package oracle.security.idm.providers.stdldap.util;

import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.logging.Level;
import javax.naming.Name;
import javax.naming.NameNotFoundException;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.naming.ldap.LdapContext;
import oracle.security.idm.IMException;
import oracle.security.idm.ObjectNotFoundException;
import oracle.security.idm.OperationFailureException;
import oracle.security.idm.Property;

/* loaded from: input_file:oracle/security/idm/providers/stdldap/util/IdentityRelationsSearchResponse.class */
public class IdentityRelationsSearchResponse implements IdentitySearchResponse {
    String base;
    String filter;
    String member_filter;
    int member_filter_len;
    byte[] cookie;
    SearchControls searchctrls;
    int pagesize;
    int resultSize;
    Attribute memberProp;
    LDAPRealm realm;
    String curfilter;
    int numsubfilters;
    int curIdx;
    int memberPropIdx;
    int memberPropSize;
    boolean nested;
    HashSet processedDN;
    ArrayList dnlist;
    LDAPIdentity nextIdentity;
    String[] relations;
    String[] nestedRelations;
    boolean hasNextInvoked;
    boolean hasNextStatus;
    public static int TYPE_ROLE = 1;
    public static int TYPE_USER = 2;
    private static String classname = "oracle.security.idm.providers.stdldap.util.IdentityRelationsSearchResponse";

    public IdentityRelationsSearchResponse(LdapContext ldapContext, LDAPRealm lDAPRealm, String str, String str2, boolean z, String[] strArr) throws IMException {
        this.base = null;
        this.filter = null;
        this.member_filter = null;
        this.member_filter_len = 0;
        this.cookie = null;
        this.searchctrls = null;
        this.pagesize = 0;
        this.resultSize = 0;
        this.memberProp = null;
        this.realm = null;
        this.curfilter = "";
        this.numsubfilters = 0;
        this.curIdx = 0;
        this.memberPropIdx = 0;
        this.memberPropSize = 0;
        this.nested = false;
        this.processedDN = new HashSet();
        this.dnlist = new ArrayList();
        this.nextIdentity = null;
        this.relations = null;
        this.nestedRelations = null;
        this.hasNextInvoked = false;
        this.hasNextStatus = false;
        if (str == null) {
            throw new OperationFailureException("Search Failed: Null Role.");
        }
        if (strArr == null) {
            throw new OperationFailureException("Search Failed: Empty relation set.");
        }
        this.realm = lDAPRealm;
        this.nested = z;
        this.member_filter = str2;
        this.relations = strArr;
        this.nestedRelations = strArr;
        this.member_filter_len = str2 != null ? str2.length() : 0;
        lDAPRealm.logr.logp(Level.FINEST, classname, "IdentityRelationsSearchResponse()", "First Search for role's direct relatives");
        try {
            getDirectRelatives(ldapContext, ldapContext.getNameParser("").parse(str), strArr);
            if (hasNext(ldapContext)) {
            } else {
                throw new ObjectNotFoundException("No Relations Found");
            }
        } catch (NamingException e) {
            HashMap hashMap = new HashMap();
            hashMap.put("NamingException", "Invalid DN supplied.");
            LDAPRealm.throwException(e, classname, "IdentityRelationsSearchResponse(LdapContext ctx,realm,roleDN,member_filter,nested,relations)", hashMap, lDAPRealm.logr);
        }
    }

    public IdentityRelationsSearchResponse(LdapContext ldapContext, LDAPRealm lDAPRealm, String str, String str2, boolean z, String[] strArr, String[] strArr2) throws IMException {
        this(ldapContext, lDAPRealm, str, str2, z, strArr);
        this.nestedRelations = strArr2;
    }

    @Override // oracle.security.idm.providers.stdldap.util.IdentitySearchResponse
    public int getResultSize(LdapContext ldapContext) throws IMException {
        return -1;
    }

    @Override // oracle.security.idm.providers.stdldap.util.IdentitySearchResponse
    public boolean hasNext(LdapContext ldapContext) throws IMException {
        if (this.hasNextInvoked) {
            return this.hasNextStatus;
        }
        this.hasNextInvoked = true;
        this.hasNextStatus = hasMoreIdentities(ldapContext);
        if (this.hasNextStatus) {
            LDAPIdentity fetchNextIdentity = fetchNextIdentity(ldapContext);
            this.nextIdentity = fetchNextIdentity;
            if (fetchNextIdentity == null) {
                this.hasNextStatus = false;
            }
        }
        if (this.hasNextStatus) {
            this.realm.logr.logp(Level.FINEST, classname, "hasNext()", "Next result available");
        } else {
            this.realm.logr.logp(Level.FINEST, classname, "hasNext()", "Response completed !!. All members obtained.");
        }
        return this.hasNextStatus;
    }

    private boolean hasMoreIdentities(LdapContext ldapContext) throws IMException {
        boolean z = this.memberPropIdx < this.memberPropSize;
        if (this.nested && !z) {
            this.memberProp = null;
            this.memberPropIdx = 0;
            this.memberPropSize = 0;
            int size = this.dnlist.size();
            while (this.curIdx < size && !z) {
                ArrayList arrayList = this.dnlist;
                int i = this.curIdx;
                this.curIdx = i + 1;
                Name name = (Name) arrayList.get(i);
                this.realm.logr.logp(Level.FINEST, classname, "hasMoreIdentities()", "Nested members: Current search over. Getting further role members indirectly.");
                z = getDirectRelatives(ldapContext, name, this.nestedRelations);
                this.realm.logr.logp(Level.FINEST, classname, "hasMoreIdentities()", "search status: Given DN " + (z ? "has relations" : "has no relations"));
            }
        }
        return z;
    }

    @Override // oracle.security.idm.providers.stdldap.util.IdentitySearchResponse
    public LDAPIdentity next(LdapContext ldapContext) throws IMException {
        if (!this.hasNextInvoked) {
            hasNext(ldapContext);
        }
        if (this.hasNextStatus) {
            this.hasNextInvoked = false;
            return this.nextIdentity;
        }
        this.realm.logr.logp(Level.FINEST, classname, "next()", "No results left !!");
        throw new OperationFailureException("No such element");
    }

    private LDAPIdentity fetchNextIdentity(LdapContext ldapContext) throws IMException {
        String str;
        LDAPIdentity lDAPIdentity = null;
        String str2 = null;
        Name name = null;
        while (true) {
            if (!hasMoreIdentities(ldapContext)) {
                break;
            }
            try {
                Attribute attribute = this.memberProp;
                int i = this.memberPropIdx;
                this.memberPropIdx = i + 1;
                str2 = (String) attribute.get(i);
                name = ldapContext.getNameParser("").parse(str2);
            } catch (NamingException e) {
                LDAPRealm lDAPRealm = this.realm;
                LDAPRealm.throwException(e, classname, "fetchNextIdentity(LdapContext ctx)", null, this.realm.logr);
            } catch (NameNotFoundException e2) {
                this.realm.logr.logp(Level.FINE, classname, "fetchNextIdentity()", "Grantee " + str2 + " is not present in the IDStore");
                this.dnlist.remove(name);
            }
            if (this.nested) {
                this.realm.logr.logp(Level.FINEST, classname, "fetchNextIdentity()", "Nested members: Checking for duplicates: whether this DN's direct members have already been searched/scheduled for search: " + str2);
                if (this.processedDN.add(name)) {
                    this.realm.logr.logp(Level.FINEST, classname, "fetchNextIdentity()", "Adding to queue in order to search for direct members");
                    this.dnlist.add(name);
                } else {
                    this.realm.logr.logp(Level.FINEST, classname, "fetchNextIdentity()", "Duplicate DN");
                }
            }
            String[] minimumAttrSet = this.realm.ldapConfig.getMinimumAttrSet();
            SearchControls searchControls = new SearchControls();
            searchControls.setReturningAttributes(minimumAttrSet);
            searchControls.setSearchScope(0);
            str = "(objectclass=*)";
            str = this.member_filter_len > 0 ? "(&" + str + this.member_filter + ")" : "(objectclass=*)";
            this.realm.logr.logp(Level.FINE, classname, "fetchNextIdentity()", "Search to construct user/role instance: " + System.getProperty("line.separator") + "basedn: " + name + "\tSearchScope: base level\tSearchFilter: " + str);
            NamingEnumeration search = ldapContext.search(name, str, searchControls);
            if (search.hasMore()) {
                SearchResult searchResult = (SearchResult) search.next();
                search.close();
                int length = this.realm.ldapConfig.fetchUserFullAttrSet().length;
                int length2 = this.realm.ldapConfig.fetchRoleFullAttrSet().length;
                int i2 = length >= length2 ? length : length2;
                String nameInNamespace = searchResult.getNameInNamespace();
                LDAPPropertySet lDAPPropertySet = new LDAPPropertySet(nameInNamespace, searchResult, this.realm.logr, this.realm.ldapConfig.getMinimumAttrSet(), i2);
                Property property = lDAPPropertySet.getProperty(ldapContext, "objectclass");
                if (property == null) {
                    break;
                }
                if (IDMUtils.compare(this.realm.ldapConfig.getFilterRoleObjectClasses(), property, false)) {
                    lDAPIdentity = new LDAPRole(nameInNamespace, this.realm, lDAPPropertySet);
                    break;
                }
                if (IDMUtils.compare(this.realm.ldapConfig.getFilterUserObjectClasses(), property, true)) {
                    lDAPIdentity = new LDAPUser(nameInNamespace, this.realm, lDAPPropertySet);
                    break;
                }
            }
        }
        return lDAPIdentity;
    }

    private boolean getDirectRelatives(LdapContext ldapContext, Name name, String[] strArr) throws IMException {
        boolean z = false;
        try {
            SearchControls searchControls = new SearchControls();
            searchControls.setReturningAttributes(strArr);
            searchControls.setSearchScope(0);
            this.realm.logr.logp(Level.FINE, classname, "getDirectRelatives()", "Search to get relatives: " + System.getProperty("line.separator") + "basedn: " + name + "\tSearchScope: base level\tSearchFilter: (objectclass=*)");
            NamingEnumeration search = ldapContext.search(name, "(objectclass=*)", searchControls);
            if (search.hasMore()) {
                Attributes attributes = ((SearchResult) search.next()).getAttributes();
                for (String str : strArr) {
                    this.memberProp = attributes.get(str);
                    if (this.memberProp != null) {
                        break;
                    }
                }
                if (this.memberProp != null) {
                    this.memberPropSize = this.memberProp.size();
                    z = true;
                }
                search.close();
            }
        } catch (NamingException e) {
            LDAPRealm lDAPRealm = this.realm;
            LDAPRealm.throwException(e, classname, "getDirectRelatives(LdapContext ctx,String[] memberAttrs)", null, this.realm.logr);
        }
        return z;
    }

    @Override // oracle.security.idm.providers.stdldap.util.IdentitySearchResponse
    public void close() throws IMException {
    }
}
