package oracle.security.idm.providers.wlsldap;

import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.naming.Name;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.naming.ldap.LdapContext;
import oracle.security.idm.IMException;
import oracle.security.idm.ObjectNotFoundException;
import oracle.security.idm.OperationFailureException;
import oracle.security.idm.Property;
import oracle.security.idm.providers.stdldap.util.IDMUtils;
import oracle.security.idm.providers.stdldap.util.IdentitySearchResponse;
import oracle.security.idm.providers.stdldap.util.LDAPIdentity;
import oracle.security.idm.providers.stdldap.util.LDAPPropertySet;
import oracle.security.idm.providers.stdldap.util.LDAPRealm;
import oracle.security.idm.providers.stdldap.util.LDAPRole;
import oracle.security.idm.providers.stdldap.util.LDAPUser;

/* loaded from: input_file:oracle/security/idm/providers/wlsldap/OwnersSearchResponse.class */
public class OwnersSearchResponse implements IdentitySearchResponse {
    String base;
    String member_filter;
    int member_filter_len;
    SearchControls searchctrls;
    Attribute memberProp;
    LDAPRealm realm;
    int curIdx;
    int memberPropIdx;
    int memberPropSize;
    boolean nested;
    private boolean listDirectMembers;
    HashSet<Name> processedDN;
    ArrayList<Name> dnlist;
    LDAPIdentity nextIdentity;
    String[] relations;
    String[] nestedMemberAttrs;
    boolean hasNextInvoked;
    boolean hasNextStatus;
    private GranteesSearchResponse granteesSrchResponse;
    private Logger logr;
    private static String classname = "oracle.security.idm.providers.wlsldap.OwnersSearchResponse";

    public OwnersSearchResponse(LdapContext ldapContext, LDAPRealm lDAPRealm, String str, String str2, boolean z, String[] strArr, Logger logger) throws IMException {
        this.base = null;
        this.member_filter = null;
        this.member_filter_len = 0;
        this.searchctrls = null;
        this.memberProp = null;
        this.realm = null;
        this.curIdx = 0;
        this.memberPropIdx = 0;
        this.memberPropSize = 0;
        this.nested = false;
        this.listDirectMembers = false;
        this.processedDN = new HashSet<>();
        this.dnlist = new ArrayList<>();
        this.nextIdentity = null;
        this.relations = null;
        this.nestedMemberAttrs = null;
        this.hasNextInvoked = false;
        this.hasNextStatus = false;
        this.granteesSrchResponse = null;
        this.logr = null;
        if (str == null) {
            throw new OperationFailureException("Search Failed: Null Role.");
        }
        if (strArr == null) {
            throw new OperationFailureException("Search Failed: Empty relation set.");
        }
        this.realm = lDAPRealm;
        this.nested = z;
        this.member_filter = str2;
        this.relations = strArr;
        this.member_filter_len = str2 != null ? str2.length() : 0;
        this.logr = logger;
        logger.logp(Level.FINEST, classname, "OwnersSearchResponse()", "First Search for role's direct relatives");
        try {
            if (getDirectRelatives(ldapContext, ldapContext.getNameParser("").parse(str), strArr)) {
            } else {
                throw new ObjectNotFoundException("No Relations Found");
            }
        } catch (NamingException e) {
            HashMap hashMap = new HashMap();
            hashMap.put("NamingException", "Invalid DN supplied.");
            LDAPRealm.throwException(e, classname, "OwnersSearchResponse(LdapContext ctx, realm, roleDN, member_filter, nested, relations, logr)", hashMap, logger);
        }
    }

    public OwnersSearchResponse(LdapContext ldapContext, LDAPRealm lDAPRealm, String str, String str2, boolean z, String[] strArr, String[] strArr2, Logger logger) throws IMException {
        this(ldapContext, lDAPRealm, str, str2, z, strArr, logger);
        this.nestedMemberAttrs = strArr2;
    }

    @Override // oracle.security.idm.providers.stdldap.util.IdentitySearchResponse
    public int getResultSize(LdapContext ldapContext) throws IMException {
        return -1;
    }

    @Override // oracle.security.idm.providers.stdldap.util.IdentitySearchResponse
    public boolean hasNext(LdapContext ldapContext) throws IMException {
        if (this.hasNextInvoked) {
            return this.hasNextStatus;
        }
        this.hasNextInvoked = true;
        this.hasNextStatus = hasMoreIdentities(ldapContext);
        if (this.hasNextStatus) {
            LDAPIdentity fetchNextIdentity = fetchNextIdentity(ldapContext);
            this.nextIdentity = fetchNextIdentity;
            if (fetchNextIdentity == null) {
                this.hasNextStatus = false;
            }
        }
        if (this.hasNextStatus) {
            this.logr.logp(Level.FINEST, classname, "hasNext()", "Next result available");
        } else {
            this.logr.logp(Level.FINEST, classname, "hasNext()", "Response completed !!. All members obtained.");
        }
        return this.hasNextStatus;
    }

    private boolean hasMoreIdentities(LdapContext ldapContext) throws IMException {
        boolean z = this.memberPropIdx < this.memberPropSize;
        if (z) {
            this.listDirectMembers = true;
        } else if (this.nested) {
            this.listDirectMembers = false;
            this.memberProp = null;
            this.memberPropIdx = 0;
            this.memberPropSize = 0;
            if (this.granteesSrchResponse != null) {
                z = this.granteesSrchResponse.hasNext(ldapContext);
                if (z) {
                    return z;
                }
                close();
            }
            int size = this.dnlist.size();
            while (this.curIdx < size && !z) {
                ArrayList<Name> arrayList = this.dnlist;
                int i = this.curIdx;
                this.curIdx = i + 1;
                Name name = arrayList.get(i);
                this.logr.logp(Level.FINEST, classname, "hasMoreIdentities()", "Nested members: Getting further role members indirectly for : " + name);
                try {
                    this.granteesSrchResponse = new GranteesSearchResponse(ldapContext, this.realm, "" + name, this.member_filter, this.nested, this.nestedMemberAttrs, this.logr);
                    z = this.granteesSrchResponse.hasNext(ldapContext);
                } catch (IMException e) {
                    this.logr.logp(Level.FINEST, classname, "hasMoreIdentities()", "Exception occured in fetching the members for the role: " + name + "\t" + e.getMessage());
                }
                if (z) {
                    this.logr.logp(Level.FINEST, classname, "hasMoreIdentities()", "search status: Given DN's has members: " + name);
                    this.logr.logp(Level.FINEST, classname, "hasMoreIdentities()", "search status: Given DN " + (z ? " has members" : " has no members"));
                    return z;
                }
                this.logr.logp(Level.FINEST, classname, "hasMoreIdentities()", "search status: Given DN's has NO members : " + name);
            }
        }
        return z;
    }

    @Override // oracle.security.idm.providers.stdldap.util.IdentitySearchResponse
    public LDAPIdentity next(LdapContext ldapContext) throws IMException {
        if (!this.hasNextInvoked) {
            hasNext(ldapContext);
        }
        if (this.hasNextStatus) {
            this.hasNextInvoked = false;
            return this.nextIdentity;
        }
        this.logr.logp(Level.FINEST, classname, "next()", "No results left !!");
        throw new OperationFailureException("No such element");
    }

    private LDAPIdentity fetchNextIdentity(LdapContext ldapContext) throws IMException {
        String str;
        Name parse;
        String str2;
        LDAPIdentity lDAPIdentity = null;
        while (hasMoreIdentities(ldapContext)) {
            if (this.listDirectMembers) {
                try {
                    Attribute attribute = this.memberProp;
                    int i = this.memberPropIdx;
                    this.memberPropIdx = i + 1;
                    str = (String) attribute.get(i);
                    parse = ldapContext.getNameParser("").parse(str);
                } catch (NamingException e) {
                    LDAPRealm.throwException(e, classname, "fetchNextIdentity(LdapContext ctx)", null, this.logr);
                }
                if (this.nested) {
                    this.logr.logp(Level.FINEST, classname, "fetchNextIdentity()", "Nested members: Checking for duplicates: whether this DN's direct members have already been searched/scheduled for search: " + str);
                    if (this.processedDN.add(parse)) {
                        this.logr.logp(Level.FINEST, classname, "fetchNextIdentity()", "Adding to queue in order to search for direct members : " + parse);
                        this.dnlist.add(parse);
                    } else {
                        this.logr.logp(Level.FINEST, classname, "fetchNextIdentity()", "Duplicate DN");
                    }
                }
                String[] minimumAttrSet = this.realm.getConfig().getMinimumAttrSet();
                SearchControls searchControls = new SearchControls();
                searchControls.setReturningAttributes(minimumAttrSet);
                searchControls.setSearchScope(0);
                str2 = "(objectclass=*)";
                str2 = this.member_filter_len > 0 ? "(&" + str2 + this.member_filter + ")" : "(objectclass=*)";
                this.logr.logp(Level.FINE, classname, "fetchNextIdentity()", "Search to construct user/role instance: " + System.getProperty("line.separator") + "basedn: " + parse + "\tSearchScope: base level\tSearchFilter: " + str2);
                NamingEnumeration search = ldapContext.search(parse, str2, searchControls);
                if (search.hasMore()) {
                    SearchResult searchResult = (SearchResult) search.next();
                    search.close();
                    lDAPIdentity = determineIdentity(ldapContext, searchResult, searchResult.getNameInNamespace());
                    if (lDAPIdentity != null) {
                        break;
                    }
                }
            } else if (this.granteesSrchResponse != null && this.granteesSrchResponse.hasNext(ldapContext)) {
                try {
                    lDAPIdentity = this.granteesSrchResponse.next(ldapContext);
                    if (this.processedDN.add(ldapContext.getNameParser("").parse(lDAPIdentity.getDN()))) {
                        this.logr.logp(Level.FINEST, classname, "fetchNextIdentity()", "Not a Duplicate DN");
                        break;
                    }
                    this.logr.logp(Level.FINEST, classname, "fetchNextIdentity()", "Duplicate DN !!!");
                } catch (NamingException e2) {
                    LDAPRealm.throwException(e2, classname, "fetchNextIdentity(LdapContext ctx)", null, this.logr);
                }
            }
        }
        return lDAPIdentity;
    }

    private LDAPIdentity determineIdentity(LdapContext ldapContext, SearchResult searchResult, String str) throws IMException {
        LDAPIdentity lDAPIdentity = null;
        int length = this.realm.getConfig().fetchUserFullAttrSet().length;
        int length2 = this.realm.getConfig().fetchRoleFullAttrSet().length;
        LDAPPropertySet lDAPPropertySet = new LDAPPropertySet(str, searchResult, this.logr, this.realm.getConfig().getMinimumAttrSet(), length >= length2 ? length : length2);
        Property property = lDAPPropertySet.getProperty(ldapContext, "objectclass");
        if (property != null) {
            if (IDMUtils.compare(this.realm.getConfig().getFilterRoleObjectClasses(), property, false)) {
                lDAPIdentity = new LDAPRole(str, this.realm, lDAPPropertySet);
            } else if (IDMUtils.compare(this.realm.getConfig().getFilterUserObjectClasses(), property, true)) {
                lDAPIdentity = new LDAPUser(str, this.realm, lDAPPropertySet);
            }
        }
        return lDAPIdentity;
    }

    private boolean getDirectRelatives(LdapContext ldapContext, Name name, String[] strArr) throws IMException {
        boolean z = false;
        try {
            SearchControls searchControls = new SearchControls();
            searchControls.setReturningAttributes(strArr);
            searchControls.setSearchScope(0);
            this.logr.logp(Level.FINE, classname, "getDirectRelatives()", "Search to get relatives: " + System.getProperty("line.separator") + "basedn: " + name + "\tSearchScope: base level\tSearchFilter: (objectclass=*)");
            NamingEnumeration search = ldapContext.search(name, "(objectclass=*)", searchControls);
            if (search.hasMore()) {
                Attributes attributes = ((SearchResult) search.next()).getAttributes();
                for (String str : strArr) {
                    this.memberProp = attributes.get(str);
                    if (this.memberProp != null) {
                        break;
                    }
                }
                if (this.memberProp != null) {
                    this.memberPropSize = this.memberProp.size();
                    z = true;
                }
                search.close();
            }
        } catch (NamingException e) {
            LDAPRealm.throwException(e, classname, "getDirectRelatives(LdapContext ctx,String[] memberAttrs)", null, this.logr);
        }
        return z;
    }

    @Override // oracle.security.idm.providers.stdldap.util.IdentitySearchResponse
    public void close() throws IMException {
        try {
            if (this.granteesSrchResponse != null) {
                this.granteesSrchResponse.close();
                this.granteesSrchResponse = null;
            }
        } catch (IMException e) {
            LDAPRealm.throwException(e, classname, "close()", null, this.logr);
        }
    }
}
