package org.identityconnectors.ldap;

import java.security.PrivilegedAction;
import java.util.ArrayList;
import java.util.Set;
import javax.naming.NamingException;
import javax.security.auth.Subject;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import org.identityconnectors.common.security.GuardedString;
import org.identityconnectors.framework.common.exceptions.ConfigurationException;
import org.identityconnectors.framework.common.objects.Attribute;
import org.identityconnectors.framework.common.objects.ObjectClass;
import org.identityconnectors.framework.common.objects.OperationOptions;
import org.identityconnectors.framework.common.objects.ResultsHandler;
import org.identityconnectors.framework.common.objects.Schema;
import org.identityconnectors.framework.common.objects.SyncResultsHandler;
import org.identityconnectors.framework.common.objects.SyncToken;
import org.identityconnectors.framework.common.objects.Uid;
import org.identityconnectors.framework.common.objects.filter.FilterTranslator;
import org.identityconnectors.framework.spi.Configuration;
import org.identityconnectors.framework.spi.ConnectorClass;
import org.identityconnectors.framework.spi.PoolableConnector;
import org.identityconnectors.framework.spi.operations.AuthenticateOp;
import org.identityconnectors.framework.spi.operations.CreateOp;
import org.identityconnectors.framework.spi.operations.DeleteOp;
import org.identityconnectors.framework.spi.operations.ResolveUsernameOp;
import org.identityconnectors.framework.spi.operations.SchemaOp;
import org.identityconnectors.framework.spi.operations.SearchOp;
import org.identityconnectors.framework.spi.operations.SyncOp;
import org.identityconnectors.framework.spi.operations.TestOp;
import org.identityconnectors.framework.spi.operations.UpdateAttributeValuesOp;
import org.identityconnectors.ldap.LdapConnection;
import org.identityconnectors.ldap.modify.LdapCreate;
import org.identityconnectors.ldap.modify.LdapDelete;
import org.identityconnectors.ldap.modify.LdapUpdate;
import org.identityconnectors.ldap.search.LdapFilter;
import org.identityconnectors.ldap.search.LdapFilterTranslator;
import org.identityconnectors.ldap.search.LdapSearch;
import org.identityconnectors.ldap.sync.activedirectory.ActiveDirectoryChangeLogSyncStrategy;
import org.identityconnectors.ldap.sync.ibm.IBMDSChangeLogSyncStrategy;
import org.identityconnectors.ldap.sync.sunds.SunDSChangeLogSyncStrategy;
import org.identityconnectors.ldap.sync.timestamps.TimestampsSyncStrategy;

@ConnectorClass(configurationClass = LdapConfiguration.class, displayNameKey = "LdapConnector")
/* loaded from: input_file:org/identityconnectors/ldap/LdapConnector.class */
public class LdapConnector implements TestOp, PoolableConnector, SchemaOp, SearchOp<LdapFilter>, AuthenticateOp, ResolveUsernameOp, CreateOp, DeleteOp, UpdateAttributeValuesOp, SyncOp {
    private LdapConfiguration config;
    private LoginContext loginContext = null;
    private LdapConnection conn;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: org.identityconnectors.ldap.LdapConnector$14, reason: invalid class name */
    /* loaded from: input_file:org/identityconnectors/ldap/LdapConnector$14.class */
    public static /* synthetic */ class AnonymousClass14 {
        static final /* synthetic */ int[] $SwitchMap$org$identityconnectors$ldap$LdapConnection$ServerType = new int[LdapConnection.ServerType.values().length];

        static {
            try {
                $SwitchMap$org$identityconnectors$ldap$LdapConnection$ServerType[LdapConnection.ServerType.UNKNOWN.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$org$identityconnectors$ldap$LdapConnection$ServerType[LdapConnection.ServerType.OPENLDAP.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$org$identityconnectors$ldap$LdapConnection$ServerType[LdapConnection.ServerType.MSAD_GC.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$org$identityconnectors$ldap$LdapConnection$ServerType[LdapConnection.ServerType.IBM.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
            try {
                $SwitchMap$org$identityconnectors$ldap$LdapConnection$ServerType[LdapConnection.ServerType.MSAD.ordinal()] = 5;
            } catch (NoSuchFieldError e5) {
            }
            try {
                $SwitchMap$org$identityconnectors$ldap$LdapConnection$ServerType[LdapConnection.ServerType.MSAD_LDS.ordinal()] = 6;
            } catch (NoSuchFieldError e6) {
            }
        }
    }

    /* loaded from: input_file:org/identityconnectors/ldap/LdapConnector$UpdateType.class */
    private enum UpdateType {
        REPLACE,
        ADD,
        REMOVE
    }

    public Configuration getConfiguration() {
        return this.config;
    }

    public void init(Configuration configuration) {
        this.config = (LdapConfiguration) configuration;
        this.conn = new LdapConnection(this.config);
        if (LdapConnection.SASL_GSSAPI.equalsIgnoreCase(this.config.getAuthType())) {
            try {
                this.loginContext = new LoginContext(LdapConnector.class.getName());
                this.loginContext.login();
            } catch (LoginException e) {
                throw new ConfigurationException("Authentication attempt failed" + e);
            }
        }
    }

    public void dispose() {
        this.conn.close();
    }

    public void test() {
        if (this.loginContext != null) {
            Subject.doAs(this.loginContext.getSubject(), new PrivilegedAction() { // from class: org.identityconnectors.ldap.LdapConnector.1
                @Override // java.security.PrivilegedAction
                public Object run() {
                    LdapConnector.this.doTest();
                    return null;
                }
            });
        } else {
            doTest();
        }
    }

    public void checkAlive() {
        if (this.loginContext != null) {
            Subject.doAs(this.loginContext.getSubject(), new PrivilegedAction() { // from class: org.identityconnectors.ldap.LdapConnector.2
                @Override // java.security.PrivilegedAction
                public Object run() {
                    LdapConnector.this.conn.checkAlive();
                    return null;
                }
            });
        } else {
            this.conn.checkAlive();
        }
    }

    public Schema schema() {
        return this.loginContext != null ? (Schema) Subject.doAs(this.loginContext.getSubject(), new PrivilegedAction<Schema>() { // from class: org.identityconnectors.ldap.LdapConnector.3
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedAction
            public Schema run() {
                return LdapConnector.this.conn.getSchemaMapping().schema();
            }
        }) : this.conn.getSchemaMapping().schema();
    }

    public Uid authenticate(final ObjectClass objectClass, final String str, final GuardedString guardedString, final OperationOptions operationOptions) {
        return this.loginContext != null ? (Uid) Subject.doAs(this.loginContext.getSubject(), new PrivilegedAction<Uid>() { // from class: org.identityconnectors.ldap.LdapConnector.4
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedAction
            public Uid run() {
                return new LdapAuthenticate(LdapConnector.this.conn, objectClass, str, operationOptions).authenticate(guardedString);
            }
        }) : new LdapAuthenticate(this.conn, objectClass, str, operationOptions).authenticate(guardedString);
    }

    public Uid resolveUsername(final ObjectClass objectClass, final String str, final OperationOptions operationOptions) {
        return this.loginContext != null ? (Uid) Subject.doAs(this.loginContext.getSubject(), new PrivilegedAction<Uid>() { // from class: org.identityconnectors.ldap.LdapConnector.5
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedAction
            public Uid run() {
                return new LdapAuthenticate(LdapConnector.this.conn, objectClass, str, operationOptions).resolveUsername();
            }
        }) : new LdapAuthenticate(this.conn, objectClass, str, operationOptions).resolveUsername();
    }

    public FilterTranslator<LdapFilter> createFilterTranslator(ObjectClass objectClass, OperationOptions operationOptions) {
        return new LdapFilterTranslator(this.conn.getSchemaMapping(), objectClass);
    }

    public void executeQuery(final ObjectClass objectClass, final LdapFilter ldapFilter, final ResultsHandler resultsHandler, final OperationOptions operationOptions) {
        if (objectClass.is(LdapUtil.SERVER_INFO_NAME)) {
            LdapUtil.getServerInfo(this.conn, resultsHandler);
        } else if (this.loginContext != null) {
            Subject.doAs(this.loginContext.getSubject(), new PrivilegedAction() { // from class: org.identityconnectors.ldap.LdapConnector.6
                @Override // java.security.PrivilegedAction
                public Object run() {
                    new LdapSearch(LdapConnector.this.conn, objectClass, ldapFilter, resultsHandler, operationOptions).execute();
                    return null;
                }
            });
        } else {
            new LdapSearch(this.conn, objectClass, ldapFilter, resultsHandler, operationOptions).execute();
        }
    }

    public Uid create(final ObjectClass objectClass, final Set<Attribute> set, final OperationOptions operationOptions) {
        return this.loginContext != null ? (Uid) Subject.doAs(this.loginContext.getSubject(), new PrivilegedAction<Uid>() { // from class: org.identityconnectors.ldap.LdapConnector.7
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedAction
            public Uid run() {
                return new LdapCreate(LdapConnector.this.conn, objectClass, set, operationOptions).execute();
            }
        }) : new LdapCreate(this.conn, objectClass, set, operationOptions).execute();
    }

    public void delete(final ObjectClass objectClass, final Uid uid, final OperationOptions operationOptions) {
        if (this.loginContext != null) {
            Subject.doAs(this.loginContext.getSubject(), new PrivilegedAction() { // from class: org.identityconnectors.ldap.LdapConnector.8
                @Override // java.security.PrivilegedAction
                public Object run() {
                    new LdapDelete(LdapConnector.this.conn, objectClass, uid, operationOptions).execute();
                    return null;
                }
            });
        } else {
            new LdapDelete(this.conn, objectClass, uid, operationOptions).execute();
        }
    }

    public Uid update(final ObjectClass objectClass, final Uid uid, final Set<Attribute> set, final OperationOptions operationOptions) {
        return this.loginContext != null ? (Uid) Subject.doAs(this.loginContext.getSubject(), new PrivilegedAction<Uid>() { // from class: org.identityconnectors.ldap.LdapConnector.9
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedAction
            public Uid run() {
                return new LdapUpdate(LdapConnector.this.conn, objectClass, uid, operationOptions).update(set);
            }
        }) : new LdapUpdate(this.conn, objectClass, uid, operationOptions).update(set);
    }

    public Uid addAttributeValues(final ObjectClass objectClass, final Uid uid, final Set<Attribute> set, final OperationOptions operationOptions) {
        return this.loginContext != null ? (Uid) Subject.doAs(this.loginContext.getSubject(), new PrivilegedAction<Uid>() { // from class: org.identityconnectors.ldap.LdapConnector.10
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedAction
            public Uid run() {
                return new LdapUpdate(LdapConnector.this.conn, objectClass, uid, operationOptions).addAttributeValues(set);
            }
        }) : new LdapUpdate(this.conn, objectClass, uid, operationOptions).addAttributeValues(set);
    }

    public Uid removeAttributeValues(final ObjectClass objectClass, final Uid uid, final Set<Attribute> set, final OperationOptions operationOptions) {
        return this.loginContext != null ? (Uid) Subject.doAs(this.loginContext.getSubject(), new PrivilegedAction<Uid>() { // from class: org.identityconnectors.ldap.LdapConnector.11
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedAction
            public Uid run() {
                return new LdapUpdate(LdapConnector.this.conn, objectClass, uid, operationOptions).removeAttributeValues(set);
            }
        }) : new LdapUpdate(this.conn, objectClass, uid, operationOptions).removeAttributeValues(set);
    }

    public SyncToken getLatestSyncToken(final ObjectClass objectClass) {
        return this.loginContext != null ? (SyncToken) Subject.doAs(this.loginContext.getSubject(), new PrivilegedAction<SyncToken>() { // from class: org.identityconnectors.ldap.LdapConnector.12
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedAction
            public SyncToken run() {
                return LdapConnector.this.lastSyncToken(objectClass);
            }
        }) : lastSyncToken(objectClass);
    }

    public void sync(final ObjectClass objectClass, final SyncToken syncToken, final SyncResultsHandler syncResultsHandler, final OperationOptions operationOptions) {
        if (this.loginContext != null) {
            Subject.doAs(this.loginContext.getSubject(), new PrivilegedAction() { // from class: org.identityconnectors.ldap.LdapConnector.13
                @Override // java.security.PrivilegedAction
                public Object run() {
                    LdapConnector.this.doSync(objectClass, syncToken, syncResultsHandler, operationOptions);
                    return null;
                }
            });
        } else {
            doSync(objectClass, syncToken, syncResultsHandler, operationOptions);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public SyncToken lastSyncToken(ObjectClass objectClass) {
        if (this.config.isUseTimestampsForSync()) {
            return new TimestampsSyncStrategy(this.conn, objectClass).getLatestSyncToken();
        }
        switch (AnonymousClass14.$SwitchMap$org$identityconnectors$ldap$LdapConnection$ServerType[this.conn.getServerType().ordinal()]) {
            case 1:
            case ADUserAccountControl.ACCOUNT_DISABLED /* 2 */:
            case 3:
                return new TimestampsSyncStrategy(this.conn, objectClass).getLatestSyncToken();
            case 4:
                return new IBMDSChangeLogSyncStrategy(this.conn, objectClass).getLatestSyncToken();
            case 5:
            case 6:
                return new ActiveDirectoryChangeLogSyncStrategy(this.conn, objectClass).getLatestSyncToken();
            default:
                return new SunDSChangeLogSyncStrategy(this.conn, objectClass).getLatestSyncToken();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void doSync(ObjectClass objectClass, SyncToken syncToken, SyncResultsHandler syncResultsHandler, OperationOptions operationOptions) {
        if (this.config.isUseTimestampsForSync()) {
            new TimestampsSyncStrategy(this.conn, objectClass).sync(syncToken, syncResultsHandler, operationOptions);
            return;
        }
        switch (AnonymousClass14.$SwitchMap$org$identityconnectors$ldap$LdapConnection$ServerType[this.conn.getServerType().ordinal()]) {
            case 1:
            case ADUserAccountControl.ACCOUNT_DISABLED /* 2 */:
            case 3:
                new TimestampsSyncStrategy(this.conn, objectClass).sync(syncToken, syncResultsHandler, operationOptions);
                return;
            case 4:
                new IBMDSChangeLogSyncStrategy(this.conn, objectClass).sync(syncToken, syncResultsHandler, operationOptions);
                return;
            case 5:
            case 6:
                new ActiveDirectoryChangeLogSyncStrategy(this.conn, objectClass).sync(syncToken, syncResultsHandler, operationOptions);
                return;
            default:
                new SunDSChangeLogSyncStrategy(this.conn, objectClass).sync(syncToken, syncResultsHandler, operationOptions);
                return;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void doTest() {
        ArrayList arrayList = new ArrayList();
        ArrayList arrayList2 = new ArrayList();
        this.config.validate();
        this.conn.test();
        for (String str : this.config.getBaseContexts()) {
            try {
                this.conn.getInitialContext().getAttributes(str);
            } catch (NamingException e) {
                arrayList.add(str);
            }
        }
        for (String str2 : this.config.getBaseContextsToSynchronize()) {
            try {
                this.conn.getInitialContext().getAttributes(str2);
            } catch (NamingException e2) {
                arrayList2.add(str2);
            }
        }
        if (!arrayList.isEmpty()) {
            throw new ConfigurationException("Bad Base Context(s): " + arrayList.toString());
        }
        if (!arrayList2.isEmpty()) {
            throw new ConfigurationException("Bad Base Context(s) to Synchronize: " + arrayList2.toString());
        }
    }
}
