package oracle.security.idm.providers.stdldap;

import java.lang.reflect.InvocationTargetException;
import java.util.HashSet;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.naming.ldap.Control;
import javax.naming.ldap.InitialLdapContext;
import javax.naming.ldap.LdapContext;
import oracle.dms.context.ExecutionContext;
import oracle.ldap.util.controls.ExecContextRequestControl;
import oracle.security.idm.ConfigurationException;
import oracle.security.idm.IMException;
import oracle.security.idm.IdentityStoreFactory;
import oracle.security.idm.OperationFailureException;
import oracle.security.idm.providers.stdldap.util.LDAPObjectAttributes;
import oracle.security.idm.spi.AbstractIdentityStoreFactory;

/* loaded from: input_file:oracle/security/idm/providers/stdldap/LDIdentityStoreFactory.class */
public abstract class LDIdentityStoreFactory extends AbstractIdentityStoreFactory {
    public static final String RT_USER_OBJECT_CLASSES = "USER_OBJECT_CLASSES";
    public static final String RT_USER_MANDATORY_ATTRS = "USER_MANDATORY_ATTRS";
    public static final String RT_USER_CREATE_BASES = "USER_CREATE_BASES";
    public static final String RT_USER_SEARCH_BASES = "USER_SEARCH_BASES";
    public static final String RT_USER_FILTER_OBJECT_CLASSES = "USER_FILTER_OBJECT_CLASSES";
    public static final String RT_USER_SELECTED_CREATE_BASE = "USER_SELECTED_CREATE_BASE";
    public static final String RT_USER_SELECTED_CREATEBASE = "USER_SELECTED_CREATE_BASE";
    public static final String RT_GROUP_OBJECT_CLASSES = "ROLE_OBJECT_CLASSES";
    public static final String RT_GROUP_MANDATORY_ATTRS = "ROLE_MANDATORY_ATTRS";
    public static final String RT_GROUP_CREATE_BASES = "ROLE_CREATE_BASES";
    public static final String RT_GROUP_SEARCH_BASES = "ROLE_SEARCH_BASES";
    public static final String RT_GROUP_FILTER_OBJECT_CLASSES = "ROLE_FILTER_OBJECT_CLASSES";
    public static final String RT_GROUP_MEMBER_ATTRS = "ROLE_MEMBER_ATTRS";
    public static final String RT_USER_GROUP_MEMBER_ATTRS = "USER_GROUP_MEMBER_ATTRS";
    public static final String RT_GROUP_SELECTED_CREATE_BASE = "ROLE_SELECTED_CREATEBASE";
    public static final String RT_GROUP_SELECTED_CREATEBASE = "ROLE_SELECTED_CREATEBASE";
    public static final String RT_GROUP_GENERIC_SEARCH_BASE = "ROLE_GENERIC_SEARCH_BASE";
    public static final String RT_SEARCH_TYPE = "IDENTITY_SEARCH_TYPE";
    public static final String ST_SUBSCRIBER_NAME = "ADF_IM_SUBSCRIBER_NAME";
    public static final String ST_PROXY_PRINCIPAL = "PROXY_PRINCIPAL";
    public static final String ST_SECURITY_PRINCIPAL = "ADF_IM_SECURITY_PRINCIPAL";
    public static final String ST_SECURITY_CREDENTIALS = "ADF_IM_SECURITY_CREDENTIALS";
    public static final String ST_LDAP_URL = "ADF_IM_PROVIDER_URL";
    public static final String ST_USER_NAME_ATTR = "USER_NAME_ATTR";
    public static final String ST_USER_LOGIN_ATTR = "USER_LOGIN_ATTR";
    public static final String ST_GROUP_NAME_ATTR = "ROLE_NAME_ATTR";
    public static final String ST_MAX_SEARCHFILTER_LENGTH = "MAX_SEARCHFILTER_LENGTH";
    public static final String ST_BINARY_ATTRIBUTES = "BINARY_ATTRIBUTES";
    public static final String ST_LOGGING = "LOGGING";
    public static final String ST_LOG_LEVEL = "LOG_LEVEL";
    public static final String ST_LOGGER_NAME = "LOGGER_NAME";
    public static final String ST_ECID_ENABLED = "ECID_ENABLED";
    public static final String ST_PROPERTY_ATTRIBUTE_MAPPING = "PROPERTY_ATTRIBUTE_MAPPING";
    public static final String ST_DATATYPE_ATTRIBUTE_MAPPING = "DATATYPE_ATTRIBUTE_MAPPING";
    public static final String ST_USE_CONSTANTS = "USE_CONSTANTS";
    public static final String ST_ENABLE_PASSWORD_POLICY = "ENABLE_PASSWORD_POLICY";
    public static final String RT_SUBSCRIBER_NAME = "ADF_IM_SUBSCRIBER_NAME";
    public static final String RT_PROXY_PRINCIPAL = "PROXY_PRINCIPAL";
    public static final int SEARCH_TYPE_SIMPLE = 1;
    public static final int SEARCH_TYPE_PAGED = 2;
    public static final int SEARCH_TYPE_VLV = 3;
    public Logger logr;
    private static HashSet stdBinAttrs;
    private Map startTimeProps;
    private static final int CONN_MIN_TRY_COUNT = 1;
    private static final int CONN_MAX_TRY_COUNT = 4;
    private static final int CONN_MIN_RETRY_INTERVAL = 1;
    private static final int CONN_MAX_RETRY_INTERVAL = 5;
    private static String classname = "oracle.security.idm.providers.stdldap.LDIdentityStoreFactory";
    private static final String[] binAttrNames = {"photo", "personalsignature", "audio", "jpegphoto", "javaserializeddata", "thumbnailphoto", "thumbnaillogo", "userpassword", "usercertificate", "cacertificate", "authorityrevocationlist", "certificaterevocationlist", "crosscertificatepair", "x500UniqueIdentifier", "objectsid"};
    public boolean isECIDEnabled = false;
    protected ConnectionPool pool = null;
    private boolean robustctx = false;
    private Hashtable jndiProps = null;
    private int conn_try_cnt = 0;
    private int conn_retry_interval = 0;
    private String schemaBase = null;
    private Integer supportedPagingType = null;
    private LDAPObjectAttributes objAttr = null;

    @Override // oracle.security.idm.IdentityStoreFactory
    public void close() throws IMException {
        if (this.pool != null) {
            try {
                this.pool.shutDown();
                this.pool = null;
            } catch (Throwable th) {
                throw new IMException(th);
            }
        }
    }

    public Map getStartTimeProperties() {
        return this.startTimeProps;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public LDIdentityStoreFactory(Map map) throws IMException {
        this.logr = null;
        this.startTimeProps = null;
        this.startTimeProps = map;
        String str = (String) map.get(ST_LOGGING);
        Level level = (Level) map.get(ST_LOG_LEVEL);
        String str2 = (String) map.get(ST_LOGGER_NAME);
        if (str2 != null) {
            this.logr = Logger.getLogger(str2);
        } else {
            this.logr = Logger.getLogger("oracle.idm.userroleapi");
        }
        if (level != null) {
            this.logr.setLevel(level);
        }
        if (str == null || Boolean.valueOf(str).booleanValue()) {
            return;
        }
        this.logr.setLevel(Level.OFF);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void setup() throws IMException {
        this.startTimeProps = processStartTimeProps(this.startTimeProps);
        setupConnPool();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Map processStartTimeProps(Map map) throws IMException {
        Hashtable hashtable = map == null ? new Hashtable() : new Hashtable(map);
        Set set = (Set) hashtable.get("BINARY_ATTRIBUTES");
        if (set == null) {
            hashtable.put("BINARY_ATTRIBUTES", new HashSet(stdBinAttrs));
        } else {
            set.addAll(stdBinAttrs);
        }
        return hashtable;
    }

    private void setupConnPool() throws IMException {
        String str;
        String str2 = (String) this.startTimeProps.get("ROBUST_CONNECTION_ENABLE");
        if (str2 != null) {
            this.robustctx = Boolean.parseBoolean(str2);
        }
        if (this.robustctx) {
            String str3 = (String) this.startTimeProps.get("ROBUST_CONNECTION_TRY_COUNT");
            if (str3 != null) {
                try {
                    this.conn_try_cnt = Integer.parseInt(str3);
                } catch (NumberFormatException e) {
                }
            }
            if (this.conn_try_cnt < 1) {
                this.conn_try_cnt = 1;
            }
            if (this.conn_try_cnt > 4) {
                this.conn_try_cnt = 4;
            }
            String str4 = (String) this.startTimeProps.get("ROBUST_CONNECTION_RETRY_INTERVAL");
            if (str4 != null) {
                try {
                    this.conn_retry_interval = Integer.parseInt(str4);
                } catch (NumberFormatException e2) {
                }
            }
            if (this.conn_retry_interval < 1) {
                this.conn_retry_interval = 1;
            }
            if (this.conn_retry_interval > 5) {
                this.conn_retry_interval = 5;
            }
        }
        this.pool = (ConnectionPool) this.startTimeProps.get(IdentityStoreFactory.ST_CONNECTION_POOL);
        if (this.pool != null) {
            this.logr.logp(Level.FINE, classname, "setupConnPool()", "Using supplied Connection Pool");
            this.jndiProps = new Hashtable();
            for (String str5 : this.startTimeProps.keySet()) {
                if (str5.startsWith("java.naming") || str5.startsWith("com.sun.jndi.ldap") || str5.startsWith("javax.net.ssl")) {
                    this.jndiProps.put(str5, this.startTimeProps.get(str5));
                } else if (str5.startsWith("POOL_") && str5.length() > 5) {
                    this.jndiProps.put(str5.substring(5), this.startTimeProps.get(str5));
                }
            }
            String str6 = (String) this.startTimeProps.get("ADF_IM_PROVIDER_URL");
            this.jndiProps.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
            this.jndiProps.put("java.naming.provider.url", str6);
            this.jndiProps.put("java.naming.referral", "follow");
            String str7 = (String) this.jndiProps.get("java.naming.security.protocol");
            if (str7 == null) {
                str7 = "";
            }
            if (!str7.equalsIgnoreCase("SSL")) {
                if ((str6 != null ? str6.trim().toLowerCase() : "").startsWith("ldaps://")) {
                    str7 = "SSL";
                }
            }
            if (!str7.equalsIgnoreCase("SSL") || this.jndiProps.containsKey("java.naming.ldap.factory.socket")) {
                return;
            }
            this.jndiProps.put("java.naming.ldap.factory.socket", "oracle.security.idm.providers.stdldap.LDSSLSocketFactory");
            try {
                LDSSLSocketFactory.init(this.jndiProps);
                return;
            } catch (Exception e3) {
                throw new ConfigurationException(e3);
            }
        }
        this.jndiProps = new Hashtable();
        for (String str8 : this.startTimeProps.keySet()) {
            if (str8.startsWith("java.naming") || str8.startsWith("com.sun.jndi.ldap") || str8.startsWith("javax.net.ssl")) {
                this.jndiProps.put(str8, this.startTimeProps.get(str8));
            } else if (str8.startsWith("POOL_") && str8.length() > 5) {
                this.jndiProps.put(str8.substring(5), this.startTimeProps.get(str8));
            }
        }
        String str9 = (String) this.startTimeProps.get("CONNECTION_POOL_MIN_CONNECTIONS");
        String str10 = (String) this.startTimeProps.get("CONNECTION_POOL_MAX_CONNECTIONS");
        String str11 = (String) this.startTimeProps.get("ADF_IM_PROVIDER_URL");
        String str12 = (String) this.startTimeProps.get("ADF_IM_SECURITY_PRINCIPAL");
        String str13 = (String) this.startTimeProps.get("ADF_IM_SECURITY_CREDENTIALS");
        Iterator it = ((Set) this.startTimeProps.get("BINARY_ATTRIBUTES")).iterator();
        String str14 = "";
        while (true) {
            str = str14;
            if (!it.hasNext()) {
                break;
            } else {
                str14 = str + ((String) it.next()) + " ";
            }
        }
        String str15 = (String) this.startTimeProps.get(IdentityStoreFactory.ST_INITIAL_CONTEXT_FACTORY);
        if (str15 != null) {
            this.jndiProps.put("java.naming.factory.initial", str15);
        } else {
            str15 = "com.sun.jndi.ldap.LdapCtxFactory";
            this.jndiProps.put("java.naming.factory.initial", str15);
        }
        this.logr.logp(Level.FINE, classname, "setupConnPool()", "Using " + str15 + " as Initial Context Factory");
        String str16 = (String) this.startTimeProps.get(IdentityStoreFactory.ST_DISABLE_VALIDATE_CONNECTION);
        if (str16 != null) {
            this.jndiProps.put(IdentityStoreFactory.ST_DISABLE_VALIDATE_CONNECTION, str16);
            this.logr.logp(Level.FINE, classname, "setupConnPool()", "Disabling the Connection Validation is set to : " + str16);
        }
        String str17 = (String) this.startTimeProps.get(IdentityStoreFactory.ST_CONNECTION_POOL_CLASS);
        if (str17 == null) {
            str17 = "oracle.security.idm.providers.stdldap.LDConnectionPool";
        }
        this.logr.logp(Level.FINE, classname, "setupConnPool()", "Using " + str17 + " as Connection Pool Class");
        if (str12 != null) {
            this.jndiProps.put("java.naming.security.principal", str12);
        }
        if (str13 != null) {
            this.jndiProps.put("java.naming.security.credentials", str13);
        }
        if (str11 != null) {
            this.jndiProps.put("java.naming.provider.url", str11);
        }
        this.jndiProps.put("java.naming.referral", "follow");
        this.jndiProps.put("java.naming.ldap.attributes.binary", str);
        this.jndiProps.put("java.naming.factory.control", "oracle.security.idm.providers.stdldap.util.JNDIControlFactory");
        String str18 = (String) this.jndiProps.get("java.naming.security.protocol");
        if (str18 == null) {
            str18 = "";
        }
        if (!str18.equalsIgnoreCase("SSL")) {
            if ((str11 != null ? str11.trim().toLowerCase() : "").startsWith("ldaps://")) {
                str18 = "SSL";
            }
        }
        if (str18.equalsIgnoreCase("SSL") && !this.jndiProps.containsKey("java.naming.ldap.factory.socket")) {
            this.jndiProps.put("java.naming.ldap.factory.socket", "oracle.security.idm.providers.stdldap.LDSSLSocketFactory");
            try {
                LDSSLSocketFactory.init(this.jndiProps);
            } catch (Exception e4) {
                throw new ConfigurationException(e4);
            }
        }
        try {
            this.jndiProps.put(ConnectionPool.LOGGER_OBJECT, this.logr);
            if (str9 != null) {
                this.jndiProps.put("CONNECTION_POOL_MIN_CONNECTIONS", str9);
            }
            if (str10 != null) {
                this.jndiProps.put("CONNECTION_POOL_MAX_CONNECTIONS", str10);
            }
            if (this.isECIDEnabled) {
                this.jndiProps.put(ST_ECID_ENABLED, "true");
            }
            this.pool = createPoolInstance(str17, this.jndiProps);
            String str19 = (String) this.jndiProps.get("com.sun.jndi.ldap.connect.timeout");
            int i = 0;
            if (str19 != null) {
                try {
                    i = Integer.parseInt(str19);
                } catch (Exception e5) {
                }
            }
            new TestConnectionPool(this.jndiProps, i).execute();
            this.logr.logp(Level.FINE, classname, "setupConnPool()", "Connection Pool creation successfull");
        } catch (IMException e6) {
            this.logr.logp(Level.FINE, classname, "setupConnPool()", "Connection Pool creation failed: " + e6.getMessage());
            throw e6;
        } catch (Exception e7) {
            this.logr.logp(Level.FINE, classname, "setupConnPool()", "Connection Pool creation failed: " + e7.getMessage());
            throw new ConfigurationException(e7);
        }
    }

    public ConnectionPool createPoolInstance(String str, Hashtable hashtable) throws IMException {
        if (str == null) {
            throw new ConfigurationException("ConnectionPool provider classname not specified");
        }
        try {
            ClassLoader contextClassLoader = Thread.currentThread().getContextClassLoader();
            return (ConnectionPool) contextClassLoader.loadClass(str).getConstructor(contextClassLoader.loadClass("java.util.Hashtable")).newInstance(hashtable);
        } catch (InvocationTargetException e) {
            Throwable cause = e.getCause();
            if (cause instanceof IMException) {
                throw ((IMException) cause);
            }
            throw new ConfigurationException(cause);
        } catch (Exception e2) {
            throw new ConfigurationException(e2);
        }
    }

    protected void getUserAndControlAttributes() throws IMException {
        LdapContext ldapContext = null;
        SearchControls searchControls = new SearchControls();
        try {
            try {
                try {
                    ldapContext = acquireConnection();
                    searchControls.setSearchScope(0);
                    searchControls.setReturningAttributes(new String[]{"supportedcontrol", "subschemasubentry"});
                    NamingEnumeration search = ldapContext.search("", "objectclass=*", searchControls);
                    Attributes attributes = (search.hasMore() ? (SearchResult) search.next() : null).getAttributes();
                    Attribute attribute = attributes.get("subschemasubentry");
                    if (attribute != null) {
                        this.schemaBase = (String) attribute.get(0);
                    }
                    fetchObjectAttributes();
                    Attribute attribute2 = attributes.get("supportedcontrol");
                    int size = attribute2 != null ? attribute2.size() : 0;
                    boolean z = false;
                    boolean z2 = false;
                    boolean z3 = false;
                    for (int i = 0; i < size; i++) {
                        String str = (String) attribute2.get(i);
                        if ("1.2.840.113556.1.4.473".equalsIgnoreCase(str)) {
                            z = true;
                        } else if ("2.16.840.1.113730.3.4.9".equalsIgnoreCase(str)) {
                            z2 = true;
                        } else if ("1.2.840.113556.1.4.319".equalsIgnoreCase(str)) {
                            z3 = true;
                        }
                    }
                    this.supportedPagingType = new Integer(z3 ? 2 : (z && z2) ? 3 : 1);
                    search.close();
                    if (ldapContext != null) {
                        try {
                            releaseConnection(ldapContext);
                        } catch (IMException e) {
                        }
                    }
                } catch (Throwable th) {
                    if (ldapContext != null) {
                        try {
                            releaseConnection(ldapContext);
                        } catch (IMException e2) {
                        }
                    }
                    throw th;
                }
            } catch (Exception e3) {
                throw new ConfigurationException(e3);
            }
        } catch (IMException e4) {
            throw e4;
        }
    }

    public LdapContext acquireConnection(Map map) throws IMException {
        try {
            LdapContext acquireConnection = this.pool.acquireConnection(map);
            if (this.isECIDEnabled) {
                try {
                    acquireConnection.setRequestControls(new Control[]{new ExecContextRequestControl(false, ExecutionContext.wrapContext())});
                } catch (NamingException e) {
                    throw new IMException((Throwable) e);
                }
            }
            if (this.robustctx) {
                acquireConnection = new RobustLdapContext(acquireConnection, this.pool, map, this.conn_try_cnt, this.conn_retry_interval, this.logr);
            }
            return acquireConnection;
        } catch (IMException e2) {
            this.logr.logp(Level.FINE, classname, "acquireConnection(Hashtable)", "Problem while acquiring connection from pool: " + e2.getMessage());
            throw e2;
        }
    }

    public LdapContext getNonPooledConnection(Map map) throws IMException {
        Hashtable hashtable;
        try {
            Control[] controlArr = new Control[1];
            if (map.size() > 0) {
                hashtable = this.jndiProps != null ? new Hashtable(this.jndiProps) : new Hashtable();
                hashtable.putAll(map);
            } else {
                hashtable = this.jndiProps;
            }
            if (!this.isECIDEnabled) {
                return new InitialLdapContext(hashtable, (Control[]) null);
            }
            controlArr[0] = new ExecContextRequestControl(false, ExecutionContext.wrapContext());
            InitialLdapContext initialLdapContext = new InitialLdapContext(hashtable, controlArr);
            initialLdapContext.setRequestControls(controlArr);
            return initialLdapContext;
        } catch (NamingException e) {
            this.logr.logp(Level.FINE, classname, "getNonPooledConnection(Map)", "Problem while acquiring connection from pool: " + e.getMessage());
            throw new IMException((Throwable) e);
        }
    }

    public LdapContext acquireConnection() throws IMException {
        try {
            LdapContext acquireConnection = this.pool.acquireConnection(null);
            if (this.robustctx) {
                acquireConnection = new RobustLdapContext(acquireConnection, this.pool, null, this.conn_try_cnt, this.conn_retry_interval, this.logr);
            }
            return acquireConnection;
        } catch (IMException e) {
            this.logr.logp(Level.FINE, classname, "acquireConnection()", "Problem while acquiring connection from pool: " + e.getMessage());
            throw e;
        }
    }

    public void releaseConnection(LdapContext ldapContext) throws IMException {
        if (ldapContext != null) {
            try {
                ldapContext.setRequestControls((Control[]) null);
                if (this.robustctx) {
                    try {
                        ldapContext.close();
                    } catch (NamingException e) {
                        IMException iMException = (IMException) e.getCause();
                        if (iMException == null) {
                            iMException = new IMException("");
                        }
                        throw iMException;
                    }
                } else {
                    this.pool.releaseConnection(ldapContext);
                }
            } catch (IMException e2) {
                this.logr.logp(Level.FINEST, classname, "releaseConnection()", "Problem while releasing connection to pool: " + e2.getMessage());
                throw e2;
            } catch (NamingException e3) {
                this.logr.logp(Level.FINEST, classname, "releaseConnection()", "Problem while releasing connection to pool: " + e3.getMessage());
                throw new OperationFailureException((Throwable) e3);
            }
        }
    }

    private void fetchObjectAttributes() throws IMException {
        try {
            LdapContext acquireConnection = acquireConnection();
            if (this.schemaBase == null) {
                this.objAttr = new LDAPObjectAttributes(acquireConnection, this.logr);
            } else {
                this.objAttr = new LDAPObjectAttributes(acquireConnection, this.schemaBase, this.logr);
            }
            if (acquireConnection != null) {
                try {
                    releaseConnection(acquireConnection);
                } catch (IMException e) {
                }
            }
        } catch (Throwable th) {
            if (0 != 0) {
                try {
                    releaseConnection(null);
                } catch (IMException e2) {
                }
            }
            throw th;
        }
    }

    public String getSchemaBase() throws IMException {
        if (this.schemaBase == null) {
            getUserAndControlAttributes();
        }
        return this.schemaBase;
    }

    public synchronized LDAPObjectAttributes getObjectAttributeCache() throws IMException {
        if (this.objAttr == null) {
            try {
                fetchObjectAttributes();
                this.logr.logp(Level.FINE, classname, "getObjectAttributeCache()", "Cache miss, Filled object attribute cache.");
            } catch (IMException e) {
                this.logr.logp(Level.FINE, classname, "getObjectAttributeCache()", "Cache miss, Couldnot fill object attribute cache.");
                throw e;
            } catch (Exception e2) {
                this.logr.logp(Level.FINE, classname, "getObjectAttributeCache()", "Cache miss, Couldnot fill object attribute cache.");
                throw new IMException(e2);
            }
        }
        return this.objAttr;
    }

    public Integer getPagingType() throws IMException {
        if (this.supportedPagingType == null) {
            getUserAndControlAttributes();
        }
        return this.supportedPagingType;
    }

    public ConnectionPool getConnectionPool() {
        return this.pool;
    }

    static {
        stdBinAttrs = null;
        stdBinAttrs = new HashSet();
        int length = binAttrNames.length;
        for (int i = 0; i < length; i++) {
            stdBinAttrs.add(binAttrNames[i]);
        }
    }
}
