package systems.dmx.ldap;

import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.util.Enumeration;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.apache.commons.lang3.BooleanUtils;
import org.apache.commons.lang3.StringUtils;

/* loaded from: input_file:systems/dmx/ldap/Configuration.class */
public class Configuration {
    private static final Logger logger = Logger.getLogger(Configuration.class.getName());
    public final ProtocolType protocolType;
    public final String server;
    public final String port;
    public final String connectionUrl;
    public final boolean userCreationEnabled;
    public final boolean userDeletionEnabled;
    public final boolean useBindAccount;
    public final String manager;
    public final String password;
    public final String userBase;
    public final String userAttribute;
    public final String userFilter;
    public final String userMemberGroup;
    public final String groupBase;

    /* loaded from: input_file:systems/dmx/ldap/Configuration$ProtocolType.class */
    public enum ProtocolType {
        LDAP,
        LDAPS,
        STARTTLS
    }

    public Configuration(ProtocolType protocolType, String str, String str2, boolean z, boolean z2, boolean z3, String str3, String str4, String str5, String str6, String str7, String str8, String str9) {
        this.protocolType = protocolType;
        this.server = str;
        if (StringUtils.isNotEmpty(str2)) {
            this.port = str2;
        } else {
            this.port = protocolType == ProtocolType.LDAP ? "636" : "389";
        }
        Object[] objArr = new Object[3];
        objArr[0] = protocolType == ProtocolType.LDAPS ? "s" : "";
        objArr[1] = str;
        objArr[2] = str2;
        this.connectionUrl = String.format("ldap%s://%s:%s", objArr);
        this.userCreationEnabled = z;
        this.userDeletionEnabled = z2;
        this.useBindAccount = z3;
        this.manager = str3;
        this.password = str4;
        this.userBase = str5;
        this.userAttribute = str6;
        this.userFilter = str7;
        this.userMemberGroup = str8;
        this.groupBase = str9;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Configuration createFromProperties() {
        return new Configuration(ProtocolType.valueOf(System.getProperty("dmx.ldap.protocol", "ldap").toUpperCase()), System.getProperty("dmx.ldap.server", "127.0.0.1"), System.getProperty("dmx.ldap.port", "389"), System.getProperty("dmx.ldap.user_creation.enabled", BooleanUtils.FALSE).equals(BooleanUtils.TRUE), System.getProperty("dmx.ldap.user_deletion.enabled", BooleanUtils.FALSE).equals(BooleanUtils.TRUE), System.getProperty("dmx.ldap.use_bind_account", BooleanUtils.TRUE).equals(BooleanUtils.TRUE), System.getProperty("dmx.ldap.manager", ""), System.getProperty("dmx.ldap.password", ""), System.getProperty("dmx.ldap.user_base", ""), System.getProperty("dmx.ldap.user_attribute", "uid"), System.getProperty("dmx.ldap.user_filter", ""), System.getProperty("dmx.ldap.user_member_group", ""), System.getProperty("dmx.ldap.group_base", ""));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Configuration createFallback() {
        return new Configuration(ProtocolType.LDAP, "127.0.0.1", "389", false, false, true, "", "", "", "", "", "", "");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean check() {
        int i = 0;
        if (this.useBindAccount) {
            if (StringUtils.isEmpty(this.manager)) {
                logger.severe("No manager account provided. Check property 'dmx.ldap.manager'!");
                i = 0 + 1;
            }
            if (StringUtils.isEmpty(this.password)) {
                logger.warning("No manager password provided. Check property 'dmx.ldap.password'!");
            }
        }
        if (StringUtils.isEmpty(this.userBase)) {
            logger.warning("No user base provided. Check property 'dmx.ldap.user_base'!");
            i++;
        }
        if (StringUtils.isEmpty(System.getProperty("dmx.ldap.user_attribute", ""))) {
            logger.info("User attribute not set. Defaults to 'uid'. Check property 'dmx.ldap.user_attribute' to customize!");
        }
        if (StringUtils.isEmpty(this.userFilter)) {
            logger.info("No filter expression provided. Defaulting to mere existance check. Check property 'dmx.ldap.user_filter' to customize!");
        }
        if (StringUtils.isEmpty(this.groupBase)) {
            logger.info("No group base defined. LDAP Group handling will not work. Check property 'dmx.ldap.group_base'!");
        }
        if (this.userCreationEnabled) {
            logger.info("User creation enabled. LDAP entry creation and attribute modification may occur.");
            if (StringUtils.isEmpty(this.userMemberGroup)) {
                logger.info("No member group provided. Automatically adding inetOrgPerson entries to groups is disabled. Check property 'dmx.ldap.user_member_group' to customize!");
                if (StringUtils.isNotEmpty(this.userFilter)) {
                    logger.warning("Custom filter expression provided but no member group for new users. This might lead to new users not being able to log-in. Check property 'dmx.ldap.user_member_group'!");
                }
            } else {
                logger.info("Automatically adding inetOrgPerson entries to groups is enabled.");
                if (StringUtils.isEmpty(this.userFilter)) {
                    logger.warning("Member group defined but no filter expression. As such group membership is not checked during log-in. Check property 'dmx.ldap.user_filter'!");
                }
            }
        } else {
            logger.info("User creation disabled. All LDAP accesses are read-only.");
        }
        String property = System.getProperty("javax.net.ssl.trustStore", "");
        String property2 = System.getProperty("javax.net.ssl.trustStorePassword", "");
        if (this.protocolType != ProtocolType.LDAP) {
            if (StringUtils.isEmpty(property)) {
                logger.warning("Secure connection requested but no custom SSL/TLS trust store defined. Connection negotiation may fail. Check system property 'javax.net.ssl.trustStore' and 'javax.net.ssl.trustStorePassword'!");
            } else {
                if (StringUtils.isEmpty(property2)) {
                    logger.warning("Custom keystore was configured but password is empty. Opening the keystore and accessing its content may fail. Check system property 'javax.net.ssl.trustStorePassword'!");
                }
                try {
                    KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
                    keyStore.load(new FileInputStream(property), property2.toCharArray());
                    logger.log(Level.INFO, "Configured trust store %s is usable with provided password.", property);
                    int i2 = 0;
                    Enumeration<String> aliases = keyStore.aliases();
                    while (aliases.hasMoreElements()) {
                        i2++;
                        aliases.nextElement();
                    }
                    if (i2 == 0) {
                        logger.warning("Configured trust store does not contain any aliases. Please check the file.");
                    } else {
                        logger.log(Level.INFO, "Configured trust store contains %s aliases. It appears valid for SSL/TLS connections", Integer.valueOf(i2));
                    }
                } catch (FileNotFoundException e) {
                    logger.log(Level.SEVERE, String.format("Trust store configured to %s but file is not accessible: %s. Check system property 'javax.net.ssl.trustStore' and 'javax.net.ssl.trustStorePassword'!", property, e.getLocalizedMessage()));
                } catch (IOException e2) {
                    logger.log(Level.SEVERE, String.format("Trust store configured to %s but reading the file failed: %s. Check system property 'javax.net.ssl.trustStore' and 'javax.net.ssl.trustStorePassword'!", property, e2.getLocalizedMessage()));
                } catch (KeyStoreException e3) {
                    logger.log(Level.SEVERE, "Unable to initialize default trust store. Expecting \"Java Keystore\" format: %s", e3.getLocalizedMessage());
                } catch (NoSuchAlgorithmException e4) {
                    logger.log(Level.SEVERE, "Unable to load trust store. Check whether it is in the default \"Java Keystore\" format: %s", e4.getLocalizedMessage());
                } catch (CertificateException e5) {
                    logger.log(Level.SEVERE, "Unable to load trust store. Issue with certificates: %s", e5.getLocalizedMessage());
                }
            }
        } else if (StringUtils.isNotEmpty(property)) {
            logger.log(Level.WARNING, "A trust store located at %s was specified but using a non-SSL/TLS protocol. Check configuration.", property);
        }
        return i == 0;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String summary() {
        String format;
        String property = System.getProperty("javax.net.ssl.trustStore", "");
        String property2 = System.getProperty("javax.net.ssl.trustStorePassword", "");
        if (this.protocolType != ProtocolType.LDAP || StringUtils.isNotEmpty(property)) {
            Object[] objArr = new Object[2];
            objArr[0] = property;
            objArr[1] = StringUtils.isEmpty(property2) ? "" : "***";
            format = String.format("javax.net.ssl.trustStore=%s\njavax.net.ssl.trustStorePassword=%s", objArr);
        } else {
            format = "";
        }
        return String.format("dmx.ldap.protocol=%s\ndmx.ldap.server=%s\ndmx.ldap.port=%s\ndmx.ldap.user_creation.enabled=%s\ndmx.ldap.use_bind_account=%s\ndmx.ldap.manager=%s\ndmx.ldap.password=%s\ndmx.ldap.user_base=%s\ndmx.ldap.user_attribute=%s\ndmx.ldap.user_acceptance_filter=%s\ndmx.ldap.user_member_group=%s\ndmx.ldap.group_base=%s\n%s", this.protocolType, this.server, this.port, Boolean.valueOf(this.userCreationEnabled), Boolean.valueOf(this.useBindAccount), this.manager, StringUtils.isEmpty(this.password) ? "" : "***", this.userBase, this.userAttribute, this.userFilter, this.userMemberGroup, this.groupBase, format);
    }
}
