package org.springframework.ldap.core.support;

import java.io.IOException;
import java.lang.reflect.InvocationHandler;
import java.lang.reflect.Method;
import java.lang.reflect.Proxy;
import java.util.Hashtable;
import javax.naming.NamingException;
import javax.naming.directory.DirContext;
import javax.naming.ldap.LdapContext;
import javax.naming.ldap.StartTlsRequest;
import javax.naming.ldap.StartTlsResponse;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLSocketFactory;
import org.springframework.ldap.UncategorizedLdapException;
import org.springframework.ldap.core.DirContextProxy;
import org.springframework.ldap.support.LdapUtils;

/* loaded from: input_file:WEB-INF/lib/spring-ldap-core-1.3.2.RELEASE.jar:org/springframework/ldap/core/support/AbstractTlsDirContextAuthenticationStrategy.class */
public abstract class AbstractTlsDirContextAuthenticationStrategy implements DirContextAuthenticationStrategy {
    private HostnameVerifier hostnameVerifier;
    private boolean shutdownTlsGracefully = false;
    private SSLSocketFactory sslSocketFactory;
    static Class class$org$springframework$ldap$core$DirContextProxy;
    static Class class$javax$naming$ldap$LdapContext;

    /* loaded from: input_file:WEB-INF/lib/spring-ldap-core-1.3.2.RELEASE.jar:org/springframework/ldap/core/support/AbstractTlsDirContextAuthenticationStrategy$TlsAwareDirContextProxy.class */
    private static final class TlsAwareDirContextProxy implements DirContextProxy, InvocationHandler {
        private static final String GET_TARGET_CONTEXT_METHOD_NAME = "getTargetContext";
        private static final String CLOSE_METHOD_NAME = "close";
        private final LdapContext target;
        private final StartTlsResponse tlsResponse;

        public TlsAwareDirContextProxy(LdapContext ldapContext, StartTlsResponse startTlsResponse) {
            this.target = ldapContext;
            this.tlsResponse = startTlsResponse;
        }

        @Override // org.springframework.ldap.core.DirContextProxy
        public DirContext getTargetContext() {
            return this.target;
        }

        @Override // java.lang.reflect.InvocationHandler
        public Object invoke(Object obj, Method method, Object[] objArr) throws Throwable {
            if (!method.getName().equals(CLOSE_METHOD_NAME)) {
                return method.getName().equals(GET_TARGET_CONTEXT_METHOD_NAME) ? this.target : method.invoke(this.target, objArr);
            }
            this.tlsResponse.close();
            return method.invoke(this.target, objArr);
        }
    }

    public void setShutdownTlsGracefully(boolean z) {
        this.shutdownTlsGracefully = z;
    }

    public void setHostnameVerifier(HostnameVerifier hostnameVerifier) {
        this.hostnameVerifier = hostnameVerifier;
    }

    public void setSslSocketFactory(SSLSocketFactory sSLSocketFactory) {
        this.sslSocketFactory = sSLSocketFactory;
    }

    @Override // org.springframework.ldap.core.support.DirContextAuthenticationStrategy
    public final void setupEnvironment(Hashtable hashtable, String str, String str2) {
    }

    @Override // org.springframework.ldap.core.support.DirContextAuthenticationStrategy
    public final DirContext processContextAfterCreation(DirContext dirContext, String str, String str2) throws NamingException {
        Class cls;
        Class cls2;
        Class cls3;
        if (!(dirContext instanceof LdapContext)) {
            throw new IllegalArgumentException("Processed Context must be an LDAPv3 context, i.e. an LdapContext implementation");
        }
        LdapContext ldapContext = (LdapContext) dirContext;
        StartTlsResponse extendedOperation = ldapContext.extendedOperation(new StartTlsRequest());
        try {
            if (this.hostnameVerifier != null) {
                extendedOperation.setHostnameVerifier(this.hostnameVerifier);
            }
            extendedOperation.negotiate(this.sslSocketFactory);
            applyAuthentication(ldapContext, str, str2);
            if (!this.shutdownTlsGracefully) {
                return dirContext;
            }
            if (class$org$springframework$ldap$core$DirContextProxy == null) {
                cls = class$("org.springframework.ldap.core.DirContextProxy");
                class$org$springframework$ldap$core$DirContextProxy = cls;
            } else {
                cls = class$org$springframework$ldap$core$DirContextProxy;
            }
            ClassLoader classLoader = cls.getClassLoader();
            Class[] clsArr = new Class[2];
            if (class$javax$naming$ldap$LdapContext == null) {
                cls2 = class$("javax.naming.ldap.LdapContext");
                class$javax$naming$ldap$LdapContext = cls2;
            } else {
                cls2 = class$javax$naming$ldap$LdapContext;
            }
            clsArr[0] = cls2;
            if (class$org$springframework$ldap$core$DirContextProxy == null) {
                cls3 = class$("org.springframework.ldap.core.DirContextProxy");
                class$org$springframework$ldap$core$DirContextProxy = cls3;
            } else {
                cls3 = class$org$springframework$ldap$core$DirContextProxy;
            }
            clsArr[1] = cls3;
            return (DirContext) Proxy.newProxyInstance(classLoader, clsArr, new TlsAwareDirContextProxy(ldapContext, extendedOperation));
        } catch (IOException e) {
            LdapUtils.closeContext(dirContext);
            throw new UncategorizedLdapException("Failed to negotiate TLS session", e);
        }
    }

    protected abstract void applyAuthentication(LdapContext ldapContext, String str, String str2) throws NamingException;

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }
}
