package net.shibboleth.shared.testing;

import com.unboundid.asn1.ASN1OctetString;
import com.unboundid.ldap.listener.InMemoryDirectoryServer;
import com.unboundid.ldap.listener.InMemoryDirectoryServerConfig;
import com.unboundid.ldap.listener.InMemoryListenerConfig;
import com.unboundid.ldap.listener.InMemoryRequestHandler;
import com.unboundid.ldap.listener.InMemorySASLBindHandler;
import com.unboundid.ldap.sdk.BindResult;
import com.unboundid.ldap.sdk.Control;
import com.unboundid.ldap.sdk.DN;
import com.unboundid.ldap.sdk.LDAPException;
import com.unboundid.ldap.sdk.LDAPResult;
import com.unboundid.ldap.sdk.OperationType;
import com.unboundid.ldap.sdk.ResultCode;
import com.unboundid.ldif.LDIFException;
import com.unboundid.ldif.LDIFReader;
import com.unboundid.util.ssl.SSLUtil;
import java.io.IOException;
import java.net.InetAddress;
import java.net.ServerSocket;
import java.net.Socket;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.util.ArrayList;
import java.util.List;
import java.util.Optional;
import javax.annotation.Nonnull;
import javax.net.ServerSocketFactory;
import javax.net.SocketFactory;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManagerFactory;
import net.shibboleth.shared.annotation.ParameterName;
import net.shibboleth.shared.annotation.constraint.Positive;
import net.shibboleth.shared.logic.Constraint;
import net.shibboleth.shared.primitive.LoggerFactory;
import org.slf4j.Logger;
import org.springframework.core.io.Resource;

/* loaded from: input_file:net/shibboleth/shared/testing/InMemoryDirectory.class */
public class InMemoryDirectory {

    @Nonnull
    private final Logger log;

    @Nonnull
    private final InMemoryDirectoryServer directoryServer;

    @Nonnull
    private final CustomServerSocketFactory customServerSocketFactory;

    /* loaded from: input_file:net/shibboleth/shared/testing/InMemoryDirectory$CustomServerSocketFactory.class */
    private static class CustomServerSocketFactory extends ServerSocketFactory {

        @Nonnull
        private List<Socket> sockets = new ArrayList();

        /* loaded from: input_file:net/shibboleth/shared/testing/InMemoryDirectory$CustomServerSocketFactory$CustomServerSocket.class */
        private class CustomServerSocket extends ServerSocket {
            public CustomServerSocket(int i, int i2, InetAddress inetAddress) throws IOException {
                super(i, i2, inetAddress);
            }

            @Override // java.net.ServerSocket
            public Socket accept() throws IOException {
                Socket accept = super.accept();
                CustomServerSocketFactory.this.sockets.add(accept);
                return accept;
            }
        }

        private CustomServerSocketFactory() {
        }

        @Override // javax.net.ServerSocketFactory
        public ServerSocket createServerSocket(int i) throws IOException {
            return new CustomServerSocket(i, 50, null);
        }

        @Override // javax.net.ServerSocketFactory
        public ServerSocket createServerSocket(int i, int i2) throws IOException {
            return new CustomServerSocket(i, i2, null);
        }

        @Override // javax.net.ServerSocketFactory
        public ServerSocket createServerSocket(int i, int i2, InetAddress inetAddress) throws IOException {
            return new CustomServerSocket(i, i2, inetAddress);
        }
    }

    public InMemoryDirectory(@ParameterName(name = "baseDNs") @Nonnull String[] strArr, @ParameterName(name = "ldif") @Nonnull Resource resource, @ParameterName(name = "port") @Positive int i) {
        this(strArr, resource, i, false);
    }

    public InMemoryDirectory(@ParameterName(name = "baseDNs") @Nonnull String[] strArr, @ParameterName(name = "ldif") @Nonnull Resource resource, @ParameterName(name = "port") @Positive int i, @ParameterName(name = "requireAuthForSearch") boolean z) {
        this.log = LoggerFactory.getLogger(InMemoryDirectory.class);
        Constraint.isNotNull(resource, "LDIF resource cannot be null");
        try {
            InMemoryDirectoryServerConfig inMemoryDirectoryServerConfig = new InMemoryDirectoryServerConfig(strArr);
            this.customServerSocketFactory = new CustomServerSocketFactory();
            inMemoryDirectoryServerConfig.setListenerConfigs(new InMemoryListenerConfig[]{new InMemoryListenerConfig("default", InetAddress.getByName("localhost"), i, this.customServerSocketFactory, (SocketFactory) null, (SSLSocketFactory) null)});
            inMemoryDirectoryServerConfig.addAdditionalBindCredentials("cn=Directory Manager", "password");
            if (z) {
                inMemoryDirectoryServerConfig.setAuthenticationRequiredOperationTypes(new OperationType[]{OperationType.SEARCH});
            }
            addSuccessSaslBindHandlers(inMemoryDirectoryServerConfig);
            this.directoryServer = new InMemoryDirectoryServer(inMemoryDirectoryServerConfig);
            this.directoryServer.importFromLDIF(true, new LDIFReader(resource.getInputStream()));
        } catch (Exception e) {
            throw new RuntimeException("Error creating directory server", e);
        }
    }

    public InMemoryDirectory(@ParameterName(name = "baseDNs") @Nonnull String[] strArr, @ParameterName(name = "ldif") @Nonnull Resource resource, @ParameterName(name = "port") @Positive int i, @ParameterName(name = "keystore") @Nonnull Resource resource2, @ParameterName(name = "truststore") @Nonnull Optional<Resource> optional) {
        this(strArr, resource, i, false, resource2, optional);
    }

    public InMemoryDirectory(@ParameterName(name = "baseDNs") @Nonnull String[] strArr, @ParameterName(name = "ldif") @Nonnull Resource resource, @ParameterName(name = "port") @Positive int i, @ParameterName(name = "requireAuthForSearch") boolean z, @ParameterName(name = "keystore") @Nonnull Resource resource2, @ParameterName(name = "truststore") @Nonnull Optional<Resource> optional) {
        this.log = LoggerFactory.getLogger(InMemoryDirectory.class);
        Constraint.isNotNull(resource, "LDIF resource cannot be null");
        try {
            InMemoryDirectoryServerConfig inMemoryDirectoryServerConfig = new InMemoryDirectoryServerConfig(strArr);
            SSLUtil sSLUtil = new SSLUtil(getKeyManagerFactory(resource2).getKeyManagers(), optional.isPresent() ? getTrustManagerFactory(optional.get()).getTrustManagers() : null);
            this.customServerSocketFactory = new CustomServerSocketFactory();
            inMemoryDirectoryServerConfig.setListenerConfigs(new InMemoryListenerConfig[]{new InMemoryListenerConfig("default", InetAddress.getByName("localhost"), i, this.customServerSocketFactory, (SocketFactory) null, sSLUtil.createSSLSocketFactory())});
            inMemoryDirectoryServerConfig.addAdditionalBindCredentials("cn=Directory Manager", "password");
            if (z) {
                inMemoryDirectoryServerConfig.setAuthenticationRequiredOperationTypes(new OperationType[]{OperationType.SEARCH});
            }
            addSuccessSaslBindHandlers(inMemoryDirectoryServerConfig);
            this.directoryServer = new InMemoryDirectoryServer(inMemoryDirectoryServerConfig);
            this.directoryServer.importFromLDIF(true, new LDIFReader(resource.getInputStream()));
        } catch (Exception e) {
            throw new RuntimeException("Error creating directory server", e);
        }
    }

    private void addSuccessSaslBindHandlers(InMemoryDirectoryServerConfig inMemoryDirectoryServerConfig) {
        inMemoryDirectoryServerConfig.addSASLBindHandler(new InMemorySASLBindHandler() { // from class: net.shibboleth.shared.testing.InMemoryDirectory.1
            public String getSASLMechanismName() {
                return "DIGEST-MD5";
            }

            public BindResult processSASLBind(InMemoryRequestHandler inMemoryRequestHandler, int i, DN dn, ASN1OctetString aSN1OctetString, List<Control> list) {
                return new BindResult(new LDAPResult(i, ResultCode.SUCCESS));
            }
        });
        inMemoryDirectoryServerConfig.addSASLBindHandler(new InMemorySASLBindHandler() { // from class: net.shibboleth.shared.testing.InMemoryDirectory.2
            public String getSASLMechanismName() {
                return "EXTERNAL";
            }

            public BindResult processSASLBind(InMemoryRequestHandler inMemoryRequestHandler, int i, DN dn, ASN1OctetString aSN1OctetString, List<Control> list) {
                return new BindResult(new LDAPResult(i, ResultCode.SUCCESS));
            }
        });
    }

    public void add(String... strArr) {
        try {
            this.directoryServer.add(strArr);
        } catch (LDIFException | LDAPException e) {
            throw new RuntimeException((Throwable) e);
        }
    }

    public long openConnectionCount() {
        return this.customServerSocketFactory.sockets.stream().filter(socket -> {
            return !socket.isClosed();
        }).count();
    }

    public void start() {
        try {
            this.directoryServer.startListening();
            this.log.info("In-memory directory server started");
        } catch (LDAPException e) {
            throw new RuntimeException((Throwable) e);
        }
    }

    public int getListenPort() {
        return this.directoryServer.getListenPort();
    }

    public void stop(boolean z) {
        this.directoryServer.shutDown(z);
        this.log.info("In-memory directory server stopped");
    }

    private static KeyManagerFactory getKeyManagerFactory(Resource resource) throws GeneralSecurityException, IOException {
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(loadKeyStore(resource, "changeit"), "changeit".toCharArray());
        return keyManagerFactory;
    }

    private static TrustManagerFactory getTrustManagerFactory(Resource resource) throws GeneralSecurityException, IOException {
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(loadKeyStore(resource, "changeit"));
        return trustManagerFactory;
    }

    private static KeyStore loadKeyStore(Resource resource, String str) throws GeneralSecurityException, IOException {
        KeyStore keyStore = KeyStore.getInstance("JKS");
        keyStore.load(resource.getInputStream(), str.toCharArray());
        return keyStore;
    }
}
