package org.xdi.oxauth.service;

import com.unboundid.ldap.sdk.Filter;
import com.unboundid.ldap.sdk.LDAPException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.inject.Inject;
import org.gluu.site.ldap.persistence.LdapEntryManager;
import org.slf4j.Logger;
import org.xdi.ldap.model.LdapDummyEntry;
import org.xdi.oxauth.model.configuration.BaseFilter;
import org.xdi.util.ArrayHelper;
import org.xdi.util.StringHelper;

/* loaded from: input_file:org/xdi/oxauth/service/BaseAuthFilterService.class */
public abstract class BaseAuthFilterService {

    @Inject
    protected Logger log;
    public static final Pattern PARAM_VALUE_PATTERN = Pattern.compile("([\\w]+)[\\s]*\\=[\\*\\s]*(\\{[\\s]*[\\d]+[\\s]*\\})[\\*\\s]*");
    private boolean enabled;
    private boolean filterAttributes = true;
    private List<AuthenticationFilterWithParameters> filterWithParameters;

    /* loaded from: input_file:org/xdi/oxauth/service/BaseAuthFilterService$AuthenticationFilterWithParameters.class */
    public static class AuthenticationFilterWithParameters {
        private BaseFilter authenticationFilter;
        private List<String> variableNames;
        private List<IndexedParameter> indexedVariables;

        public AuthenticationFilterWithParameters(BaseFilter baseFilter, List<String> list, List<IndexedParameter> list2) {
            this.authenticationFilter = baseFilter;
            this.variableNames = list;
            this.indexedVariables = list2;
        }

        public BaseFilter getAuthenticationFilter() {
            return this.authenticationFilter;
        }

        public void setAuthenticationFilter(BaseFilter baseFilter) {
            this.authenticationFilter = baseFilter;
        }

        public List<String> getVariableNames() {
            return this.variableNames;
        }

        public void setVariableNames(List<String> list) {
            this.variableNames = list;
        }

        public List<IndexedParameter> getIndexedVariables() {
            return this.indexedVariables;
        }

        public void setIndexedVariables(List<IndexedParameter> list) {
            this.indexedVariables = list;
        }

        public String toString() {
            return String.format("AutheticationFilterWithParameters [authenticationFilter=%s, variableNames=%s, indexedVariables=%s]", this.authenticationFilter, this.variableNames, this.indexedVariables);
        }
    }

    /* loaded from: input_file:org/xdi/oxauth/service/BaseAuthFilterService$IndexedParameter.class */
    public static class IndexedParameter {
        private String paramName;
        private String paramIndex;

        public IndexedParameter(String str, String str2) {
            this.paramName = str;
            this.paramIndex = str2;
        }

        public String getParamName() {
            return this.paramName;
        }

        public void setParamName(String str) {
            this.paramName = str;
        }

        public String getParamIndex() {
            return this.paramIndex;
        }

        public void setParamIndex(String str) {
            this.paramIndex = str;
        }

        public String toString() {
            return String.format("IndexedParameter [paramName=%s, paramIndex=%s]", this.paramName, this.paramIndex);
        }
    }

    public void init(List<? extends BaseFilter> list, boolean z, boolean z2) {
        this.enabled = z;
        this.filterWithParameters = prepareAuthenticationFilterWithParameters(list);
        this.filterAttributes = z2;
    }

    private List<AuthenticationFilterWithParameters> prepareAuthenticationFilterWithParameters(List<? extends BaseFilter> list) {
        ArrayList arrayList = new ArrayList();
        if (!this.enabled || list == null) {
            return arrayList;
        }
        for (BaseFilter baseFilter : list) {
            if (Boolean.TRUE.equals(baseFilter.getBind()) && StringHelper.isEmpty(baseFilter.getBindPasswordAttribute())) {
                this.log.error("Skipping authentication filter:\n '{}'\n. It should contains not empty bind-password-attribute attribute. ", baseFilter);
            } else {
                ArrayList arrayList2 = new ArrayList();
                ArrayList arrayList3 = new ArrayList();
                Matcher matcher = PARAM_VALUE_PATTERN.matcher(baseFilter.getFilter());
                while (matcher.find()) {
                    String normalizeAttributeName = normalizeAttributeName(matcher.group(1));
                    String group = matcher.group(2);
                    arrayList2.add(normalizeAttributeName);
                    arrayList3.add(new IndexedParameter(normalizeAttributeName, group));
                }
                AuthenticationFilterWithParameters authenticationFilterWithParameters = new AuthenticationFilterWithParameters(baseFilter, arrayList2, arrayList3);
                arrayList.add(authenticationFilterWithParameters);
                this.log.debug("Authentication filter with parameters: '{}'. ", authenticationFilterWithParameters);
            }
        }
        return arrayList;
    }

    public static List<AuthenticationFilterWithParameters> getAllowedAuthenticationFilters(Collection<?> collection, List<AuthenticationFilterWithParameters> list) {
        ArrayList arrayList = new ArrayList();
        if (collection == null) {
            return arrayList;
        }
        HashSet hashSet = new HashSet();
        Iterator<?> it = collection.iterator();
        while (it.hasNext()) {
            hashSet.add(normalizeAttributeName(it.next().toString()));
        }
        for (AuthenticationFilterWithParameters authenticationFilterWithParameters : list) {
            if (hashSet.containsAll(authenticationFilterWithParameters.getVariableNames())) {
                arrayList.add(authenticationFilterWithParameters);
            }
        }
        return arrayList;
    }

    public static Map<String, String> normalizeAttributeMap(Map<?, ?> map) {
        HashMap hashMap = new HashMap();
        for (Map.Entry<?, ?> entry : map.entrySet()) {
            String str = null;
            Object value = entry.getValue();
            if (value instanceof String[]) {
                if (ArrayHelper.isNotEmpty((String[]) value)) {
                    str = ((String[]) value)[0];
                }
            } else if (value instanceof String) {
                str = (String) value;
            } else if (value != null) {
                str = value.toString();
            }
            if (str != null) {
                hashMap.put(normalizeAttributeName(entry.getKey().toString()), str);
            }
        }
        return hashMap;
    }

    public static String buildFilter(AuthenticationFilterWithParameters authenticationFilterWithParameters, Map<String, String> map) {
        String filter = authenticationFilterWithParameters.getAuthenticationFilter().getFilter();
        for (IndexedParameter indexedParameter : authenticationFilterWithParameters.getIndexedVariables()) {
            String str = map.get(indexedParameter.getParamName());
            if (str != null) {
                filter = filter.replace(indexedParameter.getParamIndex(), str);
            }
        }
        return filter;
    }

    public String loadEntryDN(LdapEntryManager ldapEntryManager, AuthenticationFilterWithParameters authenticationFilterWithParameters, Map<String, String> map) {
        String buildFilter = buildFilter(authenticationFilterWithParameters, map);
        try {
            Filter create = Filter.create(buildFilter);
            List findEntries = ldapEntryManager.findEntries(authenticationFilterWithParameters.getAuthenticationFilter().getBaseDn(), LdapDummyEntry.class, new String[0], create);
            if (findEntries.size() > 1) {
                this.log.error("Found more than one entry by filter: '{}'. Entries:\n", create, findEntries);
                return null;
            }
            if (findEntries.size() != 1) {
                return null;
            }
            return ((LdapDummyEntry) findEntries.get(0)).getDn();
        } catch (LDAPException e) {
            this.log.error("Failed to create Ldap filter: '{}'", e, buildFilter);
            return null;
        }
    }

    public String processAuthenticationFilters(Map<?, ?> map) {
        if (map == null) {
            return null;
        }
        Iterator<AuthenticationFilterWithParameters> it = (this.filterAttributes ? getAllowedAuthenticationFilters(map.keySet(), getFilterWithParameters()) : getFilterWithParameters()).iterator();
        while (it.hasNext()) {
            String processAuthenticationFilter = processAuthenticationFilter(it.next(), map);
            if (StringHelper.isNotEmpty(processAuthenticationFilter)) {
                return processAuthenticationFilter;
            }
        }
        return null;
    }

    public abstract String processAuthenticationFilter(AuthenticationFilterWithParameters authenticationFilterWithParameters, Map<?, ?> map);

    public List<AuthenticationFilterWithParameters> getFilterWithParameters() {
        return this.filterWithParameters;
    }

    public boolean isEnabled() {
        return this.enabled;
    }

    public void setEnabled(boolean z) {
        this.enabled = z;
    }

    public boolean isFilterAttributes() {
        return this.filterAttributes;
    }

    public void setFilterAttributes(boolean z) {
        this.filterAttributes = z;
    }

    public static String normalizeAttributeName(String str) {
        return StringHelper.toLowerCase(str.trim());
    }
}
