package com.centurylink.mdw.auth;

import java.util.Hashtable;
import javax.naming.CommunicationException;
import javax.naming.NamingException;
import javax.naming.directory.InitialDirContext;
import javax.net.ssl.SSLHandshakeException;

/* loaded from: input_file:com/centurylink/mdw/auth/LdapAuthenticator.class */
public class LdapAuthenticator implements Authenticator {
    public static final String DEFAULT_PROTOCOL = "ldap";
    public static final String DEFAULT_HOST = "ldap.qintra.com";
    public static final String DEFAULT_TEST_HOST = "ldapt.dev.qintra.com";
    public static final int DEFAULT_PORT = 1636;
    public static final String DEFAULT_BASE_DN = "dc=mnet,dc=qintra,dc=com";
    private String ldapUrl;
    private String baseDn;

    public LdapAuthenticator() {
        this("ldap://ldap.qintra.com:1636", DEFAULT_BASE_DN);
    }

    public LdapAuthenticator(String str) {
        this(str, DEFAULT_BASE_DN);
    }

    public LdapAuthenticator(String str, String str2) {
        this.ldapUrl = str;
        this.baseDn = str2;
    }

    @Override // com.centurylink.mdw.auth.Authenticator
    public void authenticate(String str, String str2) throws MdwSecurityException {
        try {
            authenticate(this.ldapUrl + "/" + this.baseDn, "uid=" + str + ",ou=people," + this.baseDn, str2);
        } catch (NamingException e) {
            throw new MdwSecurityException(e.getMessage(), (Throwable) e);
        }
    }

    public void authenticate(String str, String str2, String str3) throws NamingException, MdwSecurityException {
        try {
            Hashtable hashtable = new Hashtable();
            hashtable.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
            hashtable.put("java.naming.provider.url", str);
            hashtable.put("java.naming.security.protocol", "ssl");
            hashtable.put("java.naming.security.authentication", "simple");
            hashtable.put("java.naming.security.principal", str2);
            hashtable.put("java.naming.security.credentials", str3);
            new InitialDirContext(hashtable);
        } catch (javax.naming.AuthenticationException e) {
            throw new AuthenticationException("LDAP authentication failure", e);
        } catch (Exception e2) {
            throw new MdwSecurityException(e2.getMessage(), e2);
        } catch (CommunicationException e3) {
            if (!(e3.getCause() instanceof SSLHandshakeException)) {
                throw new MdwSecurityException(e3.getMessage(), (Throwable) e3);
            }
            throw new MdwSecurityException(MdwSecurityException.UNTRUSTED_CERT, "Untrusted SSL Certificate Chain", e3);
        }
    }

    @Override // com.centurylink.mdw.auth.Authenticator
    public String getKey() {
        return this.ldapUrl + "_" + this.baseDn;
    }

    public static void main(String[] strArr) {
        if (strArr.length != 2) {
            throw new RuntimeException("args: <user> <password>");
        }
        try {
            new LdapAuthenticator("ldap://ldapt.dev.qintra.com:1636", DEFAULT_BASE_DN).authenticate(strArr[0], strArr[1]);
            System.out.print("authenticated user " + strArr[0]);
        } catch (Exception e) {
            e.printStackTrace();
        }
    }
}
