package org.apache.directory.server.kerberos.shared.store.operations;

import java.text.ParseException;
import javax.naming.Name;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attributes;
import javax.naming.directory.DirContext;
import javax.naming.directory.InvalidAttributeValueException;
import javax.naming.directory.SearchResult;
import javax.security.auth.kerberos.KerberosPrincipal;
import org.apache.directory.server.kerberos.shared.messages.value.KerberosTime;
import org.apache.directory.server.kerberos.shared.messages.value.SamType;
import org.apache.directory.server.kerberos.shared.store.KerberosAttribute;
import org.apache.directory.server.kerberos.shared.store.PrincipalStoreEntry;
import org.apache.directory.server.kerberos.shared.store.PrincipalStoreEntryModifier;
import org.apache.directory.server.protocol.shared.store.ContextOperation;
import org.apache.directory.shared.ldap.message.LockableAttributeImpl;
import org.apache.directory.shared.ldap.message.LockableAttributesImpl;

/* loaded from: input_file:WEB-INF/lib/apacheds-kerberos-shared-1.0.2.jar:org/apache/directory/server/kerberos/shared/store/operations/GetPrincipal.class */
public class GetPrincipal implements ContextOperation {
    private static final long serialVersionUID = 4598007518413451945L;
    private final KerberosPrincipal principal;

    public GetPrincipal(KerberosPrincipal kerberosPrincipal) {
        this.principal = kerberosPrincipal;
    }

    @Override // org.apache.directory.server.protocol.shared.store.ContextOperation
    public Object execute(DirContext dirContext, Name name) {
        if (this.principal == null) {
            return null;
        }
        String[] strArr = {"krb5PrincipalName", "krb5KeyVersionNumber", "krb5EncryptionType", "krb5Key", "apacheSamType", KerberosAttribute.ACCOUNT_DISABLED, KerberosAttribute.ACCOUNT_EXPIRATION_TIME, KerberosAttribute.ACCOUNT_LOCKEDOUT};
        LockableAttributesImpl lockableAttributesImpl = new LockableAttributesImpl(false);
        lockableAttributesImpl.put(new LockableAttributeImpl("krb5PrincipalName", this.principal.getName()));
        PrincipalStoreEntry principalStoreEntry = null;
        try {
            NamingEnumeration search = dirContext.search("", lockableAttributesImpl, strArr);
            if (search.hasMore()) {
                Attributes attributes = ((SearchResult) search.next()).getAttributes();
                if (attributes == null) {
                    return null;
                }
                principalStoreEntry = getEntry(attributes);
            }
            return principalStoreEntry;
        } catch (NamingException e) {
            return null;
        }
    }

    private PrincipalStoreEntry getEntry(Attributes attributes) throws NamingException {
        PrincipalStoreEntryModifier principalStoreEntryModifier = new PrincipalStoreEntryModifier();
        String str = (String) attributes.get("krb5PrincipalName").get();
        String str2 = (String) attributes.get("krb5EncryptionType").get();
        String str3 = (String) attributes.get("krb5KeyVersionNumber").get();
        if (attributes.get(KerberosAttribute.ACCOUNT_DISABLED) != null) {
            principalStoreEntryModifier.setDisabled(Boolean.getBoolean(((String) attributes.get(KerberosAttribute.ACCOUNT_DISABLED).get()).toLowerCase()));
        }
        if (attributes.get(KerberosAttribute.ACCOUNT_LOCKEDOUT) != null) {
            principalStoreEntryModifier.setLockedOut(Boolean.getBoolean(((String) attributes.get(KerberosAttribute.ACCOUNT_LOCKEDOUT).get()).toLowerCase()));
        }
        if (attributes.get(KerberosAttribute.ACCOUNT_EXPIRATION_TIME) != null) {
            String str4 = (String) attributes.get(KerberosAttribute.ACCOUNT_EXPIRATION_TIME).get();
            try {
                principalStoreEntryModifier.setExpiration(KerberosTime.getTime(str4));
            } catch (ParseException e) {
                throw new InvalidAttributeValueException(new StringBuffer().append("Account expiration attribute krb5AccountExpirationTime contained an invalid value for generalizedTime: ").append(str4).toString());
            }
        }
        if (attributes.get("apacheSamType") != null) {
            principalStoreEntryModifier.setSamType(SamType.getTypeByOrdinal(Integer.parseInt((String) attributes.get("apacheSamType").get())));
        }
        Object obj = attributes.get("krb5Key").get();
        if (obj instanceof String) {
            throw new NamingException("JNDI should not return a string for the kerberos key: JNDI property java.naming.ldap.attributes.binary must include the krb5key attribute.");
        }
        principalStoreEntryModifier.setKey((byte[]) obj);
        principalStoreEntryModifier.setPrincipal(new KerberosPrincipal(str));
        principalStoreEntryModifier.setEncryptionType(Integer.parseInt(str2));
        principalStoreEntryModifier.setKeyVersionNumber(Integer.parseInt(str3));
        return principalStoreEntryModifier.getEntry();
    }
}
