package org.esbtools.auth.util;

import java.util.Arrays;
import java.util.Iterator;
import javax.naming.NamingException;
import javax.naming.directory.NoSuchAttributeException;
import javax.naming.ldap.LdapName;
import javax.naming.ldap.Rdn;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/esbtools/auth/util/Environment.class */
public class Environment {
    private final Logger LOGGER;
    public static final String ENVIRONMENT_SEPARATOR = ",";
    public static final String LOCATION = "l";
    public static final String OU = "ou";
    private final String environment;
    private final String allAccessOu;

    public String getEnvironment() {
        return this.environment;
    }

    public String getAllAccessOu() {
        return this.allAccessOu;
    }

    public Environment(String str) {
        this(str, null);
    }

    public Environment(String str, String str2) {
        this.LOGGER = LoggerFactory.getLogger(Environment.class);
        this.environment = str;
        this.allAccessOu = str2;
    }

    public void validate(String str) throws NamingException {
        if (StringUtils.isBlank(getEnvironment())) {
            this.LOGGER.debug("No environment configured. Skipping Environment Cert verification.");
            return;
        }
        String lDAPAttribute = getLDAPAttribute(str, OU);
        this.LOGGER.debug("OU from certificate: ", lDAPAttribute);
        String lDAPAttribute2 = getLDAPAttribute(str, LOCATION);
        this.LOGGER.debug("Location from certificate: ", lDAPAttribute2);
        if (StringUtils.isBlank(lDAPAttribute)) {
            throw new NoSuchAttributeException("No ou in dn, you may need to update your certificate: " + str);
        }
        if (getAllAccessOu() != null && getAllAccessOu().equalsIgnoreCase(StringUtils.replace(lDAPAttribute, " ", ""))) {
            this.LOGGER.debug("Skipping environment validation, user ou matches {} ", getAllAccessOu());
        } else {
            if (StringUtils.isBlank(lDAPAttribute2)) {
                throw new NoSuchAttributeException("No location in dn, you may need to update your certificate: " + str);
            }
            if (!locationMatchesEnvironment(lDAPAttribute2)) {
                throw new NoSuchAttributeException("Invalid location from dn, expected " + getEnvironment() + " but found l=" + lDAPAttribute2);
            }
        }
    }

    public String getLDAPAttribute(String str, String str2) throws NamingException {
        String str3 = new String();
        Iterator it = new LdapName(str).getRdns().iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            Rdn rdn = (Rdn) it.next();
            if (rdn.getType().equalsIgnoreCase(str2)) {
                str3 = (String) rdn.getValue();
                break;
            }
        }
        return str3;
    }

    public boolean locationMatchesEnvironment(String str) {
        Iterator it = (getEnvironment().contains(ENVIRONMENT_SEPARATOR) ? Arrays.asList(getEnvironment().split(ENVIRONMENT_SEPARATOR)) : Arrays.asList(getEnvironment())).iterator();
        while (it.hasNext()) {
            if (((String) it.next()).equalsIgnoreCase(str)) {
                return true;
            }
        }
        return false;
    }
}
