package com.fr.privilege.providers.ldap;

import com.fr.general.Inter;
import com.fr.privilege.Authentication;
import com.fr.privilege.Authority;
import com.fr.privilege.providers.AbstractAuthenticationProvider;
import com.fr.stable.StringUtils;
import com.fr.stable.xml.XMLPrintWriter;
import com.fr.stable.xml.XMLableReader;
import com.fr.web.platform.entry.URLEntry;
import java.util.Properties;
import javax.naming.NamingException;
import javax.naming.ldap.Control;
import javax.naming.ldap.InitialLdapContext;
import javax.naming.ldap.LdapContext;

/* loaded from: input_file:com/fr/privilege/providers/ldap/LDAPAuthenticationProvider.class */
public class LDAPAuthenticationProvider extends AbstractAuthenticationProvider {
    private static final long serialVersionUID = 9074755359875747439L;
    private static final String SUN_CONNECTION_POOLING_PROPERTY = "com.sun.jndi.ldap.connect.pool";
    private static final String SUN_DEFAULT_CONTEXT_FACTORY = "com.sun.jndi.ldap.LdapCtxFactory";
    public static final String AUTH_SIMPLE = "simple";
    public static final String AUTH_NONE = "none";
    public static final String AUTH_STRONG = "strong";
    public static final String REFERRAL_FOLLOW = "follow";
    public static final String REFERRAL_IGNORE = "ignore";
    public static final String REFERRAL_THROW = "throw";
    private String url = "ldap://ip:389";
    private String searchBase = StringUtils.EMPTY;
    private String principalSuffix = StringUtils.EMPTY;
    private String systemUsername = null;
    private String systemPassword = null;
    private String authentication = "simple";
    private String contextFactory = SUN_DEFAULT_CONTEXT_FACTORY;
    private String referral = "follow";
    private boolean usePool = true;
    private String roleAttribute = "memberOf";

    @Override // com.fr.privilege.providers.AuthenticationProvider
    public int uType() {
        return 1;
    }

    @Override // com.fr.privilege.providers.AuthenticationProvider
    public boolean authenticate(Authentication authentication) throws Exception {
        super.isRootManager(authentication);
        if (authentication == null) {
            throw new Exception(new StringBuffer().append(Inter.getLocText("Privilege-The_Authentication_Can_Not_Be_Null")).append(".").toString());
        }
        if (authentication.isAuthenticated()) {
            return true;
        }
        String obj = authentication.getPrincipal().toString();
        try {
            LdapContext ldapContext = getLdapContext(obj, authentication.getCredentials().toString());
            Authority[] retrievalAuthority = LDAPUtils.retrievalAuthority(obj, this, ldapContext);
            ldapContext.close();
            authentication.setAuthenticated(true);
            authentication.setAuthorities(retrievalAuthority);
            return true;
        } catch (Exception e) {
            throw new Exception(new StringBuffer().append(Inter.getLocText("Privilege-Invalid_User_Or_Password")).append(".").toString());
        }
    }

    public String getUrl() {
        return this.url;
    }

    public void setUrl(String str) {
        this.url = str;
    }

    public String getPrincipalSuffix() {
        return this.principalSuffix;
    }

    public void setPrincipalSuffix(String str) {
        this.principalSuffix = str;
    }

    public String getAuthentication() {
        return this.authentication;
    }

    public void setAuthentication(String str) {
        this.authentication = str;
    }

    public String getContextFactory() {
        return this.contextFactory;
    }

    public void setContextFactory(String str) {
        this.contextFactory = str;
    }

    public String getSearchBase() {
        return this.searchBase;
    }

    public void setSearchBase(String str) {
        this.searchBase = str;
    }

    public String getReferral() {
        return this.referral;
    }

    public void setReferral(String str) {
        this.referral = str;
    }

    public String getSystemUsername() {
        return this.systemUsername;
    }

    public void setSystemUsername(String str) {
        this.systemUsername = str;
    }

    public String getSystemPassword() {
        return this.systemPassword;
    }

    public void setSystemPassword(String str) {
        this.systemPassword = str;
    }

    public boolean isUsePool() {
        return this.usePool;
    }

    public void setUsePool(boolean z) {
        this.usePool = z;
    }

    public String getRoleAttribute() {
        return this.roleAttribute;
    }

    public void setRoleAttribute(String str) {
        this.roleAttribute = str;
    }

    private LdapContext getLdapContext(String str, String str2) throws NamingException {
        if (StringUtils.isBlank(this.url)) {
            throw new IllegalStateException(new StringBuffer().append(Inter.getLocText("Privilege-The_Url_Must_Be_Specified")).append(".").toString());
        }
        Properties properties = new Properties();
        properties.put("java.naming.factory.initial", this.contextFactory);
        properties.put("java.naming.provider.url", this.url);
        if (this.usePool && !StringUtils.isBlank(str) && str.equals(this.systemUsername)) {
            properties.put(SUN_CONNECTION_POOLING_PROPERTY, "true");
        }
        if (!StringUtils.isBlank(str) && !StringUtils.isBlank(this.principalSuffix)) {
            str = new StringBuffer().append(str).append(this.principalSuffix).toString();
        }
        if (!StringUtils.isBlank(str)) {
            properties.put("java.naming.security.principal", str);
        }
        if (StringUtils.isBlank(str2)) {
            throw new IllegalStateException(new StringBuffer().append(Inter.getLocText("Privilege-The_Password_Cannot_Be_Blank")).append(".").toString());
        }
        properties.put("java.naming.security.credentials", str2);
        properties.put("java.naming.security.authentication", this.authentication);
        properties.put("java.naming.referral", this.referral);
        return new InitialLdapContext(properties, (Control[]) null);
    }

    @Override // com.fr.stable.xml.XMLReadable
    public void readXML(XMLableReader xMLableReader) {
        if (xMLableReader.isChildNode() && xMLableReader.getTagName().equals("LUSAttr")) {
            String attrAsString = xMLableReader.getAttrAsString(URLEntry.URL, null);
            if (attrAsString != null) {
                this.url = attrAsString;
            }
            String attrAsString2 = xMLableReader.getAttrAsString("searchBase", null);
            if (attrAsString2 != null) {
                this.searchBase = attrAsString2;
            }
            String attrAsString3 = xMLableReader.getAttrAsString("principalSuffix", null);
            if (attrAsString3 != null) {
                this.principalSuffix = attrAsString3;
            }
            String attrAsString4 = xMLableReader.getAttrAsString("systemUsername", null);
            if (attrAsString4 != null) {
                this.systemUsername = attrAsString4;
            }
            String attrAsString5 = xMLableReader.getAttrAsString("systemPassword", null);
            if (attrAsString5 != null) {
                this.systemPassword = attrAsString5;
            }
            String attrAsString6 = xMLableReader.getAttrAsString("authentication", null);
            if (attrAsString6 != null) {
                this.authentication = attrAsString6;
            }
            String attrAsString7 = xMLableReader.getAttrAsString("contextFactory", null);
            if (attrAsString7 != null) {
                this.contextFactory = attrAsString7;
            }
            String attrAsString8 = xMLableReader.getAttrAsString("referral", null);
            if (attrAsString8 != null) {
                this.referral = attrAsString8;
            }
        }
    }

    @Override // com.fr.stable.xml.XMLWriter
    public void writeXML(XMLPrintWriter xMLPrintWriter) {
        xMLPrintWriter.startTAG("LUSAttr");
        if (StringUtils.isNotBlank(this.url)) {
            xMLPrintWriter.attr(URLEntry.URL, this.url);
        }
        if (StringUtils.isNotBlank(this.searchBase)) {
            xMLPrintWriter.attr("searchBase", this.searchBase);
        }
        if (StringUtils.isNotBlank(this.principalSuffix)) {
            xMLPrintWriter.attr("principalSuffix", this.principalSuffix);
        }
        if (StringUtils.isNotBlank(this.systemUsername)) {
            xMLPrintWriter.attr("systemUsername", this.systemUsername);
        }
        if (StringUtils.isNotBlank(this.systemPassword)) {
            xMLPrintWriter.attr("systemPassword", this.systemPassword);
        }
        if (StringUtils.isNotBlank(this.authentication)) {
            xMLPrintWriter.attr("authentication", this.authentication);
        }
        if (StringUtils.isNotBlank(this.contextFactory)) {
            xMLPrintWriter.attr("contextFactory", this.contextFactory);
        }
        if (StringUtils.isNotBlank(this.referral)) {
            xMLPrintWriter.attr("referral", this.referral);
        }
        xMLPrintWriter.end();
    }
}
