package gitbucket.core.util;

import com.novell.ldap.LDAPConnection;
import com.novell.ldap.LDAPJSSESecureSocketFactory;
import com.novell.ldap.LDAPJSSEStartTLSFactory;
import com.novell.ldap.LDAPReferralException;
import com.novell.ldap.LDAPSearchResults;
import gitbucket.core.model.Account;
import gitbucket.core.service.SystemSettingsService;
import gitbucket.core.service.SystemSettingsService$;
import gitbucket.core.util.LDAPUtil;
import java.security.Provider;
import java.security.Security;
import java.util.concurrent.atomic.AtomicReference;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import scala.Function1;
import scala.MatchError;
import scala.None$;
import scala.Option;
import scala.Option$;
import scala.Predef$;
import scala.Some;
import scala.collection.immutable.List;
import scala.collection.immutable.Nil$;
import scala.package$;
import scala.runtime.BoxesRunTime;
import scala.util.Either;
import scala.util.Right;

/* compiled from: LDAPUtil.scala */
/* loaded from: input_file:gitbucket/core/util/LDAPUtil$.class */
public final class LDAPUtil$ {
    public static final LDAPUtil$ MODULE$ = new LDAPUtil$();
    private static final int LDAP_VERSION = 3;
    private static final String LDAP_DUMMY_MAL = "@ldap-devnull";
    private static final Logger logger = LoggerFactory.getLogger(MODULE$.getClass().getName());
    private static final AtomicReference<Provider> provider = new AtomicReference<>(null);

    private int LDAP_VERSION() {
        return LDAP_VERSION;
    }

    private String LDAP_DUMMY_MAL() {
        return LDAP_DUMMY_MAL;
    }

    private Logger logger() {
        return logger;
    }

    private AtomicReference<Provider> provider() {
        return provider;
    }

    public boolean isDummyMailAddress(Account account) {
        return account.mailAddress().endsWith(LDAP_DUMMY_MAL());
    }

    public String createDummyMailAddress(String str) {
        return new StringBuilder(0).append(str).append(LDAP_DUMMY_MAL()).toString();
    }

    public Either<String, LDAPUtil.LDAPUserInfo> authenticate(SystemSettingsService.Ldap ldap, String str, String str2) {
        return bind(ldap.host(), BoxesRunTime.unboxToInt(ldap.port().getOrElse(() -> {
            return SystemSettingsService$.MODULE$.DefaultLdapPort();
        })), (String) ldap.bindDN().getOrElse(() -> {
            return "";
        }), (String) ldap.bindPassword().getOrElse(() -> {
            return "";
        }), BoxesRunTime.unboxToBoolean(ldap.tls().getOrElse(() -> {
            return false;
        })), BoxesRunTime.unboxToBoolean(ldap.ssl().getOrElse(() -> {
            return false;
        })), (String) ldap.keystore().getOrElse(() -> {
            return "";
        }), "System LDAP authentication failed.", lDAPConnection -> {
            Either<String, LDAPUtil.LDAPUserInfo> apply;
            Some findUser = MODULE$.findUser(lDAPConnection, str, ldap.baseDN(), ldap.userNameAttribute(), ldap.additionalFilterCondition());
            if (findUser instanceof Some) {
                apply = MODULE$.userAuthentication(ldap, (String) findUser.value(), str, str2);
            } else {
                if (!None$.MODULE$.equals(findUser)) {
                    throw new MatchError(findUser);
                }
                apply = package$.MODULE$.Left().apply("User does not exist.");
            }
            return apply;
        });
    }

    private Either<String, LDAPUtil.LDAPUserInfo> userAuthentication(SystemSettingsService.Ldap ldap, String str, String str2, String str3) {
        return bind(ldap.host(), BoxesRunTime.unboxToInt(ldap.port().getOrElse(() -> {
            return SystemSettingsService$.MODULE$.DefaultLdapPort();
        })), str, str3, BoxesRunTime.unboxToBoolean(ldap.tls().getOrElse(() -> {
            return false;
        })), BoxesRunTime.unboxToBoolean(ldap.ssl().getOrElse(() -> {
            return false;
        })), (String) ldap.keystore().getOrElse(() -> {
            return "";
        }), "User LDAP Authentication Failed.", lDAPConnection -> {
            Right apply;
            if (((String) ldap.mailAttribute().getOrElse(() -> {
                return "";
            })).isEmpty()) {
                return package$.MODULE$.Right().apply(new LDAPUtil.LDAPUserInfo(str2, (String) ldap.fullNameAttribute().flatMap(str4 -> {
                    return MODULE$.findFullName(lDAPConnection, str, ldap.userNameAttribute(), str2, str4);
                }).getOrElse(() -> {
                    return str2;
                }), MODULE$.createDummyMailAddress(str2)));
            }
            Some findMailAddress = MODULE$.findMailAddress(lDAPConnection, str, ldap.userNameAttribute(), str2, (String) ldap.mailAttribute().get());
            if (findMailAddress instanceof Some) {
                apply = package$.MODULE$.Right().apply(new LDAPUtil.LDAPUserInfo(MODULE$.getUserNameFromMailAddress(str2), (String) ldap.fullNameAttribute().flatMap(str5 -> {
                    return MODULE$.findFullName(lDAPConnection, str, ldap.userNameAttribute(), str2, str5);
                }).getOrElse(() -> {
                    return str2;
                }), (String) findMailAddress.value()));
            } else {
                if (!None$.MODULE$.equals(findMailAddress)) {
                    throw new MatchError(findMailAddress);
                }
                apply = package$.MODULE$.Left().apply("Can't find mail address.");
            }
            return apply;
        });
    }

    private String getUserNameFromMailAddress(String str) {
        int indexOf = str.indexOf(64);
        switch (indexOf) {
            default:
                return (indexOf >= 0 ? str.substring(0, indexOf) : str).replaceAll("[^a-zA-Z0-9\\-_.]", "").replaceAll("^[_\\-]", "");
        }
    }

    /* JADX WARN: Code restructure failed: missing block: B:11:?, code lost:
    
        throw r0;
     */
    /* JADX WARN: Type inference failed for: r0v16, types: [java.lang.Throwable, java.lang.Class] */
    /* JADX WARN: Type inference failed for: r0v3, types: [java.lang.Throwable, java.security.Provider] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private java.security.Provider getSslProvider() {
        /*
            r4 = this;
            r0 = r4
            java.util.concurrent.atomic.AtomicReference r0 = r0.provider()
            java.lang.Object r0 = r0.get()
            java.security.Provider r0 = (java.security.Provider) r0
            r5 = r0
            r0 = r5
            if (r0 != 0) goto L41
            java.lang.String r0 = "com.sun.net.ssl.internal.ssl.Provider"
            java.lang.Class r0 = java.lang.Class.forName(r0)     // Catch: java.lang.ClassNotFoundException -> L18 java.lang.Throwable -> L22
            goto L23
        L18:
            java.lang.String r0 = "com.ibm.jsse.IBMJSSEProvider"
            java.lang.Class r0 = java.lang.Class.forName(r0)
            goto L23
        L22:
            throw r0
        L23:
            r1 = 0
            java.lang.Class[] r1 = new java.lang.Class[r1]
            java.lang.reflect.Constructor r0 = r0.getDeclaredConstructor(r1)
            r1 = 0
            java.lang.Object[] r1 = new java.lang.Object[r1]
            java.lang.Object r0 = r0.newInstance(r1)
            java.security.Provider r0 = (java.security.Provider) r0
            r6 = r0
            r0 = r4
            java.util.concurrent.atomic.AtomicReference r0 = r0.provider()
            r1 = 0
            r2 = r6
            boolean r0 = r0.compareAndSet(r1, r2)
            r0 = r6
            return r0
        L41:
            r0 = r5
            return r0
        */
        throw new UnsupportedOperationException("Method not decompiled: gitbucket.core.util.LDAPUtil$.getSslProvider():java.security.Provider");
    }

    private <A> Either<String, A> bind(String str, int i, String str2, String str3, boolean z, boolean z2, String str4, String str5, Function1<LDAPConnection, Either<String, A>> function1) {
        if (z || z2) {
            Security.addProvider(getSslProvider());
            if (str4.compareTo("") != 0) {
                System.setProperty("javax.net.ssl.trustStore", str4);
            }
        }
        LDAPConnection lDAPConnection = z2 ? new LDAPConnection(new LDAPJSSESecureSocketFactory()) : new LDAPConnection(new LDAPJSSEStartTLSFactory());
        try {
            lDAPConnection.connect(str, i);
            if (z) {
                lDAPConnection.startTLS();
            }
            lDAPConnection.bind(LDAP_VERSION(), str2, str3.getBytes());
            return (Either) function1.apply(lDAPConnection);
        } catch (Exception e) {
            logger().info(String.valueOf(e));
            if (lDAPConnection.isConnected()) {
                lDAPConnection.disconnect();
            }
            return package$.MODULE$.Left().apply(str5);
        }
    }

    private Option<String> findUser(LDAPConnection lDAPConnection, String str, String str2, String str3, Option<String> option) {
        String str4 = (String) option.getOrElse(() -> {
            return "";
        });
        return getEntries$1(lDAPConnection.search(str2, 2, "".equals(str4) ? new StringBuilder(1).append(str3).append("=").append(str).toString() : new StringBuilder(8).append("(&(").append(str4).append(")(").append(str3).append("=").append(str).append("))").toString(), (String[]) null, false), Nil$.MODULE$).collectFirst(new LDAPUtil$$anonfun$findUser$2());
    }

    private Option<String> findMailAddress(LDAPConnection lDAPConnection, String str, String str2, String str3, String str4) {
        return (Option) SyntaxSugars$.MODULE$.defining(lDAPConnection.search(str, 0, new StringBuilder(1).append(str2).append("=").append(str3).toString(), new String[]{str4}, false), lDAPSearchResults -> {
            return lDAPSearchResults.hasMore() ? Option$.MODULE$.apply(lDAPSearchResults.next().getAttribute(str4)).map(lDAPAttribute -> {
                return lDAPAttribute.getStringValue();
            }) : None$.MODULE$;
        });
    }

    /* JADX INFO: Access modifiers changed from: private */
    public Option<String> findFullName(LDAPConnection lDAPConnection, String str, String str2, String str3, String str4) {
        return (Option) SyntaxSugars$.MODULE$.defining(lDAPConnection.search(str, 0, new StringBuilder(1).append(str2).append("=").append(str3).toString(), new String[]{str4}, false), lDAPSearchResults -> {
            return lDAPSearchResults.hasMore() ? Option$.MODULE$.apply(lDAPSearchResults.next().getAttribute(str4)).map(lDAPAttribute -> {
                return lDAPAttribute.getStringValue();
            }) : None$.MODULE$;
        });
    }

    private static final Option liftedTree1$1(LDAPSearchResults lDAPSearchResults) {
        try {
            return Option$.MODULE$.apply(lDAPSearchResults.next());
        } catch (LDAPReferralException unused) {
            return None$.MODULE$;
        }
    }

    private final List getEntries$1(LDAPSearchResults lDAPSearchResults, List list) {
        while (lDAPSearchResults.hasMore()) {
            list = (List) list.$colon$plus(liftedTree1$1(lDAPSearchResults));
            lDAPSearchResults = lDAPSearchResults;
        }
        return (List) list.flatten(Predef$.MODULE$.$conforms());
    }

    private LDAPUtil$() {
    }
}
