package com.liferay.portal.security.ldap.internal.exportimport;

import com.liferay.expando.kernel.model.ExpandoBridge;
import com.liferay.expando.kernel.util.ExpandoConverterUtil;
import com.liferay.portal.kernel.bean.BeanPropertiesUtil;
import com.liferay.portal.kernel.exception.SystemException;
import com.liferay.portal.kernel.log.Log;
import com.liferay.portal.kernel.log.LogFactoryUtil;
import com.liferay.portal.kernel.model.Contact;
import com.liferay.portal.kernel.model.Image;
import com.liferay.portal.kernel.model.User;
import com.liferay.portal.kernel.model.UserGroup;
import com.liferay.portal.kernel.security.auth.PasswordModificationThreadLocal;
import com.liferay.portal.kernel.security.ldap.LDAPSettings;
import com.liferay.portal.kernel.security.pwd.PasswordEncryptor;
import com.liferay.portal.kernel.service.ImageLocalService;
import com.liferay.portal.kernel.util.GetterUtil;
import com.liferay.portal.kernel.util.Props;
import com.liferay.portal.kernel.util.StringBundler;
import com.liferay.portal.kernel.util.Validator;
import com.liferay.portal.security.exportimport.UserOperation;
import com.liferay.portal.security.ldap.GroupConverterKeys;
import com.liferay.portal.security.ldap.PortalLDAP;
import com.liferay.portal.security.ldap.UserConverterKeys;
import com.liferay.portal.security.ldap.authenticator.configuration.LDAPAuthConfiguration;
import com.liferay.portal.security.ldap.configuration.ConfigurationProvider;
import com.liferay.portal.security.ldap.configuration.LDAPServerConfiguration;
import com.liferay.portal.security.ldap.exportimport.Modifications;
import com.liferay.portal.security.ldap.exportimport.PortalToLDAPConverter;
import java.io.Serializable;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import javax.naming.Binding;
import javax.naming.directory.Attributes;
import javax.naming.directory.BasicAttribute;
import javax.naming.directory.BasicAttributes;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.Reference;
import org.osgi.service.component.annotations.ReferencePolicyOption;

@Component(immediate = true, service = {PortalToLDAPConverter.class})
/* loaded from: input_file:com/liferay/portal/security/ldap/internal/exportimport/DefaultPortalToLDAPConverter.class */
public class DefaultPortalToLDAPConverter implements PortalToLDAPConverter {
    private static final String _DEFAULT_DN = "cn";
    private static final String _OBJECT_CLASS = "objectclass";
    private static final Log _log = LogFactoryUtil.getLog(DefaultPortalToLDAPConverter.class);
    private ImageLocalService _imageLocalService;
    private ConfigurationProvider<LDAPAuthConfiguration> _ldapAuthConfigurationProvider;
    private ConfigurationProvider<LDAPServerConfiguration> _ldapServerConfigurationProvider;
    private LDAPSettings _ldapSettings;
    private PasswordEncryptor _passwordEncryptor;
    private PortalLDAP _portalLDAP;

    @Reference
    private Props _props;
    private final Map<String, String> _reservedContactFieldNames = new HashMap();
    private final Map<String, String> _reservedUserFieldNames = new HashMap();
    private String _userDNFieldName = UserConverterKeys.SCREEN_NAME;

    public DefaultPortalToLDAPConverter() {
        this._reservedUserFieldNames.put(UserConverterKeys.GROUP, UserConverterKeys.GROUP);
        this._reservedUserFieldNames.put(UserConverterKeys.PASSWORD, UserConverterKeys.PASSWORD);
        this._reservedUserFieldNames.put(UserConverterKeys.PORTRAIT, UserConverterKeys.PORTRAIT);
        this._reservedUserFieldNames.put(UserConverterKeys.SCREEN_NAME, UserConverterKeys.SCREEN_NAME);
    }

    @Override // com.liferay.portal.security.ldap.exportimport.PortalToLDAPConverter
    public String getGroupDNName(long j, UserGroup userGroup, Properties properties) throws Exception {
        Binding group = this._portalLDAP.getGroup(j, userGroup.getCompanyId(), userGroup.getName());
        if (group != null) {
            return this._portalLDAP.getNameInNamespace(j, userGroup.getCompanyId(), group);
        }
        StringBundler stringBundler = new StringBundler(5);
        stringBundler.append(GetterUtil.getString(properties.getProperty(GroupConverterKeys.GROUP_NAME), _DEFAULT_DN));
        stringBundler.append("=");
        stringBundler.append(userGroup.getName());
        stringBundler.append(",");
        stringBundler.append(this._portalLDAP.getGroupsDN(j, userGroup.getCompanyId()));
        return stringBundler.toString();
    }

    @Override // com.liferay.portal.security.ldap.exportimport.PortalToLDAPConverter
    public Modifications getLDAPContactModifications(Contact contact, Map<String, Serializable> map, Properties properties, Properties properties2) throws Exception {
        if (properties.isEmpty() && properties2.isEmpty()) {
            return null;
        }
        Modifications modifications = getModifications(contact, properties, this._reservedContactFieldNames);
        populateCustomAttributeModifications(contact, contact.getExpandoBridge(), map, properties2, modifications);
        return modifications;
    }

    @Override // com.liferay.portal.security.ldap.exportimport.PortalToLDAPConverter
    public Attributes getLDAPGroupAttributes(long j, UserGroup userGroup, User user, Properties properties, Properties properties2) throws Exception {
        BasicAttributes basicAttributes = new BasicAttributes(true);
        BasicAttribute basicAttribute = new BasicAttribute(_OBJECT_CLASS);
        for (String str : this._ldapServerConfigurationProvider.getConfiguration(userGroup.getCompanyId(), j).groupDefaultObjectClasses()) {
            basicAttribute.add(str);
        }
        basicAttributes.put(basicAttribute);
        addAttributeMapping(properties.getProperty(GroupConverterKeys.GROUP_NAME), userGroup.getName(), (Attributes) basicAttributes);
        addAttributeMapping(properties.getProperty(GroupConverterKeys.DESCRIPTION), userGroup.getDescription(), (Attributes) basicAttributes);
        addAttributeMapping(properties.getProperty(GroupConverterKeys.USER), getUserDNName(j, user, properties2), (Attributes) basicAttributes);
        return basicAttributes;
    }

    @Override // com.liferay.portal.security.ldap.exportimport.PortalToLDAPConverter
    public Modifications getLDAPGroupModifications(long j, UserGroup userGroup, User user, Properties properties, Properties properties2, UserOperation userOperation) throws Exception {
        Modifications modifications = Modifications.getInstance();
        String groupDNName = getGroupDNName(j, userGroup, properties);
        String userDNName = getUserDNName(j, user, properties2);
        if (this._portalLDAP.isGroupMember(j, user.getCompanyId(), groupDNName, userDNName)) {
            if (userOperation == UserOperation.REMOVE) {
                modifications.addItem(3, properties.getProperty(GroupConverterKeys.USER), userDNName);
            }
        } else if (userOperation == UserOperation.ADD) {
            modifications.addItem(1, properties.getProperty(GroupConverterKeys.USER), userDNName);
        }
        return modifications;
    }

    @Override // com.liferay.portal.security.ldap.exportimport.PortalToLDAPConverter
    public Attributes getLDAPUserAttributes(long j, User user, Properties properties) {
        BasicAttributes basicAttributes = new BasicAttributes(true);
        BasicAttribute basicAttribute = new BasicAttribute(_OBJECT_CLASS);
        for (String str : this._ldapServerConfigurationProvider.getConfiguration(user.getCompanyId(), j).userDefaultObjectClasses()) {
            basicAttribute.add(str);
        }
        basicAttributes.put(basicAttribute);
        addAttributeMapping(properties.getProperty(UserConverterKeys.UUID), user.getUuid(), (Attributes) basicAttributes);
        addAttributeMapping(properties.getProperty(UserConverterKeys.SCREEN_NAME), user.getScreenName(), (Attributes) basicAttributes);
        addAttributeMapping(properties.getProperty(UserConverterKeys.PASSWORD), getEncryptedPasswordForLDAP(user, properties), (Attributes) basicAttributes);
        addAttributeMapping(properties.getProperty(UserConverterKeys.EMAIL_ADDRESS), user.getEmailAddress(), (Attributes) basicAttributes);
        addAttributeMapping(properties.getProperty(UserConverterKeys.FULL_NAME), user.getFullName(), (Attributes) basicAttributes);
        addAttributeMapping(properties.getProperty(UserConverterKeys.FIRST_NAME), user.getFirstName(), (Attributes) basicAttributes);
        addAttributeMapping(properties.getProperty(UserConverterKeys.MIDDLE_NAME), user.getMiddleName(), (Attributes) basicAttributes);
        addAttributeMapping(properties.getProperty(UserConverterKeys.LAST_NAME), user.getLastName(), (Attributes) basicAttributes);
        addAttributeMapping(properties.getProperty("jobTitle"), user.getJobTitle(), (Attributes) basicAttributes);
        addAttributeMapping(properties.getProperty(UserConverterKeys.PORTRAIT), (Object) getUserPortrait(user), (Attributes) basicAttributes);
        addAttributeMapping(properties.getProperty(UserConverterKeys.STATUS), String.valueOf(user.getStatus()), (Attributes) basicAttributes);
        return basicAttributes;
    }

    @Override // com.liferay.portal.security.ldap.exportimport.PortalToLDAPConverter
    public Modifications getLDAPUserGroupModifications(long j, List<UserGroup> list, User user, Properties properties) throws Exception {
        Modifications modifications = Modifications.getInstance();
        String property = properties.getProperty(UserConverterKeys.GROUP);
        if (Validator.isNull(property)) {
            return modifications;
        }
        Properties groupMappings = this._ldapSettings.getGroupMappings(j, user.getCompanyId());
        String userDNName = getUserDNName(j, user, properties);
        Iterator<UserGroup> it = list.iterator();
        while (it.hasNext()) {
            String groupDNName = getGroupDNName(j, it.next(), groupMappings);
            if (!this._portalLDAP.isUserGroupMember(j, user.getCompanyId(), groupDNName, userDNName)) {
                modifications.addItem(1, property, groupDNName);
            }
        }
        return modifications;
    }

    @Override // com.liferay.portal.security.ldap.exportimport.PortalToLDAPConverter
    public Modifications getLDAPUserModifications(User user, Map<String, Serializable> map, Properties properties, Properties properties2) throws Exception {
        Modifications modifications = getModifications(user, properties, this._reservedUserFieldNames);
        if (PasswordModificationThreadLocal.isPasswordModified() && Validator.isNotNull(PasswordModificationThreadLocal.getPasswordUnencrypted())) {
            addModificationItem(properties.getProperty(UserConverterKeys.PASSWORD), getEncryptedPasswordForLDAP(user, properties), modifications);
        }
        String property = properties.getProperty(UserConverterKeys.PORTRAIT);
        if (Validator.isNotNull(property)) {
            addModificationItem(new BasicAttribute(property, getUserPortrait(user)), modifications);
        }
        populateCustomAttributeModifications(user, user.getExpandoBridge(), map, properties2, modifications);
        return modifications;
    }

    @Override // com.liferay.portal.security.ldap.exportimport.PortalToLDAPConverter
    public String getUserDNName(long j, User user, Properties properties) throws Exception {
        Binding user2 = this._portalLDAP.getUser(j, user.getCompanyId(), user.getScreenName(), user.getEmailAddress());
        if (user2 != null) {
            return this._portalLDAP.getNameInNamespace(j, user.getCompanyId(), user2);
        }
        StringBundler stringBundler = new StringBundler(5);
        stringBundler.append(GetterUtil.getString(properties.getProperty(this._userDNFieldName), _DEFAULT_DN));
        stringBundler.append("=");
        stringBundler.append(BeanPropertiesUtil.getStringSilent(user, this._userDNFieldName));
        stringBundler.append(",");
        stringBundler.append(this._portalLDAP.getUsersDN(j, user.getCompanyId()));
        return stringBundler.toString();
    }

    public void setContactReservedFieldNames(List<String> list) {
        for (String str : list) {
            this._reservedContactFieldNames.put(str, str);
        }
    }

    public void setUserDNFieldName(String str) {
        this._userDNFieldName = str;
    }

    public void setUserReservedFieldNames(List<String> list) {
        for (String str : list) {
            this._reservedUserFieldNames.put(str, str);
        }
    }

    protected void addAttributeMapping(String str, Object obj, Attributes attributes) {
        if (!Validator.isNotNull(str) || obj == null) {
            return;
        }
        attributes.put(str, obj);
    }

    protected void addAttributeMapping(String str, String str2, Attributes attributes) {
        if (Validator.isNotNull(str) && Validator.isNotNull(str2)) {
            attributes.put(str, str2);
        }
    }

    protected void addModificationItem(BasicAttribute basicAttribute, Modifications modifications) {
        if (basicAttribute != null) {
            modifications.addItem(basicAttribute);
        }
    }

    protected void addModificationItem(String str, String str2, Modifications modifications) {
        if (Validator.isNotNull(str)) {
            modifications.addItem(str, str2);
        }
    }

    protected String getEncryptedPasswordForLDAP(User user, Properties properties) {
        String passwordUnencrypted = PasswordModificationThreadLocal.getPasswordUnencrypted();
        if (Validator.isNull(passwordUnencrypted)) {
            return passwordUnencrypted;
        }
        String passwordEncryptionAlgorithm = this._ldapAuthConfigurationProvider.getConfiguration(user.getCompanyId()).passwordEncryptionAlgorithm();
        if (Validator.isNull(passwordEncryptionAlgorithm)) {
            return passwordUnencrypted;
        }
        try {
            StringBundler stringBundler = new StringBundler(4);
            if (!passwordEncryptionAlgorithm.equals("NONE") && !hasLegacyPasswordEncryptionAlgorithm()) {
                stringBundler.append("{");
                stringBundler.append(passwordEncryptionAlgorithm);
                stringBundler.append("}");
            }
            stringBundler.append(this._passwordEncryptor.encrypt(passwordEncryptionAlgorithm, passwordUnencrypted, (String) null));
            return properties.getProperty(UserConverterKeys.PASSWORD).equals("unicodePwd") ? new String("\"".concat(stringBundler.toString()).concat("\"").getBytes("UTF-16LE")) : stringBundler.toString();
        } catch (Exception e) {
            throw new SystemException(e);
        }
    }

    protected Modifications getModifications(Object obj, Properties properties, Map<String, String> map) {
        Modifications modifications = Modifications.getInstance();
        for (Map.Entry entry : properties.entrySet()) {
            String str = (String) entry.getKey();
            if (!map.containsKey(str)) {
                String str2 = (String) entry.getValue();
                try {
                    Object objectSilent = BeanPropertiesUtil.getObjectSilent(obj, str);
                    if (objectSilent != null) {
                        addModificationItem(str2, objectSilent.toString(), modifications);
                    }
                } catch (Exception e) {
                    if (_log.isWarnEnabled()) {
                        _log.warn("Unable to map field " + str + " to class " + obj.getClass(), e);
                    }
                }
            }
        }
        return modifications;
    }

    protected byte[] getUserPortrait(User user) {
        byte[] bArr = null;
        if (user.getPortraitId() == 0) {
            return null;
        }
        try {
            Image image = this._imageLocalService.getImage(user.getPortraitId());
            if (image != null) {
                bArr = image.getTextObj();
            }
        } catch (Exception e) {
            if (_log.isWarnEnabled()) {
                _log.warn("Unable to get the portrait for user " + user.getUserId(), e);
            }
        }
        return bArr;
    }

    protected boolean hasLegacyPasswordEncryptionAlgorithm() {
        return Validator.isNotNull(GetterUtil.getString(this._props.get("passwords.encryption.algorithm.legacy")));
    }

    protected void populateCustomAttributeModifications(Object obj, ExpandoBridge expandoBridge, Map<String, Serializable> map, Properties properties, Modifications modifications) {
        if (map == null || map.isEmpty()) {
            return;
        }
        for (Map.Entry entry : properties.entrySet()) {
            String str = (String) entry.getKey();
            String str2 = (String) entry.getValue();
            Serializable serializable = map.get(str);
            if (serializable != null) {
                try {
                    addModificationItem(str2, ExpandoConverterUtil.getStringFromAttribute(expandoBridge.getAttributeType(str), serializable), modifications);
                } catch (Exception e) {
                    if (_log.isWarnEnabled()) {
                        _log.warn("Unable to map field " + str + " to class " + obj.getClass(), e);
                    }
                }
            }
        }
    }

    @Reference(unbind = "-")
    protected void setImageLocalService(ImageLocalService imageLocalService) {
        this._imageLocalService = imageLocalService;
    }

    @Reference(target = "(factoryPid=com.liferay.portal.security.ldap.authenticator.configuration.LDAPAuthConfiguration)", unbind = "-")
    protected void setLDAPAuthConfigurationProvider(ConfigurationProvider<LDAPAuthConfiguration> configurationProvider) {
        this._ldapAuthConfigurationProvider = configurationProvider;
    }

    @Reference(target = "(factoryPid=com.liferay.portal.security.ldap.configuration.LDAPServerConfiguration)", unbind = "-")
    protected void setLDAPServerConfigurationProvider(ConfigurationProvider<LDAPServerConfiguration> configurationProvider) {
        this._ldapServerConfigurationProvider = configurationProvider;
    }

    @Reference(unbind = "-")
    protected void setLdapSettings(LDAPSettings lDAPSettings) {
        this._ldapSettings = lDAPSettings;
    }

    @Reference(unbind = "-")
    protected void setPasswordEncryptor(PasswordEncryptor passwordEncryptor) {
        this._passwordEncryptor = passwordEncryptor;
    }

    @Reference(policyOption = ReferencePolicyOption.GREEDY, unbind = "-")
    protected void setPortalLDAP(PortalLDAP portalLDAP) {
        this._portalLDAP = portalLDAP;
    }
}
