package org.ejbca.core.model.ca.publisher;

import com.novell.ldap.LDAPConnection;
import com.novell.ldap.LDAPEntry;
import com.novell.ldap.LDAPException;
import com.novell.ldap.LDAPSearchResults;
import java.io.UnsupportedEncodingException;
import java.util.HashMap;
import java.util.Iterator;
import java.util.regex.Pattern;
import org.apache.log4j.Logger;
import org.cesecore.util.CertTools;
import org.ejbca.config.ScepConfiguration;
import org.ejbca.core.model.InternalEjbcaResources;
import org.ejbca.core.model.ca.publisher.LdapPublisher;
import org.ejbca.util.TCPTool;

/* loaded from: input_file:org/ejbca/core/model/ca/publisher/LdapSearchPublisher.class */
public class LdapSearchPublisher extends LdapPublisher {
    private static final long serialVersionUID = -4593116897226605008L;
    private static final Logger log = Logger.getLogger(LdapSearchPublisher.class);
    private static final InternalEjbcaResources intres = InternalEjbcaResources.getInstance();
    protected static final String SEARCHBASEDN = "searchbasedn";
    protected static final String SEARCHFILTER = "searchfilter";

    public LdapSearchPublisher() {
        this.data.put("type", 4);
        setSearchBaseDN("");
        setSearchFilter("");
        setModifyExistingAttributes(false);
        setAddNonExistingAttributes(false);
    }

    private static String getPartFromDN(String str, String str2, String str3) {
        String partFromDN = CertTools.getPartFromDN(str, str3);
        return partFromDN != null ? partFromDN : CertTools.getPartFromDN(str2, str3);
    }

    @Override // org.ejbca.core.model.ca.publisher.LdapPublisher
    protected LDAPEntry searchOldEntity(String str, int i, LDAPConnection lDAPConnection, String str2, String str3, String str4) throws PublisherException {
        String constructLDAPDN;
        LDAPEntry lDAPEntry = null;
        Iterator<String> it = getHostnameList().iterator();
        do {
            boolean z = false;
            String next = it.next();
            try {
                try {
                    TCPTool.probeConnectionLDAP(next, Integer.parseInt(getPort()), getConnectionTimeOut());
                    log.debug("Connecting to " + next);
                    lDAPConnection.connect(next, Integer.parseInt(getPort()));
                    if (getConnectionSecurity() == LdapPublisher.ConnectionSecurity.STARTTLS) {
                        if (log.isDebugEnabled()) {
                            log.debug("STARTTLS to LDAP server " + next);
                        }
                        lDAPConnection.startTLS();
                    }
                    log.debug("Logging in with BIND DN " + getLoginDN());
                    lDAPConnection.bind(i, getLoginDN(), getLoginPassword().getBytes("UTF8"), this.ldapBindConstraints);
                    String searchFilter = getSearchFilter();
                    if (log.isDebugEnabled()) {
                        log.debug("Compiling search filter: " + searchFilter + ", from certDN '" + str2 + "' and userDN '" + str3 + "'.");
                    }
                    if (str != null) {
                        searchFilter = Pattern.compile("\\$USERNAME", 2).matcher(searchFilter).replaceAll(str);
                    }
                    if (str4 != null) {
                        searchFilter = Pattern.compile("\\$EMAIL", 2).matcher(searchFilter).replaceAll(str4);
                    }
                    if (getPartFromDN(str2, str3, ScepConfiguration.DEFAULT_RA_NAME_GENERATION_PARAMETERS) != null) {
                        searchFilter = Pattern.compile("\\$CN", 2).matcher(searchFilter).replaceAll(getPartFromDN(str2, str3, ScepConfiguration.DEFAULT_RA_NAME_GENERATION_PARAMETERS));
                    }
                    if (getPartFromDN(str2, str3, "O") != null) {
                        searchFilter = Pattern.compile("\\$O", 2).matcher(searchFilter).replaceAll(getPartFromDN(str2, str3, "O"));
                    }
                    if (getPartFromDN(str2, str3, "OU") != null) {
                        searchFilter = Pattern.compile("\\$OU", 2).matcher(searchFilter).replaceAll(getPartFromDN(str2, str3, "OU"));
                    }
                    if (getPartFromDN(str2, str3, "C") != null) {
                        searchFilter = Pattern.compile("\\$C", 2).matcher(searchFilter).replaceAll(getPartFromDN(str2, str3, "C"));
                    }
                    if (getPartFromDN(str2, str3, "UID") != null) {
                        searchFilter = Pattern.compile("\\$UID", 2).matcher(searchFilter).replaceAll(getPartFromDN(str2, str3, "UID"));
                    }
                    log.debug("Resulting search filter '" + searchFilter + "'.");
                    log.debug("Making SRCH with BaseDN '" + getSearchBaseDN() + "' and filter '" + searchFilter + "'.");
                    LDAPSearchResults search = lDAPConnection.search(getSearchBaseDN(), 2, searchFilter, new String[]{"1.1"}, true, this.ldapSearchConstraints);
                    if (log.isDebugEnabled()) {
                        log.debug("serachResults contains entries: " + search.hasMore());
                    }
                    if (search.hasMore()) {
                        lDAPEntry = search.next();
                        constructLDAPDN = lDAPEntry.getDN();
                        if (search.hasMore()) {
                            log.debug("Found more than one matches with filter '" + searchFilter + "'. Using the first match with LDAP entry with DN: " + lDAPEntry.getDN());
                        } else {
                            log.debug("Found one match with filter: '" + searchFilter + "', match with DN: " + lDAPEntry.getDN());
                        }
                    } else {
                        constructLDAPDN = constructLDAPDN(str2, str3);
                        log.debug("No matches found using filter: '" + searchFilter + "'. Using DN: " + constructLDAPDN);
                    }
                    try {
                        lDAPEntry = lDAPConnection.read(constructLDAPDN, this.ldapSearchConstraints);
                    } catch (LDAPException e) {
                        if (e.getResultCode() == 32) {
                            log.info(intres.getLocalizedMessage("publisher.noentry", constructLDAPDN));
                        } else {
                            log.info(intres.getLocalizedMessage("publisher.infoexists", constructLDAPDN));
                        }
                    }
                    try {
                        lDAPConnection.disconnect(this.ldapDisconnectConstraints);
                    } catch (LDAPException e2) {
                        log.error(intres.getLocalizedMessage("publisher.errordisconnect", new Object[0]), e2);
                    }
                } catch (Throwable th) {
                    try {
                        lDAPConnection.disconnect(this.ldapDisconnectConstraints);
                    } catch (LDAPException e3) {
                        log.error(intres.getLocalizedMessage("publisher.errordisconnect", new Object[0]), e3);
                    }
                    throw th;
                }
            } catch (UnsupportedEncodingException e4) {
                throw new PublisherException(intres.getLocalizedMessage("publisher.errorpassword", getLoginPassword()));
            } catch (LDAPException e5) {
                if (e5.getResultCode() == 32) {
                    log.info(intres.getLocalizedMessage("publisher.noentry", str2 + ", " + str3));
                } else {
                    z = true;
                    if (!it.hasNext()) {
                        String localizedMessage = intres.getLocalizedMessage("publisher.errorldapbind", e5.getMessage());
                        log.error(localizedMessage, e5);
                        throw new PublisherException(localizedMessage);
                    }
                    log.debug("Failed to publish to " + next + ". Trying next in list.");
                }
                try {
                    lDAPConnection.disconnect(this.ldapDisconnectConstraints);
                } catch (LDAPException e6) {
                    log.error(intres.getLocalizedMessage("publisher.errordisconnect", new Object[0]), e6);
                }
            }
            if (!z) {
                break;
            }
        } while (it.hasNext());
        return lDAPEntry;
    }

    public String getSearchBaseDN() {
        return (String) this.data.get(SEARCHBASEDN);
    }

    public void setSearchBaseDN(String str) {
        this.data.put(SEARCHBASEDN, str);
    }

    public String getSearchFilter() {
        return (String) this.data.get(SEARCHFILTER);
    }

    public void setSearchFilter(String str) {
        this.data.put(SEARCHFILTER, str);
    }

    @Override // org.ejbca.core.model.ca.publisher.LdapPublisher, org.ejbca.core.model.ca.publisher.BasePublisher
    public Object clone() throws CloneNotSupportedException {
        LdapSearchPublisher ldapSearchPublisher = new LdapSearchPublisher();
        HashMap hashMap = (HashMap) ldapSearchPublisher.saveData();
        for (Object obj : this.data.keySet()) {
            hashMap.put(obj, this.data.get(obj));
        }
        ldapSearchPublisher.loadData(hashMap);
        return ldapSearchPublisher;
    }
}
