package net.savignano.snotify.atlassian.common.security.access.pgp;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.List;
import javax.naming.NameNotFoundException;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.DirContext;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import net.savignano.snotify.atlassian.common.Constants;
import net.savignano.snotify.atlassian.common.connector.LdapConnector;
import net.savignano.snotify.atlassian.common.enums.ECryptographyType;
import net.savignano.snotify.atlassian.common.enums.EKeySource;
import net.savignano.snotify.atlassian.common.enums.EKeyValidity;
import net.savignano.snotify.atlassian.common.info.InfoData;
import net.savignano.snotify.atlassian.common.security.access.AKeyLoader;
import net.savignano.snotify.atlassian.common.security.key.publicly.SnotifyPgpPublicKey;
import net.savignano.snotify.atlassian.common.util.PgpUtil;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:net/savignano/snotify/atlassian/common/security/access/pgp/PgpLdapLoader.class */
public class PgpLdapLoader extends AKeyLoader<SnotifyPgpPublicKey> {
    private static final Logger log = LoggerFactory.getLogger(PgpLdapLoader.class);
    public static final int INFO_NO_EMAIL = 200;
    public static final int INFO_LDAP_CONNECTED = 201;
    public static final int INFO_LDAP_DISCONNECTED = 202;
    public static final int INFO_LDAP_CONNECTION_ERROR = 203;
    public static final int INFO_SERVER_INFO = 204;
    public static final int INFO_SERVER_INFO_NOT_AVAILABLE = 205;
    public static final int INFO_EMAIL_FOUND = 206;
    public static final int INFO_EMAIL_NOT_FOUND = 207;
    private static final String PGP_KEY_SERVER_DN = "cn=PGPServerInfo";
    private static final String PGP_KEY_DN_FIELD = "pgpBaseKeySpaceDN";
    private static final String PGP_SOFTWARE_FIELD = "pgpSoftware";
    private static final String PGP_USER_ID_FIELD = "pgpUserId";
    private static final String PGP_KEY_FIELD = "pgpKey";
    private static final String PGP_KEY_LEGACY_FIELD = "pgpKeyV2";
    private static final String PGP_DISABLED_FIELD = "pgpDisabled";
    private static final String PGP_REVOKED_FIELD = "pgpRevoked";
    private final LdapConnector connector;
    private String email;

    public PgpLdapLoader(LdapConnector ldapConnector) {
        this(ldapConnector, null);
    }

    public PgpLdapLoader(LdapConnector ldapConnector, String str) {
        this.connector = ldapConnector;
        this.email = str;
        if (ldapConnector == null) {
            throw new IllegalArgumentException("LDAP connector must not be null.");
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    /* JADX WARN: Can't rename method to resolve collision */
    @Override // net.savignano.snotify.atlassian.common.security.access.AKeyLoader
    public SnotifyPgpPublicKey loadInternalKey() throws Exception {
        if (getEmail() == null) {
            log.warn("No email given to look up PGP key for in LDAP.");
            getInfoDataManager().send(new InfoData(200, new Object[0]));
            return getValidityKey(EKeyValidity.ERROR);
        }
        log.info("Looking up PGP key for email <{}> in LDAP.", getEmail());
        try {
            try {
                log.debug("Connecting to LDAP server: {}", this.connector.getLdapUrl());
                this.connector.connect(createEnvironment());
                getInfoDataManager().send(new InfoData(201, this.connector.getLdapUrl()));
                try {
                    SnotifyPgpPublicKey key = getKey(getKeyAttributes(this.connector.getContext()));
                    log.info("Key for <{}> in LDAP: {}", getEmail(), key);
                    log.debug("Disconnecting from LDAP server.");
                    getInfoDataManager().send(new InfoData(202, this.connector.getLdapUrl()));
                    this.connector.disconnect();
                    return key;
                } catch (NamingException e) {
                    throw new Exception("Error retrieving PGP key for email " + getEmail() + " in LDAP. Error message: " + e.getMessage(), e);
                }
            } catch (Exception e2) {
                log.error("Could not connect to ldap at " + this.connector.getLdapUrl() + " because of exception. Error message: " + e2.getMessage(), e2);
                getInfoDataManager().send(new InfoData(203, this.connector.getLdapUrl(), e2));
                SnotifyPgpPublicKey validityKey = getValidityKey(EKeyValidity.ERROR);
                log.debug("Disconnecting from LDAP server.");
                getInfoDataManager().send(new InfoData(202, this.connector.getLdapUrl()));
                this.connector.disconnect();
                return validityKey;
            }
        } catch (Throwable th) {
            log.debug("Disconnecting from LDAP server.");
            getInfoDataManager().send(new InfoData(202, this.connector.getLdapUrl()));
            this.connector.disconnect();
            throw th;
        }
    }

    private Hashtable<String, String> createEnvironment() {
        return new Hashtable<>();
    }

    private List<Attribute> getKeyAttributes(DirContext dirContext) throws NamingException {
        String pgpKeyDn = getPgpKeyDn(dirContext);
        SearchControls searchControls = new SearchControls(2, 0L, 10000, new String[]{PGP_KEY_FIELD, PGP_KEY_LEGACY_FIELD, PGP_DISABLED_FIELD}, false, false);
        String str = "(&(pgpUserId=*<" + getEmail() + ">)(" + PGP_DISABLED_FIELD + "=0)(" + PGP_REVOKED_FIELD + "=0))";
        log.debug("Used filter: {}", str);
        ArrayList arrayList = new ArrayList();
        NamingEnumeration search = dirContext.search(pgpKeyDn, str, searchControls);
        while (search.hasMore()) {
            SearchResult searchResult = (SearchResult) search.next();
            log.debug("Found PGP key at: {}", searchResult.getName());
            NamingEnumeration all = searchResult.getAttributes().getAll();
            while (all.hasMore()) {
                arrayList.add(all.next());
            }
        }
        log.debug("{} PGP key(s) found", Integer.valueOf(arrayList.size()));
        getInfoDataManager().send(new InfoData(arrayList.isEmpty() ? 207 : 206, getEmail()));
        return arrayList;
    }

    private String getPgpKeyDn(DirContext dirContext) throws NamingException {
        List<String> keyServerInfoDns = getKeyServerInfoDns(getBaseDns(dirContext));
        log.debug("Looking up PGP server info in LDAP.");
        for (String str : keyServerInfoDns) {
            log.debug("Looking up PGP server info at: {}", str);
            try {
                Attributes attributes = dirContext.getAttributes(str, new String[]{PGP_KEY_DN_FIELD, PGP_SOFTWARE_FIELD});
                log.debug("PGP server info found at: {}", str);
                String str2 = (String) attributes.get(PGP_SOFTWARE_FIELD).get();
                log.info("PGP key server software: {}", str2);
                getInfoDataManager().send(new InfoData(204, str2));
                String str3 = (String) attributes.get(PGP_KEY_DN_FIELD).get();
                log.debug("DN to search PGP keys in: {}", str3);
                return str3;
            } catch (NameNotFoundException e) {
                log.debug("Pgp server info not found at: " + str, e);
            }
        }
        getInfoDataManager().send(new InfoData(205, new Object[0]));
        throw new NamingException("No PGP Server Info found. LDAP does probably not support PGP keys.");
    }

    private List<String> getBaseDns(DirContext dirContext) throws NamingException {
        log.debug("Looking up naming contexts in LDAP.");
        Attribute attribute = dirContext.getAttributes("", new String[]{"namingContexts"}).get("namingContexts");
        ArrayList arrayList = new ArrayList(attribute.size());
        for (int i = 0; i < attribute.size(); i++) {
            String str = (String) attribute.get(i);
            log.trace("Base DN: {}", str);
            arrayList.add(str);
        }
        return arrayList;
    }

    private List<String> getKeyServerInfoDns(List<String> list) {
        if (list.contains(PGP_KEY_SERVER_DN)) {
            return Collections.singletonList(PGP_KEY_SERVER_DN);
        }
        ArrayList arrayList = new ArrayList(list.size());
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            arrayList.add("cn=PGPServerInfo," + it.next());
        }
        return arrayList;
    }

    private SnotifyPgpPublicKey getKey(List<Attribute> list) {
        SnotifyPgpPublicKey snotifyPgpPublicKey = null;
        Iterator<Attribute> it = list.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            SnotifyPgpPublicKey key = getKey(it.next());
            if (key.getKeyValidity() == EKeyValidity.VALID) {
                snotifyPgpPublicKey = key;
                break;
            }
            if (snotifyPgpPublicKey == null) {
                snotifyPgpPublicKey = key;
            } else if (key.getKeyValidity().ordinal() < snotifyPgpPublicKey.getKeyValidity().ordinal()) {
                snotifyPgpPublicKey = key;
            }
        }
        if (snotifyPgpPublicKey == null) {
            snotifyPgpPublicKey = getValidityKey(EKeyValidity.NOT_FOUND);
        }
        return snotifyPgpPublicKey;
    }

    private SnotifyPgpPublicKey getKey(Attribute attribute) {
        try {
            try {
                SnotifyPgpPublicKey snotifyPgpPublicKey = new SnotifyPgpPublicKey(PgpUtil.loadPublicKey(new ByteArrayInputStream(((String) attribute.get()).getBytes(Constants.UTF8_CHARSET))), getEmail());
                snotifyPgpPublicKey.setKeySource(getKeySource());
                return snotifyPgpPublicKey;
            } catch (IOException e) {
                log.error("Could not load PGP key. Error message: " + e.getMessage(), e);
                return getValidityKey(EKeyValidity.ERROR);
            }
        } catch (NamingException e2) {
            log.error("Could not read PGP key. Error message: " + e2.getMessage(), e2);
            return getValidityKey(EKeyValidity.ERROR);
        }
    }

    @Override // net.savignano.snotify.atlassian.common.security.access.IKeyLoader
    public EKeySource getKeySource() {
        return EKeySource.LDAP;
    }

    @Override // net.savignano.snotify.atlassian.common.security.access.IKeyLoader
    public ECryptographyType getCryptography() {
        return ECryptographyType.PGP;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    /* JADX WARN: Can't rename method to resolve collision */
    @Override // net.savignano.snotify.atlassian.common.security.access.AKeyLoader
    public SnotifyPgpPublicKey getValidityKey(EKeyValidity eKeyValidity) {
        return new SnotifyPgpPublicKey(eKeyValidity, getKeySource());
    }

    public LdapConnector getConnector() {
        return this.connector;
    }

    public String getEmail() {
        return this.email;
    }

    public void setEmail(String str) {
        this.email = str;
    }

    public String toString() {
        return "PgpVksLdapLoader [connector=" + this.connector + ", email=" + this.email + "]";
    }
}
