package oracle.security.jazn.spi.ldap;

import java.security.AccessController;
import java.util.HashSet;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.Set;
import javax.naming.CommunicationException;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.NoPermissionException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import oracle.ldap.util.Guid;
import oracle.security.jazn.JAZNConfig;
import oracle.security.jazn.JAZNException;
import oracle.security.jazn.JAZNNamingException;
import oracle.security.jazn.JAZNRuntimeException;
import oracle.security.jazn.action.GetJAZNConfigPropertyAction;
import oracle.security.jazn.realm.Realm;
import oracle.security.jazn.realm.RealmPrincipal;
import oracle.security.jazn.realm.RealmRole;
import oracle.security.jazn.realm.RealmUser;
import oracle.security.jazn.realm.RoleManager;
import oracle.security.jazn.realm.UserManager;
import oracle.security.jazn.util.Dbg;
import oracle.security.jazn.util.DbgWriter;
import oracle.security.jazn.util.Env;
import oracle.security.jazn.util.Misc;
import oracle.security.jazn.util.Resources;

/* loaded from: input_file:oracle/security/jazn/spi/ldap/ExtRealm.class */
public class ExtRealm implements RoleManager, UserManager {
    protected JAZNConfig _config;
    protected Hashtable _prop;
    protected LDAPRealmImpl _realmImpl;
    protected String _usersSearchbase;
    protected String _rolesSearchbase;
    protected String _usersNickname;
    protected String _usersObjClass;
    protected String _rolesObjClass;
    protected String _rolesNickname;
    protected String _rolesMA;
    protected static boolean _isCacheEnabled;
    protected CacheManager _cacheMgr;
    protected boolean _isSubscriber = false;
    protected String _rolesSearchbase2 = null;
    protected final int ITEM_USER = 1;
    protected final int ITEM_ROLE = 2;
    protected final int ITEM_GRANTEDROLES = 3;
    protected final int ITEM_GRANTEDROLES_INDIRECT = 4;
    protected final int ITEM_GRANTEES = 5;
    protected final int ITEM_GRANTEES_INDIRECT = 6;

    public ExtRealm(JAZNConfig jAZNConfig) {
        if (jAZNConfig == null) {
            this._config = JAZNConfig.getJAZNConfig();
        } else {
            this._config = jAZNConfig;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public JAZNConfig getJAZNConfig() {
        return this._config;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getJAZNProperty(String str, String str2) {
        return (String) AccessController.doPrivileged(new GetJAZNConfigPropertyAction(this._config, str, str2));
    }

    @Override // oracle.security.jazn.realm.RoleManager, oracle.security.jazn.realm.UserManager
    public void initialize(Hashtable hashtable) throws JAZNException {
        this._prop = hashtable;
        _isCacheEnabled = getJAZNProperty(Env.LDAP_CACHE_REALM_ENABLE, Env.LDAP_CACHE_ENABLE_DEFAULT).equals("true");
        if (_isCacheEnabled) {
            this._cacheMgr = CacheManager.getCacheManager();
        }
    }

    @Override // oracle.security.jazn.realm.RoleManager, oracle.security.jazn.realm.UserManager
    public void setRealm(Realm realm) throws JAZNException {
        if (this._realmImpl == null) {
            this._realmImpl = (LDAPRealmImpl) realm;
            if (this._realmImpl.getSubscriberDN() != null) {
                this._isSubscriber = true;
            }
        }
    }

    @Override // oracle.security.jazn.realm.RoleManager, oracle.security.jazn.realm.UserManager
    public void refresh() {
        this._cacheMgr.invalidate(Env.LDAP_REALM);
    }

    @Override // oracle.security.jazn.realm.RoleManager, oracle.security.jazn.realm.UserManager
    public Realm getRealm() {
        return this._realmImpl;
    }

    @Override // oracle.security.jazn.realm.RoleManager
    public Set getRoles() throws JAZNException {
        String str = "";
        if (isCacheEnabled()) {
            str = generateKey(2, null);
            Object obj = this._cacheMgr.get(Env.LDAP_REALM, str);
            if (obj != null && (obj instanceof Set)) {
                if (Dbg.PERF) {
                    System.out.println(new StringBuffer().append("getRoles - get all roles from cache. Key ").append(str).toString());
                }
                return (Set) obj;
            }
        }
        Set set = getroles(null);
        if (isCacheEnabled()) {
            this._cacheMgr.put(Env.LDAP_REALM, str, set);
            if (Dbg.PERF) {
                System.out.println(new StringBuffer().append("getRoles - put all roles to cache. key ").append(str).toString());
            }
        }
        return set;
    }

    @Override // oracle.security.jazn.realm.RoleManager
    public int getRoleCount() throws JAZNException {
        return getroles(null).size();
    }

    @Override // oracle.security.jazn.realm.RoleManager
    public RealmRole getRole(String str) throws JAZNException {
        String generateKey;
        Object obj;
        if (str == null) {
            throw new IllegalArgumentException();
        }
        if (isCacheEnabled() && (obj = this._cacheMgr.get(Env.LDAP_REALM, (generateKey = generateKey(2, str)))) != null && (obj instanceof RealmRole)) {
            if (Dbg.PERF) {
                System.out.println(new StringBuffer().append("getRole - get role from cache. key ").append(generateKey).toString());
            }
            return (RealmRole) obj;
        }
        Set set = getroles(str);
        if (set.isEmpty()) {
            return null;
        }
        Object next = set.iterator().next();
        if (next instanceof RealmRole) {
            return (RealmRole) next;
        }
        return null;
    }

    @Override // oracle.security.jazn.realm.RoleManager
    public Set getGrantees(RealmRole realmRole, boolean z) throws JAZNException {
        Set hashSet;
        try {
            if (z) {
                hashSet = getDirectGrantees(realmRole);
            } else {
                if (isCacheEnabled()) {
                    String generateKey = generateKey(6, realmRole.getName());
                    if (Dbg.PERF) {
                        System.out.println("getting indirectGrantees from cache ");
                    }
                    Object obj = this._cacheMgr.get(Env.LDAP_REALM, generateKey);
                    if (obj != null) {
                        if (Dbg.PERF) {
                            System.out.println(new StringBuffer().append("getInDirectGrantees from cache which is non-null ").append(generateKey).toString());
                        }
                        return (Set) obj;
                    }
                }
                hashSet = new HashSet();
                getIndirectGrantees(realmRole, hashSet);
                if (isCacheEnabled()) {
                    String generateKey2 = generateKey(6, realmRole.getName());
                    if (Dbg.PERF) {
                        System.out.println(new StringBuffer().append("put to cache with key=").append(generateKey2).toString());
                    }
                    this._cacheMgr.put(Env.LDAP_REALM, generateKey2, hashSet);
                }
            }
            return hashSet;
        } catch (JAZNException e) {
            if (Dbg.LOG) {
                e.printStackTrace();
            }
            throw e;
        } catch (Throwable th) {
            if (Dbg.LOG) {
                th.printStackTrace();
            }
            throw new JAZNRuntimeException(th.getMessage(), th);
        }
    }

    @Override // oracle.security.jazn.realm.RoleManager
    public Set getGrantedRoles(RealmPrincipal realmPrincipal, boolean z) throws JAZNException {
        String generateKey;
        Object obj;
        try {
            if (z) {
                return getDirectGrantedRoles(realmPrincipal);
            }
            if (isCacheEnabled() && (obj = this._cacheMgr.get(Env.LDAP_REALM, (generateKey = generateKey(4, realmPrincipal.getFullName())))) != null) {
                if (Dbg.PERF) {
                    System.out.println(new StringBuffer().append("getInDirectGrantedRoles(p) which is non-null ").append(generateKey).toString());
                }
                return (Set) obj;
            }
            Set[] setArr = {new HashSet()};
            getIndirectGrantedRoles(realmPrincipal, setArr);
            HashSet hashSet = (HashSet) setArr[0];
            if (isCacheEnabled()) {
                String generateKey2 = generateKey(4, realmPrincipal.getFullName());
                if (Dbg.PERF) {
                    System.out.println(new StringBuffer().append("put to cache with key=").append(generateKey2).toString());
                }
                this._cacheMgr.put(Env.LDAP_REALM, generateKey2, hashSet);
            }
            return hashSet;
        } catch (JAZNException e) {
            if (Dbg.LOG) {
                e.printStackTrace();
            }
            throw e;
        } catch (Throwable th) {
            if (Dbg.LOG) {
                th.printStackTrace();
            }
            throw new JAZNRuntimeException(th.getMessage(), th);
        }
    }

    @Override // oracle.security.jazn.realm.RoleManager
    public RealmRole createRole(String str) throws JAZNException {
        throw new UnsupportedOperationException();
    }

    @Override // oracle.security.jazn.realm.RoleManager
    public void dropRole(RealmRole realmRole) throws JAZNException {
        throw new UnsupportedOperationException();
    }

    @Override // oracle.security.jazn.realm.RoleManager
    public void dropRole(String str) throws JAZNException {
        throw new UnsupportedOperationException();
    }

    @Override // oracle.security.jazn.realm.RoleManager
    public void grantRole(RealmPrincipal realmPrincipal, RealmRole realmRole) throws JAZNException {
        throw new UnsupportedOperationException();
    }

    @Override // oracle.security.jazn.realm.RoleManager
    public void revokeRole(RealmPrincipal realmPrincipal, RealmRole realmRole) throws JAZNException {
        throw new UnsupportedOperationException();
    }

    @Override // oracle.security.jazn.realm.UserManager
    public Set getUsers() throws JAZNException {
        String str = "";
        if (isCacheEnabled()) {
            str = generateKey(1, null);
            Object obj = this._cacheMgr.get(Env.LDAP_REALM, str);
            if (obj != null && (obj instanceof Set)) {
                if (Dbg.PERF) {
                    System.out.println(new StringBuffer().append("getUsers - get all users from cache. Key ").append(str).toString());
                }
                return (Set) obj;
            }
        }
        Set set = getusers(null);
        if (isCacheEnabled()) {
            this._cacheMgr.put(Env.LDAP_REALM, str, set);
            if (Dbg.PERF) {
                System.out.println(new StringBuffer().append("getUsers - put all users to cache. key ").append(str).toString());
            }
        }
        return set;
    }

    @Override // oracle.security.jazn.realm.UserManager
    public int getUserCount() throws JAZNException {
        return getusers(null).size();
    }

    @Override // oracle.security.jazn.realm.UserManager
    public RealmUser getUser(String str) throws JAZNException {
        String generateKey;
        Object obj;
        if (str == null) {
            throw new IllegalArgumentException();
        }
        if (isCacheEnabled() && (obj = this._cacheMgr.get(Env.LDAP_REALM, (generateKey = generateKey(1, str)))) != null && (obj instanceof RealmUser)) {
            if (Dbg.PERF) {
                System.out.println(new StringBuffer().append("getUser - get user from cache. key ").append(generateKey).toString());
            }
            return (RealmUser) obj;
        }
        Set set = getusers(str);
        if (set.isEmpty()) {
            return null;
        }
        Object next = set.iterator().next();
        if (next instanceof RealmUser) {
            return (RealmUser) next;
        }
        return null;
    }

    @Override // oracle.security.jazn.realm.UserManager
    public RealmUser createUser(String str) throws JAZNException {
        throw new UnsupportedOperationException();
    }

    @Override // oracle.security.jazn.realm.UserManager
    public RealmUser createUser(String str, String str2) throws JAZNException {
        throw new UnsupportedOperationException();
    }

    @Override // oracle.security.jazn.realm.UserManager
    public void dropUser(String str) throws JAZNException {
        throw new UnsupportedOperationException();
    }

    @Override // oracle.security.jazn.realm.UserManager
    public void dropUser(String str, boolean z) throws JAZNException {
        throw new UnsupportedOperationException();
    }

    private void fetchSBFromSubscriber() throws JAZNException, NamingException {
        try {
            if (this._usersSearchbase == null || this._rolesSearchbase == null) {
                String stringBuffer = new StringBuffer().append(Env.ENTRY_ORACLE_CONTEXT).append(",").append(this._realmImpl.getSubscriberDN()).toString();
                this._rolesSearchbase2 = new StringBuffer().append("cn=groups,").append(stringBuffer).toString();
                Attributes attributes = LDAPUtil.getLDAPUtil(getJAZNConfig()).getAttributes(new StringBuffer().append(Env.ENTRY_COMMON).append(",cn=").append(Env.ENTRY_SERVICES).append(",").append(stringBuffer).toString(), new String[]{Env.ATTR_COMMON_NICK_NAME, Env.ATTR_COMMON_USER_SEARCHBASE, Env.ATTR_COMMON_GROUP_SEARCHBASE});
                if (attributes == null) {
                    throw new IllegalArgumentException(Misc.getResourceBundle().getString(Resources.Key.INVALID_ARGUMENT));
                }
                Attribute attribute = attributes.get(Env.ATTR_COMMON_NICK_NAME);
                if (attribute != null) {
                    this._usersNickname = (String) attribute.getAll().nextElement();
                } else {
                    this._usersNickname = "cn";
                }
                Attribute attribute2 = attributes.get(Env.ATTR_COMMON_USER_SEARCHBASE);
                if (attribute2 == null) {
                    throw new IllegalArgumentException(new StringBuffer().append(Misc.getResourceBundle().getString(Resources.Key.INVALID_ARGUMENT)).append("SUBSCRIBER_DN").toString());
                }
                this._usersSearchbase = (String) attribute2.getAll().nextElement();
                Attribute attribute3 = attributes.get(Env.ATTR_COMMON_GROUP_SEARCHBASE);
                if (attribute3 == null) {
                    throw new IllegalArgumentException(new StringBuffer().append(Misc.getResourceBundle().getString(Resources.Key.INVALID_ARGUMENT)).append("SUBSCRIBER_DN").toString());
                }
                this._rolesSearchbase = (String) attribute3.getAll().nextElement();
            }
        } catch (NamingException e) {
            if (Dbg.LOG) {
                e.printStackTrace();
            }
            throw e;
        } catch (JAZNException e2) {
            if (Dbg.LOG) {
                e2.printStackTrace();
            }
            throw e2;
        } catch (Throwable th) {
            if (Dbg.LOG) {
                th.printStackTrace();
            }
            throw new JAZNRuntimeException(th.getMessage(), th);
        }
    }

    protected void getSearchParam() throws JAZNException, NamingException {
        try {
            if (this._rolesSearchbase == null || this._usersSearchbase == null) {
                if (this._isSubscriber) {
                    fetchSBFromSubscriber();
                } else {
                    this._rolesSearchbase = (String) this._prop.get(Realm.LDAPProperty.ROLES_SEARCHBASE);
                    this._usersSearchbase = (String) this._prop.get(Realm.LDAPProperty.USERS_SEARCHBASE);
                    Object obj = this._prop.get(Realm.LDAPProperty.USERS_NAME_ATTR);
                    this._usersNickname = obj == null ? "cn" : (String) obj;
                }
                Object obj2 = this._prop.get(Realm.LDAPProperty.USERS_OBJ_CLASS);
                if (obj2 != null) {
                    this._usersObjClass = (String) obj2;
                }
                Object obj3 = this._prop.get(Realm.LDAPProperty.ROLES_NAME_ATTR);
                this._rolesNickname = obj3 == null ? "cn" : (String) obj3;
                Object obj4 = this._prop.get(Realm.LDAPProperty.ROLES_OBJ_CLASS);
                this._rolesObjClass = obj4 == null ? Env.OC_GROUP_OF_UNIQUE_NAMES : (String) obj4;
                Object obj5 = this._prop.get(Realm.LDAPProperty.ROLES_MEMBER_ATTR);
                this._rolesMA = obj5 == null ? Env.ATTR_UNIQUE_MEMBER : (String) obj5;
            }
        } catch (NamingException e) {
            if (Dbg.LOG) {
                e.printStackTrace();
            }
            throw e;
        } catch (JAZNException e2) {
            if (Dbg.LOG) {
                e2.printStackTrace();
            }
            throw e2;
        } catch (Throwable th) {
            if (Dbg.LOG) {
                th.printStackTrace();
            }
            throw new JAZNRuntimeException(th.getMessage(), th);
        }
    }

    protected Set getusers(String str) throws JAZNException {
        HashSet hashSet = new HashSet();
        try {
            getSearchParam();
            SearchControls searchControls = new SearchControls();
            searchControls.setSearchScope(2);
            searchControls.setReturningAttributes(new String[]{"orclguid"});
            String str2 = null;
            if (this._usersObjClass != null) {
                str2 = new StringBuffer().append("(objectclass=").append(this._usersObjClass).append(")").toString();
            }
            String parseRPrincipalName = str == null ? "*" : parseRPrincipalName(str);
            NamingEnumeration search = LDAPUtil.getLDAPUtil(getJAZNConfig()).search(this._usersSearchbase, str2 != null ? new StringBuffer().append("(&").append(str2).append("(").append(this._usersNickname).append("=").append(parseRPrincipalName).append("))").toString() : new StringBuffer().append("(").append(this._usersNickname).append("=").append(parseRPrincipalName).append(")").toString(), searchControls);
            while (search != null) {
                if (!search.hasMore()) {
                    break;
                }
                SearchResult searchResult = (SearchResult) search.next();
                String name = searchResult.getName();
                if (!name.equals("")) {
                    String stringBuffer = new StringBuffer().append(name).append(Env.LDAP_SEPARATOR).append(this._usersSearchbase).toString();
                    String extractName = LDAPUtil.extractName(name, this._usersNickname);
                    LDAPRealmUser lDAPRealmUser = new LDAPRealmUser(getJAZNConfig(), extractName, stringBuffer, new Guid((String) searchResult.getAttributes().get("orclguid").get()), this._realmImpl);
                    hashSet.add(lDAPRealmUser);
                    if (isCacheEnabled()) {
                        String generateKey = generateKey(1, extractName);
                        this._cacheMgr.put(Env.LDAP_REALM, generateKey, lDAPRealmUser);
                        if (Dbg.PERF) {
                            System.out.println(new StringBuffer().append("getusers - add user to cache. key ").append(generateKey).toString());
                        }
                    }
                }
            }
        } catch (NoPermissionException e) {
            if (Dbg.LOG) {
                e.printStackTrace();
            }
        } catch (NamingException e2) {
            if (Dbg.LOG) {
                e2.printStackTrace();
            }
            throw new JAZNNamingException(Misc.getResourceBundle().getString(Resources.Key.USER_GET_FAILED), e2);
        } catch (JAZNException e3) {
            if (Dbg.LOG) {
                e3.printStackTrace();
            }
            throw new JAZNException(Misc.getResourceBundle().getString(Resources.Key.USER_GET_FAILED), e3);
        } catch (CommunicationException e4) {
            if (Dbg.LOG) {
                e4.printStackTrace();
            }
            throw new JAZNNamingException(Misc.getResourceBundle().getString(Resources.Key.COMMUNICATION_FAILED), e4);
        } catch (Throwable th) {
            if (Dbg.LOG) {
                th.printStackTrace();
            }
            throw new JAZNRuntimeException(Misc.getResourceBundle().getString(Resources.Key.USER_GET_FAILED), th);
        }
        return hashSet;
    }

    protected Set getroles(String str) throws JAZNException {
        HashSet hashSet = new HashSet();
        try {
            getSearchParam();
            SearchControls searchControls = new SearchControls();
            searchControls.setSearchScope(2);
            searchControls.setReturningAttributes(new String[0]);
            String str2 = null;
            if (this._rolesObjClass != null) {
                str2 = new StringBuffer().append("(objectclass=").append(this._rolesObjClass).append(")").toString();
            }
            if (str != null) {
                String parseRPrincipalName = parseRPrincipalName(str);
                str2 = str2 != null ? new StringBuffer().append("(&").append(str2).append("(").append(this._rolesNickname).append("=").append(parseRPrincipalName).append("))").toString() : new StringBuffer().append("(").append(this._rolesNickname).append("=").append(parseRPrincipalName).append(")").toString();
            }
            NamingEnumeration search = LDAPUtil.getLDAPUtil(getJAZNConfig()).search(this._rolesSearchbase, str2, searchControls);
            while (search != null && search.hasMore()) {
                String name = ((SearchResult) search.next()).getName();
                if (!name.equals("")) {
                    String stringBuffer = new StringBuffer().append(name).append(Env.LDAP_SEPARATOR).append(this._rolesSearchbase).toString();
                    String extractName = LDAPUtil.extractName(stringBuffer, this._rolesNickname);
                    LDAPRealmRole lDAPRealmRole = new LDAPRealmRole(getJAZNConfig(), extractName, stringBuffer, this._realmImpl);
                    hashSet.add(lDAPRealmRole);
                    if (isCacheEnabled()) {
                        String generateKey = generateKey(2, extractName);
                        this._cacheMgr.put(Env.LDAP_REALM, generateKey, lDAPRealmRole);
                        if (Dbg.PERF) {
                            System.out.println(new StringBuffer().append("getroles - add role to cache. key ").append(generateKey).toString());
                        }
                    }
                }
            }
            if (hashSet.isEmpty() && this._isSubscriber) {
                NamingEnumeration search2 = LDAPUtil.getLDAPUtil(getJAZNConfig()).search(this._rolesSearchbase2, str2, searchControls);
                while (search2 != null) {
                    if (!search2.hasMore()) {
                        break;
                    }
                    String name2 = ((SearchResult) search2.next()).getName();
                    if (!name2.equals("")) {
                        String stringBuffer2 = new StringBuffer().append(name2).append(Env.LDAP_SEPARATOR).append(this._rolesSearchbase).toString();
                        String extractName2 = LDAPUtil.extractName(stringBuffer2, this._rolesNickname);
                        LDAPRealmRole lDAPRealmRole2 = new LDAPRealmRole(getJAZNConfig(), extractName2, stringBuffer2, this._realmImpl);
                        hashSet.add(lDAPRealmRole2);
                        if (isCacheEnabled()) {
                            String generateKey2 = generateKey(2, extractName2);
                            this._cacheMgr.put(Env.LDAP_REALM, generateKey2, lDAPRealmRole2);
                            if (Dbg.PERF) {
                                System.out.println(new StringBuffer().append("getroles - add role to cache. key ").append(generateKey2).toString());
                            }
                        }
                    }
                }
            }
            return hashSet;
        } catch (JAZNException e) {
            if (Dbg.LOG) {
                e.printStackTrace();
            }
            throw new JAZNException(Misc.getResourceBundle().getString(Resources.Key.ROLE_GET_FAILED), e);
        } catch (CommunicationException e2) {
            if (Dbg.LOG) {
                e2.printStackTrace();
            }
            throw new JAZNNamingException(Misc.getResourceBundle().getString(Resources.Key.COMMUNICATION_FAILED), e2);
        } catch (NamingException e3) {
            if (Dbg.LOG) {
                e3.printStackTrace();
            }
            throw new JAZNNamingException(Misc.getResourceBundle().getString(Resources.Key.ROLE_GET_FAILED), e3);
        } catch (Throwable th) {
            if (Dbg.LOG) {
                th.printStackTrace();
            }
            throw new JAZNRuntimeException(Misc.getResourceBundle().getString(Resources.Key.ROLE_GET_FAILED), th);
        }
    }

    protected void getIndirectGrantedRoles(RealmPrincipal realmPrincipal, Set[] setArr) throws JAZNException {
        try {
            for (RealmPrincipal realmPrincipal2 : getDirectGrantedRoles(realmPrincipal)) {
                getIndirectGrantedRoles(realmPrincipal2, setArr);
                setArr[0].add(realmPrincipal2);
            }
        } catch (Exception e) {
            if (Dbg.LOG) {
                e.printStackTrace();
            }
            throw new JAZNException(Misc.getResourceBundle().getString(Resources.Key.ROLE_GET_GRANTED_FAILED), e);
        } catch (Throwable th) {
            if (Dbg.LOG) {
                th.printStackTrace();
            }
            throw new JAZNRuntimeException(Misc.getResourceBundle().getString(Resources.Key.ROLE_GET_GRANTED_FAILED), th);
        }
    }

    protected Set getDirectGrantedRoles(RealmPrincipal realmPrincipal) throws JAZNException {
        String generateKey;
        Object obj;
        if (isCacheEnabled() && (obj = this._cacheMgr.get(Env.LDAP_REALM, (generateKey = generateKey(3, realmPrincipal.getFullName())))) != null) {
            if (Dbg.PERF) {
                System.out.println(new StringBuffer().append("getDirectGrantedRoles with key=").append(generateKey).toString());
            }
            return (Set) obj;
        }
        HashSet hashSet = new HashSet();
        try {
            getSearchParam();
            SearchControls searchControls = new SearchControls();
            searchControls.setSearchScope(2);
            searchControls.setReturningAttributes(new String[0]);
            String stringBuffer = new StringBuffer().append("(objectclass=").append(this._rolesObjClass).append(")").toString();
            if (!(realmPrincipal instanceof LDAPRealmPrincipal)) {
                throw new JAZNException(new StringBuffer().append(Misc.getResourceBundle().getString(Resources.Key.USER_DN_NOT_FOUND)).append(realmPrincipal.getName()).toString());
            }
            String stringBuffer2 = new StringBuffer().append("(").append(Env.ATTR_UNIQUE_MEMBER).append("=").append(((LDAPRealmPrincipal) realmPrincipal).getDN()).append(")").toString();
            NamingEnumeration search = LDAPUtil.getLDAPUtil(getJAZNConfig()).search(this._rolesSearchbase, stringBuffer == null ? stringBuffer2 : new StringBuffer().append("(&").append(stringBuffer).append(stringBuffer2).append(")").toString(), searchControls);
            while (search != null && search.hasMore()) {
                String stringBuffer3 = new StringBuffer().append(((SearchResult) search.next()).getName()).append(Env.LDAP_SEPARATOR).append(this._rolesSearchbase).toString();
                LDAPRealmRole lDAPRealmRole = new LDAPRealmRole(getJAZNConfig(), LDAPUtil.extractName(stringBuffer3, this._rolesNickname), stringBuffer3, this._realmImpl);
                if (!realmPrincipal.equals(lDAPRealmRole)) {
                    hashSet.add(lDAPRealmRole);
                }
            }
            if (isCacheEnabled()) {
                String generateKey2 = generateKey(3, realmPrincipal.getFullName());
                this._cacheMgr.put(Env.LDAP_REALM, generateKey2, hashSet);
                if (Dbg.PERF) {
                    System.out.println(new StringBuffer().append("ExtRealm.getDirectGrantedRoles(p), put to cache with key=").append(generateKey2).toString());
                }
            }
            return hashSet;
        } catch (CommunicationException e) {
            if (Dbg.LOG) {
                e.printStackTrace();
            }
            throw new JAZNNamingException(Misc.getResourceBundle().getString(Resources.Key.COMMUNICATION_FAILED), e);
        } catch (NamingException e2) {
            if (Dbg.LOG) {
                e2.printStackTrace();
            }
            throw new JAZNNamingException(Misc.getResourceBundle().getString(Resources.Key.ROLE_GET_GRANTED_FAILED), e2);
        } catch (JAZNException e3) {
            if (Dbg.LOG) {
                e3.printStackTrace();
            }
            throw new JAZNException(Misc.getResourceBundle().getString(Resources.Key.ROLE_GET_GRANTED_FAILED), e3);
        } catch (Throwable th) {
            if (Dbg.LOG) {
                th.printStackTrace();
            }
            throw new JAZNRuntimeException(Misc.getResourceBundle().getString(Resources.Key.ROLE_GET_GRANTED_FAILED), th);
        }
    }

    protected void getIndirectGrantees(RealmRole realmRole, Set set) throws JAZNException {
        try {
            for (Object obj : getDirectGrantees(realmRole)) {
                if (obj instanceof RealmRole) {
                    getIndirectGrantees((RealmRole) obj, set);
                }
                set.add(obj);
            }
        } catch (JAZNException e) {
            if (Dbg.LOG) {
                e.printStackTrace();
            }
            throw e;
        } catch (Throwable th) {
            if (Dbg.LOG) {
                th.printStackTrace();
            }
            throw new JAZNRuntimeException(th.getMessage(), th);
        }
    }

    protected Set getDirectGrantees(RealmRole realmRole) throws JAZNException {
        if (isCacheEnabled()) {
            String generateKey = generateKey(5, realmRole.getName());
            if (Dbg.PERF) {
                System.out.println("ExtRealm.getDirectGrantees from cache ");
            }
            Object obj = this._cacheMgr.get(Env.LDAP_REALM, generateKey);
            if (obj != null) {
                if (Dbg.PERF) {
                    System.out.println(new StringBuffer().append("getDirectGrantees with key=").append(generateKey).toString());
                }
                return (Set) obj;
            }
        }
        HashSet hashSet = new HashSet();
        try {
            getSearchParam();
            SearchControls searchControls = new SearchControls();
            searchControls.setSearchScope(2);
            String stringBuffer = new StringBuffer().append("(").append(this._rolesNickname).append("=").append(parseRPrincipalName(realmRole.getName())).append(")").toString();
            if (this._rolesObjClass != null) {
                stringBuffer = stringBuffer == null ? new StringBuffer().append("(objectclass=").append(this._rolesObjClass).append(")").toString() : new StringBuffer().append("(&").append(stringBuffer).append("(objectclass=").append(this._rolesObjClass).append("))").toString();
            }
            NamingEnumeration search = LDAPUtil.getLDAPUtil(getJAZNConfig()).search(this._rolesSearchbase, stringBuffer, searchControls);
            while (search != null && search.hasMore()) {
                SearchResult searchResult = (SearchResult) search.next();
                searchResult.getName();
                Attributes attributes = searchResult.getAttributes();
                if (attributes != null) {
                    NamingEnumeration all = attributes.getAll();
                    while (all.hasMoreElements()) {
                        Attribute attribute = (Attribute) all.next();
                        if (attribute.getID().equals(this._rolesMA)) {
                            NamingEnumeration all2 = attribute.getAll();
                            while (all2.hasMoreElements()) {
                                String str = (String) all2.nextElement();
                                String extractName = LDAPUtil.extractName(str, this._rolesNickname);
                                boolean z = false;
                                NamingEnumeration all3 = LDAPUtil.getLDAPUtil(getJAZNConfig()).getAttributes(str).get(Env.OC).getAll();
                                while (all3.hasMoreElements()) {
                                    if (((String) all3.nextElement()).equalsIgnoreCase(Env.OC_GROUP_OF_UNIQUE_NAMES)) {
                                        z = true;
                                    }
                                }
                                if (z) {
                                    LDAPRealmRole lDAPRealmRole = new LDAPRealmRole(getJAZNConfig(), extractName, str, this._realmImpl);
                                    if (!lDAPRealmRole.equals(realmRole)) {
                                        hashSet.add(lDAPRealmRole);
                                    }
                                } else {
                                    hashSet.add(new LDAPRealmUser(getJAZNConfig(), extractName, str, this._realmImpl));
                                }
                            }
                        }
                    }
                }
            }
            if (isCacheEnabled()) {
                String generateKey2 = generateKey(5, realmRole.getName());
                this._cacheMgr.put(Env.LDAP_REALM, generateKey2, hashSet);
                if (Dbg.PERF) {
                    System.out.println(new StringBuffer().append("ExtRealm.getDirectGrantees, put to cache with key=").append(generateKey2).toString());
                }
            }
            return hashSet;
        } catch (NamingException e) {
            if (Dbg.LOG) {
                e.printStackTrace();
            }
            throw new JAZNNamingException(Misc.getResourceBundle().getString(Resources.Key.GRANTEES_GET_FAILED), e);
        } catch (CommunicationException e2) {
            if (Dbg.LOG) {
                e2.printStackTrace();
            }
            throw new JAZNNamingException(Misc.getResourceBundle().getString(Resources.Key.COMMUNICATION_FAILED), e2);
        } catch (Throwable th) {
            if (Dbg.LOG) {
                th.printStackTrace();
            }
            throw new JAZNException(Misc.getResourceBundle().getString(Resources.Key.GRANTEES_GET_FAILED), th);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String getRolesSearchBase() throws JAZNException {
        try {
            if (this._rolesSearchbase == null) {
                getSearchParam();
            }
            return this._rolesSearchbase;
        } catch (CommunicationException e) {
            if (Dbg.LOG) {
                e.printStackTrace();
            }
            throw new JAZNNamingException(Misc.getResourceBundle().getString(Resources.Key.COMMUNICATION_FAILED), e);
        } catch (NamingException e2) {
            if (Dbg.LOG) {
                e2.printStackTrace();
            }
            throw new JAZNNamingException(Misc.getResourceBundle().getString(Resources.Key.ROLE_GET_FAILED), e2);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String getUsersSearchBase() throws JAZNException {
        try {
            if (this._usersSearchbase == null) {
                getSearchParam();
            }
            return this._usersSearchbase;
        } catch (CommunicationException e) {
            if (Dbg.LOG) {
                e.printStackTrace();
            }
            throw new JAZNNamingException(Misc.getResourceBundle().getString(Resources.Key.COMMUNICATION_FAILED), e);
        } catch (NamingException e2) {
            if (Dbg.LOG) {
                e2.printStackTrace();
            }
            throw new JAZNNamingException(Misc.getResourceBundle().getString(Resources.Key.USER_GET_FAILED), e2);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public final boolean isCacheEnabled() {
        return _isCacheEnabled;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String parseRPrincipalName(String str) {
        int indexOf = str.indexOf("/");
        String str2 = str;
        if (indexOf > 0) {
            str2 = str.substring(indexOf + 1);
        }
        return str2;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String generateKey(int i, String str) {
        StringBuffer stringBuffer = new StringBuffer();
        if (i == 1) {
            stringBuffer.append("LDAPRealmUser:");
        } else if (i == 2) {
            stringBuffer.append("LDAPRealmRole:");
        } else if (i == 3) {
            stringBuffer.append("GRANTED_ROLES:");
        } else if (i == 4) {
            stringBuffer.append("GRANTED_ROLES_INDIRECT:");
        } else if (i == 5) {
            stringBuffer.append("GRANTEES:");
        } else if (i == 6) {
            stringBuffer.append("GRANTEES_INDIRECT:");
        }
        if (str == null && (i == 1 || i == 2)) {
            stringBuffer.append(getRealm().getName()).append(":ALL");
        } else if (str.indexOf("/") < 0) {
            stringBuffer.append(getRealm().getName()).append("/").append(str);
        } else {
            stringBuffer.append(str);
        }
        return stringBuffer.toString();
    }

    private void printSet(Set set) {
        if (set == null || set.isEmpty()) {
            return;
        }
        Iterator it = set.iterator();
        while (it.hasNext()) {
            DbgWriter.writeln(new StringBuffer().append("element ").append(it.next()).toString());
        }
    }

    public boolean equals(Object obj) {
        if (!(obj instanceof ExtRealm)) {
            return false;
        }
        try {
            ExtRealm extRealm = (ExtRealm) obj;
            boolean equalsIgnoreCase = this._realmImpl.getRealmDN().equalsIgnoreCase(extRealm._realmImpl.getRealmDN());
            if (Dbg.LOG && !equalsIgnoreCase) {
                System.out.println(new StringBuffer().append("JAAS-LDAP: Realm mismatch - this.realmDN: ").append(this._realmImpl.getRealmDN()).append(" that.realmDN: ").append(extRealm._realmImpl.getRealmDN()).toString());
            }
            return equalsIgnoreCase;
        } catch (Throwable th) {
            if (!Dbg.LOG) {
                return false;
            }
            th.printStackTrace();
            return false;
        }
    }
}
