package org.wso2.authenticator.ldap;

import java.text.MessageFormat;
import java.util.Hashtable;
import javax.naming.AuthenticationException;
import javax.naming.NamingException;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.authenticator.Authenticator;
import org.wso2.authenticator.AuthenticatorException;
import org.wso2.authenticator.help.UserHelpInfo;

/* loaded from: input_file:org/wso2/authenticator/ldap/LDAPAuthenticator.class */
public class LDAPAuthenticator implements Authenticator {
    private static Log log = LogFactory.getLog(LDAPAuthenticator.class);
    private DirContext context = null;
    private String connectionName = null;
    private String connectionPass = null;
    private String userPattern = null;
    private String driverName = null;
    private String connectionUrl = null;

    @Override // org.wso2.authenticator.Authenticator
    public boolean authenticate(String str, Object obj) throws AuthenticatorException {
        try {
            open();
            if (obj instanceof String) {
                return bindAsUser(this.context, MessageFormat.format(this.userPattern, str), (String) obj);
            }
            throw new AuthenticatorException("Can handle onlyl string type credentials");
        } catch (NamingException e) {
            log.debug("Unable to authenticate", e);
            throw new AuthenticatorException("exceptionOnAuthenticate", e);
        }
    }

    protected boolean bindAsUser(DirContext dirContext, String str, String str2) throws NamingException, AuthenticatorException {
        if (str2 == null || str == null) {
            return false;
        }
        if (log.isTraceEnabled()) {
            log.trace("validatingCredentials");
        }
        dirContext.addToEnvironment("java.naming.security.principal", str);
        dirContext.addToEnvironment("java.naming.security.credentials", str2);
        try {
            try {
                if (log.isTraceEnabled()) {
                    log.trace("binding as " + str);
                }
                dirContext.getAttributes("", (String[]) null);
                if (this.connectionName != null) {
                    dirContext.addToEnvironment("java.naming.security.principal", this.connectionName);
                } else {
                    dirContext.removeFromEnvironment("java.naming.security.principal");
                }
                if (this.connectionPass != null) {
                    dirContext.addToEnvironment("java.naming.security.credentials", this.connectionPass);
                } else {
                    dirContext.removeFromEnvironment("java.naming.security.credentials");
                }
                return true;
            } catch (AuthenticationException e) {
                log.debug(e.getMessage(), e);
                throw new AuthenticatorException(e);
            }
        } catch (Throwable th) {
            if (this.connectionName != null) {
                dirContext.addToEnvironment("java.naming.security.principal", this.connectionName);
            } else {
                dirContext.removeFromEnvironment("java.naming.security.principal");
            }
            if (this.connectionPass != null) {
                dirContext.addToEnvironment("java.naming.security.credentials", this.connectionPass);
            } else {
                dirContext.removeFromEnvironment("java.naming.security.credentials");
            }
            throw th;
        }
    }

    public DirContext open() throws NamingException {
        if (this.context != null) {
            return this.context;
        }
        try {
            this.context = new InitialDirContext(getDirectoryContextEnvironment());
        } catch (NamingException e) {
            this.context = new InitialDirContext(getDirectoryContextEnvironment());
        }
        return this.context;
    }

    protected Hashtable getDirectoryContextEnvironment() {
        Hashtable hashtable = new Hashtable();
        hashtable.put("java.naming.factory.initial", this.driverName);
        if (this.connectionName != null) {
            hashtable.put("java.naming.security.principal", this.connectionName);
        }
        if (this.connectionPass != null) {
            hashtable.put("java.naming.security.credentials", this.connectionPass);
        }
        if (this.connectionUrl != null) {
            hashtable.put("java.naming.provider.url", this.connectionUrl);
        }
        return hashtable;
    }

    @UserHelpInfo(isRequired = true, getHelpText = "e.g. cn=root,dc=wso2,dc=com")
    public void setConnectionName(String str) {
        this.connectionName = str;
    }

    @UserHelpInfo(isRequired = true, getHelpText = "Password of the connection user name")
    public void setConnectionPass(String str) {
        this.connectionPass = str;
    }

    @UserHelpInfo(isRequired = true, getHelpText = "e.g. uid={0},dc=wso2,dc=com")
    public void setUserPattern(String str) {
        this.userPattern = str;
    }

    public void setDriverName(String str) {
        this.driverName = str;
    }

    @UserHelpInfo(isRequired = true, getHelpText = "e.g. ldap://localhost:389")
    public void setConnectionUrl(String str) {
        this.connectionUrl = str;
    }
}
