package com.nazdaq.noms.app.auth.ldap;

import com.nazdaq.core.defines.acts.ActivityAction;
import com.nazdaq.core.helpers.AppConfig;
import com.nazdaq.noms.app.auth.AutoLoginLink;
import java.util.Properties;
import javax.naming.NamingEnumeration;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import models.users.User;
import org.apache.commons.lang3.StringUtils;
import play.Logger;

/* loaded from: input_file:com/nazdaq/noms/app/auth/ldap/AuthLDAPUser.class */
public class AuthLDAPUser {
    private static final Logger.ALogger logger = Logger.of(AuthLDAPUser.class);
    private static final String AD_ATTR_NAME_USER_EMAIL = "mail";
    private static final String AD_ATTR_NAME_FIRST_NAME = "givenName";
    private static final String AD_ATTR_NAME_LAST_NAME = "sn";
    private static final String AD_ATTR_NAME_DESCRIPTION = "description";
    private final String domain = AppConfig.ldap_domain;
    private final String ldapURL = AppConfig.ldap_url;
    private final String authType = AppConfig.ldap_authtype;
    private final String searchQuery = AppConfig.ldap_query;
    private final String searchFilter = AppConfig.ldap_search_filter;

    public static void main(String[] strArr) throws Exception {
        new AuthLDAPUser().getUser(strArr[0], strArr[1]);
    }

    public User loginAndCreate(String str, String str2, String str3, String str4) throws LDAPLoginException {
        try {
            ActiveUser user = getUser(str, str2);
            String email = user.getEmail() != null ? user.getEmail() : AutoLoginLink.MODE_HOME;
            String firstName = user.getFirstName() != null ? user.getFirstName() : AutoLoginLink.MODE_HOME;
            String lastName = user.getLastName() != null ? user.getLastName() : AutoLoginLink.MODE_HOME;
            if (email.isEmpty()) {
                email = str + "@" + this.domain;
                logger.debug("No email found in LDAP setting the username@domain, E-mail: {}", new Object[]{email});
            }
            User user2 = User.getuserbyusername(user.getUsername());
            if (user2 == null) {
                if (!isAutoCreate()) {
                    throw new LDAPLoginException("You specify not automatically create users, Ask your administrator to enable it.");
                }
                String username = user.getUsername();
                if (firstName != null) {
                    try {
                        if (!firstName.isEmpty()) {
                            User create = User.create(username, email, str2, firstName, lastName, AutoLoginLink.MODE_HOME, null, AutoLoginLink.MODE_HOME, true);
                            create.setComment(user.getDescription());
                            create.save();
                            create.addActivity(ActivityAction.USER_LDAP_CREATED, 0L, 0L, str3, str4, this.ldapURL);
                            logger.info("New LDAP User created with id: " + create.getId() + ":" + create.getDisplayName());
                            user2 = create;
                        }
                    } catch (Exception e) {
                        throw new LDAPLoginException("Failed while auto create user: " + e.getMessage());
                    }
                }
                throw new LDAPLoginException("Failed to get Firstname from server");
            }
            if (isAutoCreate()) {
                boolean z = false;
                if (!user2.getEmail().equals(email)) {
                    user2.setEmail(email);
                    z = true;
                }
                if (!firstName.isEmpty() && !user2.getFirstname().equals(firstName)) {
                    user2.setFirstname(firstName);
                    z = true;
                }
                if (!lastName.isEmpty() && !user2.getLastname().equals(lastName)) {
                    user2.setLastname(lastName);
                    z = true;
                }
                if (z) {
                    logger.info("User has updated in LDAP: " + user2.getId() + ":" + user2.getDisplayName());
                    user2.save();
                }
            }
            user2.addActivity(ActivityAction.USER_LDAP_LOGIN, 0L, 0L, str3, str4);
            return user2;
        } catch (Exception e2) {
            logger.error("Authentication failed: " + e2.getMessage(), e2);
            throw new LDAPLoginException("LDAP Authentication failed: " + e2.getMessage());
        }
    }

    public static boolean isEnabled() {
        return AppConfig.ldap_enabled;
    }

    public static boolean isFallBack() {
        return AppConfig.ldap_fallback;
    }

    public boolean isAutoCreate() {
        return AppConfig.ldap_autocreate;
    }

    private ActiveUser getUser(String str, String str2) throws Exception {
        String str3 = this.domain;
        String str4 = str;
        if (str.contains("\\")) {
            int indexOf = str.indexOf(92);
            str3 = str.substring(0, indexOf);
            str4 = str.substring(indexOf + 2);
            logger.info("Changing the domain from: {}, to: {}, User from {}, to: {}", new Object[]{this.domain, str3, str, str4});
        }
        logger.info("Authenticating to: " + this.ldapURL + ", User:" + str4 + "@" + str3 + " ...");
        Properties properties = new Properties();
        properties.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
        properties.put("java.naming.provider.url", this.ldapURL);
        properties.put("java.naming.security.authentication", this.authType);
        properties.put("java.naming.security.principal", str4 + "@" + str3);
        properties.put("java.naming.security.credentials", str2);
        if (this.ldapURL.toUpperCase().startsWith("LDAPS://")) {
            properties.put("java.naming.security.protocol", "ssl");
            properties.put("java.naming.security.authentication", "simple");
            properties.put("java.naming.ldap.factory.socket", "com.nazdaq.noms.app.auth.ldap.LDAPSSLFactory");
        }
        InitialDirContext initialDirContext = new InitialDirContext(properties);
        logger.info("Connection with LDAP server {} has been established now checking the user {} ...", new Object[]{this.ldapURL, str4 + "@" + this.domain});
        try {
            try {
                NamingEnumeration<SearchResult> userDataBysAMAccountName = getUserDataBysAMAccountName(initialDirContext, this.searchQuery, str4);
                if (userDataBysAMAccountName == null || !userDataBysAMAccountName.hasMoreElements()) {
                    throw new Exception("The user '" + str4 + "' doesn't exists in your search.");
                }
                try {
                    ActiveUser fillAttToUser = fillAttToUser((SearchResult) userDataBysAMAccountName.nextElement(), str4);
                    userDataBysAMAccountName.close();
                    return fillAttToUser;
                } catch (Throwable th) {
                    userDataBysAMAccountName.close();
                    throw th;
                }
            } finally {
                try {
                    initialDirContext.close();
                } catch (Exception e) {
                }
            }
        } catch (Exception e2) {
            logger.warn("Failed to fetch user info for '" + str4 + "' server: " + this.ldapURL + ", Error: " + e2.getMessage(), e2);
            throw e2;
        }
    }

    private NamingEnumeration<SearchResult> getUserDataBysAMAccountName(InitialDirContext initialDirContext, String str, String str2) throws Exception {
        String str3 = "(&(&(objectClass=person)(objectCategory=user))(sAMAccountName=" + str2 + "))";
        if (!this.searchFilter.isEmpty()) {
            if (!this.searchFilter.contains("<userName>")) {
                throw new Exception("Search Filter must contains a filter contains <userName>, For example: (&(&(objectClass=person)(objectCategory=user))(sAMAccountName=<userName>))");
            }
            str3 = StringUtils.replaceOnce(this.searchFilter, "<userName>", str2);
        }
        SearchControls searchControls = new SearchControls();
        searchControls.setSearchScope(2);
        searchControls.setCountLimit(1L);
        try {
            logger.debug("Looking up user using the filter: " + str3);
            return initialDirContext.search(str, str3, searchControls);
        } catch (Exception e) {
            logger.error("Error searching LDAP with the filter " + str3);
            throw e;
        }
    }

    private ActiveUser fillAttToUser(SearchResult searchResult, String str) throws Exception {
        ActiveUser activeUser = new ActiveUser();
        activeUser.setUsername(str);
        Attributes attributes = searchResult.getAttributes();
        NamingEnumeration all = attributes.getAll();
        while (all.hasMoreElements()) {
            Attribute attribute = (Attribute) all.next();
            String id = attribute.getID();
            NamingEnumeration all2 = attribute.getAll();
            while (all2.hasMore()) {
                logger.debug(id + ": " + all2.next().toString());
            }
        }
        logger.debug("- Distinguished Name: " + searchResult.getNameInNamespace());
        if (attributes.get(AD_ATTR_NAME_USER_EMAIL) != null) {
            activeUser.setEmail(attributes.get(AD_ATTR_NAME_USER_EMAIL).get().toString());
        } else {
            activeUser.setEmail(AutoLoginLink.MODE_HOME);
        }
        if (attributes.get(AD_ATTR_NAME_FIRST_NAME) != null) {
            activeUser.setFirstName(attributes.get(AD_ATTR_NAME_FIRST_NAME).get().toString());
        } else {
            activeUser.setFirstName(AutoLoginLink.MODE_HOME);
        }
        if (attributes.get(AD_ATTR_NAME_LAST_NAME) != null) {
            activeUser.setLastName(attributes.get(AD_ATTR_NAME_LAST_NAME).get().toString());
        } else {
            activeUser.setLastName(AutoLoginLink.MODE_HOME);
        }
        if (attributes.get(AD_ATTR_NAME_DESCRIPTION) != null) {
            activeUser.setDescription(attributes.get(AD_ATTR_NAME_DESCRIPTION).get().toString());
        } else {
            activeUser.setDescription(AutoLoginLink.MODE_HOME);
        }
        logger.info("User data fetched successfully.");
        logger.debug("First: " + activeUser.getFirstName() + ", Last: " + activeUser.getLastName() + ", E-Mail: " + activeUser.getEmail() + ", Description: " + activeUser.getDescription());
        return activeUser;
    }

    private static String toDC(String str) {
        StringBuilder sb = new StringBuilder();
        for (String str2 : str.split("\\.")) {
            if (str2.length() != 0) {
                if (sb.length() > 0) {
                    sb.append(",");
                }
                sb.append("DC=").append(str2);
            }
        }
        return sb.toString();
    }
}
