package oracle.ldap.util;

import java.io.ByteArrayOutputStream;
import java.io.Serializable;
import java.util.ResourceBundle;
import java.util.Vector;
import java.util.logging.Level;
import javax.naming.CommunicationException;
import javax.naming.CompositeName;
import javax.naming.NameNotFoundException;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.NoPermissionException;
import javax.naming.directory.Attribute;
import javax.naming.directory.DirContext;
import javax.naming.directory.ModificationItem;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.naming.ldap.Control;
import javax.naming.ldap.LdapContext;
import oracle.ldap.util.provisioning.ProvisioningConstants;

/* loaded from: input_file:oracle/ldap/util/User.class */
public class User extends LDAPEntry implements Serializable {
    private String entryGUID;
    private String inUserId;
    private String inSearchBase;
    private String searchFilter;
    private int userIdType;
    private String subIdName;
    private int subIdType;
    private String subDN;
    private Subscriber subscriber;
    private String[] userSearchBase;
    private String userNickNameAttr;
    private String userPrincipalAttr;
    private String userNameWinAttr;
    private boolean toBeAutoProvisioned;
    private String[] attrList;
    private String enumBase;
    private static java.util.logging.Logger m_logger = java.util.logging.Logger.getLogger("oracle.ldap.util");
    private static String commonDN = "cn=Common,cn=Products,cn=OracleContext";
    public static final String[] radContainerObjList = {"top", "orclcontainer", "orclauxiliaryguid"};
    public static final String[] extPrefRefObjList = {"top", "orclreferenceobject"};
    public static final String[] radObjList = {"top", "orclresourcedescriptor"};
    private static ResourceBundle resBundle = ResourceBundle.getBundle("oracle.ldap.util.nls.UtilityResource");
    public static int CREDTYPE_PASSWD = 0;
    public static int EXTPROPTYPE_RESOURCE_ACCESS_DESCRIPTOR = 0;

    protected User(DirContext dirContext, String str, String str2, PropertySet propertySet, java.util.logging.Logger logger) {
        this(dirContext, str, str2, propertySet);
        m_logger = logger;
    }

    protected User(DirContext dirContext, String str, String str2, PropertySet propertySet) {
        super(dirContext, str, propertySet);
        this.entryGUID = null;
        this.inUserId = null;
        this.inSearchBase = null;
        this.searchFilter = null;
        this.userIdType = -1;
        this.subIdName = null;
        this.subIdType = -1;
        this.subDN = null;
        this.subscriber = null;
        this.userSearchBase = null;
        this.userNickNameAttr = null;
        this.userPrincipalAttr = null;
        this.userNameWinAttr = null;
        this.toBeAutoProvisioned = false;
        this.attrList = new String[0];
        this.enumBase = null;
        this.entryGUID = str2;
        this.validated = true;
    }

    protected User(DirContext dirContext, String str, String str2, String str3, Subscriber subscriber, SearchResult searchResult, java.util.logging.Logger logger) {
        this(dirContext, str, str2, str3, subscriber, searchResult);
        m_logger = logger;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public User(DirContext dirContext, String str, String str2, String str3, Subscriber subscriber, SearchResult searchResult) {
        this(dirContext, str, str2, (PropertySet) null);
        this.subscriber = subscriber;
        this.entryGUID = str2;
        this.enumBase = str3;
        if (searchResult != null) {
            this.entryPsc = new PropertySetCollection(str3, searchResult, true);
        }
    }

    public User(DirContext dirContext, int i, String str, Subscriber subscriber, boolean z, java.util.logging.Logger logger) throws UtilException {
        this(dirContext, i, str, subscriber, z);
        m_logger = logger;
    }

    public User(DirContext dirContext, int i, String str, Subscriber subscriber, boolean z) throws UtilException {
        this(dirContext, i, str, 0, null, subscriber, null, null, null, new String[0], false, z);
    }

    public User(DirContext dirContext, int i, String str, int i2, String str2, boolean z, java.util.logging.Logger logger) throws UtilException {
        this(dirContext, i, str, i2, str2, z);
        m_logger = logger;
    }

    public User(DirContext dirContext, int i, String str, int i2, String str2, boolean z) throws UtilException {
        this(dirContext, i, str, i2, str2, null, null, null, null, new String[0], false, z);
    }

    protected User(DirContext dirContext, int i, String str, int i2, String str2, Subscriber subscriber, String str3, String[] strArr, String str4, String[] strArr2, boolean z, boolean z2, java.util.logging.Logger logger) throws UtilException {
        this(dirContext, i, str, i2, str2, subscriber, str3, strArr, str4, strArr2, z, z2);
        m_logger = logger;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public User(DirContext dirContext, int i, String str, int i2, String str2, Subscriber subscriber, String str3, String[] strArr, String str4, String[] strArr2, boolean z, boolean z2) throws UtilException {
        super(dirContext, str);
        this.entryGUID = null;
        this.inUserId = null;
        this.inSearchBase = null;
        this.searchFilter = null;
        this.userIdType = -1;
        this.subIdName = null;
        this.subIdType = -1;
        this.subDN = null;
        this.subscriber = null;
        this.userSearchBase = null;
        this.userNickNameAttr = null;
        this.userPrincipalAttr = null;
        this.userNameWinAttr = null;
        this.toBeAutoProvisioned = false;
        this.attrList = new String[0];
        this.enumBase = null;
        if (str == null) {
            throw new ParameterException(resBundle.getString("PARAMETER_NULL") + ":  inUserIdName");
        }
        if (str == "") {
            throw new UtilException(resBundle.getString("PARAMETER_INVALID") + ":  inUserIdName");
        }
        if (i != Util.IDTYPE_DN && i != Util.IDTYPE_SIMPLE && i != Util.IDTYPE_WINDOWS && i != Util.IDTYPE_KERB_PRINCIPAL && i != Util.IDTYPE_GUID) {
            throw new ParameterException(resBundle.getString("PARAMETER_INVALID") + ":  inUserIdType");
        }
        this.subIdType = i2;
        this.subIdName = str2;
        this.subscriber = subscriber;
        this.attrList = strArr2;
        this.userSearchBase = strArr;
        this.userNickNameAttr = str4;
        this.inSearchBase = str3;
        this.toBeAutoProvisioned = z;
        this.inUserId = str;
        this.userIdType = i;
        if (z2) {
            resolve(dirContext);
        }
    }

    public PropertySetCollection getExtendedProperties(DirContext dirContext, int i, String[] strArr, String str) throws UtilException {
        resolve(dirContext);
        String locateSubscriber = locateSubscriber(dirContext);
        String str2 = (String) getProperties(dirContext, new String[]{"orclguid"}, true).getPropertySet(0).getProperty(0).getValue(0);
        if (i != EXTPROPTYPE_RESOURCE_ACCESS_DESCRIPTOR) {
            throw new ParameterException(resBundle.getString("PARAMETER_INVALID") + ":  propType");
        }
        try {
            return Util.getEntryDetails(dirContext, new String(new String("cn=Resource Access Descriptor") + ",orclOwnerGUID=" + str2 + ",cn=Extended Properties,cn=OracleContext," + locateSubscriber), str, 2, strArr);
        } catch (NamingException e) {
            if (e instanceof CommunicationException) {
                throw new CommunicationErrorException(resBundle.getString("UNABLE_TO_CONNECT_TO_DIR"), e);
            }
            String str3 = resBundle.getString("GENERAL_ERROR_SEARCH") + ":  getExtendedProperties";
            if (e instanceof NoPermissionException) {
                throw new AccessDeniedException(str3, e);
            }
            if (UtilException.getLDAPErrorCode(e) == 32) {
                return new PropertySetCollection();
            }
            throw new GeneralErrorException(str3, e);
        }
    }

    public PropertySetCollection getExtendedProperties(DirContext dirContext, int i, String[] strArr) throws UtilException {
        return getExtendedProperties(dirContext, i, strArr, "(objectclass=*)");
    }

    public void setExtendedProperties(DirContext dirContext, int i, String str, ModPropertySet modPropertySet) throws UtilException {
        resolve(dirContext);
        String locateSubscriber = locateSubscriber(dirContext);
        String guid = getGUID(dirContext);
        if (i != EXTPROPTYPE_RESOURCE_ACCESS_DESCRIPTOR) {
            throw new ParameterException(resBundle.getString("PARAMETER_INVALID") + ":  propType");
        }
        String str2 = new String(new String("cn=Resource Access Descriptor") + ",orclOwnerGUID=" + guid + ",cn=Extended Properties,cn=OracleContext," + locateSubscriber);
        boolean sameCtxUser = sameCtxUser(dirContext);
        try {
            PropertySetCollection ldapSearch = Util.ldapSearch(dirContext, str2, str, 2, sameCtxUser ? new String[]{ProvisioningConstants.NEWDN_VALUE, "orclusermodifiable"} : new String[]{ProvisioningConstants.NEWDN_VALUE});
            if (ldapSearch == null || ldapSearch.isEmpty()) {
                throw new SetPropertiesException("Requested RAD does not exist");
            }
            if (ldapSearch.size() > 1) {
                throw new SetPropertiesException("Multiple RADs encountered");
            }
            if (sameCtxUser) {
                String str3 = "TRUE";
                try {
                    str3 = ldapSearch.getUniquePropertyValue("orclusermodifiable");
                } catch (Exception e) {
                }
                if (!str3.equalsIgnoreCase("TRUE")) {
                    throw new SetPropertiesException("User is not allowed to modify this RAD");
                }
            }
            try {
                Util.ldapModify(dirContext, ldapSearch.getPropertySet(0).getDN(), modPropertySet);
            } catch (UtilException e2) {
                if (!(e2 instanceof CommunicationErrorException)) {
                    throw new SetPropertiesException("Cannot Update Extended Properties", e2.returnNamingException());
                }
                throw e2;
            }
        } catch (UtilException e3) {
            if (!(e3 instanceof CommunicationErrorException)) {
                throw new SetPropertiesException("Requested RAD does not exist.", e3);
            }
            throw e3;
        }
    }

    public void createExtendedProperties(DirContext dirContext, int i, ModPropertySet modPropertySet) throws UtilException {
        resolve(dirContext);
        String locateSubscriber = locateSubscriber(dirContext);
        String guid = getGUID(dirContext);
        if (i != EXTPROPTYPE_RESOURCE_ACCESS_DESCRIPTOR) {
            throw new ParameterException(resBundle.getString("PARAMETER_INVALID") + ":  propType");
        }
        String str = "orclownerguid=" + guid + ",cn=Extended Properties,cn=oracleContext," + locateSubscriber;
        try {
            Util.ldapSearch(dirContext, str, "objectclass=*", 0, new String[]{ProvisioningConstants.NEWDN_VALUE});
        } catch (UtilException e) {
            if (!e.isNamingException() || !(e.returnNamingException() instanceof NameNotFoundException)) {
                throw e;
            }
            ModPropertySet modPropertySet2 = new ModPropertySet();
            modPropertySet2.addProperty(0, "objectclass", extPrefRefObjList);
            modPropertySet2.addProperty(0, "orclownerguid", guid);
            modPropertySet2.addProperty(0, "seealso", this.entryDN);
            Util.ldapAdd(dirContext, str, modPropertySet2);
        }
        String str2 = "cn=Resource Access Descriptor," + str;
        try {
            Util.ldapSearch(dirContext, str2, "objectclass=*", 0, new String[]{ProvisioningConstants.NEWDN_VALUE});
        } catch (UtilException e2) {
            if (!e2.isNamingException() || !(e2.returnNamingException() instanceof NameNotFoundException)) {
                throw e2;
            }
            ModPropertySet modPropertySet3 = new ModPropertySet();
            modPropertySet3.addProperty(0, "objectclass", radContainerObjList);
            modPropertySet3.addProperty(0, "cn", "Resource Access Descriptor");
            modPropertySet3.addProperty(0, "orclownerguid", guid);
            Util.ldapAdd(dirContext, str2, modPropertySet3);
        }
        LDIFRecord modProperty = modPropertySet.getModProperty();
        try {
            String value = modProperty.getAttribute("orclresourcename").getValue();
            if (value == null) {
                throw new UtilException("ModPropertySet does not contain orclresourcename");
            }
            try {
                String value2 = modProperty.getAttribute("orclresourcetypename").getValue();
                if (value2 == null) {
                    throw new UtilException("ModPropertySet does not contain orclresourcetypename");
                }
                modPropertySet.addProperty(0, "orclownerguid", guid);
                modPropertySet.addProperty(0, "objectclass", radObjList);
                Util.ldapAdd(dirContext, "orclresourcename=" + value + "+orclresourcetypename=" + value2 + "," + str2, modPropertySet);
            } catch (NullPointerException e3) {
                throw new UtilException("ModPropertySet does not contain orclresourcetypename");
            }
        } catch (NullPointerException e4) {
            throw new UtilException("ModPropertySet does not contain orclresourcename");
        }
    }

    public void setProperties(DirContext dirContext, ModificationItem[] modificationItemArr) throws UtilException {
        resolve(dirContext);
        Util.setEntryDetails(dirContext, this.entryDN, modificationItemArr);
    }

    @Override // oracle.ldap.util.LDAPEntry
    public void setProperties(DirContext dirContext, ModPropertySet modPropertySet) throws UtilException {
        resolve(dirContext);
        try {
            super.setProperties(dirContext, modPropertySet);
        } catch (UtilException e) {
            if (!e.hasPasswordPolicyError()) {
                throw e;
            }
            switch (e.getPasswordPolicyErrorCode()) {
                case PasswordPolicy.PASSWORD_ACCOUNT_LOCKED /* 9001 */:
                    throw new AccountLockedException("The account is locked", e.returnNamingException());
                case PasswordPolicy.PASSWORD_MINLENGTH_EC /* 9003 */:
                    throw new MinimumLengthException("The password does not satisfy the minimum length", e.returnNamingException());
                case PasswordPolicy.PASSWORD_NUMERIC_EC /* 9004 */:
                    throw new NumericCharacterException("The password requires at least one numeric value", e.returnNamingException());
                case PasswordPolicy.PASSWORD_NULL_EC /* 9005 */:
                    throw new PasswordNullException("Password cannot be null", e.returnNamingException());
                case PasswordPolicy.PASSWORD_IN_HISTORY_EC /* 9006 */:
                    throw new PasswordInHistoryException("Cannot change to a previously used password", e.returnNamingException());
                case PasswordPolicy.PASSWORD_ILLEGAL_VALUE_EC /* 9007 */:
                    throw new IllegalValueException("Illegal password value", e.returnNamingException());
                case PasswordPolicy.PASSWORD_IP_ACCOUNT_LOCKED /* 9011 */:
                    throw new AcctIPLockedException("The account is locked from this IP address", e.returnNamingException());
                case PasswordPolicy.ACCT_DISABLED_EC /* 9050 */:
                    throw new AccountDisabledException("The account has been disabled", e.returnNamingException());
                case PasswordPolicy.ACCT_INACTIVE /* 9053 */:
                    throw new AccountInactiveException("The account is inactive", e.returnNamingException());
                default:
                    throw new PasswordPolicyException("Password policy error encountered: " + e.returnNamingException().toString(), e.returnNamingException());
            }
        }
    }

    public PropertySetCollection getProperties(DirContext dirContext, String[] strArr) throws UtilException {
        return getProperties(dirContext, strArr, true);
    }

    @Override // oracle.ldap.util.LDAPEntry
    public PropertySetCollection getProperties(DirContext dirContext, String[] strArr, boolean z) throws UtilException {
        return super.getProperties(dirContext, strArr, z);
    }

    private void getCommonAttrsFromSubscriber(DirContext dirContext, Subscriber subscriber, String str) throws UtilException {
        String[] commonAttrs = subscriber.getCommonAttrs(dirContext);
        this.userNickNameAttr = commonAttrs[0];
        this.userPrincipalAttr = commonAttrs[2];
        this.userNameWinAttr = commonAttrs[3];
        int i = 4;
        if (str == null) {
            int length = commonAttrs.length - 4;
            this.userSearchBase = new String[length];
            for (int i2 = 0; i2 < length; i2++) {
                int i3 = i;
                i++;
                this.userSearchBase[i2] = commonAttrs[i3];
            }
            return;
        }
        boolean z = false;
        while (true) {
            if (i >= commonAttrs.length) {
                break;
            }
            if (Util.normalizeDN(commonAttrs[i]).equals(Util.normalizeDN(str))) {
                z = true;
                break;
            }
            i++;
        }
        if (!z) {
            throw new UtilException("Invalid user search base");
        }
        this.userSearchBase = new String[1];
        this.userSearchBase[0] = str;
    }

    private boolean sameCtxUser(DirContext dirContext) {
        try {
            return ((String) dirContext.getEnvironment().get("java.naming.security.principal")).equalsIgnoreCase(this.entryDN);
        } catch (Exception e) {
            return false;
        }
    }

    @Override // oracle.ldap.util.LDAPEntry
    public void resolve(DirContext dirContext) throws UtilException {
        String[] strArr;
        if (this.validated) {
            return;
        }
        if (dirContext == null) {
            throw new UtilException(resBundle.getString("PARAMETER_NULL") + ": DirContext");
        }
        if (this.userIdType != Util.IDTYPE_SIMPLE && this.userIdType != Util.IDTYPE_WINDOWS && this.userIdType != Util.IDTYPE_KERB_PRINCIPAL) {
            if (this.userIdType == Util.IDTYPE_GUID) {
                try {
                    NamingEnumeration namingEnumeration = (NamingEnumeration) Util.getEntryDetails(dirContext, "", "(orclguid=" + this.inUserId + ")", 2, this.attrList, false);
                    if (!namingEnumeration.hasMoreElements()) {
                        throw new NoSuchUserException("User does not exist - GUID = " + this.inUserId);
                    }
                    SearchResult searchResult = (SearchResult) namingEnumeration.nextElement();
                    this.entryDN = new String(searchResult.getName());
                    this.entryGUID = this.inUserId;
                    this.enumBase = "";
                    this.entryPsc = new PropertySetCollection("", searchResult, true);
                    this.validated = true;
                    return;
                } catch (NamingException e) {
                    if (!(e instanceof CommunicationException)) {
                        throw new NoSuchUserException("Error encountered when resolving user - GUID = " + this.inUserId, e);
                    }
                    throw new CommunicationErrorException(resBundle.getString("UNABLE_TO_CONNECT_TO_DIR"), e);
                }
            }
            if (this.userIdType == Util.IDTYPE_DN) {
                try {
                    NamingEnumeration namingEnumeration2 = (NamingEnumeration) Util.getEntryDetails(dirContext, this.inUserId, "(objectclass=*)", 0, this.attrList, false);
                    if (!namingEnumeration2.hasMoreElements()) {
                        throw new NoSuchUserException("User does not exist - DN = " + this.inUserId);
                    }
                    SearchResult searchResult2 = (SearchResult) namingEnumeration2.nextElement();
                    this.entryDN = this.inUserId;
                    this.enumBase = this.inUserId;
                    this.entryPsc = new PropertySetCollection(this.entryDN, searchResult2, true);
                    this.validated = true;
                    return;
                } catch (NamingException e2) {
                    if (!(e2 instanceof CommunicationException)) {
                        throw new NoSuchUserException("Error encountered when resolving user - DN = " + this.inUserId, e2);
                    }
                    throw new CommunicationErrorException(resBundle.getString("UNABLE_TO_CONNECT_TO_DIR"), e2);
                }
            }
            return;
        }
        try {
            if (this.subscriber == null) {
                this.subscriber = new RootOracleContext(dirContext, m_logger).getSubscriber(dirContext, this.subIdType, this.subIdName, new String[0]);
            }
            this.subDN = this.subscriber.getDN(dirContext);
            getCommonAttrsFromSubscriber(dirContext, this.subscriber, this.inSearchBase);
            if (this.attrList != null) {
                strArr = new String[this.attrList.length + 1];
                for (int i = 0; i < this.attrList.length; i++) {
                    strArr[i] = this.attrList[i];
                }
                strArr[this.attrList.length] = "orclguid";
            } else {
                strArr = new String[]{"orclguid"};
            }
            boolean z = false;
            for (int i2 = 0; i2 < this.userSearchBase.length; i2++) {
                String str = this.userSearchBase[i2];
                String str2 = this.userNickNameAttr;
                if (this.userIdType == Util.IDTYPE_WINDOWS) {
                    str2 = this.userNameWinAttr;
                } else if (this.userIdType == Util.IDTYPE_KERB_PRINCIPAL) {
                    str2 = this.userPrincipalAttr;
                }
                NamingEnumeration namingEnumeration3 = (NamingEnumeration) Util.getEntryDetails(dirContext, str, "(&(objectclass=*)(" + str2 + "=" + Util.handleSpecialFilterChars(this.inUserId) + "))", 2, strArr, false);
                boolean hasMoreElements = namingEnumeration3.hasMoreElements();
                if (!hasMoreElements && i2 == this.userSearchBase.length - 1 && !z) {
                    throw new NoSuchUserException("User does not exist - SIMPLE NAME = " + this.inUserId);
                }
                if (hasMoreElements) {
                    if (z) {
                        throw new MultipleUserException("Multiple Users found with Simple Name = " + this.inUserId);
                    }
                    SearchResult searchResult3 = (SearchResult) namingEnumeration3.nextElement();
                    z = true;
                    this.entryDN = new String(searchResult3.getNameInNamespace());
                    this.entryGUID = (String) searchResult3.getAttributes().get("orclguid").get(0);
                    if (namingEnumeration3.hasMoreElements()) {
                        throw new MultipleUserException("Multiple Users found with Simple Name = " + this.inUserId);
                    }
                    this.entryPsc = new PropertySetCollection(str, searchResult3, true);
                }
                this.validated = true;
            }
        } catch (NamingException e3) {
            if (!(e3 instanceof CommunicationException)) {
                throw new NoSuchUserException("Error encountered when resolving user - SIMPLE NAME = " + this.inUserId, e3);
            }
            throw new CommunicationErrorException(resBundle.getString("UNABLE_TO_CONNECT_TO_DIR"), e3);
        }
    }

    @Override // oracle.ldap.util.LDAPEntry
    public String getDN(DirContext dirContext) throws UtilException {
        return super.getDN(dirContext);
    }

    public String getDn(DirContext dirContext) throws UtilException {
        return super.getDN(dirContext);
    }

    public String getDn() throws UtilException {
        if (this.validated) {
            return super.getDN(null);
        }
        throw new UtilException("This operation has been desupported");
    }

    public String getDN() throws UtilException {
        return getDn();
    }

    public String locateSubscriber(DirContext dirContext) throws UtilException {
        String str = null;
        resolve(dirContext);
        if (this.subDN != null) {
            return this.subDN;
        }
        try {
            NamingEnumeration all = dirContext.getAttributes(commonDN, new String[]{"orclsubscribersearchbase"}).getAll();
            while (all.hasMore()) {
                Attribute attribute = (Attribute) all.next();
                NamingEnumeration all2 = attribute.getAll();
                if (attribute.getID().equals("orclsubscribersearchbase")) {
                    str = (String) all2.next();
                }
            }
            if (str == null) {
                str = "";
            }
            String normalizeDN = Util.normalizeDN(this.entryDN);
            SearchControls searchControls = new SearchControls();
            searchControls.setSearchScope(2);
            if (str == null) {
                str = "";
            }
            try {
                String obj = new CompositeName().add(str).toString();
                NamingEnumeration search = dirContext.search(obj, "objectclass=orclSubscriber", searchControls);
                Vector vector = new Vector();
                while (search.hasMore()) {
                    if (obj.equals("")) {
                        ((SearchResult) search.next()).getName();
                    }
                    vector.addElement(((SearchResult) search.next()).getNameInNamespace());
                }
                if (vector.size() == 0) {
                    throw new SubscriberNotFoundException(resBundle.getString("NO_SUBSCRIBER_FOUND") + ":  " + obj);
                }
                String[] vector2StrArray = Util.vector2StrArray(vector);
                String[] strArr = {"orclcommonusersearchbase"};
                for (int i = 0; i < vector2StrArray.length; i++) {
                    NamingEnumeration all3 = dirContext.getAttributes(commonDN + "," + vector2StrArray[i], strArr).getAll();
                    if (all3.hasMore()) {
                        NamingEnumeration all4 = ((Attribute) all3.next()).getAll();
                        while (all4.hasMore()) {
                            if (normalizeDN.endsWith(Util.normalizeDN((String) all4.next()))) {
                                this.subDN = vector2StrArray[i];
                                return this.subDN;
                            }
                        }
                    }
                }
                throw new SubscriberNotFoundException(resBundle.getString("NO_MATCHING_SUBSCRIBER"));
            } catch (NamingException e) {
                throw new GeneralErrorException(resBundle.getString("CANNOT_FIND_SUBSCRIBER") + ":  " + this.entryDN, e);
            }
        } catch (NamingException e2) {
            throw new InvalidRootOrclctxException(resBundle.getString("INVALID_ROOT_CTX"));
        }
    }

    public String getGUID() throws UtilException {
        if (this.entryGUID == null) {
            throw new UtilException("This operation has been desupported");
        }
        return this.entryGUID;
    }

    public String getGUID(DirContext dirContext) throws UtilException {
        resolve(dirContext);
        if (this.entryGUID == null) {
            this.entryGUID = (String) Util.ldapSearch(dirContext, this.entryDN, "(objectclass=*)", 0, new String[]{"orclguid"}).getPropertySet(0).getProperty(0).getValue(0);
        }
        return this.entryGUID;
    }

    public void authenticateUser(DirContext dirContext, int i, Object obj) throws UtilException {
        if (i != CREDTYPE_PASSWD) {
            throw new ParameterException(resBundle.getString("PARAMETER_INVALID") + ":  authType");
        }
        String str = new String("userpassword");
        String str2 = (String) obj;
        if (dirContext instanceof LdapContext) {
            try {
                ((LdapContext) dirContext).setRequestControls(new Control[]{new PasswordPolicyControl()});
            } catch (NamingException e) {
                if (!(e instanceof CommunicationException)) {
                    throw new UtilException("Unable to set Password Policy controls");
                }
                throw new CommunicationErrorException(resBundle.getString("UNABLE_TO_CONNECT_TO_DIR"), e);
            }
        }
        try {
            authenticateUser(dirContext, str, str2);
            if (dirContext instanceof LdapContext) {
                try {
                    Control[] responseControls = ((LdapContext) dirContext).getResponseControls();
                    if (responseControls != null && responseControls.length > 0) {
                        byte[] encodedValue = responseControls[0].getEncodedValue();
                        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                        byteArrayOutputStream.write(encodedValue, 0, encodedValue.length);
                        m_logger.log(Level.INFO, byteArrayOutputStream.toString());
                        String id = responseControls[0].getID();
                        if (id.equals(PasswordPolicy.PASSWORD_EXPIRE_WARNING_CONTROL)) {
                            throw new PasswordExpiredWarningException("User Password Expire Warning");
                        }
                        if (id.equals(PasswordPolicy.PASSWORD_EXPIRE_GRACE_LOGIN_CONTROL)) {
                            throw new GraceLoginException("User in Grace Login mode");
                        }
                        if (id.equals(PasswordPolicy.PASSWORD_EXPIRE_MUST_CHANGE_CONTROL)) {
                            ChangePwdObserver.getInstance().setStatus(ChangePwdObserver.MUST_CHANGE_EXCEPTION_RAISED, true);
                            throw new MustChangeException("User password must be changed");
                        }
                    }
                } catch (NamingException e2) {
                    if (e2 instanceof CommunicationException) {
                        throw new CommunicationErrorException(resBundle.getString("UNABLE_TO_CONNECT_TO_DIR"), e2);
                    }
                }
            }
        } catch (UtilException e3) {
            if (this.toBeAutoProvisioned) {
                if (!e3.isNamingException()) {
                    throw e3;
                }
                if (e3.returnNamingException() instanceof NameNotFoundException) {
                    try {
                        resolve(dirContext);
                        this.toBeAutoProvisioned = false;
                        return;
                    } catch (UtilException e4) {
                        if (!(e4 instanceof NoSuchUserException)) {
                            throw e4;
                        }
                        throw new AuthFailureException(resBundle.getString("UNABLE_AUTHENTICATE_USER"));
                    }
                }
            }
            if (!e3.hasPasswordPolicyError()) {
                throw e3;
            }
            switch (e3.getPasswordPolicyErrorCode()) {
                case PasswordPolicy.PASSWORD_EXPIRED_EC /* 9000 */:
                    throw new PasswordExpiredException("Password has expired", e3.returnNamingException());
                case PasswordPolicy.PASSWORD_ACCOUNT_LOCKED /* 9001 */:
                    throw new AccountLockedException("The account is locked", e3.returnNamingException());
                case PasswordPolicy.PASSWORD_NULL_EC /* 9005 */:
                    throw new PasswordNullException("Password is null", e3.returnNamingException());
                case PasswordPolicy.PASSWORD_IP_ACCOUNT_LOCKED /* 9011 */:
                    throw new AcctIPLockedException("The account is locked from this IP address", e3.returnNamingException());
                case PasswordPolicy.ACCT_DISABLED_EC /* 9050 */:
                    throw new AccountDisabledException("The account has been disabled", e3.returnNamingException());
                case PasswordPolicy.ACCT_INACTIVE /* 9053 */:
                    throw new AccountInactiveException("The account is inactive", e3.returnNamingException());
                default:
                    throw new PasswordPolicyException("Password policy error encountered: " + e3.returnNamingException().toString(), e3.returnNamingException());
            }
        }
    }

    public void authenticateUser(DirContext dirContext, String str, String str2) throws UtilException {
        if (!this.toBeAutoProvisioned) {
            resolve(dirContext);
        }
        SearchControls searchControls = new SearchControls();
        searchControls.setReturningAttributes(new String[0]);
        searchControls.setSearchScope(0);
        try {
            byte[] bytes = str2.getBytes("UTF-8");
            this.entryDN = new CompositeName().add(this.entryDN).toString();
            if (dirContext.search(this.entryDN, "(" + str + "={0})", new Object[]{bytes}, searchControls).hasMore()) {
            } else {
                throw new AuthFailureException(resBundle.getString("UNABLE_AUTHENTICATE_USER") + ": " + this.entryDN);
            }
        } catch (Exception e) {
            if (e instanceof CommunicationException) {
                throw new CommunicationErrorException(resBundle.getString("UNABLE_TO_CONNECT_TO_DIR"), e);
            }
            if (!(e instanceof AuthFailureException)) {
                throw new AuthFailureException(resBundle.getString("UNABLE_AUTHENTICATE_USER") + ": " + this.entryDN, e);
            }
            throw ((AuthFailureException) e);
        }
    }

    public Group[] getGroupMembership(DirContext dirContext, String[] strArr, boolean z) throws UtilException {
        resolve(dirContext);
        PropertySetCollection groupMembership = Util.getGroupMembership(dirContext, this, strArr, z);
        if (groupMembership == null) {
            return null;
        }
        Group[] groupArr = new Group[groupMembership.size()];
        for (int i = 0; i < groupArr.length; i++) {
            groupArr[i] = new Group(dirContext, groupMembership.getPropertySet(i).getDN(), groupMembership.getPropertySet(i));
        }
        return groupArr;
    }

    public boolean isProvisioned() {
        return !this.toBeAutoProvisioned;
    }
}
