package org.dataone.cn.ldap;

import java.io.IOException;
import java.util.Hashtable;
import java.util.concurrent.ConcurrentHashMap;
import javax.naming.CommunicationException;
import javax.naming.NamingException;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import javax.naming.event.EventDirContext;
import javax.naming.ldap.Control;
import javax.naming.ldap.InitialLdapContext;
import javax.naming.ldap.StartTlsRequest;
import javax.naming.ldap.StartTlsResponse;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.commons.pool2.BasePooledObjectFactory;
import org.apache.commons.pool2.PooledObject;
import org.apache.commons.pool2.impl.DefaultPooledObject;
import org.apache.http.conn.ssl.AllowAllHostnameVerifier;
import org.dataone.configuration.Settings;

/* loaded from: input_file:org/dataone/cn/ldap/DirContextPooledObjectFactory.class */
public class DirContextPooledObjectFactory extends BasePooledObjectFactory<DirContext> {
    protected String server = Settings.getConfiguration().getString("cn.ldap.server");
    protected String admin = Settings.getConfiguration().getString("cn.ldap.admin");
    protected String password = Settings.getConfiguration().getString("cn.ldap.password");
    protected boolean useTLS = Boolean.parseBoolean(Settings.getConfiguration().getString("cn.ldap.useTLS"));
    public static Log log = LogFactory.getLog(DirContextPooledObjectFactory.class);
    private static ConcurrentHashMap<DirContext, StartTlsResponse> tlsHashMap = new ConcurrentHashMap<>();

    /* renamed from: create, reason: merged with bridge method [inline-methods] */
    public DirContext m25create() throws Exception {
        DirContext defaultContext;
        log.info("creating new context");
        if (this.useTLS) {
            try {
                defaultContext = getSecureContext();
            } catch (Throwable th) {
                log.error("Could not set up TLS connection, using non-secure communication", th);
                defaultContext = getDefaultContext();
            }
        } else {
            defaultContext = getDefaultContext();
        }
        ((EventDirContext) defaultContext.lookup("")).addNamingListener("", 1, new DirContextUnsolicitedNotificationListener(defaultContext));
        return defaultContext;
    }

    private DirContext getDefaultContext() throws NamingException {
        Hashtable hashtable = new Hashtable();
        hashtable.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
        hashtable.put("java.naming.provider.url", this.server);
        hashtable.put("java.naming.security.authentication", "simple");
        hashtable.put("java.naming.security.principal", this.admin);
        hashtable.put("java.naming.security.credentials", this.password);
        hashtable.put("com.sun.jndi.ldap.read.timeout", "1000");
        hashtable.put("com.sun.jndi.ldap.connect.timeout", "1000");
        hashtable.put("com.sun.jndi.ldap.connect.pool", "false");
        return new InitialDirContext(hashtable);
    }

    private DirContext getSecureContext() throws NamingException, IOException {
        Hashtable hashtable = new Hashtable();
        hashtable.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
        hashtable.put("java.naming.provider.url", this.server);
        DirContext initialLdapContext = new InitialLdapContext(hashtable, (Control[]) null);
        StartTlsResponse extendedOperation = initialLdapContext.extendedOperation(new StartTlsRequest());
        if (this.server.contains("localhost")) {
            extendedOperation.setHostnameVerifier(new AllowAllHostnameVerifier());
        }
        extendedOperation.negotiate();
        initialLdapContext.addToEnvironment("java.naming.security.authentication", "simple");
        initialLdapContext.addToEnvironment("java.naming.security.principal", this.admin);
        initialLdapContext.addToEnvironment("java.naming.security.credentials", this.password);
        tlsHashMap.put(initialLdapContext, extendedOperation);
        return initialLdapContext;
    }

    public PooledObject<DirContext> wrap(DirContext dirContext) {
        return new DefaultPooledObject(dirContext);
    }

    public boolean validateObject(PooledObject<DirContext> pooledObject) {
        log.info(((DirContext) pooledObject.getObject()).toString() + " has a state of " + pooledObject.getState().name());
        try {
            ((DirContext) pooledObject.getObject()).getNameInNamespace();
            return super.validateObject(pooledObject);
        } catch (NamingException e) {
            log.error(e, e);
            return false;
        }
    }

    public void destroyObject(PooledObject<DirContext> pooledObject) throws Exception {
        StartTlsResponse startTlsResponse;
        log.info("Destroying context");
        DirContext dirContext = (DirContext) pooledObject.getObject();
        if (tlsHashMap.containsKey(dirContext) && (startTlsResponse = tlsHashMap.get(dirContext)) != null) {
            try {
                startTlsResponse.close();
            } catch (Exception e) {
                log.error(e.getMessage(), e);
            }
        }
        try {
            ((DirContext) pooledObject.getObject()).close();
        } catch (Exception e2) {
            log.error(e2.getMessage(), e2);
            throw e2;
        } catch (NamingException e3) {
            if (!(e3 instanceof CommunicationException)) {
                log.error(e3.getMessage(), e3);
                throw e3;
            }
            log.warn(e3.getMessage());
        }
        super.destroyObject(pooledObject);
    }
}
