package com.wikidsystems.ldap;

import java.util.Collection;
import java.util.Collections;
import java.util.HashSet;
import java.util.Hashtable;
import javax.naming.NamingException;
import org.apache.directory.server.core.authn.AbstractAuthenticator;
import org.apache.directory.server.core.authn.LdapPrincipal;
import org.apache.directory.server.core.jndi.ServerContext;
import org.apache.directory.shared.ldap.aci.AuthenticationLevel;
import org.apache.directory.shared.ldap.exception.LdapAuthenticationException;
import org.apache.directory.shared.ldap.name.LdapDN;
import org.apache.directory.shared.ldap.util.ArrayUtils;
import org.apache.log4j.Logger;

/* loaded from: input_file:com/wikidsystems/ldap/WiKIDSimpleAuthenticator.class */
public class WiKIDSimpleAuthenticator extends AbstractAuthenticator {
    private static final Logger log = Logger.getLogger(WiKIDSimpleAuthenticator.class);
    private static final Collection USERLOOKUP_BYPASS;
    private WiKIDLdapClient wlc;

    public WiKIDSimpleAuthenticator() {
        super("simple");
        this.wlc = null;
        log.info("WiKIDSimpleAuthenticator() called!");
        this.wlc = new WiKIDLdapClient();
    }

    public LdapPrincipal authenticate(LdapDN ldapDN, ServerContext serverContext) throws NamingException {
        log.info("authenticate() called!");
        Hashtable environment = serverContext.getEnvironment();
        for (String str : environment.keySet()) {
        }
        if (environment.get("wikid.servercode") == null) {
            log.info("wikid.servercode not defined in server.xml ... hope there is a domain= component to the DN ...");
        }
        Object obj = environment.get("java.naming.security.credentials");
        String str2 = null;
        if (obj == null) {
            obj = ArrayUtils.EMPTY_BYTE_ARRAY;
            str2 = "";
        } else if (obj instanceof String) {
            str2 = (String) obj;
            obj = ((String) obj).getBytes();
        } else if (obj instanceof byte[]) {
            str2 = new String((byte[]) obj);
        }
        log.debug("credentials: " + obj + " of type: " + obj.getClass().getName());
        log.debug("passcode: " + str2);
        if (!environment.containsKey("java.naming.security.principal")) {
            log.warn("no security principal found in context");
            throw new LdapAuthenticationException();
        }
        log.debug("extracting security principal from context");
        String nameInNamespace = serverContext.getNameInNamespace();
        if (nameInNamespace == null) {
            log.warn("security principal was empty!");
            throw new LdapAuthenticationException();
        }
        log.debug("principal: " + nameInNamespace);
        log.debug("(again?) extracting security principal from jndi context");
        String str3 = (String) environment.get("java.naming.security.principal");
        log.debug("principal: " + str3);
        log.debug("principalDn: " + new LdapDN(str3));
        if (str3.indexOf("domain=") != -1) {
            log.info("attempting WiKID auth check of '" + str3 + "' ...");
            try {
                log.debug("creating new object ...");
                this.wlc.createWClient();
                log.debug("authenticating ...");
                int authenticate = this.wlc.authenticate(str3, str2);
                log.info("done authenticating, result = " + authenticate);
                this.wlc.close();
                if (authenticate == 1) {
                    log.info("auth passed!");
                    return createLdapPrincipal(str3, AuthenticationLevel.SIMPLE);
                }
            } catch (Exception e) {
                log.warn("failed WiKID auth check: " + e);
                e.printStackTrace();
                e.printStackTrace(System.out);
            }
            log.info("finished with attempted WiKID auth check of '" + str3 + " ...");
        } else {
            log.info("Skipping WiKID check of non-WiKID principal:" + str3);
        }
        throw new LdapAuthenticationException();
    }

    static {
        HashSet hashSet = new HashSet();
        hashSet.add("authenticationService");
        hashSet.add("authorizationService");
        hashSet.add("oldAuthorizationService");
        hashSet.add("schemaService");
        hashSet.add("subentryService");
        hashSet.add("operationalAttributeService");
        hashSet.add("eventService");
        USERLOOKUP_BYPASS = Collections.unmodifiableCollection(hashSet);
    }
}
