package org.opends.server.core;

import java.util.EnumSet;
import java.util.HashSet;
import java.util.Iterator;
import java.util.concurrent.CopyOnWriteArraySet;
import java.util.concurrent.locks.ReentrantReadWriteLock;
import org.forgerock.i18n.slf4j.LocalizedLogger;
import org.forgerock.opendj.ldap.DN;
import org.forgerock.opendj.ldap.ResultCode;
import org.opends.messages.CoreMessages;
import org.opends.server.api.ClientConnection;
import org.opends.server.api.DITCacheMap;
import org.opends.server.api.plugin.InternalDirectoryServerPlugin;
import org.opends.server.api.plugin.PluginResult;
import org.opends.server.api.plugin.PluginType;
import org.opends.server.types.DisconnectReason;
import org.opends.server.types.Entry;
import org.opends.server.types.operation.PostResponseDeleteOperation;
import org.opends.server.types.operation.PostResponseModifyDNOperation;
import org.opends.server.types.operation.PostResponseModifyOperation;

/* JADX WARN: Classes with same name are omitted:
  input_file:embedded-opendj/opendj.zip:opendj/lib/opendj.jar:org/opends/server/core/AuthenticatedUsers.class
 */
/* loaded from: input_file:embedded-opendj/opendj.zip:opendj/lib/org.openidentityplatform.opendj.opendj-server-legacy.jar:org/opends/server/core/AuthenticatedUsers.class */
public class AuthenticatedUsers extends InternalDirectoryServerPlugin {
    private static final LocalizedLogger logger = LocalizedLogger.getLoggerForThisClass();
    private final DITCacheMap<CopyOnWriteArraySet<ClientConnection>> userMap;
    private final ReentrantReadWriteLock lock;
    private static final String CONFIG_DN = "cn=Authenticated Users,cn=config";

    public AuthenticatedUsers() {
        super(DN.valueOf(CONFIG_DN), EnumSet.of(PluginType.POST_RESPONSE_MODIFY, PluginType.POST_RESPONSE_MODIFY_DN, PluginType.POST_RESPONSE_DELETE), true);
        this.userMap = new DITCacheMap<>();
        this.lock = new ReentrantReadWriteLock();
        DirectoryServer.registerInternalPlugin(this);
    }

    public void put(DN dn, ClientConnection clientConnection) {
        this.lock.writeLock().lock();
        try {
            CopyOnWriteArraySet<ClientConnection> copyOnWriteArraySet = this.userMap.get(dn);
            if (copyOnWriteArraySet == null) {
                CopyOnWriteArraySet<ClientConnection> copyOnWriteArraySet2 = new CopyOnWriteArraySet<>();
                copyOnWriteArraySet2.add(clientConnection);
                this.userMap.put(dn, (DN) copyOnWriteArraySet2);
            } else {
                copyOnWriteArraySet.add(clientConnection);
            }
        } finally {
            this.lock.writeLock().unlock();
        }
    }

    public void remove(DN dn, ClientConnection clientConnection) {
        this.lock.writeLock().lock();
        try {
            CopyOnWriteArraySet<ClientConnection> copyOnWriteArraySet = this.userMap.get(dn);
            if (copyOnWriteArraySet != null) {
                copyOnWriteArraySet.remove(clientConnection);
                if (copyOnWriteArraySet.isEmpty()) {
                    this.userMap.remove(dn);
                }
            }
        } finally {
            this.lock.writeLock().unlock();
        }
    }

    public CopyOnWriteArraySet<ClientConnection> get(DN dn) {
        this.lock.readLock().lock();
        try {
            return this.userMap.get(dn);
        } finally {
            this.lock.readLock().unlock();
        }
    }

    @Override // org.opends.server.api.plugin.DirectoryServerPlugin
    public PluginResult.PostResponse doPostResponse(PostResponseDeleteOperation postResponseDeleteOperation) {
        DN entryDN = postResponseDeleteOperation.getEntryDN();
        if (postResponseDeleteOperation.getResultCode() != ResultCode.SUCCESS || operationDoesNotTargetAuthenticatedUser(entryDN)) {
            return PluginResult.PostResponse.continueOperationProcessing();
        }
        HashSet hashSet = new HashSet();
        this.lock.writeLock().lock();
        try {
            this.userMap.removeSubtree(entryDN, hashSet);
            this.lock.writeLock().unlock();
            Iterator it = hashSet.iterator();
            while (it.hasNext()) {
                Iterator it2 = ((CopyOnWriteArraySet) it.next()).iterator();
                while (it2.hasNext()) {
                    ((ClientConnection) it2.next()).disconnect(DisconnectReason.INVALID_CREDENTIALS, true, CoreMessages.WARN_CLIENTCONNECTION_DISCONNECT_DUE_TO_DELETE.get(entryDN));
                }
            }
            return PluginResult.PostResponse.continueOperationProcessing();
        } catch (Throwable th) {
            this.lock.writeLock().unlock();
            throw th;
        }
    }

    private boolean operationDoesNotTargetAuthenticatedUser(DN dn) {
        this.lock.readLock().lock();
        try {
            return !this.userMap.containsSubtree(dn);
        } finally {
            this.lock.readLock().unlock();
        }
    }

    @Override // org.opends.server.api.plugin.DirectoryServerPlugin
    public PluginResult.PostResponse doPostResponse(PostResponseModifyOperation postResponseModifyOperation) {
        Entry currentEntry = postResponseModifyOperation.getCurrentEntry();
        if (postResponseModifyOperation.getResultCode() != ResultCode.SUCCESS || currentEntry == null || operationDoesNotTargetAuthenticatedUser(currentEntry.getName())) {
            return PluginResult.PostResponse.continueOperationProcessing();
        }
        this.lock.writeLock().lock();
        try {
            CopyOnWriteArraySet<ClientConnection> copyOnWriteArraySet = this.userMap.get(currentEntry.getName());
            if (copyOnWriteArraySet != null) {
                Entry entry = null;
                Iterator<ClientConnection> it = copyOnWriteArraySet.iterator();
                while (it.hasNext()) {
                    ClientConnection next = it.next();
                    if (entry == null) {
                        entry = postResponseModifyOperation.getModifiedEntry().duplicate(true);
                    }
                    next.updateAuthenticationInfo(currentEntry, entry);
                }
            }
            return PluginResult.PostResponse.continueOperationProcessing();
        } finally {
            this.lock.writeLock().unlock();
        }
    }

    @Override // org.opends.server.api.plugin.DirectoryServerPlugin
    public PluginResult.PostResponse doPostResponse(PostResponseModifyDNOperation postResponseModifyDNOperation) {
        Entry originalEntry = postResponseModifyDNOperation.getOriginalEntry();
        Entry updatedEntry = postResponseModifyDNOperation.getUpdatedEntry();
        if (postResponseModifyDNOperation.getResultCode() != ResultCode.SUCCESS || originalEntry == null || updatedEntry == null || operationDoesNotTargetAuthenticatedUser(originalEntry.getName())) {
            return PluginResult.PostResponse.continueOperationProcessing();
        }
        DN name = originalEntry.getName();
        DN name2 = updatedEntry.getName();
        this.lock.writeLock().lock();
        try {
            HashSet hashSet = new HashSet();
            this.userMap.removeSubtree(originalEntry.getName(), hashSet);
            Iterator it = hashSet.iterator();
            while (it.hasNext()) {
                DN dn = null;
                DN dn2 = null;
                DN dn3 = null;
                DN dn4 = null;
                CopyOnWriteArraySet<ClientConnection> copyOnWriteArraySet = null;
                CopyOnWriteArraySet<ClientConnection> copyOnWriteArraySet2 = null;
                Iterator it2 = ((CopyOnWriteArraySet) it.next()).iterator();
                while (it2.hasNext()) {
                    ClientConnection clientConnection = (ClientConnection) it2.next();
                    if (dn == null) {
                        dn = clientConnection.getAuthenticationInfo().getAuthenticationDN();
                        try {
                            dn3 = dn.rename(name, name2);
                        } catch (Exception e) {
                            logger.traceException(e);
                        }
                    }
                    if (dn2 == null) {
                        dn2 = clientConnection.getAuthenticationInfo().getAuthorizationDN();
                        try {
                            dn4 = dn2.rename(name, name2);
                        } catch (Exception e2) {
                            logger.traceException(e2);
                        }
                    }
                    if (dn3 != null && dn != null && dn.isSubordinateOrEqualTo(originalEntry.getName())) {
                        if (copyOnWriteArraySet == null) {
                            copyOnWriteArraySet = new CopyOnWriteArraySet<>();
                        }
                        clientConnection.getAuthenticationInfo().setAuthenticationDN(dn3);
                        copyOnWriteArraySet.add(clientConnection);
                    }
                    if (dn4 != null && dn2 != null && dn2.isSubordinateOrEqualTo(originalEntry.getName())) {
                        if (copyOnWriteArraySet2 == null) {
                            copyOnWriteArraySet2 = new CopyOnWriteArraySet<>();
                        }
                        clientConnection.getAuthenticationInfo().setAuthorizationDN(dn4);
                        copyOnWriteArraySet2.add(clientConnection);
                    }
                }
                if (dn3 != null && copyOnWriteArraySet != null) {
                    this.userMap.put(dn3, (DN) copyOnWriteArraySet);
                }
                if (dn4 != null && copyOnWriteArraySet2 != null) {
                    this.userMap.put(dn4, (DN) copyOnWriteArraySet2);
                }
            }
            return PluginResult.PostResponse.continueOperationProcessing();
        } finally {
            this.lock.writeLock().unlock();
        }
    }
}
