package org.apache.directory.server.kerberos.shared.store.operations;

import java.io.IOException;
import java.text.ParseException;
import javax.naming.Name;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attributes;
import javax.naming.directory.DirContext;
import javax.naming.directory.InvalidAttributeValueException;
import javax.naming.directory.SearchResult;
import javax.security.auth.kerberos.KerberosPrincipal;
import org.apache.directory.server.kerberos.shared.messages.value.KerberosTime;
import org.apache.directory.server.kerberos.shared.messages.value.SamType;
import org.apache.directory.server.kerberos.shared.store.KerberosAttribute;
import org.apache.directory.server.kerberos.shared.store.PrincipalStoreEntry;
import org.apache.directory.server.kerberos.shared.store.PrincipalStoreEntryModifier;
import org.apache.directory.server.protocol.shared.store.ContextOperation;
import org.apache.directory.shared.ldap.message.AttributeImpl;
import org.apache.directory.shared.ldap.message.AttributesImpl;

/* loaded from: input_file:org/apache/directory/server/kerberos/shared/store/operations/GetPrincipal.class */
public class GetPrincipal implements ContextOperation {
    private static final long serialVersionUID = 4598007518413451945L;
    private final KerberosPrincipal principal;

    public GetPrincipal(KerberosPrincipal kerberosPrincipal) {
        this.principal = kerberosPrincipal;
    }

    public Object execute(DirContext dirContext, Name name) {
        if (this.principal == null) {
            return null;
        }
        String[] strArr = {KerberosAttribute.PRINCIPAL, KerberosAttribute.VERSION, KerberosAttribute.KEY, KerberosAttribute.SAM_TYPE, KerberosAttribute.ACCOUNT_DISABLED, KerberosAttribute.ACCOUNT_EXPIRATION_TIME, KerberosAttribute.ACCOUNT_LOCKEDOUT};
        AttributesImpl attributesImpl = new AttributesImpl(true);
        attributesImpl.put(new AttributeImpl(KerberosAttribute.PRINCIPAL, this.principal.getName()));
        PrincipalStoreEntry principalStoreEntry = null;
        try {
            NamingEnumeration search = dirContext.search("", attributesImpl, strArr);
            if (search.hasMore()) {
                SearchResult searchResult = (SearchResult) search.next();
                Attributes attributes = searchResult.getAttributes();
                if (attributes == null) {
                    return null;
                }
                principalStoreEntry = getEntry(searchResult.getName(), attributes);
            }
            return principalStoreEntry;
        } catch (NamingException e) {
            return null;
        }
    }

    private PrincipalStoreEntry getEntry(String str, Attributes attributes) throws NamingException {
        PrincipalStoreEntryModifier principalStoreEntryModifier = new PrincipalStoreEntryModifier();
        principalStoreEntryModifier.setDistinguishedName(str);
        principalStoreEntryModifier.setPrincipal(new KerberosPrincipal((String) attributes.get(KerberosAttribute.PRINCIPAL).get()));
        principalStoreEntryModifier.setKeyVersionNumber(Integer.parseInt((String) attributes.get(KerberosAttribute.VERSION).get()));
        if (attributes.get(KerberosAttribute.ACCOUNT_DISABLED) != null) {
            principalStoreEntryModifier.setDisabled("true".equalsIgnoreCase((String) attributes.get(KerberosAttribute.ACCOUNT_DISABLED).get()));
        }
        if (attributes.get(KerberosAttribute.ACCOUNT_LOCKEDOUT) != null) {
            principalStoreEntryModifier.setLockedOut("true".equalsIgnoreCase((String) attributes.get(KerberosAttribute.ACCOUNT_LOCKEDOUT).get()));
        }
        if (attributes.get(KerberosAttribute.ACCOUNT_EXPIRATION_TIME) != null) {
            String str2 = (String) attributes.get(KerberosAttribute.ACCOUNT_EXPIRATION_TIME).get();
            try {
                principalStoreEntryModifier.setExpiration(KerberosTime.getTime(str2));
            } catch (ParseException e) {
                throw new InvalidAttributeValueException("Account expiration attribute krb5AccountExpirationTime contained an invalid value for generalizedTime: " + str2);
            }
        }
        if (attributes.get(KerberosAttribute.SAM_TYPE) != null) {
            principalStoreEntryModifier.setSamType(SamType.getTypeByOrdinal(Integer.parseInt((String) attributes.get(KerberosAttribute.SAM_TYPE).get())));
        }
        if (attributes.get(KerberosAttribute.KEY) != null) {
            try {
                principalStoreEntryModifier.setKeyMap(principalStoreEntryModifier.reconstituteKeyMap(attributes.get(KerberosAttribute.KEY)));
            } catch (IOException e2) {
                throw new InvalidAttributeValueException("Account Kerberos key attribute 'krb5Key' contained an invalid value for krb5key.");
            }
        }
        return principalStoreEntryModifier.getEntry();
    }
}
