package org.apache.ranger.ldapconfigcheck;

import java.io.PrintStream;
import java.util.HashMap;
import java.util.HashSet;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.naming.ldap.Control;
import javax.naming.ldap.LdapContext;
import javax.naming.ldap.PagedResultsControl;
import javax.naming.ldap.PagedResultsResponseControl;

/* loaded from: input_file:org/apache/ranger/ldapconfigcheck/UserSync.class */
public class UserSync {
    private static String[] userNameAttrValues = {"sAMAccountName", "uid", "cn"};
    private static String[] userObjClassValues = {"person", "posixAccount"};
    private static String[] userGroupMemAttrValues = {"memberOf", "ismemberOf"};
    private static String[] groupObjectClassValues = {"group", "groupOfNames", "posixGroup"};
    private static String[] groupNameAttrValues = {"distinguishedName", "cn"};
    private static String[] groupMemAttrValues = {"member", "memberUid"};
    private String userNameAttribute = null;
    private String userObjClassName = null;
    private String userGroupMemberName = null;
    private String groupMemberName = null;
    private String groupNameAttrName = null;
    private String groupObjClassName = null;
    private String groupSearchBase = null;
    private String groupSearchFilter = null;
    private String userSearchBase = null;
    private String userSearchFilter = null;
    private String searchBase = null;
    private String groupName = null;
    private PrintStream logFile;
    private PrintStream ambariProps;
    private PrintStream installProps;
    private LdapConfig config;

    public String getUserNameAttribute() {
        return this.userNameAttribute;
    }

    public String getUserObjClassName() {
        return this.userObjClassName;
    }

    public String getUserGroupMemberName() {
        return this.userGroupMemberName;
    }

    public String getGroupMemberName() {
        return this.groupMemberName;
    }

    public String getGroupNameAttrName() {
        return this.groupNameAttrName;
    }

    public String getGroupObjClassName() {
        return this.groupObjClassName;
    }

    public String getGroupSearchBase() {
        return this.groupSearchBase;
    }

    public String getUserSearchBase() {
        return this.userSearchBase;
    }

    public String getSearchBase() {
        return this.searchBase;
    }

    public UserSync(LdapConfig ldapConfig, PrintStream printStream, PrintStream printStream2, PrintStream printStream3) {
        this.logFile = null;
        this.ambariProps = null;
        this.installProps = null;
        this.config = null;
        this.config = ldapConfig;
        this.logFile = printStream;
        this.ambariProps = printStream2;
        this.installProps = printStream3;
        initUserSync();
    }

    private void initUserSync() {
        try {
            String ldapBindDn = this.config.getLdapBindDn();
            this.userObjClassName = this.config.getUserObjectClass();
            this.userNameAttribute = this.config.getUserNameAttribute();
            this.userGroupMemberName = this.config.getUserGroupNameAttribute();
            this.userSearchBase = this.config.getUserSearchBase();
            this.userSearchFilter = this.config.getUserSearchFilter();
            this.groupObjClassName = this.config.getGroupObjectClass();
            this.groupNameAttrName = this.config.getGroupNameAttribute();
            this.groupMemberName = this.config.getUserGroupMemberAttributeName();
            this.groupSearchBase = this.config.getGroupSearchBase();
            this.groupSearchFilter = this.config.getGroupSearchFilter();
            if (ldapBindDn.contains("@")) {
                this.searchBase = ldapBindDn.substring(ldapBindDn.indexOf("@") + 1);
                this.searchBase = "dc=".concat(this.searchBase);
                this.searchBase = this.searchBase.replaceAll("\\.", ",dc=");
            } else {
                this.searchBase = ldapBindDn.substring(ldapBindDn.toLowerCase().indexOf("dc="));
            }
        } catch (Throwable th) {
            this.logFile.println("ERROR: Failed to initialize the user sync properties " + th);
        }
    }

    public void findUserProperties(LdapContext ldapContext) throws Throwable {
        findBasicUserProperties(ldapContext, true);
        findAdvUserProperties(ldapContext, true);
    }

    /* JADX WARN: Code restructure failed: missing block: B:168:0x0055, code lost:
    
        if (r11.isEmpty() != false) goto L7;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private void findBasicUserProperties(javax.naming.ldap.LdapContext r7, boolean r8) throws java.lang.Throwable {
        /*
            Method dump skipped, instructions count: 1277
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.apache.ranger.ldapconfigcheck.UserSync.findBasicUserProperties(javax.naming.ldap.LdapContext, boolean):void");
    }

    private void findAdvUserProperties(LdapContext ldapContext, boolean z) throws Throwable {
        String substring;
        NamingEnumeration namingEnumeration = null;
        SearchControls searchControls = new SearchControls();
        searchControls.setSearchScope(this.config.getUserSearchScope());
        if (this.userNameAttribute == null || this.userNameAttribute.isEmpty()) {
            searchControls.setReturningAttributes(new String[]{"*", "+"});
        } else {
            HashSet hashSet = new HashSet();
            hashSet.add(this.userNameAttribute);
            hashSet.add(this.userGroupMemberName);
            hashSet.add("distinguishedName");
            searchControls.setReturningAttributes((String[]) hashSet.toArray(new String[hashSet.size()]));
        }
        String str = "(objectclass=" + this.userObjClassName + ")";
        try {
            try {
                HashMap hashMap = new HashMap();
                namingEnumeration = (this.userSearchBase == null || this.userSearchBase.isEmpty()) ? ldapContext.search(this.searchBase, str, searchControls) : ldapContext.search(this.userSearchBase, str, searchControls);
                int i = 0;
                while (namingEnumeration.hasMore() && i < 20) {
                    SearchResult searchResult = (SearchResult) namingEnumeration.next();
                    if (searchResult == null) {
                        this.logFile.println("WARN: userEntry null");
                    } else {
                        Attributes attributes = searchResult.getAttributes();
                        if (attributes == null) {
                            this.logFile.println("WARN: Attributes missing for entry " + searchResult.getNameInNamespace());
                        } else {
                            Attribute attribute = attributes.get("distinguishedName");
                            if (attribute != null) {
                                String obj = attribute.get().toString();
                                int indexOf = obj.indexOf("OU=");
                                substring = indexOf > 0 ? obj.substring(indexOf) : obj.substring(obj.indexOf(",") + 1);
                            } else {
                                String nameInNamespace = searchResult.getNameInNamespace();
                                substring = nameInNamespace.substring(nameInNamespace.indexOf(",") + 1);
                            }
                            Integer num = (Integer) hashMap.get(substring);
                            if (num == null) {
                                num = 0;
                            }
                            hashMap.put(substring, Integer.valueOf(num.intValue() + 1));
                            i++;
                        }
                    }
                }
                if (!hashMap.isEmpty()) {
                    int i2 = 0;
                    for (String str2 : hashMap.keySet()) {
                        int intValue = ((Integer) hashMap.get(str2)).intValue();
                        this.logFile.println("INFO: No. of users from " + str2 + " = " + intValue);
                        if (intValue > i2) {
                            i2 = intValue;
                            this.userSearchBase = str2;
                        }
                    }
                }
                if (this.userSearchFilter == null || this.userSearchFilter.isEmpty()) {
                    this.userSearchFilter = this.userNameAttribute + "=*";
                }
                if (z) {
                    this.installProps.println("SYNC_LDAP_USER_SEARCH_BASE=" + this.userSearchBase);
                    this.installProps.println("SYNC_LDAP_USER_SEARCH_FILTER=" + this.userSearchFilter);
                    this.ambariProps.println("ranger.usersync.ldap.user.searchbase=" + this.userSearchBase);
                    this.ambariProps.println("ranger.usersync.ldap.user.searchfilter=" + this.userSearchFilter);
                }
            } catch (NamingException e) {
                if ((this.config.getUserNameAttribute() != null && !this.config.getUserNameAttribute().isEmpty()) || ((this.config.getUserObjectClass() != null && !this.config.getUserObjectClass().isEmpty()) || (this.config.getGroupNameAttribute() != null && !this.config.getGroupNameAttribute().isEmpty()))) {
                    throw new Exception("Please verify values for ranger.usersync.ldap.user.nameattribute, ranger.usersync.ldap.user.objectclass, andranger.usersync.ldap.user.groupnameattribute");
                }
                throw new Exception("Exception occured while discovering user properties:\nranger.usersync.ldap.user.searchbase\nranger.usersync.ldap.user.searchfilter\n" + e);
            }
        } finally {
            if (namingEnumeration != null) {
                namingEnumeration.close();
            }
        }
    }

    public void getAllUsers(LdapContext ldapContext) throws Throwable {
        String obj;
        int i = 0;
        Attribute attribute = null;
        NamingEnumeration namingEnumeration = null;
        SearchControls searchControls = new SearchControls();
        searchControls.setSearchScope(this.config.getUserSearchScope());
        HashSet hashSet = new HashSet();
        if (this.userNameAttribute != null) {
            hashSet.add(this.userNameAttribute);
        }
        if (this.userGroupMemberName != null) {
            hashSet.add(this.userGroupMemberName);
        }
        if (hashSet.size() > 0) {
            searchControls.setReturningAttributes((String[]) hashSet.toArray(new String[hashSet.size()]));
        } else {
            searchControls.setReturningAttributes(new String[]{"*", "+"});
        }
        String str = "(objectclass=" + this.userObjClassName + ")";
        if (this.userSearchFilter != null && !this.userSearchFilter.trim().isEmpty()) {
            String trim = this.userSearchFilter.trim();
            if (!trim.startsWith("(")) {
                trim = "(" + trim + ")";
            }
            str = "(&" + str + trim + ")";
        }
        byte[] bArr = null;
        this.logFile.println();
        this.logFile.println("INFO: First 20 Users and associated groups are:");
        do {
            try {
                try {
                    namingEnumeration = ldapContext.search(this.userSearchBase, str, searchControls);
                    while (namingEnumeration.hasMore()) {
                        SearchResult searchResult = (SearchResult) namingEnumeration.next();
                        if (searchResult == null) {
                            this.logFile.println("WARN: userEntry null");
                        } else {
                            Attributes attributes = searchResult.getAttributes();
                            if (attributes == null) {
                                this.logFile.println("WARN: Attributes missing for entry " + searchResult.getNameInNamespace());
                            } else if (this.userNameAttribute == null || this.userNameAttribute.isEmpty()) {
                                int i2 = 0;
                                while (true) {
                                    if (i2 >= userNameAttrValues.length) {
                                        break;
                                    }
                                    attribute = attributes.get(userNameAttrValues[i2]);
                                    if (attribute != null) {
                                        this.userNameAttribute = userNameAttrValues[i2];
                                        break;
                                    }
                                    i2++;
                                }
                                if (attribute == null) {
                                    this.logFile.print("WARN: Failed to find any of ( ");
                                    for (int i3 = 0; i3 < userNameAttrValues.length; i3++) {
                                        this.logFile.print(userNameAttrValues[i3] + " ");
                                    }
                                    this.logFile.println(") for entry " + searchResult.getNameInNamespace());
                                } else {
                                    obj = attribute.get().toString();
                                    if (obj != null || obj.trim().isEmpty()) {
                                        this.logFile.println("WARN: " + this.userNameAttribute + " empty for entry " + searchResult.getNameInNamespace());
                                    } else {
                                        String lowerCase = obj.toLowerCase();
                                        HashSet hashSet2 = new HashSet();
                                        Attribute attribute2 = attributes.get(this.userGroupMemberName);
                                        if (attribute2 != null) {
                                            NamingEnumeration all = attribute2.getAll();
                                            while (all.hasMore()) {
                                                String obj2 = all.next().toString();
                                                hashSet2.add(obj2);
                                                if (this.groupName == null || this.groupName.isEmpty()) {
                                                    this.groupName = obj2;
                                                }
                                            }
                                        }
                                        if (i < 20) {
                                            this.logFile.println("Username: " + lowerCase + ", Groups: " + hashSet2);
                                        }
                                        i++;
                                    }
                                }
                            } else {
                                attribute = attributes.get(this.userNameAttribute);
                                if (attribute == null) {
                                    this.logFile.println("WARN: Failed to find " + this.userNameAttribute + " for entry " + searchResult.getNameInNamespace());
                                } else {
                                    obj = attribute.get().toString();
                                    if (obj != null) {
                                    }
                                    this.logFile.println("WARN: " + this.userNameAttribute + " empty for entry " + searchResult.getNameInNamespace());
                                }
                            }
                        }
                    }
                    PagedResultsResponseControl[] responseControls = ldapContext.getResponseControls();
                    if (responseControls != null) {
                        for (int i4 = 0; i4 < responseControls.length; i4++) {
                            if (responseControls[i4] instanceof PagedResultsResponseControl) {
                                bArr = responseControls[i4].getCookie();
                            }
                        }
                    } else {
                        this.logFile.println("WARN: No controls were sent from the server");
                    }
                    if (this.config.isPagedResultsEnabled()) {
                        ldapContext.setRequestControls(new Control[]{new PagedResultsControl(this.config.getPagedResultsSize(), bArr, true)});
                    }
                } catch (NamingException e) {
                    if ((this.config.getUserNameAttribute() != null && !this.config.getUserNameAttribute().isEmpty()) || ((this.config.getUserObjectClass() != null && !this.config.getUserObjectClass().isEmpty()) || ((this.config.getGroupNameAttribute() != null && !this.config.getGroupNameAttribute().isEmpty()) || ((this.config.getUserSearchBase() != null && !this.config.getUserSearchBase().isEmpty()) || (this.config.getUserSearchFilter() != null && !this.config.getUserSearchFilter().isEmpty()))))) {
                        throw new Exception("Please verify values for:\n ranger.usersync.ldap.user.nameattribute\n ranger.usersync.ldap.user.objectclass\nranger.usersync.ldap.user.groupnameattribute\nranger.usersync.ldap.user.searchbase\nranger.usersync.ldap.user.searchfilter\n");
                    }
                    throw new Exception("Exception occured while retreiving users\n" + e);
                }
            } catch (Throwable th) {
                if (namingEnumeration != null) {
                    namingEnumeration.close();
                }
                throw th;
            }
        } while (bArr != null);
        this.logFile.println("\nINFO: Total no. of users = " + i);
        if (namingEnumeration != null) {
            namingEnumeration.close();
        }
    }

    public void findGroupProperties(LdapContext ldapContext) throws Throwable {
        if (this.groupName == null || this.groupName.isEmpty()) {
            findBasicUserProperties(ldapContext, false);
        }
        if (this.groupName == null || this.groupName.isEmpty()) {
            findAdvUserProperties(ldapContext, false);
        }
        findBasicGroupProperties(ldapContext);
        findAdvGroupProperties(ldapContext);
    }

    private void findBasicGroupProperties(LdapContext ldapContext) throws Throwable {
        NamingEnumeration namingEnumeration = null;
        SearchControls searchControls = new SearchControls();
        searchControls.setSearchScope(this.config.getGroupSearchScope());
        try {
            if (this.groupName == null || this.groupName.isEmpty()) {
                namingEnumeration = ldapContext.search(this.searchBase, (Attributes) null);
            } else {
                int indexOf = this.groupName.indexOf(",");
                namingEnumeration = ldapContext.search(this.groupName.substring(indexOf + 1), this.groupName.substring(0, indexOf), searchControls);
            }
            int i = 0;
            while (namingEnumeration.hasMore() && i < 1) {
                SearchResult searchResult = (SearchResult) namingEnumeration.next();
                if (searchResult != null) {
                    Attributes attributes = searchResult.getAttributes();
                    if (attributes == null) {
                        this.logFile.println("WARN: Attributes missing for entry " + searchResult.getNameInNamespace());
                    } else {
                        Attribute attribute = attributes.get("objectClass");
                        if (attribute != null) {
                            NamingEnumeration all = attribute.getAll();
                            while (all.hasMore()) {
                                String obj = all.next().toString();
                                int i2 = 0;
                                while (true) {
                                    if (i2 >= groupObjectClassValues.length) {
                                        break;
                                    }
                                    if (obj.equalsIgnoreCase(groupObjectClassValues[i2])) {
                                        this.groupObjClassName = obj;
                                        break;
                                    }
                                    i2++;
                                }
                            }
                            if (this.groupNameAttrName == null || this.groupNameAttrName.isEmpty()) {
                                int i3 = 0;
                                while (true) {
                                    if (i3 >= groupNameAttrValues.length) {
                                        break;
                                    }
                                    if (attributes.get(groupNameAttrValues[i3]) != null) {
                                        this.groupNameAttrName = groupNameAttrValues[i3];
                                        break;
                                    }
                                    i3++;
                                }
                            }
                            int i4 = 0;
                            while (true) {
                                if (i4 >= groupMemAttrValues.length) {
                                    break;
                                }
                                if (attributes.get(groupMemAttrValues[i4]) != null) {
                                    this.groupMemberName = groupMemAttrValues[i4];
                                    break;
                                }
                                i4++;
                            }
                            i++;
                        } else {
                            this.logFile.println("WARN: Failed to find group objectClass attribute for " + searchResult.getNameInNamespace());
                        }
                    }
                }
            }
            this.installProps.println("\n# Possible values for group search related properties:");
            this.installProps.println("SYNC_GROUP_MEMBER_ATTRIBUTE_NAME=" + this.groupMemberName);
            this.installProps.println("SYNC_GROUP_NAME_ATTRIBUTE=" + this.groupNameAttrName);
            this.installProps.println("SYNC_GROUP_OBJECT_CLASS=" + this.groupObjClassName);
            this.ambariProps.println("\n# Possible values for group search related properties:");
            this.ambariProps.println("ranger.usersync.group.memberattributename=" + this.groupMemberName);
            this.ambariProps.println("ranger.usersync.group.nameattribute=" + this.groupNameAttrName);
            this.ambariProps.println("ranger.usersync.group.objectclass=" + this.groupObjClassName);
            if (namingEnumeration != null) {
                namingEnumeration.close();
            }
        } catch (Throwable th) {
            if (namingEnumeration != null) {
                namingEnumeration.close();
            }
            throw th;
        }
    }

    private void findAdvGroupProperties(LdapContext ldapContext) throws Throwable {
        String substring;
        int i = 0;
        NamingEnumeration namingEnumeration = null;
        SearchControls searchControls = new SearchControls();
        searchControls.setSearchScope(this.config.getGroupSearchScope());
        HashSet hashSet = new HashSet();
        hashSet.add(this.groupNameAttrName);
        hashSet.add(this.groupMemberName);
        hashSet.add("distinguishedName");
        searchControls.setReturningAttributes((String[]) hashSet.toArray(new String[hashSet.size()]));
        String str = "(objectclass=" + this.groupObjClassName + ")";
        try {
            HashMap hashMap = new HashMap();
            namingEnumeration = (this.groupSearchBase == null || this.groupSearchBase.isEmpty()) ? ldapContext.search(this.searchBase, str, searchControls) : ldapContext.search(this.groupSearchBase, str, searchControls);
            while (namingEnumeration.hasMore() && i < 20) {
                SearchResult searchResult = (SearchResult) namingEnumeration.next();
                if (searchResult != null) {
                    Attributes attributes = searchResult.getAttributes();
                    if (attributes == null) {
                        this.logFile.println("WARN: Attributes missing for entry " + searchResult.getNameInNamespace());
                    } else {
                        Attribute attribute = attributes.get("distinguishedName");
                        if (attribute != null) {
                            String obj = attribute.get().toString();
                            int indexOf = obj.indexOf("OU=");
                            substring = indexOf > 0 ? obj.substring(indexOf) : obj.substring(obj.indexOf(",") + 1);
                        } else {
                            String nameInNamespace = searchResult.getNameInNamespace();
                            substring = nameInNamespace.substring(nameInNamespace.indexOf(",") + 1);
                        }
                        Integer num = (Integer) hashMap.get(substring);
                        if (num == null) {
                            num = 0;
                        }
                        hashMap.put(substring, Integer.valueOf(num.intValue() + 1));
                        i++;
                    }
                }
            }
            if (!hashMap.isEmpty()) {
                int i2 = 0;
                for (String str2 : hashMap.keySet()) {
                    int intValue = ((Integer) hashMap.get(str2)).intValue();
                    this.logFile.println("INFO: No. of groups from " + str2 + " = " + intValue);
                    if (intValue > i2) {
                        i2 = intValue;
                        this.groupSearchBase = str2;
                    }
                }
            }
            if (this.groupSearchFilter == null || this.groupSearchFilter.isEmpty()) {
                this.groupSearchFilter = this.groupNameAttrName + "=*";
            }
            this.installProps.println("SYNC_GROUP_SEARCH_BASE=" + this.groupSearchBase);
            this.installProps.println("SYNC_LDAP_GROUP_SEARCH_FILTER=" + this.groupSearchFilter);
            this.ambariProps.println("ranger.usersync.group.searchbase=" + this.groupSearchBase);
            this.ambariProps.println("ranger.usersync.group.searchfilter=" + this.groupSearchFilter);
            if (namingEnumeration != null) {
                namingEnumeration.close();
            }
        } catch (Throwable th) {
            if (namingEnumeration != null) {
                namingEnumeration.close();
            }
            throw th;
        }
    }

    public void getAllGroups(LdapContext ldapContext) throws Throwable {
        int i = 0;
        NamingEnumeration namingEnumeration = null;
        SearchControls searchControls = new SearchControls();
        searchControls.setSearchScope(this.config.getGroupSearchScope());
        HashSet hashSet = new HashSet();
        hashSet.add(this.groupNameAttrName);
        hashSet.add(this.groupMemberName);
        hashSet.add("distinguishedName");
        searchControls.setReturningAttributes((String[]) hashSet.toArray(new String[hashSet.size()]));
        String str = "(objectclass=" + this.groupObjClassName + ")";
        if (this.groupSearchFilter != null && !this.groupSearchFilter.trim().isEmpty()) {
            String trim = this.groupSearchFilter.trim();
            if (!trim.startsWith("(")) {
                trim = "(" + trim + ")";
            }
            str = "(&" + str + trim + ")";
        }
        try {
            try {
                namingEnumeration = ldapContext.search(this.groupSearchBase, str, searchControls);
                this.logFile.println("\nINFO: First 20 Groups and associated Users are:");
                while (namingEnumeration.hasMore()) {
                    SearchResult searchResult = (SearchResult) namingEnumeration.next();
                    if (searchResult != null) {
                        Attributes attributes = searchResult.getAttributes();
                        if (attributes == null) {
                            this.logFile.println("WARN: Attributes missing for entry " + searchResult.getNameInNamespace());
                        } else {
                            Attribute attribute = attributes.get(this.groupMemberName);
                            HashSet hashSet2 = new HashSet();
                            if (attribute != null) {
                                NamingEnumeration all = attribute.getAll();
                                while (all.hasMore()) {
                                    hashSet2.add(all.next().toString());
                                }
                            }
                            Attribute attribute2 = attributes.get(this.groupNameAttrName);
                            if (i < 20) {
                                this.logFile.println("Group name: " + attribute2.get().toString() + ", Users: " + hashSet2);
                            }
                            i++;
                        }
                    }
                }
                this.logFile.println("\nINFO: Total no. of groups = " + i);
                if (namingEnumeration != null) {
                    namingEnumeration.close();
                }
            } catch (NamingException e) {
                if ((this.config.getGroupNameAttribute() != null && !this.config.getGroupNameAttribute().isEmpty()) || ((this.config.getGroupObjectClass() != null && !this.config.getGroupObjectClass().isEmpty()) || ((this.config.getUserGroupMemberAttributeName() != null && !this.config.getUserGroupMemberAttributeName().isEmpty()) || ((this.config.getGroupSearchBase() != null && !this.config.getGroupSearchBase().isEmpty()) || (this.config.getGroupSearchFilter() != null && !this.config.getGroupSearchFilter().isEmpty()))))) {
                    throw new Exception("Please verify values for:\n ranger.usersync.group.memberattributename\n ranger.usersync.group.nameattribute\nranger.usersync.group.objectclass\nranger.usersync.group.searchbase\nranger.usersync.group.searchfilter\n");
                }
                throw new Exception("Exception occured while retreiving groups\n" + e);
            }
        } catch (Throwable th) {
            if (namingEnumeration != null) {
                namingEnumeration.close();
            }
            throw th;
        }
    }
}
