package com.evolveum.polygon.connector.ldap.sync;

import com.evolveum.polygon.connector.ldap.AbstractLdapConfiguration;
import com.evolveum.polygon.connector.ldap.ConnectionManager;
import com.evolveum.polygon.connector.ldap.LdapUtil;
import com.evolveum.polygon.connector.ldap.ad.AdConstants;
import com.evolveum.polygon.connector.ldap.schema.AbstractSchemaTranslator;
import java.util.Arrays;
import java.util.Base64;
import org.apache.commons.lang3.StringUtils;
import org.apache.directory.api.ldap.extras.controls.ad.AdDirSyncRequestImpl;
import org.apache.directory.api.ldap.extras.controls.ad.AdDirSyncResponse;
import org.apache.directory.api.ldap.extras.controls.ad.AdShowDeletedImpl;
import org.apache.directory.api.ldap.model.cursor.CursorException;
import org.apache.directory.api.ldap.model.cursor.SearchCursor;
import org.apache.directory.api.ldap.model.entry.Entry;
import org.apache.directory.api.ldap.model.exception.LdapException;
import org.apache.directory.api.ldap.model.message.Control;
import org.apache.directory.api.ldap.model.message.Response;
import org.apache.directory.api.ldap.model.message.SearchRequest;
import org.apache.directory.api.ldap.model.message.SearchRequestImpl;
import org.apache.directory.api.ldap.model.message.SearchResultDone;
import org.apache.directory.api.ldap.model.message.SearchResultEntry;
import org.apache.directory.api.ldap.model.message.SearchScope;
import org.apache.directory.api.ldap.model.name.Dn;
import org.apache.directory.api.ldap.model.schema.SchemaManager;
import org.apache.directory.ldap.client.api.LdapNetworkConnection;
import org.identityconnectors.common.logging.Log;
import org.identityconnectors.framework.common.exceptions.ConnectorIOException;
import org.identityconnectors.framework.common.exceptions.InvalidAttributeValueException;
import org.identityconnectors.framework.common.objects.ObjectClass;
import org.identityconnectors.framework.common.objects.ObjectClassInfo;
import org.identityconnectors.framework.common.objects.OperationOptions;
import org.identityconnectors.framework.common.objects.SyncDeltaBuilder;
import org.identityconnectors.framework.common.objects.SyncDeltaType;
import org.identityconnectors.framework.common.objects.SyncResultsHandler;
import org.identityconnectors.framework.common.objects.SyncToken;
import org.identityconnectors.framework.common.objects.Uid;
import org.identityconnectors.framework.spi.SyncTokenResultsHandler;

/* loaded from: input_file:com/evolveum/polygon/connector/ldap/sync/AdDirSyncStrategy.class */
public class AdDirSyncStrategy<C extends AbstractLdapConfiguration> extends SyncStrategy<C> {
    private static final Log LOG = Log.getLog(AdDirSyncStrategy.class);

    public AdDirSyncStrategy(AbstractLdapConfiguration abstractLdapConfiguration, ConnectionManager<C> connectionManager, SchemaManager schemaManager, AbstractSchemaTranslator<C> abstractSchemaTranslator) {
        super(abstractLdapConfiguration, connectionManager, schemaManager, abstractSchemaTranslator);
    }

    @Override // com.evolveum.polygon.connector.ldap.sync.SyncStrategy
    public void sync(ObjectClass objectClass, SyncToken syncToken, SyncResultsHandler syncResultsHandler, OperationOptions operationOptions) {
        ObjectClassInfo objectClassInfo = null;
        org.apache.directory.api.ldap.model.schema.ObjectClass objectClass2 = null;
        if (!objectClass.is(ObjectClass.ALL_NAME)) {
            objectClassInfo = getSchemaTranslator().findObjectClassInfo(objectClass);
            if (objectClassInfo == null) {
                throw new InvalidAttributeValueException("No definition for object class " + objectClass);
            }
            objectClass2 = getSchemaTranslator().toLdapObjectClass(objectClass);
        }
        SearchRequest createSearchRequest = createSearchRequest("(objectClass=*)", syncToken);
        createSearchRequest.addControl((Control) new AdShowDeletedImpl());
        int i = 0;
        int i2 = 0;
        byte[] bArr = null;
        LdapNetworkConnection connection = getConnectionManager().getConnection(createSearchRequest.getBase(), operationOptions);
        try {
            SearchCursor search = connection.search(createSearchRequest);
            while (search.next()) {
                Response response = search.get();
                if (response instanceof SearchResultEntry) {
                    Entry entry = ((SearchResultEntry) response).getEntry();
                    LOG.ok("Found DirSync entry: {0}", new Object[]{entry});
                    i++;
                    byte[] bArr2 = null;
                    AdDirSyncResponse adDirSyncResponse = (AdDirSyncResponse) response.getControl("1.2.840.113556.1.4.841");
                    if (adDirSyncResponse != null) {
                        bArr2 = adDirSyncResponse.getCookie();
                        if (bArr2 != null) {
                            bArr = bArr2;
                        }
                    }
                    String uidValue = LdapUtil.getUidValue(entry, objectClass2, getConfiguration(), getSchemaTranslator());
                    SyncDeltaBuilder syncDeltaBuilder = new SyncDeltaBuilder();
                    syncDeltaBuilder.setToken(new SyncToken(bArr2 == null ? "" : Base64.getEncoder().encodeToString(bArr2)));
                    if (LdapUtil.getBooleanAttribute(entry, AdConstants.ATTRIBUTE_IS_DELETED, Boolean.FALSE).booleanValue()) {
                        syncDeltaBuilder.setDeltaType(SyncDeltaType.DELETE);
                        syncDeltaBuilder.setUid(new Uid(uidValue));
                    } else {
                        syncDeltaBuilder.setDeltaType(SyncDeltaType.CREATE_OR_UPDATE);
                        Entry fetchEntryByUid = LdapUtil.fetchEntryByUid(connection, uidValue, objectClass2, operationOptions, getConfiguration(), getSchemaTranslator());
                        LOG.ok("Got target entry based on dirSync, targetUid={0}:\n{1}", new Object[]{uidValue, fetchEntryByUid});
                        if (fetchEntryByUid != null && isAcceptableForSynchronization(fetchEntryByUid, objectClass2, getConfiguration().getModifiersNamesToFilterOut())) {
                            syncDeltaBuilder.setObject(getSchemaTranslator().toConnIdObject(connection, objectClassInfo, fetchEntryByUid));
                        }
                    }
                    syncResultsHandler.handle(syncDeltaBuilder.build());
                    i2++;
                } else {
                    LOG.ok("Non-entry response: {0}", new Object[]{response});
                }
            }
            SearchResultDone searchResultDone = search.getSearchResultDone();
            if (searchResultDone != null) {
                AdDirSyncResponse adDirSyncResponse2 = (AdDirSyncResponse) searchResultDone.getControl("1.2.840.113556.1.4.841");
                if (adDirSyncResponse2 == null) {
                    LOG.warn("No DirSync response control in search done response", new Object[0]);
                } else {
                    bArr = adDirSyncResponse2.getCookie();
                    if (bArr == null) {
                        LOG.warn("No entry cookie in DirSync response in search done response", new Object[0]);
                    }
                }
            }
            LdapUtil.closeCursor(search);
            LOG.ok("Search DN {0} with {1}: {2} entries, {3} processed", new Object[]{createSearchRequest.getBase(), createSearchRequest.getFilter(), Integer.valueOf(i), Integer.valueOf(i2)});
            if ((syncResultsHandler instanceof SyncTokenResultsHandler) && bArr != null) {
                ((SyncTokenResultsHandler) syncResultsHandler).handleResult(new SyncToken(Base64.getEncoder().encodeToString(bArr)));
            }
            returnConnection(connection);
        } catch (CursorException | LdapException e) {
            returnConnection(connection);
            throw new ConnectorIOException("Error searching for changes (" + createSearchRequest.getFilter() + "): " + e.getMessage(), e);
        }
    }

    @Override // com.evolveum.polygon.connector.ldap.sync.SyncStrategy
    public SyncToken getLatestSyncToken(ObjectClass objectClass) {
        byte[] bArr = null;
        SearchRequest createSearchRequest = createSearchRequest("(cn=__entry_like_this_is_unlikely_to_exist__)", null);
        LdapNetworkConnection connection = getConnectionManager().getConnection(createSearchRequest.getBase(), null);
        try {
            SearchCursor search = connection.search(createSearchRequest);
            while (search.next()) {
                Response response = search.get();
                if (response instanceof SearchResultEntry) {
                    LOG.ok("Found unexpected entry: {0}", new Object[]{((SearchResultEntry) response).getEntry()});
                }
            }
            SearchResultDone searchResultDone = search.getSearchResultDone();
            if (searchResultDone != null) {
                AdDirSyncResponse adDirSyncResponse = (AdDirSyncResponse) searchResultDone.getControl("1.2.840.113556.1.4.841");
                if (adDirSyncResponse == null) {
                    LOG.warn("No DirSync response control in search done response", new Object[0]);
                } else {
                    bArr = adDirSyncResponse.getCookie();
                    if (bArr == null) {
                        LOG.warn("No entry cookie in DirSync response in search done response", new Object[0]);
                    }
                }
            }
            LdapUtil.closeCursor(search);
            if (bArr == null) {
                return null;
            }
            SyncToken syncToken = new SyncToken(Base64.getEncoder().encodeToString(bArr));
            LOG.ok("Found latest sync token: {0}", new Object[]{syncToken});
            returnConnection(connection);
            return syncToken;
        } catch (CursorException e) {
            returnConnection(connection);
            throw new ConnectorIOException("Error searching for changes (" + createSearchRequest.getFilter() + "): " + e.getMessage(), e);
        } catch (LdapException e2) {
            returnConnection(connection);
            throw new ConnectorIOException("Error searching for changes (" + createSearchRequest.getFilter() + "): " + e2.getMessage(), e2);
        }
    }

    private SearchRequest createSearchRequest(String str, SyncToken syncToken) {
        AdDirSyncRequestImpl adDirSyncRequestImpl = new AdDirSyncRequestImpl();
        adDirSyncRequestImpl.setCritical(true);
        byte[] bArr = null;
        if (syncToken != null) {
            Object value = syncToken.getValue();
            if (value instanceof String) {
                if (StringUtils.isNotBlank((String) value)) {
                    bArr = Base64.getDecoder().decode((String) value);
                }
            } else {
                if (!(value instanceof byte[])) {
                    throw new IllegalArgumentException("Unexpected type of sync token: " + value.getClass());
                }
                bArr = (byte[]) value;
            }
            adDirSyncRequestImpl.setCookie(bArr);
        }
        String baseContext = getConfiguration().getBaseContext();
        String[] strArr = new String[0];
        if (LOG.isOk()) {
            Log log = LOG;
            Object[] objArr = new Object[4];
            objArr[0] = baseContext;
            objArr[1] = str;
            objArr[2] = Arrays.toString(strArr);
            objArr[3] = bArr == null ? null : Base64.getEncoder().encodeToString(bArr);
            log.ok("Searching DN {0} with {1}, attrs: {2}, cookie: {3}", objArr);
        }
        SearchRequestImpl searchRequestImpl = new SearchRequestImpl();
        try {
            searchRequestImpl.setBase(new Dn(baseContext));
            searchRequestImpl.setFilter(str);
            searchRequestImpl.setScope(SearchScope.SUBTREE);
            searchRequestImpl.addAttributes(strArr);
            searchRequestImpl.addControl((Control) adDirSyncRequestImpl);
            return searchRequestImpl;
        } catch (LdapException e) {
            throw new IllegalStateException("Error constructing search request: " + e.getMessage(), e);
        }
    }
}
