package com.ibm.eim.jndi;

import com.ibm.eim.Credential;
import com.ibm.eim.EimException;
import com.ibm.eim.IdentityContextCredential;
import com.ibm.eim.PasswordCredential;
import com.ibm.eim.RegistryUser;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import javax.naming.NameNotFoundException;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.BasicAttribute;
import javax.naming.directory.BasicAttributes;
import javax.naming.directory.SearchResult;

/* JADX WARN: Classes with same name are omitted:
  input_file:lib/eimIdTokenRA.rar:eim.jar:com/ibm/eim/jndi/RegistryUserJNDI.class
 */
/* loaded from: input_file:lib/eimIdTokenRA.JCA15.rar:eim.jar:com/ibm/eim/jndi/RegistryUserJNDI.class */
public class RegistryUserJNDI implements RegistryUser {
    private String _cn;
    private String _targetUserName;
    private String _rDn;
    private String _pwdrDn;
    private String _idctxrDn;
    private String _credrDn;
    private RegistryJNDI _parentRegistry;
    private String _currentAPI;

    protected static String copyright() {
        return " Licensed Materials - Property of IBM, 5722SS1 (C) COPYRIGHT 2003, 2006 All Rights Reserved. US Government Users restricted Rights -  Use, Duplication or Disclosure restricted by GSA ADP Schedule Contract with IBM Corp.";
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public RegistryUserJNDI(String str, RegistryJNDI registryJNDI) {
        this._cn = null;
        this._targetUserName = null;
        this._rDn = null;
        this._pwdrDn = null;
        this._idctxrDn = null;
        this._credrDn = null;
        this._parentRegistry = null;
        this._currentAPI = null;
        this._targetUserName = str;
        this._parentRegistry = registryJNDI;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public RegistryUserJNDI(String str, String str2, RegistryJNDI registryJNDI) {
        this(str, registryJNDI);
        this._cn = str2;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public DomainJNDI getDomain() {
        return this._parentRegistry.getDomain();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String getCurrentAPI() {
        return this._currentAPI;
    }

    private void setCurrentAPI(String str) {
        this._currentAPI = new StringBuffer().append(getClass().getName()).append(":").append(str).toString();
    }

    @Override // com.ibm.eim.RegistryUser
    public void addAdditionalInfo(String str) throws EimException {
        setCurrentAPI("addAdditionalInfo");
        StringUtil.checkParm(getCurrentAPI(), "info", str);
        JNDIUtil.modifyAttribute(getCurrentAPI(), getDomain().getDirCtx(), getRDn(), 1, "ibm-eimAdditionalInformation", str);
    }

    public boolean equals(Object obj) {
        if (obj == this) {
            return true;
        }
        return obj != null && (obj instanceof RegistryUserJNDI) && ((RegistryUserJNDI) obj).getTargetUserName().equals(getTargetUserName()) && ((RegistryUserJNDI) obj).getRegistryName().equals(getRegistryName());
    }

    @Override // com.ibm.eim.RegistryUser
    public Set getAdditionalInfo() throws EimException {
        setCurrentAPI("getAdditionalInfo");
        return JNDIUtil.getAttributeSet(getCurrentAPI(), getDomain().getDirCtx(), getRDn(), "ibm-eimAdditionalInformation");
    }

    @Override // com.ibm.eim.RegistryUser
    public Set getAssociatedEids(int i) throws EimException {
        setCurrentAPI("getAssociatedEids");
        return new EidManager(this).getAssociatedEids(i, this);
    }

    @Override // com.ibm.eim.RegistryUser
    public String getDescription() throws EimException {
        setCurrentAPI("getDescription");
        return JNDIUtil.getAttribute(getCurrentAPI(), getDomain().getDirCtx(), getRDn(), "description");
    }

    @Override // com.ibm.eim.RegistryUser
    public String getRegistryName() {
        setCurrentAPI("getRegistryName");
        return this._parentRegistry.getName();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public RegistryJNDI getRegistry() {
        return this._parentRegistry;
    }

    @Override // com.ibm.eim.RegistryUser
    public String getTargetUserName() {
        setCurrentAPI("getTargetUserName");
        return this._targetUserName;
    }

    public int hashCode() {
        return new StringBuffer().append(getTargetUserName()).append(getRegistryName()).toString().hashCode();
    }

    @Override // com.ibm.eim.RegistryUser
    public void removeAdditionalInfo(String str) throws EimException {
        setCurrentAPI("removeAdditionalInfo");
        StringUtil.checkParm(getCurrentAPI(), "info", str);
        JNDIUtil.modifyAttribute(getCurrentAPI(), getDomain().getDirCtx(), getRDn(), 3, "ibm-eimAdditionalInformation", str);
    }

    @Override // com.ibm.eim.RegistryUser
    public void setDescription(String str) throws EimException {
        setCurrentAPI("setDescription");
        JNDIUtil.modifyAttribute(getCurrentAPI(), getDomain().getDirCtx(), getRDn(), 2, "description", str);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String getRDn() throws EimException {
        if (this._rDn == null) {
            this._rDn = new StringBuffer().append("cn=").append(getCn()).append(",").append("cn=Users").append(",").append(this._parentRegistry.getRDn()).toString();
        }
        return this._rDn;
    }

    String getIdCtxRDn() throws EimException {
        if (this._idctxrDn == null) {
            this._idctxrDn = new StringBuffer().append("secAuthnType=5,cn=").append(getCn()).append(",").append("cn=Credentials").append(",").append("ibm-eimRegistryName").append("=").append(getRegistryName()).append(",").append("cn=Registries").toString();
        }
        return this._idctxrDn;
    }

    String getPwdRDn() throws EimException {
        if (this._pwdrDn == null) {
            this._pwdrDn = new StringBuffer().append("secAuthnType=2,cn=").append(getCn()).append(",").append("cn=Credentials").append(",").append("ibm-eimRegistryName").append("=").append(getRegistryName()).append(",").append("cn=Registries").toString();
        }
        return this._pwdrDn;
    }

    String getCredRDn() throws EimException {
        if (this._credrDn == null) {
            this._credrDn = new StringBuffer().append("cn=").append(getCn()).append(",").append("cn=Credentials").append(",").append("ibm-eimRegistryName").append("=").append(getRegistryName()).append(",").append("cn=Registries").toString();
        }
        return this._credrDn;
    }

    String getCn() throws EimException {
        if (this._cn == null) {
            try {
                NamingEnumeration searchLDAP = JNDIUtil.searchLDAP(1, EimConstants.NOATTS, new StringBuffer().append("(ibm-eimtargetusername=").append(getTargetUserName()).append(")").toString(), new StringBuffer().append("cn=Users,ibm-eimRegistryName=").append(getRegistryName()).append(",").append("cn=Registries").toString(), getDomain().getDirCtx());
                if (searchLDAP.hasMore()) {
                    this._cn = ((SearchResult) searchLDAP.next()).getName().substring(3);
                }
                if (searchLDAP.hasMore()) {
                    throw new EimException("{0}: multiple entries exist");
                }
            } catch (NamingException e) {
                EimException eimException = new EimException("{0}: error getting attribute {1} for {2}", (Exception) e);
                eimException.setSubstitutions(new String[]{getCurrentAPI(), "cn"});
                throw eimException;
            }
        }
        return this._cn;
    }

    public Set getAssociatedPolicyAssociations(int i) throws EimException {
        setCurrentAPI("getAssociatedPolicyAssociations");
        return new AssociationManager(this).getPoliciesForUser(i, this);
    }

    @Override // com.ibm.eim.RegistryUser
    public Set getCredentials() throws EimException {
        return getCredentials(0);
    }

    @Override // com.ibm.eim.RegistryUser
    public Set getCredentials(int i) throws EimException {
        setCurrentAPI("getCredentials");
        getDomain().checkVersion(3, getCurrentAPI());
        String[] strArr = {"secAuthnData", "secAuthnType", "secValid"};
        String str = null;
        int i2 = 1;
        if (i == 0) {
            str = getCredRDn();
        } else {
            switch (i) {
                case 1:
                    str = getPwdRDn();
                    break;
                case 2:
                    str = getIdCtxRDn();
                    break;
            }
            i2 = 0;
        }
        try {
            NamingEnumeration searchLDAP = JNDIUtil.searchLDAP(i2, strArr, "(objectclass=ibm-eimRegistryUserCredentials)", str, getDomain().getDirCtx());
            HashSet hashSet = new HashSet();
            while (searchLDAP.hasMore()) {
                SearchResult searchResult = (SearchResult) searchLDAP.next();
                Set<byte[]> attributeSet = JNDIUtil.getAttributeSet(searchResult, "secAuthnData");
                Set attributeSet2 = JNDIUtil.getAttributeSet(searchResult, "secValid");
                Set attributeSet3 = JNDIUtil.getAttributeSet(searchResult, "secAuthnType");
                r19 = null;
                for (byte[] bArr : attributeSet) {
                }
                Iterator it = attributeSet2.iterator();
                int i3 = 2;
                while (it.hasNext()) {
                    i3 = ((String) it.next()).equalsIgnoreCase("true") ? 1 : 0;
                }
                Iterator it2 = attributeSet3.iterator();
                boolean z = 2;
                while (it2.hasNext()) {
                    if (((String) it2.next()).equals("2")) {
                        z = true;
                    }
                }
                if (i3 != 2 && bArr != null) {
                    switch (z) {
                        case true:
                            hashSet.add(new PasswordCredential(decodePwd(bArr), i3));
                            break;
                        case true:
                            hashSet.add(new IdentityContextCredential(bArr));
                            break;
                    }
                }
            }
            return hashSet;
        } catch (NamingException e) {
            EimException eimException = new EimException("{0}: error getting list", (Exception) e);
            eimException.setSubstitutions(new String[]{getCurrentAPI()});
            throw eimException;
        } catch (NameNotFoundException e2) {
            return new HashSet();
        }
    }

    @Override // com.ibm.eim.RegistryUser
    public void removeCredential(Credential credential) throws EimException {
        setCurrentAPI("removeCredential");
        getDomain().checkVersion(3, getCurrentAPI());
        if (credential instanceof PasswordCredential) {
            if (!credExists(1)) {
                return;
            } else {
                removePwd();
            }
        }
        if ((credential instanceof IdentityContextCredential) && credExists(2)) {
            removeIdCtx();
        }
    }

    @Override // com.ibm.eim.RegistryUser
    public void setCredential(Credential credential) throws EimException {
        setCurrentAPI("setCredential");
        getDomain().checkVersion(3, getCurrentAPI());
        if (credential instanceof PasswordCredential) {
            if (credExists(1)) {
                changePwd(credential);
            } else {
                addPwd(credential);
            }
        }
        if (credential instanceof IdentityContextCredential) {
            if (credExists(2)) {
                changeIdCtx(credential);
            } else {
                addIdCtx(credential);
            }
        }
    }

    private void changePwd(Credential credential) throws EimException {
        String password = ((PasswordCredential) credential).getPassword();
        if (null != password) {
            JNDIUtil.modifyAttribute(getCurrentAPI(), getDomain().getDirCtx(), getPwdRDn(), 2, "secAuthnData", encodePwd(password));
        }
        if (2 != ((PasswordCredential) credential).getStatus()) {
            JNDIUtil.modifyAttribute(getCurrentAPI(), getDomain().getDirCtx(), getPwdRDn(), 2, "secValid", ((PasswordCredential) credential).getStatus() == 0 ? "false" : "true");
        }
    }

    private void addPwd(Credential credential) throws EimException {
        String password = ((PasswordCredential) credential).getPassword();
        if (null == password) {
            return;
        }
        try {
            getRegistry().createCredRegistryContainer();
        } catch (EimException e) {
        }
        createUserCredContainer();
        byte[] encodePwd = encodePwd(password);
        String str = ((PasswordCredential) credential).getStatus() == 0 ? "false" : "true";
        BasicAttributes basicAttributes = new BasicAttributes();
        BasicAttribute basicAttribute = new BasicAttribute("objectclass");
        basicAttribute.add("top");
        basicAttribute.add("ibm-eimRegistryUserCredentials");
        basicAttributes.put(basicAttribute);
        basicAttributes.put("secAuthnData", encodePwd);
        basicAttributes.put("secValid", str);
        basicAttributes.put("secAuthnType", "2");
        try {
            getDomain().getDirCtx().createSubcontext(getPwdRDn(), basicAttributes);
        } catch (NamingException e2) {
            EimException eimException = new EimException("{0}: error creating {1}", (Exception) e2);
            eimException.setSubstitutions(new String[]{getCurrentAPI()});
            throw eimException;
        }
    }

    private void removePwd() throws EimException {
        JNDIUtil.modifyAttribute(getCurrentAPI(), getDomain().getDirCtx(), getPwdRDn(), 2, "secValid", "false");
        try {
            getDomain().getDirCtx().destroySubcontext(getPwdRDn());
        } catch (NamingException e) {
            throw new EimException((Exception) e);
        }
    }

    private void changeIdCtx(Credential credential) throws EimException {
        byte[] identityContext = ((IdentityContextCredential) credential).getIdentityContext();
        if (null != identityContext) {
            JNDIUtil.modifyAttribute(getCurrentAPI(), getDomain().getDirCtx(), getIdCtxRDn(), 2, "secAuthnData", identityContext);
        }
    }

    private void addIdCtx(Credential credential) throws EimException {
        byte[] identityContext = ((IdentityContextCredential) credential).getIdentityContext();
        if (null == identityContext) {
            return;
        }
        try {
            getRegistry().createCredRegistryContainer();
        } catch (EimException e) {
        }
        createUserCredContainer();
        BasicAttributes basicAttributes = new BasicAttributes();
        BasicAttribute basicAttribute = new BasicAttribute("objectclass");
        basicAttribute.add("top");
        basicAttribute.add("ibm-eimRegistryUserCredentials");
        basicAttributes.put(basicAttribute);
        basicAttributes.put("secAuthnData", identityContext);
        basicAttributes.put("secValid", "true");
        basicAttributes.put("secAuthnType", "5");
        try {
            getDomain().getDirCtx().createSubcontext(getIdCtxRDn(), basicAttributes);
        } catch (NamingException e2) {
            EimException eimException = new EimException("{0}: error creating {1}", (Exception) e2);
            eimException.setSubstitutions(new String[]{getCurrentAPI()});
            throw eimException;
        }
    }

    private void removeIdCtx() throws EimException {
        JNDIUtil.modifyAttribute(getCurrentAPI(), getDomain().getDirCtx(), getIdCtxRDn(), 2, "secValid", "false");
        try {
            getDomain().getDirCtx().destroySubcontext(getIdCtxRDn());
        } catch (NamingException e) {
            throw new EimException((Exception) e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void removeCredentials() throws EimException {
        setCurrentAPI("removeCredentials");
        try {
            try {
                getDomain().getDirCtx().destroySubcontext(getIdCtxRDn());
            } catch (NamingException e) {
                throw new EimException((Exception) e);
            }
        } catch (NamingException e2) {
        }
        try {
            getDomain().getDirCtx().destroySubcontext(getPwdRDn());
        } catch (NamingException e3) {
        }
        getDomain().getDirCtx().destroySubcontext(getCredRDn());
    }

    private void createUserCredContainer() {
        try {
            JNDIUtil.createContainer(getCurrentAPI(), getDomain().getDirCtx(), getCn(), new StringBuffer().append("cn=Credentials,").append(getRegistry().getRDn()).toString(), null);
        } catch (Exception e) {
            new EimException("{0}: error creating {1}", e);
        }
    }

    private boolean credExists(int i) {
        String[] strArr = EimConstants.NOATTS;
        String str = null;
        try {
            switch (i) {
                case 1:
                    str = getPwdRDn();
                    break;
                case 2:
                    str = getIdCtxRDn();
                    break;
            }
            return JNDIUtil.searchLDAP(0, strArr, "(objectclass=ibm-eimRegistryUserCredentials)", str, getDomain().getDirCtx()).hasMore();
        } catch (NameNotFoundException e) {
            return false;
        } catch (Exception e2) {
            return false;
        }
    }

    private byte[] encodePwd(String str) {
        char[] cArr = {'!', '@', '#', '$', '%', '&', '*'};
        int i = 0;
        for (int i2 = 0; i2 < str.length(); i2++) {
            int charAt = str.charAt(i2) % 7;
            i = i + (charAt * (7 - charAt)) + 1;
        }
        byte[] bArr = new byte[i + str.length() + 3];
        bArr[0] = (byte) cArr[0];
        bArr[1] = (byte) cArr[1];
        bArr[2] = (byte) cArr[2];
        int i3 = 3;
        for (int i4 = 0; i4 < str.length(); i4++) {
            int charAt2 = str.charAt(i4) % 7;
            bArr[i3] = (byte) (str.charAt(i4) + charAt2);
            i3++;
            for (int i5 = 0; i5 < (charAt2 * (7 - charAt2)) + 1; i5++) {
                bArr[i3] = (byte) cArr[charAt2];
                i3++;
            }
        }
        return bArr;
    }

    private String decodePwd(byte[] bArr) {
        char[] cArr = {'!', '@', '#', '$', '%', '&', '*'};
        String str = null;
        try {
            str = new String(bArr, "UTF-8");
        } catch (Exception e) {
        }
        String str2 = new String();
        int i = 3;
        int i2 = 0;
        while (i < str.length()) {
            char charAt = str.charAt(i);
            int i3 = i + 1;
            char charAt2 = str.charAt(i3);
            int i4 = 0;
            while (i4 < 7 && charAt2 != cArr[i4]) {
                i4++;
            }
            if (i4 == 7) {
                return null;
            }
            i = i3 + (i4 * (7 - i4)) + 1;
            str2 = str2.concat(String.valueOf((char) (charAt - i4)));
            i2++;
        }
        return str2;
    }
}
