package org.ofbiz.common.login;

import java.util.Map;
import java.util.Properties;
import javax.naming.NamingException;
import javax.naming.directory.InitialDirContext;
import javax.transaction.Transaction;
import org.ofbiz.base.crypto.HashCrypt;
import org.ofbiz.base.util.Debug;
import org.ofbiz.base.util.UtilProperties;
import org.ofbiz.base.util.UtilValidate;
import org.ofbiz.entity.GenericEntityException;
import org.ofbiz.entity.GenericValue;
import org.ofbiz.entity.transaction.GenericTransactionException;
import org.ofbiz.entity.transaction.TransactionUtil;
import org.ofbiz.service.DispatchContext;

/* loaded from: input_file:org/ofbiz/common/login/LdapAuthenticationServices.class */
public class LdapAuthenticationServices {
    public static final String module = LdapAuthenticationServices.class.getName();

    public static boolean userLogin(DispatchContext dispatchContext, Map<String, ?> map) {
        String hashTypeFromPrefix;
        Debug.logVerbose("Starting LDAP authentication", module);
        Properties properties = UtilProperties.getProperties("jndiLdap");
        String str = (String) map.get("login.username");
        if (str == null) {
            str = (String) map.get("username");
        }
        String str2 = (String) map.get("login.password");
        if (str2 == null) {
            str2 = (String) map.get("password");
        }
        String str3 = null;
        GenericValue genericValue = null;
        try {
            genericValue = dispatchContext.getDelegator().findOne("UserLogin", map.get("isServiceAuth") != null && ((Boolean) map.get("isServiceAuth")).booleanValue(), new Object[]{"userLoginId", str});
        } catch (GenericEntityException e) {
            Debug.logWarning(e, "", module);
        }
        if (genericValue != null) {
            str3 = genericValue.getString("userLdapDn");
        }
        if (UtilValidate.isEmpty(str3)) {
            String str4 = (String) properties.get("ldap.dn.template");
            if (str4 != null) {
                str3 = str4.replace("%u", str);
            }
            Debug.logVerbose("Using DN template: " + str3, module);
        } else {
            Debug.logVerbose("Using UserLogin.userLdapDn: " + str3, module);
        }
        properties.put("java.naming.security.principal", str3);
        properties.put("java.naming.security.credentials", str2);
        try {
            new InitialDirContext(properties).close();
            Debug.logVerbose("LDAP authentication succeeded", module);
            if (!"true".equals(properties.get("ldap.synchronize.passwords")) || genericValue == null) {
                return true;
            }
            boolean equals = "true".equals(UtilProperties.getPropertyValue("security.properties", "password.encrypt"));
            String digestHash = equals ? HashCrypt.getDigestHash(str2, LoginServices.getHashType()) : str2;
            String digestHashOldFunnyHexEncode = equals ? HashCrypt.getDigestHashOldFunnyHexEncode(str2, LoginServices.getHashType()) : str2;
            String str5 = digestHash;
            String string = genericValue.getString("currentPassword");
            if (equals && string != null && string.startsWith("{") && (hashTypeFromPrefix = HashCrypt.getHashTypeFromPrefix(string)) != null) {
                str5 = HashCrypt.getDigestHash(str2, hashTypeFromPrefix);
            }
            if (string != null && (HashCrypt.removeHashTypePrefix(digestHash).equals(HashCrypt.removeHashTypePrefix(string)) || HashCrypt.removeHashTypePrefix(digestHashOldFunnyHexEncode).equals(HashCrypt.removeHashTypePrefix(string)) || HashCrypt.removeHashTypePrefix(str5).equals(HashCrypt.removeHashTypePrefix(string)) || ("true".equals(UtilProperties.getPropertyValue("security.properties", "password.accept.encrypted.and.plain")) && str2.equals(string)))) {
                return true;
            }
            Debug.logVerbose("Starting password synchronization", module);
            genericValue.set("currentPassword", equals ? HashCrypt.getDigestHash(str2, LoginServices.getHashType()) : str2, false);
            Transaction transaction = null;
            boolean z = false;
            try {
                try {
                    transaction = TransactionUtil.suspend();
                } catch (GenericTransactionException e2) {
                    Debug.logError(e2, "Could not suspend transaction: " + e2.getMessage(), module);
                }
                try {
                    try {
                        z = TransactionUtil.begin();
                        genericValue.store();
                        try {
                            TransactionUtil.commit(z);
                            Debug.logVerbose("Password synchronized", module);
                        } catch (GenericTransactionException e3) {
                            Debug.logError(e3, "Could not commit nested transaction: " + e3.getMessage(), module);
                        }
                    } finally {
                    }
                } catch (GenericEntityException e4) {
                    Debug.logError(e4, "Error saving UserLogin", module);
                    try {
                        TransactionUtil.rollback(z, "Error saving UserLogin", e4);
                    } catch (GenericTransactionException e5) {
                        Debug.logError(e5, "Could not rollback nested transaction: " + e5.getMessage(), module);
                    }
                    try {
                        TransactionUtil.commit(z);
                        Debug.logVerbose("Password synchronized", module);
                    } catch (GenericTransactionException e6) {
                        Debug.logError(e6, "Could not commit nested transaction: " + e6.getMessage(), module);
                    }
                }
                if (transaction == null) {
                    return true;
                }
                try {
                    TransactionUtil.resume(transaction);
                    Debug.logVerbose("Resumed the parent transaction.", module);
                    return true;
                } catch (GenericTransactionException e7) {
                    Debug.logError(e7, "Could not resume parent nested transaction: " + e7.getMessage(), module);
                    return true;
                }
            } catch (Throwable th) {
                if (transaction != null) {
                    try {
                        TransactionUtil.resume(transaction);
                        Debug.logVerbose("Resumed the parent transaction.", module);
                    } catch (GenericTransactionException e8) {
                        Debug.logError(e8, "Could not resume parent nested transaction: " + e8.getMessage(), module);
                    }
                }
                throw th;
            }
        } catch (NamingException e9) {
            Debug.logVerbose("LDAP authentication failed: " + e9.getMessage(), module);
            return false;
        }
    }
}
