package weblogic.wtc.wls;

import com.bea.core.jatmi.common.ntrace;
import com.bea.core.jatmi.intf.TCAppKey;
import com.bea.core.jatmi.intf.TCAuthenticatedUser;
import java.security.AccessController;
import java.security.Principal;
import netscape.ldap.LDAPConnection;
import netscape.ldap.LDAPException;
import weblogic.ldap.EmbeddedLDAP;
import weblogic.security.WLSPrincipals;
import weblogic.security.acl.internal.AuthenticatedSubject;
import weblogic.security.service.PrivilegedActions;
import weblogic.security.service.SecurityServiceManager;
import weblogic.wtc.jatmi.DefaultUserRec;
import weblogic.wtc.jatmi.TPException;
import weblogic.wtc.jatmi.UserRec;

/* loaded from: input_file:weblogic/wtc/wls/ldapAppKey.class */
public final class ldapAppKey implements TCAppKey {
    public static final String DFLT_UID_KW = "TUXEDO_UID";
    public static final String DFLT_GID_KW = "TUXEDO_GID";
    private int dfltAppKey;
    private boolean allowAnon;
    private String domain;
    private String realm;
    private String passwd;
    private String host;
    private String base;
    private int port;
    private LDAPConnection ld;
    private static final int scope = 2;
    private static final boolean attrsonly = false;
    private static final String base_prefix = "ou=people";
    private static final String ou = ",ou=";
    private static final String dc = ",dc=";
    private static final String dflt_filter = "(objectclass=*)";
    private static final String filter_prefix = "uid=";
    private static final String ANONAPPKEY_KW = "DefaultAppKey=";
    private static final String admin = "cn=Admin";
    private static final String[] attr_query = {"uid", "description", null};
    private static final AuthenticatedSubject KERNELID = (AuthenticatedSubject) AccessController.doPrivileged(PrivilegedActions.getKernelIdentityAction());
    private String uid_key = "TUXEDO_UID=";
    private String gid_key = "TUXEDO_GID=";
    private String anon_user = null;
    private DefaultUserRec anonUserRec = null;
    private boolean _cached = false;

    @Override // com.bea.core.jatmi.intf.TCAppKey
    public void init(String str, boolean z, int i) throws TPException {
        boolean isTraceEnabled = ntrace.isTraceEnabled(4);
        if (isTraceEnabled) {
            ntrace.doTrace("[/ldapAppKey/init(param " + str + ", anonAllowed " + z + ", dfltAppKey " + i + ")");
        }
        if (str != null) {
            parseParam(str);
        }
        do_init();
        this.dfltAppKey = i;
        this.allowAnon = z;
        if (this.allowAnon) {
            this.anonUserRec = new DefaultUserRec(this.anon_user, this.dfltAppKey);
        }
        if (isTraceEnabled) {
            ntrace.doTrace("]/ldapAppKey/init(10) return");
        }
    }

    private void do_init() throws TPException {
        boolean isTraceEnabled = ntrace.isTraceEnabled(4);
        if (isTraceEnabled) {
            ntrace.doTrace("[/ldapAppKey/do_init()");
        }
        this.realm = SecurityServiceManager.getDefaultRealmName();
        this.domain = EmbeddedLDAP.getEmbeddedLDAPDomain();
        this.passwd = EmbeddedLDAP.getEmbeddedLDAPCredential(KERNELID);
        this.host = EmbeddedLDAP.getEmbeddedLDAPHost();
        this.port = EmbeddedLDAP.getEmbeddedLDAPPort();
        if (ntrace.getTraceLevel() == 1000373) {
            ntrace.doTrace("domain=" + this.domain + ", realm=" + this.realm + ", host=" + this.host + ", port=" + this.port);
        }
        this.base = new StringBuffer(base_prefix).append(ou).append(this.realm).append(dc).append(this.domain).toString();
        if (isTraceEnabled) {
            ntrace.doTrace("search base: " + this.base);
        }
        try {
            try {
                this.ld = new LDAPConnection();
                this.ld.connect(3, this.host, this.port, "cn=Admin", this.passwd);
                if (this.passwd != null) {
                    this.passwd = null;
                }
                this.anon_user = WLSPrincipals.getAnonymousUsername();
                if (isTraceEnabled) {
                    ntrace.doTrace("]/ldapAppKey/do_init(20) return");
                }
            } catch (LDAPException e) {
                this.ld = null;
                if (isTraceEnabled) {
                    ntrace.doTrace("*]/ldapAppKey/do_init(10) return TPESYSTEM");
                }
                throw new TPException(12, "Failed to create LDAP connection object");
            }
        } catch (Throwable th) {
            if (this.passwd != null) {
                this.passwd = null;
            }
            throw th;
        }
    }

    @Override // com.bea.core.jatmi.intf.TCAppKey
    public void uninit() throws TPException {
        boolean isTraceEnabled = ntrace.isTraceEnabled(4);
        if (isTraceEnabled) {
            ntrace.doTrace("[/ldapAppKey/uninit()");
        }
        if (this.ld != null) {
            try {
                this.ld.disconnect();
            } catch (LDAPException e) {
                if (isTraceEnabled) {
                    ntrace.doTrace("*]/ldapAppKey/uninit(10) return TPESYSTEM");
                }
                throw new TPException(12, "Failed to close LDAP connection");
            }
        }
        if (isTraceEnabled) {
            ntrace.doTrace("]/ldapAppKey/uninit(20) return");
        }
    }

    @Override // com.bea.core.jatmi.intf.TCAppKey
    public UserRec getTuxedoUserRecord(TCAuthenticatedUser tCAuthenticatedUser) {
        boolean isTraceEnabled = ntrace.isTraceEnabled(4);
        if (isTraceEnabled) {
            ntrace.doTrace("[/ldapAppKey/getTuxedoUserRecord(subj " + tCAuthenticatedUser + ")");
        }
        Object[] principals = tCAuthenticatedUser.getPrincipals();
        if (principals == null || principals.length == 0) {
            if (this.allowAnon) {
                if (isTraceEnabled) {
                    ntrace.doTrace("]/ldapAppKey/getTuxedoUserRecord(10) return anonymous user: " + this.anonUserRec);
                }
                return this.anonUserRec;
            }
            if (!isTraceEnabled) {
                return null;
            }
            ntrace.doTrace("]/ldapAppKey/uninit(20) return null");
            return null;
        }
        for (Object obj : principals) {
            String name = ((Principal) obj).getName();
            if (name.equals(this.anon_user)) {
                if (isTraceEnabled) {
                    ntrace.doTrace("]/ldapAppKey/getTuxedoUserRecord(30) return anonymous user: " + this.anonUserRec);
                }
                return this.anonUserRec;
            }
            UserRec userRec = getUserRec(name);
            if (userRec != null) {
                if (isTraceEnabled) {
                    ntrace.doTrace("]/ldapAppKey/getTuxedoUserRecord(40) return user: " + userRec);
                }
                return userRec;
            }
        }
        if (!isTraceEnabled) {
            return null;
        }
        ntrace.doTrace("]/ldapAppKey/getTuxedoUserRecord(50) return null");
        return null;
    }

    private void parseParam(String str) {
        boolean isTraceEnabled = ntrace.isTraceEnabled(4);
        if (isTraceEnabled) {
            ntrace.doTrace("[/ldapAppKey/parseParam(param " + str + ")");
        }
        String trim = str.trim();
        int indexOf = trim.indexOf(32);
        if (indexOf != -1) {
            StringBuffer stringBuffer = new StringBuffer(trim.substring(0, indexOf));
            stringBuffer.append('=');
            this.uid_key = new String(stringBuffer);
            String trim2 = trim.substring(indexOf + 1).trim();
            int indexOf2 = trim2.indexOf(32);
            if (indexOf2 != -1) {
                trim = trim2.substring(0, indexOf2);
            } else if (trim2.length() != 0) {
                trim = trim2;
            }
            StringBuffer stringBuffer2 = new StringBuffer(trim);
            stringBuffer2.append('=');
            this.gid_key = new String(stringBuffer2);
        } else if (trim.length() != 0) {
            StringBuffer stringBuffer3 = new StringBuffer(trim);
            stringBuffer3.append('=');
            this.uid_key = new String(stringBuffer3);
        }
        if (isTraceEnabled) {
            ntrace.doTrace("/ldapAppKey/parseParam/(uid_key " + this.uid_key + ", gid_key " + this.gid_key);
            ntrace.doTrace("]/ldapAppKey/parseParam(10) return");
        }
    }

    /* JADX WARN: Removed duplicated region for block: B:49:0x01c3 A[Catch: NumberFormatException -> 0x01dc, LDAPException -> 0x0312, TryCatch #4 {NumberFormatException -> 0x01dc, blocks: (B:47:0x01aa, B:49:0x01c3), top: B:46:0x01aa, outer: #1 }] */
    /* JADX WARN: Removed duplicated region for block: B:53:0x0206 A[Catch: LDAPException -> 0x0312, TryCatch #1 {LDAPException -> 0x0312, blocks: (B:11:0x0067, B:12:0x007b, B:14:0x0083, B:16:0x0095, B:17:0x00af, B:18:0x00b9, B:20:0x00c3, B:22:0x00db, B:23:0x00f2, B:25:0x00fe, B:27:0x0108, B:29:0x011c, B:30:0x0121, B:34:0x012b, B:36:0x013b, B:38:0x0158, B:39:0x016f, B:41:0x017d, B:43:0x018b, B:47:0x01aa, B:49:0x01c3, B:51:0x01f6, B:53:0x0206, B:55:0x0223, B:56:0x023a, B:58:0x0248, B:60:0x0256, B:64:0x0274, B:66:0x028d, B:70:0x02c0, B:72:0x02d8, B:73:0x02f8, B:80:0x02ad, B:83:0x0264, B:84:0x0231, B:88:0x02b9, B:95:0x01e3, B:98:0x0199, B:99:0x0166, B:103:0x01ef, B:107:0x0306), top: B:10:0x0067, inners: #0, #4 }] */
    /* JADX WARN: Removed duplicated region for block: B:66:0x028d A[Catch: NumberFormatException -> 0x02a6, LDAPException -> 0x0312, TryCatch #0 {NumberFormatException -> 0x02a6, blocks: (B:64:0x0274, B:66:0x028d), top: B:63:0x0274, outer: #1 }] */
    /* JADX WARN: Removed duplicated region for block: B:72:0x02d8 A[Catch: LDAPException -> 0x0312, TryCatch #1 {LDAPException -> 0x0312, blocks: (B:11:0x0067, B:12:0x007b, B:14:0x0083, B:16:0x0095, B:17:0x00af, B:18:0x00b9, B:20:0x00c3, B:22:0x00db, B:23:0x00f2, B:25:0x00fe, B:27:0x0108, B:29:0x011c, B:30:0x0121, B:34:0x012b, B:36:0x013b, B:38:0x0158, B:39:0x016f, B:41:0x017d, B:43:0x018b, B:47:0x01aa, B:49:0x01c3, B:51:0x01f6, B:53:0x0206, B:55:0x0223, B:56:0x023a, B:58:0x0248, B:60:0x0256, B:64:0x0274, B:66:0x028d, B:70:0x02c0, B:72:0x02d8, B:73:0x02f8, B:80:0x02ad, B:83:0x0264, B:84:0x0231, B:88:0x02b9, B:95:0x01e3, B:98:0x0199, B:99:0x0166, B:103:0x01ef, B:107:0x0306), top: B:10:0x0067, inners: #0, #4 }] */
    /* JADX WARN: Removed duplicated region for block: B:76:0x02a3 A[SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:85:0x02b4 A[SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private weblogic.wtc.jatmi.UserRec getUserRec(java.lang.String r8) {
        /*
            Method dump skipped, instructions count: 834
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: weblogic.wtc.wls.ldapAppKey.getUserRec(java.lang.String):weblogic.wtc.jatmi.UserRec");
    }

    @Override // com.bea.core.jatmi.intf.TCAppKey
    public void doCache(boolean z) {
        this._cached = z;
    }

    @Override // com.bea.core.jatmi.intf.TCAppKey
    public boolean isCached() {
        return this._cached;
    }
}
