package com.evolveum.polygon.connector.ldap.ad;

import com.evolveum.polygon.common.GuardedStringAccessor;
import com.evolveum.polygon.common.SchemaUtil;
import com.evolveum.polygon.connector.ldap.AbstractLdapConfiguration;
import com.evolveum.polygon.connector.ldap.AbstractLdapConnector;
import com.evolveum.polygon.connector.ldap.LdapUtil;
import com.evolveum.polygon.connector.ldap.OperationLog;
import com.evolveum.polygon.connector.ldap.schema.AbstractSchemaTranslator;
import com.evolveum.polygon.connector.ldap.schema.LdapFilterTranslator;
import com.evolveum.polygon.connector.ldap.search.DefaultSearchStrategy;
import com.evolveum.polygon.connector.ldap.search.SearchStrategy;
import io.cloudsoft.winrm4j.winrm.WinRmTool;
import io.cloudsoft.winrm4j.winrm.WinRmToolResponse;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import org.apache.cxf.Bus;
import org.apache.cxf.BusFactory;
import org.apache.cxf.transport.https.httpclient.DefaultHostnameVerifier;
import org.apache.directory.api.ldap.model.constants.SchemaConstants;
import org.apache.directory.api.ldap.model.entry.Entry;
import org.apache.directory.api.ldap.model.entry.Modification;
import org.apache.directory.api.ldap.model.entry.ModificationOperation;
import org.apache.directory.api.ldap.model.exception.LdapException;
import org.apache.directory.api.ldap.model.message.SearchScope;
import org.apache.directory.api.ldap.model.name.Dn;
import org.apache.directory.api.ldap.model.schema.AttributeType;
import org.apache.directory.api.ldap.model.schema.LdapSyntax;
import org.apache.directory.api.ldap.model.schema.MatchingRule;
import org.apache.directory.api.ldap.model.schema.MutableAttributeType;
import org.apache.directory.api.ldap.model.schema.MutableMatchingRule;
import org.apache.directory.api.ldap.model.schema.ObjectClass;
import org.apache.directory.api.ldap.model.schema.SchemaManager;
import org.apache.directory.api.ldap.model.schema.SchemaObject;
import org.apache.directory.api.ldap.model.schema.normalizers.DeepTrimToLowerNormalizer;
import org.apache.directory.api.ldap.model.schema.registries.AttributeTypeRegistry;
import org.apache.directory.api.ldap.model.schema.registries.MatchingRuleRegistry;
import org.apache.directory.api.ldap.model.schema.registries.ObjectClassRegistry;
import org.apache.directory.api.ldap.model.schema.registries.Registries;
import org.apache.directory.api.ldap.model.schema.registries.SchemaObjectRegistry;
import org.apache.directory.api.ldap.model.schema.syntaxCheckers.DirectoryStringSyntaxChecker;
import org.apache.directory.ldap.client.api.LdapNetworkConnection;
import org.identityconnectors.common.logging.Log;
import org.identityconnectors.common.security.GuardedString;
import org.identityconnectors.framework.common.exceptions.ConnectorException;
import org.identityconnectors.framework.common.exceptions.UnknownUidException;
import org.identityconnectors.framework.common.objects.Attribute;
import org.identityconnectors.framework.common.objects.AttributeBuilder;
import org.identityconnectors.framework.common.objects.ConnectorObject;
import org.identityconnectors.framework.common.objects.OperationOptions;
import org.identityconnectors.framework.common.objects.OperationalAttributeInfos;
import org.identityconnectors.framework.common.objects.ResultsHandler;
import org.identityconnectors.framework.common.objects.ScriptContext;
import org.identityconnectors.framework.common.objects.Uid;
import org.identityconnectors.framework.spi.Configuration;
import org.identityconnectors.framework.spi.ConnectorClass;
import org.identityconnectors.framework.spi.operations.ScriptOnResourceOp;

@ConnectorClass(displayNameKey = "connector.ldap.ad.display", configurationClass = AdLdapConfiguration.class)
/* loaded from: input_file:com/evolveum/polygon/connector/ldap/ad/AdLdapConnector.class */
public class AdLdapConnector extends AbstractLdapConnector<AdLdapConfiguration> implements ScriptOnResourceOp {
    private GlobalCatalogConnectionManager globalCatalogConnectionManager;
    private String winRmUsername;
    private String winRmHost;
    private WinRmTool winRmTool;
    private static final Log LOG = Log.getLog(AdLdapConnector.class);
    private static int busUsageCount = 0;

    @Override // com.evolveum.polygon.connector.ldap.AbstractLdapConnector
    public void init(Configuration configuration) {
        super.init(configuration);
        this.globalCatalogConnectionManager = new GlobalCatalogConnectionManager(m67getConfiguration());
        initWinRm();
    }

    @Override // com.evolveum.polygon.connector.ldap.AbstractLdapConnector
    public void dispose() {
        super.dispose();
        disposeWinRm();
    }

    @Override // com.evolveum.polygon.connector.ldap.AbstractLdapConnector
    protected AbstractSchemaTranslator<AdLdapConfiguration> createSchemaTranslator() {
        return new AdSchemaTranslator(getSchemaManager(), m67getConfiguration());
    }

    @Override // com.evolveum.polygon.connector.ldap.AbstractLdapConnector
    protected LdapFilterTranslator<AdLdapConfiguration> createLdapFilterTranslator(ObjectClass objectClass) {
        return new AdLdapFilterTranslator(getSchemaTranslator2(), objectClass);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.evolveum.polygon.connector.ldap.AbstractLdapConnector
    /* renamed from: getSchemaTranslator */
    public AbstractSchemaTranslator<AdLdapConfiguration> getSchemaTranslator2() {
        return (AdSchemaTranslator) super.getSchemaTranslator2();
    }

    @Override // com.evolveum.polygon.connector.ldap.AbstractLdapConnector
    protected boolean isLogSchemaErrors() {
        return false;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    /* JADX WARN: Type inference failed for: r0v2, types: [com.evolveum.polygon.connector.ldap.ad.AdSchemaTranslator] */
    @Override // com.evolveum.polygon.connector.ldap.AbstractLdapConnector
    public void preCreate(ObjectClass objectClass, Entry entry) {
        super.preCreate(objectClass, entry);
        if (getSchemaTranslator2().isUserObjectClass(objectClass.getName()) && !m67getConfiguration().isRawUserAccountControlAttribute() && entry.get(AdConstants.ATTRIBUTE_USER_ACCOUNT_CONTROL_NAME) == null) {
            try {
                entry.add(AdConstants.ATTRIBUTE_USER_ACCOUNT_CONTROL_NAME, Integer.toString(512));
            } catch (LdapException e) {
                throw new IllegalStateException("Error adding attribute userAccountControl to entry");
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.evolveum.polygon.connector.ldap.AbstractLdapConnector
    public void addAttributeModification(Dn dn, List<Modification> list, ObjectClass objectClass, org.identityconnectors.framework.common.objects.ObjectClass objectClass2, Attribute attribute, ModificationOperation modificationOperation) {
        if (dn.getRdns().get(0).getAva().getType().equalsIgnoreCase(getSchemaTranslator2().toLdapAttribute(objectClass, attribute.getName()).getName())) {
            return;
        }
        super.addAttributeModification(dn, list, objectClass, objectClass2, attribute, modificationOperation);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.evolveum.polygon.connector.ldap.AbstractLdapConnector
    public SearchStrategy<AdLdapConfiguration> chooseSearchStrategy(org.identityconnectors.framework.common.objects.ObjectClass objectClass, ObjectClass objectClass2, ResultsHandler resultsHandler, OperationOptions operationOptions) {
        SearchStrategy<AdLdapConfiguration> chooseSearchStrategy = super.chooseSearchStrategy(objectClass, objectClass2, resultsHandler, operationOptions);
        chooseSearchStrategy.setAttributeHandler(new AdAttributeHandler(chooseSearchStrategy));
        return chooseSearchStrategy;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.evolveum.polygon.connector.ldap.AbstractLdapConnector
    public SearchStrategy<AdLdapConfiguration> getDefaultSearchStrategy(org.identityconnectors.framework.common.objects.ObjectClass objectClass, ObjectClass objectClass2, ResultsHandler resultsHandler, OperationOptions operationOptions) {
        SearchStrategy<AdLdapConfiguration> defaultSearchStrategy = super.getDefaultSearchStrategy(objectClass, objectClass2, resultsHandler, operationOptions);
        defaultSearchStrategy.setAttributeHandler(new AdAttributeHandler(defaultSearchStrategy));
        return defaultSearchStrategy;
    }

    /* JADX WARN: Type inference failed for: r0v100, types: [com.evolveum.polygon.connector.ldap.ad.AdSchemaTranslator] */
    /* JADX WARN: Type inference failed for: r0v17, types: [com.evolveum.polygon.connector.ldap.ad.AdSchemaTranslator] */
    /* JADX WARN: Type inference failed for: r0v48, types: [com.evolveum.polygon.connector.ldap.ad.AdSchemaTranslator] */
    /* JADX WARN: Type inference failed for: r0v68, types: [com.evolveum.polygon.connector.ldap.ad.AdSchemaTranslator] */
    @Override // com.evolveum.polygon.connector.ldap.AbstractLdapConnector
    protected SearchStrategy<AdLdapConfiguration> searchByUid(Uid uid, org.identityconnectors.framework.common.objects.ObjectClass objectClass, ObjectClass objectClass2, final ResultsHandler resultsHandler, OperationOptions operationOptions) {
        final String singleStringNonBlankValue = SchemaUtil.getSingleStringNonBlankValue(uid);
        if (LdapUtil.isDnAttribute(m67getConfiguration().getUidAttribute())) {
            return searchByDn(getSchemaTranslator2().toDn(singleStringNonBlankValue), objectClass, objectClass2, resultsHandler, operationOptions);
        }
        if (uid.getNameHint() != null) {
            final String nameHintValue = uid.getNameHintValue();
            LOG.ok("We have name hint {0} for GUID {1}, trying to use it", new Object[]{nameHintValue, singleStringNonBlankValue});
            final boolean[] zArr = {false};
            SearchStrategy<AdLdapConfiguration> searchByDn = searchByDn(getSchemaTranslator2().toDn(nameHintValue), objectClass, objectClass2, new ResultsHandler() { // from class: com.evolveum.polygon.connector.ldap.ad.AdLdapConnector.1
                public boolean handle(ConnectorObject connectorObject) {
                    String uidValue = connectorObject.getUid().getUidValue();
                    if (!uidValue.equals(singleStringNonBlankValue)) {
                        AdLdapConnector.LOG.ok("Attempt to use name hint {0} for GUID {1} produced a different GUID: {2}, ignoring it.", new Object[]{nameHintValue, singleStringNonBlankValue, uidValue});
                        return true;
                    }
                    zArr[0] = true;
                    AdLdapConnector.LOG.ok("Use of name hint {0} for GUID {1} successful.", new Object[]{nameHintValue, singleStringNonBlankValue});
                    return resultsHandler.handle(connectorObject);
                }
            }, operationOptions);
            if (zArr[0]) {
                return searchByDn;
            }
        }
        if ("none".equals(m67getConfiguration().getGlobalCatalogStrategy())) {
            SearchStrategy<AdLdapConfiguration> defaultSearchStrategy = getDefaultSearchStrategy(objectClass, objectClass2, resultsHandler, operationOptions);
            try {
                defaultSearchStrategy.search(getSchemaTranslator2().getGuidDn(singleStringNonBlankValue), LdapUtil.createAllSearchFilter(), SearchScope.OBJECT, getAttributesToGet(objectClass2, operationOptions));
                if (defaultSearchStrategy.getNumberOfEntriesFound() > 0) {
                    return defaultSearchStrategy;
                }
            } catch (LdapException e) {
                throw LdapUtil.processLdapException("Error searching for GUID '" + singleStringNonBlankValue + "'", e);
            }
        } else if ("read".equals(m67getConfiguration().getGlobalCatalogStrategy())) {
            DefaultSearchStrategy defaultSearchStrategy2 = new DefaultSearchStrategy(this.globalCatalogConnectionManager, m67getConfiguration(), getSchemaTranslator2(), objectClass, objectClass2, resultsHandler, operationOptions);
            try {
                defaultSearchStrategy2.search(getSchemaTranslator2().getGuidDn(singleStringNonBlankValue), LdapUtil.createAllSearchFilter(), SearchScope.OBJECT, getAttributesToGet(objectClass2, operationOptions));
                if (defaultSearchStrategy2.getNumberOfEntriesFound() > 0) {
                    return defaultSearchStrategy2;
                }
            } catch (LdapException e2) {
                throw LdapUtil.processLdapException("Error searching for GUID '" + singleStringNonBlankValue + "'", e2);
            }
        } else {
            if (!AdLdapConfiguration.GLOBAL_CATALOG_STRATEGY_RESOLVE.equals(m67getConfiguration().getGlobalCatalogStrategy())) {
                throw new IllegalStateException("Unknown global catalog strategy '" + m67getConfiguration().getGlobalCatalogStrategy() + "'");
            }
            Dn guidDn = getSchemaTranslator2().getGuidDn(singleStringNonBlankValue);
            Entry searchSingleEntry = searchSingleEntry(this.globalCatalogConnectionManager, guidDn, LdapUtil.createAllSearchFilter(), SearchScope.OBJECT, new String[]{AbstractLdapConfiguration.PSEUDO_ATTRIBUTE_DN_NAME}, "global catalog entry for GUID " + singleStringNonBlankValue);
            if (searchSingleEntry == null) {
                throw new UnknownUidException("Entry for GUID " + singleStringNonBlankValue + " was not found in global catalog");
            }
            LOG.ok("Resolved GUID {0} in glogbal catalog to DN {1}", new Object[]{singleStringNonBlankValue, searchSingleEntry.getDn()});
            Dn dn = searchSingleEntry.getDn();
            SearchStrategy<AdLdapConfiguration> defaultSearchStrategy3 = getDefaultSearchStrategy(objectClass, objectClass2, resultsHandler, operationOptions);
            defaultSearchStrategy3.setExplicitConnection(getConnectionManager().getConnection(dn));
            try {
                defaultSearchStrategy3.search(guidDn, null, SearchScope.OBJECT, getAttributesToGet(objectClass2, operationOptions));
                if (defaultSearchStrategy3.getNumberOfEntriesFound() > 0) {
                    return defaultSearchStrategy3;
                }
            } catch (LdapException e3) {
                throw LdapUtil.processLdapException("Error searching for DN '" + guidDn + "'", e3);
            }
        }
        if (!m67getConfiguration().isAllowBruteForceSearch()) {
            LOG.ok("Cannot find object with GUID {0} by using name hint or global catalog. Brute-force search is disabled. Found nothing.", new Object[]{singleStringNonBlankValue});
            return null;
        }
        LOG.ok("Cannot find object with GUID {0} by using name hint or global catalog. Resorting to brute-force search", new Object[]{singleStringNonBlankValue});
        Dn guidDn2 = getSchemaTranslator2().getGuidDn(singleStringNonBlankValue);
        String[] attributesToGet = getAttributesToGet(objectClass2, operationOptions);
        for (LdapNetworkConnection ldapNetworkConnection : getConnectionManager().getAllConnections()) {
            SearchStrategy<AdLdapConfiguration> defaultSearchStrategy4 = getDefaultSearchStrategy(objectClass, objectClass2, resultsHandler, operationOptions);
            defaultSearchStrategy4.setExplicitConnection(ldapNetworkConnection);
            try {
                defaultSearchStrategy4.search(guidDn2, null, SearchScope.OBJECT, attributesToGet);
                if (defaultSearchStrategy4.getNumberOfEntriesFound() > 0) {
                    return defaultSearchStrategy4;
                }
            } catch (LdapException e4) {
                throw LdapUtil.processLdapException("Error searching for DN '" + guidDn2 + "'", e4);
            }
        }
        return null;
    }

    /* JADX WARN: Type inference failed for: r0v35, types: [com.evolveum.polygon.connector.ldap.ad.AdSchemaTranslator] */
    /* JADX WARN: Type inference failed for: r0v5, types: [com.evolveum.polygon.connector.ldap.ad.AdSchemaTranslator] */
    @Override // com.evolveum.polygon.connector.ldap.AbstractLdapConnector
    protected Dn resolveDn(org.identityconnectors.framework.common.objects.ObjectClass objectClass, Uid uid, OperationOptions operationOptions) {
        String uidValue = uid.getUidValue();
        if (uid.getNameHint() != null) {
            String nameHintValue = uid.getNameHintValue();
            Dn dn = getSchemaTranslator2().toDn(nameHintValue);
            LOG.ok("Resolvig DN by using name hint {0}", new Object[]{dn});
            Entry searchSingleEntry = searchSingleEntry(getConnectionManager(), dn, LdapUtil.createAllSearchFilter(), SearchScope.OBJECT, new String[]{AdLdapConfiguration.ATTRIBUTE_OBJECT_GUID_NAME}, "LDAP entry for DN hint " + uid.getUidValue());
            if (searchSingleEntry != null) {
                String guidAsDashedString = getSchemaTranslator2().getGuidAsDashedString(searchSingleEntry);
                if (uidValue.equals(guidAsDashedString)) {
                    LOG.ok("Resolved DN for name hint {0} returned object with GUID matched ({1})", new Object[]{nameHintValue, guidAsDashedString});
                    return searchSingleEntry.getDn();
                }
                LOG.ok("Resolvig DN for name hint {0} returned object with GUID mismatch (expected {1}, was {2})", new Object[]{nameHintValue, uidValue, guidAsDashedString});
            } else {
                LOG.ok("Resolvig DN for name hint {0} returned no object", new Object[]{nameHintValue});
            }
        }
        Dn guidDn = getSchemaTranslator2().getGuidDn(uidValue);
        if ("none".equals(m67getConfiguration().getGlobalCatalogStrategy())) {
            LOG.ok("Resolvig DN by search for {0} (no global catalog)", new Object[]{guidDn});
            Entry searchSingleEntry2 = searchSingleEntry(getConnectionManager(), guidDn, LdapUtil.createAllSearchFilter(), SearchScope.OBJECT, new String[]{AbstractLdapConfiguration.PSEUDO_ATTRIBUTE_DN_NAME}, "LDAP entry for GUID " + uidValue);
            if (searchSingleEntry2 == null) {
                throw new UnknownUidException("Entry for GUID " + uidValue + " was not found");
            }
            return searchSingleEntry2.getDn();
        }
        LOG.ok("Resolvig DN by search for {0} (global catalog)", new Object[]{guidDn});
        Entry searchSingleEntry3 = searchSingleEntry(this.globalCatalogConnectionManager, guidDn, LdapUtil.createAllSearchFilter(), SearchScope.OBJECT, new String[]{AbstractLdapConfiguration.PSEUDO_ATTRIBUTE_DN_NAME}, "LDAP entry for GUID " + uidValue);
        if (searchSingleEntry3 == null) {
            throw new UnknownUidException("Entry for GUID " + uidValue + " was not found in global catalog");
        }
        LOG.ok("Resolved GUID {0} in glogbal catalog to DN {1}", new Object[]{uidValue, searchSingleEntry3.getDn()});
        return searchSingleEntry3.getDn();
    }

    private void initWinRm() {
        initBus();
        this.winRmUsername = getWinRmUsername();
        this.winRmHost = getWinRmHost();
        WinRmTool.Builder builder = WinRmTool.Builder.builder(this.winRmHost, this.winRmUsername, getWinRmPassword());
        builder.setAuthenticationScheme("NTLM");
        builder.port(m67getConfiguration().getWinRmPort());
        builder.useHttps(m67getConfiguration().isWinRmUseHttps());
        builder.hostnameVerifier(new DefaultHostnameVerifier(null));
        this.winRmTool = builder.build();
    }

    private void disposeWinRm() {
        disposeBus();
    }

    private static synchronized void initBus() {
        busUsageCount++;
        LOG.ok("bus init (usage count = {0})", new Object[]{Integer.valueOf(busUsageCount)});
        BusFactory.getDefaultBus(true);
    }

    private static synchronized void disposeBus() {
        Bus defaultBus;
        busUsageCount--;
        LOG.ok("bus dispose (usage count = {0})", new Object[]{Integer.valueOf(busUsageCount)});
        if (busUsageCount != 0 || (defaultBus = BusFactory.getDefaultBus(false)) == null) {
            return;
        }
        LOG.ok("Shutting down WinRm CXF bus {0}", new Object[]{defaultBus});
        defaultBus.shutdown(true);
        LOG.ok("Bus shut down", new Object[0]);
    }

    private String getWinRmHost() {
        return m67getConfiguration().getWinRmHost() != null ? m67getConfiguration().getWinRmHost() : m67getConfiguration().getHost();
    }

    private String getWinRmUsername() {
        return m67getConfiguration().getWinRmUsername() != null ? m67getConfiguration().getWinRmUsername() : m67getConfiguration().getBindDn();
    }

    private String getWinRmPassword() {
        GuardedString winRmPassword = m67getConfiguration().getWinRmPassword();
        if (winRmPassword == null) {
            winRmPassword = m67getConfiguration().getBindPassword();
        }
        if (winRmPassword == null) {
            return null;
        }
        GuardedStringAccessor guardedStringAccessor = new GuardedStringAccessor();
        winRmPassword.access(guardedStringAccessor);
        return new String(guardedStringAccessor.getClearChars());
    }

    public Object runScriptOnResource(ScriptContext scriptContext, OperationOptions operationOptions) {
        WinRmToolResponse executePs;
        String scriptLanguage = scriptContext.getScriptLanguage();
        if (scriptLanguage == null || scriptLanguage.equals(AdLdapConfiguration.SCRIPT_LANGUAGE_POWERSHELL)) {
            String scriptCommand = getScriptCommand(scriptContext, m67getConfiguration().getPowershellArgumentStyle());
            OperationLog.log("{0} Script REQ powershell: {1}", this.winRmHost, scriptCommand);
            LOG.ok("Executing powershell script on {0} as {1}: {2}", new Object[]{this.winRmHost, this.winRmUsername, scriptCommand});
            executePs = this.winRmTool.executePs(scriptCommand);
        } else {
            if (!scriptLanguage.equals(AdLdapConfiguration.SCRIPT_LANGUAGE_CMD)) {
                throw new IllegalArgumentException("Unknown script language '" + scriptLanguage + "'");
            }
            String scriptCommand2 = getScriptCommand(scriptContext, AdLdapConfiguration.ARGUMENT_STYLE_DASHED);
            OperationLog.log("{0} Script REQ cmd: {1}", this.winRmHost, scriptCommand2);
            LOG.ok("Executing cmd script on {0} as {1}: {2}", new Object[]{this.winRmHost, this.winRmUsername, scriptCommand2});
            executePs = this.winRmTool.executeCommand(scriptCommand2);
        }
        OperationLog.log("{0} Script RES status={1}", this.winRmHost, Integer.valueOf(executePs.getStatusCode()));
        LOG.ok("Script returned status {0}\nSTDOUT:\n{1}\nSTDERR:\n{2}", new Object[]{Integer.valueOf(executePs.getStatusCode()), executePs.getStdOut(), executePs.getStdErr()});
        if (executePs.getStatusCode() != 0) {
            throw new ConnectorException("Script execution failed (status code " + executePs.getStatusCode() + "): " + getScriptError(executePs));
        }
        return executePs.getStdOut();
    }

    private String getScriptCommand(ScriptContext scriptContext, String str) {
        Map scriptArguments = scriptContext.getScriptArguments();
        if (scriptArguments == null || scriptArguments.isEmpty()) {
            scriptContext.getScriptText();
        }
        StringBuilder sb = new StringBuilder();
        if (AdLdapConfiguration.ARGUMENT_STYLE_VARIABLES.equals(str)) {
            for (Map.Entry entry : scriptArguments.entrySet()) {
                if (entry.getValue() != null) {
                    sb.append("$");
                    sb.append((String) entry.getKey());
                    sb.append(" = ");
                    sb.append(quoteSingle(entry.getValue()));
                    sb.append("; ");
                }
            }
        }
        sb.append(scriptContext.getScriptText());
        if (AdLdapConfiguration.ARGUMENT_STYLE_DASHED.equals(str)) {
            for (Map.Entry entry2 : scriptArguments.entrySet()) {
                sb.append(" -");
                sb.append((String) entry2.getKey());
                sb.append(" ");
                sb.append(entry2.getValue());
            }
        }
        return sb.toString();
    }

    private String quoteSingle(Object obj) {
        return obj == null ? "" : "'" + obj.toString().replaceAll("'", "''") + "'";
    }

    private String getScriptError(WinRmToolResponse winRmToolResponse) {
        String stdErr = winRmToolResponse.getStdErr();
        if (stdErr == null) {
            return null;
        }
        return stdErr;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    /* JADX WARN: Type inference failed for: r0v6, types: [com.evolveum.polygon.connector.ldap.ad.AdSchemaTranslator] */
    @Override // com.evolveum.polygon.connector.ldap.AbstractLdapConnector
    public void postUpdate(org.identityconnectors.framework.common.objects.ObjectClass objectClass, Uid uid, Set<Attribute> set, OperationOptions operationOptions, ModificationOperation modificationOperation, Dn dn, ObjectClass objectClass2, List<Modification> list) {
        super.postUpdate(objectClass, uid, set, operationOptions, modificationOperation, dn, objectClass2, list);
        if (m67getConfiguration().isForcePasswordChangeAtNextLogon() && getSchemaTranslator2().isUserObjectClass(objectClass2.getName())) {
            Iterator<Attribute> it = set.iterator();
            while (it.hasNext()) {
                if (OperationalAttributeInfos.PASSWORD.is(it.next().getName())) {
                    ArrayList arrayList = new ArrayList();
                    addAttributeModification(dn, arrayList, objectClass2, objectClass, AttributeBuilder.build(AdConstants.ATTRIBUTE_PWD_LAST_SET_NAME, new Object[]{"0"}), ModificationOperation.REPLACE_ATTRIBUTE);
                    modify(dn, arrayList);
                    return;
                }
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.evolveum.polygon.connector.ldap.AbstractLdapConnector
    public void patchSchemaManager(SchemaManager schemaManager) {
        super.patchSchemaManager(schemaManager);
        if (m67getConfiguration().isTweakSchema()) {
            MatchingRuleRegistry matchingRuleRegistry = schemaManager.getRegistries().getMatchingRuleRegistry();
            MatchingRule matchingRule = matchingRuleRegistry.get("2.5.13.2");
            if (matchingRule == null) {
                MutableMatchingRule mutableMatchingRule = new MutableMatchingRule("2.5.13.2");
                mutableMatchingRule.setSyntaxOid(SchemaConstants.DIRECTORY_STRING_SYNTAX);
                mutableMatchingRule.setNormalizer(new DeepTrimToLowerNormalizer("2.5.13.2"));
                matchingRule = mutableMatchingRule;
                register(matchingRuleRegistry, mutableMatchingRule);
            }
            fixAttribute(schemaManager, "2.5.4.3", "cn", createStringSyntax(SchemaConstants.DIRECTORY_STRING_SYNTAX), matchingRule);
            fixAttribute(schemaManager, "0.9.2342.19200300.100.1.25", "dc", createStringSyntax(SchemaConstants.DIRECTORY_STRING_SYNTAX), matchingRule);
            fixAttribute(schemaManager, "2.5.4.11", "ou", createStringSyntax(SchemaConstants.DIRECTORY_STRING_SYNTAX), matchingRule);
        }
    }

    private LdapSyntax createStringSyntax(String str) {
        LdapSyntax ldapSyntax = new LdapSyntax(str);
        ldapSyntax.setHumanReadable(true);
        ldapSyntax.setSyntaxChecker(new DirectoryStringSyntaxChecker());
        return ldapSyntax;
    }

    private void fixAttribute(SchemaManager schemaManager, String str, String str2, LdapSyntax ldapSyntax, MatchingRule matchingRule) {
        MutableAttributeType mutableAttributeType;
        Registries registries = schemaManager.getRegistries();
        AttributeTypeRegistry attributeTypeRegistry = registries.getAttributeTypeRegistry();
        ObjectClassRegistry objectClassRegistry = registries.getObjectClassRegistry();
        AttributeType attributeType = attributeTypeRegistry.get(str);
        if (attributeType == null || attributeType.getEquality() == null) {
            if (attributeType != null) {
                try {
                    attributeTypeRegistry.unregister((AttributeTypeRegistry) attributeType);
                    mutableAttributeType = new MutableAttributeType(attributeType.getOid());
                    mutableAttributeType.setNames(attributeType.getNames());
                } catch (LdapException e) {
                    throw new IllegalStateException("Error unregistering " + attributeType + ": " + e.getMessage(), e);
                }
            } else {
                mutableAttributeType = new MutableAttributeType(str);
                mutableAttributeType.setNames(str2);
            }
            mutableAttributeType.setSyntax(ldapSyntax);
            mutableAttributeType.setEquality(matchingRule);
            mutableAttributeType.setSingleValued(true);
            LOG.ok("Registering replacement attributeType: {0}", new Object[]{mutableAttributeType});
            register(attributeTypeRegistry, mutableAttributeType);
            fixObjectClasses(objectClassRegistry, attributeType, mutableAttributeType);
        }
    }

    private void fixObjectClasses(ObjectClassRegistry objectClassRegistry, AttributeType attributeType, AttributeType attributeType2) {
        for (ObjectClass objectClass : objectClassRegistry) {
            fixOblectClassAttributes(objectClass.getMayAttributeTypes(), attributeType, attributeType2);
            fixOblectClassAttributes(objectClass.getMustAttributeTypes(), attributeType, attributeType2);
        }
    }

    private void fixOblectClassAttributes(List<AttributeType> list, AttributeType attributeType, AttributeType attributeType2) {
        for (int i = 0; i < list.size(); i++) {
            if (list.get(i).equals(attributeType)) {
                list.set(i, attributeType2);
                return;
            }
        }
    }

    private <T extends SchemaObject> void register(SchemaObjectRegistry<T> schemaObjectRegistry, T t) {
        try {
            schemaObjectRegistry.register(t);
        } catch (LdapException e) {
            throw new IllegalStateException("Error registering " + t + ": " + e.getMessage(), e);
        }
    }
}
