package jenkins.security.plugins.ldap;

import hudson.Extension;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.logging.Level;
import java.util.logging.LogRecord;
import java.util.logging.Logger;
import javax.naming.InvalidNameException;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.ldap.LdapName;
import org.acegisecurity.GrantedAuthority;
import org.acegisecurity.GrantedAuthorityImpl;
import org.acegisecurity.userdetails.ldap.LdapUserDetails;
import org.apache.commons.lang.StringUtils;
import org.kohsuke.stapler.DataBoundConstructor;

/* loaded from: input_file:WEB-INF/detached-plugins/ldap.hpi:WEB-INF/classes/jenkins/security/plugins/ldap/FromUserRecordLDAPGroupMembershipStrategy.class */
public class FromUserRecordLDAPGroupMembershipStrategy extends LDAPGroupMembershipStrategy {
    private static final Logger LOGGER = Logger.getLogger(FromUserRecordLDAPGroupMembershipStrategy.class.getName());
    private final String attributeName;

    @Extension
    /* loaded from: input_file:WEB-INF/detached-plugins/ldap.hpi:WEB-INF/classes/jenkins/security/plugins/ldap/FromUserRecordLDAPGroupMembershipStrategy$DescriptorImpl.class */
    public static class DescriptorImpl extends LDAPGroupMembershipStrategyDescriptor {
        @Override // hudson.model.Descriptor
        public String getDisplayName() {
            return Messages.FromUserRecordLDAPGroupMembershipStrategy_DisplayName();
        }
    }

    @DataBoundConstructor
    public FromUserRecordLDAPGroupMembershipStrategy(String str) {
        this.attributeName = str;
    }

    public String getAttributeName() {
        return StringUtils.defaultIfEmpty(this.attributeName, "memberOf");
    }

    @Override // jenkins.security.plugins.ldap.LDAPGroupMembershipStrategy
    public GrantedAuthority[] getGrantedAuthorities(LdapUserDetails ldapUserDetails) {
        ArrayList arrayList = new ArrayList();
        Attributes attributes = ldapUserDetails.getAttributes();
        String attributeName = getAttributeName();
        Attribute attribute = attributes == null ? null : attributes.get(attributeName);
        if (attribute != null) {
            try {
                Iterator it = Collections.list(attribute.getAll()).iterator();
                while (it.hasNext()) {
                    String valueOf = String.valueOf(it.next());
                    try {
                        LdapName ldapName = new LdapName(valueOf);
                        valueOf = String.valueOf(ldapName.getRdn(ldapName.size() - 1).getValue());
                    } catch (InvalidNameException e) {
                        LOGGER.log(Level.FINEST, "Expected a Group DN but found: {0}", valueOf);
                    }
                    arrayList.add(new GrantedAuthorityImpl(valueOf));
                }
            } catch (NamingException e2) {
                LogRecord logRecord = new LogRecord(Level.FINE, "Failed to retrieve member of attribute ({0}) from LDAP user details");
                logRecord.setThrown(e2);
                logRecord.setParameters(new Object[]{attributeName});
                LOGGER.log(logRecord);
            }
        }
        return (GrantedAuthority[]) arrayList.toArray(new GrantedAuthority[arrayList.size()]);
    }
}
