper.ldapPartitions, this.ldapTemplate)) : this.ldapTemplate.lookup(str, new AppUserContextMapper((List<String>) Arrays.asList(strArr), appUserContextMapper.ldapPartitions, this.ldapTemplate))));
                }
            }
        }
        return arrayList;
    }

    private DirContext intializeJndiContext() throws NamingException {
        Hashtable hashtable = new Hashtable();
        hashtable.put("java.naming.factory.initial", JNDI_FACTORY);
        String env = SysConfig.getEnv(VTXPRM_LDAP_PROVIDER_URL, VTXDEF_LDAP_PROVIDER_URL);
        String decrypt = SymDecryption.decrypt(env, true);
        if (decrypt != null) {
            env = decrypt;
        }
        hashtable.put("java.naming.provider.url", env);
        String env2 = SysConfig.getEnv(VTXPRM_LDAP_PROVIDER_USER, (String) null);
        if (env2 != null) {
            String decrypt2 = SymDecryption.decrypt(env2, true);
            if (decrypt2 != null) {
                env2 = decrypt2;
            }
            hashtable.put("java.naming.security.principal", env2);
        }
        String env3 = SysConfig.getEnv(VTXPRM_LDAP_PROVIDER_PASSWORD, (String) null);
        if (env3 != null) {
            String decrypt3 = SymDecryption.decrypt(env3, true);
            if (decrypt3 != null) {
                env3 = decrypt3;
            }
            hashtable.put("java.naming.security.credentials", env3);
        }
        return new InitialDirContext(hashtable);
    }

    private Map<String, String> readLdapMappings(String str) {
        HashMap hashMap = new HashMap();
        for (Map.Entry entry : SysConfig.getEnv(MatchRule.START, str).entrySet()) {
            String str2 = (String) entry.getKey();
            String str3 = (String) entry.getValue();
            System.out.println(str2 + "->" + str3);
            if (!str.equalsIgnoreCase(str2)) {
                hashMap.put(str2.substring(str.length()), str3);
            }
        }
        return hashMap;
    }

    @Override // com.vertexinc.common.fw.rba.ipersist.AppUserPersister
    public void registerFailedLogin(IPersistable iPersistable) throws AppUserPersisterException {
    }

    @Override // com.vertexinc.common.fw.rba.ipersist.AppUserPersister
    public void resetFailedLogin(IPersistable iPersistable) {
    }

    @Override // com.vertexinc.common.fw.rba.ipersist.AppUserPersister
    public void registerPasswordExpiration(long j, int i) throws AppUserPersisterException {
    }

    @Override // com.vertexinc.common.fw.rba.ipersist.AppUserPersister
    public void registerSuccessfulLogin(IPersistable iPersistable) throws AppUserPersisterException {
    }

    @Override // com.vertexinc.common.fw.rba.ipersist.IAppUserPersister
    public void save(AppUser appUser) throws AppUserPersisterException {
        if (!$assertionsDisabled && appUser == null) {
            throw new AssertionError();
        }
        boolean z = false;
        try {
            ActionSequence actionSequence = new ActionSequence();
            if (appUser.getId() < 1) {
                appUser.setId(createPrimaryKeyGenerator().getNext());
                z = true;
            } else {
                actionSequence.addAction(new UserSourceRoleDeleteAction(appUser.getId()));
                actionSequence.addAction(new LdapUserDeleteAction(appUser.getId()));
            }
            Source findByName = SourcePersister.getInstance().findByName(SysConfig.getEnv(VTXPRM_DEFAULT_USER_PARTITION, "admin"));
            actionSequence.addAction(new LdapUserInsertAction(appUser, findByName == null ? null : Long.valueOf(findByName.getId())));
            if (appUser.isFieldEditable(UserFieldType.ROLES) && appUser.getPartitionRoles() != null && !appUser.getPartitionRoles().isEmpty()) {
                AppRole defaultRole = getDefaultRole();
                for (Long l : appUser.getPartitionRoles().getPartitions()) {
                    Set<Long> roles = appUser.getPartitionRoles().getRoles(l.longValue());
                    if (roles.size() != 1 || defaultRole == null || !roles.contains(Long.valueOf(defaultRole.getId()))) {
                        actionSequence.addAction(new UserSourceRoleInsertAction(appUser.getId(), l.longValue(), roles));
                    }
                }
            }
            actionSequence.execute();
            clearCache();
        } catch (VertexException e) {
            Log.logException(AppUserLdapPersister.class, e.getLocalizedMessage(), e);
            if (z) {
                appUser.setId(-1L);
            }
            throw new VertexLdapUserDeleteException(Message.format(AppUserLdapPersister.class, "AppUserLdapPersister.delete.databaseFailure", "Unable to delete specified user from LDAP user override tables.  (user={0})", appUser.getUserName()), e);
        }
    }

    private AppRole getDefaultRole() throws AppRolePersisterException {
        String env = SysConfig.getEnv(VTXPRM_DEFAULT_USER_ROLE, (String) null);
        if (env == null) {
            return null;
        }
        return getAppRolePersister().findByName(env);
    }

    @Override // com.vertexinc.common.fw.rba.ipersist.AppUserPersister
    public void savePasswordReset(PasswordReset passwordReset) throws AppUserPersisterException {
    }

    @Override // com.vertexinc.common.fw.rba.ipersist.AppUserPersister
    public void setState(long j, boolean z) throws AppUserPersisterException {
    }

    @Override // com.vertexinc.common.fw.rba.ipersist.AppUserPersister
    public void updatePasswordReset(IPersistable iPersistable) throws AppUserPersisterException {
    }

    @Override // com.vertexinc.common.fw.rba.ipersist.AppUserPersister
    public void updateSourceId(Long l, Long l2) throws AppUserPersisterException {
    }

    LdapUserSelectAction createLdapUserSelectAction() {
        return new LdapUserSelectAction();
    }

    PrimaryKeyGenerator createPrimaryKeyGenerator() {
        return new PrimaryKeyGenerator(AppUserDef.TABLE_NAME, 1L);
    }

    ActionSequence createActionSequence() {
        return new ActionSequence();
    }

    static {
        $assertionsDisabled = !AppUserLdapPersister.class.desiredAssertionStatus();
    }
}
