package org.springframework.security.ldap;

import java.util.Hashtable;
import java.util.Map;
import java.util.StringTokenizer;
import javax.naming.AuthenticationException;
import javax.naming.CommunicationException;
import javax.naming.NamingException;
import javax.naming.OperationNotSupportedException;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import javax.naming.ldap.Control;
import javax.naming.ldap.InitialLdapContext;
import oracle.jdbc.OracleConnection;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.beans.factory.xml.BeanDefinitionParserDelegate;
import org.springframework.context.MessageSource;
import org.springframework.context.MessageSourceAware;
import org.springframework.context.support.MessageSourceAccessor;
import org.springframework.dao.DataAccessException;
import org.springframework.ldap.UncategorizedLdapException;
import org.springframework.ldap.core.DistinguishedName;
import org.springframework.security.BadCredentialsException;
import org.springframework.security.SpringSecurityMessageSource;
import org.springframework.util.Assert;

/* loaded from: input_file:WEB-INF/lib/spring-security-core-2.0.7.RELEASE.jar:org/springframework/security/ldap/DefaultInitialDirContextFactory.class */
public class DefaultInitialDirContextFactory implements InitialDirContextFactory, SpringSecurityContextSource, MessageSourceAware {
    private static final Log logger;
    private static final String CONNECTION_POOL_KEY = "com.sun.jndi.ldap.connect.pool";
    private static final String AUTH_TYPE_NONE = "none";
    private Map extraEnvVars = null;
    protected MessageSourceAccessor messages = SpringSecurityMessageSource.getAccessor();
    private String authenticationType = BeanDefinitionParserDelegate.DEPENDENCY_CHECK_SIMPLE_ATTRIBUTE_VALUE;
    private String initialContextFactory = "com.sun.jndi.ldap.LdapCtxFactory";
    private String dirObjectFactoryClass;
    private String managerDn;
    private String managerPassword;
    private String providerUrl;
    private String rootDn;
    private boolean useConnectionPool;
    private boolean useLdapContext;
    static Class class$org$springframework$security$ldap$DefaultInitialDirContextFactory;
    static Class class$org$springframework$ldap$core$support$DefaultDirObjectFactory;

    public DefaultInitialDirContextFactory(String str) {
        Class cls;
        if (class$org$springframework$ldap$core$support$DefaultDirObjectFactory == null) {
            cls = class$("org.springframework.ldap.core.support.DefaultDirObjectFactory");
            class$org$springframework$ldap$core$support$DefaultDirObjectFactory = cls;
        } else {
            cls = class$org$springframework$ldap$core$support$DefaultDirObjectFactory;
        }
        this.dirObjectFactoryClass = cls.getName();
        this.managerDn = null;
        this.managerPassword = "manager_password_not_set";
        this.rootDn = null;
        this.useConnectionPool = true;
        this.useLdapContext = false;
        setProviderUrl(str);
    }

    private void setProviderUrl(String str) {
        Assert.hasLength(str, "An LDAP connection URL must be supplied.");
        this.providerUrl = str;
        StringTokenizer stringTokenizer = new StringTokenizer(str);
        while (stringTokenizer.hasMoreTokens()) {
            String nextToken = stringTokenizer.nextToken();
            String parseRootDnFromUrl = LdapUtils.parseRootDnFromUrl(nextToken);
            logger.info(new StringBuffer().append(" URL '").append(nextToken).append("', root DN is '").append(parseRootDnFromUrl).append("'").toString());
            if (this.rootDn == null) {
                this.rootDn = parseRootDnFromUrl;
            } else if (!this.rootDn.equals(parseRootDnFromUrl)) {
                throw new IllegalArgumentException("Root DNs must be the same when using multiple URLs");
            }
        }
    }

    private String getProviderUrl() {
        return this.providerUrl;
    }

    private InitialDirContext connect(Hashtable hashtable) {
        if (logger.isDebugEnabled()) {
            Hashtable hashtable2 = (Hashtable) hashtable.clone();
            if (hashtable2.containsKey(OracleConnection.CONNECTION_PROPERTY_THIN_NAMING_SECURITY_CREDENTIALS)) {
                hashtable2.put(OracleConnection.CONNECTION_PROPERTY_THIN_NAMING_SECURITY_CREDENTIALS, "******");
            }
            logger.debug(new StringBuffer().append("Creating InitialDirContext with environment ").append(hashtable2).toString());
        }
        try {
            return this.useLdapContext ? new InitialLdapContext(hashtable, (Control[]) null) : new InitialDirContext(hashtable);
        } catch (NamingException e) {
            if ((e instanceof AuthenticationException) || (e instanceof OperationNotSupportedException)) {
                throw new BadCredentialsException(this.messages.getMessage("DefaultIntitalDirContextFactory.badCredentials", "Bad credentials"), (Throwable) e);
            }
            if (e instanceof CommunicationException) {
                throw new UncategorizedLdapException(this.messages.getMessage("DefaultIntitalDirContextFactory.communicationFailure", "Unable to connect to LDAP server"), e);
            }
            throw new UncategorizedLdapException(this.messages.getMessage("DefaultIntitalDirContextFactory.unexpectedException", "Failed to obtain InitialDirContext due to unexpected exception"), e);
        }
    }

    protected Hashtable getEnvironment() {
        Hashtable hashtable = new Hashtable();
        hashtable.put(OracleConnection.CONNECTION_PROPERTY_THIN_NAMING_SECURITY_AUTHENTICATION, this.authenticationType);
        hashtable.put("java.naming.factory.initial", this.initialContextFactory);
        hashtable.put("java.naming.provider.url", getProviderUrl());
        if (this.useConnectionPool) {
            hashtable.put(CONNECTION_POOL_KEY, "true");
        }
        if (this.extraEnvVars != null && this.extraEnvVars.size() > 0) {
            hashtable.putAll(this.extraEnvVars);
        }
        return hashtable;
    }

    @Override // org.springframework.security.ldap.InitialDirContextFactory
    public String getRootDn() {
        return this.rootDn;
    }

    @Override // org.springframework.security.ldap.InitialDirContextFactory
    public DirContext newInitialDirContext() {
        if (this.managerDn != null) {
            return newInitialDirContext(this.managerDn, this.managerPassword);
        }
        Hashtable environment = getEnvironment();
        environment.put(OracleConnection.CONNECTION_PROPERTY_THIN_NAMING_SECURITY_AUTHENTICATION, "none");
        return connect(environment);
    }

    @Override // org.springframework.security.ldap.InitialDirContextFactory
    public DirContext newInitialDirContext(String str, String str2) {
        Hashtable environment = getEnvironment();
        if (!str.equals(this.managerDn)) {
            environment.remove(CONNECTION_POOL_KEY);
        }
        environment.put(OracleConnection.CONNECTION_PROPERTY_THIN_NAMING_SECURITY_PRINCIPAL, str);
        environment.put(OracleConnection.CONNECTION_PROPERTY_THIN_NAMING_SECURITY_CREDENTIALS, str2);
        if (this.dirObjectFactoryClass != null) {
            environment.put("java.naming.factory.object", this.dirObjectFactoryClass);
        }
        return connect(environment);
    }

    public DirContext getReadOnlyContext() throws DataAccessException {
        return newInitialDirContext();
    }

    public DirContext getReadWriteContext() throws DataAccessException {
        return newInitialDirContext();
    }

    public void setAuthenticationType(String str) {
        Assert.hasLength(str, "LDAP Authentication type must not be empty or null");
        this.authenticationType = str;
    }

    public void setExtraEnvVars(Map map) {
        Assert.notNull(map, "Extra environment map cannot be null.");
        this.extraEnvVars = map;
    }

    public void setInitialContextFactory(String str) {
        Assert.hasLength(str, "Initial context factory name cannot be empty or null");
        this.initialContextFactory = str;
    }

    public void setManagerDn(String str) {
        Assert.hasLength(str, "Manager user name  cannot be empty or null.");
        this.managerDn = str;
    }

    public void setManagerPassword(String str) {
        Assert.hasLength(str, "Manager password must not be empty or null.");
        this.managerPassword = str;
    }

    @Override // org.springframework.context.MessageSourceAware
    public void setMessageSource(MessageSource messageSource) {
        this.messages = new MessageSourceAccessor(messageSource);
    }

    public void setUseConnectionPool(boolean z) {
        this.useConnectionPool = z;
    }

    public void setUseLdapContext(boolean z) {
        this.useLdapContext = z;
    }

    public void setDirObjectFactory(String str) {
        this.dirObjectFactoryClass = str;
    }

    @Override // org.springframework.security.ldap.SpringSecurityContextSource
    public DirContext getReadWriteContext(String str, Object obj) {
        return newInitialDirContext(str, (String) obj);
    }

    public DistinguishedName getBaseLdapPath() {
        return new DistinguishedName(this.rootDn);
    }

    public String getBaseLdapPathAsString() {
        return getBaseLdapPath().toString();
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$org$springframework$security$ldap$DefaultInitialDirContextFactory == null) {
            cls = class$("org.springframework.security.ldap.DefaultInitialDirContextFactory");
            class$org$springframework$security$ldap$DefaultInitialDirContextFactory = cls;
        } else {
            cls = class$org$springframework$security$ldap$DefaultInitialDirContextFactory;
        }
        logger = LogFactory.getLog(cls);
    }
}
