package gitbucket.core.util;

import com.novell.ldap.LDAPConnection;
import com.novell.ldap.LDAPJSSESecureSocketFactory;
import com.novell.ldap.LDAPJSSEStartTLSFactory;
import com.novell.ldap.LDAPReferralException;
import com.novell.ldap.LDAPSearchResults;
import com.sun.net.ssl.internal.ssl.Provider;
import gitbucket.core.model.Account;
import gitbucket.core.service.SystemSettingsService;
import gitbucket.core.service.SystemSettingsService$;
import gitbucket.core.util.LDAPUtil;
import java.lang.invoke.MethodHandles;
import java.lang.invoke.SerializedLambda;
import java.security.Security;
import java.util.HashMap;
import java.util.Map;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import scala.Function1;
import scala.MatchError;
import scala.None$;
import scala.Option;
import scala.Option$;
import scala.Some;
import scala.collection.immutable.List;
import scala.collection.immutable.List$;
import scala.collection.immutable.Nil$;
import scala.collection.mutable.StringBuilder;
import scala.compat.java8.runtime.LambdaDeserializer$;
import scala.package$;
import scala.runtime.BoxedUnit;
import scala.runtime.BoxesRunTime;
import scala.util.Either;
import scala.util.Right;

/* compiled from: LDAPUtil.scala */
/* loaded from: input_file:gitbucket/core/util/LDAPUtil$.class */
public final class LDAPUtil$ {
    public static final LDAPUtil$ MODULE$ = null;
    private final int LDAP_VERSION;
    private final Logger logger;
    private final String LDAP_DUMMY_MAL;
    private static /* synthetic */ Map $deserializeLambdaCache$;

    static {
        new LDAPUtil$();
    }

    private int LDAP_VERSION() {
        return this.LDAP_VERSION;
    }

    private Logger logger() {
        return this.logger;
    }

    private String LDAP_DUMMY_MAL() {
        return this.LDAP_DUMMY_MAL;
    }

    public boolean isDummyMailAddress(Account account) {
        return account.mailAddress().endsWith(LDAP_DUMMY_MAL());
    }

    public String createDummyMailAddress(String str) {
        return new StringBuilder().append(str).append(LDAP_DUMMY_MAL()).toString();
    }

    public Either<String, LDAPUtil.LDAPUserInfo> authenticate(SystemSettingsService.Ldap ldap, String str, String str2) {
        return bind(ldap.host(), BoxesRunTime.unboxToInt(ldap.port().getOrElse(() -> {
            return SystemSettingsService$.MODULE$.DefaultLdapPort();
        })), (String) ldap.bindDN().getOrElse(() -> {
            return "";
        }), (String) ldap.bindPassword().getOrElse(() -> {
            return "";
        }), BoxesRunTime.unboxToBoolean(ldap.tls().getOrElse(() -> {
            return false;
        })), BoxesRunTime.unboxToBoolean(ldap.ssl().getOrElse(() -> {
            return false;
        })), (String) ldap.keystore().getOrElse(() -> {
            return "";
        }), "System LDAP authentication failed.", lDAPConnection -> {
            Either<String, LDAPUtil.LDAPUserInfo> apply;
            Some findUser = findUser(lDAPConnection, str, ldap.baseDN(), ldap.userNameAttribute(), ldap.additionalFilterCondition());
            if (findUser instanceof Some) {
                apply = userAuthentication(ldap, (String) findUser.x(), str, str2);
            } else {
                if (!None$.MODULE$.equals(findUser)) {
                    throw new MatchError(findUser);
                }
                apply = package$.MODULE$.Left().apply("User does not exist.");
            }
            return apply;
        });
    }

    private Either<String, LDAPUtil.LDAPUserInfo> userAuthentication(SystemSettingsService.Ldap ldap, String str, String str2, String str3) {
        return bind(ldap.host(), BoxesRunTime.unboxToInt(ldap.port().getOrElse(() -> {
            return SystemSettingsService$.MODULE$.DefaultLdapPort();
        })), str, str3, BoxesRunTime.unboxToBoolean(ldap.tls().getOrElse(() -> {
            return false;
        })), BoxesRunTime.unboxToBoolean(ldap.ssl().getOrElse(() -> {
            return false;
        })), (String) ldap.keystore().getOrElse(() -> {
            return "";
        }), "User LDAP Authentication Failed.", lDAPConnection -> {
            Right apply;
            if (((String) ldap.mailAttribute().getOrElse(() -> {
                return "";
            })).isEmpty()) {
                return package$.MODULE$.Right().apply(new LDAPUtil.LDAPUserInfo(str2, (String) ldap.fullNameAttribute().flatMap(str4 -> {
                    return findFullName(lDAPConnection, str, ldap.userNameAttribute(), str2, str4);
                }).getOrElse(() -> {
                    return str2;
                }), createDummyMailAddress(str2)));
            }
            Some findMailAddress = findMailAddress(lDAPConnection, str, ldap.userNameAttribute(), str2, (String) ldap.mailAttribute().get());
            if (findMailAddress instanceof Some) {
                apply = package$.MODULE$.Right().apply(new LDAPUtil.LDAPUserInfo(getUserNameFromMailAddress(str2), (String) ldap.fullNameAttribute().flatMap(str5 -> {
                    return findFullName(lDAPConnection, str, ldap.userNameAttribute(), str2, str5);
                }).getOrElse(() -> {
                    return str2;
                }), (String) findMailAddress.x()));
            } else {
                if (!None$.MODULE$.equals(findMailAddress)) {
                    throw new MatchError(findMailAddress);
                }
                apply = package$.MODULE$.Left().apply("Can't find mail address.");
            }
            return apply;
        });
    }

    private String getUserNameFromMailAddress(String str) {
        int indexOf = str.indexOf(64);
        switch (indexOf) {
            default:
                return (indexOf < 0 ? str : str.substring(0, indexOf)).replaceAll("[^a-zA-Z0-9\\-_.]", "").replaceAll("^[_\\-]", "");
        }
    }

    private <A> Either<String, A> bind(String str, int i, String str2, String str3, boolean z, boolean z2, String str4, String str5, Function1<LDAPConnection, Either<String, A>> function1) {
        if (z) {
            Security.addProvider(new Provider());
            if (str4.compareTo("") == 0) {
                BoxedUnit boxedUnit = BoxedUnit.UNIT;
            } else {
                System.setProperty("javax.net.ssl.trustStore", str4);
            }
        } else {
            BoxedUnit boxedUnit2 = BoxedUnit.UNIT;
        }
        LDAPConnection lDAPConnection = !z2 ? new LDAPConnection(new LDAPJSSEStartTLSFactory()) : new LDAPConnection(new LDAPJSSESecureSocketFactory());
        try {
            lDAPConnection.connect(str, i);
            if (z) {
                lDAPConnection.startTLS();
            }
            lDAPConnection.bind(LDAP_VERSION(), str2, str3.getBytes());
            return (Either) function1.apply(lDAPConnection);
        } catch (Exception e) {
            logger().info(String.valueOf(e));
            if (lDAPConnection.isConnected()) {
                lDAPConnection.disconnect();
            }
            return package$.MODULE$.Left().apply(str5);
        }
    }

    private Option<String> findUser(LDAPConnection lDAPConnection, String str, String str2, String str3, Option<String> option) {
        String str4 = (String) option.getOrElse(() -> {
            return "";
        });
        return getEntries$1(lDAPConnection.search(str2, 2, !"".equals(str4) ? new StringBuilder().append("(&(").append(str4).append(")(").append(str3).append("=").append(str).append("))").toString() : new StringBuilder().append(str3).append("=").append(str).toString(), (String[]) null, false), getEntries$default$2$1()).collectFirst(new LDAPUtil$$anonfun$findUser$1());
    }

    private Option<String> findMailAddress(LDAPConnection lDAPConnection, String str, String str2, String str3, String str4) {
        return (Option) ControlUtil$.MODULE$.defining(lDAPConnection.search(str, 0, new StringBuilder().append(str2).append("=").append(str3).toString(), new String[]{str4}, false), lDAPSearchResults -> {
            return !lDAPSearchResults.hasMore() ? None$.MODULE$ : Option$.MODULE$.apply(lDAPSearchResults.next().getAttribute(str4)).map(lDAPAttribute -> {
                return lDAPAttribute.getStringValue();
            });
        });
    }

    private Option<String> findFullName(LDAPConnection lDAPConnection, String str, String str2, String str3, String str4) {
        return (Option) ControlUtil$.MODULE$.defining(lDAPConnection.search(str, 0, new StringBuilder().append(str2).append("=").append(str3).toString(), new String[]{str4}, false), lDAPSearchResults -> {
            return !lDAPSearchResults.hasMore() ? None$.MODULE$ : Option$.MODULE$.apply(lDAPSearchResults.next().getAttribute(str4)).map(lDAPAttribute -> {
                return lDAPAttribute.getStringValue();
            });
        });
    }

    private final Option liftedTree1$1(LDAPSearchResults lDAPSearchResults) {
        try {
            return Option$.MODULE$.apply(lDAPSearchResults.next());
        } catch (LDAPReferralException e) {
            return None$.MODULE$;
        }
    }

    private final List getEntries$1(LDAPSearchResults lDAPSearchResults, List list) {
        while (lDAPSearchResults.hasMore()) {
            list = (List) list.$colon$plus(liftedTree1$1(lDAPSearchResults), List$.MODULE$.canBuildFrom());
            lDAPSearchResults = lDAPSearchResults;
        }
        return list.flatten(option -> {
            return Option$.MODULE$.option2Iterable(option);
        });
    }

    private final List getEntries$default$2$1() {
        return Nil$.MODULE$;
    }

    private LDAPUtil$() {
        MODULE$ = this;
        this.LDAP_VERSION = 3;
        this.logger = LoggerFactory.getLogger(getClass().getName());
        this.LDAP_DUMMY_MAL = "@ldap-devnull";
    }

    private static /* synthetic */ Object $deserializeLambda$(SerializedLambda serializedLambda) {
        Map map = $deserializeLambdaCache$;
        if (map == null) {
            map = new HashMap();
            $deserializeLambdaCache$ = map;
        }
        return LambdaDeserializer$.MODULE$.deserializeLambda(MethodHandles.lookup(), map, serializedLambda);
    }
}
