package com.liferay.portal.security.ldap;

import com.ecyrd.jspwiki.auth.WikiPrincipal;
import com.liferay.portal.kernel.exception.SystemException;
import com.liferay.portal.kernel.log.Log;
import com.liferay.portal.kernel.log.LogFactoryUtil;
import com.liferay.portal.kernel.util.GetterUtil;
import com.liferay.portal.kernel.util.StringBundler;
import com.liferay.portal.kernel.util.Validator;
import com.liferay.portal.model.Contact;
import com.liferay.portal.model.Image;
import com.liferay.portal.model.User;
import com.liferay.portal.model.UserGroup;
import com.liferay.portal.security.pwd.PasswordEncryptorUtil;
import com.liferay.portal.service.ImageLocalServiceUtil;
import com.liferay.portal.util.PrefsPropsUtil;
import com.liferay.portlet.expando.model.ExpandoBridge;
import com.liferay.portlet.expando.util.ExpandoConverterUtil;
import com.liferay.portlet.usersadmin.search.UserDisplayTerms;
import java.io.Serializable;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import javax.naming.Binding;
import javax.naming.directory.Attributes;
import javax.naming.directory.BasicAttribute;
import javax.naming.directory.BasicAttributes;
import jodd.util.StringPool;
import org.apache.commons.beanutils.PropertyUtils;

/* loaded from: input_file:WEB-INF/lib/portal-impl.jar:com/liferay/portal/security/ldap/DefaultPortalToLDAPConverter.class */
public class DefaultPortalToLDAPConverter implements PortalToLDAPConverter {
    private static final String _DEFAULT_DN = "cn";
    private static final String _OBJECT_CLASS = "objectclass";
    private static Log _log = LogFactoryUtil.getLog(DefaultPortalToLDAPConverter.class);
    private String _groupDNFieldName = "groupName";
    private Map<String, String> _reservedContactFieldNames = new HashMap();
    private Map<String, String> _reservedUserFieldNames = new HashMap();
    private String _userDNFieldName = UserDisplayTerms.SCREEN_NAME;

    public DefaultPortalToLDAPConverter() {
        this._reservedUserFieldNames.put("group", "group");
        this._reservedUserFieldNames.put("password", "password");
        this._reservedUserFieldNames.put("portrait", "portrait");
        this._reservedUserFieldNames.put(UserDisplayTerms.SCREEN_NAME, UserDisplayTerms.SCREEN_NAME);
    }

    public String getGroupDNName(long j, UserGroup userGroup, Properties properties) throws Exception {
        Binding group = PortalLDAPUtil.getGroup(j, userGroup.getCompanyId(), userGroup.getName());
        if (group != null) {
            return PortalLDAPUtil.getNameInNamespace(j, userGroup.getCompanyId(), group);
        }
        StringBundler stringBundler = new StringBundler(5);
        stringBundler.append(GetterUtil.getString(properties.getProperty(this._groupDNFieldName), _DEFAULT_DN));
        stringBundler.append("=");
        stringBundler.append(userGroup.getName());
        stringBundler.append(",");
        stringBundler.append(PortalLDAPUtil.getGroupsDN(j, userGroup.getCompanyId()));
        return stringBundler.toString();
    }

    public Modifications getLDAPContactModifications(Contact contact, Map<String, Serializable> map, Properties properties, Properties properties2) throws Exception {
        if (properties.isEmpty() && properties2.isEmpty()) {
            return null;
        }
        Modifications modifications = getModifications(contact, properties, this._reservedContactFieldNames);
        populateCustomAttributeModifications(contact, contact.getExpandoBridge(), map, properties2, modifications);
        return modifications;
    }

    public Attributes getLDAPGroupAttributes(long j, UserGroup userGroup, User user, Properties properties, Properties properties2) throws Exception {
        BasicAttributes basicAttributes = new BasicAttributes(true);
        BasicAttribute basicAttribute = new BasicAttribute(_OBJECT_CLASS);
        for (String str : PrefsPropsUtil.getStringArray(userGroup.getCompanyId(), "ldap.group.default.object.classes" + LDAPSettingsUtil.getPropertyPostfix(j), ",")) {
            basicAttribute.add(str);
        }
        basicAttributes.put(basicAttribute);
        addAttributeMapping(properties.getProperty("groupName"), userGroup.getName(), (Attributes) basicAttributes);
        addAttributeMapping(properties.getProperty("description"), userGroup.getDescription(), (Attributes) basicAttributes);
        addAttributeMapping(properties.getProperty("user"), getUserDNName(j, user, properties2), (Attributes) basicAttributes);
        return basicAttributes;
    }

    public Modifications getLDAPGroupModifications(long j, UserGroup userGroup, User user, Properties properties, Properties properties2, LDAPOperation lDAPOperation) throws Exception {
        Modifications modifications = Modifications.getInstance();
        String groupDNName = getGroupDNName(j, userGroup, properties);
        String userDNName = getUserDNName(j, user, properties2);
        if (PortalLDAPUtil.isGroupMember(j, user.getCompanyId(), groupDNName, userDNName)) {
            if (lDAPOperation == LDAPOperation.REMOVE) {
                modifications.addItem(3, properties.getProperty("user"), userDNName);
            }
        } else if (lDAPOperation == LDAPOperation.ADD) {
            modifications.addItem(1, properties.getProperty("user"), userDNName);
        }
        return modifications;
    }

    public Attributes getLDAPUserAttributes(long j, User user, Properties properties) throws SystemException {
        BasicAttributes basicAttributes = new BasicAttributes(true);
        BasicAttribute basicAttribute = new BasicAttribute(_OBJECT_CLASS);
        for (String str : PrefsPropsUtil.getStringArray(user.getCompanyId(), "ldap.user.default.object.classes" + LDAPSettingsUtil.getPropertyPostfix(j), ",")) {
            basicAttribute.add(str);
        }
        basicAttributes.put(basicAttribute);
        addAttributeMapping(properties.getProperty("uuid"), user.getUuid(), (Attributes) basicAttributes);
        addAttributeMapping(properties.getProperty(UserDisplayTerms.SCREEN_NAME), user.getScreenName(), (Attributes) basicAttributes);
        addAttributeMapping(properties.getProperty("password"), getEncryptedPasswordForLDAP(user, properties), (Attributes) basicAttributes);
        addAttributeMapping(properties.getProperty("emailAddress"), user.getEmailAddress(), (Attributes) basicAttributes);
        addAttributeMapping(properties.getProperty(WikiPrincipal.FULL_NAME), user.getFullName(), (Attributes) basicAttributes);
        addAttributeMapping(properties.getProperty("firstName"), user.getFirstName(), (Attributes) basicAttributes);
        addAttributeMapping(properties.getProperty(UserDisplayTerms.MIDDLE_NAME), user.getMiddleName(), (Attributes) basicAttributes);
        addAttributeMapping(properties.getProperty("lastName"), user.getLastName(), (Attributes) basicAttributes);
        addAttributeMapping(properties.getProperty("jobTitle"), user.getJobTitle(), (Attributes) basicAttributes);
        addAttributeMapping(properties.getProperty("portrait"), (Object) getUserPortrait(user), (Attributes) basicAttributes);
        addAttributeMapping(properties.getProperty("status"), String.valueOf(user.getStatus()), (Attributes) basicAttributes);
        return basicAttributes;
    }

    public Modifications getLDAPUserGroupModifications(long j, List<UserGroup> list, User user, Properties properties) throws Exception {
        Modifications modifications = Modifications.getInstance();
        String property = properties.getProperty("group");
        if (Validator.isNull(property)) {
            return modifications;
        }
        Properties groupMappings = LDAPSettingsUtil.getGroupMappings(j, user.getCompanyId());
        String userDNName = getUserDNName(j, user, properties);
        Iterator<UserGroup> it2 = list.iterator();
        while (it2.hasNext()) {
            String groupDNName = getGroupDNName(j, it2.next(), groupMappings);
            if (!PortalLDAPUtil.isUserGroupMember(j, user.getCompanyId(), groupDNName, userDNName)) {
                modifications.addItem(1, property, groupDNName);
            }
        }
        return modifications;
    }

    public Modifications getLDAPUserModifications(User user, Map<String, Serializable> map, Properties properties, Properties properties2) throws Exception {
        Modifications modifications = getModifications(user, properties, this._reservedUserFieldNames);
        if (user.isPasswordModified() && Validator.isNotNull(user.getPasswordUnencrypted())) {
            addModificationItem(properties.getProperty("password"), getEncryptedPasswordForLDAP(user, properties), modifications);
        }
        String property = properties.getProperty("portrait");
        if (Validator.isNotNull(property)) {
            addModificationItem(new BasicAttribute(property, getUserPortrait(user)), modifications);
        }
        populateCustomAttributeModifications(user, user.getExpandoBridge(), map, properties2, modifications);
        return modifications;
    }

    public String getUserDNName(long j, User user, Properties properties) throws Exception {
        Binding user2 = PortalLDAPUtil.getUser(j, user.getCompanyId(), user.getScreenName(), user.getEmailAddress());
        if (user2 != null) {
            return PortalLDAPUtil.getNameInNamespace(j, user.getCompanyId(), user2);
        }
        StringBundler stringBundler = new StringBundler(5);
        stringBundler.append(GetterUtil.getString(properties.getProperty(this._userDNFieldName), _DEFAULT_DN));
        stringBundler.append("=");
        stringBundler.append(PropertyUtils.getProperty(user, this._userDNFieldName));
        stringBundler.append(",");
        stringBundler.append(PortalLDAPUtil.getUsersDN(j, user.getCompanyId()));
        return stringBundler.toString();
    }

    public void setContactReservedFieldNames(List<String> list) {
        for (String str : list) {
            this._reservedContactFieldNames.put(str, str);
        }
    }

    public void setUserDNFieldName(String str) {
        this._userDNFieldName = str;
    }

    public void setUserReservedFieldNames(List<String> list) {
        for (String str : list) {
            this._reservedUserFieldNames.put(str, str);
        }
    }

    protected void addAttributeMapping(String str, Object obj, Attributes attributes) {
        if (!Validator.isNotNull(str) || obj == null) {
            return;
        }
        attributes.put(str, obj);
    }

    protected void addAttributeMapping(String str, String str2, Attributes attributes) {
        if (Validator.isNotNull(str) && Validator.isNotNull(str2)) {
            attributes.put(str, str2);
        }
    }

    protected void addModificationItem(BasicAttribute basicAttribute, Modifications modifications) {
        if (Validator.isNotNull(basicAttribute)) {
            modifications.addItem(basicAttribute);
        }
    }

    protected void addModificationItem(String str, String str2, Modifications modifications) {
        if (Validator.isNotNull(str)) {
            modifications.addItem(str, str2);
        }
    }

    protected String getEncryptedPasswordForLDAP(User user, Properties properties) throws SystemException {
        String passwordUnencrypted = user.getPasswordUnencrypted();
        if (Validator.isNull(passwordUnencrypted)) {
            return passwordUnencrypted;
        }
        String string = PrefsPropsUtil.getString(user.getCompanyId(), "ldap.auth.password.encryption.algorithm");
        if (Validator.isNull(string)) {
            return passwordUnencrypted;
        }
        try {
            StringBundler stringBundler = new StringBundler(4);
            if (!string.equals("NONE")) {
                stringBundler.append(StringPool.LEFT_BRACE);
                stringBundler.append(string);
                stringBundler.append("}");
            }
            stringBundler.append(PasswordEncryptorUtil.encrypt(string, passwordUnencrypted, null));
            return properties.getProperty("password").equals("unicodePwd") ? new String("\"".concat(stringBundler.toString()).concat("\"").getBytes("UTF-16LE")) : stringBundler.toString();
        } catch (Exception e) {
            throw new SystemException(e);
        }
    }

    protected Modifications getModifications(Object obj, Properties properties, Map<String, String> map) {
        Modifications modifications = Modifications.getInstance();
        for (Map.Entry entry : properties.entrySet()) {
            String str = (String) entry.getKey();
            if (!map.containsKey(str)) {
                String str2 = (String) entry.getValue();
                try {
                    Object property = PropertyUtils.getProperty(obj, str);
                    if (property != null) {
                        addModificationItem(str2, property.toString(), modifications);
                    }
                } catch (Exception e) {
                    if (_log.isWarnEnabled()) {
                        _log.warn("Unable to map field " + str + " to class " + obj.getClass(), e);
                    }
                }
            }
        }
        return modifications;
    }

    protected byte[] getUserPortrait(User user) {
        byte[] bArr = null;
        if (user.getPortraitId() == 0) {
            return null;
        }
        try {
            Image image = ImageLocalServiceUtil.getImage(user.getPortraitId());
            if (image != null) {
                bArr = image.getTextObj();
            }
        } catch (Exception e) {
            if (_log.isWarnEnabled()) {
                _log.warn("Unable to get the portrait for user " + user.getUserId(), e);
            }
        }
        return bArr;
    }

    protected void populateCustomAttributeModifications(Object obj, ExpandoBridge expandoBridge, Map<String, Serializable> map, Properties properties, Modifications modifications) {
        if (map == null || map.isEmpty()) {
            return;
        }
        for (Map.Entry entry : properties.entrySet()) {
            String str = (String) entry.getKey();
            String str2 = (String) entry.getValue();
            Serializable serializable = map.get(str);
            if (serializable != null) {
                try {
                    addModificationItem(str2, ExpandoConverterUtil.getStringFromAttribute(expandoBridge.getAttributeType(str), serializable), modifications);
                } catch (Exception e) {
                    if (_log.isWarnEnabled()) {
                        _log.warn("Unable to map field " + str + " to class " + obj.getClass(), e);
                    }
                }
            }
        }
    }
}
