package org.apereo.cas.util;

import java.io.Closeable;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;
import java.util.stream.Collectors;
import lombok.Generated;
import org.apache.commons.lang3.ArrayUtils;
import org.apache.commons.lang3.StringUtils;
import org.apereo.cas.configuration.model.support.ldap.AbstractLdapProperties;
import org.apereo.cas.util.function.FunctionUtils;
import org.ldaptive.AddOperation;
import org.ldaptive.AddRequest;
import org.ldaptive.AddResponse;
import org.ldaptive.AttributeModification;
import org.ldaptive.ConnectionConfig;
import org.ldaptive.ConnectionFactory;
import org.ldaptive.DeleteOperation;
import org.ldaptive.DeleteRequest;
import org.ldaptive.DeleteResponse;
import org.ldaptive.FilterTemplate;
import org.ldaptive.LdapAttribute;
import org.ldaptive.LdapEntry;
import org.ldaptive.LdapException;
import org.ldaptive.ModifyOperation;
import org.ldaptive.ModifyRequest;
import org.ldaptive.ModifyResponse;
import org.ldaptive.ResultCode;
import org.ldaptive.ReturnAttributes;
import org.ldaptive.SearchOperation;
import org.ldaptive.SearchRequest;
import org.ldaptive.SearchResponse;
import org.ldaptive.ad.UnicodePwdAttribute;
import org.ldaptive.control.util.PagedResultsClient;
import org.ldaptive.extended.ExtendedOperation;
import org.ldaptive.extended.ExtendedRequest;
import org.ldaptive.extended.ExtendedResponse;
import org.ldaptive.extended.PasswordModifyRequest;
import org.ldaptive.referral.FollowSearchReferralHandler;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/cas-server-support-ldap-core-6.6.9.jar:org/apereo/cas/util/LdapConnectionFactory.class */
public class LdapConnectionFactory implements Closeable {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) LdapConnectionFactory.class);
    private final ConnectionFactory connectionFactory;

    public boolean executeAddOperation(LdapEntry ldapEntry) {
        return ((Boolean) FunctionUtils.doAndHandle(() -> {
            AddResponse execute = new AddOperation(this.connectionFactory).execute(new AddRequest(ldapEntry.getDn(), ldapEntry.getAttributes()));
            LOGGER.debug("Result code [{}], message: [{}]", execute.getResultCode(), execute.getDiagnosticMessage());
            return Boolean.valueOf(execute.getResultCode() == ResultCode.SUCCESS);
        }, th -> {
            return false;
        }).get()).booleanValue();
    }

    public boolean executeDeleteOperation(LdapEntry ldapEntry) {
        return ((Boolean) FunctionUtils.doAndHandle(() -> {
            DeleteResponse execute = new DeleteOperation(this.connectionFactory).execute(new DeleteRequest(ldapEntry.getDn()));
            LOGGER.debug("Result code [{}], message: [{}]", execute.getResultCode(), execute.getDiagnosticMessage());
            return Boolean.valueOf(execute.getResultCode() == ResultCode.SUCCESS);
        }, th -> {
            return false;
        }).get()).booleanValue();
    }

    public boolean executeModifyOperation(String str, Map<String, ? extends Set<String>> map) {
        return ((Boolean) FunctionUtils.doAndHandle(() -> {
            ModifyResponse execute = new ModifyOperation(this.connectionFactory).execute(new ModifyRequest(str, (AttributeModification[]) map.entrySet().stream().map(entry -> {
                LdapAttribute ldapAttribute = new LdapAttribute((String) entry.getKey(), (String[]) ((Set) entry.getValue()).toArray(ArrayUtils.EMPTY_STRING_ARRAY));
                LOGGER.debug("Constructed new attribute [{}]", ldapAttribute);
                return new AttributeModification(AttributeModification.Type.REPLACE, ldapAttribute);
            }).toArray(i -> {
                return new AttributeModification[i];
            })));
            LOGGER.debug("Result code [{}], message: [{}]", execute.getResultCode(), execute.getDiagnosticMessage());
            return Boolean.valueOf(execute.getResultCode() == ResultCode.SUCCESS);
        }, th -> {
            return false;
        }).get()).booleanValue();
    }

    public boolean executeModifyOperation(String str, LdapEntry ldapEntry) {
        return executeModifyOperation(str, (Map<String, ? extends Set<String>>) ldapEntry.getAttributes().stream().collect(Collectors.toMap((v0) -> {
            return v0.getName();
        }, ldapAttribute -> {
            return new HashSet(ldapAttribute.getStringValues());
        })));
    }

    public SearchResponse executeSearchOperation(String str, FilterTemplate filterTemplate, int i, String... strArr) throws LdapException {
        return executeSearchOperation(str, filterTemplate, i, null, strArr);
    }

    public SearchResponse executeSearchOperation(String str, FilterTemplate filterTemplate, int i, String[] strArr, String[] strArr2) throws LdapException {
        SearchRequest newLdaptiveSearchRequest = LdapUtils.newLdaptiveSearchRequest(str, filterTemplate, strArr, strArr2);
        if (i > 0) {
            return new PagedResultsClient(this.connectionFactory, i).executeToCompletion(newLdaptiveSearchRequest);
        }
        SearchOperation searchOperation = new SearchOperation(this.connectionFactory);
        searchOperation.setSearchResultHandlers(new FollowSearchReferralHandler());
        return searchOperation.execute(newLdaptiveSearchRequest);
    }

    public SearchResponse executeSearchOperation(String str, FilterTemplate filterTemplate, int i) throws LdapException {
        return executeSearchOperation(str, filterTemplate, i, ReturnAttributes.ALL_USER.value(), ReturnAttributes.ALL_USER.value());
    }

    public boolean executePasswordModifyOperation(String str, String str2, String str3, AbstractLdapProperties.LdapType ldapType) {
        try {
            ConnectionConfig connectionConfig = this.connectionFactory.getConnectionConfig();
            boolean z = (connectionConfig.getLdapUrl() == null || connectionConfig.getLdapUrl().toLowerCase().contains("ldaps://")) ? false : true;
            if (connectionConfig.getUseStartTLS() || z) {
                LOGGER.warn("Executing password modification op under a non-secure LDAP connection; To modify password attributes, the connection to the LDAP server {} be secured and/or encrypted.", ldapType == AbstractLdapProperties.LdapType.AD ? "MUST" : "SHOULD");
            }
            if (ldapType != AbstractLdapProperties.LdapType.AD) {
                LOGGER.debug("Executing password modification op for generic LDAP");
                ExtendedResponse execute = new ExtendedOperation(this.connectionFactory).execute((ExtendedRequest) new PasswordModifyRequest(str, StringUtils.isNotBlank(str2) ? str2 : null, str3));
                LOGGER.debug("Result code [{}], message: [{}]", execute.getResultCode(), execute.getDiagnosticMessage());
                return execute.getResultCode() == ResultCode.SUCCESS;
            }
            LOGGER.debug("Executing password change op for active directory based on [https://support.microsoft.com/en-us/kb/269190]change type: [{}]", StringUtils.isBlank(str2) ? "reset" : "change");
            ModifyOperation modifyOperation = new ModifyOperation(this.connectionFactory);
            ModifyResponse execute2 = StringUtils.isBlank(str2) ? modifyOperation.execute(new ModifyRequest(str, new AttributeModification(AttributeModification.Type.REPLACE, new UnicodePwdAttribute(str3)))) : modifyOperation.execute(new ModifyRequest(str, new AttributeModification(AttributeModification.Type.DELETE, new UnicodePwdAttribute(str2)), new AttributeModification(AttributeModification.Type.ADD, new UnicodePwdAttribute(str3))));
            LOGGER.debug("Result code [{}], message: [{}]", execute2.getResultCode(), execute2.getDiagnosticMessage());
            return execute2.getResultCode() == ResultCode.SUCCESS;
        } catch (Exception e) {
            LoggingUtils.error(LOGGER, e);
            return false;
        }
    }

    @Override // java.io.Closeable, java.lang.AutoCloseable
    public void close() {
        this.connectionFactory.close();
    }

    @Generated
    public LdapConnectionFactory(ConnectionFactory connectionFactory) {
        this.connectionFactory = connectionFactory;
    }

    @Generated
    public ConnectionFactory getConnectionFactory() {
        return this.connectionFactory;
    }
}
