package com.evolveum.polygon.connector.ldap;

import com.evolveum.polygon.common.SchemaUtil;
import com.evolveum.polygon.connector.ldap.AbstractLdapConfiguration;
import com.evolveum.polygon.connector.ldap.connection.ConnectionManager;
import com.evolveum.polygon.connector.ldap.schema.AbstractSchemaTranslator;
import com.evolveum.polygon.connector.ldap.schema.AssociationHolder;
import com.evolveum.polygon.connector.ldap.schema.GuardedStringValue;
import com.evolveum.polygon.connector.ldap.schema.LdapFilterTranslator;
import com.evolveum.polygon.connector.ldap.schema.ScopedFilter;
import com.evolveum.polygon.connector.ldap.schema.SystemSchemaLoader;
import com.evolveum.polygon.connector.ldap.search.DefaultSearchStrategy;
import com.evolveum.polygon.connector.ldap.search.SearchStrategy;
import com.evolveum.polygon.connector.ldap.search.SimplePagedResultsSearchStrategy;
import com.evolveum.polygon.connector.ldap.search.VlvSearchStrategy;
import com.evolveum.polygon.connector.ldap.sync.AdDirSyncStrategy;
import com.evolveum.polygon.connector.ldap.sync.ModifyTimestampSyncStrategy;
import com.evolveum.polygon.connector.ldap.sync.OpenLdapAccessLogSyncStrategy;
import com.evolveum.polygon.connector.ldap.sync.SunChangelogSyncStrategy;
import com.evolveum.polygon.connector.ldap.sync.SyncStrategy;
import java.text.ParseException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Set;
import java.util.stream.Stream;
import org.apache.commons.lang3.ArrayUtils;
import org.apache.directory.api.ldap.extras.controls.ad.TreeDeleteImpl;
import org.apache.directory.api.ldap.extras.controls.permissiveModify.PermissiveModify;
import org.apache.directory.api.ldap.extras.controls.permissiveModify.PermissiveModifyImpl;
import org.apache.directory.api.ldap.extras.controls.vlv.VirtualListViewRequest;
import org.apache.directory.api.ldap.model.constants.SchemaConstants;
import org.apache.directory.api.ldap.model.cursor.CursorException;
import org.apache.directory.api.ldap.model.cursor.CursorLdapReferralException;
import org.apache.directory.api.ldap.model.cursor.SearchCursor;
import org.apache.directory.api.ldap.model.entry.Attribute;
import org.apache.directory.api.ldap.model.entry.DefaultAttribute;
import org.apache.directory.api.ldap.model.entry.DefaultEntry;
import org.apache.directory.api.ldap.model.entry.DefaultModification;
import org.apache.directory.api.ldap.model.entry.Entry;
import org.apache.directory.api.ldap.model.entry.Modification;
import org.apache.directory.api.ldap.model.entry.ModificationOperation;
import org.apache.directory.api.ldap.model.entry.Value;
import org.apache.directory.api.ldap.model.exception.LdapException;
import org.apache.directory.api.ldap.model.exception.LdapInvalidAttributeValueException;
import org.apache.directory.api.ldap.model.exception.LdapInvalidDnException;
import org.apache.directory.api.ldap.model.filter.AndNode;
import org.apache.directory.api.ldap.model.filter.EqualityNode;
import org.apache.directory.api.ldap.model.filter.ExprNode;
import org.apache.directory.api.ldap.model.message.AddRequestImpl;
import org.apache.directory.api.ldap.model.message.AddResponse;
import org.apache.directory.api.ldap.model.message.AliasDerefMode;
import org.apache.directory.api.ldap.model.message.Control;
import org.apache.directory.api.ldap.model.message.DeleteRequestImpl;
import org.apache.directory.api.ldap.model.message.DeleteResponse;
import org.apache.directory.api.ldap.model.message.LdapResult;
import org.apache.directory.api.ldap.model.message.ModifyRequestImpl;
import org.apache.directory.api.ldap.model.message.ModifyResponse;
import org.apache.directory.api.ldap.model.message.Response;
import org.apache.directory.api.ldap.model.message.ResultCodeEnum;
import org.apache.directory.api.ldap.model.message.SearchRequestImpl;
import org.apache.directory.api.ldap.model.message.SearchResultEntry;
import org.apache.directory.api.ldap.model.message.SearchScope;
import org.apache.directory.api.ldap.model.message.controls.PagedResults;
import org.apache.directory.api.ldap.model.name.Dn;
import org.apache.directory.api.ldap.model.name.Rdn;
import org.apache.directory.api.ldap.model.schema.AttributeType;
import org.apache.directory.api.ldap.model.schema.LdapSyntax;
import org.apache.directory.api.ldap.model.schema.MatchingRule;
import org.apache.directory.api.ldap.model.schema.Normalizer;
import org.apache.directory.api.ldap.model.schema.SchemaErrorHandler;
import org.apache.directory.api.ldap.model.schema.SchemaManager;
import org.apache.directory.api.ldap.schema.manager.impl.DefaultSchemaManager;
import org.apache.directory.ldap.client.api.DefaultSchemaLoader;
import org.apache.directory.ldap.client.api.LdapNetworkConnection;
import org.identityconnectors.common.logging.Log;
import org.identityconnectors.common.security.GuardedString;
import org.identityconnectors.framework.common.exceptions.ConfigurationException;
import org.identityconnectors.framework.common.exceptions.ConnectorException;
import org.identityconnectors.framework.common.exceptions.ConnectorIOException;
import org.identityconnectors.framework.common.exceptions.InvalidAttributeValueException;
import org.identityconnectors.framework.common.exceptions.UnknownUidException;
import org.identityconnectors.framework.common.objects.AttributeDelta;
import org.identityconnectors.framework.common.objects.AttributeDeltaBuilder;
import org.identityconnectors.framework.common.objects.ConnectorObject;
import org.identityconnectors.framework.common.objects.ConnectorObjectReference;
import org.identityconnectors.framework.common.objects.Name;
import org.identityconnectors.framework.common.objects.ObjectClass;
import org.identityconnectors.framework.common.objects.OperationOptions;
import org.identityconnectors.framework.common.objects.OperationalAttributes;
import org.identityconnectors.framework.common.objects.PredefinedAttributes;
import org.identityconnectors.framework.common.objects.ResultsHandler;
import org.identityconnectors.framework.common.objects.Schema;
import org.identityconnectors.framework.common.objects.SearchResult;
import org.identityconnectors.framework.common.objects.SuggestedValues;
import org.identityconnectors.framework.common.objects.SuggestedValuesBuilder;
import org.identityconnectors.framework.common.objects.SyncResultsHandler;
import org.identityconnectors.framework.common.objects.SyncToken;
import org.identityconnectors.framework.common.objects.Uid;
import org.identityconnectors.framework.common.objects.filter.ContainsAllValuesFilter;
import org.identityconnectors.framework.common.objects.filter.EqualsFilter;
import org.identityconnectors.framework.common.objects.filter.Filter;
import org.identityconnectors.framework.common.objects.filter.FilterTranslator;
import org.identityconnectors.framework.common.objects.filter.OrFilter;
import org.identityconnectors.framework.spi.Configuration;
import org.identityconnectors.framework.spi.PoolableConnector;
import org.identityconnectors.framework.spi.SearchResultsHandler;
import org.identityconnectors.framework.spi.operations.CreateOp;
import org.identityconnectors.framework.spi.operations.DeleteOp;
import org.identityconnectors.framework.spi.operations.DiscoverConfigurationOp;
import org.identityconnectors.framework.spi.operations.SchemaOp;
import org.identityconnectors.framework.spi.operations.SearchOp;
import org.identityconnectors.framework.spi.operations.SyncOp;
import org.identityconnectors.framework.spi.operations.TestOp;
import org.identityconnectors.framework.spi.operations.UpdateDeltaOp;
import org.jgroups.protocols.INJECT_VIEW;
import org.springframework.beans.PropertyAccessor;
import org.springframework.ldap.transaction.compensating.LdapTransactionUtils;

/* loaded from: input_file:BOOT-INF/lib/connector-ldap-3.9.1.jar:com/evolveum/polygon/connector/ldap/AbstractLdapConnector.class */
public abstract class AbstractLdapConnector<C extends AbstractLdapConfiguration> implements PoolableConnector, TestOp, SchemaOp, SearchOp<Filter>, CreateOp, DeleteOp, UpdateDeltaOp, SyncOp, DiscoverConfigurationOp {
    private static final Log LOG = Log.getLog(AbstractLdapConnector.class);
    private C configuration;
    private ConnectionManager<C> connectionManager;
    private SchemaManager schemaManager = null;
    private AbstractSchemaTranslator<C> schemaTranslator = null;
    private SyncStrategy<C> syncStrategy = null;
    private ErrorHandler errorHandler = null;
    private Boolean usePermissiveModify = null;
    private Boolean useTreeDelete = null;
    private ConnectionLog connectionLog;

    public AbstractLdapConnector() {
        LOG.info("Creating {0} connector instance {1}", getClass().getSimpleName(), this);
    }

    @Override // org.identityconnectors.framework.spi.Connector
    public C getConfiguration() {
        return this.configuration;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public ConnectionManager<C> getConnectionManager() {
        return this.connectionManager;
    }

    @Override // org.identityconnectors.framework.spi.Connector
    public void init(Configuration configuration) {
        LOG.info("Initializing {0} connector instance {1}", getClass().getSimpleName(), this);
        this.configuration = (C) configuration;
        this.configuration.recompute();
        this.errorHandler = createErrorHandler();
        this.connectionLog = new ConnectionLog();
        this.connectionManager = new ConnectionManager<>(this.configuration, this.errorHandler, this.connectionLog);
        if (LOG.isOk()) {
            LOG.ok("Servers:\n{0}", this.connectionManager.dump());
        }
    }

    protected abstract ErrorHandler createErrorHandler();

    /* JADX INFO: Access modifiers changed from: protected */
    public ErrorHandler getErrorHandler() {
        return this.errorHandler;
    }

    public ConnectionLog getConnectionLog() {
        return this.connectionLog;
    }

    @Override // org.identityconnectors.framework.spi.operations.DiscoverConfigurationOp
    public void testPartialConfiguration() {
        LOG.info("Test partial configuration, {0} connector instance {1}", getClass().getSimpleName(), this);
        cleanupBeforeTest();
        this.connectionManager.test();
    }

    @Override // org.identityconnectors.framework.spi.operations.DiscoverConfigurationOp
    public Map<String, SuggestedValues> discoverConfiguration() {
        Attribute rootDseAttribute;
        HashMap hashMap = new HashMap();
        LOG.info("Configuration discovery, working with root DSE:\n{0}", this.connectionManager.getRootDse());
        if (this.configuration.getBaseContext() == null && (rootDseAttribute = this.connectionManager.getRootDseAttribute(SchemaConstants.NAMING_CONTEXTS_AT)) != null) {
            SuggestedValuesBuilder suggestedValuesBuilder = new SuggestedValuesBuilder();
            Iterator<Value> it = rootDseAttribute.iterator();
            while (it.hasNext()) {
                suggestedValuesBuilder.addValues(it.next().getString());
            }
            hashMap.put(AbstractLdapConfiguration.CONF_PROP_NAME_BASE_CONTEXT, suggestedValuesBuilder.build());
        }
        addServerSpecificConfigurationSuggestions(hashMap);
        return hashMap;
    }

    protected void addServerSpecificConfigurationSuggestions(Map<String, SuggestedValues> map) {
    }

    @Override // org.identityconnectors.framework.spi.operations.TestOp
    public void test() {
        LOG.info("Test {0} connector instance {1}", getClass().getSimpleName(), this);
        cleanupBeforeTest();
        this.connectionManager.test();
        checkConfigurationCompleteness();
        if (this.configuration.isEnableExtraTests()) {
            extraTests();
        }
    }

    protected void checkConfigurationCompleteness() {
        this.configuration.validateBaseContext();
    }

    protected void cleanupBeforeTest() {
        this.schemaManager = null;
        this.schemaTranslator = null;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void extraTests() {
        analyzeAttrDef("dc");
        analyzeDn("CN=foo bar,OU=people,DC=EXamPLE,dc=CoM");
        analyzeDn(this.configuration.getBaseContext());
        analyzeDn(this.configuration.getBindDn());
        if (getSchemaManager().getRegistries().getNormalizerRegistry().size() == 0) {
            throw new IllegalStateException("Normalizer registry is empty, value comparison will not work correctly.");
        }
    }

    private void analyzeAttrDef(String str) {
        AttributeType attributeType = getSchemaManager().getAttributeType(str);
        LOG.ok("Definition of LDAP attribute {0}: {1}", str, attributeType);
        if (attributeType != null) {
            MatchingRule equality = attributeType.getEquality();
            LOG.ok("Equality matching rule {0}", equality);
            if (equality != null) {
                Normalizer normalizer = equality.getNormalizer();
                Log log = LOG;
                Object[] objArr = new Object[2];
                objArr[0] = normalizer == null ? null : normalizer.getClass();
                objArr[1] = normalizer;
                log.ok("Equality normalizer ({0}): {1}", objArr);
                if (normalizer != null) {
                    try {
                        LOG.ok("Normalized ''{0}'' -> ''{1}''", " tHiS is REALLY stRAngE  ", normalizer.normalize(" tHiS is REALLY stRAngE  "));
                    } catch (LdapException e) {
                        LOG.error("Normalized error (input: '" + " tHiS is REALLY stRAngE  " + "': " + e.getMessage(), e);
                    }
                }
            }
            LdapSyntax syntax = attributeType.getSyntax();
            LOG.ok("Syntax {0}", syntax);
            if (syntax != null) {
                LOG.ok("Syntax checker {0}", syntax.getSyntaxChecker());
            }
        }
    }

    private void analyzeDn(String str) {
        if (str == null) {
            return;
        }
        Dn asDn = asDn(getSchemaManager(), str);
        LOG.ok("Parsed DN {0}: {1}", str, asDn);
        List<Rdn> rdns = asDn.getRdns();
        LOG.ok("Parsed RDNs: {0}", rdns);
        Rdn rdn = rdns.get(rdns.size() - 1);
        LOG.ok("Last RDN: {0}", rdn);
        LOG.ok("Last RDN AVA: {0}", rdn.getAva());
        LOG.ok("Last RDN AVA name: {0}", rdn.getAva().getName());
        LOG.ok("Last RDN AVA type: {0}", rdn.getAva().getType());
        LOG.ok("Last RDN AVA attributeType: {0}", rdn.getAva().getAttributeType());
    }

    private Dn asDn(SchemaManager schemaManager, String str) {
        try {
            return new Dn(schemaManager, str);
        } catch (LdapInvalidDnException e) {
            throw new ConnectorException("Cannot parse '" + str + " as DN: " + e.getMessage(), e);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public SchemaManager getSchemaManager() {
        if (this.schemaManager == null) {
            initializeSchemaManager();
        }
        return this.schemaManager;
    }

    protected void initializeSchemaManager() {
        try {
            boolean isSchemaQuirksMode = this.configuration.isSchemaQuirksMode();
            LOG.ok("Loading schema (quirksMode={0})", Boolean.valueOf(isSchemaQuirksMode));
            LdapNetworkConnection connection = this.connectionManager.getConnection(null, null);
            DefaultSchemaManager createBlankSchemaManager = createBlankSchemaManager(connection, isSchemaQuirksMode);
            SchemaErrorHandler createSchemaErrorHandler = createSchemaErrorHandler();
            if (createSchemaErrorHandler != null) {
                createBlankSchemaManager.setErrorHandler(createSchemaErrorHandler);
            }
            LOG.ok("Loading internal schema", new Object[0]);
            createBlankSchemaManager.load(new SystemSchemaLoader().getInternalSchema());
            LOG.ok("Schema manager: {0} normalizers", Integer.valueOf(createBlankSchemaManager.getRegistries().getNormalizerRegistry().size()));
            LOG.ok("Loading LDAP schema", new Object[0]);
            try {
                if (isSchemaQuirksMode) {
                    createBlankSchemaManager.setRelaxed();
                    createBlankSchemaManager.loadAllEnabledRelaxed();
                } else {
                    createBlankSchemaManager.loadAllEnabled();
                }
                LOG.ok("Schema manager 2: {0} normalizers", Integer.valueOf(createBlankSchemaManager.getRegistries().getNormalizerRegistry().size()));
                this.connectionLog.schemaSuccess(connection, createBlankSchemaManager.getObjectClassRegistry().size(), createBlankSchemaManager.getErrors().size());
                if (!createBlankSchemaManager.getErrors().isEmpty()) {
                    if (!isSchemaQuirksMode) {
                        throw new ConnectorIOException("Errors loading schema " + createBlankSchemaManager.getErrors());
                    }
                    LOG.ok("There are {0} schema errors, but we are in quirks mode so we are ignoring them", Integer.valueOf(createBlankSchemaManager.getErrors().size()));
                    if (isLogSchemaErrors()) {
                        for (Throwable th : createBlankSchemaManager.getErrors()) {
                            LOG.ok("Schema error (ignored): {0}: {1}", th.getClass().getName(), th.getMessage());
                        }
                    }
                }
                this.schemaManager = createBlankSchemaManager;
                try {
                    LOG.info("Schema loaded, {0} schemas, {1} object classes, {2} attributes, {3} syntaxes, {4} errors", Integer.valueOf(this.schemaManager.getAllSchemas().size()), Integer.valueOf(this.schemaManager.getObjectClassRegistry().size()), Integer.valueOf(this.schemaManager.getAttributeTypeRegistry().size()), Integer.valueOf(this.schemaManager.getLdapSyntaxRegistry().size()), Integer.valueOf(this.schemaManager.getErrors().size()));
                    patchSchemaManager(this.schemaManager);
                } catch (Exception e) {
                    throw new RuntimeException(e.getMessage(), e);
                }
            } catch (Exception e2) {
                this.connectionLog.schemaError(connection, e2);
                throw new ConnectorIOException(e2.getMessage(), e2);
            }
        } catch (LdapException e3) {
            this.connectionLog.schemaError(null, e3);
            Throwable cause = e3.getCause();
            if (!(cause instanceof ParseException)) {
                throw new ConnectorIOException(e3.getMessage(), e3);
            }
            throw new InvalidAttributeValueException("Error parsing resource schema: " + cause.getMessage(), e3);
        } catch (Exception e4) {
            this.connectionLog.schemaError(null, e4);
            throw new ConnectorException(e4.getMessage(), e4);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public DefaultSchemaManager createBlankSchemaManager(LdapNetworkConnection ldapNetworkConnection, boolean z) throws LdapException {
        return new DefaultSchemaManager(new DefaultSchemaLoader(ldapNetworkConnection, z));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void patchSchemaManager(SchemaManager schemaManager) {
    }

    protected SchemaErrorHandler createSchemaErrorHandler() {
        return null;
    }

    protected boolean isLogSchemaErrors() {
        return this.configuration.isLogSchemaErrors();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public AbstractSchemaTranslator<C> getSchemaTranslator() {
        if (this.schemaTranslator == null) {
            initializeSchemaTranslator();
        }
        return this.schemaTranslator;
    }

    private void initializeSchemaTranslator() {
        this.schemaTranslator = createSchemaTranslator();
        this.connectionManager.setSchemaTranslator(this.schemaTranslator);
    }

    protected abstract AbstractSchemaTranslator<C> createSchemaTranslator();

    @Override // org.identityconnectors.framework.spi.operations.SchemaOp
    public Schema schema() {
        this.schemaManager = null;
        this.schemaTranslator = null;
        return getSchemaTranslator().translateSchema(this.connectionManager, this.errorHandler);
    }

    private void prepareConnIdSchema() {
        getSchemaTranslator().prepareConnIdSchema(this.connectionManager, this.errorHandler);
    }

    protected boolean isUsePermissiveModify() throws LdapException {
        if (this.usePermissiveModify == null) {
            String usePermissiveModify = this.configuration.getUsePermissiveModify();
            boolean z = -1;
            switch (usePermissiveModify.hashCode()) {
                case -1414557169:
                    if (usePermissiveModify.equals("always")) {
                        z = false;
                        break;
                    }
                    break;
                case 3005871:
                    if (usePermissiveModify.equals("auto")) {
                        z = 2;
                        break;
                    }
                    break;
                case 104712844:
                    if (usePermissiveModify.equals("never")) {
                        z = true;
                        break;
                    }
                    break;
            }
            switch (z) {
                case false:
                    this.usePermissiveModify = true;
                    break;
                case true:
                    this.usePermissiveModify = false;
                    break;
                case true:
                    this.usePermissiveModify = Boolean.valueOf(this.connectionManager.isControlSupported(PermissiveModify.OID));
                    break;
                default:
                    throw new ConfigurationException("Unknown usePermissiveModify value " + this.configuration.getUsePermissiveModify());
            }
        }
        return this.usePermissiveModify.booleanValue();
    }

    protected boolean isUseTreeDelete(ObjectClass objectClass) throws LdapException {
        for (String str : this.configuration.getForceTreeDeleteObjectClasses()) {
            if (objectClass.is(str)) {
                return true;
            }
        }
        if (this.useTreeDelete == null) {
            String useTreeDelete = this.configuration.getUseTreeDelete();
            boolean z = -1;
            switch (useTreeDelete.hashCode()) {
                case -1414557169:
                    if (useTreeDelete.equals("always")) {
                        z = false;
                        break;
                    }
                    break;
                case 3005871:
                    if (useTreeDelete.equals("auto")) {
                        z = 2;
                        break;
                    }
                    break;
                case 104712844:
                    if (useTreeDelete.equals("never")) {
                        z = true;
                        break;
                    }
                    break;
            }
            switch (z) {
                case false:
                    this.useTreeDelete = true;
                    break;
                case true:
                    this.useTreeDelete = false;
                    break;
                case true:
                    this.useTreeDelete = Boolean.valueOf(this.connectionManager.isControlSupported("1.2.840.113556.1.4.805"));
                    break;
                default:
                    throw new ConfigurationException("Unknown useTreeDelete value " + this.configuration.getUseTreeDelete());
            }
        }
        return this.useTreeDelete.booleanValue();
    }

    @Override // org.identityconnectors.framework.spi.operations.SearchOp
    public FilterTranslator<Filter> createFilterTranslator(ObjectClass objectClass, OperationOptions operationOptions) {
        return new FilterTranslator<Filter>() { // from class: com.evolveum.polygon.connector.ldap.AbstractLdapConnector.1
            @Override // org.identityconnectors.framework.common.objects.filter.FilterTranslator
            public List<Filter> translate(Filter filter) {
                ArrayList arrayList = new ArrayList(1);
                arrayList.add(filter);
                return arrayList;
            }
        };
    }

    @Override // org.identityconnectors.framework.spi.operations.SearchOp
    public void executeQuery(ObjectClass objectClass, Filter filter, ResultsHandler resultsHandler, OperationOptions operationOptions) {
        prepareConnIdSchema();
        org.apache.directory.api.ldap.model.schema.ObjectClass ldapObjectClass = getSchemaTranslator().toLdapObjectClass(objectClass);
        SearchStrategy<C> searchByDn = isEqualsFilter(filter, Name.NAME) ? searchByDn(this.schemaTranslator.toDn(((EqualsFilter) filter).getAttribute()), objectClass, ldapObjectClass, resultsHandler, operationOptions) : isEqualsFilter(filter, Uid.NAME) ? searchByUid((Uid) ((EqualsFilter) filter).getAttribute(), objectClass, ldapObjectClass, resultsHandler, operationOptions) : isSecondaryIdentifierOrFilter(filter) ? searchBySecondaryIdenfiers(filter, objectClass, ldapObjectClass, resultsHandler, operationOptions) : searchUsual(filter, objectClass, ldapObjectClass, resultsHandler, operationOptions);
        if (!(resultsHandler instanceof SearchResultsHandler)) {
            LOG.warn("Result handler is NOT SearchResultsHandler, it is {0}", resultsHandler.getClass());
        } else if (searchByDn == null) {
            ((SearchResultsHandler) resultsHandler).handleResult(new SearchResult(null, 0, true));
        } else {
            ((SearchResultsHandler) resultsHandler).handleResult(new SearchResult(searchByDn.getPagedResultsCookie(), searchByDn.getRemainingPagedResults(), searchByDn.isCompleteResultSet()));
        }
    }

    private boolean isEqualsFilter(Filter filter, String str) {
        return filter != null && (filter instanceof EqualsFilter) && str.equals(((EqualsFilter) filter).getName());
    }

    private boolean isSecondaryIdentifierOrFilter(Filter filter) {
        if (filter == null || !(filter instanceof OrFilter)) {
            return false;
        }
        Filter left = ((OrFilter) filter).getLeft();
        Filter right = ((OrFilter) filter).getRight();
        if (isEqualsFilter(left, Name.NAME) && ((right instanceof EqualsFilter) || (right instanceof ContainsAllValuesFilter))) {
            return true;
        }
        if (isEqualsFilter(right, Name.NAME)) {
            return (left instanceof EqualsFilter) || (left instanceof ContainsAllValuesFilter);
        }
        return false;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public SearchStrategy<C> searchByDn(Dn dn, ObjectClass objectClass, org.apache.directory.api.ldap.model.schema.ObjectClass objectClass2, ResultsHandler resultsHandler, OperationOptions operationOptions) {
        SearchStrategy<C> defaultSearchStrategy = getDefaultSearchStrategy(objectClass, objectClass2, resultsHandler, operationOptions);
        try {
            defaultSearchStrategy.search(dn, applyAdditionalSearchFilterNode(null), SearchScope.OBJECT, determineAttributesToGet(objectClass2, operationOptions));
            return defaultSearchStrategy;
        } catch (LdapException e) {
            throw processLdapException("Error searching for DN '" + dn + "'", e);
        } catch (UnknownUidException e2) {
            return defaultSearchStrategy;
        }
    }

    protected SearchStrategy<C> searchByUid(Uid uid, ObjectClass objectClass, org.apache.directory.api.ldap.model.schema.ObjectClass objectClass2, ResultsHandler resultsHandler, OperationOptions operationOptions) {
        String singleStringNonBlankValue = SchemaUtil.getSingleStringNonBlankValue(uid);
        if (LdapUtil.isDnAttribute(this.configuration.getUidAttribute())) {
            return searchByDn(this.schemaTranslator.toDn(singleStringNonBlankValue), objectClass, objectClass2, resultsHandler, operationOptions);
        }
        SearchStrategy<C> defaultSearchStrategy = getDefaultSearchStrategy(objectClass, objectClass2, resultsHandler, operationOptions);
        String[] determineAttributesToGet = determineAttributesToGet(objectClass2, operationOptions);
        SearchScope scope = getScope(operationOptions);
        ExprNode applyAdditionalSearchFilterNode = applyAdditionalSearchFilterNode(getSchemaTranslator().createUidSearchFilter(singleStringNonBlankValue, objectClass2));
        Dn baseDn = getBaseDn(operationOptions);
        checkBaseDnPresent(baseDn);
        try {
            defaultSearchStrategy.search(baseDn, applyAdditionalSearchFilterNode, scope, determineAttributesToGet);
            return defaultSearchStrategy;
        } catch (LdapException e) {
            throw processLdapException("Error searching for UID '" + singleStringNonBlankValue + "'", e);
        }
    }

    private SearchStrategy<C> searchBySecondaryIdenfiers(Filter filter, ObjectClass objectClass, org.apache.directory.api.ldap.model.schema.ObjectClass objectClass2, final ResultsHandler resultsHandler, OperationOptions operationOptions) {
        EqualsFilter equalsFilter;
        Filter filter2;
        Filter left = ((OrFilter) filter).getLeft();
        Filter right = ((OrFilter) filter).getRight();
        if ((left instanceof EqualsFilter) && Name.NAME.equals(((EqualsFilter) left).getName())) {
            equalsFilter = (EqualsFilter) left;
            filter2 = right;
        } else {
            equalsFilter = (EqualsFilter) right;
            filter2 = left;
        }
        final String[] strArr = new String[1];
        ResultsHandler resultsHandler2 = new ResultsHandler() { // from class: com.evolveum.polygon.connector.ldap.AbstractLdapConnector.2
            @Override // org.identityconnectors.framework.common.objects.ResultsHandler
            public boolean handle(ConnectorObject connectorObject) {
                if (strArr[0] == null) {
                    strArr[0] = connectorObject.getUid().getUidValue();
                } else if (connectorObject.getUid().getUidValue().equals(strArr[0])) {
                    return true;
                }
                return resultsHandler.handle(connectorObject);
            }
        };
        Dn dn = this.schemaTranslator.toDn(equalsFilter.getAttribute());
        try {
            searchByDn(dn, objectClass, objectClass2, resultsHandler2, operationOptions);
        } catch (UnknownUidException e) {
            LOG.ok("The DN \"{0}\" not found: {1} (this is OK)", dn, e.getMessage());
        }
        SearchStrategy<C> defaultSearchStrategy = getDefaultSearchStrategy(objectClass, objectClass2, resultsHandler2, operationOptions);
        ExprNode filter3 = new LdapFilterTranslator(getSchemaTranslator(), objectClass2).translate(filter2, objectClass2).getFilter();
        String[] determineAttributesToGet = determineAttributesToGet(objectClass2, operationOptions);
        SearchScope scope = getScope(operationOptions);
        Dn baseDn = getBaseDn(operationOptions);
        checkBaseDnPresent(baseDn);
        try {
            defaultSearchStrategy.search(baseDn, filter3, scope, determineAttributesToGet);
            return defaultSearchStrategy;
        } catch (LdapException e2) {
            throw processLdapException("Error searching in " + baseDn, e2);
        }
    }

    private void checkBaseDnPresent(Dn dn) {
        if (dn == null) {
            throw new ConfigurationException("No base DN present. Are you sure you have set up the base context in connector configuration?");
        }
    }

    private SearchStrategy<C> searchUsual(Filter filter, ObjectClass objectClass, org.apache.directory.api.ldap.model.schema.ObjectClass objectClass2, ResultsHandler resultsHandler, OperationOptions operationOptions) {
        SearchStrategy<C> chooseSearchStrategy;
        Dn baseDn = getBaseDn(operationOptions);
        ScopedFilter translate = createLdapFilterTranslator(objectClass2).translate(filter, objectClass2);
        ExprNode filter2 = translate.getFilter();
        String[] determineAttributesToGet = determineAttributesToGet(objectClass2, operationOptions);
        if (translate.getBaseDn() != null) {
            chooseSearchStrategy = getDefaultSearchStrategy(objectClass, objectClass2, resultsHandler, operationOptions);
            try {
                chooseSearchStrategy.search(translate.getBaseDn(), filter2, SearchScope.OBJECT, determineAttributesToGet);
            } catch (LdapException e) {
                throw processLdapException("Error searching for " + translate.getBaseDn(), e);
            }
        } else {
            chooseSearchStrategy = chooseSearchStrategy(objectClass, objectClass2, resultsHandler, operationOptions);
            SearchScope scope = getScope(operationOptions);
            checkBaseDnPresent(baseDn);
            try {
                chooseSearchStrategy.search(baseDn, filter2, scope, determineAttributesToGet);
            } catch (LdapException e2) {
                throw processLdapException("Error searching in " + baseDn, e2);
            }
        }
        return chooseSearchStrategy;
    }

    protected LdapFilterTranslator createLdapFilterTranslator(org.apache.directory.api.ldap.model.schema.ObjectClass objectClass) {
        return new LdapFilterTranslator(getSchemaTranslator(), objectClass);
    }

    private Dn getBaseDn(OperationOptions operationOptions) {
        if (operationOptions == null || operationOptions.getContainer() == null) {
            return getSchemaTranslator().toDn(this.configuration.getBaseContext());
        }
        return getSchemaTranslator().toDn(operationOptions.getContainer().getUid());
    }

    private SearchScope getScope(OperationOptions operationOptions) {
        if (operationOptions != null && operationOptions.getScope() != null) {
            return SearchScope.getSearchScope(SearchScope.getSearchScope(operationOptions.getScope()));
        }
        String defaultSearchScope = this.configuration.getDefaultSearchScope();
        boolean z = -1;
        switch (defaultSearchScope.hashCode()) {
            case 110182:
                if (defaultSearchScope.equals("one")) {
                    z = true;
                    break;
                }
                break;
            case 114240:
                if (defaultSearchScope.equals("sub")) {
                    z = false;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                return SearchScope.SUBTREE;
            case true:
                return SearchScope.ONELEVEL;
            default:
                throw new ConfigurationException("Unknown defaultSearchScope=" + this.configuration.getDefaultSearchScope());
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String[] determineAttributesToGet(org.apache.directory.api.ldap.model.schema.ObjectClass objectClass, OperationOptions operationOptions) {
        return getSchemaTranslator().determineAttributesToGet(objectClass, operationOptions, new String[0]);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public SearchStrategy<C> chooseSearchStrategy(ObjectClass objectClass, org.apache.directory.api.ldap.model.schema.ObjectClass objectClass2, ResultsHandler resultsHandler, OperationOptions operationOptions) {
        AbstractSchemaTranslator<C> schemaTranslator = getSchemaTranslator();
        String pagingStrategy = this.configuration.getPagingStrategy();
        if (pagingStrategy == null) {
            pagingStrategy = "auto";
        }
        if (operationOptions != null && operationOptions.getAllowPartialResults() != null && operationOptions.getAllowPartialResults().booleanValue() && operationOptions.getPagedResultsOffset() == null && operationOptions.getPagedResultsCookie() == null && operationOptions.getPageSize() == null) {
            return getDefaultSearchStrategy(objectClass, objectClass2, resultsHandler, operationOptions);
        }
        if ("none".equals(pagingStrategy)) {
            LOG.ok("Selecting default search strategy because strategy setting is set to {0}", pagingStrategy);
            return getDefaultSearchStrategy(objectClass, objectClass2, resultsHandler, operationOptions);
        }
        if (AbstractLdapConfiguration.PAGING_STRATEGY_SPR.equals(pagingStrategy)) {
            if (!this.connectionManager.isControlSupported(PagedResults.OID)) {
                throw new ConfigurationException("Configured paging strategy " + pagingStrategy + ", but the server does not support PagedResultsControl.");
            }
            LOG.ok("Selecting SimplePaged search strategy because strategy setting is set to {0}", pagingStrategy);
            return new SimplePagedResultsSearchStrategy(this.connectionManager, this.configuration, schemaTranslator, objectClass, objectClass2, resultsHandler, getErrorHandler(), this.connectionLog, operationOptions);
        }
        if (AbstractLdapConfiguration.PAGING_STRATEGY_VLV.equals(pagingStrategy)) {
            if (!this.connectionManager.isControlSupported(VirtualListViewRequest.OID)) {
                throw new ConfigurationException("Configured paging strategy " + pagingStrategy + ", but the server does not support VLV.");
            }
            LOG.ok("Selecting VLV search strategy because strategy setting is set to {0}", pagingStrategy);
            return new VlvSearchStrategy(this.connectionManager, this.configuration, getSchemaTranslator(), objectClass, objectClass2, resultsHandler, getErrorHandler(), this.connectionLog, operationOptions);
        }
        if (!"auto".equals(pagingStrategy)) {
            return getDefaultSearchStrategy(objectClass, objectClass2, resultsHandler, operationOptions);
        }
        if (operationOptions.getPagedResultsOffset() != null) {
            if (!this.connectionManager.isControlSupported(VirtualListViewRequest.OID)) {
                throw new UnsupportedOperationException("Requested search from offset (" + operationOptions.getPagedResultsOffset() + "), but the server does not support VLV. Unable to execute the search.");
            }
            LOG.ok("Selecting VLV search strategy because strategy setting is set to {0} and the request specifies an offset", pagingStrategy);
            return new VlvSearchStrategy(this.connectionManager, this.configuration, getSchemaTranslator(), objectClass, objectClass2, resultsHandler, getErrorHandler(), this.connectionLog, operationOptions);
        }
        if (this.connectionManager.isControlSupported(PagedResults.OID)) {
            LOG.ok("Selecting SimplePaged search strategy because strategy setting is set to {0} and the request does not specify an offset", pagingStrategy);
            return new SimplePagedResultsSearchStrategy(this.connectionManager, this.configuration, schemaTranslator, objectClass, objectClass2, resultsHandler, getErrorHandler(), this.connectionLog, operationOptions);
        }
        if (this.connectionManager.isControlSupported(VirtualListViewRequest.OID)) {
            return new VlvSearchStrategy(this.connectionManager, this.configuration, getSchemaTranslator(), objectClass, objectClass2, resultsHandler, getErrorHandler(), this.connectionLog, operationOptions);
        }
        throw new UnsupportedOperationException("Requested paged search, but the server does not support VLV or PagedResultsControl. Unable to execute the search.");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public SearchStrategy<C> getDefaultSearchStrategy(ObjectClass objectClass, org.apache.directory.api.ldap.model.schema.ObjectClass objectClass2, ResultsHandler resultsHandler, OperationOptions operationOptions) {
        return new DefaultSearchStrategy(this.connectionManager, this.configuration, getSchemaTranslator(), objectClass, objectClass2, resultsHandler, getErrorHandler(), this.connectionLog, operationOptions);
    }

    @Override // org.identityconnectors.framework.spi.operations.CreateOp
    public Uid create(ObjectClass objectClass, Set<org.identityconnectors.framework.common.objects.Attribute> set, OperationOptions operationOptions) {
        String str = null;
        HashSet hashSet = new HashSet();
        for (org.identityconnectors.framework.common.objects.Attribute attribute : set) {
            if (attribute.is(Name.NAME)) {
                str = SchemaUtil.getSingleStringNonBlankValue(attribute);
            }
        }
        if (str == null) {
            throw new InvalidAttributeValueException("Missing NAME attribute");
        }
        AbstractSchemaTranslator<C> schemaTranslator = getSchemaTranslator();
        org.apache.directory.api.ldap.model.schema.ObjectClass ldapObjectClass = schemaTranslator.toLdapObjectClass(objectClass);
        ArrayList arrayList = new ArrayList();
        for (org.identityconnectors.framework.common.objects.Attribute attribute2 : set) {
            if (attribute2.is(PredefinedAttributes.AUXILIARY_OBJECT_CLASS_NAME)) {
                Iterator<Object> it = attribute2.getValue().iterator();
                while (it.hasNext()) {
                    arrayList.add(getSchemaTranslator().toLdapObjectClass(new ObjectClass((String) it.next())));
                }
            }
        }
        Set<org.identityconnectors.framework.common.objects.Attribute> prepareCreateConnIdAttributes = prepareCreateConnIdAttributes(objectClass, ldapObjectClass, set);
        String[] strArr = new String[arrayList.size() + 1];
        strArr[0] = ldapObjectClass.getName();
        for (int i = 0; i < arrayList.size(); i++) {
            strArr[i + 1] = ((org.apache.directory.api.ldap.model.schema.ObjectClass) arrayList.get(i)).getName();
        }
        try {
            DefaultEntry defaultEntry = new DefaultEntry(str);
            defaultEntry.put("objectClass", strArr);
            boolean z = !ArrayUtils.isEmpty(this.configuration.getManagedAssociationPairs());
            Map<String, AssociationHolder> associationAttributeNames = z ? getAssociationAttributeNames(objectClass) : null;
            for (org.identityconnectors.framework.common.objects.Attribute attribute3 : prepareCreateConnIdAttributes) {
                if (!attribute3.is(Name.NAME) && !attribute3.is(PredefinedAttributes.AUXILIARY_OBJECT_CLASS_NAME)) {
                    if (z && associationAttributeNames != null) {
                        String name = attribute3.getName();
                        Stream<String> stream = associationAttributeNames.keySet().stream();
                        Objects.requireNonNull(name);
                        if (stream.anyMatch(name::equalsIgnoreCase)) {
                            AssociationHolder associationHolder = associationAttributeNames.get(name);
                            if (LdapConstants.R_I_R_OBJECT.equals(associationHolder.getRoleInReference())) {
                                HashMap hashMap = new HashMap();
                                saturateReferenceAttributeValues(attribute3.getValue(), hashMap);
                                if (!hashMap.isEmpty()) {
                                    AttributeType ldapAttribute = schemaTranslator.toLdapAttribute(ldapObjectClass, associationHolder.getAssociationAttributeName());
                                    ArrayList arrayList2 = new ArrayList();
                                    Iterator<List<String>> it2 = hashMap.values().iterator();
                                    while (it2.hasNext()) {
                                        arrayList2.addAll(it2.next());
                                    }
                                    List<Value> ldapValues = schemaTranslator.toLdapValues(ldapAttribute, arrayList2);
                                    defaultEntry.put(ldapAttribute.getName(), (Value[]) ldapValues.toArray(new Value[ldapValues.size()]));
                                }
                            } else {
                                AttributeDeltaBuilder attributeDeltaBuilder = new AttributeDeltaBuilder();
                                attributeDeltaBuilder.addValueToAdd(attribute3.getValue());
                                attributeDeltaBuilder.setName(attribute3.getName());
                                hashSet.add(attributeDeltaBuilder.build());
                            }
                        }
                    }
                    AttributeType ldapAttribute2 = schemaTranslator.toLdapAttribute(ldapObjectClass, attribute3.getName());
                    List<Object> value = attribute3.getValue();
                    if (this.schemaTranslator.isPolyAttribute(ldapAttribute2, attribute3.getName(), value)) {
                        for (Map.Entry<String, List<Value>> entry : this.schemaTranslator.toLdapPolyValues(ldapAttribute2, value).entrySet()) {
                            LOG.ok("Adding poly attribute {0}: {1}", entry.getKey(), entry.getValue());
                            defaultEntry.put(entry.getKey(), (Value[]) entry.getValue().toArray(new Value[entry.getValue().size()]));
                        }
                    } else {
                        if (ldapAttribute2.getName().equals("pwdAccountLockedTime") && value.size() > 0) {
                            if (attribute3.is(OperationalAttributes.ENABLE_NAME)) {
                                if (!Boolean.TRUE.equals(Boolean.valueOf(Boolean.parseBoolean(value.get(0).toString())))) {
                                    if (Boolean.FALSE.equals(Boolean.valueOf(Boolean.parseBoolean(value.get(0).toString())))) {
                                        value = new ArrayList();
                                        value.add(LdapConstants.ATTRIBUTE_OPENLDAP_PWD_ACCOUNT_LOCKED_TIME_VALUE);
                                    }
                                }
                            }
                            if (attribute3.is(OperationalAttributes.LOCK_OUT_NAME)) {
                                if (!Boolean.FALSE.equals(Boolean.valueOf(Boolean.parseBoolean(value.get(0).toString())))) {
                                    if (Boolean.TRUE.equals(Boolean.valueOf(Boolean.parseBoolean(value.get(0).toString())))) {
                                        value = new ArrayList();
                                        value.add(LdapConstants.ATTRIBUTE_OPENLDAP_PWD_ACCOUNT_LOCKED_TIME_VALUE);
                                    }
                                }
                            }
                        }
                        List<Value> ldapValues2 = schemaTranslator.toLdapValues(ldapAttribute2, value);
                        defaultEntry.put(ldapAttribute2.getName(), (Value[]) ldapValues2.toArray(new Value[ldapValues2.size()]));
                    }
                }
            }
            injectDummyMember(objectClass, defaultEntry);
            prepareCreateLdapAttributes(ldapObjectClass, defaultEntry);
            if (LOG.isOk()) {
                LOG.ok("Adding entry: {0}", defaultEntry);
            }
            processEntryBeforeCreate(defaultEntry);
            AddRequestImpl addRequestImpl = new AddRequestImpl();
            addRequestImpl.setEntry(defaultEntry);
            LdapNetworkConnection connection = this.connectionManager.getConnection(addRequestImpl.getEntryDn(), operationOptions);
            OperationLog.logOperationReq(connection, "Add REQ Entry:\n{0}", defaultEntry);
            try {
                AddResponse add = connection.add(addRequestImpl);
                OperationLog.logOperationRes(connection, "Add RES {0}: {1}", str, add.getLdapResult());
                this.connectionLog.success(connection, "add", str);
                if (add.getLdapResult().getResultCode() != ResultCodeEnum.SUCCESS) {
                    this.connectionManager.returnConnection(connection);
                    throw processCreateResult(str, add);
                }
                String uidAttribute = this.configuration.getUidAttribute();
                if (LdapUtil.isDnAttribute(uidAttribute)) {
                    this.connectionManager.returnConnection(connection);
                    return new Uid(str);
                }
                Uid uid = null;
                for (org.identityconnectors.framework.common.objects.Attribute attribute4 : prepareCreateConnIdAttributes) {
                    if (attribute4.is(uidAttribute)) {
                        uid = new Uid(SchemaUtil.getSingleStringNonBlankValue(attribute4));
                    }
                }
                if (uid != null) {
                    if (z && !hashSet.isEmpty()) {
                        updateAssociationsAttempt(hashSet, resolveDn(objectClass, uid, operationOptions), objectClass, associationAttributeNames, operationOptions);
                    }
                    this.connectionManager.returnConnection(connection);
                    return uid;
                }
                Entry searchSingleEntry = searchSingleEntry(this.connectionManager, connection, defaultEntry.getDn(), LdapUtil.createAllSearchFilter(), SearchScope.OBJECT, new String[]{uidAttribute}, "re-reading entry to get UID", operationOptions);
                if (searchSingleEntry == null) {
                    throw new UnknownUidException("Cannot re-reading entry to get UID, entry was not found: " + defaultEntry.getDn());
                }
                Attribute attribute5 = searchSingleEntry.get(uidAttribute);
                if (attribute5 == null) {
                    throw new InvalidAttributeValueException("No value for UID attribute " + uidAttribute + " in object " + str);
                }
                if (attribute5.size() == 0) {
                    throw new InvalidAttributeValueException("No value for UID attribute " + uidAttribute + " in object " + str);
                }
                if (attribute5.size() > 1) {
                    throw new InvalidAttributeValueException("More than one value (" + attribute5.size() + ") for UID attribute " + uidAttribute + " in object " + str);
                }
                Uid uid2 = new Uid(getSchemaTranslator().toConnIdIdentifierValue(attribute5.get(), uidAttribute, getSchemaManager().getAttributeType(uidAttribute)));
                if (z && !hashSet.isEmpty()) {
                    updateAssociationsAttempt(hashSet, resolveDn(objectClass, uid2, operationOptions), objectClass, associationAttributeNames, operationOptions);
                }
                return uid2;
            } catch (LdapException e) {
                OperationLog.logOperationErr(connection, "Add ERROR {0}: {1}", str, e.getMessage(), e);
                this.connectionLog.error(connection, "add", e, str);
                this.connectionManager.returnConnection(connection);
                throw processLdapException("Error adding LDAP entry " + str, e);
            }
        } catch (LdapInvalidDnException e2) {
            throw new InvalidAttributeValueException("Wrong DN '" + str + "': " + e2.getMessage(), e2);
        }
    }

    protected void injectDummyMember(ObjectClass objectClass, Entry entry) {
    }

    protected boolean injectDummyMember(String str, AttributeDeltaBuilder attributeDeltaBuilder) {
        return false;
    }

    private void saturateReferenceAttributeValues(List<Object> list, Map<String, List<String>> map) {
        if (list == null || list.isEmpty()) {
            return;
        }
        for (Object obj : list) {
            if (obj instanceof ConnectorObjectReference) {
                String str = (String) ((ConnectorObjectReference) obj).getValue().getAttributeByName(Name.NAME).getValue().get(0);
                String objectClassValue = ((ConnectorObjectReference) obj).getValue().getObjectClass().getObjectClassValue();
                if (objectClassValue != null && str != null) {
                    if (map.containsKey(objectClassValue)) {
                        List<String> list2 = map.get(objectClassValue);
                        list2.add(str);
                        map.put(objectClassValue, list2);
                    } else {
                        ArrayList arrayList = new ArrayList();
                        arrayList.add(str);
                        map.put(objectClassValue, arrayList);
                    }
                }
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Set<org.identityconnectors.framework.common.objects.Attribute> prepareCreateConnIdAttributes(ObjectClass objectClass, org.apache.directory.api.ldap.model.schema.ObjectClass objectClass2, Set<org.identityconnectors.framework.common.objects.Attribute> set) {
        return set;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void prepareCreateLdapAttributes(org.apache.directory.api.ldap.model.schema.ObjectClass objectClass, Entry entry) {
    }

    protected RuntimeException processCreateResult(String str, AddResponse addResponse) {
        return processLdapResult("Error adding LDAP entry " + str, addResponse.getLdapResult());
    }

    @Override // org.identityconnectors.framework.spi.operations.UpdateDeltaOp
    public Set<AttributeDelta> updateDelta(ObjectClass objectClass, Uid uid, Set<AttributeDelta> set, OperationOptions operationOptions) {
        Dn dn = null;
        for (AttributeDelta attributeDelta : set) {
            if (attributeDelta.is(Name.NAME)) {
                dn = getSchemaTranslator().toDn(attributeDelta);
                ldapRename(objectClass, uid, dn, operationOptions);
            }
        }
        org.apache.directory.api.ldap.model.schema.ObjectClass ldapObjectClass = getSchemaTranslator().toLdapObjectClass(objectClass);
        if (dn == null) {
            if (getConfiguration().isUseUnsafeNameHint() && uid.getNameHint() != null) {
                Dn dn2 = getSchemaTranslator().toDn(uid.getNameHintValue());
                LOG.ok("Using (unsafe) DN from the name hint: {0} for update", dn2);
                try {
                    return ldapUpdateAttempt(objectClass, uid, dn2, set, operationOptions, ldapObjectClass);
                } catch (Throwable th) {
                    LOG.warn("Attempt to delete object with DN failed (DN taken from the name hint). The operation will continue with next attempt. Error: {0}", th.getMessage(), th);
                }
            }
            dn = resolveDn(objectClass, uid, operationOptions);
            LOG.ok("Resolved DN: {0}", dn);
        }
        return ldapUpdateAttempt(objectClass, uid, dn, set, operationOptions, ldapObjectClass);
    }

    private void ldapRename(ObjectClass objectClass, Uid uid, Dn dn, OperationOptions operationOptions) {
        if (getConfiguration().isUseUnsafeNameHint() && uid.getNameHint() != null) {
            Dn dn2 = getSchemaTranslator().toDn(uid.getNameHintValue());
            LOG.ok("Using (unsafe) DN from the name hint: {0} for rename", dn2);
            try {
                ldapRenameAttempt(dn2, dn, operationOptions);
                return;
            } catch (Throwable th) {
                LOG.warn("Attempt to delete object with DN failed (DN taked from the name hint). The operation will continue with next attempt. Error: {0}", th.getMessage(), th);
            }
        }
        Dn resolveDn = resolveDn(objectClass, uid, operationOptions);
        LOG.ok("Resolved DN: {0}", resolveDn);
        ldapRenameAttempt(resolveDn, dn, operationOptions);
    }

    private void ldapRenameAttempt(Dn dn, Dn dn2, OperationOptions operationOptions) {
        if (dn.equals(dn2)) {
            return;
        }
        LdapNetworkConnection connection = this.connectionManager.getConnection(dn, operationOptions);
        try {
            try {
                OperationLog.logOperationReq(connection, "MoveAndRename REQ {0} -> {1}", dn, dn2);
                connection.moveAndRename(dn.getName(), dn2.getName());
                OperationLog.logOperationRes(connection, "MoveAndRename RES OK {0} -> {1}", dn, dn2);
                if (this.connectionLog.isSuccess()) {
                    this.connectionLog.success(connection, LdapTransactionUtils.RENAME_METHOD_NAME, dn + " -> " + dn2);
                }
            } catch (LdapException e) {
                OperationLog.logOperationErr(connection, "MoveAndRename ERROR {0} -> {1}: {2}", dn, dn2, e.getMessage(), e);
                this.connectionLog.error(connection, LdapTransactionUtils.RENAME_METHOD_NAME, e, dn + " -> " + dn2);
                throw processLdapException("Rename/move of LDAP entry from " + dn + " to " + dn2 + " failed", e);
            }
        } finally {
            this.connectionManager.returnConnection(connection);
        }
    }

    private Set<AttributeDelta> ldapUpdateAttempt(ObjectClass objectClass, Uid uid, Dn dn, Set<AttributeDelta> set, OperationOptions operationOptions, org.apache.directory.api.ldap.model.schema.ObjectClass objectClass2) {
        ArrayList arrayList = new ArrayList();
        Boolean valueOf = Boolean.valueOf(!ArrayUtils.isEmpty(this.configuration.getManagedAssociationPairs()));
        HashSet hashSet = new HashSet();
        Map<String, AssociationHolder> associationAttributeNames = valueOf.booleanValue() ? getAssociationAttributeNames(objectClass) : null;
        for (AttributeDelta attributeDelta : set) {
            if (!attributeDelta.is(Name.NAME)) {
                if (associationAttributeNames != null) {
                    String name = attributeDelta.getName();
                    boolean z = false;
                    Iterator<String> it = associationAttributeNames.keySet().iterator();
                    while (true) {
                        if (!it.hasNext()) {
                            break;
                        }
                        if (it.next().equalsIgnoreCase(name)) {
                            hashSet.add(attributeDelta);
                            z = true;
                            break;
                        }
                    }
                    if (z) {
                    }
                }
                if (attributeDelta.is(PredefinedAttributes.AUXILIARY_OBJECT_CLASS_NAME)) {
                    List<Object> valuesToReplace = attributeDelta.getValuesToReplace();
                    if (valuesToReplace != null) {
                        String[] strArr = new String[valuesToReplace.size() + 1];
                        strArr[0] = objectClass2.getName();
                        int i = 1;
                        Iterator<Object> it2 = valuesToReplace.iterator();
                        while (it2.hasNext()) {
                            strArr[i] = (String) it2.next();
                            i++;
                        }
                        arrayList.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, "objectClass", strArr));
                    } else {
                        addLdapModificationString(arrayList, ModificationOperation.ADD_ATTRIBUTE, "objectClass", attributeDelta.getValuesToAdd());
                        addLdapModificationString(arrayList, ModificationOperation.REMOVE_ATTRIBUTE, "objectClass", attributeDelta.getValuesToRemove());
                    }
                } else {
                    addAttributeModification(dn, arrayList, objectClass2, objectClass, attributeDelta);
                }
            }
        }
        if (valueOf.booleanValue() && !hashSet.isEmpty()) {
            updateAssociationsAttempt(hashSet, dn, objectClass, associationAttributeNames, operationOptions);
        }
        if (arrayList.isEmpty()) {
            LOG.ok("Skipping modify operation as there are no modifications to execute", new Object[0]);
        } else {
            modify(dn, arrayList, operationOptions);
            postUpdate(objectClass, uid, set, operationOptions, dn, objectClass2, arrayList);
        }
        HashSet hashSet2 = null;
        String uidAttribute = this.configuration.getUidAttribute();
        if (LdapUtil.isDnAttribute(uidAttribute)) {
            HashSet hashSet3 = new HashSet();
            hashSet3.add(createUidDelta(dn.toString()));
            return hashSet3;
        }
        for (AttributeDelta attributeDelta2 : set) {
            if (attributeDelta2.is(uidAttribute)) {
                hashSet2 = new HashSet();
                hashSet2.add(createUidDelta(SchemaUtil.getSingleStringNonBlankReplaceValue(attributeDelta2)));
            }
        }
        return hashSet2;
    }

    void updateAssociationsAttempt(Set<AttributeDelta> set, Dn dn, ObjectClass objectClass, Map<String, AssociationHolder> map, OperationOptions operationOptions) {
        for (AttributeDelta attributeDelta : set) {
            Map<String, Map<String, AttributeDeltaBuilder>> reWrapReferenceDeltas = reWrapReferenceDeltas(map.get(attributeDelta.getName()).getAssociationAttributeName(), attributeDelta, dn, operationOptions);
            for (String str : reWrapReferenceDeltas.keySet()) {
                Map<String, AttributeDeltaBuilder> map2 = reWrapReferenceDeltas.get(str);
                for (String str2 : map2.keySet()) {
                    Dn dn2 = this.schemaTranslator.toDn(str2);
                    ObjectClass objectClass2 = new ObjectClass(str);
                    ArrayList arrayList = new ArrayList();
                    org.apache.directory.api.ldap.model.schema.ObjectClass ldapObjectClass = getSchemaTranslator().toLdapObjectClass(objectClass2);
                    AttributeDeltaBuilder attributeDeltaBuilder = map2.get(str2);
                    String objectReferenceAttribute = getObjectReferenceAttribute(objectClass.getObjectClassValue(), objectClass2.getObjectClassValue());
                    attributeDeltaBuilder.setName(objectReferenceAttribute);
                    addAttributeModification(dn2, arrayList, ldapObjectClass, objectClass2, map2.get(str2).build());
                    if (arrayList.isEmpty()) {
                        LOG.ok("Skipping modify operation as there are no modifications to execute", new Object[0]);
                    } else {
                        try {
                            modify(dn2, arrayList, null);
                        } catch (InvalidAttributeValueException e) {
                            boolean z = false;
                            if (e.getMessage().contains("object class '" + str + "' requires attribute '" + objectReferenceAttribute + "' (65)") && attributeDeltaBuilder.getValueToRemove() != null && !attributeDeltaBuilder.getValueToRemove().isEmpty()) {
                                AttributeDeltaBuilder attributeDeltaBuilder2 = new AttributeDeltaBuilder();
                                if (injectDummyMember(objectReferenceAttribute, attributeDeltaBuilder2)) {
                                    addAttributeModification(dn2, arrayList, ldapObjectClass, objectClass2, attributeDeltaBuilder2.build());
                                    modify(dn2, arrayList, null);
                                    z = true;
                                }
                            }
                            if (!z) {
                                throw e;
                            }
                        } catch (UnknownUidException e2) {
                            throw new InvalidAttributeValueException("Association update attempt failed, the association Object '" + dn2 + "' was not found. The original exception message: " + e2.getMessage());
                        }
                    }
                }
            }
        }
    }

    private String getObjectReferenceAttribute(String str, String str2) {
        AssociationHolder orElse = this.schemaTranslator.getSubjectAssociationSets().get(str).stream().filter(associationHolder -> {
            return str2.equals(associationHolder.getObjectObjectClassName());
        }).findAny().orElse(null);
        if (orElse != null) {
            return orElse.getOtherAttributeInReferenceName();
        }
        return null;
    }

    private Map<String, Map<String, AttributeDeltaBuilder>> reWrapReferenceDeltas(String str, AttributeDelta attributeDelta, Dn dn, OperationOptions operationOptions) {
        HashMap hashMap = new HashMap();
        HashMap hashMap2 = new HashMap();
        HashMap hashMap3 = new HashMap();
        HashMap hashMap4 = new HashMap();
        saturateReferenceAttributeValues(attributeDelta.getValuesToAdd(), hashMap2);
        saturateReferenceAttributeValues(attributeDelta.getValuesToRemove(), hashMap3);
        saturateReferenceAttributeValues(attributeDelta.getValuesToReplace(), hashMap4);
        if (!hashMap4.isEmpty()) {
            retrieveValuesToReplace(dn, hashMap4, str, operationOptions, hashMap);
            return hashMap;
        }
        if (!hashMap3.isEmpty()) {
            retrieveValuesToAddOrRemove(dn, hashMap3, hashMap, true);
        }
        if (!hashMap2.isEmpty()) {
            retrieveValuesToAddOrRemove(dn, hashMap2, hashMap, false);
        }
        return hashMap;
    }

    private void retrieveValuesToAddOrRemove(Dn dn, Map<String, List<String>> map, Map<String, Map<String, AttributeDeltaBuilder>> map2, boolean z) {
        for (String str : map.keySet()) {
            for (String str2 : map.get(str)) {
                if (map2.containsKey(str)) {
                    Map<String, AttributeDeltaBuilder> map3 = map2.get(str);
                    AttributeDeltaBuilder attributeDeltaBuilder = new AttributeDeltaBuilder();
                    if (z) {
                        attributeDeltaBuilder.addValueToRemove(Collections.singletonList(dn.toString()));
                    } else {
                        attributeDeltaBuilder.addValueToAdd(Collections.singletonList(dn.toString()));
                    }
                    map3.put(str2, attributeDeltaBuilder);
                    map2.put(str, map3);
                } else {
                    AttributeDeltaBuilder attributeDeltaBuilder2 = new AttributeDeltaBuilder();
                    if (z) {
                        attributeDeltaBuilder2.addValueToRemove(Collections.singletonList(dn.toString()));
                    } else {
                        attributeDeltaBuilder2.addValueToAdd(Collections.singletonList(dn.toString()));
                    }
                    HashMap hashMap = new HashMap();
                    hashMap.put(str2, attributeDeltaBuilder2);
                    map2.put(str, hashMap);
                }
            }
        }
    }

    private void retrieveValuesToReplace(Dn dn, Map<String, List<String>> map, String str, OperationOptions operationOptions, Map<String, Map<String, AttributeDeltaBuilder>> map2) {
        Entry searchSingleEntry = searchSingleEntry(getConnectionManager(), dn, applyAdditionalSearchFilterNode(null), getScope(operationOptions), new String[]{str}, "LDAP entry for " + dn.toString(), operationOptions);
        if (searchSingleEntry == null) {
            throw new UnknownUidException("LDAP entry for dn " + dn + " was not found");
        }
        Attribute attribute = searchSingleEntry.get(str);
        ArrayList arrayList = new ArrayList();
        if (attribute != null) {
            Iterator<Value> it = attribute.iterator();
            while (it.hasNext()) {
                arrayList.add(it.next().getString());
            }
        }
        for (String str2 : map.keySet()) {
            ArrayList<String> arrayList2 = new ArrayList();
            arrayList2.addAll(arrayList);
            arrayList2.removeAll(map.get(str2));
            for (String str3 : arrayList2) {
                AttributeDeltaBuilder attributeDeltaBuilder = new AttributeDeltaBuilder();
                attributeDeltaBuilder.addValueToRemove(Collections.singletonList(dn.toString()));
                if (map2.containsKey(str2)) {
                    Map<String, AttributeDeltaBuilder> map3 = map2.get(str2);
                    map3.put(str3, attributeDeltaBuilder);
                    map2.put(str2, map3);
                } else {
                    HashMap hashMap = new HashMap();
                    hashMap.put(str3, attributeDeltaBuilder);
                    map2.put(str2, hashMap);
                }
            }
        }
        for (String str4 : map.keySet()) {
            List<String> list = map.get(str4);
            list.removeAll(arrayList);
            for (String str5 : list) {
                AttributeDeltaBuilder attributeDeltaBuilder2 = new AttributeDeltaBuilder();
                attributeDeltaBuilder2.addValueToAdd(Collections.singletonList(dn.toString()));
                if (map2.containsKey(str4)) {
                    Map<String, AttributeDeltaBuilder> map4 = map2.get(str4);
                    map4.put(str5, attributeDeltaBuilder2);
                    map2.put(str4, map4);
                } else {
                    HashMap hashMap2 = new HashMap();
                    hashMap2.put(str5, attributeDeltaBuilder2);
                    map2.put(str4, hashMap2);
                }
            }
        }
    }

    private Map<String, AssociationHolder> getAssociationAttributeNames(ObjectClass objectClass) {
        HashMap hashMap = new HashMap();
        Set<AssociationHolder> set = this.schemaTranslator.getSubjectAssociationSets().get(objectClass.getObjectClassValue());
        Set<AssociationHolder> set2 = this.schemaTranslator.getObjectAssociationSets().get(objectClass.getObjectClassValue());
        if (set != null) {
            for (AssociationHolder associationHolder : set) {
                hashMap.put(associationHolder.getName(), associationHolder);
            }
        }
        if (set2 != null) {
            for (AssociationHolder associationHolder2 : set2) {
                hashMap.put(associationHolder2.getName(), associationHolder2);
            }
        }
        return hashMap;
    }

    private AttributeDelta createUidDelta(String str) {
        return AttributeDeltaBuilder.build(Uid.NAME, str);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void modify(Dn dn, List<Modification> list, OperationOptions operationOptions) {
        LdapNetworkConnection connection = this.connectionManager.getConnection(dn, operationOptions);
        try {
            try {
                PermissiveModifyImpl permissiveModifyImpl = isUsePermissiveModify() ? new PermissiveModifyImpl() : null;
                if (LOG.isOk()) {
                    OperationLog.logOperationReq(connection, "Modify REQ {0}: {1}, control={2}", dn, dumpModifications(list), LdapUtil.toShortString(permissiveModifyImpl));
                }
                ModifyRequestImpl modifyRequestImpl = new ModifyRequestImpl();
                modifyRequestImpl.setName(dn);
                if (permissiveModifyImpl != null) {
                    modifyRequestImpl.addControl((Control) permissiveModifyImpl);
                }
                for (Modification modification : processModificationsBeforeUpdate(list)) {
                    modifyRequestImpl.addModification(modification);
                }
                ModifyResponse modify = connection.modify(modifyRequestImpl);
                if (LOG.isOk()) {
                    OperationLog.logOperationRes(connection, "Modify RES {0}: {1}", dn, modify.getLdapResult());
                }
                this.connectionLog.success(connection, "modify", dn);
                if (modify.getLdapResult().getResultCode() != ResultCodeEnum.SUCCESS) {
                    throw processModifyResult(dn, list, modify);
                }
            } catch (LdapException e) {
                OperationLog.logOperationErr(connection, "Modify ERROR {0}: {1}: {2}", dn, dumpModifications(list), e.getMessage(), e);
                this.connectionLog.error(connection, "modify", e, dn);
                throw processModifyResult(dn.toString(), list, e);
            }
        } finally {
            this.connectionManager.returnConnection(connection);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public RuntimeException processModifyResult(Dn dn, List<Modification> list, ModifyResponse modifyResponse) {
        return processLdapResult("Error modifying LDAP entry " + dn + ": " + dumpModifications(list), modifyResponse.getLdapResult());
    }

    protected RuntimeException processModifyResult(String str, List<Modification> list, LdapException ldapException) {
        return processLdapException("Error modifying LDAP entry " + str, ldapException);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void addAttributeModification(Dn dn, List<Modification> list, org.apache.directory.api.ldap.model.schema.ObjectClass objectClass, ObjectClass objectClass2, AttributeDelta attributeDelta) {
        AbstractSchemaTranslator<C> schemaTranslator = getSchemaTranslator();
        String name = attributeDelta.getName();
        AttributeType ldapAttribute = schemaTranslator.toLdapAttribute(objectClass, name);
        if (ldapAttribute == null && !this.configuration.isAllowUnknownAttributes() && !ArrayUtils.contains(this.configuration.getOperationalAttributes(), name)) {
            throw new InvalidAttributeValueException("Unknown attribute " + name + " in object class " + objectClass2);
        }
        addLdapModification(dn, list, ModificationOperation.REPLACE_ATTRIBUTE, ldapAttribute, name, attributeDelta.getValuesToReplace());
        addLdapModification(dn, list, ModificationOperation.ADD_ATTRIBUTE, ldapAttribute, name, attributeDelta.getValuesToAdd());
        addLdapModification(dn, list, ModificationOperation.REMOVE_ATTRIBUTE, ldapAttribute, name, attributeDelta.getValuesToRemove());
    }

    private void addLdapModificationString(List<Modification> list, ModificationOperation modificationOperation, String str, List<Object> list2) {
        if (list2 == null) {
            return;
        }
        String[] strArr = new String[list2.size()];
        int i = 0;
        Iterator<Object> it = list2.iterator();
        while (it.hasNext()) {
            strArr[i] = (String) it.next();
            i++;
        }
        list.add(new DefaultModification(modificationOperation, str, strArr));
    }

    private void addLdapModification(Dn dn, List<Modification> list, ModificationOperation modificationOperation, AttributeType attributeType, String str, List<Object> list2) {
        if (list2 == null) {
            return;
        }
        if (this.schemaTranslator.isPolyAttribute(attributeType, str, list2)) {
            addLdapModificationPoly(dn, list, modificationOperation, attributeType, list2);
        } else {
            addLdapModificationSimple(dn, list, modificationOperation, attributeType, list2);
        }
    }

    private void addLdapModificationSimple(Dn dn, List<Modification> list, ModificationOperation modificationOperation, AttributeType attributeType, List<Object> list2) {
        List<Value> ldapValues = this.schemaTranslator.toLdapValues(attributeType, list2);
        if (ldapValues == null || ldapValues.isEmpty()) {
            list.add(new DefaultModification(modificationOperation, attributeType.getName()));
        } else {
            list.add(new DefaultModification(modificationOperation, new DefaultAttribute(attributeType.getName(), (Value[]) ldapValues.toArray(new Value[ldapValues.size()]))));
        }
    }

    private void addLdapModificationPoly(Dn dn, List<Modification> list, ModificationOperation modificationOperation, AttributeType attributeType, List<Object> list2) {
        Map<String, List<Value>> ldapPolyValues = this.schemaTranslator.toLdapPolyValues(attributeType, list2);
        for (Map.Entry<String, List<Value>> entry : ldapPolyValues.entrySet()) {
            list.add(new DefaultModification(modificationOperation, new DefaultAttribute(entry.getKey(), (Value[]) entry.getValue().toArray(new Value[entry.getValue().size()]))));
        }
        Entry searchSingleEntry = searchSingleEntry(this.connectionManager, dn, null, SearchScope.OBJECT, null, "pre-read of entry to eliminate extra optioned attribute values for attribute " + attributeType.getName(), null);
        LOG.ok("Pre-read entry for {0}:\n{1}", attributeType.getName(), searchSingleEntry);
        if (searchSingleEntry == null) {
            throw new UnknownUidException("Cannot pre-read of entry to eliminate extra optioned attribute values for attribute " + attributeType.getName() + ": " + dn);
        }
        for (Attribute attribute : searchSingleEntry) {
            if (attributeType.getName().equals(this.schemaTranslator.getLdapAttributeName(attribute)) && ldapPolyValues.get(attribute.getUpId()) == null) {
                LOG.ok("Clearing poly attribute {0}", attribute.getUpId());
                list.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, new DefaultAttribute(attribute.getUpId())));
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void postUpdate(ObjectClass objectClass, Uid uid, Set<AttributeDelta> set, OperationOptions operationOptions, Dn dn, org.apache.directory.api.ldap.model.schema.ObjectClass objectClass2, List<Modification> list) {
    }

    private Modification[] processModificationsBeforeUpdate(List<Modification> list) {
        Modification[] modificationArr = new Modification[list.size()];
        int i = 0;
        for (final Modification modification : list) {
            if (modification.getAttribute() != null && modification.getAttribute().get() != null) {
                Value value = modification.getAttribute().get();
                if (value instanceof GuardedStringValue) {
                    ((GuardedStringValue) value).getGuardedStringValue().access(new GuardedString.Accessor() { // from class: com.evolveum.polygon.connector.ldap.AbstractLdapConnector.3
                        @Override // org.identityconnectors.common.security.GuardedString.Accessor
                        public void access(char[] cArr) {
                            modification.setAttribute(new DefaultAttribute(modification.getAttribute().getId(), new String(cArr)));
                        }
                    });
                }
            }
            modificationArr[i] = modification;
            i++;
        }
        return modificationArr;
    }

    private void processEntryBeforeCreate(Entry entry) {
        for (final Attribute attribute : entry.getAttributes()) {
            Value value = attribute.get();
            if (value instanceof GuardedStringValue) {
                attribute.remove(value);
                ((GuardedStringValue) value).getGuardedStringValue().access(new GuardedString.Accessor() { // from class: com.evolveum.polygon.connector.ldap.AbstractLdapConnector.4
                    @Override // org.identityconnectors.common.security.GuardedString.Accessor
                    public void access(char[] cArr) {
                        try {
                            attribute.add(new String(cArr));
                        } catch (LdapInvalidAttributeValueException e) {
                            throw new InvalidAttributeValueException(e.getMessage(), e);
                        }
                    }
                });
            }
        }
    }

    protected String dumpModifications(List<Modification> list) {
        if (list == null) {
            return null;
        }
        StringBuilder sb = new StringBuilder(PropertyAccessor.PROPERTY_KEY_PREFIX);
        for (Modification modification : list) {
            sb.append(modification.getOperation()).append(":");
            Attribute attribute = modification.getAttribute();
            sb.append(attribute.getUpId()).append(INJECT_VIEW.VIEW_SEPARATOR);
            if (isSensitiveAttribute(attribute)) {
                sb.append("..hidden.value..");
            } else {
                Value value = attribute.get();
                if (value == null) {
                    sb.append("null");
                } else if (value.isHumanReadable()) {
                    sb.append(value.getString());
                } else {
                    byte[] bytes = value.getBytes();
                    if (bytes == null) {
                        sb.append("null");
                    } else {
                        sb.append("binary value ").append(bytes.length).append(" bytes");
                    }
                }
            }
            sb.append(",");
        }
        sb.append("]");
        return sb.toString();
    }

    private boolean isSensitiveAttribute(Attribute attribute) {
        return attribute.getId().equalsIgnoreCase(getConfiguration().getPasswordAttribute());
    }

    @Override // org.identityconnectors.framework.spi.operations.SyncOp
    public void sync(ObjectClass objectClass, SyncToken syncToken, SyncResultsHandler syncResultsHandler, OperationOptions operationOptions) {
        prepareConnIdSchema();
        chooseSyncStrategy().sync(objectClass, syncToken, syncResultsHandler, operationOptions);
    }

    @Override // org.identityconnectors.framework.spi.operations.SyncOp
    public SyncToken getLatestSyncToken(ObjectClass objectClass) {
        return chooseSyncStrategy().getLatestSyncToken(objectClass);
    }

    private SyncStrategy<C> chooseSyncStrategy() {
        if (this.syncStrategy == null) {
            String synchronizationStrategy = this.configuration.getSynchronizationStrategy();
            boolean z = -1;
            switch (synchronizationStrategy.hashCode()) {
                case -2002373851:
                    if (synchronizationStrategy.equals(AbstractLdapConfiguration.SYNCHRONIZATION_STRATEGY_AD_DIR_SYNC)) {
                        z = 4;
                        break;
                    }
                    break;
                case -919404164:
                    if (synchronizationStrategy.equals("modifyTimestamp")) {
                        z = 2;
                        break;
                    }
                    break;
                case 3005871:
                    if (synchronizationStrategy.equals("auto")) {
                        z = 5;
                        break;
                    }
                    break;
                case 3387192:
                    if (synchronizationStrategy.equals("none")) {
                        z = false;
                        break;
                    }
                    break;
                case 1053461807:
                    if (synchronizationStrategy.equals(AbstractLdapConfiguration.SYNCHRONIZATION_STRATEGY_OPEN_LDAP_ACCESSLOG)) {
                        z = 3;
                        break;
                    }
                    break;
                case 1192292488:
                    if (synchronizationStrategy.equals(AbstractLdapConfiguration.SYNCHRONIZATION_STRATEGY_SUN_CHANGE_LOG)) {
                        z = true;
                        break;
                    }
                    break;
            }
            switch (z) {
                case false:
                    throw new UnsupportedOperationException("Synchronization disabled (synchronizationStrategy=none)");
                case true:
                    this.syncStrategy = new SunChangelogSyncStrategy(this.configuration, this.connectionManager, getSchemaManager(), getSchemaTranslator(), getErrorHandler());
                    break;
                case true:
                    this.syncStrategy = createModifyTimestampSyncStrategy();
                    break;
                case true:
                    this.syncStrategy = new OpenLdapAccessLogSyncStrategy(this.configuration, this.connectionManager, getSchemaManager(), getSchemaTranslator(), getErrorHandler());
                    break;
                case true:
                    this.syncStrategy = new AdDirSyncStrategy(this.configuration, this.connectionManager, getSchemaManager(), getSchemaTranslator(), getErrorHandler());
                    break;
                case true:
                    this.syncStrategy = chooseSyncStrategyAuto();
                    break;
                default:
                    throw new IllegalArgumentException("Unknown synchronization strategy '" + this.configuration.getSynchronizationStrategy() + "'");
            }
        }
        return this.syncStrategy;
    }

    protected ModifyTimestampSyncStrategy<C> createModifyTimestampSyncStrategy() {
        return new ModifyTimestampSyncStrategy<>(this.configuration, this.connectionManager, getSchemaManager(), getSchemaTranslator(), getErrorHandler(), false);
    }

    private SyncStrategy<C> chooseSyncStrategyAuto() {
        if (this.connectionManager.getRootDse().get(SunChangelogSyncStrategy.ROOT_DSE_ATTRIBUTE_CHANGELOG_NAME) != null) {
            LOG.ok("Choosing Sun ChangeLog sync strategy (found {0} attribute in root DSE)", SunChangelogSyncStrategy.ROOT_DSE_ATTRIBUTE_CHANGELOG_NAME);
            return new SunChangelogSyncStrategy(this.configuration, this.connectionManager, getSchemaManager(), getSchemaTranslator(), getErrorHandler());
        }
        LOG.ok("Choosing modifyTimestamp sync strategy (fallback)", new Object[0]);
        return createModifyTimestampSyncStrategy();
    }

    @Override // org.identityconnectors.framework.spi.operations.DeleteOp
    public void delete(ObjectClass objectClass, Uid uid, OperationOptions operationOptions) {
        if (getConfiguration().isUseUnsafeNameHint() && uid.getNameHint() != null) {
            Dn dn = getSchemaTranslator().toDn(uid.getNameHintValue());
            LOG.ok("Using (unsafe) DN from the name hint: {0}", dn);
            try {
                deleteAttempt(objectClass, dn, uid, operationOptions);
                return;
            } catch (Throwable th) {
                LOG.warn("Attempt to delete object with DN failed (DN taked from the name hint). The operation will continue with next attempt. Error: {0}", th.getMessage(), th);
            }
        }
        Dn resolveDn = resolveDn(objectClass, uid, operationOptions);
        LOG.ok("Resolved DN: {0}", resolveDn);
        deleteAttempt(objectClass, resolveDn, uid, operationOptions);
    }

    private void deleteAttempt(ObjectClass objectClass, Dn dn, Uid uid, OperationOptions operationOptions) {
        LdapNetworkConnection connection = this.connectionManager.getConnection(dn, operationOptions);
        try {
            try {
                TreeDeleteImpl treeDeleteImpl = null;
                if (isUseTreeDelete(objectClass)) {
                    treeDeleteImpl = new TreeDeleteImpl();
                }
                if (LOG.isOk()) {
                    Object[] objArr = new Object[2];
                    objArr[0] = dn;
                    objArr[1] = treeDeleteImpl == null ? null : "treeDelete";
                    OperationLog.logOperationReq(connection, "Delete REQ {0}, control={1}", objArr);
                }
                DeleteRequestImpl deleteRequestImpl = new DeleteRequestImpl();
                deleteRequestImpl.setName(dn);
                if (treeDeleteImpl != null) {
                    deleteRequestImpl.addControl((Control) treeDeleteImpl);
                }
                DeleteResponse delete = connection.delete(deleteRequestImpl);
                if (LOG.isOk()) {
                    OperationLog.logOperationRes(connection, "Delete RES {0}: {1}", dn, delete.getLdapResult());
                }
                if (delete.getLdapResult().getResultCode() != ResultCodeEnum.SUCCESS) {
                    this.connectionLog.error(connection, "delete", delete.getLdapResult(), dn);
                    throw processLdapResult("Error deleting LDAP entry " + dn, delete.getLdapResult());
                }
                this.connectionLog.success(connection, "delete", dn);
                this.connectionManager.returnConnection(connection);
            } catch (LdapException e) {
                OperationLog.logOperationErr(connection, "Delete ERROR {0}: {1}", dn, e.getMessage(), e);
                throw processLdapException("Failed to delete entry with DN " + dn + " (UID=" + uid + ")", e);
            }
        } catch (Throwable th) {
            this.connectionManager.returnConnection(connection);
            throw th;
        }
    }

    protected Dn resolveDn(ObjectClass objectClass, Uid uid, OperationOptions operationOptions) {
        AttributeType createFauxAttributeType;
        Dn dn;
        String uidAttribute = this.configuration.getUidAttribute();
        if (LdapUtil.isDnAttribute(uidAttribute)) {
            dn = getSchemaTranslator().toDn(uid);
        } else {
            Dn baseDn = getBaseDn(operationOptions);
            checkBaseDnPresent(baseDn);
            SearchScope scope = getScope(operationOptions);
            try {
                createFauxAttributeType = getSchemaManager().lookupAttributeTypeRegistry(uidAttribute);
            } catch (LdapException e) {
                if (!this.configuration.isAllowUnknownAttributes()) {
                    throw new InvalidAttributeValueException("Cannot find schema for UID attribute " + uidAttribute, e);
                }
                createFauxAttributeType = this.schemaTranslator.createFauxAttributeType(uidAttribute);
            }
            EqualityNode equalityNode = new EqualityNode(createFauxAttributeType, getSchemaTranslator().toLdapIdentifierValue(createFauxAttributeType, uid.getUidValue()));
            LOG.ok("Resolving DN for UID {0}", uid);
            Entry searchSingleEntry = searchSingleEntry(getConnectionManager(), baseDn, equalityNode, scope, new String[]{uidAttribute}, "LDAP entry for UID " + uid, operationOptions);
            if (searchSingleEntry == null) {
                throw new UnknownUidException("LDAP entry for UID " + uid + " was not found");
            }
            dn = searchSingleEntry.getDn();
        }
        return dn;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Entry searchSingleEntry(ConnectionManager<C> connectionManager, Dn dn, ExprNode exprNode, SearchScope searchScope, String[] strArr, String str, OperationOptions operationOptions) {
        return searchSingleEntry(connectionManager, null, dn, exprNode, searchScope, strArr, str, dn, operationOptions);
    }

    protected Entry searchSingleEntry(ConnectionManager<C> connectionManager, LdapNetworkConnection ldapNetworkConnection, Dn dn, ExprNode exprNode, SearchScope searchScope, String[] strArr, String str, OperationOptions operationOptions) {
        return searchSingleEntry(connectionManager, ldapNetworkConnection, dn, exprNode, searchScope, strArr, str, dn, operationOptions);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Entry searchSingleEntry(ConnectionManager<C> connectionManager, LdapNetworkConnection ldapNetworkConnection, Dn dn, ExprNode exprNode, SearchScope searchScope, String[] strArr, String str, Dn dn2, OperationOptions operationOptions) {
        LdapNetworkConnection connection = ldapNetworkConnection == null ? connectionManager.getConnection(dn2, operationOptions) : ldapNetworkConnection;
        if (exprNode == null) {
            exprNode = LdapUtil.createAllSearchFilter();
        }
        String obj = exprNode.toString();
        Entry entry = null;
        int i = 0;
        while (i < this.configuration.getMaximumNumberOfAttempts()) {
            i++;
            if (OperationLog.isLogOperations()) {
                OperationLog.logOperationReq(connection, "Search REQ base={0}, filter={1}, scope={2}, attributes={3}, controls=null, dnHint={4}", dn, obj, searchScope, Arrays.toString(strArr), dn2);
            }
            SearchRequestImpl searchRequestImpl = new SearchRequestImpl();
            searchRequestImpl.setBase(dn);
            searchRequestImpl.setFilter(exprNode);
            searchRequestImpl.setScope(searchScope);
            if (strArr != null) {
                searchRequestImpl.addAttributes(strArr);
            }
            searchRequestImpl.setDerefAliases(AliasDerefMode.NEVER_DEREF_ALIASES);
            SearchCursor searchCursor = null;
            try {
                try {
                    searchCursor = connection.search(searchRequestImpl);
                } catch (CursorLdapReferralException e) {
                    this.connectionLog.searchReferral(connection, searchRequestImpl, e.getReferralInfo());
                    LOG.ok("Got cursor referral exception while resolving {0}: {1}", str, e.getReferralInfo());
                    throw new ConfigurationException("Got referral to " + e.getReferralInfo() + " while resolving DN. Referrals are not supported any more, therefore we cannot follow the referral and complete DN resolving.");
                } catch (CursorException e2) {
                    throw new ConnectorIOException("Error reading " + str + ": " + e2.getMessage(), e2);
                } catch (LdapException e3) {
                    this.connectionLog.searchError(connection, e3, searchRequestImpl, null, null);
                    RuntimeException processLdapException = processLdapException("Error reading " + str, e3);
                    if (!(processLdapException instanceof ReconnectException)) {
                        throw processLdapException;
                    }
                    connection = connectionManager.reconnect(connection, processLdapException);
                    if (searchCursor != null) {
                        LdapUtil.closeDoneCursor(searchCursor);
                    }
                    connectionManager.returnConnection(connection);
                }
                if (!searchCursor.next()) {
                    if (searchCursor != null) {
                        LdapUtil.closeDoneCursor(searchCursor);
                    }
                    connectionManager.returnConnection(connection);
                    return null;
                }
                Response response = searchCursor.get();
                if (response instanceof SearchResultEntry) {
                    entry = ((SearchResultEntry) response).getEntry();
                    if (OperationLog.isLogOperations()) {
                        OperationLog.logOperationRes(connection, "Search RES {0}", entry);
                        this.connectionLog.searchSuccess(connection, searchRequestImpl, 1, null);
                    }
                    if (searchCursor.next()) {
                        searchCursor.get();
                        LOG.warn("Unexpected search result while searching for single entry. We are going to abandon the operation.", new Object[0]);
                        LdapUtil.closeAbandonCursor(searchCursor);
                    }
                    if (searchCursor != null) {
                        LdapUtil.closeDoneCursor(searchCursor);
                    }
                    connectionManager.returnConnection(connection);
                    return entry;
                }
                if (searchCursor != null) {
                    LdapUtil.closeDoneCursor(searchCursor);
                }
                connectionManager.returnConnection(connection);
            } catch (Throwable th) {
                if (searchCursor != null) {
                    LdapUtil.closeDoneCursor(searchCursor);
                }
                connectionManager.returnConnection(connection);
                throw th;
            }
        }
        return entry;
    }

    @Override // org.identityconnectors.framework.spi.PoolableConnector
    public void checkAlive() {
        LOG.ok("check alive: OK (pretended)", new Object[0]);
    }

    @Override // org.identityconnectors.framework.spi.Connector
    public void dispose() {
        LOG.info("Disposing {0} connector instance {1}", getClass().getSimpleName(), this);
        this.configuration = null;
        if (this.connectionManager == null) {
            LOG.ok("Not closing connection because connection manager is already null", new Object[0]);
            return;
        }
        this.connectionManager.close("connector dispose");
        this.connectionManager = null;
        this.schemaManager = null;
        this.schemaTranslator = null;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public RuntimeException processLdapException(String str, LdapException ldapException) {
        return getErrorHandler().processLdapException(str, ldapException);
    }

    protected RuntimeException processLdapResult(String str, LdapResult ldapResult) {
        return getErrorHandler().processLdapResult(str, ldapResult);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public ExprNode applyAdditionalSearchFilterNode(ExprNode exprNode) {
        return getConfiguration().getAdditionalSearchFilter() == null ? exprNode : exprNode == null ? LdapUtil.parseSearchFilter(getConfiguration().getAdditionalSearchFilter()) : new AndNode(exprNode, LdapUtil.parseSearchFilter(getConfiguration().getAdditionalSearchFilter()));
    }
}
