package org.wso2.carbon.user.core.hybrid.ldap;

import java.util.Hashtable;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.DirContext;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.naming.ldap.Control;
import javax.naming.ldap.InitialLdapContext;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.user.core.Authenticator;
import org.wso2.carbon.user.core.AuthenticatorException;
import org.wso2.carbon.user.core.UserStoreException;
import org.wso2.carbon.user.core.util.JNDIUtil;

/* loaded from: input_file:org/wso2/carbon/user/core/hybrid/ldap/LDAPAuthenticator.class */
public class LDAPAuthenticator implements Authenticator {
    private static Log log = LogFactory.getLog(LDAPAuthenticator.class);
    private LDAPRealmConfig config;

    public LDAPAuthenticator(LDAPRealmConfig lDAPRealmConfig) {
        this.config = null;
        this.config = lDAPRealmConfig;
    }

    @Override // org.wso2.carbon.user.core.Authenticator
    public boolean authenticate(String str, Object obj) throws AuthenticatorException {
        if (str == null || obj == null) {
            return false;
        }
        String trim = str.trim();
        String trim2 = ((String) obj).trim();
        if (trim.equals("") || trim2.equals("")) {
            return false;
        }
        boolean z = false;
        String[] strArr = new String[0];
        SearchControls searchControls = new SearchControls();
        searchControls.setSearchScope(2);
        try {
            String str2 = null;
            NamingEnumeration search = this.config.getContext().search(this.config.getUserContextName(), "(&(objectClass=person)(" + this.config.getUidSearchName() + "=" + trim + "))", searchControls);
            int i = 0;
            SearchResult searchResult = null;
            while (search.hasMoreElements()) {
                SearchResult searchResult2 = (SearchResult) search.next();
                if (i > 0) {
                    log.error("More than one user exist for the same name");
                }
                i++;
                searchResult = searchResult2;
            }
            if (searchResult != null) {
                str2 = searchResult.getNameInNamespace();
            }
            if (str2 != null) {
                z = bindAsUser(this.config.getContext(), str2, (String) obj);
            }
            return z;
        } catch (Exception e) {
            log.error("Unable to authenticate", e);
            throw new AuthenticatorException("Authentication failure", e);
        }
    }

    protected boolean bindAsUser(DirContext dirContext, String str, String str2) throws NamingException, AuthenticatorException, UserStoreException {
        boolean z = false;
        Hashtable hashtable = new Hashtable();
        hashtable.put("java.naming.factory.initial", this.config.getDriverName());
        hashtable.put("java.naming.security.principal", str);
        hashtable.put("java.naming.provider.url", this.config.getConnectionURL());
        hashtable.put("java.naming.security.authentication", "simple");
        hashtable.put("java.naming.security.credentials", str2);
        DirContext dirContext2 = null;
        try {
            try {
                dirContext2 = new InitialLdapContext(hashtable, (Control[]) null);
                z = true;
                JNDIUtil.closeContext(dirContext2);
            } catch (Exception e) {
                if (log.isDebugEnabled()) {
                    log.debug("Failed to authenticate using single hash password", e);
                }
                JNDIUtil.closeContext(dirContext2);
            }
            return z;
        } catch (Throwable th) {
            JNDIUtil.closeContext(dirContext2);
            throw th;
        }
    }
}
