package com.ibm.ws.security.admintask;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.websphere.management.cmdframework.CommandException;
import com.ibm.websphere.management.cmdframework.CommandLoadException;
import com.ibm.websphere.management.cmdframework.CommandNotFoundException;
import com.ibm.websphere.management.cmdframework.CommandValidationException;
import com.ibm.websphere.management.cmdframework.commanddata.CommandData;
import com.ibm.websphere.management.cmdframework.commandmetadata.TaskCommandMetadata;
import com.ibm.websphere.management.cmdframework.provider.AbstractTaskCommand;
import com.ibm.websphere.management.cmdframework.provider.TaskCommandResultImpl;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.security.common.util.AuditConstants;
import com.ibm.ws.security.common.util.CommonConstants;
import com.ibm.ws.security.config.AuditConfig;
import com.ibm.ws.security.config.UserRegistryConfig;
import com.ibm.ws.security.jaspi.commands.AdminConstants;
import com.ibm.ws.security.profiletask.MessageFormatHelper;
import com.ibm.ws.security.util.ConfigUtils;
import java.io.ByteArrayOutputStream;
import java.io.PrintStream;
import java.util.ArrayList;
import java.util.List;
import java.util.Locale;
import java.util.Properties;
import java.util.ResourceBundle;
import javax.naming.AuthenticationException;
import javax.naming.AuthenticationNotSupportedException;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;

/* loaded from: input_file:com/ibm/ws/security/admintask/LdapSearch.class */
public class LdapSearch extends AbstractTaskCommand {
    private static String BUNDLE_NAME = AdminConstants.MSG_BUNDLE_NAME;
    private static Locale locale = null;
    private static ResourceBundle resBundle = null;
    private static String connectionErrorLabel = "security.admintask.ExceptionLDAPConnect";
    private static TraceComponent tc = Tr.register(LdapSearch.class, "LdapSearch", "com.ibm.ws.security.admintask.LdapSearch");
    private String hostName;
    private Integer portNumber;
    private Boolean sslEnabled;
    private String sslAlias;
    private String baseDN;
    private String bindDN;
    private String bindPwd;
    private String searchFilter;
    private Integer searchLimit;
    private String referral;
    private String searchScopeString;
    private int searchScope;
    private Boolean debugBool;
    private boolean debug;
    StringBuffer sb;
    private List<List> resultList;
    private List<String> inputParm;
    private List<String> resultLabel;
    private SearchControls controls;

    public LdapSearch(TaskCommandMetadata taskCommandMetadata) throws CommandNotFoundException {
        super(taskCommandMetadata);
        this.hostName = null;
        this.portNumber = new Integer(389);
        this.sslEnabled = null;
        this.sslAlias = null;
        this.baseDN = null;
        this.bindDN = null;
        this.bindPwd = null;
        this.searchFilter = "cn=*";
        this.searchLimit = new Integer(20);
        this.referral = "ignore";
        this.searchScopeString = "sub";
        this.searchScope = 2;
        this.debugBool = null;
        this.debug = false;
        this.sb = new StringBuffer();
        this.resultList = new ArrayList();
        this.inputParm = new ArrayList();
        this.resultLabel = new ArrayList();
        this.controls = null;
    }

    public LdapSearch(CommandData commandData) throws CommandNotFoundException, CommandLoadException {
        super(commandData);
        this.hostName = null;
        this.portNumber = new Integer(389);
        this.sslEnabled = null;
        this.sslAlias = null;
        this.baseDN = null;
        this.bindDN = null;
        this.bindPwd = null;
        this.searchFilter = "cn=*";
        this.searchLimit = new Integer(20);
        this.referral = "ignore";
        this.searchScopeString = "sub";
        this.searchScope = 2;
        this.debugBool = null;
        this.debug = false;
        this.sb = new StringBuffer();
        this.resultList = new ArrayList();
        this.inputParm = new ArrayList();
        this.resultLabel = new ArrayList();
        this.controls = null;
    }

    private String getMsg(ResourceBundle resourceBundle, String str, Object[] objArr) {
        return MessageFormatHelper.getFormattedMessage(resourceBundle, str, objArr);
    }

    private String getMsg(ResourceBundle resourceBundle, String str, Object[] objArr, String str2) {
        return MessageFormatHelper.getFormattedMessage(resourceBundle, str, objArr).startsWith("Cannot find") ? str2 : MessageFormatHelper.getFormattedMessage(resourceBundle, str, objArr);
    }

    @Override // com.ibm.websphere.management.cmdframework.provider.AbstractTaskCommand, com.ibm.websphere.management.cmdframework.provider.AbstractAdminCommand, com.ibm.websphere.management.cmdframework.AdminCommand
    public void validate() throws CommandValidationException {
        if (tc.isEntryEnabled() || this.debug) {
            Tr.entry(tc, AuditConstants.VALIDATE);
        }
        super.validate();
        setupLocaleAndResBundle();
        this.hostName = (String) getParameter("hostname");
        this.portNumber = getPortNumber();
        this.sslEnabled = (Boolean) getParameter("sslEnabled");
        this.sslAlias = (String) getParameter("sslAlias");
        this.baseDN = getBaseDNParameter();
        this.bindDN = (String) getParameter(UserRegistryConfig.BIND_DN);
        this.bindPwd = (String) getParameter(UserRegistryConfig.BIND_PASSWORD);
        this.searchFilter = (String) getParameter("searchFilter");
        this.searchLimit = getSearchLimitParameter();
        this.referral = getReferralParameter();
        this.searchScopeString = getSearchScopeParameter();
        this.searchScope = getSearchScope(this.searchScopeString);
        this.debugBool = (Boolean) getParameter(AuditConfig.VERBOSE);
        this.debug = getDebugFlag(this.debugBool);
        createInputParmOutput();
        this.resultList.add(this.inputParm);
        if (tc.isEntryEnabled() || this.debug) {
            Tr.exit(tc, AuditConstants.VALIDATE);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.ibm.websphere.management.cmdframework.provider.AbstractTaskCommand
    public void afterStepsExecuted() {
        if (tc.isEntryEnabled() || this.debug) {
            Tr.entry(tc, "afterStepsExecuted");
        }
        super.afterStepsExecuted();
        TaskCommandResultImpl taskCommandResultImpl = (TaskCommandResultImpl) getTaskCommandResult();
        if (!taskCommandResultImpl.isSuccessful()) {
            if (tc.isDebugEnabled() || this.debug) {
                Tr.exit(tc, "unsuccessful at getting TaskCommandResultImpl afterStepsExecuted");
                return;
            }
            return;
        }
        try {
            Properties createProps = createProps();
            this.controls = createSearchControls();
            String firstAttr = getFirstAttr(this.searchFilter);
            this.resultLabel.add("\n***** " + getMsg(resBundle, "security.ldapsearch.results", null, "LdapSearch Results") + " *****");
            this.resultList.add(this.resultLabel);
            int i = 0;
            try {
                InitialDirContext initialDirContext = new InitialDirContext(createProps);
                NamingEnumeration search = initialDirContext.search(this.baseDN, this.searchFilter, this.controls);
                while (search != null && search.hasMoreElements()) {
                    ArrayList arrayList = new ArrayList();
                    arrayList.add("\n------ #" + (i + 1));
                    Attributes attributes = ((SearchResult) search.next()).getAttributes();
                    NamingEnumeration iDs = attributes.getIDs();
                    while (iDs.hasMore()) {
                        String str = (String) iDs.next();
                        Attribute attribute = attributes.get(str);
                        for (int i2 = 0; i2 < attribute.size(); i2++) {
                            if (str.equals(firstAttr)) {
                                arrayList.add(1, str + "=" + attribute.get(i2));
                            } else {
                                arrayList.add(str + "=" + attribute.get(i2));
                            }
                        }
                    }
                    this.resultList.add(arrayList);
                    i++;
                    if (i >= this.searchLimit.intValue()) {
                        break;
                    }
                }
                initialDirContext.close();
                taskCommandResultImpl.setResult(this.resultList);
                if (tc.isEntryEnabled() || this.debug) {
                    Tr.exit(tc, "afterStepsExecuted");
                }
            } catch (AuthenticationException e) {
                handleError(e, taskCommandResultImpl);
                if (tc.isEntryEnabled() || this.debug) {
                    Tr.exit(tc, "afterStepsExecuted");
                }
            } catch (AuthenticationNotSupportedException e2) {
                handleError(e2, taskCommandResultImpl);
                if (tc.isEntryEnabled() || this.debug) {
                    Tr.exit(tc, "afterStepsExecuted");
                }
            } catch (NamingException e3) {
                handleError(e3, taskCommandResultImpl);
                if (tc.isEntryEnabled() || this.debug) {
                    Tr.exit(tc, "afterStepsExecuted");
                }
            }
        } catch (Exception e4) {
            FFDCFilter.processException(e4, "com.ibm.ws.security.admintask.ValidateLDAPConnection", "249");
            handleError(e4, taskCommandResultImpl);
            if (tc.isEntryEnabled() || this.debug) {
                Tr.exit(tc, "afterStepsExecuted");
            }
        }
    }

    private String getFirstAttr(String str) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getMainAttr searchFilter=" + str);
        }
        String str2 = null;
        String str3 = str.split("=")[0];
        int i = 0;
        while (true) {
            if (i >= str3.length()) {
                break;
            }
            str3 = str3.substring(i, str3.length());
            if (str3.matches("[a-zA-Z]+")) {
                str2 = str3;
                break;
            }
            i++;
        }
        if (tc.isEntryEnabled() || this.debug) {
            Tr.exit(tc, "getMainAttr returning " + str2);
        }
        return str2;
    }

    private String createErrorMessage(Exception exc) {
        String concat = getMsg(resBundle, connectionErrorLabel, null).concat("Exception Name=" + exc.getClass().getName() + " Reason=" + exc.getMessage() + "\n").concat(printInputParm());
        if (tc.isDebugEnabled() || this.debug) {
            concat = concat.concat(printSearchControls(this.controls)).concat(getErrorStack(exc));
            Tr.debug(tc, concat);
        }
        return concat;
    }

    String printInputParm() {
        String str = "\n";
        for (int i = 0; i < this.inputParm.size(); i++) {
            str = str + this.inputParm.get(i) + "\n";
        }
        return str;
    }

    private String getErrorStack(Throwable th) {
        StringBuffer stringBuffer = new StringBuffer("\n***** Error stack BEGIN *****");
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        th.printStackTrace(new PrintStream(byteArrayOutputStream));
        stringBuffer.append("\n");
        stringBuffer.append(byteArrayOutputStream);
        stringBuffer.append("***** Error stack END *****");
        return stringBuffer.toString();
    }

    void setupLocaleAndResBundle() {
        locale = getLocale();
        if (locale == null) {
            locale = Locale.getDefault();
        }
        resBundle = ResourceBundle.getBundle(BUNDLE_NAME, Locale.getDefault());
    }

    Integer getSearchLimitParameter() throws CommandValidationException {
        if (tc.isEntryEnabled() || this.debug) {
            Tr.entry(tc, "getSearchLimitParameter");
        }
        Integer num = null;
        if (((Integer) getParameter("searchLimit")) != null) {
            num = (Integer) getParameter("searchLimit");
        }
        if (num.intValue() > 100 || num.intValue() < 1) {
            throw new CommandValidationException(getMsg(resBundle, "invalid.search.limit", null, "The searchLimit is between 1 and 100. DefaultValue is 20."));
        }
        if (tc.isEntryEnabled() || this.debug) {
            Tr.exit(tc, "getReferralParameter");
        }
        return num;
    }

    String getReferralParameter() throws CommandValidationException {
        String str;
        if (tc.isEntryEnabled() || this.debug) {
            Tr.entry(tc, "getReferralParameter");
        }
        String str2 = null;
        if (((String) getParameter("referral")) != null) {
            str2 = (String) getParameter("referral");
        }
        if (tc.isDebugEnabled() || this.debug) {
            Tr.debug(tc, "r=" + str2);
        }
        if (str2 == null) {
            str = "ignore";
        } else if (str2.equalsIgnoreCase("ignore")) {
            str = "ignore";
        } else if (str2.equalsIgnoreCase("follow")) {
            str = "follow";
        } else {
            if (!str2.equalsIgnoreCase("throw")) {
                throw new CommandValidationException(getMsg(resBundle, "invalid.referral", new Object[]{str2}, "The specified value {0} is not valid.  A valid value for the search scope is ignore, follow, or throw. The default value is ignore."));
            }
            str = "thorw";
        }
        if (tc.isEntryEnabled() || this.debug) {
            Tr.exit(tc, "getReferralParameter r=" + str);
        }
        return str;
    }

    String getSearchScopeParameter() throws CommandValidationException {
        String str;
        if (tc.isEntryEnabled() || this.debug) {
            Tr.entry(tc, "getSearchScopeParameter");
        }
        String str2 = null;
        if (((String) getParameter("searchScope")) != null) {
            str2 = (String) getParameter("searchScope");
        }
        if (tc.isDebugEnabled() || this.debug) {
            Tr.debug(tc, "ss=" + str2);
        }
        if (str2 == null) {
            str = "sub";
        } else if (str2.equalsIgnoreCase("base")) {
            str = "base";
        } else if (str2.equalsIgnoreCase("one")) {
            str = "one";
        } else {
            if (!str2.equalsIgnoreCase("sub")) {
                throw new CommandValidationException(getMsg(resBundle, "invalid.search.scope", new Object[]{str2}, "The specified value {0} is not valid.  A valid value for the search scope is sub, one, or base. The default value is sub."));
            }
            str = "sub";
        }
        if (tc.isEntryEnabled() || this.debug) {
            Tr.exit(tc, "getSearchScopeParameter ss=" + str);
        }
        return str;
    }

    int getSearchScope(String str) {
        if (tc.isEntryEnabled() || this.debug) {
            Tr.entry(tc, "getSearchScope sss=" + str);
        }
        int i = 2;
        if (str.equals("base")) {
            i = 0;
        }
        if (str.equals("one")) {
            i = 1;
        }
        if (tc.isEntryEnabled() || this.debug) {
            Tr.exit(tc, "getSearchScope scope=" + i);
        }
        return i;
    }

    Integer getPortNumber() throws CommandValidationException {
        if (tc.isEntryEnabled() || this.debug) {
            Tr.entry(tc, "getPortNumber");
        }
        Integer num = ((Integer) getParameter("port")) != null ? (Integer) getParameter("port") : new Integer(389);
        if (tc.isEntryEnabled() || this.debug) {
            Tr.exit(tc, "getPortNumber p=" + num);
        }
        return num;
    }

    String getBaseDNParameter() throws CommandValidationException {
        if (tc.isEntryEnabled() || this.debug) {
            Tr.entry(tc, "getBaseDNParameter");
        }
        String str = (String) getParameter(UserRegistryConfig.BASE_DN);
        if (tc.isDebugEnabled() || this.debug) {
            Tr.debug(tc, "bDN=" + str);
        }
        String variableMapExpand = str != null ? ConfigUtils.variableMapExpand(str) : "";
        if (tc.isEntryEnabled() || this.debug) {
            Tr.exit(tc, "getBaseDNParameter=" + variableMapExpand);
        }
        return variableMapExpand;
    }

    boolean getDebugFlag(Boolean bool) {
        boolean z = false;
        if (bool != null) {
            z = bool.booleanValue();
        }
        return z;
    }

    void createInputParmOutput() {
        if (tc.isEntryEnabled() || this.debug) {
            Tr.entry(tc, "createInputParmOutput");
        }
        this.inputParm.add("***** " + getMsg(resBundle, "security.ldapsearch.input.parameters", null, "LdapSearch Input Parameters") + " *****");
        this.inputParm.add("hostName=" + this.hostName);
        this.inputParm.add("portNumber=" + this.portNumber);
        this.inputParm.add("sslEnabled=" + this.sslEnabled);
        if (this.sslAlias != null) {
            this.inputParm.add("sslAlias=" + this.sslAlias);
        }
        if (this.baseDN != null) {
            this.inputParm.add("baseDN=" + this.baseDN);
        }
        if (this.bindDN != null) {
            this.inputParm.add("bindDN=" + this.bindDN);
        }
        if (this.bindPwd != null && !this.bindPwd.isEmpty()) {
            this.inputParm.add("bindPwd=*****");
        }
        this.inputParm.add("searchFilter=" + this.searchFilter);
        this.inputParm.add("searchLimit=" + this.searchLimit);
        if (this.referral != null) {
            this.inputParm.add("referral=" + this.referral);
        }
        if (this.searchScopeString != null) {
            this.inputParm.add("searchScope=" + this.searchScopeString);
        }
        if (this.debugBool != null) {
            this.inputParm.add("debug=" + this.debug);
        }
        if (this.portNumber.intValue() == 389 && this.sslEnabled.booleanValue()) {
            this.inputParm.add("\n! " + getMsg(resBundle, "non.ssl.port.ssl.Enabled.true", null, "sslEnabled is set to true for a non-SSL port."));
        }
        if (this.portNumber.intValue() == 636 && !this.sslEnabled.booleanValue()) {
            this.inputParm.add("\n! " + getMsg(resBundle, "ssl.port.ssl.Enabled.false", null, "sslEnabled is set to false for a SSL port."));
        }
        if (tc.isEntryEnabled() || this.debug) {
            Tr.exit(tc, "createInputParmOutput inputParm=" + this.inputParm);
        }
    }

    Properties createProps() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "createProps");
        }
        Properties properties = new Properties();
        StringBuffer stringBuffer = new StringBuffer();
        if (this.hostName.indexOf(":") != -1) {
            stringBuffer.append("ldap://").append("[" + this.hostName + "]");
        } else {
            stringBuffer.append("ldap://").append(this.hostName);
        }
        if (this.portNumber != null && this.portNumber.intValue() > 0) {
            stringBuffer.append(":" + this.portNumber.intValue());
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "ldapUrl = " + stringBuffer.toString());
        }
        properties.setProperty("java.naming.provider.url", stringBuffer.toString());
        properties.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
        properties.put("com.sun.jndi.ldap.connect.timeout", CommonConstants.AUDIT_DEFAULT_QUEUE_SIZE);
        if (this.sslEnabled != null && this.sslEnabled.booleanValue()) {
            properties.put("java.naming.ldap.factory.socket", "com.ibm.ws.security.registry.ldap.ValidateLdapSSLSocketFactory");
            properties.put("java.naming.security.protocol", "ssl");
            if (this.sslAlias != null) {
                properties.setProperty("sslAlias", this.sslAlias);
                properties.put("LDAP.validation", "true");
                properties.put(CommonConstants.LDAP_SSL_ALIAS, this.sslAlias);
            }
        }
        if (this.bindDN != null) {
            properties.setProperty("java.naming.security.principal", this.bindDN);
        }
        if (this.bindPwd != null) {
            properties.setProperty("java.naming.security.credentials", this.bindPwd);
        }
        if (this.bindPwd != null && !this.bindPwd.isEmpty()) {
            properties.setProperty("java.naming.security.authentication", "simple");
        }
        properties.setProperty("java.naming.referral", this.referral);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "createProps props=" + properties);
        }
        return properties;
    }

    SearchControls createSearchControls() {
        if (tc.isEntryEnabled() || this.debug) {
            Tr.entry(tc, "createSearchControls");
        }
        SearchControls searchControls = new SearchControls();
        searchControls.setSearchScope(this.searchScope);
        searchControls.setCountLimit(this.searchLimit.intValue());
        if (tc.isEntryEnabled() || this.debug) {
            Tr.entry(tc, "createSearchControls sc=" + printSearchControls(searchControls));
        }
        return searchControls;
    }

    String printSearchControls(SearchControls searchControls) {
        return "\n***** searchControls *****\n CountLimit=" + searchControls.getCountLimit() + "\n Search Scope=" + searchControls.getSearchScope() + "\n Time Limit=" + searchControls.getTimeLimit() + "\n DerefLinkFlag=" + searchControls.getDerefLinkFlag() + "\n ReturningObjFlag=" + searchControls.getReturningObjFlag() + "\n ReturningAttributeFlag= " + searchControls.getReturningAttributes();
    }

    void handleError(Exception exc, TaskCommandResultImpl taskCommandResultImpl) {
        String createErrorMessage = createErrorMessage(exc);
        taskCommandResultImpl.setResult(createErrorMessage);
        taskCommandResultImpl.setException(new CommandException(createErrorMessage));
    }
}
