package de.superx.servlet;

import de.memtext.util.StringUtils;
import de.superx.saiku.SuperxSaikuConnectionManager;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.util.Date;
import java.util.Properties;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;

/* loaded from: input_file:de/superx/servlet/LdapPasswordChecker.class */
public class LdapPasswordChecker {
    private static Properties props = new Properties();
    private static String[] attributeFilter = new String[1];
    private static boolean hasLdapServiceUserDN = false;
    private static boolean wasSetupTestOK = false;

    public static void setup(File file) throws IOException {
        FileInputStream fileInputStream = new FileInputStream(file);
        props.load(fileInputStream);
        fileInputStream.close();
        checkProperty(file, "LdapUrl");
        checkProperty(file, "LdapBase");
        checkProperty(file, "LdapIdentifyingAttribute");
        if (!StringUtils.isNullOrEmpty(props.getProperty("LdapServiceUserDN"))) {
            hasLdapServiceUserDN = true;
            System.out.println(" LDAP Passwortkontrolle ServiceUser aktiviert");
        }
        attributeFilter[0] = props.getProperty("LdapIdentifyingAttribute");
        new LdapPasswordChecker().isLdapPasswordOK(true, SxSQL_Server.DEFAULT_MANDANTEN_ID, SuperxSaikuConnectionManager.SECURITY_TYPE_SUPERX, "not_relevant_just_testing_connection");
        wasSetupTestOK = true;
    }

    private static void checkProperty(File file, String str) throws IllegalStateException {
        if (StringUtils.isNullOrEmpty(props.getProperty(str))) {
            throw new IllegalStateException(" Property \"" + str + "\" ist in Datei " + file + " nicht konfiguiert");
        }
    }

    public boolean isLdapPasswordOK(boolean z, String str, String str2, String str3) {
        Date date = new Date();
        if (props.size() == 0) {
            throw new IllegalStateException("LDAP Passwordchecker nicht konfiguiert, setup Methode muss vorher aufgerufen werden");
        }
        if (!z && !wasSetupTestOK) {
            throw new IllegalStateException("LDAP Setup für gesamten Server war nicht erfolgreich");
        }
        DirContext dirContext = null;
        try {
            try {
                dirContext = initContext();
                NamingEnumeration<SearchResult> searchForUser = searchForUser(dirContext, str2);
                if (!z) {
                    tryAuthentification(searchForUser, str2, str3);
                }
                if (dirContext != null) {
                    try {
                        dirContext.close();
                    } catch (NamingException e) {
                        e.printStackTrace();
                    }
                }
                System.out.println(new Date().getTime() - date.getTime());
                return true;
            } catch (Throwable th) {
                if (dirContext != null) {
                    try {
                        dirContext.close();
                    } catch (NamingException e2) {
                        e2.printStackTrace();
                    }
                }
                System.out.println(new Date().getTime() - date.getTime());
                throw th;
            }
        } catch (Exception e3) {
            if (e3.getMessage() != null && e3.getMessage().indexOf("Invalid Credentials") > -1) {
                Logger.getLogger("superx_" + str).log(Level.INFO, " Authentifizierung via LDAP für User " + str2 + " fehlgeschlagen :" + e3.toString());
            }
            if (e3.getLocalizedMessage() == null || e3.getLocalizedMessage().indexOf("Kein LDAP Eintrag für User") <= -1) {
                e3.printStackTrace();
            } else {
                Logger.getLogger("superx_" + str).log(Level.INFO, " Kein LDAP User " + str2 + " gefunden :" + e3.toString());
            }
            if (dirContext != null) {
                try {
                    dirContext.close();
                } catch (NamingException e4) {
                    e4.printStackTrace();
                }
            }
            System.out.println(new Date().getTime() - date.getTime());
            return false;
        }
    }

    private NamingEnumeration<SearchResult> searchForUser(DirContext dirContext, String str) throws NamingException {
        SearchControls searchControls = new SearchControls();
        searchControls.setReturningAttributes(attributeFilter);
        searchControls.setSearchScope(2);
        return dirContext.search(props.getProperty("LdapBase"), "(" + props.getProperty("LdapIdentifyingAttribute") + "=" + str + ")", searchControls);
    }

    private void tryAuthentification(NamingEnumeration<SearchResult> namingEnumeration, String str, String str2) throws NamingException {
        if (!namingEnumeration.hasMore()) {
            throw new IllegalStateException(" Kein LDAP Eintrag für User " + str + " gefunden");
        }
        String nameInNamespace = ((SearchResult) namingEnumeration.next()).getNameInNamespace();
        Properties properties = new Properties();
        properties.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
        properties.put("java.naming.provider.url", props.getProperty("LdapUrl"));
        properties.put("java.naming.security.principal", nameInNamespace);
        properties.put("java.naming.security.credentials", str2);
        new InitialDirContext(properties);
    }

    private InitialDirContext initContext() throws NamingException {
        Properties properties = new Properties();
        properties.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
        properties.put("java.naming.provider.url", props.getProperty("LdapUrl"));
        properties.put("java.naming.security.authentication", "simple");
        if (hasLdapServiceUserDN) {
            properties.put("java.naming.security.principal", props.getProperty("LdapServiceUserDN"));
            properties.put("java.naming.security.credentials", props.getProperty("LdapServiceUserPassword"));
        }
        return new InitialDirContext(properties);
    }
}
