package systems.dmx.ldap;

import java.util.Locale;
import java.util.logging.Logger;
import systems.dmx.accountmanagement.AccountManager;
import systems.dmx.accountmanagement.CheckCredentialsResult;
import systems.dmx.core.service.accesscontrol.Credentials;
import systems.dmx.ldap.repository.JndiRepository;

/* loaded from: input_file:systems/dmx/ldap/LDAPAccountManager.class */
class LDAPAccountManager implements AccountManager {
    private static final Logger logger = Logger.getLogger(LDAPAccountManager.class.getName());
    private final Configuration configuration;
    private final JndiRepository jndiRepository;

    /* JADX INFO: Access modifiers changed from: package-private */
    public LDAPAccountManager(Configuration configuration, JndiRepository jndiRepository) {
        this.configuration = configuration;
        this.jndiRepository = jndiRepository;
    }

    public String name() {
        return "LDAP";
    }

    public CheckCredentialsResult checkCredentials(Credentials credentials) {
        String sanitise = sanitise(credentials.username);
        if (this.jndiRepository.checkCredentials(sanitise, credentials.password)) {
            logger.info(() -> {
                return String.format("LDAP credential check successful for user %s", sanitise);
            });
            return CheckCredentialsResult.lookupOrCreationRequired();
        }
        logger.severe(String.format("LDAP credential check failed for user %s", sanitise));
        return CheckCredentialsResult.failed();
    }

    public void createAccount(Credentials credentials) {
        if (!this.configuration.userCreationEnabled) {
            throw new IllegalStateException("User creation is disabled in LDAP plugin configuration!");
        }
        this.jndiRepository.createUser(sanitise(credentials.username), credentials.password, new JndiRepository.CompletableAction() { // from class: systems.dmx.ldap.LDAPAccountManager.1
        });
    }

    public void changePassword(Credentials credentials, Credentials credentials2) {
        if (!this.configuration.userCreationEnabled) {
            throw new IllegalStateException("Cannot change password because user creation is disabled in LDAP plugin configuration!");
        }
        String sanitise = sanitise(credentials2.username);
        if (!this.jndiRepository.changePassword(sanitise, credentials2.password)) {
            throw new IllegalStateException("Password change failed");
        }
        logger.info(() -> {
            return String.format("Successfully changed password for %s", sanitise);
        });
    }

    public void onUsernameDeleted(String str) {
        if (this.configuration.userDeletionEnabled) {
            logger.info(() -> {
                return String.format("Deleting user from LDAP %s", str);
            });
            this.jndiRepository.deleteUser(str);
        }
    }

    private String sanitise(String str) {
        return str.toLowerCase(Locale.ROOT);
    }
}
