package org.alfresco.utility.data.auth;

import java.io.UnsupportedEncodingException;
import java.util.HashMap;
import java.util.Map;
import java.util.Properties;
import javax.naming.NameNotFoundException;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attributes;
import javax.naming.directory.BasicAttribute;
import javax.naming.directory.BasicAttributes;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.ModificationItem;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import org.alfresco.utility.TasProperties;
import org.alfresco.utility.data.auth.DataLDAP;
import org.alfresco.utility.exception.TestStepException;
import org.alfresco.utility.model.UserModel;
import org.alfresco.utility.report.log.Step;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Service;
import org.testng.Assert;

@Scope("prototype")
@Service
/* loaded from: input_file:org/alfresco/utility/data/auth/DataKerberos.class */
public class DataKerberos {

    @Autowired
    private TasProperties tasProperties;
    private static final String USER_SEARCH_BASE = "CN=%s,CN=Users,DC=alfresconess,DC=com";
    private DirContext context;

    /* loaded from: input_file:org/alfresco/utility/data/auth/DataKerberos$Builder.class */
    public class Builder implements UserManageable {
        public Builder() throws NamingException {
            Properties properties = new Properties();
            properties.put("java.naming.factory.initial", DataKerberos.this.tasProperties.getAuthContextFactory());
            properties.put("java.naming.provider.url", DataKerberos.this.tasProperties.getLdapURL());
            properties.put("java.naming.security.authentication", DataKerberos.this.tasProperties.getSecurityAuth());
            properties.put("java.naming.security.principal", DataKerberos.this.tasProperties.getLdapSecurityPrincipal());
            properties.put("java.naming.security.credentials", DataKerberos.this.tasProperties.getLdapSecurityCredentials());
            DataKerberos.this.context = new InitialDirContext(properties);
        }

        @Override // org.alfresco.utility.data.auth.UserManageable
        public Builder createUser(UserModel userModel) throws NamingException, UnsupportedEncodingException {
            Step.STEP(String.format("[Kerberos] Add user %s", userModel.getUsername()));
            BasicAttributes basicAttributes = new BasicAttributes();
            BasicAttribute basicAttribute = new BasicAttribute("objectClass", DataLDAP.ObjectType.user.toString());
            BasicAttribute basicAttribute2 = new BasicAttribute("sn", userModel.getLastName());
            BasicAttribute basicAttribute3 = new BasicAttribute("samAccountName", userModel.getUsername());
            BasicAttribute basicAttribute4 = new BasicAttribute("userAccountControl");
            basicAttribute4.add(Integer.toString(UserAccountStatus.NORMAL_ACCOUNT.getValue() + UserAccountStatus.PASSWD_NOTREQD.getValue() + UserAccountStatus.DONT_EXPIRE_PASSWD.getValue() + UserAccountStatus.TRUSTED_TO_AUTH_FOR_DELEGATION.getValue() + UserAccountStatus.DONT_REQ_PREAUTH.getValue()));
            basicAttributes.put(basicAttribute);
            basicAttributes.put(basicAttribute2);
            basicAttributes.put(basicAttribute3);
            basicAttributes.put(basicAttribute4);
            DataKerberos.this.context.createSubcontext(String.format(DataKerberos.USER_SEARCH_BASE, userModel.getUsername()), basicAttributes);
            DataKerberos.this.context.modifyAttributes(String.format(DataKerberos.USER_SEARCH_BASE, userModel.getUsername()), new ModificationItem[]{new ModificationItem(2, new BasicAttribute("unicodePwd", String.format("\"%s\"", userModel.getPassword()).getBytes("UTF-16LE"))), new ModificationItem(2, new BasicAttribute("userAccountControl", Integer.toString(UserAccountStatus.NORMAL_ACCOUNT.getValue() + UserAccountStatus.DONT_EXPIRE_PASSWD.getValue() + UserAccountStatus.TRUSTED_TO_AUTH_FOR_DELEGATION.getValue() + UserAccountStatus.DONT_REQ_PREAUTH.getValue())))});
            return this;
        }

        public SearchResult searchForObjectClass(String str, DataLDAP.ObjectType objectType) throws NamingException {
            String format = String.format("(objectClass=%s)", objectType.toString());
            SearchControls searchControls = new SearchControls();
            searchControls.setSearchScope(2);
            try {
                NamingEnumeration search = DataKerberos.this.context.search(String.format(DataKerberos.USER_SEARCH_BASE, str), format, searchControls);
                if (search.hasMoreElements()) {
                    return (SearchResult) search.nextElement();
                }
                return null;
            } catch (NameNotFoundException e) {
                return null;
            }
        }

        @Override // org.alfresco.utility.data.auth.UserManageable
        public UserManageable deleteUser(UserModel userModel) throws NamingException {
            Step.STEP(String.format("[Kerberos] Delete user %s", userModel.getUsername()));
            DataKerberos.this.context.destroySubcontext(String.format(DataKerberos.USER_SEARCH_BASE, userModel.getUsername()));
            return this;
        }

        @Override // org.alfresco.utility.data.auth.UserManageable
        public UserManageable updateUser(UserModel userModel, HashMap<String, String> hashMap) throws NamingException, UnsupportedEncodingException {
            Step.STEP(String.format("[Kerberos] Update user %s", userModel.getUsername()));
            ModificationItem[] modificationItemArr = new ModificationItem[hashMap.size()];
            int i = 0;
            for (Map.Entry<String, String> entry : hashMap.entrySet()) {
                BasicAttribute basicAttribute = new BasicAttribute(entry.getKey());
                if (entry.getKey().equals("unicodePwd")) {
                    basicAttribute.add(String.format("\"%s\"", entry.getValue()).getBytes("UTF-16LE"));
                } else {
                    basicAttribute.add(entry.getValue());
                }
                modificationItemArr[i] = new ModificationItem(2, basicAttribute);
                i++;
            }
            DataKerberos.this.context.modifyAttributes(String.format(DataKerberos.USER_SEARCH_BASE, userModel.getUsername()), modificationItemArr);
            return this;
        }

        public Builder disableUser(UserModel userModel) throws NamingException {
            Step.STEP(String.format("[Kerberos] Disable user %s", userModel.getUsername()));
            DataKerberos.this.context.modifyAttributes(String.format(DataKerberos.USER_SEARCH_BASE, userModel.getUsername()), new ModificationItem[]{new ModificationItem(2, new BasicAttribute("userAccountControl", Integer.toString(UserAccountStatus.DISABLE_ACCOUNT.getValue() + UserAccountStatus.NORMAL_ACCOUNT.getValue() + UserAccountStatus.DONT_EXPIRE_PASSWD.getValue() + UserAccountStatus.TRUSTED_TO_AUTH_FOR_DELEGATION.getValue() + UserAccountStatus.DONT_REQ_PREAUTH.getValue())))});
            return this;
        }

        public Builder enableUser(UserModel userModel) throws NamingException {
            Step.STEP(String.format("[Kerberos] Enable user %s", userModel.getUsername()));
            DataKerberos.this.context.modifyAttributes(String.format(DataKerberos.USER_SEARCH_BASE, userModel.getUsername()), new ModificationItem[]{new ModificationItem(2, new BasicAttribute("userAccountControl", Integer.toString(UserAccountStatus.NORMAL_ACCOUNT.getValue() + UserAccountStatus.DONT_EXPIRE_PASSWD.getValue() + UserAccountStatus.TRUSTED_TO_AUTH_FOR_DELEGATION.getValue() + UserAccountStatus.DONT_REQ_PREAUTH.getValue())))});
            return this;
        }

        @Override // org.alfresco.utility.data.auth.UserManageable
        public UserManageable assertUserExists(UserModel userModel) throws NamingException {
            Step.STEP(String.format("[Kerberos] Assert user %s exists", userModel.getUsername()));
            Assert.assertNotNull(searchForObjectClass(userModel.getUsername(), DataLDAP.ObjectType.user));
            return this;
        }

        @Override // org.alfresco.utility.data.auth.UserManageable
        public UserManageable assertUserDoesNotExist(UserModel userModel) throws NamingException, TestStepException {
            Step.STEP(String.format("[Kerberos] Assert user %s does not exist", userModel.getUsername()));
            Assert.assertNull(searchForObjectClass(userModel.getUsername(), DataLDAP.ObjectType.user));
            return this;
        }

        public Builder assertUserIsDisabled(UserModel userModel, UserAccountControlValue userAccountControlValue) throws NamingException {
            Attributes attributes = DataKerberos.this.context.getAttributes(String.format(DataKerberos.USER_SEARCH_BASE, userModel.getUsername()), new String[]{"userAccountControl"});
            Assert.assertTrue(attributes.toString().contains(userAccountControlValue.toString()), String.format("User account control value expected %s but found %s", userAccountControlValue.toString(), attributes.toString()));
            return this;
        }

        public Builder assertUserIsEnabled(UserModel userModel, UserAccountControlValue userAccountControlValue) throws NamingException {
            Attributes attributes = DataKerberos.this.context.getAttributes(String.format(DataKerberos.USER_SEARCH_BASE, userModel.getUsername()), new String[]{"userAccountControl"});
            Assert.assertTrue(attributes.toString().contains(userAccountControlValue.toString()), String.format("User account value expected %s but found %s ", userAccountControlValue.toString(), attributes.toString()));
            return this;
        }
    }

    /* loaded from: input_file:org/alfresco/utility/data/auth/DataKerberos$UserAccountControlValue.class */
    public enum UserAccountControlValue {
        enabled("21037568"),
        disabled("21037570");

        private final String userAccountControlValue;

        UserAccountControlValue(String str) {
            this.userAccountControlValue = str;
        }

        @Override // java.lang.Enum
        public String toString() {
            return this.userAccountControlValue;
        }
    }

    /* loaded from: input_file:org/alfresco/utility/data/auth/DataKerberos$UserAccountStatus.class */
    public enum UserAccountStatus {
        NORMAL_ACCOUNT(512),
        PASSWD_NOTREQD(32),
        DONT_REQ_PREAUTH(4194304),
        TRUSTED_TO_AUTH_FOR_DELEGATION(16777216),
        TRUSTED_FOR_DELEGATION(524288),
        DISABLE_ACCOUNT(2),
        DONT_EXPIRE_PASSWD(65536);

        private final int value;

        UserAccountStatus(int i) {
            this.value = i;
        }

        public int getValue() {
            return this.value;
        }
    }

    public Builder perform() throws NamingException {
        return new Builder();
    }
}
