package org.sonatype.security.ldap.realms.persist;

import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.OutputStreamWriter;
import java.io.Reader;
import java.util.concurrent.locks.ReentrantLock;
import org.codehaus.plexus.component.annotations.Component;
import org.codehaus.plexus.component.annotations.Configuration;
import org.codehaus.plexus.component.annotations.Requirement;
import org.codehaus.plexus.util.StringUtils;
import org.codehaus.plexus.util.xml.pull.XmlPullParserException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.sonatype.guice.plexus.config.Strategies;
import org.sonatype.security.ldap.dao.LdapAuthConfiguration;
import org.sonatype.security.ldap.dao.password.PasswordEncoderManager;
import org.sonatype.security.ldap.realms.persist.model.CConnectionInfo;
import org.sonatype.security.ldap.realms.persist.model.CUserAndGroupAuthConfiguration;
import org.sonatype.security.ldap.realms.persist.model.io.xpp3.LdapConfigurationXpp3Reader;
import org.sonatype.security.ldap.realms.persist.model.io.xpp3.LdapConfigurationXpp3Writer;
import org.sonatype.security.ldap.upgrade.cipher.PlexusCipherException;
import org.sonatype.sisu.goodies.eventbus.EventBus;

@Component(role = LdapConfiguration.class, hint = "default", instantiationStrategy = Strategies.SINGLETON)
/* loaded from: input_file:WEB-INF/plugin-repository/nexus-ldap-realm-plugin-2.6.3-01/dependencies/nexus-ldap-common-2.6.3-01.jar:org/sonatype/security/ldap/realms/persist/DefaultLdapConfiguration.class */
public class DefaultLdapConfiguration implements LdapConfiguration {

    @Configuration("${application-conf}/ldap.xml")
    private File configurationFile;
    private org.sonatype.security.ldap.realms.persist.model.Configuration configuration;

    @Requirement(role = ConfigurationValidator.class)
    private ConfigurationValidator validator;

    @Requirement
    private PasswordHelper passwordHelper;

    @Requirement
    private PasswordEncoderManager passwordEncoderManager;

    @Requirement
    private EventBus eventBus;
    private final Logger logger = LoggerFactory.getLogger(getClass());
    private ReentrantLock lock = new ReentrantLock();

    protected Logger getLogger() {
        return this.logger;
    }

    @Override // org.sonatype.security.ldap.realms.persist.LdapConfiguration
    public CConnectionInfo readConnectionInfo() {
        return getConfiguration().getConnectionInfo();
    }

    @Override // org.sonatype.security.ldap.realms.persist.LdapConfiguration
    public CUserAndGroupAuthConfiguration readUserAndGroupConfiguration() {
        return getConfiguration().getUserAndGroupConfig();
    }

    @Override // org.sonatype.security.ldap.realms.persist.LdapConfiguration
    public void updateUserAndGroupConfiguration(CUserAndGroupAuthConfiguration cUserAndGroupAuthConfiguration) throws InvalidConfigurationException {
        this.lock.lock();
        try {
            ValidationResponse validateUserAndGroupAuthConfiguration = this.validator.validateUserAndGroupAuthConfiguration(null, cUserAndGroupAuthConfiguration);
            if (validateUserAndGroupAuthConfiguration.getValidationErrors().size() > 0) {
                throw new InvalidConfigurationException(validateUserAndGroupAuthConfiguration);
            }
            getConfiguration().setUserAndGroupConfig(cUserAndGroupAuthConfiguration);
            this.lock.unlock();
        } catch (Throwable th) {
            this.lock.unlock();
            throw th;
        }
    }

    @Override // org.sonatype.security.ldap.realms.persist.LdapConfiguration
    public void updateConnectionInfo(CConnectionInfo cConnectionInfo) throws InvalidConfigurationException {
        this.lock.lock();
        try {
            ValidationResponse validateConnectionInfo = this.validator.validateConnectionInfo(null, cConnectionInfo);
            if (validateConnectionInfo.getValidationErrors().size() > 0) {
                throw new InvalidConfigurationException(validateConnectionInfo);
            }
            getConfiguration().setConnectionInfo(cConnectionInfo);
            this.lock.unlock();
        } catch (Throwable th) {
            this.lock.unlock();
            throw th;
        }
    }

    @Override // org.sonatype.security.ldap.realms.persist.LdapConfiguration
    public org.sonatype.security.ldap.realms.persist.model.Configuration getConfiguration() {
        Reader reader = null;
        FileInputStream fileInputStream = null;
        try {
            try {
                this.lock.lock();
            } catch (FileNotFoundException e) {
                this.configuration = getDefaultConfiguration();
                if (0 != 0) {
                    try {
                        reader.close();
                    } catch (IOException e2) {
                    }
                }
                if (0 != 0) {
                    try {
                        fileInputStream.close();
                    } catch (IOException e3) {
                    }
                }
                this.lock.unlock();
            } catch (IOException e4) {
                getLogger().error("IOException while retrieving configuration file", (Throwable) e4);
                if (0 != 0) {
                    try {
                        reader.close();
                    } catch (IOException e5) {
                    }
                }
                if (0 != 0) {
                    try {
                        fileInputStream.close();
                    } catch (IOException e6) {
                    }
                }
                this.lock.unlock();
            } catch (XmlPullParserException e7) {
                getLogger().error("Invalid XML Configuration", (Throwable) e7);
                if (0 != 0) {
                    try {
                        reader.close();
                    } catch (IOException e8) {
                    }
                }
                if (0 != 0) {
                    try {
                        fileInputStream.close();
                    } catch (IOException e9) {
                    }
                }
                this.lock.unlock();
            }
            if (this.configuration != null) {
                org.sonatype.security.ldap.realms.persist.model.Configuration configuration = this.configuration;
                if (0 != 0) {
                    try {
                        reader.close();
                    } catch (IOException e10) {
                    }
                }
                if (0 != 0) {
                    try {
                        fileInputStream.close();
                    } catch (IOException e11) {
                    }
                }
                this.lock.unlock();
                return configuration;
            }
            FileInputStream fileInputStream2 = new FileInputStream(this.configurationFile);
            LdapConfigurationXpp3Reader ldapConfigurationXpp3Reader = new LdapConfigurationXpp3Reader();
            InputStreamReader inputStreamReader = new InputStreamReader(fileInputStream2);
            this.configuration = ldapConfigurationXpp3Reader.read(inputStreamReader);
            if (this.validator.validateModel(new ValidationRequest(this.configuration)).getValidationErrors().size() > 0) {
                this.configuration = new org.sonatype.security.ldap.realms.persist.model.Configuration();
            }
            if (this.configuration.getConnectionInfo() != null && StringUtils.isNotEmpty(this.configuration.getConnectionInfo().getSystemPassword())) {
                try {
                    this.configuration.getConnectionInfo().setSystemPassword(this.passwordHelper.decrypt(this.configuration.getConnectionInfo().getSystemPassword()));
                } catch (PlexusCipherException e12) {
                    getLogger().error("Failed to decrypt password, assuming the password in file: '" + this.configurationFile.getAbsolutePath() + "' is clear text.", (Throwable) e12);
                }
            }
            if (inputStreamReader != null) {
                try {
                    inputStreamReader.close();
                } catch (IOException e13) {
                }
            }
            if (fileInputStream2 != null) {
                try {
                    fileInputStream2.close();
                } catch (IOException e14) {
                }
            }
            this.lock.unlock();
            return this.configuration;
        } catch (Throwable th) {
            if (0 != 0) {
                try {
                    reader.close();
                } catch (IOException e15) {
                }
            }
            if (0 != 0) {
                try {
                    fileInputStream.close();
                } catch (IOException e16) {
                }
            }
            this.lock.unlock();
            throw th;
        }
    }

    @Override // org.sonatype.security.ldap.realms.persist.LdapConfiguration
    public void save() {
        this.lock.lock();
        this.configurationFile.getParentFile().mkdirs();
        OutputStreamWriter outputStreamWriter = null;
        try {
            try {
                String str = null;
                if (this.configuration.getConnectionInfo() != null && StringUtils.isNotEmpty(this.configuration.getConnectionInfo().getSystemPassword())) {
                    try {
                        str = this.configuration.getConnectionInfo().getSystemPassword();
                        this.configuration.getConnectionInfo().setSystemPassword(this.passwordHelper.encrypt(str));
                    } catch (PlexusCipherException e) {
                        getLogger().error("Failed to encrypt password while storing configuration file", (Throwable) e);
                    }
                }
                outputStreamWriter = new OutputStreamWriter(new FileOutputStream(this.configurationFile));
                new LdapConfigurationXpp3Writer().write(outputStreamWriter, this.configuration);
                if (this.configuration.getConnectionInfo() != null) {
                    this.configuration.getConnectionInfo().setSystemPassword(str);
                }
                if (outputStreamWriter != null) {
                    try {
                        outputStreamWriter.flush();
                        outputStreamWriter.close();
                    } catch (IOException e2) {
                    }
                }
                this.lock.unlock();
            } catch (IOException e3) {
                getLogger().error("IOException while storing configuration file", (Throwable) e3);
                if (outputStreamWriter != null) {
                    try {
                        outputStreamWriter.flush();
                        outputStreamWriter.close();
                    } catch (IOException e4) {
                    }
                }
                this.lock.unlock();
            }
            this.eventBus.post(new LdapClearCacheEvent(null));
        } catch (Throwable th) {
            if (outputStreamWriter != null) {
                try {
                    outputStreamWriter.flush();
                    outputStreamWriter.close();
                } catch (IOException e5) {
                }
            }
            this.lock.unlock();
            throw th;
        }
    }

    @Override // org.sonatype.security.ldap.realms.persist.LdapConfiguration
    public void clearCache() {
        this.configuration = null;
        this.eventBus.post(new LdapClearCacheEvent(null));
    }

    private org.sonatype.security.ldap.realms.persist.model.Configuration getDefaultConfiguration() {
        org.sonatype.security.ldap.realms.persist.model.Configuration configuration;
        InputStreamReader inputStreamReader = null;
        InputStream inputStream = null;
        try {
            try {
                inputStream = getClass().getResourceAsStream("/META-INF/realms/ldap.xml");
                LdapConfigurationXpp3Reader ldapConfigurationXpp3Reader = new LdapConfigurationXpp3Reader();
                inputStreamReader = new InputStreamReader(inputStream);
                configuration = ldapConfigurationXpp3Reader.read(inputStreamReader);
                if (inputStreamReader != null) {
                    try {
                        inputStreamReader.close();
                    } catch (IOException e) {
                    }
                }
                if (inputStream != null) {
                    try {
                        inputStream.close();
                    } catch (IOException e2) {
                    }
                }
            } catch (Throwable th) {
                if (inputStreamReader != null) {
                    try {
                        inputStreamReader.close();
                    } catch (IOException e3) {
                    }
                }
                if (inputStream != null) {
                    try {
                        inputStream.close();
                    } catch (IOException e4) {
                    }
                }
                throw th;
            }
        } catch (IOException e5) {
            getLogger().error("Failed to read default LDAP Realm configuration.  This may be corrected while the application is running.", (Throwable) e5);
            configuration = new org.sonatype.security.ldap.realms.persist.model.Configuration();
            if (inputStreamReader != null) {
                try {
                    inputStreamReader.close();
                } catch (IOException e6) {
                }
            }
            if (inputStream != null) {
                try {
                    inputStream.close();
                } catch (IOException e7) {
                }
            }
        } catch (XmlPullParserException e8) {
            getLogger().error("Failed to read default LDAP Realm configuration.  This may be corrected while the application is running.", (Throwable) e8);
            configuration = new org.sonatype.security.ldap.realms.persist.model.Configuration();
            if (inputStreamReader != null) {
                try {
                    inputStreamReader.close();
                } catch (IOException e9) {
                }
            }
            if (inputStream != null) {
                try {
                    inputStream.close();
                } catch (IOException e10) {
                }
            }
        }
        return configuration;
    }

    @Override // org.sonatype.security.ldap.realms.persist.LdapConfiguration
    public LdapAuthConfiguration getLdapAuthConfiguration() {
        CUserAndGroupAuthConfiguration readUserAndGroupConfiguration = readUserAndGroupConfiguration();
        LdapAuthConfiguration ldapAuthConfiguration = new LdapAuthConfiguration();
        ldapAuthConfiguration.setEmailAddressAttribute(readUserAndGroupConfiguration.getEmailAddressAttribute());
        ldapAuthConfiguration.setUserBaseDn(StringUtils.defaultString(readUserAndGroupConfiguration.getUserBaseDn(), ""));
        ldapAuthConfiguration.setUserIdAttribute(readUserAndGroupConfiguration.getUserIdAttribute());
        ldapAuthConfiguration.setUserObjectClass(readUserAndGroupConfiguration.getUserObjectClass());
        ldapAuthConfiguration.setPasswordAttribute(readUserAndGroupConfiguration.getUserPasswordAttribute());
        ldapAuthConfiguration.setUserRealNameAttribute(readUserAndGroupConfiguration.getUserRealNameAttribute());
        ldapAuthConfiguration.setGroupBaseDn(StringUtils.defaultString(readUserAndGroupConfiguration.getGroupBaseDn(), ""));
        ldapAuthConfiguration.setGroupIdAttribute(readUserAndGroupConfiguration.getGroupIdAttribute());
        ldapAuthConfiguration.setGroupMemberAttribute(readUserAndGroupConfiguration.getGroupMemberAttribute());
        ldapAuthConfiguration.setGroupMemberFormat(readUserAndGroupConfiguration.getGroupMemberFormat());
        ldapAuthConfiguration.setGroupObjectClass(readUserAndGroupConfiguration.getGroupObjectClass());
        ldapAuthConfiguration.setUserSubtree(readUserAndGroupConfiguration.isUserSubtree());
        ldapAuthConfiguration.setGroupSubtree(readUserAndGroupConfiguration.isGroupSubtree());
        ldapAuthConfiguration.setUserMemberOfAttribute(readUserAndGroupConfiguration.getUserMemberOfAttribute());
        ldapAuthConfiguration.setLdapGroupsAsRoles(readUserAndGroupConfiguration.isLdapGroupsAsRoles());
        ldapAuthConfiguration.setLdapFilter(readUserAndGroupConfiguration.getLdapFilter());
        return ldapAuthConfiguration;
    }
}
