package org.apache.directory.server.kerberos.shared.store.operations;

import java.util.Properties;
import javax.naming.CompoundName;
import javax.naming.Name;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.DirContext;
import javax.naming.directory.SearchResult;
import javax.security.auth.kerberos.KerberosKey;
import javax.security.auth.kerberos.KerberosPrincipal;
import org.apache.directory.server.protocol.shared.store.ContextOperation;
import org.apache.directory.shared.ldap.message.LockableAttributeImpl;
import org.apache.directory.shared.ldap.message.LockableAttributesImpl;
import org.apache.directory.shared.ldap.message.ModificationItemImpl;

/* loaded from: input_file:WEB-INF/lib/apacheds-kerberos-shared-1.0.2.jar:org/apache/directory/server/kerberos/shared/store/operations/ChangePassword.class */
public class ChangePassword implements ContextOperation {
    private static final long serialVersionUID = -7147685183641418353L;
    protected KerberosPrincipal principal;
    protected KerberosKey newKey;

    public ChangePassword(KerberosPrincipal kerberosPrincipal, KerberosKey kerberosKey) {
        this.principal = kerberosPrincipal;
        this.newKey = kerberosKey;
    }

    @Override // org.apache.directory.server.protocol.shared.store.ContextOperation
    public Object execute(DirContext dirContext, Name name) {
        if (this.principal == null) {
            return null;
        }
        ModificationItemImpl[] modificationItemImplArr = {new ModificationItemImpl(2, new LockableAttributeImpl("krb5key", this.newKey.getEncoded()))};
        try {
            String search = search(dirContext, this.principal.getName());
            dirContext.modifyAttributes(getRelativeName(dirContext.getNameInNamespace(), search), modificationItemImplArr);
            return search;
        } catch (NamingException e) {
            return null;
        }
    }

    private String search(DirContext dirContext, String str) throws NamingException {
        SearchResult searchResult;
        LockableAttributesImpl lockableAttributesImpl = new LockableAttributesImpl(false);
        lockableAttributesImpl.put(new LockableAttributeImpl("krb5PrincipalName", str));
        NamingEnumeration search = dirContext.search("", lockableAttributesImpl, new String[]{"krb5PrincipalName", "krb5KeyVersionNumber", "krb5EncryptionType", "krb5Key"});
        if (!search.hasMore() || (searchResult = (SearchResult) search.next()) == null) {
            return null;
        }
        return searchResult.getName();
    }

    private Name getRelativeName(String str, String str2) throws NamingException {
        Properties properties = new Properties();
        properties.setProperty("jndi.syntax.direction", "right_to_left");
        properties.setProperty("jndi.syntax.separator", ",");
        properties.setProperty("jndi.syntax.ignorecase", "true");
        properties.setProperty("jndi.syntax.trimblanks", "true");
        CompoundName compoundName = new CompoundName(str, properties);
        CompoundName compoundName2 = new CompoundName(str2, properties);
        if (!compoundName2.startsWith(compoundName)) {
            throw new NamingException(new StringBuffer().append("Invalid search base ").append(str2).toString());
        }
        for (int i = 0; i < compoundName.size(); i++) {
            compoundName2.remove(0);
        }
        return compoundName2;
    }
}
