package org.wso2.carbon.directory.tenant;

import java.security.MessageDigest;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import org.apache.axiom.om.util.Base64;
import org.apache.commons.collections.map.HashedMap;
import org.apache.directory.server.core.DirectoryService;
import org.apache.directory.server.core.entry.ClonedServerEntry;
import org.apache.directory.server.core.entry.ServerEntry;
import org.apache.directory.server.core.entry.ServerModification;
import org.apache.directory.server.core.interceptor.Interceptor;
import org.apache.directory.server.core.partition.Partition;
import org.apache.directory.server.core.partition.impl.btree.jdbm.JdbmIndex;
import org.apache.directory.server.core.partition.impl.btree.jdbm.JdbmPartition;
import org.apache.directory.server.core.subtree.SubentryInterceptor;
import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.entry.ModificationOperation;
import org.apache.directory.shared.ldap.name.LdapDN;
import org.apache.directory.shared.ldap.trigger.TriggerUtils;
import org.wso2.carbon.user.core.UserStoreException;
import org.wso2.carbon.user.core.tenant.LDAPTenantManager;
import org.wso2.carbon.user.core.tenant.Tenant;

/* loaded from: input_file:org/wso2/carbon/directory/tenant/LDAPTenantManagerService.class */
public class LDAPTenantManagerService implements LDAPTenantManager {
    private DirectoryService directoryService;

    public LDAPTenantManagerService(DirectoryService directoryService) {
        this.directoryService = null;
        this.directoryService = directoryService;
    }

    public int addTenant(Tenant tenant) throws UserStoreException {
        JdbmPartition addNewPartition = addNewPartition(tenant);
        try {
            this.directoryService.addPartition(addNewPartition);
            try {
                this.directoryService.getAdminSession().lookup(addNewPartition.getSuffixDn());
            } catch (Exception e) {
                ServerEntry newEntry = this.directoryService.newEntry(new LdapDN(getTenantSuffix(tenant.getDomain())));
                newEntry.add(SchemaConstants.OBJECT_CLASS_AT, SchemaConstants.TOP_OC, SchemaConstants.ORGANIZATION_OC, SchemaConstants.EXTENSIBLE_OBJECT_OC);
                newEntry.add(SchemaConstants.O_AT, tenant.getDomain());
                newEntry.add("manager", "uid=" + tenant.getAdminName() + "," + addNewPartition.getSuffix());
                newEntry.add(TriggerUtils.ADMINISTRATIVE_ROLE_ATTR, SubentryInterceptor.AC_AREA);
                this.directoryService.getAdminSession().add(newEntry);
                addAdminACLEntry(tenant, addNewPartition.getSuffix());
                addAdmin(tenant, addNewPartition.getSuffix());
                ServerEntry newEntry2 = this.directoryService.newEntry(new LdapDN("ou=users," + addNewPartition.getSuffixDn()));
                newEntry2.add(SchemaConstants.OBJECT_CLASS_AT, SchemaConstants.ORGANIZATIONAL_UNIT_OC, SchemaConstants.TOP_OC);
                newEntry2.add(SchemaConstants.OU_AT, "users");
                this.directoryService.getAdminSession().add(newEntry2);
                this.directoryService.sync();
            }
            return tenant.getId();
        } catch (Exception e2) {
            throw new UserStoreException("Could not add the partition ", e2);
        }
    }

    private JdbmPartition addNewPartition(Tenant tenant) {
        JdbmPartition jdbmPartition = new JdbmPartition();
        jdbmPartition.setId(String.valueOf(tenant.getId()));
        jdbmPartition.setSuffix(getTenantSuffix(tenant.getDomain()));
        HashSet hashSet = new HashSet();
        hashSet.add(new JdbmIndex(SchemaConstants.OU_AT));
        hashSet.add(new JdbmIndex("dc"));
        hashSet.add(new JdbmIndex(SchemaConstants.OBJECT_CLASS_AT));
        hashSet.add(new JdbmIndex(SchemaConstants.CN_AT));
        jdbmPartition.setIndexedAttributes(hashSet);
        return jdbmPartition;
    }

    public void updateTenant(Tenant tenant) throws UserStoreException {
        try {
            Partition partition = null;
            Iterator<? extends Partition> it = this.directoryService.getPartitions().iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                Partition next = it.next();
                if (Integer.parseInt(next.getId()) == tenant.getId()) {
                    partition = next;
                    break;
                }
            }
            if (partition == null) {
                throw new UserStoreException("Can not find the tanent id ");
            }
            if (getTenantSuffix(tenant.getDomain()).equals(partition.getSuffix())) {
                String suffix = partition.getSuffix();
                LdapDN ldapDN = new LdapDN(suffix);
                String string = this.directoryService.getAdminSession().lookup(ldapDN).get("manager").getString();
                HashedMap hashedMap = new HashedMap();
                hashedMap.put("manager", "uid=" + tenant.getAdminName() + "," + suffix);
                modifyAttribute(ldapDN, hashedMap);
                this.directoryService.getAdminSession().delete(new LdapDN("cn=adminACLEntry," + suffix));
                addAdminACLEntry(tenant, suffix);
                this.directoryService.getAdminSession().delete(new LdapDN(string));
                addAdmin(tenant, suffix);
            } else {
                deleteTenant(tenant.getId());
                addTenant(tenant);
            }
        } catch (Exception e) {
            throw new UserStoreException("Can not update the tenant ", e);
        }
    }

    private void modifyAttribute(LdapDN ldapDN, Map<String, String> map) throws Exception {
        ClonedServerEntry lookup = this.directoryService.getAdminSession().lookup(ldapDN);
        ArrayList arrayList = null;
        for (String str : map.keySet()) {
            lookup.remove(lookup.get(str));
            lookup.add(str, map.get(str));
            ServerModification serverModification = new ServerModification(ModificationOperation.REPLACE_ATTRIBUTE, lookup.get(str));
            arrayList = new ArrayList();
            arrayList.add(serverModification);
        }
        this.directoryService.getAdminSession().modify(ldapDN, arrayList);
    }

    public void deleteTenant(int i) throws UserStoreException {
        try {
            for (Partition partition : this.directoryService.getPartitions()) {
                if (partition.getId().equals(String.valueOf(i))) {
                    this.directoryService.removePartition(partition);
                }
            }
        } catch (Exception e) {
            throw new UserStoreException("Can not read the tenant values", e);
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r2v17, types: [byte[], byte[][]] */
    private void addAdmin(Tenant tenant, String str) throws Exception {
        ServerEntry newEntry = this.directoryService.newEntry(new LdapDN("uid=" + tenant.getAdminName() + "," + str));
        newEntry.add(SchemaConstants.OBJECT_CLASS_AT, SchemaConstants.INET_ORG_PERSON_OC, SchemaConstants.ORGANIZATIONAL_PERSON_OC, SchemaConstants.PERSON_OC, SchemaConstants.TOP_OC);
        newEntry.add(SchemaConstants.UID_AT, tenant.getAdminName());
        newEntry.add(SchemaConstants.SN_AT, tenant.getAdminName());
        newEntry.add(SchemaConstants.CN_AT, tenant.getAdminName());
        newEntry.add("mail", tenant.getEmail());
        newEntry.put(SchemaConstants.USER_PASSWORD_AT, (byte[][]) new byte[]{("{SHA}" + Base64.encode(MessageDigest.getInstance("SHA").digest(tenant.getAdminPassword().getBytes()))).getBytes()});
        this.directoryService.getAdminSession().add(newEntry);
    }

    private void addAdminACLEntry(Tenant tenant, String str) throws Exception {
        ServerEntry newEntry = this.directoryService.newEntry(new LdapDN("cn=adminACLEntry," + str));
        newEntry.add(SchemaConstants.OBJECT_CLASS_AT, SchemaConstants.ACCESS_CONTROL_SUBENTRY_OC, SchemaConstants.SUBENTRY_OC, SchemaConstants.TOP_OC);
        newEntry.add(SchemaConstants.CN_AT, "adminACLEntry");
        newEntry.add(SchemaConstants.PRESCRIPTIVE_ACI_AT, "{ identificationTag \"adminACLEntryTag\", precedence 1, authenticationLevel simple, itemOrUserFirst userFirst: { userClasses { name { \"uid=" + tenant.getAdminName() + "," + str + "\" } }, userPermissions { { protectedItems { entry, allUserAttributeTypesAndValues }, grantsAndDenials { grantBrowse, grantFilterMatch, grantModify, grantAdd, grantCompare, grantRename, grantRead, grantReturnDN, grantImport, grantInvoke, grantRemove, grantExport, grantDiscloseOnError } } } } }");
        newEntry.add(SchemaConstants.SUBTREE_SPECIFICATION_AT, "{ }");
        this.directoryService.getAdminSession().add(newEntry);
    }

    private String getTenantSuffix(String str) {
        String[] split = str.split("\\.");
        StringBuffer stringBuffer = new StringBuffer();
        for (String str2 : split) {
            stringBuffer.append(",dc=").append(str2);
        }
        return stringBuffer.toString().replaceFirst(",", "");
    }

    public void addPartitionToTenant(Tenant tenant) throws UserStoreException {
        try {
            this.directoryService.addPartition(addNewPartition(tenant));
            this.directoryService.sync();
            Iterator<Interceptor> it = this.directoryService.getInterceptors().iterator();
            while (it.hasNext()) {
                it.next().init(this.directoryService);
            }
        } catch (Exception e) {
            throw new UserStoreException("Can not add the new partition ", e);
        }
    }
}
