package com.greenhat.server.container.server.security.ldap.operations;

import com.greenhat.server.container.server.security.ldap.trace.LdapAuthenticationTrace;
import java.text.MessageFormat;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;
import javax.naming.Name;
import javax.naming.NameParser;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.naming.ldap.LdapContext;

/* loaded from: input_file:security-config.jar:com/greenhat/server/container/server/security/ldap/operations/GetGroupsForUserOperation.class */
public class GetGroupsForUserOperation {
    final LdapContext ctx;
    final String groupIdentifier;
    final String userGroupFilter;
    final String userDN;
    final Map<String, String> allGroups;
    final String groupSearchBase;
    private final LdapAuthenticationTrace trace;

    public GetGroupsForUserOperation(LdapContext ldapContext, String str, String str2, String str3, Map<String, String> map, String str4, LdapAuthenticationTrace ldapAuthenticationTrace) {
        this.ctx = ldapContext;
        this.groupIdentifier = str;
        this.userGroupFilter = str2;
        this.userDN = str3;
        this.allGroups = map;
        this.groupSearchBase = str4;
        this.trace = ldapAuthenticationTrace;
    }

    public Set<String> run() throws NamingException {
        return getGroups(this.ctx, this.groupIdentifier, this.userGroupFilter, this.userDN, this.allGroups, this.groupSearchBase);
    }

    private Set<String> getGroups(LdapContext ldapContext, String str, String str2, String str3, Map<String, String> map, String str4) throws NamingException {
        try {
            String format = MessageFormat.format(str2, str3);
            SearchControls searchControls = new SearchControls();
            searchControls.setReturningAttributes(new String[]{str});
            searchControls.setSearchScope(2);
            NameParser nameParser = ldapContext.getNameParser(str4);
            HashSet hashSet = new HashSet();
            this.trace.groupsForUserQuery = new LdapAuthenticationTrace.LdapQueryParams(str4, format, 2);
            this.trace.groupsForUserQueryAttempt = LdapAuthenticationTrace.AttemptStatus.STARTED_NOT_COMPLETED;
            NamingEnumeration search = ldapContext.search(str4, format, searchControls);
            while (search.hasMoreElements()) {
                SearchResult searchResult = (SearchResult) search.next();
                String nameInNamespace = searchResult.getNameInNamespace();
                Attributes attributes = searchResult.getAttributes();
                if (attributes != null) {
                    NamingEnumeration all = attributes.getAll();
                    while (all.hasMore()) {
                        hashSet.add(((Attribute) all.next()).get().toString());
                    }
                    all.close();
                }
                addParentGroup(nameInNamespace, hashSet, map, nameParser);
            }
            this.trace.groupsForUser = hashSet;
            this.trace.groupsForUserQueryAttempt = LdapAuthenticationTrace.AttemptStatus.SUCCEEDED;
            return hashSet;
        } catch (RuntimeException e) {
            this.trace.groupsForUserQueryException = e;
            throw e;
        } catch (NamingException e2) {
            this.trace.groupsForUserQueryException = e2;
            throw e2;
        }
    }

    protected void addParentGroup(String str, Set<String> set, Map<String, String> map, NameParser nameParser) throws NamingException {
        Name parse = nameParser.parse(str);
        String obj = parse.getPrefix(parse.size() - 1).toString();
        String str2 = map.get(obj);
        if (str2 == null || set.contains(str2)) {
            return;
        }
        set.add(str2);
        addParentGroup(obj, set, map, nameParser);
    }
}
