package edu.vt.middleware.ldap.auth;

import edu.vt.middleware.ldap.LdapConstants;
import edu.vt.middleware.ldap.LdapUtil;
import edu.vt.middleware.ldap.auth.AuthenticatorConfig;
import edu.vt.middleware.ldap.auth.handler.AuthenticationCriteria;
import edu.vt.middleware.ldap.auth.handler.AuthenticationResultHandler;
import edu.vt.middleware.ldap.auth.handler.AuthorizationHandler;
import edu.vt.middleware.ldap.handler.ConnectionHandler;
import java.util.Arrays;
import javax.naming.AuthenticationException;
import javax.naming.NamingException;
import javax.naming.directory.Attributes;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: input_file:edu/vt/middleware/ldap/auth/AbstractAuthenticator.class */
public abstract class AbstractAuthenticator<T extends AuthenticatorConfig> {
    protected final Log logger = LogFactory.getLog(getClass());
    protected T config;

    public void setAuthenticatorConfig(T t) {
        if (this.config != null) {
            this.config.checkImmutable();
        }
        this.config = t;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean authenticateAndAuthorize(String str, Object obj, AuthenticationResultHandler[] authenticationResultHandlerArr, AuthorizationHandler[] authorizationHandlerArr) throws NamingException {
        boolean z = false;
        try {
            authenticateAndAuthorize(str, obj, false, null, authenticationResultHandlerArr, authorizationHandlerArr);
            z = true;
        } catch (AuthenticationException e) {
            if (this.logger.isDebugEnabled()) {
                this.logger.debug("Authentication failed for dn: " + str, e);
            }
        } catch (AuthorizationException e2) {
            if (this.logger.isDebugEnabled()) {
                this.logger.debug("Authorization failed for dn: " + str, e2);
            }
        }
        return z;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Attributes authenticateAndAuthorize(String str, Object obj, boolean z, String[] strArr, AuthenticationResultHandler[] authenticationResultHandlerArr, AuthorizationHandler[] authorizationHandlerArr) throws NamingException {
        if (this.config.getAuthtype().equalsIgnoreCase(LdapConstants.NONE_AUTHTYPE)) {
            throw new AuthenticationException("Cannot authenticate dn, authtype is 'none'");
        }
        if (!LdapUtil.checkCredential(obj)) {
            throw new AuthenticationException("Cannot authenticate dn, invalid credential");
        }
        if (str == null || LdapConstants.DEFAULT_BASE_DN.equals(str)) {
            throw new AuthenticationException("Cannot authenticate dn, invalid dn");
        }
        Attributes attributes = null;
        ConnectionHandler newInstance = this.config.getConnectionHandler().newInstance();
        try {
            AuthenticationCriteria authenticationCriteria = new AuthenticationCriteria(str);
            authenticationCriteria.setCredential(obj);
            try {
                this.config.getAuthenticationHandler().newInstance().authenticate(newInstance, authenticationCriteria);
                if (this.logger.isInfoEnabled()) {
                    this.logger.info("Authentication succeeded for dn: " + str);
                }
                if (authorizationHandlerArr != null && authorizationHandlerArr.length > 0) {
                    for (AuthorizationHandler authorizationHandler : authorizationHandlerArr) {
                        try {
                            authorizationHandler.process(authenticationCriteria, newInstance.getLdapContext());
                            if (this.logger.isInfoEnabled()) {
                                this.logger.info("Authorization succeeded for dn: " + str + " with handler: " + authorizationHandler);
                            }
                        } catch (AuthenticationException e) {
                            if (this.logger.isInfoEnabled()) {
                                this.logger.info("Authorization failed for dn: " + str + " with handler: " + authorizationHandler);
                            }
                            if (authenticationResultHandlerArr != null && authenticationResultHandlerArr.length > 0) {
                                for (AuthenticationResultHandler authenticationResultHandler : authenticationResultHandlerArr) {
                                    authenticationResultHandler.process(authenticationCriteria, false);
                                }
                            }
                            throw e;
                        }
                    }
                }
                if (z) {
                    if (this.logger.isDebugEnabled()) {
                        this.logger.debug("Returning attributes: ");
                        this.logger.debug("    " + (strArr == null ? "all attributes" : Arrays.toString(strArr)));
                    }
                    attributes = newInstance.getLdapContext().getAttributes(str, strArr);
                }
                if (authenticationResultHandlerArr != null && authenticationResultHandlerArr.length > 0) {
                    for (AuthenticationResultHandler authenticationResultHandler2 : authenticationResultHandlerArr) {
                        authenticationResultHandler2.process(authenticationCriteria, true);
                    }
                }
                return attributes;
            } catch (AuthenticationException e2) {
                if (this.logger.isInfoEnabled()) {
                    this.logger.info("Authentication failed for dn: " + str);
                }
                if (authenticationResultHandlerArr != null && authenticationResultHandlerArr.length > 0) {
                    for (AuthenticationResultHandler authenticationResultHandler3 : authenticationResultHandlerArr) {
                        authenticationResultHandler3.process(authenticationCriteria, false);
                    }
                }
                throw e2;
            }
        } finally {
            newInstance.close();
        }
    }

    public synchronized void close() {
        if (this.config.getDnResolver() != null) {
            this.config.getDnResolver().close();
        }
    }
}
