package org.opends.server.tools;

import com.forgerock.opendj.cli.CliConstants;
import com.forgerock.opendj.cli.ClientException;
import java.io.IOException;
import java.io.PrintStream;
import java.net.ConnectException;
import java.net.InetAddress;
import java.net.Socket;
import java.net.SocketException;
import java.net.UnknownHostException;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.concurrent.atomic.AtomicInteger;
import org.forgerock.i18n.LocalizableMessage;
import org.forgerock.i18n.slf4j.LocalizedLogger;
import org.forgerock.opendj.ldap.ByteString;
import org.opends.messages.CoreMessages;
import org.opends.messages.ToolMessages;
import org.opends.server.controls.AuthorizationIdentityResponseControl;
import org.opends.server.controls.ControlDecoder;
import org.opends.server.controls.PasswordExpiringControl;
import org.opends.server.controls.PasswordPolicyErrorType;
import org.opends.server.controls.PasswordPolicyResponseControl;
import org.opends.server.controls.PasswordPolicyWarningType;
import org.opends.server.loggers.JDKLogging;
import org.opends.server.protocols.ldap.ExtendedRequestProtocolOp;
import org.opends.server.protocols.ldap.ExtendedResponseProtocolOp;
import org.opends.server.protocols.ldap.LDAPControl;
import org.opends.server.protocols.ldap.LDAPMessage;
import org.opends.server.protocols.ldap.UnbindRequestProtocolOp;
import org.opends.server.types.Control;
import org.opends.server.types.DirectoryException;
import org.opends.server.types.LDAPException;
import org.opends.server.util.StaticUtils;

/* loaded from: input_file:org/opends/server/tools/LDAPConnection.class */
public class LDAPConnection {
    private static final LocalizedLogger logger = LocalizedLogger.getLoggerForThisClass();
    private String hostName;
    private int portNumber;
    private LDAPConnectionOptions connectionOptions;
    private LDAPWriter ldapWriter;
    private LDAPReader ldapReader;
    private int versionNumber;
    private final PrintStream out;
    private final PrintStream err;

    public LDAPConnection(String str, int i, LDAPConnectionOptions lDAPConnectionOptions) {
        this(str, i, lDAPConnectionOptions, System.out, System.err);
    }

    public LDAPConnection(String str, int i, LDAPConnectionOptions lDAPConnectionOptions, PrintStream printStream, PrintStream printStream2) {
        this.portNumber = CliConstants.DEFAULT_LDAP_PORT;
        this.versionNumber = 3;
        this.hostName = str;
        this.portNumber = i;
        this.connectionOptions = lDAPConnectionOptions;
        this.versionNumber = lDAPConnectionOptions.getVersionNumber();
        this.out = printStream;
        this.err = printStream2;
    }

    public void connectToHost(String str, String str2) throws LDAPConnectionException {
        connectToHost(str, str2, new AtomicInteger(1), 0);
    }

    public void connectToHost(String str, String str2, AtomicInteger atomicInteger) throws LDAPConnectionException {
        connectToHost(str, str2, atomicInteger, 0);
    }

    /* JADX WARN: Can't fix incorrect switch cases order, some code will duplicate */
    public void connectToHost(String str, String str2, AtomicInteger atomicInteger, int i) throws LDAPConnectionException {
        Socket socket = null;
        ArrayList arrayList = new ArrayList();
        ArrayList arrayList2 = new ArrayList();
        if (this.connectionOptions.isVerbose()) {
            JDKLogging.enableVerboseConsoleLoggingForOpenDJ();
        } else {
            JDKLogging.disableLogging();
        }
        if (this.connectionOptions.useStartTLS()) {
            try {
                socket = createSocket();
                this.ldapWriter = new LDAPWriter(socket);
                this.ldapReader = new LDAPReader(socket);
                try {
                    this.ldapWriter.writeMessage(new LDAPMessage(atomicInteger.getAndIncrement(), new ExtendedRequestProtocolOp("1.3.6.1.4.1.1466.20037")));
                    LDAPMessage readMessage = this.ldapReader.readMessage();
                    if (readMessage == null) {
                        throw new LDAPConnectionException(ToolMessages.ERR_STARTTLS_FAILED.get(), 91, null);
                    }
                    ExtendedResponseProtocolOp extendedResponseProtocolOp = readMessage.getExtendedResponseProtocolOp();
                    int resultCode = extendedResponseProtocolOp.getResultCode();
                    if (resultCode != 0) {
                        throw new LDAPConnectionException(extendedResponseProtocolOp.getErrorMessage(), resultCode, extendedResponseProtocolOp.getErrorMessage(), extendedResponseProtocolOp.getMatchedDN(), null);
                    }
                } catch (LDAPException e) {
                    logger.traceException(e);
                    throw new LDAPConnectionException(e.getMessageObject(), e.getResultCode(), null, e);
                } catch (Exception e2) {
                    logger.traceException(e2);
                    throw new LDAPConnectionException(LocalizableMessage.raw(e2.getMessage(), new Object[0]), e2);
                }
            } catch (LDAPConnectionException e3) {
                throw e3;
            } catch (Exception e4) {
                logger.traceException(e4);
                throw new LDAPConnectionException(LocalizableMessage.raw(e4.getMessage(), new Object[0]), e4);
            }
        }
        try {
            Socket createSSLOrBasicSocket = createSSLOrBasicSocket(socket, this.connectionOptions.getSSLConnectionFactory());
            this.ldapWriter = new LDAPWriter(createSSLOrBasicSocket);
            this.ldapReader = new LDAPReader(createSSLOrBasicSocket);
            try {
                createSSLOrBasicSocket.setSoLinger(true, 1);
                createSSLOrBasicSocket.setReuseAddress(true);
                if (i > 0) {
                    createSSLOrBasicSocket.setSoTimeout(i);
                }
            } catch (IOException e5) {
                logger.traceException(e5);
            }
            if (this.connectionOptions.getReportAuthzID()) {
                arrayList.add(new LDAPControl("2.16.840.1.113730.3.4.16"));
            }
            if (this.connectionOptions.usePasswordPolicyControl()) {
                arrayList.add(new LDAPControl("1.3.6.1.4.1.42.2.27.8.5.1"));
            }
            LDAPAuthenticationHandler lDAPAuthenticationHandler = new LDAPAuthenticationHandler(this.ldapReader, this.ldapWriter, this.hostName, atomicInteger);
            try {
                try {
                    try {
                        ByteString valueOfUtf8 = str != null ? ByteString.valueOfUtf8(str) : ByteString.empty();
                        ByteString valueOfUtf82 = str2 != null ? ByteString.valueOfUtf8(str2) : null;
                        String str3 = null;
                        if (this.connectionOptions.useSASLExternal()) {
                            str3 = lDAPAuthenticationHandler.doSASLExternal(valueOfUtf8, this.connectionOptions.getSASLProperties(), arrayList, arrayList2);
                        } else if (this.connectionOptions.getSASLMechanism() != null) {
                            str3 = lDAPAuthenticationHandler.doSASLBind(valueOfUtf8, valueOfUtf82, this.connectionOptions.getSASLMechanism(), this.connectionOptions.getSASLProperties(), arrayList, arrayList2);
                        } else if (str != null) {
                            str3 = lDAPAuthenticationHandler.doSimpleBind(this.versionNumber, valueOfUtf8, valueOfUtf82, arrayList, arrayList2);
                        }
                        if (str3 != null) {
                            this.out.println(str3);
                        }
                        Iterator it = arrayList2.iterator();
                        while (it.hasNext()) {
                            Control control = (Control) it.next();
                            if (control.getOID().equals("2.16.840.1.113730.3.4.15")) {
                                this.out.println(ToolMessages.INFO_BIND_AUTHZID_RETURNED.get(((AuthorizationIdentityResponseControl) decode(control, AuthorizationIdentityResponseControl.DECODER)).getAuthorizationID()));
                            } else if (control.getOID().equals("2.16.840.1.113730.3.4.4")) {
                                this.out.println(ToolMessages.INFO_BIND_PASSWORD_EXPIRED.get());
                            } else if (control.getOID().equals("2.16.840.1.113730.3.4.5")) {
                                this.out.println(ToolMessages.INFO_BIND_PASSWORD_EXPIRING.get(StaticUtils.secondsToTimeString(((PasswordExpiringControl) decode(control, PasswordExpiringControl.DECODER)).getSecondsUntilExpiration())));
                            } else if (control.getOID().equals("1.3.6.1.4.1.42.2.27.8.5.1")) {
                                PasswordPolicyResponseControl passwordPolicyResponseControl = (PasswordPolicyResponseControl) decode(control, PasswordPolicyResponseControl.DECODER);
                                PasswordPolicyErrorType errorType = passwordPolicyResponseControl.getErrorType();
                                if (errorType != null) {
                                    switch (errorType) {
                                        case PASSWORD_EXPIRED:
                                            this.out.println(ToolMessages.INFO_BIND_PASSWORD_EXPIRED.get());
                                            break;
                                        case ACCOUNT_LOCKED:
                                            this.out.println(ToolMessages.INFO_BIND_ACCOUNT_LOCKED.get());
                                            break;
                                        case CHANGE_AFTER_RESET:
                                            this.out.println(ToolMessages.INFO_BIND_MUST_CHANGE_PASSWORD.get());
                                            break;
                                    }
                                }
                                PasswordPolicyWarningType warningType = passwordPolicyResponseControl.getWarningType();
                                if (warningType != null) {
                                    switch (warningType) {
                                        case TIME_BEFORE_EXPIRATION:
                                            this.out.println(ToolMessages.INFO_BIND_PASSWORD_EXPIRING.get(StaticUtils.secondsToTimeString(passwordPolicyResponseControl.getWarningValue())));
                                            break;
                                        case GRACE_LOGINS_REMAINING:
                                            this.out.println(ToolMessages.INFO_BIND_GRACE_LOGINS_REMAINING.get(Integer.valueOf(passwordPolicyResponseControl.getWarningValue())));
                                            break;
                                    }
                                }
                            }
                        }
                        if (i > 0) {
                            try {
                                createSSLOrBasicSocket.setSoTimeout(0);
                            } catch (SocketException e6) {
                                e6.printStackTrace();
                                logger.traceException(e6);
                            }
                        }
                    } catch (DirectoryException e7) {
                        throw new LDAPConnectionException(e7.getMessageObject(), e7.getResultCode().intValue(), null, e7.getMatchedDN(), e7.getCause());
                    } catch (LDAPException e8) {
                        throw new LDAPConnectionException(e8.getMessageObject(), e8.getResultCode(), e8.getErrorMessage(), e8.getMatchedDN(), e8.getCause());
                    }
                } catch (ClientException e9) {
                    logger.traceException(e9);
                    throw new LDAPConnectionException(e9.getMessageObject(), e9.getReturnCode(), null, e9);
                } catch (Exception e10) {
                    logger.traceException(e10);
                    throw new LDAPConnectionException(LocalizableMessage.raw(e10.getLocalizedMessage(), new Object[0]), e10);
                }
            } catch (Throwable th) {
                if (i > 0) {
                    try {
                        createSSLOrBasicSocket.setSoTimeout(0);
                    } catch (SocketException e11) {
                        e11.printStackTrace();
                        logger.traceException(e11);
                    }
                }
                throw th;
            }
        } catch (ConnectException | UnknownHostException e12) {
            throw new LDAPConnectionException(CoreMessages.INFO_RESULT_CLIENT_SIDE_CONNECT_ERROR.get(), 91, null, e12);
        } catch (LDAPConnectionException e13) {
            throw e13;
        } catch (Exception e14) {
            logger.traceException(e14);
            throw new LDAPConnectionException(LocalizableMessage.raw(e14.getMessage(), new Object[0]), e14);
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    private <T extends Control> T decode(Control control, ControlDecoder<T> controlDecoder) throws DirectoryException {
        return control instanceof LDAPControl ? controlDecoder.decode(control.isCritical(), ((LDAPControl) control).getValue()) : control;
    }

    private Socket createSocket() throws LDAPConnectionException {
        ConnectException connectException = null;
        try {
            for (InetAddress inetAddress : InetAddress.getAllByName(this.hostName)) {
                try {
                    return new Socket(inetAddress, this.portNumber);
                } catch (ConnectException e) {
                    if (connectException == null) {
                        connectException = e;
                    }
                }
            }
            if (connectException != null) {
                throw new LDAPConnectionException(CoreMessages.INFO_RESULT_CLIENT_SIDE_CONNECT_ERROR.get(), 91, null, connectException);
            }
            return null;
        } catch (UnknownHostException e2) {
            throw new LDAPConnectionException(CoreMessages.INFO_RESULT_CLIENT_SIDE_CONNECT_ERROR.get(), 91, null, e2);
        } catch (Exception e3) {
            logger.traceException(e3);
            throw new LDAPConnectionException(LocalizableMessage.raw(e3.getMessage(), new Object[0]), e3);
        }
    }

    private Socket createSSLSocket(SSLConnectionFactory sSLConnectionFactory) throws SSLConnectionException, LDAPConnectionException {
        ConnectException connectException = null;
        try {
            for (InetAddress inetAddress : InetAddress.getAllByName(this.hostName)) {
                try {
                    return sSLConnectionFactory.createSocket(inetAddress, this.portNumber);
                } catch (ConnectException e) {
                    if (connectException == null) {
                        connectException = e;
                    }
                }
            }
            if (connectException != null) {
                throw new LDAPConnectionException(CoreMessages.INFO_RESULT_CLIENT_SIDE_CONNECT_ERROR.get(), 91, null, connectException);
            }
            return null;
        } catch (UnknownHostException e2) {
            throw new LDAPConnectionException(CoreMessages.INFO_RESULT_CLIENT_SIDE_CONNECT_ERROR.get(), 91, null, e2);
        } catch (Exception e3) {
            logger.traceException(e3);
            throw new LDAPConnectionException(LocalizableMessage.raw(e3.getMessage(), new Object[0]), e3);
        }
    }

    private Socket createSSLOrBasicSocket(Socket socket, SSLConnectionFactory sSLConnectionFactory) throws SSLConnectionException, LDAPConnectionException {
        if (sSLConnectionFactory == null) {
            return createSocket();
        }
        if (!this.connectionOptions.useStartTLS()) {
            return createSSLSocket(sSLConnectionFactory);
        }
        try {
            return sSLConnectionFactory.createSocket(socket, this.hostName, this.portNumber, true);
        } catch (IOException e) {
            throw new LDAPConnectionException(CoreMessages.INFO_RESULT_CLIENT_SIDE_CONNECT_ERROR.get(), 91, null, e);
        }
    }

    public void close(AtomicInteger atomicInteger) {
        if (this.ldapWriter != null) {
            if (atomicInteger != null) {
                try {
                    this.ldapWriter.writeMessage(new LDAPMessage(atomicInteger.getAndIncrement(), new UnbindRequestProtocolOp()));
                } catch (Exception e) {
                }
            }
            this.ldapWriter.close();
        }
        if (this.ldapReader != null) {
            this.ldapReader.close();
        }
    }

    public LDAPWriter getLDAPWriter() {
        return this.ldapWriter;
    }

    public LDAPReader getLDAPReader() {
        return this.ldapReader;
    }
}
