package fr.inra.refcomp.services;

import java.util.Collections;
import java.util.Enumeration;
import java.util.Hashtable;
import java.util.Properties;
import javax.naming.AuthenticationException;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.nuiton.util.ApplicationConfig;
import org.nuiton.wikitty.WikittyConfigOption;
import org.nuiton.wikitty.WikittyService;
import org.nuiton.wikitty.entities.WikittyUser;
import org.nuiton.wikitty.query.WikittyQueryMaker;
import org.nuiton.wikitty.services.WikittyServiceAuthenticationAbstract;
import org.nuiton.wikitty.services.WikittyServiceEnhanced;

/* loaded from: input_file:WEB-INF/lib/refcomp-services-1.6.jar:fr/inra/refcomp/services/WikittyInraLDAP.class */
public class WikittyInraLDAP extends WikittyServiceAuthenticationAbstract {
    private static Log log = LogFactory.getLog(WikittyInraLDAP.class);
    public static final String UID = "uid";
    protected Properties jndiProp;
    protected String ldapSearch;
    protected String adminLogin;
    protected String adminPassword;

    public WikittyInraLDAP(ApplicationConfig applicationConfig, WikittyService wikittyService) {
        super(applicationConfig, wikittyService);
        log.debug("Initializing LDAP connexion");
        Properties optionStartsWith = applicationConfig.getOptionStartsWith(WikittyConfigOption.WIKITTY_SECURITY_EXTERNAL_AUTHENTICATION_LDAP_JNDI.getKey());
        this.jndiProp = new Properties();
        Enumeration<?> propertyNames = optionStartsWith.propertyNames();
        while (propertyNames.hasMoreElements()) {
            String str = (String) propertyNames.nextElement();
            String property = optionStartsWith.getProperty(str);
            this.jndiProp.setProperty(str.substring(WikittyConfigOption.WIKITTY_SECURITY_EXTERNAL_AUTHENTICATION_LDAP_JNDI.getKey().length()), property);
        }
        this.jndiProp.put("java.naming.provider.url", applicationConfig.getOption(WikittyConfigOption.WIKITTY_SECURITY_EXTERNAL_AUTHENTICATION_LDAP_SERVER.getKey()));
        this.ldapSearch = applicationConfig.getOption(WikittyConfigOption.WIKITTY_SECURITY_EXTERNAL_AUTHENTICATION_LDAP_LOGIN_PATTERN.getKey());
        this.adminLogin = ServiceFactory.getConfig().getAdminLogin();
        this.adminPassword = ServiceFactory.getConfig().getAdminPassword();
        log.debug("LDAP connexion initialized");
    }

    @Override // org.nuiton.wikitty.services.WikittyServiceAuthenticationAbstract, org.nuiton.wikitty.services.WikittyServiceDelegator, org.nuiton.wikitty.WikittyService
    public String login(String str, String str2) {
        String str3 = null;
        String str4 = getDelegate().findByQuery(null, Collections.singletonList(new WikittyQueryMaker().eq(WikittyUser.FQ_FIELD_WIKITTYUSER_LOGIN, str).end())).get(0);
        boolean z = false;
        if (str4 == null) {
            throw new SecurityException("wrong login or password");
        }
        if (this.adminLogin.equals(str) && this.adminPassword.equals(str2)) {
            z = true;
        }
        if (!z) {
            String str5 = null;
            Hashtable hashtable = new Hashtable(this.jndiProp);
            try {
                InitialDirContext initialDirContext = new InitialDirContext(hashtable);
                SearchControls searchControls = new SearchControls();
                searchControls.setSearchScope(2);
                NamingEnumeration search = initialDirContext.search(this.ldapSearch, "uid=" + str, searchControls);
                while (search.hasMore()) {
                    str5 = ((SearchResult) search.next()).getName();
                }
                initialDirContext.close();
            } catch (NamingException e) {
                log.debug(String.format("Erreur lors de l'acces anonyme au serveur LDAP pour la recherche de l'utilisateur %s -> %s", str, this.ldapSearch), e);
            }
            if (str5 == null) {
                throw new SecurityException("wrong login");
            }
            hashtable.put("java.naming.security.principal", str5 + "," + this.ldapSearch);
            hashtable.put("java.naming.security.credentials", str2);
            try {
                new InitialDirContext(hashtable).close();
                z = true;
            } catch (NamingException e2) {
                log.debug(String.format("Erreur lors de l'acces au serveur LDAP pour l'utilisateur %s -> %s", str, str5), e2);
                throw new SecurityException("Error accessing LDAP server", e2);
            } catch (AuthenticationException e3) {
                throw new SecurityException("wrong password for user : " + str);
            }
        }
        if (z) {
            log.info(String.format("External authentication success for account '%s'", str));
            str3 = getToken(WikittyServiceEnhanced.restore(getDelegate(), null, str4));
        }
        return str3;
    }
}
