package edu.internet2.middleware.subject.provider;

import edu.internet2.middleware.grouper.ldap.LdapPEMSocketFactory;
import edu.internet2.middleware.grouperClient.util.GrouperClientUtils;
import edu.internet2.middleware.morphString.Morph;
import edu.internet2.middleware.subject.SearchPageResult;
import edu.internet2.middleware.subject.SourceUnavailableException;
import edu.internet2.middleware.subject.Subject;
import edu.internet2.middleware.subject.SubjectCaseInsensitiveMapImpl;
import edu.internet2.middleware.subject.SubjectNotFoundException;
import edu.internet2.middleware.subject.SubjectNotUniqueException;
import edu.internet2.middleware.subject.SubjectUtils;
import edu.vt.middleware.ldap.Ldap;
import edu.vt.middleware.ldap.LdapConfig;
import edu.vt.middleware.ldap.SearchFilter;
import edu.vt.middleware.ldap.pool.CompareLdapValidator;
import edu.vt.middleware.ldap.pool.ConnectLdapValidator;
import edu.vt.middleware.ldap.pool.DefaultLdapFactory;
import edu.vt.middleware.ldap.pool.LdapPool;
import edu.vt.middleware.ldap.pool.LdapPoolConfig;
import edu.vt.middleware.ldap.pool.LdapValidator;
import edu.vt.middleware.ldap.pool.SoftLimitLdapPool;
import java.io.File;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.lang.reflect.Array;
import java.net.URL;
import java.util.Collection;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.LinkedHashSet;
import java.util.Map;
import java.util.Properties;
import java.util.Set;
import java.util.TreeSet;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.BasicAttribute;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: input_file:edu/internet2/middleware/subject/provider/LdapSourceAdapterLegacy.class */
public class LdapSourceAdapterLegacy extends BaseSourceAdapter {
    private static Log log = LogFactory.getLog(LdapSourceAdapterLegacy.class);
    private Properties props;
    private String nameAttributeName;
    private String subjectIDAttributeName;
    private boolean subjectIDFormatToLowerCase;
    private String descriptionAttributeName;
    private String localDomain;
    private String propertiesFile;
    private SoftLimitLdapPool ldapPool;
    private boolean initialized;
    private boolean multipleResults;
    private String[] allAttributeNames;
    private boolean throwErrorOnFindAllFailure;
    private Integer maxPage;

    public static void main(String[] strArr) {
        System.out.println("abc123ABC_-".matches("[a-zA-Z0-9_-]+"));
        System.out.println("abc1 23ABC_-".matches("[a-zA-Z0-9_-]+"));
        System.out.println("abc1)23ABC_-".matches("[a-zA-Z0-9_-]+"));
    }

    public LdapSourceAdapterLegacy() {
        this.nameAttributeName = null;
        this.subjectIDAttributeName = null;
        this.subjectIDFormatToLowerCase = false;
        this.descriptionAttributeName = null;
        this.localDomain = null;
        this.propertiesFile = null;
        this.initialized = false;
        this.multipleResults = false;
    }

    public LdapSourceAdapterLegacy(String str, String str2) {
        super(str, str2);
        this.nameAttributeName = null;
        this.subjectIDAttributeName = null;
        this.subjectIDFormatToLowerCase = false;
        this.descriptionAttributeName = null;
        this.localDomain = null;
        this.propertiesFile = null;
        this.initialized = false;
        this.multipleResults = false;
    }

    @Override // edu.internet2.middleware.subject.provider.BaseSourceAdapter, edu.internet2.middleware.subject.Source
    public void init() {
        log.debug("ldap source init");
        this.props = initParams();
        this.nameAttributeName = getNeededProperty(this.props, "Name_AttributeType");
        this.subjectIDAttributeName = getNeededProperty(this.props, "SubjectID_AttributeType");
        this.descriptionAttributeName = getNeededProperty(this.props, "Description_AttributeType");
        this.subjectIDFormatToLowerCase = SubjectUtils.booleanValue(getNeededProperty(this.props, "SubjectID_formatToLowerCase"), false);
        String property = this.props.getProperty("Multiple_Results");
        if (property != null && (property.equalsIgnoreCase("yes") || property.equalsIgnoreCase("true"))) {
            this.multipleResults = true;
        }
        Set attributes = getAttributes();
        this.allAttributeNames = new String[3 + attributes.size()];
        this.allAttributeNames[0] = this.nameAttributeName;
        this.allAttributeNames[1] = this.subjectIDAttributeName;
        this.allAttributeNames[2] = this.descriptionAttributeName;
        int i = 0;
        Iterator it = attributes.iterator();
        while (it.hasNext()) {
            int i2 = i;
            i++;
            this.allAttributeNames[3 + i2] = (String) it.next();
        }
        Map nonNull = SubjectUtils.nonNull(SubjectImpl.virtualAttributesForSource(this));
        Set set = SubjectUtils.toSet(this.allAttributeNames);
        set.removeAll(nonNull.keySet());
        this.allAttributeNames = (String[]) toArray(set, String.class);
        initializeLdap();
        this.throwErrorOnFindAllFailure = SubjectUtils.booleanValue(getInitParam("throwErrorOnFindAllFailure"), true);
        String property2 = this.props.getProperty("maxPageSize");
        if (StringUtils.isBlank(property2)) {
            return;
        }
        try {
            this.maxPage = Integer.valueOf(Integer.parseInt(property2));
        } catch (NumberFormatException e) {
            throw new SourceUnavailableException("Cant parse maxPage: " + property2, e);
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    public static <T> T[] toArray(Collection collection, Class<T> cls) {
        if (collection == 0 || collection.size() == 0) {
            return null;
        }
        return (T[]) collection.toArray((Object[]) Array.newInstance((Class<?>) cls, collection.size()));
    }

    private void initializeLdap() {
        URL computeUrl;
        LdapConfig createFromProperties;
        log.debug("ldap initializeLdap");
        LdapPoolConfig ldapPoolConfig = null;
        String str = (String) this.props.get("pemCaFile");
        String str2 = (String) this.props.get("pemCertFile");
        String str3 = (String) this.props.get("pemKeyFile");
        this.propertiesFile = this.props.getProperty("ldapProperties_file");
        if (this.propertiesFile != null) {
            try {
                if (log.isDebugEnabled()) {
                    log.debug("reading properties file " + this.propertiesFile);
                }
                File file = new File(this.propertiesFile);
                if (file.exists()) {
                    computeUrl = file.toURI().toURL();
                    if (log.isDebugEnabled()) {
                        log.debug("properties file " + this.propertiesFile + " was found on the filesystem, location " + computeUrl.getFile());
                    }
                } else {
                    computeUrl = SubjectUtils.computeUrl(this.propertiesFile, true);
                    if (log.isDebugEnabled()) {
                        log.debug("properties file " + this.propertiesFile + " was found on the classpath, location uri " + computeUrl);
                    }
                }
                if (computeUrl == null) {
                    log.error("Unable to open properties file '" + this.propertiesFile + "'");
                    throw new IllegalArgumentException("Unable to open properties file '" + this.propertiesFile + "'");
                }
                createFromProperties = LdapConfig.createFromProperties(computeUrl.openStream());
                if (log.isDebugEnabled()) {
                    log.debug("from properties file " + this.propertiesFile + " got " + createFromProperties);
                }
                Properties properties = new Properties();
                properties.load(computeUrl.openStream());
                String property = properties.getProperty("edu.vt.middleware.ldap.bindCredential");
                if (StringUtils.isBlank(property)) {
                    property = properties.getProperty("edu.vt.middleware.ldap.serviceCredential");
                }
                if (!StringUtils.isBlank(property)) {
                    property = Morph.decryptIfFile(property);
                }
                createFromProperties.setBindCredential(property);
                Map environmentProperties = createFromProperties.getEnvironmentProperties();
                Set keySet = environmentProperties.keySet();
                if (log.isDebugEnabled()) {
                    Iterator it = keySet.iterator();
                    while (it.hasNext()) {
                        log.debug(".. key = " + ((String) it.next()));
                    }
                }
                str = (String) environmentProperties.get("pemCaFile");
                str2 = (String) environmentProperties.get("pemCertFile");
                str3 = (String) environmentProperties.get("pemKeyFile");
                ldapPoolConfig = new LdapPoolConfig();
                for (String str4 : new LinkedHashSet(properties.keySet())) {
                    if (StringUtils.equals(str4, "edu.vt.middleware.ldap.pool.validatePeriodically")) {
                        ldapPoolConfig.setValidatePeriodically(SubjectUtils.booleanValue(properties.getProperty(str4)));
                        properties.remove(str4);
                    }
                    if (StringUtils.equals(str4, "edu.vt.middleware.ldap.pool.validateOnCheckIn")) {
                        ldapPoolConfig.setValidateOnCheckIn(SubjectUtils.booleanValue(properties.getProperty(str4)));
                        properties.remove(str4);
                    }
                    if (StringUtils.equals(str4, "edu.vt.middleware.ldap.pool.validateOnCheckOut")) {
                        ldapPoolConfig.setValidateOnCheckOut(SubjectUtils.booleanValue(properties.getProperty(str4)));
                        properties.remove(str4);
                    }
                }
                ldapPoolConfig.setEnvironmentProperties(properties);
            } catch (FileNotFoundException e) {
                log.error("ldap properties not found: " + e, e);
                throw new IllegalArgumentException("Unable to open properties file '" + this.propertiesFile + "' not found!");
            } catch (IOException e2) {
                log.error("Unable to load properties from file: " + e2, e2);
                throw new IllegalArgumentException("Unable to load properties from file: " + e2, e2);
            }
        } else {
            createFromProperties = new LdapConfig(getNeededProperty(this.props, "PROVIDER_URL"));
            String property2 = this.props.getProperty("SECURITY_AUTHENTICATION");
            if (property2 == null) {
                property2 = "simple";
            }
            createFromProperties.setAuthtype(property2);
            String property3 = this.props.getProperty("SECURITY_PRINCIPAL");
            if (property3 == null) {
                property3 = "-missing-";
            }
            createFromProperties.setBindDn(property3);
            String property4 = this.props.getProperty("SECURITY_CREDENTIALS");
            if (property4 == null) {
                property4 = "-missing-";
            } else if (!StringUtils.isBlank(property4)) {
                property4 = Morph.decryptIfFile(property4);
            }
            createFromProperties.setBindCredential(property4);
            String property5 = this.props.getProperty("SECURITY_PROTOCOL");
            if (property5 != null && property5.equals("ssl")) {
                createFromProperties.setSsl(true);
            }
            if (property5 != null && property5.equals("tls")) {
                createFromProperties.setTls(true);
            }
        }
        if (str == null || str2 == null || str3 == null) {
            log.debug("using the default socketfactory");
        } else {
            if (log.isDebugEnabled()) {
                log.debug("using the PEM socketfactory: ca=" + str + ", cert=" + str2 + ", key=" + str3);
            }
            createFromProperties.setSslSocketFactory(new LdapPEMSocketFactory(str, str2, str3).getSocketFactory());
        }
        DefaultLdapFactory defaultLdapFactory = new DefaultLdapFactory(createFromProperties);
        try {
            String property6 = this.props.getProperty("VTLDAP_VALIDATOR");
            if (StringUtils.equalsIgnoreCase(property6, CompareLdapValidator.class.getSimpleName())) {
                defaultLdapFactory.setLdapValidator(new CompareLdapValidator(this.props.getProperty("VTLDAP_VALIDATOR_COMPARE_DN"), new SearchFilter(this.props.getProperty("VTLDAP_VALIDATOR_COMPARE_SEARCH_FILTER_STRING"))));
            } else if (StringUtils.equalsIgnoreCase(property6, ConnectLdapValidator.class.getSimpleName())) {
                defaultLdapFactory.setLdapValidator(new ConnectLdapValidator());
            } else if (!StringUtils.isBlank(property6)) {
                defaultLdapFactory.setLdapValidator((LdapValidator) SubjectUtils.newInstance(SubjectUtils.forName(property6)));
            }
            this.ldapPool = new SoftLimitLdapPool(ldapPoolConfig != null ? ldapPoolConfig : new LdapPoolConfig(), defaultLdapFactory);
            this.ldapPool.initialize();
            this.initialized = true;
        } catch (Exception e3) {
            log.error("Error creating ldappool = " + e3, e3);
        }
        log.debug("ldap initialize done");
    }

    @Override // edu.internet2.middleware.subject.provider.BaseSourceAdapter, edu.internet2.middleware.subject.Source
    public Subject getSubject(String str, boolean z) throws SubjectNotFoundException, SubjectNotUniqueException {
        Subject subject = null;
        Search search = getSearch("searchSubject");
        if (search == null) {
            log.error("searchType: \"searchSubject\" not defined.");
            return null;
        }
        try {
            subject = createSubject(getLdapUnique(search, str, this.allAttributeNames));
        } catch (SubjectNotFoundException e) {
            if (z) {
                throw e;
            }
        }
        if (subject == null && z) {
            throw new SubjectNotFoundException("Subject " + str + " not found.");
        }
        return subject;
    }

    @Override // edu.internet2.middleware.subject.provider.BaseSourceAdapter, edu.internet2.middleware.subject.Source
    @Deprecated
    public Subject getSubject(String str) throws SubjectNotFoundException, SubjectNotUniqueException {
        return getSubject(str, true);
    }

    @Override // edu.internet2.middleware.subject.provider.BaseSourceAdapter, edu.internet2.middleware.subject.Source
    public Subject getSubjectByIdentifier(String str, boolean z) throws SubjectNotFoundException, SubjectNotUniqueException {
        int indexOf;
        LinkedHashMap linkedHashMap = null;
        try {
            if (log.isDebugEnabled()) {
                linkedHashMap = new LinkedHashMap();
                linkedHashMap.put("method", "getSubjectByIdentifier");
                linkedHashMap.put("id", str);
                linkedHashMap.put("exceptionIfNull", Boolean.valueOf(z));
            }
            Search search = getSearch("searchSubjectByIdentifier");
            if (linkedHashMap != null) {
                linkedHashMap.put("search", search);
            }
            if (search == null) {
                log.error("searchType: \"searchSubjectByIdentifier\" not defined.");
                if (log.isDebugEnabled()) {
                    log.debug(SubjectUtils.mapToString(linkedHashMap));
                }
                return null;
            }
            if (this.localDomain != null && (indexOf = str.indexOf("@" + this.localDomain)) > 0) {
                if (log.isDebugEnabled()) {
                    log.debug("looking at id=" + str);
                }
                str = str.substring(0, indexOf);
                if (log.isDebugEnabled()) {
                    log.debug("converted to id=" + str);
                }
                if (linkedHashMap != null) {
                    linkedHashMap.put("convertedToId", str);
                }
            }
            try {
                Subject createSubject = createSubject(getLdapUnique(search, str, this.allAttributeNames));
                if (linkedHashMap != null) {
                    linkedHashMap.put("foundSubject", Boolean.valueOf(createSubject != null));
                }
                if (createSubject == null && z) {
                    throw new SubjectNotFoundException("Subject " + str + " not found.");
                }
                Search search2 = getSearch("searchSubjectByIdentifierAttributes");
                if (linkedHashMap != null) {
                    linkedHashMap.put("searchSubjectByIdentifierAttributesNotNull", Boolean.valueOf(search2 != null));
                }
                if (search2 == null) {
                    ((LdapSubject) createSubject).setAttributesGotten(true);
                }
                if (log.isDebugEnabled()) {
                    log.debug(SubjectUtils.mapToString(linkedHashMap));
                }
                return createSubject;
            } catch (SubjectNotFoundException e) {
                if (z) {
                    throw e;
                }
                if (log.isDebugEnabled()) {
                    log.debug(SubjectUtils.mapToString(linkedHashMap));
                }
                return null;
            }
        } catch (Throwable th) {
            if (log.isDebugEnabled()) {
                log.debug(SubjectUtils.mapToString(linkedHashMap));
            }
            throw th;
        }
    }

    @Override // edu.internet2.middleware.subject.provider.BaseSourceAdapter, edu.internet2.middleware.subject.Source
    @Deprecated
    public Subject getSubjectByIdentifier(String str) throws SubjectNotFoundException, SubjectNotUniqueException {
        return getSubjectByIdentifier(str, true);
    }

    @Override // edu.internet2.middleware.subject.provider.BaseSourceAdapter, edu.internet2.middleware.subject.Source
    public SearchPageResult searchPage(String str) {
        return searchHelper(str, true);
    }

    @Override // edu.internet2.middleware.subject.provider.BaseSourceAdapter, edu.internet2.middleware.subject.Source
    public Set<Subject> search(String str) {
        return searchHelper(str, false).getResults();
    }

    private SearchPageResult searchHelper(String str, boolean z) {
        Iterator<SearchResult> ldapResultsHelper;
        boolean z2 = false;
        TreeSet treeSet = new TreeSet(new LdapComparator());
        Search search = getSearch("search");
        if (search == null) {
            log.error("searchType: \"search\" not defined.");
            return new SearchPageResult(false, treeSet);
        }
        boolean z3 = true;
        if (getSearch("searchAttributes") != null) {
            z3 = false;
        }
        try {
            ldapResultsHelper = getLdapResultsHelper(search, str, this.allAttributeNames, z);
        } catch (Exception e) {
            if (this.throwErrorOnFindAllFailure) {
                throw new SourceUnavailableException(e.getMessage() + ", source: " + getId() + ", sql: " + search.getParam("sql"), e);
            }
            log.error("LDAP Naming Except: " + e.getMessage() + ", " + this.id + ", " + str, e);
        }
        if (ldapResultsHelper == null) {
            return new SearchPageResult(false, treeSet);
        }
        while (true) {
            if (!ldapResultsHelper.hasNext()) {
                break;
            }
            if (z && this.maxPage != null && treeSet.size() >= this.maxPage.intValue()) {
                z2 = true;
                break;
            }
            Attributes attributes = ldapResultsHelper.next().getAttributes();
            Subject createSubject = createSubject(attributes);
            if (createSubject != null) {
                if (z3) {
                    ((LdapSubject) createSubject).setAttributesGotten(true);
                }
                treeSet.add(createSubject);
            } else {
                log.error("Failed to create subject with attributes: " + attributes);
            }
        }
        if (log.isDebugEnabled()) {
            log.debug("set has " + treeSet.size() + " subjects");
            if (treeSet.size() > 0) {
                log.debug("first is " + ((Subject) treeSet.first()).getName());
            }
        }
        return new SearchPageResult(z2, treeSet);
    }

    private Subject createSubject(Attributes attributes) {
        Attribute attribute;
        String str = "";
        if (attributes == null) {
            log.error("Ldap createSubject called with null attributes.");
            return null;
        }
        try {
            attribute = attributes.get(this.subjectIDAttributeName);
        } catch (NamingException e) {
            log.error("LDAP Naming Except: " + e.getMessage(), e);
        }
        if (attribute == null) {
            log.error("No value for LDAP attribute \"" + this.subjectIDAttributeName + "\". It is Grouper attribute \"SubjectID\".\".  Subject's problematic attributes : " + attributes);
            return null;
        }
        str = (String) attribute.get();
        if (this.subjectIDFormatToLowerCase) {
            str = str.toLowerCase();
        }
        LdapSubject ldapSubject = new LdapSubject(str, null, null, getSubjectType().getName(), getId(), this.nameAttributeName, this.descriptionAttributeName);
        SubjectCaseInsensitiveMapImpl subjectCaseInsensitiveMapImpl = new SubjectCaseInsensitiveMapImpl();
        try {
            NamingEnumeration all = attributes.getAll();
            while (all.hasMore()) {
                Attribute attribute2 = (Attribute) all.next();
                String id = attribute2.getID();
                HashSet hashSet = new HashSet();
                NamingEnumeration all2 = attribute2.getAll();
                while (all2.hasMore()) {
                    hashSet.add(all2.next().toString());
                }
                subjectCaseInsensitiveMapImpl.put(id, hashSet);
            }
            ldapSubject.setAttributes(subjectCaseInsensitiveMapImpl);
        } catch (NamingException e2) {
            log.error("Naming error: " + e2);
        }
        return ldapSubject;
    }

    protected String getNeededProperty(Properties properties, String str) {
        String property = properties.getProperty(str);
        if (property == null) {
            log.error("Property '" + str + "' is not defined!");
        }
        return property;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Map<String, Set<String>> getAllAttributes(LdapSubject ldapSubject) {
        SubjectCaseInsensitiveMapImpl subjectCaseInsensitiveMapImpl = new SubjectCaseInsensitiveMapImpl();
        if (log.isDebugEnabled()) {
            log.debug("getAllAttributes for " + ldapSubject.getName());
        }
        Search search = getSearch("searchSubjectAttributes");
        if (search == null) {
            log.debug("searchType: \"searchSubjectAttributes\" not defined.");
            return subjectCaseInsensitiveMapImpl;
        }
        try {
            NamingEnumeration all = getLdapUnique(search, ldapSubject.getName(), this.allAttributeNames).getAll();
            while (all.hasMore()) {
                Attribute attribute = (Attribute) all.next();
                String id = attribute.getID();
                HashSet hashSet = new HashSet();
                NamingEnumeration all2 = attribute.getAll();
                while (all2.hasMore()) {
                    hashSet.add(all2.next().toString());
                }
                subjectCaseInsensitiveMapImpl.put(id, hashSet);
            }
            ldapSubject.setAttributes(subjectCaseInsensitiveMapImpl);
        } catch (SubjectNotFoundException e) {
            log.error("SubjectNotFound: " + ldapSubject.getId() + " " + e.getMessage(), e);
        } catch (SubjectNotUniqueException e2) {
            log.error("SubjectNotUnique: " + ldapSubject.getId() + " " + e2.getMessage(), e2);
        } catch (NamingException e3) {
            log.error("LDAP Naming Except: " + e3.getMessage(), e3);
        }
        return subjectCaseInsensitiveMapImpl;
    }

    protected Iterator<SearchResult> getLdapResults(Search search, String str, String[] strArr) {
        return getLdapResultsHelper(search, str, strArr, false);
    }

    /* JADX WARN: Finally extract failed */
    private Iterator<SearchResult> getLdapResultsHelper(Search search, String str, String[] strArr, boolean z) {
        String replace;
        int indexOf;
        SubjectStatusResult subjectStatusResult = null;
        boolean equals = StringUtils.equals("search", search.getSearchType());
        if (equals) {
            subjectStatusResult = new SubjectStatusProcessor(str, getSubjectStatusConfig()).processSearch();
            str = subjectStatusResult.getStrippedQuery();
        }
        Ldap ldap = null;
        String str2 = null;
        if (!this.initialized) {
            initializeLdap();
        }
        int indexOf2 = str.indexOf(44);
        if (indexOf2 > 0) {
            int indexOf3 = str.indexOf(91);
            if (indexOf3 <= indexOf2 || (indexOf = str.indexOf(93)) <= indexOf3) {
                replace = search.getParam("firstlastfilter");
            } else {
                str2 = str.substring(indexOf3 + 1, indexOf);
                str = str.substring(0, indexOf3);
                replace = search.getParam("affiliationfilter");
            }
            if (replace == null) {
                replace = search.getParam("filter");
            }
            if (replace == null) {
                log.error("Search filter not found for search type:  " + search.getSearchType());
                return null;
            }
            String substring = str.substring(0, indexOf2);
            String substring2 = str.substring(indexOf2 + 1);
            if (substring != null) {
                replace = GrouperClientUtils.replace(replace, "%LAST%", escapeSearchFilter(substring));
            }
            if (substring2 != null) {
                replace = GrouperClientUtils.replace(replace, "%FIRST%", escapeSearchFilter(substring2));
            }
            if (str2 != null) {
                replace = GrouperClientUtils.replace(replace, "%AFFILIATION%", escapeSearchFilter(str2));
            }
        } else {
            String param = search.getParam("filter");
            if (param == null) {
                log.error("Search filter not found for search type:  " + search.getSearchType());
                return null;
            }
            replace = GrouperClientUtils.replace(param, "%TERM%", escapeSearchFilter(str));
        }
        String str3 = replace;
        if (equals && !subjectStatusResult.isAll() && !StringUtils.isBlank(subjectStatusResult.getDatastoreFieldName())) {
            if (!subjectStatusResult.getDatastoreValue().matches("[a-zA-Z0-9_-]+")) {
                throw new RuntimeException("Invalid status value: " + subjectStatusResult.getDatastoreValue());
            }
            replace = "(&" + replace + "(" + (subjectStatusResult.isEquals() ? "" : " ! ( ") + subjectStatusResult.getDatastoreFieldName() + "=" + subjectStatusResult.getDatastoreValue() + (subjectStatusResult.isEquals() ? "" : " ) ") + "))";
        }
        if (StringUtils.equals(str3, replace)) {
            if (log.isDebugEnabled()) {
                log.debug("searchType: " + search.getSearchType() + ", filter: " + replace);
            }
        } else if (log.isDebugEnabled()) {
            log.debug("searchType: " + search.getSearchType() + ", preStatusFilter: " + str3 + ", filter: " + replace);
        }
        try {
            try {
                try {
                    ldap = this.ldapPool.checkOut();
                    SearchControls searchControls = new SearchControls();
                    searchControls.setReturningAttributes(strArr);
                    if (z && this.maxPage != null) {
                        searchControls.setCountLimit(this.maxPage.intValue() + 1);
                    }
                    String param2 = search.getParam("base");
                    if (param2 == null) {
                        param2 = ldap.getLdapConfig().getBaseDn();
                    }
                    String param3 = search.getParam("scope");
                    if (param3 != null) {
                        if (param3.equals("OBJECT_SCOPE")) {
                            searchControls.setSearchScope(LdapConfig.SearchScope.OBJECT.scope());
                        }
                        if (param3.equals("ONELEVEL_SCOPE")) {
                            searchControls.setSearchScope(LdapConfig.SearchScope.ONELEVEL.scope());
                        }
                        if (param3.equals("SUBTREE_SCOPE")) {
                            searchControls.setSearchScope(LdapConfig.SearchScope.SUBTREE.scope());
                        }
                    } else {
                        searchControls.setSearchScope(ldap.getLdapConfig().getSearchScope().scope());
                    }
                    Iterator<SearchResult> search2 = ldap.search(param2, new SearchFilter(replace), searchControls);
                    if (ldap != null) {
                        try {
                            this.ldapPool.checkIn(ldap);
                        } catch (Exception e) {
                            log.error("Could not return Ldap object back to pool", e);
                        }
                    }
                    return search2;
                } catch (Exception e2) {
                    log.error("Ldap Exception: " + e2.getMessage(), e2);
                    throw new SourceUnavailableException("Ldap Exception: " + e2.getMessage(), e2);
                }
            } catch (NamingException e3) {
                log.error("Ldap NamingException: " + e3.getMessage(), e3);
                throw new SourceUnavailableException("Ldap NamingException: " + e3.getMessage(), e3);
            }
        } catch (Throwable th) {
            if (ldap != null) {
                try {
                    this.ldapPool.checkIn(ldap);
                } catch (Exception e4) {
                    log.error("Could not return Ldap object back to pool", e4);
                }
            }
            throw th;
        }
    }

    protected Attributes getLdapUnique(Search search, String str, String[] strArr) throws SubjectNotFoundException, SubjectNotUniqueException, SourceUnavailableException {
        LinkedHashMap linkedHashMap = null;
        try {
            if (log.isDebugEnabled()) {
                linkedHashMap = new LinkedHashMap();
                linkedHashMap.put("method", "getLdapUnique");
                linkedHashMap.put("search", search);
                linkedHashMap.put("searchValue", str);
                linkedHashMap.put("attributeNames", SubjectUtils.toStringForLog(strArr, 200));
            }
            Iterator<SearchResult> ldapResults = getLdapResults(search, str, strArr);
            if (ldapResults == null || !ldapResults.hasNext()) {
                throw new SubjectNotFoundException("No results: " + search.getSearchType() + " filter:" + search.getParam("filter") + " searchValue: " + str);
            }
            SearchResult next = ldapResults.next();
            Attributes attributes = next.getAttributes();
            if (linkedHashMap != null) {
                linkedHashMap.put("dn", next.getName());
            }
            attributes.put(new BasicAttribute("dn", next.getName()));
            if (ldapResults.hasNext()) {
                SearchResult next2 = ldapResults.next();
                if (linkedHashMap != null) {
                    linkedHashMap.put("dn2", next2.getName());
                }
                if (!this.multipleResults) {
                    if (linkedHashMap != null) {
                        linkedHashMap.put("searchIsNotUnique", true);
                    }
                    throw new SubjectNotUniqueException("Search is not unique:" + next2.getName() + "\n");
                }
                NamingEnumeration all = next2.getAttributes().getAll();
                while (all.hasMore()) {
                    try {
                        Attribute attribute = (Attribute) all.next();
                        if (log.isDebugEnabled()) {
                            log.debug("checking attribute " + attribute.getID());
                        }
                        if (attributes.get(attribute.getID()) == null) {
                            if (log.isDebugEnabled()) {
                                log.debug("adding " + attribute.getID());
                            }
                            attributes.put(attribute);
                        }
                    } catch (NamingException e) {
                        log.error("ldap excp: " + e);
                        throw new SourceUnavailableException("Ldap Exception: " + e.getMessage(), e);
                    }
                }
                attributes.get("dn").add(next2.getName());
            }
            if (log.isDebugEnabled()) {
                log.debug(SubjectUtils.mapToString(linkedHashMap));
            }
            return attributes;
        } catch (Throwable th) {
            if (log.isDebugEnabled()) {
                log.debug(SubjectUtils.mapToString(linkedHashMap));
            }
            throw th;
        }
    }

    protected String escapeSearchFilter(String str) {
        return new String(str).replaceAll("\\\\", "\\\\5c").replaceAll("\\(", "\\\\28").replaceAll("\\)", "\\\\29").replaceAll("\\" + Character.toString((char) 0), "\\\\00");
    }

    @Override // edu.internet2.middleware.subject.Source
    public void checkConfig() {
    }

    @Override // edu.internet2.middleware.subject.Source
    public String printConfig() {
        StringBuilder append = new StringBuilder("subject.properties ldap source id:   ").append(getId()).append(": ");
        if (this.propertiesFile != null) {
            append.append(this.propertiesFile);
        } else {
            String property = this.props.getProperty("SECURITY_PRINCIPAL");
            if (!StringUtils.isBlank(property)) {
                append.append(property).append("@");
            }
            append.append(getNeededProperty(this.props, "PROVIDER_URL"));
        }
        return append.toString();
    }

    public LdapPool<Ldap> getLdapPool() {
        return this.ldapPool;
    }

    public void setMultipleResults(boolean z) {
        this.multipleResults = z;
    }

    public Integer getMaxPage() {
        return this.maxPage;
    }
}
