package com.atlassian.jira.web.action.util;

import com.atlassian.jira.jelly.tag.projectroles.ProjectRoleTagSupport;
import com.atlassian.jira.util.BuildUtilsInfo;
import com.atlassian.jira.util.dbc.Assertions;
import com.atlassian.jira.web.action.JiraWebActionSupport;
import com.opensymphony.util.TextUtils;
import java.util.Properties;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;

/* loaded from: input_file:com/atlassian/jira/web/action/util/LDAPConfigurer.class */
public class LDAPConfigurer extends JiraWebActionSupport {
    private String host = "ldap://localhost:389";
    private String baseDN = "ou=Users,dc=example,dc=com";
    private String searchAttribute = "uid";
    private String bindDN = "";
    private String bindPassword = "secret";
    private String userName = getRemoteUser().getName();
    private String userPassword;
    private final BuildUtilsInfo buildUtilsInfo;

    public LDAPConfigurer(BuildUtilsInfo buildUtilsInfo) {
        this.buildUtilsInfo = (BuildUtilsInfo) Assertions.notNull("buildUtilsInfo", buildUtilsInfo);
    }

    public String getHost() {
        return this.host;
    }

    public void setHost(String str) {
        this.host = str;
    }

    public String getBaseDN() {
        return this.baseDN;
    }

    public void setBaseDN(String str) {
        this.baseDN = str;
    }

    public String getSearchAttribute() {
        return this.searchAttribute;
    }

    public void setSearchAttribute(String str) {
        this.searchAttribute = str;
    }

    public String getBindDN() {
        return this.bindDN;
    }

    public void setBindDN(String str) {
        this.bindDN = str;
    }

    public boolean isAuthenticatedSearch() {
        return (this.bindDN == null || "".equals(this.bindDN)) ? false : true;
    }

    public String getBindPassword() {
        return this.bindPassword;
    }

    public void setBindPassword(String str) {
        this.bindPassword = str;
    }

    public String getUserName() {
        return this.userName;
    }

    public void setUserName(String str) {
        this.userName = str;
    }

    public String getUserPassword() {
        return this.userPassword;
    }

    public void setUserPassword(String str) {
        this.userPassword = str;
    }

    protected void doValidation() {
        String ldapAuthenticate;
        if (!TextUtils.stringSet(getHost())) {
            addErrorMessage(getText("admin.errors.set.ldap.host"));
        }
        if (!TextUtils.stringSet(getBaseDN())) {
            addErrorMessage(getText("admin.errors.set.base.dn"));
        }
        if (!TextUtils.stringSet(getSearchAttribute())) {
            addErrorMessage(getText("admin.errors.set.user.login.name"));
        }
        if (!TextUtils.stringSet(getUserName())) {
            addErrorMessage(getText("admin.errors.set.sample.user"));
        }
        if (getHasErrors() || (ldapAuthenticate = ldapAuthenticate()) == null) {
            return;
        }
        addErrorMessage(ldapAuthenticate);
    }

    private String ldapAuthenticate() {
        Properties properties = new Properties();
        properties.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
        properties.put("java.naming.provider.url", this.host);
        boolean z = true;
        if (TextUtils.stringSet(this.bindDN)) {
            z = false;
            properties.put("java.naming.security.principal", this.bindDN);
            properties.put("java.naming.security.credentials", this.bindPassword);
        }
        try {
            InitialDirContext initialDirContext = new InitialDirContext(properties);
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append(this.searchAttribute);
            stringBuffer.append("=");
            stringBuffer.append(this.userName);
            String[] strArr = {this.searchAttribute};
            SearchControls searchControls = new SearchControls();
            searchControls.setReturningAttributes(strArr);
            searchControls.setSearchScope(2);
            try {
                NamingEnumeration search = initialDirContext.search(this.baseDN, stringBuffer.toString(), searchControls);
                StringBuffer stringBuffer2 = new StringBuffer();
                if (search != null) {
                    try {
                        if (search.hasMore()) {
                            int i = (-1) + 1;
                            try {
                                stringBuffer2.append(((SearchResult) search.next()).getName());
                                stringBuffer2.append(ProjectRoleTagSupport.DELIMITER);
                                stringBuffer2.append(this.baseDN);
                                try {
                                    initialDirContext.removeFromEnvironment("java.naming.security.principal");
                                    initialDirContext.removeFromEnvironment("java.naming.security.credentials");
                                    initialDirContext.addToEnvironment("java.naming.security.principal", stringBuffer2.toString());
                                    initialDirContext.addToEnvironment("java.naming.security.credentials", this.userPassword);
                                    SearchControls searchControls2 = new SearchControls();
                                    searchControls2.setReturningAttributes(new String[0]);
                                    searchControls2.setSearchScope(0);
                                    try {
                                        initialDirContext.search(stringBuffer2.toString(), stringBuffer.toString(), searchControls2);
                                        return null;
                                    } catch (NamingException e) {
                                        this.log.info(e, e);
                                        return "Initial connect and search successful, but second phase connection to LDAP as '" + ((Object) stringBuffer2) + "' failed (error: " + getErrMsg(e) + ". More in logs)";
                                    }
                                } catch (NamingException e2) {
                                    this.log.info(e2, e2);
                                    return "Connected and searched LDAP, but encountered unexpected error when switching authentication details. More in logs)";
                                }
                            } catch (NamingException e3) {
                                return "Connected, but could not read " + (i == 0 ? "first record" : "record " + i) + " in search results (error: " + getErrMsg(e3) + ". More in logs)";
                            }
                        }
                    } catch (NamingException e4) {
                        this.log.info(e4, e4);
                        return "Connected but encountered error checking if LDAP had more results. (error: " + getErrMsg(e4) + ". More in logs)";
                    }
                }
                return "Connected, but could not find any LDAP records where '" + ((Object) stringBuffer) + "' below " + this.baseDN;
            } catch (NamingException e5) {
                this.log.info(e5, e5);
                return "Connected to LDAP, but could not perform " + (z ? "anonymous" : "authenticated") + " search from base '" + this.baseDN + "' (error: " + getErrMsg(e5) + ". More in logs)";
            }
        } catch (NamingException e6) {
            this.log.info(e6, e6);
            return getText("admin.errors.could.not.connect.to.ldap") + " (error: " + getErrMsg(e6) + ". More in logs)";
        }
    }

    private String getErrMsg(NamingException namingException) {
        return namingException.getRootCause() == null ? namingException.toString() : namingException.getMessage();
    }

    public String doExecute() throws Exception {
        return invalidInput() ? "error" : "success";
    }

    public String getBuildVersion() {
        return this.buildUtilsInfo.getVersion();
    }
}
