package jp.ikedam.jenkins.plugins.ldap_sasl;

import hudson.Extension;
import hudson.Util;
import hudson.model.Descriptor;
import hudson.util.FormValidation;
import java.io.Serializable;
import java.util.HashMap;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.naming.InvalidNameException;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.naming.ldap.LdapContext;
import javax.naming.ldap.LdapName;
import org.apache.commons.lang.StringUtils;
import org.kohsuke.stapler.DataBoundConstructor;
import org.kohsuke.stapler.QueryParameter;

/* loaded from: input_file:jp/ikedam/jenkins/plugins/ldap_sasl/SearchUserDnResolver.class */
public class SearchUserDnResolver extends UserDnResolver implements Serializable {
    private static final long serialVersionUID = -5727907170563521060L;
    private String searchBase;
    private String searchQueryTemplate;

    @Extension(ordinal = 10.0d)
    /* loaded from: input_file:jp/ikedam/jenkins/plugins/ldap_sasl/SearchUserDnResolver$DescriptorImpl.class */
    public static class DescriptorImpl extends Descriptor<UserDnResolver> {
        public String getDisplayName() {
            return Messages.SearchUserDnResolver_DisplayName();
        }

        public FormValidation doCheckSearchBase(@QueryParameter String str) {
            if (StringUtils.isBlank(str)) {
                return FormValidation.ok();
            }
            try {
                new LdapName(StringUtils.trim(str));
                return FormValidation.ok();
            } catch (InvalidNameException e) {
                return FormValidation.error(Messages.SearchUserDnResolver_SearchBase_invalid(e.getMessage()));
            }
        }

        public FormValidation doCheckSearchQueryTemplate(@QueryParameter String str) {
            return StringUtils.isBlank(str) ? FormValidation.error(Messages.SearchUserDnResolver_SearchQueryTemplate_empty()) : SearchUserDnResolver.expandUsername(str, "dummy1").equals(SearchUserDnResolver.expandUsername(str, "dummy2")) ? FormValidation.error(Messages.SearchUserDnResolver_SearchQueryTemplate_invalid("Specify \"{0}\" where to replace with the username.")) : FormValidation.ok();
        }
    }

    private Logger getLogger() {
        return Logger.getLogger(getClass().getName());
    }

    public String getSearchBase() {
        return this.searchBase;
    }

    public String getSearchQueryTemplate() {
        return this.searchQueryTemplate;
    }

    @DataBoundConstructor
    public SearchUserDnResolver(String str, String str2) {
        this.searchBase = null;
        this.searchQueryTemplate = null;
        this.searchBase = StringUtils.trim(str);
        this.searchQueryTemplate = StringUtils.trim(str2);
    }

    @Override // jp.ikedam.jenkins.plugins.ldap_sasl.UserDnResolver
    public String getUserDn(LdapContext ldapContext, String str) {
        Logger logger = getLogger();
        if (StringUtils.isBlank(getSearchQueryTemplate())) {
            logger.severe("Not configured.");
            return null;
        }
        try {
            SearchControls searchControls = new SearchControls();
            searchControls.setSearchScope(2);
            logger.fine(String.format("Searching users base=%s, username=%s", getSearchBase(), str));
            NamingEnumeration search = ldapContext.search(getSearchBase() != null ? getSearchBase() : "", expandUsername(getSearchQueryTemplate(), str), searchControls);
            if (!search.hasMore()) {
                logger.severe(String.format("User not found: %s", str));
                return null;
            }
            String nameInNamespace = ((SearchResult) search.next()).getNameInNamespace();
            if (search.hasMore()) {
                logger.severe(String.format("User found more than one: %s", str));
                return null;
            }
            search.close();
            return nameInNamespace;
        } catch (NamingException e) {
            logger.log(Level.SEVERE, "Failed to search a user", (Throwable) e);
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static String expandUsername(String str, String str2) {
        HashMap hashMap = new HashMap();
        hashMap.put("uid", str2);
        return Util.replaceMacro(str, hashMap);
    }
}
