package org.gridgain.internal.security.ldap.client;

import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.naming.NamingException;
import org.apache.ignite.internal.util.StringUtils;
import org.gridgain.internal.security.ldap.LdapCatalog;
import org.gridgain.internal.security.ldap.LdapSearchParams;
import org.gridgain.internal.security.ldap.exception.LdapAuthenticationException;
import org.gridgain.lang.GridgainErrorGroups;

/* loaded from: input_file:org/gridgain/internal/security/ldap/client/LdapConnection.class */
public class LdapConnection implements AutoCloseable {
    private final LdapSearchParams usersSearch;
    private final LdapSearchParams groupsSearch;
    private final LdapCatalog catalog;
    private final String user;

    public LdapConnection(String str, LdapSearchParams ldapSearchParams, LdapSearchParams ldapSearchParams2, String str2, String str3) throws NamingException {
        this.usersSearch = ldapSearchParams;
        this.groupsSearch = ldapSearchParams2;
        this.user = str2;
        this.catalog = new LdapCatalog(str, defaultUserIdentifier(), str3);
    }

    public Set<String> groups() throws LdapAuthenticationException {
        return !StringUtils.nullOrBlank(this.usersSearch.attribute()) ? resolveGroupsFromUserDn() : resolveGroupsFromGroupDn();
    }

    private Set<String> resolveGroupsFromUserDn() throws LdapAuthenticationException {
        return new HashSet(extractUserAttribute(this.usersSearch.attribute()));
    }

    private Set<String> resolveGroupsFromGroupDn() throws LdapAuthenticationException {
        try {
            List<Map<String, List<String>>> search = this.catalog.search(this.groupsSearch.dn(), this.groupsSearch.filter().resolve(extractUserIdentifier()), this.groupsSearch.scope(), new String[0]);
            HashSet hashSet = new HashSet();
            Iterator<Map<String, List<String>>> it = search.iterator();
            while (it.hasNext()) {
                List<String> list = it.next().get("cn");
                if (list != null) {
                    hashSet.addAll(list);
                }
            }
            return hashSet;
        } catch (NamingException e) {
            throw new LdapAuthenticationException(GridgainErrorGroups.Ldap.LDAP_SEARCH_REQUEST_ERR, "Ldap search request failed.", e);
        }
    }

    private String extractUserIdentifier() throws LdapAuthenticationException {
        String attribute = this.groupsSearch.attribute();
        return !StringUtils.nullOrBlank(attribute) ? extractUserAttribute(attribute).get(0) : defaultUserIdentifier();
    }

    private String defaultUserIdentifier() {
        return "cn=" + this.user + "," + this.usersSearch.dn();
    }

    private List<String> extractUserAttribute(String str) throws LdapAuthenticationException {
        try {
            List<Map<String, List<String>>> search = this.catalog.search(this.usersSearch.dn(), this.usersSearch.filter().resolve(this.user), this.usersSearch.scope(), str);
            if (search.isEmpty()) {
                throw new LdapAuthenticationException(GridgainErrorGroups.Ldap.LDAP_USER_NOT_FOUND_ERR, "User not found.");
            }
            if (search.size() > 1) {
                throw new LdapAuthenticationException(GridgainErrorGroups.Ldap.LDAP_USER_NOT_FOUND_ERR, "Found more that one user with provided filter.");
            }
            return search.get(0).get(str);
        } catch (NamingException e) {
            throw new LdapAuthenticationException(GridgainErrorGroups.Ldap.LDAP_SEARCH_REQUEST_ERR, "Ldap search request failed.", e);
        }
    }

    @Override // java.lang.AutoCloseable
    public void close() throws NamingException {
        this.catalog.close();
    }
}
