package org.identityconnectors.ldap.sync.timestamps;

import java.io.UnsupportedEncodingException;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Date;
import java.util.TimeZone;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.PartialResultException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import org.identityconnectors.common.logging.Log;
import org.identityconnectors.common.security.GuardedString;
import org.identityconnectors.framework.common.exceptions.ConnectorException;
import org.identityconnectors.framework.common.objects.AttributeBuilder;
import org.identityconnectors.framework.common.objects.ConnectorObjectBuilder;
import org.identityconnectors.framework.common.objects.ObjectClass;
import org.identityconnectors.framework.common.objects.OperationOptions;
import org.identityconnectors.framework.common.objects.OperationalAttributes;
import org.identityconnectors.framework.common.objects.SyncDeltaBuilder;
import org.identityconnectors.framework.common.objects.SyncDeltaType;
import org.identityconnectors.framework.common.objects.SyncResultsHandler;
import org.identityconnectors.framework.common.objects.SyncToken;
import org.identityconnectors.framework.common.objects.Uid;
import org.identityconnectors.framework.spi.SyncTokenResultsHandler;
import org.identityconnectors.ldap.ADLdapUtil;
import org.identityconnectors.ldap.ADUserAccountControl;
import org.identityconnectors.ldap.LdapConnection;
import org.identityconnectors.ldap.LdapConstants;
import org.identityconnectors.ldap.LdapEntry;
import org.identityconnectors.ldap.LdapUtil;
import org.identityconnectors.ldap.search.DefaultSearchStrategy;
import org.identityconnectors.ldap.search.LdapInternalSearch;
import org.identityconnectors.ldap.search.LdapSearchResultsHandler;
import org.identityconnectors.ldap.search.SimplePagedSearchStrategy;
import org.identityconnectors.ldap.sync.LdapSyncStrategy;

/* loaded from: input_file:org/identityconnectors/ldap/sync/timestamps/TimestampsSyncStrategy.class */
public class TimestampsSyncStrategy implements LdapSyncStrategy {
    private final String createTimestamp = "createTimestamp";
    private final String modifyTimestamp = "modifyTimestamp";
    private final LdapConnection conn;
    private final ObjectClass oclass;
    private final LdapConnection.ServerType server;
    private static final Log logger = Log.getLog(TimestampsSyncStrategy.class);

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: org.identityconnectors.ldap.sync.timestamps.TimestampsSyncStrategy$2, reason: invalid class name */
    /* loaded from: input_file:org/identityconnectors/ldap/sync/timestamps/TimestampsSyncStrategy$2.class */
    public static /* synthetic */ class AnonymousClass2 {
        static final /* synthetic */ int[] $SwitchMap$org$identityconnectors$ldap$LdapConnection$ServerType = new int[LdapConnection.ServerType.values().length];

        static {
            try {
                $SwitchMap$org$identityconnectors$ldap$LdapConnection$ServerType[LdapConnection.ServerType.MSAD_GC.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$org$identityconnectors$ldap$LdapConnection$ServerType[LdapConnection.ServerType.MSAD.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$org$identityconnectors$ldap$LdapConnection$ServerType[LdapConnection.ServerType.MSAD_LDS.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
        }
    }

    public TimestampsSyncStrategy(LdapConnection ldapConnection, ObjectClass objectClass) {
        this.conn = ldapConnection;
        this.oclass = objectClass;
        this.server = ldapConnection.getServerType();
    }

    @Override // org.identityconnectors.ldap.sync.LdapSyncStrategy
    public SyncToken getLatestSyncToken() {
        return new SyncToken(getNowTime());
    }

    @Override // org.identityconnectors.ldap.sync.LdapSyncStrategy
    public void sync(SyncToken syncToken, final SyncResultsHandler syncResultsHandler, OperationOptions operationOptions) {
        final String nowTime = getNowTime();
        SearchControls createDefaultSearchControls = LdapInternalSearch.createDefaultSearchControls();
        createDefaultSearchControls.setSearchScope(2);
        createDefaultSearchControls.setDerefLinkFlag(false);
        createDefaultSearchControls.setReturningAttributes(new String[]{"*", "createTimestamp", "modifyTimestamp", this.conn.getConfiguration().getUidAttribute()});
        try {
            new LdapInternalSearch(this.conn, generateFilter(this.oclass, syncToken), Arrays.asList(this.conn.getConfiguration().getBaseContextsToSynchronize()), (this.conn.getConfiguration().getUseBlocks().booleanValue() && this.conn.supportsControl("1.2.840.113556.1.4.319")) ? new SimplePagedSearchStrategy(this.conn.getConfiguration().getBlockSize()) : new DefaultSearchStrategy(false), createDefaultSearchControls).execute(new LdapSearchResultsHandler() { // from class: org.identityconnectors.ldap.sync.timestamps.TimestampsSyncStrategy.1
                @Override // org.identityconnectors.ldap.search.LdapSearchResultsHandler
                public boolean handle(String str, SearchResult searchResult) throws NamingException {
                    Attributes attributes = searchResult.getAttributes();
                    String uidAttribute = TimestampsSyncStrategy.this.conn.getConfiguration().getUidAttribute();
                    Uid uid = LdapEntry.isDNAttribute(uidAttribute) ? new Uid(searchResult.getNameInNamespace()) : TimestampsSyncStrategy.this.conn.getSchemaMapping().createUid(uidAttribute, attributes);
                    ConnectorObjectBuilder connectorObjectBuilder = new ConnectorObjectBuilder();
                    connectorObjectBuilder.setUid(uid);
                    if (ObjectClass.ALL.equals(TimestampsSyncStrategy.this.oclass)) {
                        connectorObjectBuilder.setObjectClass(LdapUtil.guessObjectClass(TimestampsSyncStrategy.this.conn, attributes.get(LdapConstants.OBJECTCLASS_ATTR)));
                    } else {
                        connectorObjectBuilder.setObjectClass(TimestampsSyncStrategy.this.oclass);
                    }
                    connectorObjectBuilder.setName(searchResult.getNameInNamespace());
                    if (LdapConnection.ServerType.MSAD_GC.equals(TimestampsSyncStrategy.this.server) || LdapConnection.ServerType.MSAD.equals(TimestampsSyncStrategy.this.server) || LdapConnection.ServerType.MSAD_LDS.equals(TimestampsSyncStrategy.this.server)) {
                        if (ObjectClass.ACCOUNT.equals(TimestampsSyncStrategy.this.oclass)) {
                            if (!LdapConnection.ServerType.MSAD_LDS.equals(TimestampsSyncStrategy.this.server)) {
                                Attribute attribute = attributes.get(ADUserAccountControl.MS_USR_ACCT_CTRL_ATTR);
                                if (attribute != null) {
                                    String obj = attribute.get().toString();
                                    org.identityconnectors.framework.common.objects.Attribute[] attributeArr = new org.identityconnectors.framework.common.objects.Attribute[1];
                                    attributeArr[0] = AttributeBuilder.buildEnabled(!ADUserAccountControl.isAccountDisabled(obj));
                                    connectorObjectBuilder.addAttribute(attributeArr);
                                    connectorObjectBuilder.addAttribute(new org.identityconnectors.framework.common.objects.Attribute[]{AttributeBuilder.buildLockOut(ADUserAccountControl.isAccountLockOut(obj))});
                                    connectorObjectBuilder.addAttribute(new org.identityconnectors.framework.common.objects.Attribute[]{AttributeBuilder.buildPasswordExpired(ADUserAccountControl.isPasswordExpired(obj))});
                                }
                            } else if (attributes.get(LdapConstants.MS_DS_USER_ACCOUNT_DISABLED) != null) {
                                org.identityconnectors.framework.common.objects.Attribute[] attributeArr2 = new org.identityconnectors.framework.common.objects.Attribute[1];
                                attributeArr2[0] = AttributeBuilder.buildEnabled(!Boolean.parseBoolean(attributes.get(LdapConstants.MS_DS_USER_ACCOUNT_DISABLED).get().toString()));
                                connectorObjectBuilder.addAttribute(attributeArr2);
                            } else if (attributes.get(LdapConstants.MS_DS_USER_PASSWORD_EXPIRED) != null) {
                                connectorObjectBuilder.addAttribute(new org.identityconnectors.framework.common.objects.Attribute[]{AttributeBuilder.buildPasswordExpired(Boolean.parseBoolean(attributes.get(LdapConstants.MS_DS_USER_PASSWORD_EXPIRED).get().toString()))});
                            } else if (attributes.get(LdapConstants.MS_DS_USER_ACCOUNT_AUTOLOCKED) != null) {
                                connectorObjectBuilder.addAttribute(new org.identityconnectors.framework.common.objects.Attribute[]{AttributeBuilder.buildLockOut(Boolean.parseBoolean(attributes.get(LdapConstants.MS_DS_USER_ACCOUNT_AUTOLOCKED).get().toString()))});
                            }
                            if (attributes.get(ADLdapUtil.ACCOUNT_EXPIRES) != null) {
                                String str2 = (String) attributes.get(ADLdapUtil.ACCOUNT_EXPIRES).get();
                                if ("0".equalsIgnoreCase(str2) || ADLdapUtil.ACCOUNT_NEVER_EXPIRES.equalsIgnoreCase(str2)) {
                                    connectorObjectBuilder.addAttribute(new org.identityconnectors.framework.common.objects.Attribute[]{AttributeBuilder.build(ADLdapUtil.ACCOUNT_EXPIRES, new Object[]{"0"})});
                                } else {
                                    connectorObjectBuilder.addAttribute(new org.identityconnectors.framework.common.objects.Attribute[]{AttributeBuilder.build(ADLdapUtil.ACCOUNT_EXPIRES, new Object[]{ADLdapUtil.getADLdapDatefromJavaDate(ADLdapUtil.getJavaDateFromADTime(str2))})});
                                }
                                attributes.remove(ADLdapUtil.ACCOUNT_EXPIRES);
                            }
                            if (attributes.get(ADLdapUtil.PWD_LAST_SET) != null) {
                                String str3 = (String) attributes.get(ADLdapUtil.PWD_LAST_SET).get();
                                if ("0".equalsIgnoreCase(str3)) {
                                    connectorObjectBuilder.addAttribute(new org.identityconnectors.framework.common.objects.Attribute[]{AttributeBuilder.build(ADLdapUtil.PWD_LAST_SET, new Object[]{"0"})});
                                } else {
                                    connectorObjectBuilder.addAttribute(new org.identityconnectors.framework.common.objects.Attribute[]{AttributeBuilder.build(ADLdapUtil.PWD_LAST_SET, new Object[]{ADLdapUtil.getADLdapDatefromJavaDate(ADLdapUtil.getJavaDateFromADTime(str3))})});
                                }
                                attributes.remove(ADLdapUtil.PWD_LAST_SET);
                            }
                        }
                        if (ObjectClass.GROUP.equals(TimestampsSyncStrategy.this.oclass) && attributes.get("member;range=0-1499") != null) {
                            org.identityconnectors.framework.common.objects.Attribute build = AttributeBuilder.build("member", ADLdapUtil.fetchGroupMembersByRange(TimestampsSyncStrategy.this.conn, searchResult));
                            connectorObjectBuilder.addAttribute(new org.identityconnectors.framework.common.objects.Attribute[]{build});
                            if (TimestampsSyncStrategy.this.conn.getConfiguration().isGetGroupMemberId()) {
                                connectorObjectBuilder.addAttribute(new org.identityconnectors.framework.common.objects.Attribute[]{LdapUtil.buildMemberIdAttribute(TimestampsSyncStrategy.this.conn, build)});
                            }
                            attributes.remove("member;range=0-1499");
                            attributes.remove("member");
                        }
                        Attribute attribute2 = attributes.get(LdapConstants.MS_GUID_ATTR);
                        if (attribute2 != null) {
                            connectorObjectBuilder.addAttribute(new org.identityconnectors.framework.common.objects.Attribute[]{AttributeBuilder.build(LdapConstants.MS_GUID_ATTR, new Object[]{ADLdapUtil.objectGUIDtoString(attribute2)})});
                            attributes.remove(LdapConstants.MS_GUID_ATTR);
                        }
                    }
                    NamingEnumeration all = attributes.getAll();
                    while (all.hasMore()) {
                        Attribute attribute3 = (Attribute) all.next();
                        String id = attribute3.getID();
                        NamingEnumeration all2 = attribute3.getAll();
                        ArrayList arrayList = new ArrayList();
                        while (all2.hasMore()) {
                            Object next = all2.next();
                            if ("userPassword".equals(id)) {
                                try {
                                    next = new GuardedString(new String((byte[]) next, "UTF-8").toCharArray());
                                } catch (UnsupportedEncodingException e) {
                                    throw new RuntimeException(e.getMessage(), e);
                                }
                            }
                            arrayList.add(next);
                        }
                        if (TimestampsSyncStrategy.this.conn.getConfiguration().isGetGroupMemberId() && ObjectClass.GROUP.equals(TimestampsSyncStrategy.this.oclass) && id.equalsIgnoreCase(TimestampsSyncStrategy.this.conn.getConfiguration().getGroupMemberAttribute())) {
                            connectorObjectBuilder.addAttribute(new org.identityconnectors.framework.common.objects.Attribute[]{LdapUtil.buildMemberIdAttribute(TimestampsSyncStrategy.this.conn, attribute3)});
                        }
                        if ("userPassword".equals(id)) {
                            id = OperationalAttributes.PASSWORD_NAME;
                        }
                        connectorObjectBuilder.addAttribute(new org.identityconnectors.framework.common.objects.Attribute[]{AttributeBuilder.build(id, arrayList)});
                    }
                    SyncDeltaBuilder syncDeltaBuilder = new SyncDeltaBuilder();
                    syncDeltaBuilder.setToken(new SyncToken(nowTime));
                    syncDeltaBuilder.setDeltaType(SyncDeltaType.CREATE_OR_UPDATE);
                    syncDeltaBuilder.setUid(uid);
                    syncDeltaBuilder.setObject(connectorObjectBuilder.build());
                    return syncResultsHandler.handle(syncDeltaBuilder.build());
                }
            });
            ((SyncTokenResultsHandler) syncResultsHandler).handleResult(new SyncToken(nowTime));
        } catch (ConnectorException e) {
            if (!(e.getCause() instanceof PartialResultException)) {
                throw e;
            }
            logger.warn("PartialResultException has been caught", new Object[0]);
        }
    }

    private String getNowTime() {
        SimpleDateFormat simpleDateFormat = new SimpleDateFormat("yyyyMMddHHmmss");
        simpleDateFormat.setTimeZone(TimeZone.getTimeZone("GMT"));
        switch (AnonymousClass2.$SwitchMap$org$identityconnectors$ldap$LdapConnection$ServerType[this.server.ordinal()]) {
            case 1:
            case ADUserAccountControl.ACCOUNT_DISABLED /* 2 */:
            case 3:
                return simpleDateFormat.format(new Date()) + ".0Z";
            default:
                return simpleDateFormat.format(new Date()) + "Z";
        }
    }

    private String generateFilter(ObjectClass objectClass, SyncToken syncToken) {
        StringBuilder sb = new StringBuilder();
        if (syncToken == null) {
            syncToken = getLatestSyncToken();
        }
        if (ObjectClass.ACCOUNT.equals(objectClass)) {
            sb.append(LdapUtil.getObjectClassFilter(this.conn.getConfiguration().getAccountObjectClasses()));
            if (this.conn.getConfiguration().getAccountSynchronizationFilter() != null) {
                sb.append(this.conn.getConfiguration().getAccountSynchronizationFilter());
            }
        } else if (ObjectClass.GROUP.equals(objectClass)) {
            sb.append(LdapUtil.getObjectClassFilter(this.conn.getConfiguration().getGroupObjectClasses()));
            if (this.conn.getConfiguration().getGroupSynchronizationFilter() != null) {
                sb.append(this.conn.getConfiguration().getGroupSynchronizationFilter());
            }
        } else if (ObjectClass.ALL.equals(objectClass)) {
            sb.append(LdapUtil.getObjectClassFilter(this.conn.getConfiguration().getObjectClassesToSynchronize()));
        } else {
            sb.append("(objectClass=");
            sb.append(objectClass.getObjectClassValue());
            sb.append(")");
        }
        sb.append("(|(");
        sb.append("modifyTimestamp");
        sb.append(">=");
        sb.append(syncToken.getValue().toString());
        sb.append(")(");
        sb.append("createTimestamp");
        sb.append(">=");
        sb.append(syncToken.getValue().toString());
        sb.append("))");
        sb.insert(0, "(&");
        sb.append(")");
        logger.info("Using timestamp filter {0}", new Object[]{sb.toString()});
        return sb.toString();
    }
}
