package org.bsdn.authentication;

import java.io.IOException;
import java.util.Hashtable;
import java.util.Properties;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attributes;
import javax.naming.directory.DirContext;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.naming.ldap.Control;
import javax.naming.ldap.InitialLdapContext;
import org.apache.commons.codec.digest.DigestUtils;

/* loaded from: input_file:org/bsdn/authentication/BsdnAuthImpl.class */
public class BsdnAuthImpl implements BsdnAuth {
    private static final String USER_SEARCH_BASE = "ou=users,dc=bsdn,dc=org";
    private static final String NICK_NAME_FILTER = "(&(objectClass=bsdnAccount)(nickName=%s))";
    private static final String UID_FILTER = "(&(objectClass=bsdnAccount)(uid=%s))";
    private static final String AVATAR_URL = "http://bsdn.org/avatar/%%{%s}";
    private static final String USER_DN = "uid=%s,ou=users,dc=bsdn,dc=org";
    private Properties props = new Properties();

    public BsdnAuthImpl() {
        try {
            this.props.load(getClass().getClassLoader().getResourceAsStream("bsdn.properties"));
        } catch (IOException e) {
            throw new RuntimeException("bsdn.properties not found in classpath.", e);
        }
    }

    private DirContext bindDn() throws UnexpectedException, CredentialsInvalidException {
        return bindDn(this.props.getProperty("ldap.bindDn"), this.props.getProperty("ldap.passwd"));
    }

    private DirContext bindDn(String str, String str2) throws CredentialsInvalidException, UnexpectedException {
        Hashtable hashtable = new Hashtable();
        hashtable.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
        hashtable.put("java.naming.provider.url", this.props.getProperty("ldap.url"));
        hashtable.put("java.naming.security.authentication", this.props.getProperty("ldap.authType"));
        hashtable.put("java.naming.security.principal", str);
        hashtable.put("java.naming.security.credentials", str2);
        try {
            return new InitialLdapContext(hashtable, (Control[]) null);
        } catch (NamingException e) {
            throw new CredentialsInvalidException("Username or Password invalid.", e);
        }
    }

    private String resolveUid(String str) throws CredentialsInvalidException, UnexpectedException {
        if (str.indexOf(64) != -1) {
            return str;
        }
        DirContext bindDn = bindDn();
        SearchControls searchControls = new SearchControls();
        searchControls.setSearchScope(2);
        try {
            try {
                NamingEnumeration<SearchResult> search = bindDn.search(USER_SEARCH_BASE, String.format(NICK_NAME_FILTER, str), searchControls);
                if (!search.hasMore()) {
                    throw new CredentialsInvalidException("Username or Password invalid.");
                }
                String str2 = (String) ((SearchResult) search.next()).getAttributes().get("uid").get();
                closeResources(bindDn, search);
                return str2;
            } catch (NamingException e) {
                throw new UnexpectedException("unexpected error.", e);
            }
        } catch (Throwable th) {
            closeResources(bindDn, null);
            throw th;
        }
    }

    @Override // org.bsdn.authentication.BsdnAuth
    public UserInfo authentication(String str, String str2) throws CredentialsInvalidException, UnexpectedException, UserLockedException {
        String resolveUid = resolveUid(str);
        DirContext bindDn = bindDn(String.format(USER_DN, resolveUid), str2);
        SearchControls searchControls = new SearchControls();
        searchControls.setSearchScope(2);
        try {
            try {
                NamingEnumeration<SearchResult> search = bindDn.search(USER_SEARCH_BASE, String.format(UID_FILTER, resolveUid), searchControls);
                if (!search.hasMore()) {
                    throw new CredentialsInvalidException("Username or Password invalid.");
                }
                Attributes attributes = ((SearchResult) search.next()).getAttributes();
                if (!"1".equals(attributes.get("activeStatus").get())) {
                    throw new UserLockedException("User Locked.");
                }
                UserInfo userInfo = new UserInfo();
                userInfo.setUid(resolveUid);
                userInfo.setAvatar(String.format(AVATAR_URL, DigestUtils.md5Hex(resolveUid)));
                userInfo.setNickName((String) attributes.get("nickName").get());
                userInfo.setMail((String) attributes.get("mail").get());
                closeResources(bindDn, search);
                return userInfo;
            } catch (NamingException e) {
                throw new UnexpectedException("unexpected error.", e);
            }
        } catch (Throwable th) {
            closeResources(bindDn, null);
            throw th;
        }
    }

    private void closeResources(DirContext dirContext, NamingEnumeration<SearchResult> namingEnumeration) {
        if (namingEnumeration != null) {
            try {
                namingEnumeration.close();
            } catch (Exception e) {
                e.printStackTrace();
            }
        }
        if (dirContext != null) {
            try {
                dirContext.close();
            } catch (Exception e2) {
                e2.printStackTrace();
            }
        }
    }
}
