package org.ldaptive.auth;

import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;
import org.ldaptive.CompareRequest;
import org.ldaptive.CompareResponse;
import org.ldaptive.Connection;
import org.ldaptive.ConnectionFactory;
import org.ldaptive.Credential;
import org.ldaptive.LdapException;
import org.ldaptive.LdapUtils;
import org.ldaptive.ResultCode;
import org.springframework.beans.PropertyAccessor;

/* loaded from: input_file:WEB-INF/lib/ldaptive-2.1.0.jar:org/ldaptive/auth/CompareAuthenticationHandler.class */
public class CompareAuthenticationHandler extends AbstractAuthenticationHandler {
    protected static final String DEFAULT_SCHEME = "SHA:SHA";
    protected static final String DEFAULT_ATTRIBUTE = "userPassword";
    private Scheme passwordScheme = new Scheme(DEFAULT_SCHEME);
    private String passwordAttribute = DEFAULT_ATTRIBUTE;

    /* loaded from: input_file:WEB-INF/lib/ldaptive-2.1.0.jar:org/ldaptive/auth/CompareAuthenticationHandler$Scheme.class */
    public static class Scheme {
        private final String label;
        private final String algorithm;

        public Scheme(String str) {
            String[] split = str.split(":", 2);
            this.label = split[0];
            this.algorithm = split.length == 2 ? split[1] : split[0];
        }

        public Scheme(String str, String str2) {
            this.label = str;
            this.algorithm = str2;
        }

        public String getLabel() {
            return this.label;
        }

        public String getAlgorithm() {
            return this.algorithm;
        }

        public String toString() {
            return String.format("%s:%s", this.label, this.algorithm);
        }
    }

    public CompareAuthenticationHandler() {
    }

    public CompareAuthenticationHandler(ConnectionFactory connectionFactory) {
        setConnectionFactory(connectionFactory);
    }

    public String getPasswordScheme() {
        return this.passwordScheme.toString();
    }

    public void setPasswordScheme(String str) {
        this.passwordScheme = new Scheme(str);
    }

    public String getPasswordAttribute() {
        return this.passwordAttribute;
    }

    public void setPasswordAttribute(String str) {
        this.passwordAttribute = str;
    }

    @Override // org.ldaptive.auth.AbstractAuthenticationHandler
    protected AuthenticationHandlerResponse authenticateInternal(Connection connection, AuthenticationCriteria authenticationCriteria) throws LdapException {
        CompareResponse execute = connection.operation((CompareRequest) ((CompareRequest.Builder) CompareRequest.builder().controls(processRequestControls(authenticationCriteria))).dn(authenticationCriteria.getDn()).name(this.passwordAttribute).value(String.format("{%s}%s", this.passwordScheme.getLabel(), LdapUtils.base64Encode(digestCredential(authenticationCriteria.getCredential(), this.passwordScheme.getAlgorithm())))).build()).execute();
        return new AuthenticationHandlerResponse(execute, execute.isTrue() ? AuthenticationResultCode.AUTHENTICATION_HANDLER_SUCCESS : AuthenticationResultCode.AUTHENTICATION_HANDLER_FAILURE, connection);
    }

    protected byte[] digestCredential(Credential credential, String str) throws LdapException {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance(str);
            messageDigest.update(credential.getBytes());
            return messageDigest.digest();
        } catch (NoSuchAlgorithmException e) {
            throw new LdapException(ResultCode.AUTH_UNKNOWN, e);
        }
    }

    public String toString() {
        return PropertyAccessor.PROPERTY_KEY_PREFIX + getClass().getName() + "@" + hashCode() + "::factory=" + getConnectionFactory() + ", passwordAttribute=" + this.passwordAttribute + ", passwordScheme=" + this.passwordScheme + ", controls=" + Arrays.toString(getAuthenticationControls()) + "]";
    }
}
