package org.opends.server.util.cli;

import com.forgerock.opendj.cli.Argument;
import com.forgerock.opendj.cli.ArgumentConstants;
import com.forgerock.opendj.cli.ArgumentException;
import com.forgerock.opendj.cli.ClientException;
import com.forgerock.opendj.cli.CommandBuilder;
import com.forgerock.opendj.cli.ConsoleApplication;
import com.forgerock.opendj.cli.FileBasedArgument;
import com.forgerock.opendj.cli.Menu;
import com.forgerock.opendj.cli.MenuBuilder;
import com.forgerock.opendj.cli.MenuResult;
import com.forgerock.opendj.cli.StringArgument;
import com.forgerock.opendj.cli.Utils;
import com.forgerock.opendj.cli.ValidationCallback;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.net.InetAddress;
import java.net.UnknownHostException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.Map;
import javax.net.ssl.KeyManager;
import org.forgerock.i18n.LocalizableMessage;
import org.forgerock.i18n.slf4j.LocalizedLogger;
import org.forgerock.opendj.ldap.DN;
import org.opends.admin.ads.util.ApplicationKeyManager;
import org.opends.admin.ads.util.ApplicationTrustManager;
import org.opends.messages.ToolMessages;
import org.opends.server.admin.client.cli.SecureConnectionCliArgs;
import org.opends.server.tools.LDAPConnectionOptions;
import org.opends.server.tools.SSLConnectionException;
import org.opends.server.tools.SSLConnectionFactory;
import org.opends.server.types.HostPort;
import org.opends.server.util.CertificateManager;
import org.opends.server.util.CollectionUtils;
import org.opends.server.util.SelectableCertificateKeyManager;

/* loaded from: input_file:org/opends/server/util/cli/LDAPConnectionConsoleInteraction.class */
public class LDAPConnectionConsoleInteraction {
    private static final Protocol DEFAULT_PROMPT_PROTOCOL = Protocol.SSL;
    private static final TrustMethod DEFAULT_PROMPT_TRUST_METHOD = TrustMethod.DISPLAY_CERTIFICATE;
    private static final TrustOption DEFAULT_PROMPT_TRUST_OPTION = TrustOption.SESSION;
    private static final boolean ALLOW_EMPTY_PATH = true;
    private static final boolean FILE_MUST_EXISTS = true;
    private boolean allowAnonymousIfNonInteractive;
    private ConsoleApplication app;
    private State state;
    private final SecureConnectionCliArgs secureArgsList;
    private CommandBuilder commandBuilder;
    private SecureConnectionCliArgs copySecureArgsList;
    private boolean displayLdapIfSecureParameters;
    private int portNumber;
    private LocalizableMessage heading;
    private boolean useAdminOrBindDn;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/opends/server/util/cli/LDAPConnectionConsoleInteraction$Protocol.class */
    public enum Protocol {
        LDAP(ToolMessages.INFO_LDAP_CONN_PROMPT_SECURITY_LDAP.get()),
        SSL(ToolMessages.INFO_LDAP_CONN_PROMPT_SECURITY_USE_SSL.get()),
        START_TLS(ToolMessages.INFO_LDAP_CONN_PROMPT_SECURITY_USE_START_TLS.get());

        private final LocalizableMessage message;

        Protocol(LocalizableMessage localizableMessage) {
            this.message = localizableMessage;
        }

        /* JADX INFO: Access modifiers changed from: private */
        public int getChoice() {
            return ordinal() + 1;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/opends/server/util/cli/LDAPConnectionConsoleInteraction$State.class */
    public static class State {
        private boolean useSSL;
        private boolean useStartTLS;
        private String hostName;
        private DN bindDN;
        private DN providedBindDN;
        private String adminUID;
        private String providedAdminUID;
        private String bindPassword;
        private int connectTimeout;
        private boolean isHeadingDisplayed;
        private ApplicationTrustManager trustManager;
        private boolean trustStoreInMemory;
        private boolean trustAll;
        private boolean trustManagerInitialized;
        private KeyStore truststore;
        private String truststorePath;
        private String truststorePassword;
        private KeyManager keyManager;
        private String keyStorePath;
        private String keystorePassword;
        private String certifNickname;

        private State(SecureConnectionCliArgs secureConnectionCliArgs) {
            setSsl(secureConnectionCliArgs);
            this.trustAll = secureConnectionCliArgs.getTrustAllArg().isPresent();
        }

        protected LocalizableMessage getPrompt() {
            return this.providedAdminUID != null ? ToolMessages.INFO_LDAPAUTH_PASSWORD_PROMPT.get(this.providedAdminUID) : this.providedBindDN != null ? ToolMessages.INFO_LDAPAUTH_PASSWORD_PROMPT.get(this.providedBindDN) : this.bindDN != null ? ToolMessages.INFO_LDAPAUTH_PASSWORD_PROMPT.get(this.bindDN) : ToolMessages.INFO_LDAPAUTH_PASSWORD_PROMPT.get(this.adminUID);
        }

        protected DN getAdminOrBindDN() {
            if (this.providedBindDN != null) {
                return this.providedBindDN;
            }
            if (this.providedAdminUID != null) {
                return Utils.getAdministratorDN(this.providedAdminUID);
            }
            if (this.bindDN != null) {
                return this.bindDN;
            }
            if (this.adminUID != null) {
                return Utils.getAdministratorDN(this.adminUID);
            }
            return null;
        }

        /* JADX INFO: Access modifiers changed from: private */
        public void setSsl(SecureConnectionCliArgs secureConnectionCliArgs) {
            this.useSSL = secureConnectionCliArgs.alwaysUseSsl() || secureConnectionCliArgs.getUseSSLArg().isPresent();
            this.useStartTLS = secureConnectionCliArgs.getUseStartTLSArg().isPresent();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/opends/server/util/cli/LDAPConnectionConsoleInteraction$TrustMethod.class */
    public enum TrustMethod {
        TRUSTALL(ToolMessages.INFO_LDAP_CONN_PROMPT_SECURITY_USE_TRUST_ALL.get()),
        TRUSTSTORE(ToolMessages.INFO_LDAP_CONN_PROMPT_SECURITY_TRUSTSTORE.get()),
        DISPLAY_CERTIFICATE(ToolMessages.INFO_LDAP_CONN_PROMPT_SECURITY_MANUAL_CHECK.get());

        private LocalizableMessage message;

        TrustMethod(LocalizableMessage localizableMessage) {
            this.message = localizableMessage;
        }

        /* JADX INFO: Access modifiers changed from: private */
        public int getChoice() {
            return ordinal() + 1;
        }

        /* JADX INFO: Access modifiers changed from: private */
        public static TrustMethod getTrustMethodForIndex(int i) {
            for (TrustMethod trustMethod : values()) {
                if (trustMethod.getChoice() == i) {
                    return trustMethod;
                }
            }
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/opends/server/util/cli/LDAPConnectionConsoleInteraction$TrustOption.class */
    public enum TrustOption {
        UNTRUSTED(ToolMessages.INFO_LDAP_CONN_PROMPT_SECURITY_TRUST_OPTION_NO.get()),
        SESSION(ToolMessages.INFO_LDAP_CONN_PROMPT_SECURITY_TRUST_OPTION_SESSION.get()),
        PERMAMENT(ToolMessages.INFO_LDAP_CONN_PROMPT_SECURITY_TRUST_OPTION_ALWAYS.get()),
        CERTIFICATE_DETAILS(ToolMessages.INFO_LDAP_CONN_PROMPT_SECURITY_CERTIFICATE_DETAILS.get());

        private LocalizableMessage message;

        TrustOption(LocalizableMessage localizableMessage) {
            this.message = localizableMessage;
        }

        /* JADX INFO: Access modifiers changed from: private */
        public int getChoice() {
            return ordinal() + 1;
        }

        /* JADX INFO: Access modifiers changed from: private */
        public static TrustOption getTrustOptionForIndex(int i) {
            for (TrustOption trustOption : values()) {
                if (trustOption.getChoice() == i) {
                    return trustOption;
                }
            }
            return null;
        }
    }

    public LDAPConnectionConsoleInteraction(ConsoleApplication consoleApplication, SecureConnectionCliArgs secureConnectionCliArgs) {
        this(consoleApplication, secureConnectionCliArgs, false);
    }

    public LDAPConnectionConsoleInteraction(ConsoleApplication consoleApplication, SecureConnectionCliArgs secureConnectionCliArgs, boolean z) {
        this.heading = ToolMessages.INFO_LDAP_CONN_HEADING_CONNECTION_PARAMETERS.get();
        this.app = consoleApplication;
        this.secureArgsList = secureConnectionCliArgs;
        this.commandBuilder = new CommandBuilder();
        this.allowAnonymousIfNonInteractive = z;
        this.state = new State(secureConnectionCliArgs);
        this.copySecureArgsList = new SecureConnectionCliArgs(secureConnectionCliArgs.alwaysUseSsl());
        try {
            this.copySecureArgsList.createGlobalArguments();
        } catch (Throwable th) {
            throw new RuntimeException("Unexpected error: " + th, th);
        }
    }

    public void run() throws ArgumentException {
        run(true);
    }

    public void run(boolean z) throws ArgumentException {
        resetBeforeRun();
        resolveHostName();
        resolveConnectionType(z);
        resolvePortNumber();
        resolveTrustAndKeyManagers();
        resolveCredentialLogin();
        resolveCredentialPassword();
        resolveConnectTimeout();
    }

    private void resetBeforeRun() throws ArgumentException {
        this.commandBuilder.clearArguments();
        this.copySecureArgsList.createGlobalArguments();
        this.state.providedAdminUID = null;
        this.state.providedBindDN = null;
    }

    private void resolveHostName() throws ArgumentException {
        this.state.hostName = this.secureArgsList.getHostNameArg().getValue();
        promptForHostNameIfRequired();
        addArgToCommandBuilder(this.copySecureArgsList.getHostNameArg(), this.state.hostName);
    }

    private void resolveConnectionType(boolean z) {
        this.state.setSsl(this.secureArgsList);
        promptForConnectionTypeIfRequired(z);
        addConnectionTypeToCommandBuilder();
    }

    private void resolvePortNumber() throws ArgumentException {
        this.portNumber = (!this.state.useSSL || this.secureArgsList.getPortArg().isPresent()) ? this.secureArgsList.getPortArg().getIntValue() : this.secureArgsList.getPortFromConfig();
        promptForPortNumberIfRequired();
        addArgToCommandBuilder(this.copySecureArgsList.getPortArg(), String.valueOf(this.portNumber));
    }

    private void resolveTrustAndKeyManagers() throws ArgumentException {
        if ((this.state.useSSL || this.state.useStartTLS) && this.state.trustManager == null) {
            initializeTrustAndKeyManagers();
        }
    }

    private void resolveCredentialLogin() throws ArgumentException {
        setAdminUidAndBindDnFromArgs();
        if (useKeyManager()) {
            return;
        }
        promptForCredentialLoginIfRequired(this.secureArgsList.getBindDnArg().getValue(), this.secureArgsList.getAdminUidArg().getValue());
        boolean z = this.state.providedAdminUID != null || this.state.providedBindDN == null;
        if (!(this.useAdminOrBindDn && z) && (this.useAdminOrBindDn || !isAdminUidArgVisible())) {
            addArgToCommandBuilder(this.copySecureArgsList.getBindDnArg(), getBindDN().toString());
        } else {
            addArgToCommandBuilder(this.copySecureArgsList.getAdminUidArg(), getAdministratorUID());
        }
    }

    private void setAdminUidAndBindDnFromArgs() {
        StringArgument adminUidArg = this.secureArgsList.getAdminUidArg();
        StringArgument bindDnArg = this.secureArgsList.getBindDnArg();
        this.state.providedAdminUID = (isAdminUidArgVisible() && adminUidArg.isPresent()) ? adminUidArg.getValue() : null;
        boolean z = (this.useAdminOrBindDn || !isAdminUidArgVisible()) && bindDnArg.isPresent();
        this.state.providedBindDN = z ? DN.valueOf(bindDnArg.getValue()) : null;
        this.state.adminUID = !useKeyManager() ? adminUidArg.getValue() : null;
        this.state.bindDN = !useKeyManager() ? DN.valueOf(bindDnArg.getValue()) : null;
    }

    private void resolveCredentialPassword() throws ArgumentException {
        if (this.secureArgsList.getBindPasswordArg().isPresent()) {
            this.state.bindPassword = this.secureArgsList.getBindPasswordArg().getValue();
        }
        if (useKeyManager()) {
            return;
        }
        setBindPasswordFileFromArgs();
        boolean isPresent = this.secureArgsList.getBindPasswordFileArg().isPresent();
        if (!isPresent && (this.state.bindPassword == null || ArgumentConstants.USE_SYSTEM_STREAM_TOKEN.equals(this.state.bindPassword))) {
            promptForBindPasswordIfRequired();
        }
        StringArgument bindPasswordArg = this.copySecureArgsList.getBindPasswordArg();
        bindPasswordArg.clearValues();
        bindPasswordArg.addValue(this.state.bindPassword);
        if (isPresent) {
            return;
        }
        this.commandBuilder.addObfuscatedArgument(bindPasswordArg);
    }

    private void setBindPasswordFileFromArgs() throws ArgumentException {
        FileBasedArgument bindPasswordFileArg = this.secureArgsList.getBindPasswordFileArg();
        if (bindPasswordFileArg.isPresent()) {
            this.state.bindPassword = bindPasswordFileArg.getValue();
            if (this.state.bindPassword == null) {
                throw new ArgumentException(ToolMessages.ERR_ERROR_NO_ADMIN_PASSWORD.get(isAdminUidArgVisible() ? this.state.adminUID : this.state.bindDN));
            }
            addArgToCommandBuilder(this.copySecureArgsList.getBindPasswordFileArg(), bindPasswordFileArg.getNameToValueMap());
        }
    }

    private void resolveConnectTimeout() throws ArgumentException {
        this.state.connectTimeout = this.secureArgsList.getConnectTimeoutArg().getIntValue();
    }

    private void promptForHostNameIfRequired() throws ArgumentException {
        if (!this.app.isInteractive() || this.secureArgsList.getHostNameArg().isPresent()) {
            return;
        }
        checkHeadingDisplayed();
        ValidationCallback<String> validationCallback = new ValidationCallback<String>() { // from class: org.opends.server.util.cli.LDAPConnectionConsoleInteraction.1
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // com.forgerock.opendj.cli.ValidationCallback
            public String validate(ConsoleApplication consoleApplication, String str) throws ClientException {
                String trim = str.trim();
                if (trim.length() == 0) {
                    return LDAPConnectionConsoleInteraction.this.state.hostName;
                }
                try {
                    InetAddress.getByName(trim);
                    return trim;
                } catch (UnknownHostException e) {
                    consoleApplication.println();
                    consoleApplication.println(ToolMessages.ERR_LDAP_CONN_BAD_HOST_NAME.get(trim));
                    consoleApplication.println();
                    return null;
                }
            }
        };
        try {
            this.app.println();
            this.state.hostName = (String) this.app.readValidatedInput(ToolMessages.INFO_LDAP_CONN_PROMPT_HOST_NAME.get(this.state.hostName), validationCallback);
        } catch (ClientException e) {
            throw cannotReadConnectionParameters(e);
        }
    }

    private void promptForConnectionTypeIfRequired(boolean z) {
        boolean z2 = this.secureArgsList.getUseSSLArg().isValueSetByProperty() && this.secureArgsList.getUseStartTLSArg().isValueSetByProperty();
        if (!this.app.isInteractive() || this.state.useSSL || this.state.useStartTLS || z2) {
            return;
        }
        checkHeadingDisplayed();
        MenuBuilder menuBuilder = new MenuBuilder(this.app);
        menuBuilder.setPrompt(ToolMessages.INFO_LDAP_CONN_PROMPT_SECURITY_USE_SECURE_CTX.get());
        for (Protocol protocol : Protocol.values()) {
            if ((this.displayLdapIfSecureParameters || !Protocol.LDAP.equals(protocol)) && (z || !Protocol.START_TLS.equals(protocol))) {
                MenuResult success = MenuResult.success(Integer.valueOf(protocol.getChoice()));
                int addNumberedOption = menuBuilder.addNumberedOption(protocol.message, success, new LocalizableMessage[0]);
                if (DEFAULT_PROMPT_PROTOCOL.equals(protocol)) {
                    menuBuilder.setDefault(ToolMessages.INFO_LDAP_CONN_PROMPT_SECURITY_PROTOCOL_DEFAULT_CHOICE.get(Integer.valueOf(addNumberedOption)), success);
                }
            }
        }
        try {
            MenuResult<?> run = menuBuilder.toMenu().run();
            throwIfMenuResultNotSucceeded(run);
            int intValue = ((Integer) run.getValue()).intValue();
            if (Protocol.SSL.getChoice() == intValue) {
                this.state.useSSL = true;
            } else if (Protocol.START_TLS.getChoice() == intValue) {
                this.state.useStartTLS = true;
            }
        } catch (ClientException e) {
            throw new RuntimeException(e);
        }
    }

    private void promptForPortNumberIfRequired() throws ArgumentException {
        if (!this.app.isInteractive() || this.secureArgsList.getPortArg().isPresent()) {
            return;
        }
        checkHeadingDisplayed();
        try {
            this.app.println();
            this.portNumber = ((Integer) this.app.readValidatedInput(this.secureArgsList.alwaysUseSsl() ? ToolMessages.INFO_ADMIN_CONN_PROMPT_PORT_NUMBER.get(Integer.valueOf(this.portNumber)) : ToolMessages.INFO_LDAP_CONN_PROMPT_PORT_NUMBER.get(Integer.valueOf(this.portNumber)), Utils.portValidationCallback(this.portNumber))).intValue();
        } catch (ClientException e) {
            throw cannotReadConnectionParameters(e);
        }
    }

    private void promptForCredentialLoginIfRequired(final String str, final String str2) throws ArgumentException {
        if (this.app.isInteractive() && this.state.providedAdminUID == null && this.state.providedBindDN == null) {
            checkHeadingDisplayed();
            ValidationCallback<String> validationCallback = new ValidationCallback<String>() { // from class: org.opends.server.util.cli.LDAPConnectionConsoleInteraction.2
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // com.forgerock.opendj.cli.ValidationCallback
                public String validate(ConsoleApplication consoleApplication, String str3) throws ClientException {
                    String trim = str3.trim();
                    return trim.isEmpty() ? LDAPConnectionConsoleInteraction.this.isAdminUidArgVisible() ? str2 : str : trim;
                }
            };
            try {
                this.app.println();
                if (this.useAdminOrBindDn) {
                    String str3 = (String) this.app.readValidatedInput(ToolMessages.INFO_LDAP_CONN_GLOBAL_ADMINISTRATOR_OR_BINDDN_PROMPT.get(this.state.adminUID != null ? this.state.adminUID : this.state.bindDN.toString()), validationCallback);
                    if (Utils.isDN(str3)) {
                        DN valueOf = DN.valueOf(str3);
                        this.state.bindDN = valueOf;
                        this.state.providedBindDN = valueOf;
                        this.state.adminUID = null;
                        this.state.providedAdminUID = null;
                    } else {
                        this.state.bindDN = null;
                        this.state.providedBindDN = null;
                        this.state.adminUID = str3;
                        this.state.providedAdminUID = str3;
                    }
                } else if (isAdminUidArgVisible()) {
                    this.state.adminUID = (String) this.app.readValidatedInput(ToolMessages.INFO_LDAP_CONN_PROMPT_ADMINISTRATOR_UID.get(this.state.adminUID), validationCallback);
                    this.state.providedAdminUID = this.state.adminUID;
                } else {
                    this.state.bindDN = DN.valueOf((String) this.app.readValidatedInput(ToolMessages.INFO_LDAP_CONN_PROMPT_BIND_DN.get(this.state.bindDN), validationCallback));
                    this.state.providedBindDN = this.state.bindDN;
                }
            } catch (ClientException e) {
                throw cannotReadConnectionParameters(e);
            }
        }
    }

    private void promptForBindPasswordIfRequired() throws ArgumentException {
        if (!this.app.isInteractive()) {
            if (!this.allowAnonymousIfNonInteractive) {
                throw new ArgumentException(ToolMessages.ERR_ERROR_BIND_PASSWORD_NONINTERACTIVE.get());
            }
            return;
        }
        checkHeadingDisplayed();
        try {
            this.state.bindPassword = readPassword(this.state.getPrompt());
        } catch (Exception e) {
            throw new ArgumentException(ToolMessages.ERR_ERROR_CANNOT_READ_CONNECTION_PARAMETERS.get(e.getMessage()), e.getCause());
        }
    }

    private ApplicationTrustManager getTrustManagerInternal() throws ArgumentException {
        this.commandBuilder.removeArguments(this.copySecureArgsList.getTrustAllArg(), this.copySecureArgsList.getTrustStorePathArg(), this.copySecureArgsList.getTrustStorePasswordArg(), this.copySecureArgsList.getTrustStorePasswordFileArg());
        TrustMethod resolveTrustMethod = resolveTrustMethod();
        if (TrustMethod.TRUSTALL == resolveTrustMethod) {
            return null;
        }
        resolveTrustStorePath(TrustMethod.TRUSTSTORE == resolveTrustMethod);
        setTrustStorePassword();
        setTrustStorePasswordFromFile();
        if (ArgumentConstants.USE_SYSTEM_STREAM_TOKEN.equals(this.state.truststorePassword)) {
            promptForTrustStorePasswordIfRequired();
        }
        return resolveTrustStore();
    }

    private void setTrustStorePassword() {
        if (this.secureArgsList.getTrustStorePasswordArg().isPresent()) {
            this.state.truststorePassword = this.secureArgsList.getTrustStorePasswordArg().getValue();
        }
    }

    private void setTrustStorePasswordFromFile() {
        if (this.secureArgsList.getTrustStorePasswordFileArg().isPresent()) {
            this.state.truststorePassword = this.secureArgsList.getTrustStorePasswordFileArg().getValue();
        }
    }

    private TrustMethod resolveTrustMethod() {
        this.state.trustAll = this.secureArgsList.getTrustAllArg().isPresent();
        boolean z = (this.state.trustAll || this.secureArgsList.getTrustStorePathArg().isPresent() || this.secureArgsList.getTrustStorePasswordArg().isPresent() || this.secureArgsList.getTrustStorePasswordFileArg().isPresent()) ? false : true;
        TrustMethod trustMethod = this.state.trustAll ? TrustMethod.TRUSTALL : null;
        if (z && !useLocalTrustStoreIfPossible()) {
            trustMethod = promptForTrustMethodIfRequired();
        }
        if (trustMethod != TrustMethod.TRUSTSTORE) {
            this.commandBuilder.addArgument(this.copySecureArgsList.getTrustAllArg());
        }
        return trustMethod;
    }

    private void resolveTrustStorePath(boolean z) throws ArgumentException {
        this.state.truststorePath = this.secureArgsList.getTrustStorePathArg().getValue();
        if (z) {
            promptForTrustStorePathIfRequired();
        }
        addArgToCommandBuilder(this.copySecureArgsList.getTrustStorePathArg(), this.state.truststorePath);
    }

    private ApplicationTrustManager resolveTrustStore() throws ArgumentException {
        try {
            this.state.truststore = KeyStore.getInstance(KeyStore.getDefaultType());
            if (this.state.truststorePath != null) {
                FileInputStream fileInputStream = new FileInputStream(this.state.truststorePath);
                Throwable th = null;
                try {
                    this.state.truststore.load(fileInputStream, this.state.truststorePassword != null ? this.state.truststorePassword.toCharArray() : null);
                    if (fileInputStream != null) {
                        if (0 != 0) {
                            try {
                                fileInputStream.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            fileInputStream.close();
                        }
                    }
                } finally {
                }
            } else {
                this.state.truststore.load(null, null);
            }
            if (this.secureArgsList.getTrustStorePasswordFileArg().isPresent() && this.state.truststorePath != null) {
                addArgToCommandBuilder(this.copySecureArgsList.getTrustStorePasswordFileArg(), this.secureArgsList.getTrustStorePasswordFileArg().getNameToValueMap());
            } else if (this.state.truststorePassword != null && this.state.truststorePath != null) {
                addObfuscatedArgToCommandBuilder(this.copySecureArgsList.getTrustStorePasswordArg(), this.state.truststorePassword);
            }
            return new ApplicationTrustManager(this.state.truststore);
        } catch (Exception e) {
            throw new ArgumentException(ToolMessages.ERR_ERROR_CANNOT_READ_CONNECTION_PARAMETERS.get(e.getMessage()), e.getCause());
        }
    }

    private TrustMethod promptForTrustMethodIfRequired() {
        if (!this.app.isInteractive()) {
            return null;
        }
        checkHeadingDisplayed();
        this.app.println();
        MenuBuilder menuBuilder = new MenuBuilder(this.app);
        menuBuilder.setPrompt(ToolMessages.INFO_LDAP_CONN_PROMPT_SECURITY_TRUST_METHOD.get());
        for (TrustMethod trustMethod : TrustMethod.values()) {
            int addNumberedOption = menuBuilder.addNumberedOption(trustMethod.message, MenuResult.success(Integer.valueOf(trustMethod.getChoice())), new LocalizableMessage[0]);
            if (DEFAULT_PROMPT_TRUST_METHOD.equals(trustMethod)) {
                menuBuilder.setDefault(ToolMessages.INFO_LDAP_CONN_PROMPT_SECURITY_PROTOCOL_DEFAULT_CHOICE.get(Integer.valueOf(addNumberedOption)), MenuResult.success(Integer.valueOf(trustMethod.getChoice())));
            }
        }
        Menu menu = menuBuilder.toMenu();
        this.state.trustStoreInMemory = false;
        try {
            MenuResult<?> run = menu.run();
            throwIfMenuResultNotSucceeded(run);
            int intValue = ((Integer) run.getValue()).intValue();
            if (TrustMethod.TRUSTALL.getChoice() == intValue) {
                this.state.trustAll = true;
            } else if (TrustMethod.DISPLAY_CERTIFICATE.getChoice() == intValue) {
                this.state.trustStoreInMemory = true;
            }
            return TrustMethod.getTrustMethodForIndex(intValue);
        } catch (ClientException e) {
            throw new RuntimeException(e);
        }
    }

    private void promptForTrustStorePathIfRequired() throws ArgumentException {
        if (!this.app.isInteractive() || this.secureArgsList.getTrustStorePathArg().isPresent()) {
            return;
        }
        checkHeadingDisplayed();
        try {
            this.app.println();
            this.state.truststorePath = (String) this.app.readValidatedInput(ToolMessages.INFO_LDAP_CONN_PROMPT_SECURITY_TRUSTSTORE_PATH.get(), filePathValidationCallback(false, true));
        } catch (ClientException e) {
            throw cannotReadConnectionParameters(e);
        }
    }

    private void promptForTrustStorePasswordIfRequired() throws ArgumentException {
        if (this.app.isInteractive()) {
            checkHeadingDisplayed();
            try {
                this.state.truststorePassword = readPassword(ToolMessages.INFO_LDAP_CONN_PROMPT_SECURITY_TRUSTSTORE_PASSWORD.get(this.state.truststorePath));
            } catch (Exception e) {
                throw new ArgumentException(ToolMessages.ERR_ERROR_CANNOT_READ_CONNECTION_PARAMETERS.get(e.getMessage()), e.getCause());
            }
        }
    }

    private KeyManager getKeyManagerInternal() throws ArgumentException {
        this.commandBuilder.removeArguments(this.copySecureArgsList.getCertNicknameArg(), this.copySecureArgsList.getKeyStorePathArg(), this.copySecureArgsList.getKeyStorePasswordArg(), this.copySecureArgsList.getKeyStorePasswordFileArg());
        if (!this.secureArgsList.getKeyStorePathArg().isPresent() && !this.secureArgsList.getKeyStorePasswordArg().isPresent() && !this.secureArgsList.getKeyStorePasswordFileArg().isPresent() && !this.secureArgsList.getCertNicknameArg().isPresent()) {
            return null;
        }
        resolveKeyStorePath();
        resolveKeyStorePassword();
        KeyStore createKeyStore = createKeyStore();
        resolveCertificateNickname(createKeyStore);
        ApplicationKeyManager applicationKeyManager = new ApplicationKeyManager(createKeyStore, this.state.keystorePassword.toCharArray());
        addKeyStorePasswordArgToCommandBuilder();
        if (this.state.certifNickname == null) {
            return applicationKeyManager;
        }
        addArgToCommandBuilder(this.copySecureArgsList.getCertNicknameArg(), this.state.certifNickname);
        return SelectableCertificateKeyManager.wrap(new KeyManager[]{applicationKeyManager}, CollectionUtils.newTreeSet(this.state.certifNickname))[0];
    }

    private void resolveKeyStorePath() throws ArgumentException {
        this.state.keyStorePath = this.secureArgsList.getKeyStorePathArg().getValue();
        promptForKeyStorePathIfRequired();
        if (this.state.keyStorePath == null) {
            throw new ArgumentException(ToolMessages.ERR_ERROR_INCOMPATIBLE_PROPERTY_MOD.get("null keystorePath"));
        }
        addArgToCommandBuilder(this.copySecureArgsList.getKeyStorePathArg(), this.state.keyStorePath);
    }

    private void resolveKeyStorePassword() throws ArgumentException {
        this.state.keystorePassword = this.secureArgsList.getKeyStorePasswordArg().getValue();
        if (this.secureArgsList.getKeyStorePasswordFileArg().isPresent()) {
            this.state.keystorePassword = this.secureArgsList.getKeyStorePasswordFileArg().getValue();
            if (this.state.keystorePassword == null) {
                throw new ArgumentException(ToolMessages.ERR_INSTALLDS_NO_KEYSTORE_PASSWORD.get(this.secureArgsList.getKeyStorePathArg().getLongIdentifier(), this.secureArgsList.getKeyStorePasswordFileArg().getLongIdentifier()));
            }
            return;
        }
        if (this.state.keystorePassword == null || ArgumentConstants.USE_SYSTEM_STREAM_TOKEN.equals(this.state.keystorePassword)) {
            promptForKeyStorePasswordIfRequired();
        }
    }

    private KeyStore createKeyStore() throws ArgumentException {
        try {
            FileInputStream fileInputStream = new FileInputStream(this.state.keyStorePath);
            Throwable th = null;
            try {
                KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
                keyStore.load(fileInputStream, this.state.keystorePassword.toCharArray());
                if (fileInputStream != null) {
                    if (0 != 0) {
                        try {
                            fileInputStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        fileInputStream.close();
                    }
                }
                return keyStore;
            } finally {
            }
        } catch (Exception e) {
            throw new ArgumentException(ToolMessages.ERR_ERROR_CANNOT_READ_CONNECTION_PARAMETERS.get(e.getMessage()), e.getCause());
        }
    }

    private void resolveCertificateNickname(KeyStore keyStore) throws ArgumentException {
        this.state.certifNickname = this.secureArgsList.getCertNicknameArg().getValue();
        try {
            promptForCertificateNicknameIfRequired(keyStore, keyStore.aliases());
        } catch (KeyStoreException e) {
            throw new ArgumentException(ToolMessages.ERR_RESOLVE_KEYSTORE_ALIASES.get(e.getMessage()), e);
        }
    }

    private void promptForKeyStorePathIfRequired() throws ArgumentException {
        if (!this.app.isInteractive() || this.secureArgsList.getKeyStorePathArg().isPresent()) {
            return;
        }
        checkHeadingDisplayed();
        try {
            this.app.println();
            this.state.keyStorePath = (String) this.app.readValidatedInput(ToolMessages.INFO_LDAP_CONN_PROMPT_SECURITY_KEYSTORE_PATH.get(), filePathValidationCallback(true, true));
        } catch (ClientException e) {
            throw cannotReadConnectionParameters(e);
        }
    }

    private void promptForKeyStorePasswordIfRequired() throws ArgumentException {
        if (!this.app.isInteractive()) {
            throw new ArgumentException(ToolMessages.ERR_ERROR_BIND_PASSWORD_NONINTERACTIVE.get());
        }
        checkHeadingDisplayed();
        try {
            this.state.keystorePassword = readPassword(ToolMessages.INFO_LDAP_CONN_PROMPT_SECURITY_KEYSTORE_PASSWORD.get(this.state.keyStorePath));
        } catch (Exception e) {
            throw new ArgumentException(ToolMessages.ERR_ERROR_CANNOT_READ_CONNECTION_PARAMETERS.get(e.getMessage()), e.getCause());
        }
    }

    private void promptForCertificateNicknameIfRequired(KeyStore keyStore, Enumeration<String> enumeration) throws ArgumentException {
        if (this.app.isInteractive() && !this.secureArgsList.getCertNicknameArg().isPresent() && enumeration.hasMoreElements()) {
            this.state.certifNickname = null;
            checkHeadingDisplayed();
            try {
                MenuBuilder menuBuilder = new MenuBuilder(this.app);
                menuBuilder.setPrompt(ToolMessages.INFO_LDAP_CONN_PROMPT_SECURITY_CERTIFICATE_ALIASES.get());
                int i = 0;
                while (enumeration.hasMoreElements()) {
                    String nextElement = enumeration.nextElement();
                    if (keyStore.isKeyEntry(nextElement)) {
                        i++;
                        menuBuilder.addNumberedOption(ToolMessages.INFO_LDAP_CONN_PROMPT_SECURITY_CERTIFICATE_ALIAS.get(nextElement, ((X509Certificate) keyStore.getCertificate(nextElement)).getSubjectDN().getName()), MenuResult.success(nextElement), new LocalizableMessage[0]);
                    }
                }
                if (i > 1) {
                    this.app.println();
                    MenuResult<?> run = menuBuilder.toMenu().run();
                    throwIfMenuResultNotSucceeded(run);
                    this.state.certifNickname = (String) run.getValue();
                }
            } catch (ClientException e) {
                throw cannotReadConnectionParameters(e);
            } catch (KeyStoreException e2) {
                throw new ArgumentException(ToolMessages.ERR_ERROR_CANNOT_READ_CONNECTION_PARAMETERS.get(e2.getMessage()), e2.getCause());
            }
        }
    }

    private void addKeyStorePasswordArgToCommandBuilder() {
        if (this.secureArgsList.getKeyStorePasswordFileArg().isPresent()) {
            addArgToCommandBuilder(this.copySecureArgsList.getKeyStorePasswordFileArg(), this.secureArgsList.getKeyStorePasswordFileArg().getNameToValueMap());
        } else if (this.state.keystorePassword != null) {
            addObfuscatedArgToCommandBuilder(this.copySecureArgsList.getKeyStorePasswordArg(), this.state.keystorePassword);
        }
    }

    private void addConnectionTypeToCommandBuilder() {
        if (this.state.useSSL) {
            this.commandBuilder.addArgument(this.copySecureArgsList.getUseSSLArg());
        } else if (this.state.useStartTLS) {
            this.commandBuilder.addArgument(this.copySecureArgsList.getUseStartTLSArg());
        }
    }

    private void addArgToCommandBuilder(Argument argument, String str) {
        addArgToCommandBuilder(argument, str, false);
    }

    private void addObfuscatedArgToCommandBuilder(Argument argument, String str) {
        addArgToCommandBuilder(argument, str, true);
    }

    private void addArgToCommandBuilder(Argument argument, String str, boolean z) {
        if (str != null) {
            argument.clearValues();
            argument.addValue(str);
            this.commandBuilder.addArgument(argument);
        }
    }

    private void addArgToCommandBuilder(FileBasedArgument fileBasedArgument, Map<String, String> map) {
        fileBasedArgument.clearValues();
        fileBasedArgument.getNameToValueMap().putAll(map);
        this.commandBuilder.addArgument(fileBasedArgument);
    }

    private ArgumentException cannotReadConnectionParameters(ClientException clientException) {
        return new ArgumentException(ToolMessages.ERR_ERROR_CANNOT_READ_CONNECTION_PARAMETERS.get(clientException.getMessage()), clientException.getCause());
    }

    private String readPassword(LocalizableMessage localizableMessage) throws ClientException {
        this.app.println();
        char[] readPassword = this.app.readPassword(localizableMessage);
        if (readPassword != null) {
            return String.valueOf(readPassword);
        }
        return null;
    }

    private ValidationCallback<String> filePathValidationCallback(final boolean z, final boolean z2) {
        return new ValidationCallback<String>() { // from class: org.opends.server.util.cli.LDAPConnectionConsoleInteraction.3
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // com.forgerock.opendj.cli.ValidationCallback
            public String validate(ConsoleApplication consoleApplication, String str) throws ClientException {
                String trim = str.trim();
                File file = new File(trim);
                if ((z || !trim.isEmpty()) && !file.isDirectory() && (!z2 || (file.exists() && file.canRead()))) {
                    return trim;
                }
                consoleApplication.println();
                consoleApplication.println(ToolMessages.ERR_LDAP_CONN_PROMPT_SECURITY_INVALID_FILE_PATH.get());
                consoleApplication.println();
                return null;
            }
        };
    }

    /* JADX INFO: Access modifiers changed from: private */
    public boolean isAdminUidArgVisible() {
        return !this.secureArgsList.getAdminUidArg().isHidden();
    }

    private boolean useKeyManager() {
        return this.state.keyManager != null;
    }

    public boolean useSSL() {
        return this.state.useSSL;
    }

    public boolean useStartTLS() {
        return this.state.useStartTLS;
    }

    public String getHostName() {
        return this.state.hostName;
    }

    public int getPortNumber() {
        return this.portNumber;
    }

    public void setPortNumber(int i) {
        this.portNumber = i;
    }

    public DN getBindDN() {
        return this.useAdminOrBindDn ? this.state.getAdminOrBindDN() : isAdminUidArgVisible() ? Utils.getAdministratorDN(this.state.adminUID) : this.state.bindDN;
    }

    public String getAdministratorUID() {
        return this.state.adminUID;
    }

    public String getBindPassword() {
        return this.state.bindPassword;
    }

    public ApplicationTrustManager getTrustManager() {
        return this.state.trustManager;
    }

    public KeyStore getKeyStore() {
        return this.state.truststore;
    }

    public KeyManager getKeyManager() {
        return this.state.keyManager;
    }

    public boolean isTrustStoreInMemory() {
        return this.state.trustStoreInMemory;
    }

    public boolean isTrustAll() {
        return this.state.trustAll;
    }

    public int getConnectTimeout() {
        return this.state.connectTimeout;
    }

    public boolean checkServerCertificate(X509Certificate[] x509CertificateArr, String str, String str2) {
        boolean z;
        int intValue;
        if (this.state.trustManager == null) {
            try {
                initializeTrustAndKeyManagers();
            } catch (ArgumentException e) {
                throw new RuntimeException(e);
            }
        }
        printCertificateChain(x509CertificateArr);
        MenuBuilder menuBuilder = new MenuBuilder(this.app);
        menuBuilder.setPrompt(ToolMessages.INFO_LDAP_CONN_PROMPT_SECURITY_TRUST_OPTION.get());
        for (TrustOption trustOption : TrustOption.values()) {
            MenuResult success = MenuResult.success(Integer.valueOf(trustOption.getChoice()));
            int addNumberedOption = menuBuilder.addNumberedOption(trustOption.message, success, new LocalizableMessage[0]);
            if (DEFAULT_PROMPT_TRUST_OPTION.equals(trustOption)) {
                menuBuilder.setDefault(ToolMessages.INFO_LDAP_CONN_PROMPT_SECURITY_PROTOCOL_DEFAULT_CHOICE.get(Integer.valueOf(addNumberedOption)), success);
            }
        }
        this.app.println();
        this.app.println();
        Menu menu = menuBuilder.toMenu();
        do {
            try {
                z = false;
                MenuResult<?> run = menu.run();
                throwIfMenuResultNotSucceeded(run);
                intValue = ((Integer) run.getValue()).intValue();
                if (TrustOption.CERTIFICATE_DETAILS.getChoice() == intValue) {
                    z = true;
                    printCertificateDetails(x509CertificateArr);
                }
            } catch (ClientException e2) {
                throw new RuntimeException(e2);
            }
        } while (z);
        return trustCertificate(TrustOption.getTrustOptionForIndex(intValue), x509CertificateArr, str, str2);
    }

    private void printCertificateChain(X509Certificate[] x509CertificateArr) {
        this.app.println();
        this.app.println(ToolMessages.INFO_LDAP_CONN_PROMPT_SECURITY_SERVER_CERTIFICATE.get());
        this.app.println();
        boolean z = false;
        for (X509Certificate x509Certificate : x509CertificateArr) {
            if (!z) {
                this.app.println();
                this.app.println();
                z = true;
            }
            this.app.println(ToolMessages.INFO_LDAP_CONN_SECURITY_SERVER_CERTIFICATE_USER_DN.get(x509Certificate.getSubjectDN()));
            this.app.println(ToolMessages.INFO_LDAP_CONN_SECURITY_SERVER_CERTIFICATE_VALIDITY.get(x509Certificate.getNotBefore(), x509Certificate.getNotAfter()));
            this.app.println(ToolMessages.INFO_LDAP_CONN_SECURITY_SERVER_CERTIFICATE_ISSUER.get(x509Certificate.getIssuerDN()));
        }
    }

    private void printCertificateDetails(X509Certificate[] x509CertificateArr) {
        for (X509Certificate x509Certificate : x509CertificateArr) {
            this.app.println();
            this.app.println(ToolMessages.INFO_LDAP_CONN_SECURITY_SERVER_CERTIFICATE.get(x509Certificate));
        }
    }

    private boolean trustCertificate(TrustOption trustOption, X509Certificate[] x509CertificateArr, String str, String str2) throws ClientException {
        try {
            switch (trustOption) {
                case SESSION:
                    updateTrustManager(x509CertificateArr, str, str2);
                    return true;
                case PERMAMENT:
                    updateTrustManager(x509CertificateArr, str, str2);
                    try {
                        trustCertificatePermanently(x509CertificateArr);
                        return true;
                    } catch (Exception e) {
                        this.app.println(ToolMessages.ERR_TRUSTING_CERTIFICATE_PERMANENTLY.get(e.getMessage()));
                        return true;
                    }
                case UNTRUSTED:
                default:
                    return false;
            }
        } catch (KeyStoreException e2) {
            this.app.println(ToolMessages.ERR_TRUSTING_CERTIFICATE.get(e2.getMessage()));
            return false;
        }
        this.app.println(ToolMessages.ERR_TRUSTING_CERTIFICATE.get(e2.getMessage()));
        return false;
    }

    private void updateTrustManager(X509Certificate[] x509CertificateArr, String str, String str2) throws KeyStoreException {
        for (X509Certificate x509Certificate : x509CertificateArr) {
            this.state.truststore.setCertificateEntry(x509Certificate.getSubjectDN().getName(), x509Certificate);
        }
        if (this.state.trustManager == null) {
            this.state.trustManager = new ApplicationTrustManager(this.state.truststore);
        }
        if (str == null || str2 == null) {
            this.state.trustManager = new ApplicationTrustManager(this.state.truststore);
        } else {
            this.state.trustManager.acceptCertificate(x509CertificateArr, str, str2);
        }
    }

    private void trustCertificatePermanently(X509Certificate[] x509CertificateArr) throws Exception {
        this.app.println();
        String str = (String) this.app.readValidatedInput(ToolMessages.INFO_LDAP_CONN_PROMPT_SECURITY_TRUSTSTORE_PATH.get(), filePathValidationCallback(false, false));
        String readPassword = readPassword(ToolMessages.INFO_LDAP_CONN_PROMPT_SECURITY_KEYSTORE_PASSWORD.get(str));
        KeyStore keyStore = KeyStore.getInstance(CertificateManager.KEY_STORE_TYPE_JKS);
        char[] charArray = readPassword.toCharArray();
        loadKeyStoreFromFile(keyStore, str, charArray);
        for (X509Certificate x509Certificate : x509CertificateArr) {
            keyStore.setCertificateEntry(x509Certificate.getSubjectDN().getName(), x509Certificate);
        }
        FileOutputStream fileOutputStream = new FileOutputStream(str);
        Throwable th = null;
        try {
            try {
                keyStore.store(fileOutputStream, charArray);
                if (fileOutputStream != null) {
                    if (0 == 0) {
                        fileOutputStream.close();
                        return;
                    }
                    try {
                        fileOutputStream.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                }
            } catch (Throwable th3) {
                th = th3;
                throw th3;
            }
        } catch (Throwable th4) {
            if (fileOutputStream != null) {
                if (th != null) {
                    try {
                        fileOutputStream.close();
                    } catch (Throwable th5) {
                        th.addSuppressed(th5);
                    }
                } else {
                    fileOutputStream.close();
                }
            }
            throw th4;
        }
    }

    private void loadKeyStoreFromFile(KeyStore keyStore, String str, char[] cArr) throws Exception {
        try {
            FileInputStream fileInputStream = new FileInputStream(str);
            Throwable th = null;
            try {
                try {
                    keyStore.load(fileInputStream, cArr);
                    if (fileInputStream != null) {
                        if (0 != 0) {
                            try {
                                fileInputStream.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            fileInputStream.close();
                        }
                    }
                } catch (Throwable th3) {
                    th = th3;
                    throw th3;
                }
            } finally {
            }
        } catch (FileNotFoundException e) {
            keyStore.load(null, cArr);
        }
    }

    public LDAPConnectionOptions populateLDAPOptions(LDAPConnectionOptions lDAPConnectionOptions) throws SSLConnectionException {
        if (lDAPConnectionOptions == null) {
            lDAPConnectionOptions = new LDAPConnectionOptions();
        }
        lDAPConnectionOptions.setUseSSL(this.state.useSSL);
        lDAPConnectionOptions.setStartTLS(this.state.useStartTLS);
        if (this.state.useSSL) {
            SSLConnectionFactory sSLConnectionFactory = new SSLConnectionFactory();
            sSLConnectionFactory.init(getTrustManager() == null, this.state.keyStorePath, this.state.keystorePassword, this.state.certifNickname, this.state.truststorePath, this.state.truststorePassword);
            lDAPConnectionOptions.setSSLConnectionFactory(sSLConnectionFactory);
        }
        return lDAPConnectionOptions;
    }

    public boolean promptForCertificateConfirmation(Throwable th, ApplicationTrustManager applicationTrustManager, HostPort hostPort, LocalizedLogger localizedLogger) {
        ApplicationTrustManager.Cause lastRefusedCause = applicationTrustManager != null ? applicationTrustManager.getLastRefusedCause() : null;
        localizedLogger.debug(ToolMessages.INFO_CERTIFICATE_EXCEPTION_CAUSE.get(lastRefusedCause));
        if (lastRefusedCause == null) {
            this.app.println(Utils.getThrowableMsg(ToolMessages.INFO_ERROR_CONNECTING_TO_LOCAL.get(), th));
            return false;
        }
        String host = hostPort.getHost();
        int port = hostPort.getPort();
        String lastRefusedAuthType = applicationTrustManager.getLastRefusedAuthType();
        if (lastRefusedAuthType == null) {
            localizedLogger.warn(ToolMessages.ERROR_CERTIFICATE_NULL_AUTH_TYPE.get());
        } else {
            this.app.println(ApplicationTrustManager.Cause.NOT_TRUSTED.equals(lastRefusedAuthType) ? ToolMessages.INFO_CERTIFICATE_NOT_TRUSTED_TEXT_CLI.get(host, Integer.valueOf(port)) : ToolMessages.INFO_CERTIFICATE_NAME_MISMATCH_TEXT_CLI.get(host, Integer.valueOf(port), host, host, Integer.valueOf(port)));
        }
        X509Certificate[] lastRefusedChain = applicationTrustManager.getLastRefusedChain();
        if (lastRefusedChain == null) {
            localizedLogger.warn(ToolMessages.ERROR_CERTIFICATE_NULL_CHAIN.get());
            return false;
        }
        if (host == null) {
            localizedLogger.warn(ToolMessages.ERROR_CERTIFICATE_NULL_HOST_NAME.get());
        }
        return checkServerCertificate(lastRefusedChain, lastRefusedAuthType, host);
    }

    public void setHeadingMessage(LocalizableMessage localizableMessage) {
        this.heading = localizableMessage;
    }

    public CommandBuilder getCommandBuilder() {
        return this.commandBuilder;
    }

    private void checkHeadingDisplayed() {
        if (this.state.isHeadingDisplayed) {
            return;
        }
        this.app.println();
        this.app.println();
        this.app.println(this.heading);
        this.state.isHeadingDisplayed = true;
    }

    public void setUseAdminOrBindDn(boolean z) {
        this.useAdminOrBindDn = z;
    }

    public void setDisplayLdapIfSecureParameters(boolean z) {
        this.displayLdapIfSecureParameters = z;
    }

    public void resetHeadingDisplayed() {
        this.state.isHeadingDisplayed = false;
    }

    public void initializeTrustManagerIfRequired() throws ArgumentException {
        if (this.state.trustManagerInitialized) {
            return;
        }
        initializeTrustAndKeyManagers();
    }

    public void initializeGlobalArguments(String str, int i, String str2, DN dn, String str3, LinkedHashMap<String, String> linkedHashMap) {
        resetConnectionArguments();
        if (str != null) {
            this.secureArgsList.getHostNameArg().addValue(str);
            this.secureArgsList.getHostNameArg().setPresent(true);
        }
        this.secureArgsList.getPortArg().clearValues();
        if (i != -1) {
            this.secureArgsList.getPortArg().addValue(String.valueOf(i));
            this.secureArgsList.getPortArg().setPresent(true);
        } else {
            this.secureArgsList.getPortArg().addValue(this.secureArgsList.getPortArg().getDefaultValue());
        }
        this.secureArgsList.getUseSSLArg().setPresent(this.state.useSSL);
        this.secureArgsList.getUseStartTLSArg().setPresent(this.state.useStartTLS);
        if (str2 != null) {
            this.secureArgsList.getAdminUidArg().addValue(str2);
            this.secureArgsList.getAdminUidArg().setPresent(true);
        }
        if (dn != null) {
            this.secureArgsList.getBindDnArg().addValue(dn.toString());
            this.secureArgsList.getBindDnArg().setPresent(true);
        }
        if (linkedHashMap != null) {
            this.secureArgsList.getBindPasswordFileArg().getNameToValueMap().putAll(linkedHashMap);
            Iterator<String> it = linkedHashMap.keySet().iterator();
            while (it.hasNext()) {
                this.secureArgsList.getBindPasswordFileArg().addValue(it.next());
            }
            this.secureArgsList.getBindPasswordFileArg().setPresent(true);
        } else if (str3 != null) {
            this.secureArgsList.getBindPasswordArg().addValue(str3);
            this.secureArgsList.getBindPasswordArg().setPresent(true);
        }
        this.state = new State(this.secureArgsList);
    }

    public void resetConnectionArguments() {
        this.secureArgsList.getHostNameArg().clearValues();
        this.secureArgsList.getHostNameArg().setPresent(false);
        this.secureArgsList.getPortArg().clearValues();
        this.secureArgsList.getPortArg().setPresent(false);
        this.secureArgsList.getPortArg().addValue(this.secureArgsList.getPortArg().getDefaultValue());
        this.secureArgsList.getBindDnArg().clearValues();
        this.secureArgsList.getBindDnArg().setPresent(false);
        this.secureArgsList.getBindPasswordArg().clearValues();
        this.secureArgsList.getBindPasswordArg().setPresent(false);
        this.secureArgsList.getBindPasswordFileArg().clearValues();
        this.secureArgsList.getBindPasswordFileArg().getNameToValueMap().clear();
        this.secureArgsList.getBindPasswordFileArg().setPresent(false);
        this.state.bindPassword = null;
        this.secureArgsList.getAdminUidArg().clearValues();
        this.secureArgsList.getAdminUidArg().setPresent(false);
    }

    private void initializeTrustAndKeyManagers() throws ArgumentException {
        this.state.trustManager = getTrustManagerInternal();
        this.state.keyManager = getKeyManagerInternal();
        this.state.trustManagerInitialized = true;
    }

    public String getProvidedAdminUID() {
        return this.state.providedAdminUID;
    }

    public DN getProvidedBindDN() {
        return this.state.providedBindDN;
    }

    private boolean useLocalTrustStoreIfPossible() {
        String truststoreFileFromConfig;
        try {
            if (!InetAddress.getLocalHost().getHostName().equals(this.state.hostName) || this.secureArgsList.getAdminPortFromConfig() != this.portNumber || (truststoreFileFromConfig = this.secureArgsList.getTruststoreFileFromConfig()) == null) {
                return false;
            }
            this.secureArgsList.getTrustStorePathArg().addValue(truststoreFileFromConfig);
            return true;
        } catch (Exception e) {
            return false;
        }
    }

    private void throwIfMenuResultNotSucceeded(MenuResult<?> menuResult) {
        if (!menuResult.isSuccess()) {
            throw new RuntimeException("Expected successful menu result, but got " + menuResult);
        }
    }
}
