package com.unboundid.ldap.listener;

import com.unboundid.asn1.ASN1OctetString;
import com.unboundid.ldap.matchingrules.OctetStringMatchingRule;
import com.unboundid.ldap.sdk.Control;
import com.unboundid.ldap.sdk.DN;
import com.unboundid.ldap.sdk.ExtendedRequest;
import com.unboundid.ldap.sdk.ExtendedResult;
import com.unboundid.ldap.sdk.LDAPException;
import com.unboundid.ldap.sdk.Modification;
import com.unboundid.ldap.sdk.ModificationType;
import com.unboundid.ldap.sdk.ReadOnlyEntry;
import com.unboundid.ldap.sdk.ResultCode;
import com.unboundid.ldap.sdk.extensions.PasswordModifyExtendedRequest;
import com.unboundid.ldap.sdk.extensions.PasswordModifyExtendedResult;
import com.unboundid.util.Debug;
import com.unboundid.util.NotMutable;
import com.unboundid.util.StaticUtils;
import com.unboundid.util.ThreadSafety;
import com.unboundid.util.ThreadSafetyLevel;
import java.security.SecureRandom;
import java.util.Arrays;
import java.util.List;

/* JADX WARN: Classes with same name are omitted:
  input_file:sample-genericTechPriceSrc-war-1.0.5.war:WEB-INF/lib/unboundid-ldapsdk-2.3.4.jar:com/unboundid/ldap/listener/PasswordModifyExtendedOperationHandler.class
 */
@ThreadSafety(level = ThreadSafetyLevel.COMPLETELY_THREADSAFE)
@NotMutable
/* loaded from: input_file:APP-INF/lib/unboundid-ldapsdk-2.3.4.jar:com/unboundid/ldap/listener/PasswordModifyExtendedOperationHandler.class */
public final class PasswordModifyExtendedOperationHandler extends InMemoryExtendedOperationHandler {
    @Override // com.unboundid.ldap.listener.InMemoryExtendedOperationHandler
    public String getExtendedOperationHandlerName() {
        return "Password Modify";
    }

    @Override // com.unboundid.ldap.listener.InMemoryExtendedOperationHandler
    public List<String> getSupportedExtendedRequestOIDs() {
        return Arrays.asList(PasswordModifyExtendedRequest.PASSWORD_MODIFY_REQUEST_OID);
    }

    @Override // com.unboundid.ldap.listener.InMemoryExtendedOperationHandler
    public ExtendedResult processExtendedOperation(InMemoryRequestHandler inMemoryRequestHandler, int i, ExtendedRequest extendedRequest) {
        DN dNForAuthzID;
        DN dn;
        ASN1OctetString aSN1OctetString;
        byte[] bArr;
        for (Control control : extendedRequest.getControls()) {
            if (control.isCritical()) {
                return new ExtendedResult(i, ResultCode.UNAVAILABLE_CRITICAL_EXTENSION, ListenerMessages.ERR_PW_MOD_EXTOP_UNSUPPORTED_CONTROL.get(control.getOID()), null, null, null, null, null);
            }
        }
        try {
            PasswordModifyExtendedRequest passwordModifyExtendedRequest = new PasswordModifyExtendedRequest(extendedRequest);
            String userIdentity = passwordModifyExtendedRequest.getUserIdentity();
            byte[] oldPasswordBytes = passwordModifyExtendedRequest.getOldPasswordBytes();
            byte[] newPasswordBytes = passwordModifyExtendedRequest.getNewPasswordBytes();
            if (userIdentity == null) {
                dn = inMemoryRequestHandler.getAuthenticatedDN();
            } else {
                try {
                    dNForAuthzID = new DN(userIdentity, inMemoryRequestHandler.getSchema());
                } catch (LDAPException e) {
                    Debug.debugException(e);
                    try {
                        dNForAuthzID = inMemoryRequestHandler.getDNForAuthzID(userIdentity);
                    } catch (LDAPException e2) {
                        Debug.debugException(e2);
                        return new PasswordModifyExtendedResult(i, ResultCode.INVALID_DN_SYNTAX, ListenerMessages.ERR_PW_MOD_EXTOP_CANNOT_PARSE_USER_IDENTITY.get(userIdentity), null, null, null, null);
                    }
                }
                dn = dNForAuthzID;
            }
            if (dn == null || dn.isNullDN()) {
                return new PasswordModifyExtendedResult(i, ResultCode.UNWILLING_TO_PERFORM, ListenerMessages.ERR_PW_MOD_NO_IDENTITY.get(), null, null, null, null);
            }
            ReadOnlyEntry entry = inMemoryRequestHandler.getEntry(dn);
            if (entry == null) {
                return new PasswordModifyExtendedResult(i, ResultCode.UNWILLING_TO_PERFORM, ListenerMessages.ERR_PW_MOD_EXTOP_CANNOT_GET_USER_ENTRY.get(dn.toString()), null, null, null, null);
            }
            if (oldPasswordBytes == null) {
                if (inMemoryRequestHandler.getAuthenticatedDN().isNullDN()) {
                    return new PasswordModifyExtendedResult(i, ResultCode.UNWILLING_TO_PERFORM, ListenerMessages.ERR_PW_MOD_EXTOP_NO_AUTHENTICATION.get(), null, null, null, null);
                }
            } else if (!entry.hasAttributeValue("userPassword", oldPasswordBytes, OctetStringMatchingRule.getInstance())) {
                return new PasswordModifyExtendedResult(i, ResultCode.INVALID_CREDENTIALS, null, null, null, null, null);
            }
            if (newPasswordBytes == null) {
                SecureRandom secureRandom = new SecureRandom();
                byte[] bytes = StaticUtils.getBytes("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789");
                bArr = new byte[8];
                for (int i2 = 0; i2 < bArr.length; i2++) {
                    bArr[i2] = bytes[secureRandom.nextInt(bytes.length)];
                }
                aSN1OctetString = new ASN1OctetString(bArr);
            } else {
                aSN1OctetString = null;
                bArr = newPasswordBytes;
            }
            try {
                inMemoryRequestHandler.modifyEntry(entry.getDN(), Arrays.asList(new Modification(ModificationType.REPLACE, "userPassword", bArr)));
                return new PasswordModifyExtendedResult(i, ResultCode.SUCCESS, null, null, null, aSN1OctetString, null);
            } catch (LDAPException e3) {
                Debug.debugException(e3);
                return new PasswordModifyExtendedResult(i, e3.getResultCode(), ListenerMessages.ERR_PW_MOD_EXTOP_CANNOT_CHANGE_PW.get(entry.getDN(), e3.getMessage()), null, null, null, null);
            }
        } catch (LDAPException e4) {
            Debug.debugException(e4);
            return new ExtendedResult(i, e4.getResultCode(), e4.getDiagnosticMessage(), e4.getMatchedDN(), e4.getReferralURLs(), null, null, null);
        }
    }
}
