package org.opends.server.core;

import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import org.forgerock.i18n.LocalizableMessage;
import org.forgerock.i18n.LocalizedIllegalArgumentException;
import org.forgerock.i18n.slf4j.LocalizedLogger;
import org.forgerock.opendj.ldap.ByteString;
import org.forgerock.opendj.ldap.DN;
import org.forgerock.opendj.ldap.ResultCode;
import org.opends.messages.CoreMessages;
import org.opends.server.api.ClientConnection;
import org.opends.server.loggers.AccessLogger;
import org.opends.server.types.AbstractOperation;
import org.opends.server.types.AuthenticationInfo;
import org.opends.server.types.AuthenticationType;
import org.opends.server.types.CancelRequest;
import org.opends.server.types.CancelResult;
import org.opends.server.types.CanceledOperationException;
import org.opends.server.types.Control;
import org.opends.server.types.Entry;
import org.opends.server.types.Operation;
import org.opends.server.types.OperationType;
import org.opends.server.types.operation.PreParseBindOperation;
import org.opends.server.workflowelement.localbackend.LocalBackendBindOperation;
import org.opends.server.workflowelement.localbackend.LocalBackendWorkflowElement;

/* JADX WARN: Classes with same name are omitted:
  input_file:embedded-opendj/opendj.zip:opendj/lib/opendj.jar:org/opends/server/core/BindOperationBasis.class
 */
/* loaded from: input_file:embedded-opendj/opendj.zip:opendj/lib/org.openidentityplatform.opendj.opendj-server-legacy.jar:org/opends/server/core/BindOperationBasis.class */
public class BindOperationBasis extends AbstractOperation implements BindOperation, PreParseBindOperation {
    private static final LocalizedLogger logger = LocalizedLogger.getLoggerForThisClass();
    private ByteString saslCredentials;
    private ByteString serverSASLCredentials;
    private AuthenticationInfo authInfo;
    private AuthenticationType authType;
    private ByteString rawBindDN;
    private ByteString simplePassword;
    private DN bindDN;
    private DN userEntryDN;
    private Entry saslAuthUserEntry;
    private final List<Control> responseControls;
    private LocalizableMessage authFailureReason;
    private String saslMechanism;
    private String protocolVersion;

    public BindOperationBasis(ClientConnection clientConnection, long j, int i, List<Control> list, String str, ByteString byteString, ByteString byteString2) {
        super(clientConnection, j, i, list);
        this.responseControls = new ArrayList(0);
        this.protocolVersion = str;
        setRawBindDN(byteString);
        setSimplePassword(byteString2);
        this.cancelResult = getBindCancelResult();
    }

    public BindOperationBasis(ClientConnection clientConnection, long j, int i, List<Control> list, String str, ByteString byteString, String str2, ByteString byteString2) {
        super(clientConnection, j, i, list);
        this.responseControls = new ArrayList(0);
        this.protocolVersion = str;
        this.authType = AuthenticationType.SASL;
        this.saslMechanism = str2;
        this.saslCredentials = byteString2;
        setRawBindDN(byteString);
        this.cancelResult = getBindCancelResult();
    }

    public BindOperationBasis(ClientConnection clientConnection, long j, int i, List<Control> list, String str, DN dn, ByteString byteString) {
        super(clientConnection, j, i, list);
        this.responseControls = new ArrayList(0);
        this.protocolVersion = str;
        this.bindDN = dn;
        this.rawBindDN = computeRawBindDN(dn);
        setSimplePassword(byteString);
        this.cancelResult = getBindCancelResult();
    }

    public BindOperationBasis(ClientConnection clientConnection, long j, int i, List<Control> list, String str, DN dn, String str2, ByteString byteString) {
        super(clientConnection, j, i, list);
        this.responseControls = new ArrayList(0);
        this.protocolVersion = str;
        this.authType = AuthenticationType.SASL;
        this.bindDN = dn;
        this.saslMechanism = str2;
        this.saslCredentials = byteString;
        this.rawBindDN = computeRawBindDN(dn);
        this.cancelResult = getBindCancelResult();
    }

    private ByteString computeRawBindDN(DN dn) {
        return dn != null ? ByteString.valueOfUtf8(dn.toString()) : ByteString.empty();
    }

    private CancelResult getBindCancelResult() {
        return new CancelResult(ResultCode.CANNOT_CANCEL, CoreMessages.ERR_CANNOT_CANCEL_BIND.get());
    }

    @Override // org.opends.server.types.Operation
    public DN getProxiedAuthorizationDN() {
        return null;
    }

    @Override // org.opends.server.types.Operation
    public void setProxiedAuthorizationDN(DN dn) {
    }

    @Override // org.opends.server.core.BindOperation, org.opends.server.types.operation.PreParseBindOperation
    public final AuthenticationType getAuthenticationType() {
        return this.authType;
    }

    @Override // org.opends.server.core.BindOperation, org.opends.server.types.operation.PreParseBindOperation
    public final ByteString getRawBindDN() {
        return this.rawBindDN;
    }

    @Override // org.opends.server.core.BindOperation, org.opends.server.types.operation.PreParseBindOperation
    public final void setRawBindDN(ByteString byteString) {
        if (byteString != null) {
            this.rawBindDN = byteString;
        } else {
            this.rawBindDN = ByteString.empty();
        }
        this.bindDN = null;
    }

    @Override // org.opends.server.core.BindOperation
    public final DN getBindDN() {
        try {
            if (this.bindDN == null) {
                this.bindDN = DN.valueOf(this.rawBindDN);
            }
        } catch (LocalizedIllegalArgumentException e) {
            logger.traceException(e);
            setResultCode(ResultCode.INVALID_CREDENTIALS);
            setAuthFailureReason(e.getMessageObject());
        }
        return this.bindDN;
    }

    @Override // org.opends.server.core.BindOperation, org.opends.server.types.operation.PreParseBindOperation
    public final ByteString getSimplePassword() {
        return this.simplePassword;
    }

    @Override // org.opends.server.core.BindOperation, org.opends.server.types.operation.PreParseBindOperation
    public final void setSimplePassword(ByteString byteString) {
        if (byteString != null) {
            this.simplePassword = byteString;
        } else {
            this.simplePassword = ByteString.empty();
        }
        this.authType = AuthenticationType.SIMPLE;
        this.saslMechanism = null;
        this.saslCredentials = null;
    }

    @Override // org.opends.server.core.BindOperation, org.opends.server.types.operation.PreParseBindOperation
    public final String getSASLMechanism() {
        return this.saslMechanism;
    }

    @Override // org.opends.server.core.BindOperation, org.opends.server.types.operation.PreParseBindOperation
    public final ByteString getSASLCredentials() {
        return this.saslCredentials;
    }

    @Override // org.opends.server.core.BindOperation, org.opends.server.types.operation.PreParseBindOperation
    public final void setSASLCredentials(String str, ByteString byteString) {
        this.saslMechanism = str;
        this.saslCredentials = byteString;
        this.authType = AuthenticationType.SASL;
        this.simplePassword = null;
    }

    @Override // org.opends.server.core.BindOperation
    public final ByteString getServerSASLCredentials() {
        return this.serverSASLCredentials;
    }

    @Override // org.opends.server.core.BindOperation, org.opends.server.types.operation.PreParseBindOperation
    public final void setServerSASLCredentials(ByteString byteString) {
        this.serverSASLCredentials = byteString;
    }

    @Override // org.opends.server.core.BindOperation
    public final Entry getSASLAuthUserEntry() {
        return this.saslAuthUserEntry;
    }

    @Override // org.opends.server.core.BindOperation
    public final void setSASLAuthUserEntry(Entry entry) {
        this.saslAuthUserEntry = entry;
    }

    @Override // org.opends.server.core.BindOperation
    public final LocalizableMessage getAuthFailureReason() {
        return this.authFailureReason;
    }

    @Override // org.opends.server.core.BindOperation, org.opends.server.types.operation.PreParseBindOperation
    public final void setAuthFailureReason(LocalizableMessage localizableMessage) {
        if (DirectoryServer.getCoreConfigManager().isReturnBindErrorMessages()) {
            appendErrorMessage(localizableMessage);
        } else {
            this.authFailureReason = localizableMessage;
        }
    }

    @Override // org.opends.server.core.BindOperation
    public final DN getUserEntryDN() {
        return this.userEntryDN;
    }

    @Override // org.opends.server.core.BindOperation
    public final AuthenticationInfo getAuthenticationInfo() {
        return this.authInfo;
    }

    @Override // org.opends.server.core.BindOperation
    public final void setAuthenticationInfo(AuthenticationInfo authenticationInfo) {
        this.authInfo = authenticationInfo;
    }

    @Override // org.opends.server.types.Operation, org.opends.server.types.operation.PluginOperation
    public final OperationType getOperationType() {
        return OperationType.BIND;
    }

    @Override // org.opends.server.types.Operation, org.opends.server.types.operation.PluginOperation
    public final List<Control> getResponseControls() {
        return this.responseControls;
    }

    @Override // org.opends.server.types.Operation, org.opends.server.types.operation.PreParseOperation, org.opends.server.types.operation.PostOperationOperation
    public final void addResponseControl(Control control) {
        this.responseControls.add(control);
    }

    @Override // org.opends.server.types.Operation, org.opends.server.types.operation.PreParseOperation, org.opends.server.types.operation.PostOperationOperation
    public final void removeResponseControl(Control control) {
        this.responseControls.remove(control);
    }

    @Override // org.opends.server.types.Operation, org.opends.server.types.operation.PluginOperation
    public final void toString(StringBuilder sb) {
        sb.append("BindOperation(connID=");
        sb.append(this.clientConnection.getConnectionID());
        sb.append(", opID=");
        sb.append(this.operationID);
        sb.append(", protocol=\"");
        sb.append(this.clientConnection.getProtocol());
        sb.append(" ");
        sb.append(this.protocolVersion);
        sb.append(", dn=");
        sb.append(this.rawBindDN);
        sb.append(", authType=");
        sb.append(this.authType);
        sb.append(")");
    }

    @Override // org.opends.server.core.BindOperation
    public void setUserEntryDN(DN dn) {
        this.userEntryDN = dn;
    }

    @Override // org.opends.server.core.BindOperation, org.opends.server.types.operation.PreParseBindOperation
    public String getProtocolVersion() {
        return this.protocolVersion;
    }

    @Override // org.opends.server.core.BindOperation, org.opends.server.types.operation.PreParseBindOperation
    public void setProtocolVersion(String str) {
        this.protocolVersion = str;
    }

    @Override // org.opends.server.types.Operation, java.lang.Runnable
    public final void run() {
        setResultCode(ResultCode.UNDEFINED);
        setProcessingStartTime();
        AccessLogger.logBindRequest(this);
        ClientConnection clientConnection = getClientConnection();
        clientConnection.setUnauthenticated();
        CancelRequest cancelRequest = new CancelRequest(true, CoreMessages.INFO_CANCELED_BY_BIND_REQUEST.get());
        clientConnection.cancelAllOperationsExcept(cancelRequest, getMessageID());
        boolean z = false;
        try {
            try {
                if (!processOperationResult(DirectoryServer.getPluginConfigManager().invokePreParseBindPlugins(this))) {
                    setProcessingStopTime();
                    AccessLogger.logBindResponse(this);
                    if (getResultCode() != ResultCode.SASL_BIND_IN_PROGRESS) {
                        clientConnection.finishSaslBind();
                    }
                    clientConnection.finishBind();
                    clientConnection.sendResponse(this);
                    invokePostResponsePlugins(false);
                    return;
                }
                DN bindDN = getBindDN();
                if (bindDN == null) {
                    setProcessingStopTime();
                    AccessLogger.logBindResponse(this);
                    if (getResultCode() != ResultCode.SASL_BIND_IN_PROGRESS) {
                        clientConnection.finishSaslBind();
                    }
                    clientConnection.finishBind();
                    clientConnection.sendResponse(this);
                    invokePostResponsePlugins(false);
                    return;
                }
                switch (getAuthenticationType()) {
                    case SIMPLE:
                        DN actualRootBindDN = DirectoryServer.getActualRootBindDN(bindDN);
                        if (actualRootBindDN != null) {
                            bindDN = actualRootBindDN;
                            break;
                        }
                        break;
                }
                z = LocalBackendWorkflowElement.execute(this, bindDN);
                setProcessingStopTime();
                AccessLogger.logBindResponse(this);
                if (getResultCode() != ResultCode.SASL_BIND_IN_PROGRESS) {
                    clientConnection.finishSaslBind();
                }
                clientConnection.finishBind();
                clientConnection.sendResponse(this);
                invokePostResponsePlugins(z);
            } catch (CanceledOperationException e) {
                logger.traceException(e);
                setResultCode(ResultCode.CANCELLED);
                appendErrorMessage(cancelRequest.getCancelReason());
                setProcessingStopTime();
                AccessLogger.logBindResponse(this);
                if (getResultCode() != ResultCode.SASL_BIND_IN_PROGRESS) {
                    clientConnection.finishSaslBind();
                }
                clientConnection.finishBind();
                clientConnection.sendResponse(this);
                invokePostResponsePlugins(z);
            }
        } catch (Throwable th) {
            setProcessingStopTime();
            AccessLogger.logBindResponse(this);
            if (getResultCode() != ResultCode.SASL_BIND_IN_PROGRESS) {
                clientConnection.finishSaslBind();
            }
            clientConnection.finishBind();
            clientConnection.sendResponse(this);
            invokePostResponsePlugins(z);
            throw th;
        }
    }

    private void invokePostResponsePlugins(boolean z) {
        List list;
        if (!z || (list = (List) getAttachment(Operation.LOCALBACKENDOPERATIONS)) == null) {
            return;
        }
        Iterator it = list.iterator();
        while (it.hasNext()) {
            DirectoryServer.getPluginConfigManager().invokePostResponseBindPlugins((LocalBackendBindOperation) it.next());
        }
    }

    @Override // org.opends.server.types.AbstractOperation
    public void updateOperationErrMsgAndResCode() {
        LocalizableMessage localizableMessage = CoreMessages.ERR_BIND_OPERATION_UNKNOWN_USER.get();
        setResultCode(ResultCode.INVALID_CREDENTIALS);
        setAuthFailureReason(localizableMessage);
    }
}
