package org.ldaptive.auth;

import java.util.Arrays;
import java.util.Map;
import java.util.Objects;
import java.util.stream.Stream;
import org.apache.cxf.staxutils.PropertiesExpandingStreamReader;
import org.ldaptive.ConnectionFactoryManager;
import org.ldaptive.Credential;
import org.ldaptive.LdapEntry;
import org.ldaptive.LdapException;
import org.ldaptive.LdapUtils;
import org.ldaptive.ReturnAttributes;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.PropertyAccessor;

/* loaded from: input_file:WEB-INF/lib/ldaptive-2.1.1.jar:org/ldaptive/auth/Authenticator.class */
public class Authenticator {
    private static final EntryResolver NOOP_RESOLVER = new NoOpEntryResolver();
    protected final Logger logger = LoggerFactory.getLogger(getClass());
    private DnResolver dnResolver;
    private AuthenticationHandler authenticationHandler;
    private EntryResolver entryResolver;
    private String[] returnAttributes;
    private AuthenticationRequestHandler[] requestHandlers;
    private AuthenticationResponseHandler[] responseHandlers;
    private boolean resolveEntryOnFailure;

    /* loaded from: input_file:WEB-INF/lib/ldaptive-2.1.1.jar:org/ldaptive/auth/Authenticator$Builder.class */
    public static class Builder {
        private final Authenticator object = new Authenticator();

        protected Builder() {
        }

        public Builder dnResolver(DnResolver dnResolver) {
            this.object.setDnResolver(dnResolver);
            return this;
        }

        public Builder authenticationHandler(AuthenticationHandler authenticationHandler) {
            this.object.setAuthenticationHandler(authenticationHandler);
            return this;
        }

        public Builder entryResolver(EntryResolver entryResolver) {
            this.object.setEntryResolver(entryResolver);
            return this;
        }

        public Builder requestHandlers(AuthenticationRequestHandler... authenticationRequestHandlerArr) {
            this.object.setRequestHandlers(authenticationRequestHandlerArr);
            return this;
        }

        public Builder responseHandlers(AuthenticationResponseHandler... authenticationResponseHandlerArr) {
            this.object.setResponseHandlers(authenticationResponseHandlerArr);
            return this;
        }

        public Builder returnAttributes(String... strArr) {
            this.object.setReturnAttributes(strArr);
            return this;
        }

        public Authenticator build() {
            return this.object;
        }
    }

    public Authenticator() {
    }

    public Authenticator(DnResolver dnResolver, AuthenticationHandler authenticationHandler) {
        setDnResolver(dnResolver);
        setAuthenticationHandler(authenticationHandler);
    }

    public DnResolver getDnResolver() {
        return this.dnResolver;
    }

    public void setDnResolver(DnResolver dnResolver) {
        this.dnResolver = dnResolver;
    }

    public AuthenticationHandler getAuthenticationHandler() {
        return this.authenticationHandler;
    }

    public void setAuthenticationHandler(AuthenticationHandler authenticationHandler) {
        this.authenticationHandler = authenticationHandler;
    }

    public EntryResolver getEntryResolver() {
        return this.entryResolver;
    }

    public void setEntryResolver(EntryResolver entryResolver) {
        this.entryResolver = entryResolver;
    }

    public boolean getResolveEntryOnFailure() {
        return this.resolveEntryOnFailure;
    }

    public void setResolveEntryOnFailure(boolean z) {
        this.resolveEntryOnFailure = z;
    }

    public String[] getReturnAttributes() {
        return this.returnAttributes;
    }

    public void setReturnAttributes(String... strArr) {
        this.returnAttributes = strArr;
    }

    public AuthenticationRequestHandler[] getRequestHandlers() {
        return this.requestHandlers;
    }

    public void setRequestHandlers(AuthenticationRequestHandler... authenticationRequestHandlerArr) {
        this.requestHandlers = authenticationRequestHandlerArr;
    }

    public AuthenticationResponseHandler[] getResponseHandlers() {
        return this.responseHandlers;
    }

    public void setResponseHandlers(AuthenticationResponseHandler... authenticationResponseHandlerArr) {
        this.responseHandlers = authenticationResponseHandlerArr;
    }

    public String resolveDn(User user) throws LdapException {
        return this.dnResolver.resolve(user);
    }

    public AuthenticationResponse authenticate(AuthenticationRequest authenticationRequest) throws LdapException {
        return authenticate(resolveDn(authenticationRequest.getUser()), authenticationRequest);
    }

    public void close() {
        Map<String, DnResolver> dnResolvers;
        Map<String, AuthenticationHandler> authenticationHandlers;
        Map<String, EntryResolver> entryResolvers;
        if (this.dnResolver instanceof ConnectionFactoryManager) {
            closeConnectionFactoryManagers((ConnectionFactoryManager) this.dnResolver);
        } else if ((this.dnResolver instanceof AggregateDnResolver) && (dnResolvers = ((AggregateDnResolver) this.dnResolver).getDnResolvers()) != null) {
            closeConnectionFactoryManagers((ConnectionFactoryManager[]) dnResolvers.values().toArray(new ConnectionFactoryManager[0]));
        }
        if (this.authenticationHandler instanceof ConnectionFactoryManager) {
            closeConnectionFactoryManagers((ConnectionFactoryManager) this.authenticationHandler);
        } else if ((this.authenticationHandler instanceof AggregateAuthenticationHandler) && (authenticationHandlers = ((AggregateAuthenticationHandler) this.authenticationHandler).getAuthenticationHandlers()) != null) {
            closeConnectionFactoryManagers((ConnectionFactoryManager[]) authenticationHandlers.values().toArray(new ConnectionFactoryManager[0]));
        }
        if (this.entryResolver instanceof ConnectionFactoryManager) {
            closeConnectionFactoryManagers((ConnectionFactoryManager) this.entryResolver);
        } else {
            if (!(this.entryResolver instanceof AggregateEntryResolver) || (entryResolvers = ((AggregateEntryResolver) this.entryResolver).getEntryResolvers()) == null) {
                return;
            }
            closeConnectionFactoryManagers((ConnectionFactoryManager[]) entryResolvers.values().toArray(new ConnectionFactoryManager[0]));
        }
    }

    private void closeConnectionFactoryManagers(ConnectionFactoryManager... connectionFactoryManagerArr) {
        if (connectionFactoryManagerArr != null) {
            Stream stream = Arrays.stream(connectionFactoryManagerArr);
            Class<ConnectionFactoryManager> cls = ConnectionFactoryManager.class;
            Objects.requireNonNull(ConnectionFactoryManager.class);
            Stream filter = stream.filter((v1) -> {
                return r1.isInstance(v1);
            });
            Class<ConnectionFactoryManager> cls2 = ConnectionFactoryManager.class;
            Objects.requireNonNull(ConnectionFactoryManager.class);
            filter.map((v1) -> {
                return r1.cast(v1);
            }).map((v0) -> {
                return v0.getConnectionFactory();
            }).filter((v0) -> {
                return Objects.nonNull(v0);
            }).forEach(connectionFactory -> {
                try {
                    connectionFactory.close();
                } catch (Exception e) {
                    this.logger.debug("Error closing connection factory {}", connectionFactory, e);
                }
            });
        }
    }

    protected AuthenticationResponse authenticate(String str, AuthenticationRequest authenticationRequest) throws LdapException {
        this.logger.trace("authenticate dn={} with request={}", str, authenticationRequest);
        AuthenticationResponse validateInput = validateInput(str, authenticationRequest);
        if (validateInput != null) {
            return validateInput;
        }
        AuthenticationRequest processRequest = processRequest(str, authenticationRequest);
        AuthenticationHandlerResponse authenticationHandlerResponse = null;
        try {
            AuthenticationCriteria authenticationCriteria = new AuthenticationCriteria(str, processRequest);
            authenticationHandlerResponse = getAuthenticationHandler().authenticate(authenticationCriteria);
            LdapEntry resolveEntry = resolveEntry(authenticationCriteria, authenticationHandlerResponse);
            if (authenticationHandlerResponse != null && authenticationHandlerResponse.getConnection() != null) {
                authenticationHandlerResponse.getConnection().close();
            }
            this.logger.info("Authentication {} for dn: {}", authenticationHandlerResponse.isSuccess() ? "succeeded" : "failed", str);
            AuthenticationResponse authenticationResponse = new AuthenticationResponse(authenticationHandlerResponse, str, resolveEntry);
            if (getResponseHandlers() != null && getResponseHandlers().length > 0) {
                for (AuthenticationResponseHandler authenticationResponseHandler : getResponseHandlers()) {
                    authenticationResponseHandler.handle(authenticationResponse);
                }
            }
            this.logger.debug("Authenticate response={} for dn={} with request={}", authenticationHandlerResponse, str, processRequest);
            return authenticationResponse;
        } catch (Throwable th) {
            if (authenticationHandlerResponse != null && authenticationHandlerResponse.getConnection() != null) {
                authenticationHandlerResponse.getConnection().close();
            }
            throw th;
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    protected AuthenticationResponse validateInput(String str, AuthenticationRequest authenticationRequest) {
        AuthenticationResponse authenticationResponse = null;
        Credential credential = authenticationRequest.getCredential();
        if (credential == null || credential.getBytes() == null) {
            authenticationResponse = (AuthenticationResponse) AuthenticationResponse.builder().response((AuthenticationHandlerResponse) AuthenticationHandlerResponse.builder().diagnosticMessage("Credential cannot be null").resultCode(AuthenticationResultCode.INVALID_CREDENTIAL).build()).dn(str).build();
        } else if (credential.getBytes().length == 0) {
            authenticationResponse = (AuthenticationResponse) AuthenticationResponse.builder().response((AuthenticationHandlerResponse) AuthenticationHandlerResponse.builder().diagnosticMessage("Credential cannot be empty").resultCode(AuthenticationResultCode.INVALID_CREDENTIAL).build()).dn(str).build();
        } else if (str == null) {
            authenticationResponse = (AuthenticationResponse) AuthenticationResponse.builder().response((AuthenticationHandlerResponse) AuthenticationHandlerResponse.builder().diagnosticMessage("DN cannot be null").resultCode(AuthenticationResultCode.DN_RESOLUTION_FAILURE).build()).dn(str).build();
        } else if (str.isEmpty()) {
            authenticationResponse = (AuthenticationResponse) AuthenticationResponse.builder().response((AuthenticationHandlerResponse) AuthenticationHandlerResponse.builder().diagnosticMessage("DN cannot be empty").resultCode(AuthenticationResultCode.DN_RESOLUTION_FAILURE).build()).dn(str).build();
        }
        return authenticationResponse;
    }

    /* JADX WARN: Type inference failed for: r2v2, types: [java.lang.Object[][], java.lang.String[]] */
    protected AuthenticationRequest processRequest(String str, AuthenticationRequest authenticationRequest) throws LdapException {
        if (this.returnAttributes == null && (getRequestHandlers() == null || getRequestHandlers().length == 0)) {
            return authenticationRequest;
        }
        AuthenticationRequest copy = AuthenticationRequest.copy(authenticationRequest);
        if (this.returnAttributes != null) {
            if (copy.getReturnAttributes() == null || ReturnAttributes.NONE.equalsAttributes(copy.getReturnAttributes())) {
                copy.setReturnAttributes(this.returnAttributes);
            } else {
                copy.setReturnAttributes((String[]) LdapUtils.concatArrays(copy.getReturnAttributes(), new String[]{this.returnAttributes}));
            }
        }
        if (getRequestHandlers() != null && getRequestHandlers().length > 0) {
            for (AuthenticationRequestHandler authenticationRequestHandler : getRequestHandlers()) {
                authenticationRequestHandler.handle(str, copy);
            }
        }
        return copy;
    }

    protected LdapEntry resolveEntry(AuthenticationCriteria authenticationCriteria, AuthenticationHandlerResponse authenticationHandlerResponse) throws LdapException {
        LdapEntry ldapEntry = null;
        if (this.resolveEntryOnFailure || authenticationHandlerResponse.isSuccess()) {
            EntryResolver createEntryResolver = this.entryResolver != null ? this.entryResolver : !ReturnAttributes.NONE.equalsAttributes(authenticationCriteria.getAuthenticationRequest().getReturnAttributes()) ? this.dnResolver instanceof AggregateDnResolver ? ((AggregateDnResolver) this.dnResolver).createEntryResolver(new SearchEntryResolver()) : new SearchEntryResolver() : NOOP_RESOLVER;
            try {
                ldapEntry = createEntryResolver.resolve(authenticationCriteria, authenticationHandlerResponse);
                this.logger.trace("resolved entry={} with resolver={}", ldapEntry, createEntryResolver);
            } catch (LdapException e) {
                this.logger.warn("entry resolution failed for resolver={}", createEntryResolver, e);
            }
        }
        if (ldapEntry == null) {
            ldapEntry = NOOP_RESOLVER.resolve(authenticationCriteria, authenticationHandlerResponse);
            this.logger.trace("resolved entry={} with resolver={}", ldapEntry, NOOP_RESOLVER);
        }
        return ldapEntry;
    }

    public String toString() {
        return PropertyAccessor.PROPERTY_KEY_PREFIX + getClass().getName() + PropertiesExpandingStreamReader.DELIMITER + hashCode() + "::dnResolver=" + this.dnResolver + ", authenticationHandler=" + this.authenticationHandler + ", entryResolver=" + this.entryResolver + ", returnAttributes=" + Arrays.toString(this.returnAttributes) + ", requestHandlers=" + Arrays.toString(this.requestHandlers) + ", responseHandlers=" + Arrays.toString(this.responseHandlers) + "]";
    }

    public static Builder builder() {
        return new Builder();
    }
}
