package org.clazzes.login.ldap;

import java.net.PasswordAuthentication;
import java.net.URI;
import java.net.URISyntaxException;
import java.util.Dictionary;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Vector;
import java.util.function.BiFunction;
import org.osgi.service.blueprint.container.ServiceUnavailableException;
import org.osgi.service.cm.ConfigurationException;
import org.osgi.service.cm.ManagedService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/clazzes/login/ldap/ConfigurationService.class */
public class ConfigurationService implements ManagedService {
    public static final String CONFIG_PID = "org.clazzes.login.ldap";
    public static final String AUTHMETHOD_BINDADS = "bindAds";
    public static final String AUTHMETHOD_SEARCH_AND_BIND = "searchAndBind";
    private static final String DEFAULT_USER_ATTRIBUTE = "samAccountName";
    private static final String DEFAULT_PRETTYNAME_ATTRIBUTE = "cn";
    private static final String DEFAULT_EMAILADDRESS_ATTRIBUTE = "mail";
    private static final String DEFAULT_AUTH_MECHANISM = "simple";
    private BiFunction<String, String, String> secretsService;
    private static final Logger log = LoggerFactory.getLogger(ConfigurationService.class);
    private static final String DEFAULT_ALLOW_EMPTY_PASSWORDS = Boolean.toString(false);
    private static final String DEFAULT_ALLOW_GROUPS_FOR_DISABLED = Boolean.toString(true);
    private String defaultDomain = null;
    private final Map<String, DomainConfig> domainControllers = new HashMap();

    public synchronized void updated(Dictionary<String, ?> dictionary) throws ConfigurationException {
        Object obj = dictionary == null ? null : dictionary.get("defaultDomain");
        if (obj != null) {
            this.defaultDomain = obj.toString();
            if (log.isDebugEnabled()) {
                log.debug("Setting default domain to [{}].", this.defaultDomain);
            }
        } else {
            this.defaultDomain = null;
            if (log.isDebugEnabled()) {
                log.debug("Setting default domain to default [{}].", this.defaultDomain);
            }
        }
        this.domainControllers.clear();
        if (dictionary != null) {
            Enumeration<String> keys = dictionary.keys();
            while (keys.hasMoreElements()) {
                String nextElement = keys.nextElement();
                if (nextElement.startsWith("domain.") && nextElement.endsWith(".controllerUri")) {
                    String substring = nextElement.substring(7, nextElement.length() - 14);
                    String obj2 = dictionary.get(nextElement).toString();
                    try {
                        URI uri = new URI(obj2);
                        if (log.isDebugEnabled()) {
                            log.debug("Setting controller for domain [{}] to [{}].", substring, uri);
                        }
                        Object obj3 = dictionary.get("domain." + substring + ".bindUser");
                        PasswordAuthentication passwordAuthentication = null;
                        if (obj3 != null) {
                            Object obj4 = dictionary.get("domain." + substring + ".bindPassword");
                            String obj5 = obj4 == null ? "" : obj4.toString();
                            if (log.isDebugEnabled()) {
                                log.debug("Setting bind credentials for domain [{}] to [{}].", substring, obj3);
                            }
                            if (obj5.startsWith("secret::")) {
                                String substring2 = obj5.substring(8);
                                try {
                                    obj5 = this.secretsService.apply(CONFIG_PID, substring2);
                                    log.info("Resolved password secret [{}] from OSGi secrets service.", substring2);
                                } catch (ServiceUnavailableException e) {
                                    log.warn("Cannot resolve password secret with no secrets service available.");
                                }
                            }
                            passwordAuthentication = new PasswordAuthentication(obj3.toString(), obj5.toString().toCharArray());
                        }
                        String propOrDefault = getPropOrDefault(dictionary, substring, "authMethod", getPropOrDefault(dictionary, substring, "autMethod", AUTHMETHOD_SEARCH_AND_BIND));
                        String propOrDefault2 = getPropOrDefault(dictionary, substring, "userAttribute", DEFAULT_USER_ATTRIBUTE);
                        this.domainControllers.put(substring, new DomainConfig(substring, uri, passwordAuthentication, propOrDefault, propOrDefault2, getPropOrDefault(dictionary, substring, "groupAttribute", propOrDefault2), getPropOrDefault(dictionary, substring, "prettyNameAttribute", DEFAULT_PRETTYNAME_ATTRIBUTE), getPropOrDefault(dictionary, substring, "eMailAddressAttribute", DEFAULT_EMAILADDRESS_ATTRIBUTE), getPropOrDefault(dictionary, substring, "mobileAttribute", (String) null), getPropOrDefault(dictionary, substring, "tokenIdsAttribute", (String) null), Boolean.parseBoolean(getPropOrDefault(dictionary, substring, "allowEmptyPasswords", DEFAULT_ALLOW_EMPTY_PASSWORDS)), Boolean.parseBoolean(getPropOrDefault(dictionary, substring, "allowGroupsForDisabledUser", DEFAULT_ALLOW_GROUPS_FOR_DISABLED)), getPropOrDefault(dictionary, substring, "authMechanism", DEFAULT_AUTH_MECHANISM), getPropOrDefault(dictionary, substring, "baseDnToUsers", ""), getPropOrDefault(dictionary, substring, "baseDnToGroups", ""), getPropOrDefault(dictionary, substring, "groupCacheSeconds", 300L), getPropOrDefault(dictionary, substring, "groupTimeoutSeconds", 30L)));
                    } catch (URISyntaxException e2) {
                        throw new ConfigurationException("domainControllers", "Invalid format of domain controller URI [" + obj2 + "]: Invalid URI syntax: " + e2.getMessage());
                    }
                }
            }
        }
    }

    private String getPropOrDefault(Dictionary<String, ?> dictionary, String str, String str2, String str3) {
        Object obj = dictionary.get("domain." + str + "." + str2);
        if (obj == null) {
            if (log.isDebugEnabled()) {
                log.debug("Setting {} for domain [{}] to default [{}].", new Object[]{str2, str, str3});
            }
            return str3;
        }
        if (log.isDebugEnabled()) {
            log.debug("Setting {} for domain [{}] to [{}].", new Object[]{str2, str, obj});
        }
        return obj.toString();
    }

    private long getPropOrDefault(Dictionary<String, ?> dictionary, String str, String str2, long j) {
        Object obj = dictionary.get("domain." + str + "." + str2);
        if (obj == null) {
            if (log.isDebugEnabled()) {
                log.debug("Setting {} for domain [{}] to default [{}].", new Object[]{str2, str, Long.valueOf(j)});
            }
            return j;
        }
        if (log.isDebugEnabled()) {
            log.debug("Setting {} for domain [{}] to [{}].", new Object[]{str2, str, obj});
        }
        return Long.parseLong(obj.toString());
    }

    public synchronized String getDefaultDomain() {
        return this.defaultDomain;
    }

    public synchronized List<String> getDomains() {
        Vector vector = new Vector(this.domainControllers.size());
        vector.addAll(this.domainControllers.keySet());
        return vector;
    }

    public synchronized void setDefaultDomain(String str) {
        this.defaultDomain = str;
    }

    public synchronized DomainConfig getDomainController(String str) {
        return this.domainControllers.get(str);
    }

    public void setSecretsService(BiFunction<String, String, String> biFunction) {
        this.secretsService = biFunction;
    }
}
