package com.sun.identity.idm.plugins.ldapv3;

import com.iplanet.am.sdk.AMCommonUtils;
import com.iplanet.am.sdk.AMHashMap;
import com.iplanet.am.util.Debug;
import com.iplanet.dpro.session.service.ClusterStateService;
import com.iplanet.dpro.session.service.GetHttpSession;
import com.iplanet.jato.model.ModelExecutionContext;
import com.iplanet.sso.SSOException;
import com.iplanet.sso.SSOToken;
import com.iplanet.ums.ManagedRole;
import com.sun.identity.authentication.share.AuthXMLTags;
import com.sun.identity.common.CaseInsensitiveHashMap;
import com.sun.identity.common.CaseInsensitiveHashSet;
import com.sun.identity.console.base.model.AMAdminConstants;
import com.sun.identity.idm.IdConstants;
import com.sun.identity.idm.IdOperation;
import com.sun.identity.idm.IdRepo;
import com.sun.identity.idm.IdRepoBundle;
import com.sun.identity.idm.IdRepoException;
import com.sun.identity.idm.IdRepoFatalException;
import com.sun.identity.idm.IdRepoListener;
import com.sun.identity.idm.IdRepoUnsupportedOpException;
import com.sun.identity.idm.IdType;
import com.sun.identity.idm.RepoSearchResults;
import com.sun.identity.jaxrpc.SOAPClient;
import com.sun.identity.sm.SchemaType;
import com.sun.web.ui.model.CCWizardWindowModelInterface;
import com.sun.web.ui.view.datetime.CCDateTimeBase;
import java.net.MalformedURLException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import java.util.StringTokenizer;
import netscape.ldap.LDAPAttribute;
import netscape.ldap.LDAPAttributeSet;
import netscape.ldap.LDAPCache;
import netscape.ldap.LDAPConnection;
import netscape.ldap.LDAPEntry;
import netscape.ldap.LDAPException;
import netscape.ldap.LDAPModification;
import netscape.ldap.LDAPModificationSet;
import netscape.ldap.LDAPObjectClassSchema;
import netscape.ldap.LDAPRebind;
import netscape.ldap.LDAPRebindAuth;
import netscape.ldap.LDAPReferralException;
import netscape.ldap.LDAPSearchConstraints;
import netscape.ldap.LDAPSearchResults;
import netscape.ldap.LDAPUrl;
import netscape.ldap.util.ConnectionPool;
import netscape.ldap.util.DN;

/* loaded from: input_file:120954-03/SUNWamsdk/reloc/SUNWam/lib/am_services.jar:com/sun/identity/idm/plugins/ldapv3/LDAPv3Repo.class */
public class LDAPv3Repo extends IdRepo {
    private ConnectionPool connPool;
    static final String LDAP_OBJECT_CLASS = "objectclass";
    static final String LDAP_SCOPE_BASE = "SCOPE_BASE";
    static final String LDAP_SCOPE_ONE = "SCOPE_ONE";
    static final String LDAP_SCOPE_SUB = "SCOPE_SUB";
    private static final String LDAPv3Config_LDAP_SERVER = "sun-idrepo-ldapv3-config-ldap-server";
    private static final String LDAPv3Config_LDAP_PORT = "sun-idrepo-ldapv3-config-ldap-port";
    private static final String LDAPv3Config_AUTHID = "sun-idrepo-ldapv3-config-authid";
    private static final String LDAPv3Config_AUTHPW = "sun-idrepo-ldapv3-config-authpw";
    private static final String LDAPv3Config_LDAP_SSL_ENABLED = "sun-idrepo-ldapv3-config-ssl-enabled";
    private static final String LDAPv3Config_LDAP_CONNECTION_POOL_MIN_SIZE = "sun-idrepo-ldapv3-config-connection_pool_min_size";
    private static final String LDAPv3Config_LDAP_CONNECTION_POOL_MAX_SIZE = "sun-idrepo-ldapv3-config-connection_pool_max_size";
    private static final String LDAPv3Config_ORGANIZATION_NAME = "sun-idrepo-ldapv3-config-organization_name";
    private static final String LDAPv3Config_LDAP_GROUP_SEARCH_FILTER = "sun-idrepo-ldapv3-config-groups-search-filter";
    private static final String LDAPv3Config_LDAP_USERS_SEARCH_FILTER = "sun-idrepo-ldapv3-config-users-search-filter";
    private static final String LDAPv3Config_LDAP_ROLES_SEARCH_FILTER = "sun-idrepo-ldapv3-config-roles-search-filter";
    private static final String LDAPv3Config_LDAP_AGENT_SEARCH_FILTER = "sun-idrepo-ldapv3-config-agent-search-filter";
    private static final String LDAPv3Config_LDAP_ROLES_SEARCH_ATTRIBUTE = "sun-idrepo-ldapv3-config-roles-search-attribute";
    private static final String LDAPv3Config_LDAP_GROUPS_SEARCH_ATTRIBUTE = "sun-idrepo-ldapv3-config-groups-search-attribute";
    private static final String LDAPv3Config_LDAP_USERS_SEARCH_ATTRIBUTE = "sun-idrepo-ldapv3-config-users-search-attribute";
    private static final String LDAPv3Config_LDAP_AGENT_SEARCH_ATTRIBUTE = "sun-idrepo-ldapv3-config-agent-search-attribute";
    private static final String LDAPv3Config_LDAP_ROLES_SEARCH_SCOPE = "sun-idrepo-ldapv3-config-role-search-scope";
    private static final String LDAPv3Config_LDAP_GROUP_CONTAINER_NAME = "sun-idrepo-ldapv3-config-group-container-name";
    private static final String LDAPv3Config_LDAP_AGENT_CONTAINER_NAME = "sun-idrepo-ldapv3-config-agent-container-name";
    private static final String LDAPv3Config_LDAP_PEOPLE_CONTAINER_NAME = "sun-idrepo-ldapv3-config-people-container-name";
    private static final String LDAPv3Config_LDAP_GROUP_CONTAINER_VALUE = "sun-idrepo-ldapv3-config-group-container-value";
    private static final String LDAPv3Config_LDAP_PEOPLE_CONTAINER_VALUE = "sun-idrepo-ldapv3-config-people-container-value";
    private static final String LDAPv3Config_LDAP_AGENT_CONTAINER_VALUE = "sun-idrepo-ldapv3-config-agent-container-value";
    private static final String LDAPv3Config_LDAP_TIME_LIMIT = "sun-idrepo-ldapv3-config-time-limit";
    private static final String LDAPv3Config_LDAP_MAX_RESULT = "sun-idrepo-ldapv3-config-max-result";
    private static final String LDAPv3Config_REFERRALS = "sun-idrepo-ldapv3-config-referrals";
    private static final String LDAPv3Config_ROLE_OBJECT_CLASS = "sun-idrepo-ldapv3-config-role-objectclass";
    private static final String LDAPv3Config_GROUP_OBJECT_CLASS = "sun-idrepo-ldapv3-config-group-objectclass";
    private static final String LDAPv3Config_USER_OBJECT_CLASS = "sun-idrepo-ldapv3-config-user-objectclass";
    private static final String LDAPv3Config_AGENT_OBJECT_CLASS = "sun-idrepo-ldapv3-config-agent-objectclass";
    private static final String LDAPv3Config_GROUP_ATTR = "sun-idrepo-ldapv3-config-group-attributes";
    private static final String LDAPv3Config_USER_ATTR = "sun-idrepo-ldapv3-config-user-attributes";
    private static final String LDAPv3Config_AGENT_ATTR = "sun-idrepo-ldapv3-config-agent-attributes";
    private static final String LDAPv3Config_NSROLE = "sun-idrepo-ldapv3-config-nsrole";
    private static final String LDAPv3Config_NSROLEDN = "sun-idrepo-ldapv3-config-nsroledn";
    private static final String LDAPv3Config_NSROLEFILTER = "sun-idrepo-ldapv3-config-nsrolefilter";
    private static final String LDAPv3Config_MEMBEROF = "sun-idrepo-ldapv3-config-memberof";
    private static final String LDAPv3Config_UNIQUEMEMBER = "sun-idrepo-ldapv3-config-uniquemember";
    private static final String LDAPv3Config_MEMBERURL = "sun-idrepo-ldapv3-config-memberurl";
    private static final String LDAPv3Config_LDAP_IDLETIMEOUT = "sun-idrepo-ldapv3-config-idletimeout";
    private static final String LDAPv3Config_LDAP_PSEARCHBASE = "sun-idrepo-ldapv3-config-psearchbase";
    private static final String LDAPv3Config_LDAP_ISACTIVEATTRNAME = "sun-idrepo-ldapv3-config-isactive";
    private static final String LDAPv3Config_LDAP_CREATEUSERMAPPING = "sun-idrepo-ldapv3-config-createuser-attr-mapping";
    private static final String LDAPv3Config_LDAP_CACHEENABLED = "sun-idrepo-ldapv3-config-cache-enabled";
    private static final String LDAPv3Config_LDAP_CACHETTL = "sun-idrepo-ldapv3-config-cache-ttl";
    private static final String LDAPv3Config_LDAP_CACHESIZE = "sun-idrepo-ldapv3-config-cache-size";
    private static final String SCHEMA_BUG_PROPERTY = "com.netscape.ldap.schema.quoting";
    private static final String VAL_STANDARD = "standard";
    private static final String CLASS_NAME = "com.sun.identity.idm.plugins.ldapv3.LDAPv3Repo";
    private static IdType[] supportedTypes = {IdType.USER, IdType.AGENT, IdType.GROUP, IdType.GROUP, IdType.ROLE, IdType.FILTEREDROLE, IdType.REALM};
    private static SOAPClient mySoapClient = new SOAPClient("dummy");
    protected static Hashtable _eventsMgr = new Hashtable();
    protected static Hashtable _numRequest = new Hashtable();
    private static SSOToken internalToken = null;
    private Map supportedOps = new HashMap();
    private Map myConfigMap = null;
    private Map myServiceMap = null;
    private IdRepoListener myListener = null;
    private String orgDN = "";
    private int connNumRetry = 3;
    private int connRetryInterval = ClusterStateService.DEFAULT_TIMEOUT;
    private int timeLimit = 5000;
    private int defaultMaxResults = 100;
    private int roleSearchScope = 2;
    private String userSearchFilter = null;
    private String groupSearchFilter = null;
    private String roleSearchFilter = "(&(objectclass=ldapsubentry)(objectclass=nsmanagedroledefinition))";
    private String filterroleSearchFilter = "(&(objectclass=ldapsubentry)(objectclass=nsfilteredroledefinition))";
    private String agentSearchFilter = null;
    private String userSearchNamingAttr = null;
    private String agentSearchNamingAttr = null;
    private String groupSearchNamingAttr = null;
    private String roleSearchNamingAttr = "cn";
    private String peopleCtnrNamingAttr = null;
    private String agentCtnrNamingAttr = null;
    private String groupCtnrNamingAttr = null;
    private String peopleCtnrValue = null;
    private String agentCtnrValue = null;
    private String groupCtnrValue = null;
    private String nsRoleAttr = "nsRole";
    private String nsRoleDNAttr = ManagedRole.MEMBER_ATTR_NAME;
    private String nsRoleFilterAttr = "nsRoleFilter";
    private String memberOfAttr = null;
    private String uniqueMemberAttr = null;
    private String memberURLAttr = null;
    private String isActiveAttrName = null;
    private boolean alwaysActive = false;
    private Set filterroleObjClassSet = null;
    private Set roleObjClassSet = null;
    private Set groupObjClassSet = null;
    private Set userObjClassSet = null;
    private Set agentObjClassSet = null;
    private Map createUserAttrMap = null;
    private Set userAtttributesAllowed = null;
    private Set groupAtttributesAllowed = null;
    private Set agentAtttributesAllowed = null;
    private Set filteredroleAtttributesAllowed = null;
    private Set userSpecifiedOpsSet = null;
    private boolean cacheEnabled = false;
    private long cacheTTL = 600;
    private long cacheSize = 10240;
    private LDAPCache ldapCache = null;
    private final int MIN_CONNECTION_POOL_SIZE = 1;
    private final int MAX_CONNECTION_POOL_SIZE = 10;
    private final int DEFAULTPORT = 389;
    private boolean hasListener = false;
    private Debug debug = Debug.getInstance("LDAPv3Repo");

    public LDAPv3Repo() {
        loadSupportedOps();
    }

    /* JADX WARN: Can't wrap try/catch for region: R(27:1|(1:3)|4|(4:7|(2:12|13)(3:15|16|17)|14|5)|19|20|(1:22)|23|(1:25)|26|(1:28)|29|30|(3:74|75|(12:77|33|40|41|(2:43|(1:45))|47|48|49|(1:51)(1:60)|52|53|(2:55|56)(1:58)))|32|33|40|41|(0)|47|48|49|(0)(0)|52|53|(0)(0)|(1:(1:65))) */
    /* JADX WARN: Code restructure failed: missing block: B:61:0x026d, code lost:
    
        r21 = move-exception;
     */
    /* JADX WARN: Code restructure failed: missing block: B:62:0x026f, code lost:
    
        r8.debug.error(new java.lang.StringBuffer().append("LDAPv3Repo: initConnectionPool ConnectionPool failed: ").append(r21.getLDAPResultCode()).append("; ldapServer:").append(r11).toString());
        r8.connPool = null;
     */
    /* JADX WARN: Code restructure failed: missing block: B:64:0x029f, code lost:
    
        r20.disconnect();
     */
    /* JADX WARN: Code restructure failed: missing block: B:66:0x02a7, code lost:
    
        r23 = move-exception;
     */
    /* JADX WARN: Code restructure failed: missing block: B:68:0x02b0, code lost:
    
        if (r8.debug.messageEnabled() != false) goto L57;
     */
    /* JADX WARN: Code restructure failed: missing block: B:69:0x02b3, code lost:
    
        r8.debug.message(new java.lang.StringBuffer().append("LDAPv3Repo: ldc.disconnect exception. ").append(r23.getLDAPResultCode()).toString());
     */
    /* JADX WARN: Code restructure failed: missing block: B:70:0x01fa, code lost:
    
        r21 = move-exception;
     */
    /* JADX WARN: Code restructure failed: missing block: B:71:0x01fc, code lost:
    
        r0 = r21.getLDAPResultCode();
     */
    /* JADX WARN: Code restructure failed: missing block: B:72:0x020a, code lost:
    
        if (r8.debug.messageEnabled() != false) goto L45;
     */
    /* JADX WARN: Code restructure failed: missing block: B:73:0x020d, code lost:
    
        r8.debug.message(new java.lang.StringBuffer().append("LDAPv3Repo: initConnectionPool setOption failed: ").append(r0).toString());
     */
    /* JADX WARN: Removed duplicated region for block: B:43:0x01a8 A[Catch: LDAPException -> 0x01fa, TryCatch #3 {LDAPException -> 0x01fa, blocks: (B:41:0x013a, B:43:0x01a8, B:45:0x01ce), top: B:40:0x013a }] */
    /* JADX WARN: Removed duplicated region for block: B:51:0x0237 A[Catch: LDAPException -> 0x026d, TryCatch #1 {LDAPException -> 0x026d, blocks: (B:49:0x0228, B:51:0x0237, B:52:0x024d, B:60:0x0247), top: B:48:0x0228 }] */
    /* JADX WARN: Removed duplicated region for block: B:55:0x02db  */
    /* JADX WARN: Removed duplicated region for block: B:58:? A[RETURN, SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:60:0x0247 A[Catch: LDAPException -> 0x026d, TryCatch #1 {LDAPException -> 0x026d, blocks: (B:49:0x0228, B:51:0x0237, B:52:0x024d, B:60:0x0247), top: B:48:0x0228 }] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private void initConnectionPool(java.util.Map r9) {
        /*
            Method dump skipped, instructions count: 741
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.sun.identity.idm.plugins.ldapv3.LDAPv3Repo.initConnectionPool(java.util.Map):void");
    }

    protected void setDefaultReferralCredentials(LDAPConnection lDAPConnection) {
        LDAPRebind lDAPRebind = new LDAPRebind(this, lDAPConnection) { // from class: com.sun.identity.idm.plugins.ldapv3.LDAPv3Repo.1
            private final LDAPConnection val$mConn;
            private final LDAPv3Repo this$0;

            {
                this.this$0 = this;
                this.val$mConn = lDAPConnection;
            }

            public LDAPRebindAuth getRebindAuthentication(String str, int i) {
                return new LDAPRebindAuth(this.val$mConn.getAuthenticationDN(), this.val$mConn.getAuthenticationPassword());
            }
        };
        LDAPSearchConstraints searchConstraints = lDAPConnection.getSearchConstraints();
        searchConstraints.setRebindProc(lDAPRebind);
        lDAPConnection.setSearchConstraints(searchConstraints);
    }

    @Override // com.sun.identity.idm.IdRepo
    public void initialize(Map map) {
        if (this.debug.messageEnabled()) {
            this.debug.message("LDAPv3Repo: Initializing configuration()");
        }
        super.initialize(map);
        this.myConfigMap = map;
        String propertyStringValue = getPropertyStringValue(map, IdConstants.SERVICE_ATTRS);
        if (this.debug.messageEnabled()) {
            this.debug.message(new StringBuffer().append("LDAPv3Repo: initialize: myServiceStr: ").append(propertyStringValue).toString());
        }
        if (propertyStringValue == null || propertyStringValue.length() == 0) {
            this.myServiceMap = new HashMap();
        } else {
            this.myServiceMap = new HashMap(mySoapClient.decodeMap(propertyStringValue));
        }
        if (this.debug.messageEnabled()) {
            if (this.myServiceMap != null) {
                this.debug.message(new StringBuffer().append("LDAPv3Repo: initialize: myServiceMap: ").append(this.myServiceMap).toString());
            } else {
                this.debug.message("LDAPv3Repo: initialize: myServiceMap = null");
            }
        }
        this.timeLimit = getPropertyIntValue(map, LDAPv3Config_LDAP_TIME_LIMIT, this.timeLimit) * ClusterStateService.DEFAULT_TIMEOUT;
        this.defaultMaxResults = getPropertyIntValue(map, LDAPv3Config_LDAP_MAX_RESULT, this.defaultMaxResults);
        this.cacheEnabled = getPropertyBooleanValue(map, LDAPv3Config_LDAP_CACHEENABLED);
        this.cacheTTL = getPropertyIntValue(map, LDAPv3Config_LDAP_CACHETTL, CCWizardWindowModelInterface.PIXEL_WINDOW_WIDTH);
        this.cacheSize = getPropertyIntValue(map, LDAPv3Config_LDAP_CACHESIZE, 10240);
        this.orgDN = getPropertyStringValue(map, LDAPv3Config_ORGANIZATION_NAME);
        String propertyStringValue2 = getPropertyStringValue(map, LDAPv3Config_LDAP_ROLES_SEARCH_SCOPE);
        if (propertyStringValue2 != null && propertyStringValue2.equalsIgnoreCase(LDAP_SCOPE_BASE)) {
            this.roleSearchScope = 0;
        } else if (propertyStringValue2 == null || !propertyStringValue2.equalsIgnoreCase(LDAP_SCOPE_ONE)) {
            this.roleSearchScope = 2;
        } else {
            this.roleSearchScope = 1;
        }
        this.userSearchFilter = getPropertyStringValue(map, LDAPv3Config_LDAP_USERS_SEARCH_FILTER);
        this.groupSearchFilter = getPropertyStringValue(map, LDAPv3Config_LDAP_GROUP_SEARCH_FILTER);
        this.agentSearchFilter = getPropertyStringValue(map, LDAPv3Config_LDAP_AGENT_SEARCH_FILTER);
        this.userSearchNamingAttr = getPropertyStringValue(map, LDAPv3Config_LDAP_USERS_SEARCH_ATTRIBUTE);
        this.agentSearchNamingAttr = getPropertyStringValue(map, LDAPv3Config_LDAP_AGENT_SEARCH_ATTRIBUTE);
        this.groupSearchNamingAttr = getPropertyStringValue(map, LDAPv3Config_LDAP_GROUPS_SEARCH_ATTRIBUTE);
        this.peopleCtnrNamingAttr = getPropertyStringValue(map, LDAPv3Config_LDAP_PEOPLE_CONTAINER_NAME);
        this.agentCtnrNamingAttr = getPropertyStringValue(map, LDAPv3Config_LDAP_AGENT_CONTAINER_NAME);
        this.groupCtnrNamingAttr = getPropertyStringValue(map, LDAPv3Config_LDAP_GROUP_CONTAINER_NAME);
        this.peopleCtnrValue = getPropertyStringValue(map, LDAPv3Config_LDAP_PEOPLE_CONTAINER_VALUE);
        this.agentCtnrValue = getPropertyStringValue(map, LDAPv3Config_LDAP_AGENT_CONTAINER_VALUE);
        this.groupCtnrValue = getPropertyStringValue(map, LDAPv3Config_LDAP_GROUP_CONTAINER_VALUE);
        this.groupObjClassSet = new HashSet((Set) map.get(LDAPv3Config_GROUP_OBJECT_CLASS));
        this.userObjClassSet = new HashSet((Set) map.get(LDAPv3Config_USER_OBJECT_CLASS));
        this.agentObjClassSet = new HashSet((Set) map.get(LDAPv3Config_AGENT_OBJECT_CLASS));
        this.memberOfAttr = getPropertyStringValue(map, LDAPv3Config_MEMBEROF);
        this.uniqueMemberAttr = getPropertyStringValue(map, LDAPv3Config_UNIQUEMEMBER);
        this.memberURLAttr = getPropertyStringValue(map, LDAPv3Config_MEMBERURL);
        this.userAtttributesAllowed = new CaseInsensitiveHashSet();
        this.userAtttributesAllowed.addAll((Set) map.get(LDAPv3Config_USER_ATTR));
        this.groupAtttributesAllowed = new CaseInsensitiveHashSet();
        this.groupAtttributesAllowed.addAll((Set) map.get(LDAPv3Config_GROUP_ATTR));
        this.agentAtttributesAllowed = new CaseInsensitiveHashSet();
        this.agentAtttributesAllowed.addAll((Set) map.get(LDAPv3Config_AGENT_ATTR));
        this.userSpecifiedOpsSet = new HashSet((Set) map.get(IdConstants.SUPPORTED_OP));
        parsedUserSpecifiedOps(this.userSpecifiedOpsSet);
        this.isActiveAttrName = getPropertyStringValue(map, LDAPv3Config_LDAP_ISACTIVEATTRNAME);
        if (this.isActiveAttrName == null || this.isActiveAttrName.length() == 0) {
            this.alwaysActive = true;
        }
        this.createUserAttrMap = getCreateUserAttrMapping(map);
        this.roleObjClassSet = new HashSet();
        this.roleObjClassSet.add("ldapsubentry");
        this.roleObjClassSet.add("nssimpleroledefinition");
        this.roleObjClassSet.add("nsmanagedroledefinition");
        this.roleObjClassSet.add("nsroledefinition");
        this.filterroleObjClassSet = new HashSet();
        this.filterroleObjClassSet.add("ldapsubentry");
        this.filterroleObjClassSet.add("nscomplexroledefinition");
        this.filterroleObjClassSet.add("nsfilteredroledefinition");
        this.filterroleObjClassSet.add("nsroledefinition");
        this.filteredroleAtttributesAllowed = new CaseInsensitiveHashSet();
        this.filteredroleAtttributesAllowed.add("nsRoleFilter");
        initConnectionPool(map);
        if (this.debug.messageEnabled()) {
            this.debug.message(new StringBuffer().append("    userObjClassSet: ").append(this.userObjClassSet).append("; agentObjClassSet: ").append(this.agentObjClassSet).append(";  groupObjClassSet:").append(this.groupObjClassSet).append(";  roleObjClassSet:").append(this.roleObjClassSet).append(";  filterroleObjClassSet:").append(this.filterroleObjClassSet).toString());
            this.debug.message(new StringBuffer().append("    userAtttributesAllowed: ").append(this.userAtttributesAllowed).append(";  groupAtttributesAllowed: ").append(this.groupAtttributesAllowed).append(";  agentAtttributesAllowed: ").append(this.agentAtttributesAllowed).append(";  filteredroleAtttributesAllowed: ").append(this.filteredroleAtttributesAllowed).toString());
            this.debug.message(new StringBuffer().append("LDAPv3Repo: exit Initializing. timeLimit =").append(this.timeLimit).append("; maxResults =").append(this.defaultMaxResults).append("; roleSearchScope=").append(this.roleSearchScope).append("; orgDN=").append(this.orgDN).append("; createUserAttrMap=").append(this.createUserAttrMap).toString());
        }
    }

    @Override // com.sun.identity.idm.IdRepo
    public void shutdown() {
        this.debug.message("LDAPv3Repo: shutdown");
        super.shutdown();
        this.connPool.destroy();
    }

    @Override // com.sun.identity.idm.IdRepo
    public Set getSupportedOperations(IdType idType) {
        if (this.debug.messageEnabled()) {
            this.debug.message(new StringBuffer().append("LDAPv3Repo: getSupportedOps on ").append(idType).append(" called").append("\n\tcont LDAPv3Repo: supportedOps Map = ").append(this.supportedOps.toString()).toString());
        }
        return (Set) this.supportedOps.get(idType);
    }

    @Override // com.sun.identity.idm.IdRepo
    public Set getSupportedTypes() {
        if (this.debug.messageEnabled()) {
            this.debug.message(new StringBuffer().append("LDAPv3Repo: getSupportedTypes: supportedOps.keySet=").append(this.supportedOps.keySet()).toString());
        }
        return this.supportedOps.keySet();
    }

    @Override // com.sun.identity.idm.IdRepo
    public boolean isActive(SSOToken sSOToken, IdType idType, String str) throws IdRepoUnsupportedOpException, SSOException {
        if (this.debug.messageEnabled()) {
            this.debug.message(new StringBuffer().append("LDAPv3Repo: isActive called: type:").append(idType).append("; name:").append(str).toString());
        }
        if (!idType.equals(IdType.USER)) {
            throw new IdRepoUnsupportedOpException(IdRepoBundle.BUNDLE_NAME, "305", new Object[]{CLASS_NAME, IdOperation.READ.getName(), idType.getName()});
        }
        if (this.alwaysActive) {
            try {
                return isExists(sSOToken, idType, str);
            } catch (IdRepoException e) {
                return false;
            }
        }
        HashSet hashSet = new HashSet();
        hashSet.add(this.isActiveAttrName);
        try {
            Map attributes = getAttributes(sSOToken, idType, str, hashSet);
            if (this.debug.messageEnabled()) {
                this.debug.message(new StringBuffer().append("  LDAPv3Repo: isActive attrMap=").append(attributes).toString());
            }
            Set set = (Set) attributes.get(this.isActiveAttrName);
            return (set != null && set.size() == 1 && ((String) set.iterator().next()).equalsIgnoreCase("inactive")) ? false : true;
        } catch (IdRepoException e2) {
            if (!this.debug.messageEnabled()) {
                return false;
            }
            this.debug.message(new StringBuffer().append("  LDAPv3Repo: isActive idrepoerr=").append(e2).toString());
            return false;
        }
    }

    @Override // com.sun.identity.idm.IdRepo
    public boolean isExists(SSOToken sSOToken, IdType idType, String str) throws IdRepoException, SSOException {
        if (this.debug.messageEnabled()) {
            this.debug.message(new StringBuffer().append("LDAPv3Repo: isExists called ").append(idType).append(": ").append(str).toString());
        }
        try {
            String dn = getDN(idType, str);
            LDAPConnection connection = this.connPool.getConnection();
            if (this.cacheEnabled) {
                connection.setCache(this.ldapCache);
            }
            try {
                connection.read(dn);
                this.connPool.close(connection);
                return true;
            } catch (LDAPException e) {
                switch (e.getLDAPResultCode()) {
                    case 9:
                        if (this.debug.messageEnabled()) {
                            this.debug.message("LDAPv3Repo: isExists: Entry served by a different LDAP server.");
                            break;
                        }
                        break;
                    case 32:
                        if (this.debug.messageEnabled()) {
                            this.debug.message("LDAPv3Repo: isExists: The specified entry does not exist.");
                            break;
                        }
                        break;
                    case 50:
                        if (this.debug.messageEnabled()) {
                            this.debug.message("LDAPv3Repo: isExists: You do not have the access rights to perform this operation.");
                            break;
                        }
                        break;
                    default:
                        if (this.debug.messageEnabled()) {
                            this.debug.message(new StringBuffer().append("LDAPv3Repo: isExists: Error number: ").append(e.getLDAPResultCode()).append("\n\tLDAPv3Repo: isExists: ").append("Could not read the specified entry.").toString(), e);
                            break;
                        }
                        break;
                }
                this.connPool.close(connection);
                int lDAPResultCode = e.getLDAPResultCode();
                if (lDAPResultCode == 80 || lDAPResultCode == 81 || lDAPResultCode == 82) {
                    throw new IdRepoFatalException(IdRepoBundle.BUNDLE_NAME, "306", new Object[]{CLASS_NAME, Integer.toString(lDAPResultCode)});
                }
                return false;
            }
        } catch (IdRepoUnsupportedOpException e2) {
            return false;
        } catch (IdRepoException e3) {
            return false;
        }
    }

    @Override // com.sun.identity.idm.IdRepo
    public synchronized void removeListener() {
        if (this.debug.messageEnabled()) {
            this.debug.message("LDAPv3Repo: removeListener called ");
        }
        String str = null;
        for (String str2 : new HashSet((Set) this.myConfigMap.get(LDAPv3Config_LDAP_SERVER))) {
            str = (str == null || str.length() == 0) ? str2 : new StringBuffer().append(str).append(" ").append(str2).toString();
        }
        if (str == null) {
            this.debug.error("LDAPv3Repo: removeListener failed. missing ldap server name.");
        }
        LDAPv3EventService lDAPv3EventService = (LDAPv3EventService) _eventsMgr.get(str);
        if (lDAPv3EventService != null) {
            if (!this.hasListener) {
                if (((Integer) _numRequest.get(str)) == null) {
                    _eventsMgr.remove(str);
                    return;
                }
                return;
            }
            lDAPv3EventService.removeListener(this);
            Integer num = (Integer) _numRequest.get(str);
            if (num != null) {
                int intValue = num.intValue();
                if (intValue <= 1) {
                    _eventsMgr.remove(str);
                    _numRequest.remove(str);
                } else {
                    _numRequest.remove(str);
                    _numRequest.put(str, new Integer(intValue - 1));
                }
                if (this.debug.messageEnabled()) {
                    this.debug.message(new StringBuffer().append("LDAPv3Repo: removeListener.  requestInt=").append(intValue).toString());
                }
            }
        }
    }

    @Override // com.sun.identity.idm.IdRepo
    public synchronized int addListener(SSOToken sSOToken, IdRepoListener idRepoListener) throws IdRepoException, SSOException {
        if (this.debug.messageEnabled()) {
            this.debug.message(new StringBuffer().append("LDAPv3Repo: addListener called  LDAPv3Config_LDAP_SERVER=").append(this.configMap.get(LDAPv3Config_LDAP_SERVER)).append("; LDAPv3Config_LDAP_PSEARCHBASE=").append(this.configMap.get(LDAPv3Config_LDAP_PSEARCHBASE)).append("; LDAPv3Config_LDAP_IDLETIMEOUT=").append(this.configMap.get(LDAPv3Config_LDAP_IDLETIMEOUT)).toString());
        }
        this.myListener = idRepoListener;
        String str = null;
        for (String str2 : new HashSet((Set) this.myConfigMap.get(LDAPv3Config_LDAP_SERVER))) {
            str = (str == null || str.length() == 0) ? str2 : new StringBuffer().append(str).append(" ").append(str2).toString();
        }
        if (str == null) {
            this.debug.error("LDAPv3Repo: addListener failed. missing ldap server name.");
            return 0;
        }
        String propertyStringValue = getPropertyStringValue(this.myConfigMap, LDAPv3Config_LDAP_PSEARCHBASE);
        if (str == null) {
            this.debug.error("LDAPv3Repo: addListener failed. missing persistence search base.");
            return 0;
        }
        LDAPv3EventService lDAPv3EventService = (LDAPv3EventService) _eventsMgr.get(str);
        if (lDAPv3EventService == null) {
            try {
                lDAPv3EventService = getPropertyIntValue(this.myConfigMap, LDAPv3Config_LDAP_IDLETIMEOUT, 0) == 0 ? new LDAPv3EventService(this.myConfigMap) : new LDAPv3EventServicePolling(this.myConfigMap);
                _eventsMgr.put(str, lDAPv3EventService);
            } catch (LDAPException e) {
                this.debug.error("LDAPv3Repo: addListener failed. new eventService failed. LDAPException=", e);
                throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, "218", new Object[]{CLASS_NAME});
            }
        }
        try {
            lDAPv3EventService.addListener(sSOToken, idRepoListener, propertyStringValue, 2, "(objectclass=*)", 15, this.myConfigMap, this);
            Integer num = (Integer) _numRequest.get(str);
            _numRequest.put(str, new Integer(num == null ? 1 : num.intValue() + 1));
        } catch (IdRepoException e2) {
            e2.getErrorCode();
            this.debug.error("LDAPv3Repo: addListener failed. persistant search not supported");
        } catch (LDAPException e3) {
            this.debug.error("LDAPv3Repo: addListener failed. eventService.addListener.LDAPException", e3);
            throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, "218", new Object[]{CLASS_NAME});
        }
        this.hasListener = true;
        return 0;
    }

    private Map getAllowedAttrs(IdType idType, Map map) {
        Set<String> set = Collections.EMPTY_SET;
        if (idType.equals(IdType.USER)) {
            set = this.userAtttributesAllowed;
        } else if (idType.equals(IdType.AGENT)) {
            set = this.agentAtttributesAllowed;
        } else if (idType.equals(IdType.GROUP)) {
            set = this.groupAtttributesAllowed;
        } else {
            if (idType.equals(IdType.ROLE)) {
                return new HashMap(map);
            }
            if (idType.equals(IdType.FILTEREDROLE)) {
                set = this.filteredroleAtttributesAllowed;
            }
        }
        HashMap hashMap = new HashMap();
        for (String str : set) {
            Set set2 = (Set) map.get(str);
            if (set2 != null) {
                hashMap.put(str, set2);
            }
        }
        return hashMap;
    }

    private Map addAttrMapping(IdType idType, String str, Map map) {
        if (this.debug.messageEnabled()) {
            this.debug.message(new StringBuffer().append("enter addAttrMapping: createUserAttrMap=").append(this.createUserAttrMap).toString());
            prtAttrMap(map);
        }
        if (idType.equals(IdType.USER)) {
            for (String str2 : this.createUserAttrMap.keySet()) {
                if (!map.containsKey(str2)) {
                    String str3 = (String) this.createUserAttrMap.get(str2);
                    if (str3.equalsIgnoreCase(str2)) {
                        HashSet hashSet = new HashSet();
                        hashSet.add(str);
                        map.put(str2, hashSet);
                    } else {
                        Set set = (Set) map.get(str3);
                        if (set != null) {
                            map.put(str2, set);
                        }
                    }
                }
            }
        }
        if (this.debug.messageEnabled()) {
            this.debug.message("exit addAttrMapping: ");
            prtAttrMap(map);
        }
        return map;
    }

    @Override // com.sun.identity.idm.IdRepo
    public String create(SSOToken sSOToken, IdType idType, String str, Map map) throws IdRepoException, SSOException {
        Set set;
        if (this.debug.messageEnabled()) {
            this.debug.message(new StringBuffer().append("LDAPv3Repo: Create called on ").append(idType).append(": ").append(str).toString());
            prtAttrMap(map);
        }
        String dn = getDN(idType, str);
        LDAPConnection connection = this.connPool.getConnection();
        if (this.cacheEnabled) {
            connection.setCache(this.ldapCache);
        }
        if (idType.equals(IdType.USER)) {
            set = this.userObjClassSet;
        } else if (idType.equals(IdType.AGENT)) {
            set = this.agentObjClassSet;
        } else if (idType.equals(IdType.GROUP)) {
            set = this.groupObjClassSet;
        } else if (idType.equals(IdType.ROLE)) {
            set = this.roleObjClassSet;
        } else {
            if (!idType.equals(IdType.FILTEREDROLE)) {
                throw new IdRepoUnsupportedOpException(IdRepoBundle.BUNDLE_NAME, "305", new Object[]{CLASS_NAME, IdOperation.CREATE.getName(), idType.getName()});
            }
            set = this.filterroleObjClassSet;
        }
        Map addAttrMapping = addAttrMapping(idType, str, getAllowedAttrs(idType, map));
        LDAPAttributeSet lDAPAttributeSet = new LDAPAttributeSet();
        if (addAttrMapping == null || addAttrMapping.isEmpty()) {
            lDAPAttributeSet.add(new LDAPAttribute("objectclass", set == null ? null : (String[]) set.toArray(new String[set.size()])));
        } else {
            boolean z = false;
            HashMap hashMap = new HashMap();
            for (String str2 : addAttrMapping.keySet()) {
                if (str2.equalsIgnoreCase("objectclass")) {
                    HashSet hashSet = new HashSet((Set) addAttrMapping.get(str2));
                    hashSet.addAll(set);
                    hashMap.put(str2, hashSet);
                    z = true;
                } else {
                    Set set2 = (Set) addAttrMapping.get(str2);
                    if (!set2.isEmpty()) {
                        hashMap.put(str2, set2);
                    }
                }
            }
            if (!z) {
                hashMap.put("objectclass", set);
            }
            for (String str3 : hashMap.keySet()) {
                Set set3 = (Set) hashMap.get(str3);
                String[] strArr = set3 == null ? null : (String[]) set3.toArray(new String[set3.size()]);
                if (this.debug.messageEnabled()) {
                    if (str3.equalsIgnoreCase("userpassword")) {
                        this.debug.message(new StringBuffer().append("    : attrName= ").append(str3).toString());
                    } else {
                        this.debug.message(new StringBuffer().append("    : attrName= ").append(str3).append(" set:").append(set3).toString());
                    }
                }
                lDAPAttributeSet.add(new LDAPAttribute(str3, strArr));
            }
        }
        if (this.debug.messageEnabled()) {
            this.debug.message(new StringBuffer().append("    : before ld.add: eDN=").append(dn).toString());
        }
        try {
            connection.add(new LDAPEntry(dn, lDAPAttributeSet));
            this.connPool.close(connection);
            return dn;
        } catch (LDAPException e) {
            this.debug.error(new StringBuffer().append("LDAPv3Repo.create failed. errorCode=").append(e.getLDAPResultCode()).append(CCDateTimeBase.DEFAULT_TIME_VALUE).append(e.getLDAPErrorMessage()).toString());
            if (this.debug.messageEnabled()) {
                this.debug.message("LDAPv3Repo.create failed", e);
            }
            this.connPool.close(connection);
            int lDAPResultCode = e.getLDAPResultCode();
            Object[] objArr = {CLASS_NAME, Integer.toString(lDAPResultCode)};
            if (lDAPResultCode == 80 || lDAPResultCode == 81 || lDAPResultCode == 82) {
                throw new IdRepoFatalException(IdRepoBundle.BUNDLE_NAME, "306", objArr);
            }
            throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, "306", objArr);
        }
    }

    /*  JADX ERROR: JadxRuntimeException in pass: BlockSplitter
        jadx.core.utils.exceptions.JadxRuntimeException: Incorrect nodes count for selectOther: B:32:0x010f in [B:9:0x0059, B:32:0x010f, B:10:0x005c, B:28:0x0107]
        	at jadx.core.utils.BlockUtils.selectOther(BlockUtils.java:64)
        	at jadx.core.dex.visitors.blocks.ResolveJavaJSR.processBlocks(ResolveJavaJSR.java:101)
        	at jadx.core.dex.visitors.blocks.ResolveJavaJSR.lambda$resolveForRetBlock$1(ResolveJavaJSR.java:59)
        	at jadx.core.utils.BlockUtils.traversePredecessors(BlockUtils.java:548)
        	at jadx.core.utils.BlockUtils.visitPredecessorsUntil(BlockUtils.java:536)
        	at jadx.core.dex.visitors.blocks.ResolveJavaJSR.resolveForRetBlock(ResolveJavaJSR.java:52)
        	at jadx.core.dex.visitors.blocks.ResolveJavaJSR.resolve(ResolveJavaJSR.java:42)
        	at jadx.core.dex.visitors.blocks.ResolveJavaJSR.process(ResolveJavaJSR.java:27)
        	at jadx.core.dex.visitors.blocks.BlockSplitter.visit(BlockSplitter.java:72)
        */
    @Override // com.sun.identity.idm.IdRepo
    public void delete(com.iplanet.sso.SSOToken r7, com.sun.identity.idm.IdType r8, java.lang.String r9) throws com.sun.identity.idm.IdRepoException, com.iplanet.sso.SSOException {
        /*
            Method dump skipped, instructions count: 285
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.sun.identity.idm.plugins.ldapv3.LDAPv3Repo.delete(com.iplanet.sso.SSOToken, com.sun.identity.idm.IdType, java.lang.String):void");
    }

    @Override // com.sun.identity.idm.IdRepo
    public Map getAttributes(SSOToken sSOToken, IdType idType, String str, Set set) throws IdRepoException, SSOException {
        if (this.debug.messageEnabled()) {
            this.debug.message(new StringBuffer().append("LDAPv3Repo: getAttributes called: ").append(idType).append(": ").append(str).append(" ; attrName=").append(set).toString());
        }
        return getAttributes(sSOToken, idType, str, set, true);
    }

    private Map getAttributes(SSOToken sSOToken, IdType idType, String str, Set set, boolean z) throws IdRepoException, SSOException {
        LDAPEntry read;
        if (this.debug.messageEnabled()) {
            this.debug.message(new StringBuffer().append("LDAPv3Repo: getAttributes called: ").append(idType).append(": ").append(str).append(" ; attrName=").append(set).toString());
        }
        HashMap hashMap = new HashMap();
        if (idType.equals(IdType.REALM) && set != null && set.contains("objectclass")) {
            return hashMap;
        }
        String dn = getDN(idType, str);
        LDAPConnection connection = this.connPool.getConnection();
        if (this.cacheEnabled) {
            connection.setCache(this.ldapCache);
        }
        LDAPSearchConstraints searchConstraints = connection.getSearchConstraints();
        searchConstraints.setMaxResults(this.defaultMaxResults);
        searchConstraints.setServerTimeLimit(this.timeLimit);
        Set set2 = null;
        if (idType.equals(IdType.USER)) {
            set2 = this.userAtttributesAllowed;
        } else if (idType.equals(IdType.AGENT)) {
            set2 = this.agentAtttributesAllowed;
        } else if (idType.equals(IdType.GROUP)) {
            set2 = this.groupAtttributesAllowed;
        } else if (idType.equals(IdType.FILTEREDROLE)) {
            set2 = this.filteredroleAtttributesAllowed;
        }
        if (this.debug.messageEnabled()) {
            this.debug.message(new StringBuffer().append("  LDAPv3Repo: predefinedAttr=").append(set2).append("; attrNames=").append(set).toString());
        }
        try {
            if (set == null) {
                read = connection.read(dn);
            } else {
                if (set2 != null) {
                    HashSet hashSet = new HashSet();
                    Iterator it = set.iterator();
                    while (it.hasNext()) {
                        String str2 = (String) it.next();
                        if (set2.contains(str2)) {
                            hashSet.add(str2);
                        }
                    }
                    set = hashSet;
                }
                if (this.debug.messageEnabled()) {
                    this.debug.message(new StringBuffer().append("  LDAPv3Repo: before read: attrNames=").append(set).toString());
                }
                read = connection.read(dn, (String[]) set.toArray(new String[set.size()]));
            }
            if (read == null) {
                this.debug.error(new StringBuffer().append("getAttributes: unable to find dn:").append(dn).append(" to retrieve its attributes.").toString());
                this.connPool.close(connection);
                throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, "211", new Object[]{CLASS_NAME, dn});
            }
            LDAPAttributeSet attributeSet = read.getAttributeSet();
            int size = attributeSet.size();
            for (int i = 0; i < size; i++) {
                LDAPAttribute elementAt = attributeSet.elementAt(i);
                if (elementAt != null) {
                    String name = elementAt.getName();
                    if (this.debug.messageEnabled()) {
                        this.debug.message(new StringBuffer().append("  LDAPv3Repo: after read: attrName=").append(name).toString());
                    }
                    if (set2 == null || set2.contains(name.toLowerCase())) {
                        HashSet hashSet2 = new HashSet();
                        if (z) {
                            Enumeration stringValues = elementAt.getStringValues();
                            while (stringValues != null && stringValues.hasMoreElements()) {
                                hashSet2.add((String) stringValues.nextElement());
                            }
                            hashMap.put(name.toLowerCase(), hashSet2);
                        } else {
                            byte[][] byteValueArray = elementAt.getByteValueArray();
                            hashMap.put(name, byteValueArray);
                            if (this.debug.messageEnabled()) {
                                this.debug.message(new StringBuffer().append("   getAttribute binary: values=").append(byteValueArray).toString());
                            }
                        }
                    }
                }
            }
            this.connPool.close(connection);
            if (this.debug.messageEnabled()) {
                this.debug.message(new StringBuffer().append("LDAPv3Repo: getAttributes returns theAttrMap: ").append(hashMap).toString());
            }
            return hashMap;
        } catch (LDAPException e) {
            String lDAPErrorMessage = e.getLDAPErrorMessage();
            if (this.debug.warningEnabled()) {
                this.debug.warning(new StringBuffer().append("LDAPv3Repo.getAttributes failed. errorCode=").append(e.getLDAPResultCode()).append(CCDateTimeBase.DEFAULT_TIME_VALUE).append(lDAPErrorMessage).toString());
            }
            this.connPool.close(connection);
            int lDAPResultCode = e.getLDAPResultCode();
            Object[] objArr = {CLASS_NAME, Integer.toString(lDAPResultCode)};
            if (lDAPResultCode == 80 || lDAPResultCode == 81 || lDAPResultCode == 82) {
                throw new IdRepoFatalException(IdRepoBundle.BUNDLE_NAME, "306", objArr);
            }
            if (lDAPResultCode != 32) {
                throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, "306", objArr);
            }
            objArr[0] = CLASS_NAME;
            objArr[1] = dn;
            throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, "220", objArr);
        }
    }

    @Override // com.sun.identity.idm.IdRepo
    public Map getAttributes(SSOToken sSOToken, IdType idType, String str) throws IdRepoException, SSOException {
        if (this.debug.messageEnabled()) {
            this.debug.message(new StringBuffer().append("LDAPv3Repo: getAttributes called: ").append(idType).append(": ").append(str).toString());
        }
        return getAttributes(sSOToken, idType, str, null);
    }

    @Override // com.sun.identity.idm.IdRepo
    public Map getBinaryAttributes(SSOToken sSOToken, IdType idType, String str, Set set) throws IdRepoException, SSOException {
        if (this.debug.messageEnabled()) {
            this.debug.message("getBinaryAttributes: ...");
        }
        return getAttributes(sSOToken, idType, str, set, false);
    }

    @Override // com.sun.identity.idm.IdRepo
    public void setBinaryAttributes(SSOToken sSOToken, IdType idType, String str, Map map, boolean z) throws IdRepoException, SSOException {
        if (this.debug.messageEnabled()) {
            this.debug.message(new StringBuffer().append("setBinaryAttributes: type:").append(idType).append("; name=").append(str).append("; attributes=").append(map).append("; isAdd:").append(z).toString());
        }
        setAttributes(sSOToken, idType, str, map, z, false);
    }

    private Set findDynamicGroupMembersByUrl(LDAPUrl lDAPUrl) throws IdRepoException {
        LDAPConnection connection = this.connPool.getConnection();
        if (this.cacheEnabled) {
            connection.setCache(this.ldapCache);
        }
        LDAPSearchConstraints searchConstraints = connection.getSearchConstraints();
        searchConstraints.setMaxResults(this.defaultMaxResults);
        searchConstraints.setServerTimeLimit(this.timeLimit);
        HashSet hashSet = new HashSet();
        try {
            try {
                if (this.debug.messageEnabled()) {
                    this.debug.message(new StringBuffer().append("search filter in LDAPGroups : ").append(lDAPUrl.getFilter()).toString());
                }
                LDAPSearchResults search = connection.search(lDAPUrl.getDN(), lDAPUrl.getScope(), lDAPUrl.getFilter(), (String[]) null, false, searchConstraints);
                while (search.hasMoreElements()) {
                    try {
                        LDAPEntry next = search.next();
                        if (next != null) {
                            hashSet.add(next.getDN());
                        }
                    } catch (LDAPException e) {
                        throw new IdRepoException(e.errorCodeToString());
                    } catch (LDAPReferralException e2) {
                    }
                }
                return hashSet;
            } catch (LDAPException e3) {
                int lDAPResultCode = e3.getLDAPResultCode();
                e3.getLDAPErrorMessage();
                this.debug.error(new StringBuffer().append("LDAPv3Repo: findDynamicGroupMembersByUrl. ld.search error: ").append(lDAPResultCode).toString());
                if (this.debug.messageEnabled()) {
                    this.debug.error("LDAPv3Repo: findDynamicGroupMembersByUrl failed", e3);
                }
                Object[] objArr = {CLASS_NAME, Integer.toString(lDAPResultCode)};
                if (lDAPResultCode == 80 || lDAPResultCode == 81 || lDAPResultCode == 82) {
                    throw new IdRepoFatalException(IdRepoBundle.BUNDLE_NAME, "306", objArr);
                }
                throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, "306", objArr);
            }
        } finally {
            this.connPool.close(connection);
        }
    }

    private Set getGroupMembers(SSOToken sSOToken, IdType idType, String str, IdType idType2) throws IdRepoException, SSOException {
        HashSet hashSet = new HashSet();
        try {
            String dn = getDN(idType, str);
            LDAPConnection connection = this.connPool.getConnection();
            if (this.cacheEnabled) {
                connection.setCache(this.ldapCache);
            }
            try {
                LDAPEntry read = connection.read(dn);
                LDAPAttribute attribute = read.getAttribute(this.uniqueMemberAttr);
                if (attribute != null) {
                    Enumeration stringValues = attribute.getStringValues();
                    while (stringValues != null && stringValues.hasMoreElements()) {
                        hashSet.add((String) stringValues.nextElement());
                    }
                } else {
                    LDAPAttribute attribute2 = read.getAttribute(this.memberURLAttr);
                    if (attribute2 != null) {
                        Enumeration stringValues2 = attribute2.getStringValues();
                        while (stringValues2 != null && stringValues2.hasMoreElements()) {
                            try {
                                hashSet.addAll(findDynamicGroupMembersByUrl(new LDAPUrl((String) stringValues2.nextElement())));
                            } catch (MalformedURLException e) {
                                throw new IdRepoException("MalformedURLException");
                            }
                        }
                    }
                }
                return hashSet;
            } catch (LDAPException e2) {
                this.debug.error(new StringBuffer().append("LDAPGroups: invalid group name ").append(str).toString());
                int lDAPResultCode = e2.getLDAPResultCode();
                if (this.debug.messageEnabled()) {
                    this.debug.message(new StringBuffer().append("LDAPGroups: invalid group name ").append(str).toString(), e2);
                }
                Object[] objArr = {CLASS_NAME, Integer.toString(lDAPResultCode)};
                if (lDAPResultCode == 80 || lDAPResultCode == 81 || lDAPResultCode == 82) {
                    throw new IdRepoFatalException(IdRepoBundle.BUNDLE_NAME, "306", objArr);
                }
                return null;
            } finally {
                this.connPool.close(connection);
            }
        } catch (IdRepoUnsupportedOpException e3) {
            return null;
        } catch (IdRepoException e4) {
            return null;
        }
    }

    private Set getManagedRoleMembers(SSOToken sSOToken, IdType idType, String str, IdType idType2) throws IdRepoException, SSOException {
        LDAPConnection connection = this.connPool.getConnection();
        if (this.cacheEnabled) {
            connection.setCache(this.ldapCache);
        }
        LDAPSearchConstraints searchConstraints = connection.getSearchConstraints();
        searchConstraints.setMaxResults(this.defaultMaxResults);
        searchConstraints.setServerTimeLimit(this.timeLimit);
        HashSet hashSet = new HashSet();
        try {
            String stringBuffer = new StringBuffer().append("(").append(this.nsRoleDNAttr).append("=").append(getDN(idType, str)).append(")").toString();
            if (this.debug.messageEnabled()) {
                this.debug.message(new StringBuffer().append("search filter in getManagedRoleMembers: ").append(stringBuffer).toString());
            }
            LDAPSearchResults search = connection.search(this.orgDN, this.roleSearchScope, stringBuffer, (String[]) null, false, searchConstraints);
            while (search.hasMoreElements()) {
                try {
                    LDAPEntry next = search.next();
                    if (next != null) {
                        hashSet.add(next.getDN());
                    }
                } catch (LDAPException e) {
                    this.connPool.close(connection);
                    int lDAPResultCode = e.getLDAPResultCode();
                    if (lDAPResultCode == 3 || lDAPResultCode == 4) {
                        if (this.debug.messageEnabled()) {
                            this.debug.message(new StringBuffer().append("LDAPv3Plugin: getManagedRoleMembers search iteration size/time limit reached: ").append(e.getMessage()).toString());
                        }
                        return hashSet;
                    }
                    if (this.debug.messageEnabled()) {
                        this.debug.message("LDAPv3Plugin: getManagedRoleMembers search iteration exception", e);
                    }
                    Object[] objArr = {CLASS_NAME, Integer.toString(lDAPResultCode)};
                    if (lDAPResultCode == 80 || lDAPResultCode == 81 || lDAPResultCode == 82) {
                        throw new IdRepoFatalException(IdRepoBundle.BUNDLE_NAME, "306", objArr);
                    }
                    throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, "306", objArr);
                } catch (LDAPReferralException e2) {
                }
            }
            this.connPool.close(connection);
            return hashSet;
        } catch (LDAPException e3) {
            this.connPool.close(connection);
            int lDAPResultCode2 = e3.getLDAPResultCode();
            this.debug.error(new StringBuffer().append("LDAPv3Repo: getManagedRoleMembers, ld.search error").append(lDAPResultCode2).toString());
            if (this.debug.messageEnabled()) {
                this.debug.error("LDAPv3Repo: getManagedRoleMembers, ld.search error", e3);
            }
            Object[] objArr2 = {CLASS_NAME, Integer.toString(lDAPResultCode2)};
            if (lDAPResultCode2 == 80 || lDAPResultCode2 == 81 || lDAPResultCode2 == 82) {
                throw new IdRepoFatalException(IdRepoBundle.BUNDLE_NAME, "306", objArr2);
            }
            throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, "306", objArr2);
        }
    }

    private Set getFilteredRoleMembers(SSOToken sSOToken, IdType idType, String str, IdType idType2) throws IdRepoException, SSOException {
        LDAPConnection connection = this.connPool.getConnection();
        if (this.cacheEnabled) {
            connection.setCache(this.ldapCache);
        }
        LDAPSearchConstraints searchConstraints = connection.getSearchConstraints();
        searchConstraints.setMaxResults(this.defaultMaxResults);
        searchConstraints.setServerTimeLimit(this.timeLimit);
        String[] strArr = {this.nsRoleFilterAttr};
        HashSet hashSet = new HashSet();
        try {
            LDAPAttribute attribute = connection.read(getDN(idType, str), strArr).getAttribute(this.nsRoleFilterAttr);
            if (attribute != null) {
                Enumeration stringValues = attribute.getStringValues();
                while (stringValues != null && stringValues.hasMoreElements()) {
                    LDAPSearchResults search = connection.search(this.orgDN, this.roleSearchScope, (String) stringValues.nextElement(), (String[]) null, false, searchConstraints);
                    while (search.hasMoreElements()) {
                        try {
                            LDAPEntry next = search.next();
                            if (next != null) {
                                hashSet.add(next.getDN());
                            }
                        } catch (LDAPException e) {
                            this.connPool.close(connection);
                            int lDAPResultCode = e.getLDAPResultCode();
                            if (lDAPResultCode == 3 || lDAPResultCode == 4) {
                                if (this.debug.messageEnabled()) {
                                    this.debug.message(new StringBuffer().append("LDAPv3Plugin: getManagedRoleMembers search iteration size/time limit reached: ").append(e.getMessage()).toString());
                                }
                                return hashSet;
                            }
                            if (this.debug.messageEnabled()) {
                                this.debug.message("LDAPv3Repo: getFilteredRoleMembers iteration exception", e);
                            }
                            Object[] objArr = {CLASS_NAME, Integer.toString(lDAPResultCode)};
                            if (lDAPResultCode == 80 || lDAPResultCode == 81 || lDAPResultCode == 82) {
                                throw new IdRepoFatalException(IdRepoBundle.BUNDLE_NAME, "306", objArr);
                            }
                            throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, "306", objArr);
                        } catch (LDAPReferralException e2) {
                        }
                    }
                }
            }
            this.connPool.close(connection);
            return hashSet;
        } catch (LDAPException e3) {
            this.connPool.close(connection);
            int lDAPResultCode2 = e3.getLDAPResultCode();
            this.debug.error(new StringBuffer().append("LDAPv3Repo: getFilteredRoleMembers, ld.read").append(lDAPResultCode2).toString());
            if (this.debug.messageEnabled()) {
                this.debug.message("LDAPv3Repo: getFilteredRoleMembers, ld.read", e3);
            }
            Object[] objArr2 = {CLASS_NAME, Integer.toString(lDAPResultCode2)};
            if (lDAPResultCode2 == 80 || lDAPResultCode2 == 81 || lDAPResultCode2 == 82) {
                throw new IdRepoFatalException(IdRepoBundle.BUNDLE_NAME, "306", objArr2);
            }
            throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, "306", objArr2);
        }
    }

    @Override // com.sun.identity.idm.IdRepo
    public Set getMembers(SSOToken sSOToken, IdType idType, String str, IdType idType2) throws IdRepoException, SSOException {
        Set filteredRoleMembers;
        if (this.debug.messageEnabled()) {
            this.debug.message(new StringBuffer().append("LDAPv3Repo: getMembers called").append(idType).append(": ").append(str).append(": ").append(idType2).toString());
        }
        if (idType.equals(IdType.USER) || idType.equals(IdType.AGENT)) {
            this.debug.error("AMSDKRepo: Membership operation is not supported  for Users or Agents");
            throw new IdRepoException(IdRepoBundle.getString("203"), "203");
        }
        if (idType.equals(IdType.GROUP)) {
            if (!idType2.equals(IdType.USER)) {
                this.debug.error(new StringBuffer().append("AMSDKRepo: Groups do not supported membership for ").append(idType2.getName()).toString());
                throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, "204", new Object[]{CLASS_NAME, idType2.getName(), idType.getName()});
            }
            filteredRoleMembers = getGroupMembers(sSOToken, idType, str, idType2);
        } else if (idType.equals(IdType.ROLE)) {
            if (!idType2.equals(IdType.USER)) {
                throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, "204", new Object[]{CLASS_NAME, idType2.getName(), idType.getName()});
            }
            filteredRoleMembers = getManagedRoleMembers(sSOToken, idType, str, idType2);
        } else {
            if (!idType.equals(IdType.FILTEREDROLE)) {
                throw new IdRepoUnsupportedOpException(IdRepoBundle.BUNDLE_NAME, "305", new Object[]{CLASS_NAME, IdOperation.READ.getName(), idType.getName()});
            }
            if (!idType2.equals(IdType.USER)) {
                throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, "204", new Object[]{CLASS_NAME, idType2.getName(), idType.getName()});
            }
            filteredRoleMembers = getFilteredRoleMembers(sSOToken, idType, str, idType2);
        }
        return filteredRoleMembers;
    }

    private Set getGroupMemberShips(SSOToken sSOToken, IdType idType, String str, IdType idType2) throws IdRepoException, SSOException {
        LDAPConnection connection = this.connPool.getConnection();
        if (this.cacheEnabled) {
            connection.setCache(this.ldapCache);
        }
        LDAPSearchConstraints searchConstraints = connection.getSearchConstraints();
        searchConstraints.setMaxResults(this.defaultMaxResults);
        searchConstraints.setServerTimeLimit(this.timeLimit);
        String[] strArr = {this.memberOfAttr};
        HashSet hashSet = new HashSet();
        try {
            try {
                LDAPAttribute attribute = connection.read(getDN(idType, str), strArr).getAttribute(this.memberOfAttr);
                if (attribute != null) {
                    Enumeration stringValues = attribute.getStringValues();
                    while (stringValues != null) {
                        if (!stringValues.hasMoreElements()) {
                            break;
                        }
                        hashSet.add((String) stringValues.nextElement());
                    }
                }
                return hashSet;
            } catch (LDAPException e) {
                int lDAPResultCode = e.getLDAPResultCode();
                this.debug.error(new StringBuffer().append("LDAPv3Repo: getGroupMemberShips. ld.read error: ").append(lDAPResultCode).toString());
                if (this.debug.messageEnabled()) {
                    this.debug.message("LDAPv3Repo: getGroupMemberShips. ld.read error", e);
                }
                Object[] objArr = {CLASS_NAME, Integer.toString(lDAPResultCode)};
                if (lDAPResultCode == 80 || lDAPResultCode == 81 || lDAPResultCode == 82) {
                    throw new IdRepoFatalException(IdRepoBundle.BUNDLE_NAME, "306", objArr);
                }
                throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, "306", objArr);
            }
        } finally {
            this.connPool.close(connection);
        }
    }

    private Set getManagedRoleMemberShips(SSOToken sSOToken, IdType idType, String str, IdType idType2) throws IdRepoException, SSOException {
        if (this.debug.messageEnabled()) {
            this.debug.message(new StringBuffer().append("LDAPv3Repo getManagedRoleMemberShips entered  type=").append(idType).append("; name=").append(str).append("; membershipType=").append(idType2).toString());
        }
        LDAPConnection connection = this.connPool.getConnection();
        if (this.cacheEnabled) {
            connection.setCache(this.ldapCache);
        }
        LDAPSearchConstraints searchConstraints = connection.getSearchConstraints();
        searchConstraints.setMaxResults(this.defaultMaxResults);
        searchConstraints.setServerTimeLimit(this.timeLimit);
        String[] strArr = {this.nsRoleDNAttr};
        HashSet hashSet = new HashSet();
        try {
            try {
                LDAPAttribute attribute = connection.read(getDN(idType, str), strArr).getAttribute(this.nsRoleDNAttr);
                if (attribute != null) {
                    Enumeration stringValues = attribute.getStringValues();
                    while (stringValues != null) {
                        if (!stringValues.hasMoreElements()) {
                            break;
                        }
                        hashSet.add((String) stringValues.nextElement());
                    }
                }
                if (this.debug.messageEnabled()) {
                    this.debug.message(new StringBuffer().append("LDAPv3Repo getManagedRoleMemberShips exit results=").append(hashSet).toString());
                }
                return hashSet;
            } catch (LDAPException e) {
                int lDAPResultCode = e.getLDAPResultCode();
                this.debug.error(new StringBuffer().append("LDAPv3Repo: getManagedRoleMemberShips. ld.read error").append(lDAPResultCode).toString());
                if (this.debug.messageEnabled()) {
                    this.debug.message("LDAPv3Repo: getManagedRoleMemberShips. ld.read error", e);
                }
                Object[] objArr = {CLASS_NAME, Integer.toString(lDAPResultCode)};
                if (lDAPResultCode == 80 || lDAPResultCode == 81 || lDAPResultCode == 82) {
                    throw new IdRepoFatalException(IdRepoBundle.BUNDLE_NAME, "306", objArr);
                }
                throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, "306", objArr);
            }
        } finally {
            this.connPool.close(connection);
        }
    }

    private Set getFilteredRoleMemberShips(SSOToken sSOToken, IdType idType, String str, IdType idType2) throws IdRepoException, SSOException {
        if (this.debug.messageEnabled()) {
            this.debug.message(new StringBuffer().append("LDAPv3Repo: getFilteredRoleMemberShips entry name=").append(str).append("; type=").append(idType).append("; membershipType=").append(idType2).toString());
        }
        LDAPConnection connection = this.connPool.getConnection();
        if (this.cacheEnabled) {
            connection.setCache(this.ldapCache);
        }
        LDAPSearchConstraints searchConstraints = connection.getSearchConstraints();
        searchConstraints.setMaxResults(this.defaultMaxResults);
        searchConstraints.setServerTimeLimit(this.timeLimit);
        String[] strArr = {this.nsRoleAttr};
        HashSet<String> hashSet = new HashSet();
        try {
            try {
                LDAPAttribute attribute = connection.read(getDN(idType, str), strArr).getAttribute(this.nsRoleAttr);
                if (attribute != null) {
                    Enumeration stringValues = attribute.getStringValues();
                    while (stringValues != null && stringValues.hasMoreElements()) {
                        hashSet.add((String) stringValues.nextElement());
                    }
                }
                Set managedRoleMemberShips = getManagedRoleMemberShips(sSOToken, idType, str, idType2);
                if (this.debug.messageEnabled()) {
                    this.debug.message(new StringBuffer().append("    managedRoleDNs=").append(managedRoleMemberShips).toString());
                    this.debug.message(new StringBuffer().append("    allRoleDNs=").append(hashSet).toString());
                }
                HashSet hashSet2 = new HashSet();
                Iterator it = managedRoleMemberShips.iterator();
                while (it.hasNext()) {
                    hashSet2.add(new DN((String) it.next()).toRFCString().toLowerCase());
                }
                HashSet hashSet3 = new HashSet();
                for (String str2 : hashSet) {
                    if (!hashSet2.contains(new DN(str2).toRFCString().toLowerCase())) {
                        hashSet3.add(str2);
                    }
                }
                if (this.debug.messageEnabled()) {
                    this.debug.message(new StringBuffer().append("LDAPv3Repo: getFilteredRoleMemberShips exit result =").append(hashSet3).toString());
                }
                return hashSet3;
            } catch (LDAPException e) {
                int lDAPResultCode = e.getLDAPResultCode();
                this.debug.error(new StringBuffer().append("LDAPv3Repo: getFilteredRoleMemberShips: ld.read: error").append(lDAPResultCode).toString());
                if (this.debug.messageEnabled()) {
                    this.debug.error("LDAPv3Repo: getFilteredRoleMemberShips: ld.read: error", e);
                }
                Object[] objArr = {CLASS_NAME, Integer.toString(lDAPResultCode)};
                if (lDAPResultCode == 80 || lDAPResultCode == 81 || lDAPResultCode == 82) {
                    throw new IdRepoFatalException(IdRepoBundle.BUNDLE_NAME, "306", objArr);
                }
                throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, "306", objArr);
            }
        } finally {
            this.connPool.close(connection);
        }
    }

    @Override // com.sun.identity.idm.IdRepo
    public Set getMemberships(SSOToken sSOToken, IdType idType, String str, IdType idType2) throws IdRepoException, SSOException {
        Set filteredRoleMemberShips;
        if (this.debug.messageEnabled()) {
            this.debug.message(new StringBuffer().append("LDAPv3Repo: getMemberships called").append(idType).append(": ").append(str).append(": ").append(idType2).toString());
        }
        if (!idType.equals(IdType.USER) && !idType.equals(IdType.AGENT)) {
            this.debug.error("AMSDKRepo: Membership for identities other than  Users is not allowed ");
            throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, "206", new Object[]{CLASS_NAME});
        }
        if (idType2.equals(IdType.GROUP)) {
            filteredRoleMemberShips = getGroupMemberShips(sSOToken, idType, str, idType2);
        } else if (idType2.equals(IdType.ROLE)) {
            filteredRoleMemberShips = getManagedRoleMemberShips(sSOToken, idType, str, idType2);
        } else {
            if (!idType2.equals(IdType.FILTEREDROLE)) {
                this.debug.error("AMSDKRepo: Membership for other types of entities not supported for Users");
                throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, "204", new Object[]{CLASS_NAME, idType.getName(), idType2.getName()});
            }
            filteredRoleMemberShips = getFilteredRoleMemberShips(sSOToken, idType, str, idType2);
        }
        if (this.debug.messageEnabled()) {
            this.debug.message(new StringBuffer().append("LDAPv3Repo: getMemberships exit: results=").append(filteredRoleMemberShips).toString());
        }
        return filteredRoleMemberShips;
    }

    private void modifyGroupMembership(SSOToken sSOToken, IdType idType, String str, Set set, IdType idType2, int i) throws IdRepoException, SSOException {
        String dn = getDN(idType, str);
        LDAPConnection connection = this.connPool.getConnection();
        if (this.cacheEnabled) {
            connection.setCache(this.ldapCache);
        }
        Iterator it = set.iterator();
        while (it.hasNext()) {
            String str2 = (String) it.next();
            LDAPAttribute lDAPAttribute = new LDAPAttribute(this.uniqueMemberAttr, str2);
            LDAPAttribute lDAPAttribute2 = new LDAPAttribute(this.memberOfAttr, dn);
            LDAPModification lDAPModification = null;
            LDAPModification lDAPModification2 = null;
            switch (i) {
                case 1:
                    lDAPModification = new LDAPModification(0, lDAPAttribute);
                    lDAPModification2 = new LDAPModification(0, lDAPAttribute2);
                    try {
                        connection.modify(dn, lDAPModification);
                        connection.modify(str2, lDAPModification2);
                    } catch (LDAPException e) {
                        int lDAPResultCode = e.getLDAPResultCode();
                        this.debug.error(new StringBuffer().append("LDAPv3Repo: modifyGroupMembership ld.modify: ").append(lDAPResultCode).append(" groupDN = ").append(dn).append(" userDN= ").append(str2).toString());
                        this.connPool.close(connection);
                        if (this.debug.messageEnabled()) {
                            this.debug.error("LDAPv3Repo: modifyGroupMembership ld.modify", e);
                        }
                        Object[] objArr = {CLASS_NAME, Integer.toString(lDAPResultCode)};
                        if (lDAPResultCode != 80 && lDAPResultCode != 81 && lDAPResultCode != 82) {
                            throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, "306", objArr);
                        }
                        throw new IdRepoFatalException(IdRepoBundle.BUNDLE_NAME, "306", objArr);
                    }
                    break;
                case 2:
                    lDAPModification = new LDAPModification(1, lDAPAttribute);
                    lDAPModification2 = new LDAPModification(1, lDAPAttribute2);
                    connection.modify(dn, lDAPModification);
                    connection.modify(str2, lDAPModification2);
                default:
                    connection.modify(dn, lDAPModification);
                    connection.modify(str2, lDAPModification2);
            }
        }
        this.connPool.close(connection);
    }

    private void modifyRoleMembership(SSOToken sSOToken, IdType idType, String str, Set set, IdType idType2, int i) throws IdRepoException, SSOException {
        String dn = getDN(idType, str);
        LDAPConnection connection = this.connPool.getConnection();
        if (this.cacheEnabled) {
            connection.setCache(this.ldapCache);
        }
        Iterator it = set.iterator();
        while (it.hasNext()) {
            LDAPModification lDAPModification = null;
            String str2 = (String) it.next();
            LDAPAttribute lDAPAttribute = new LDAPAttribute(this.nsRoleDNAttr, dn);
            switch (i) {
                case 1:
                    lDAPModification = new LDAPModification(0, lDAPAttribute);
                    try {
                        connection.modify(str2, lDAPModification);
                    } catch (LDAPException e) {
                        int lDAPResultCode = e.getLDAPResultCode();
                        this.debug.error(new StringBuffer().append("LDAPv3Repo: modifyRoleMembership ld.modify: ").append(lDAPResultCode).append(" userDN= ").append(str2).append(" roleDN= ").append(dn).toString());
                        if (this.debug.messageEnabled()) {
                            this.debug.error("LDAPv3Repo: modifyRoleMembership ld.modify", e);
                        }
                        this.connPool.close(connection);
                        Object[] objArr = {CLASS_NAME, Integer.toString(lDAPResultCode)};
                        if (lDAPResultCode != 80 && lDAPResultCode != 81 && lDAPResultCode != 82) {
                            throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, "306", objArr);
                        }
                        throw new IdRepoFatalException(IdRepoBundle.BUNDLE_NAME, "306", objArr);
                    }
                    break;
                case 2:
                    lDAPModification = new LDAPModification(1, lDAPAttribute);
                    connection.modify(str2, lDAPModification);
                default:
                    connection.modify(str2, lDAPModification);
            }
        }
        this.connPool.close(connection);
    }

    @Override // com.sun.identity.idm.IdRepo
    public void modifyMemberShip(SSOToken sSOToken, IdType idType, String str, Set set, IdType idType2, int i) throws IdRepoException, SSOException {
        if (this.debug.messageEnabled()) {
            this.debug.message(new StringBuffer().append("LDAPv3Repo: modifyMemberShip called ").append(idType).append("; name= ").append(str).append("; members= ").append(set).append("; membersType= ").append(idType2).append("; operation= ").append(i).toString());
        }
        if (set == null || set.isEmpty()) {
            if (this.debug.messageEnabled()) {
                this.debug.message("LDAPv3Repo.modifyMemberShip: Members set is empty");
            }
            throw new IdRepoException(IdRepoBundle.getString("201"), "201");
        }
        if (idType.equals(IdType.USER) || idType.equals(IdType.AGENT)) {
            if (this.debug.messageEnabled()) {
                this.debug.message("LDAPv3Repo.modifyMembership: Memberhsip to users and agents is not supported");
            }
            throw new IdRepoException(IdRepoBundle.getString("203"), "203");
        }
        if (!idType2.equals(IdType.USER)) {
            if (this.debug.messageEnabled()) {
                this.debug.message(new StringBuffer().append("LDAPv3Repo.modifyMembership: A non-user type cannot  be made a member of any identity").append(idType2.getName()).toString());
            }
            Object[] objArr = {CLASS_NAME};
            throw new IdRepoException(IdRepoBundle.getString("206", objArr), "206", objArr);
        }
        HashSet hashSet = new HashSet();
        Iterator it = set.iterator();
        while (it.hasNext()) {
            hashSet.add(getDN(idType2, (String) it.next()));
        }
        if (idType.equals(IdType.GROUP)) {
            modifyGroupMembership(sSOToken, idType, str, hashSet, idType2, i);
        } else if (idType.equals(IdType.ROLE)) {
            modifyRoleMembership(sSOToken, idType, str, hashSet, idType2, i);
        } else {
            this.debug.error(new StringBuffer().append("AMSDKRepo.modifyMembership: Memberships cannot bemodified for type= ").append(idType.getName()).toString());
            throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, "209", new Object[]{CLASS_NAME, idType.getName()});
        }
    }

    /*  JADX ERROR: JadxRuntimeException in pass: BlockSplitter
        jadx.core.utils.exceptions.JadxRuntimeException: Incorrect nodes count for selectOther: B:63:0x01db in [B:40:0x012d, B:63:0x01db, B:41:0x0130, B:59:0x01d3]
        	at jadx.core.utils.BlockUtils.selectOther(BlockUtils.java:64)
        	at jadx.core.dex.visitors.blocks.ResolveJavaJSR.processBlocks(ResolveJavaJSR.java:101)
        	at jadx.core.dex.visitors.blocks.ResolveJavaJSR.lambda$resolveForRetBlock$1(ResolveJavaJSR.java:59)
        	at jadx.core.utils.BlockUtils.traversePredecessors(BlockUtils.java:548)
        	at jadx.core.utils.BlockUtils.visitPredecessorsUntil(BlockUtils.java:536)
        	at jadx.core.dex.visitors.blocks.ResolveJavaJSR.resolveForRetBlock(ResolveJavaJSR.java:52)
        	at jadx.core.dex.visitors.blocks.ResolveJavaJSR.resolve(ResolveJavaJSR.java:42)
        	at jadx.core.dex.visitors.blocks.ResolveJavaJSR.process(ResolveJavaJSR.java:27)
        	at jadx.core.dex.visitors.blocks.BlockSplitter.visit(BlockSplitter.java:72)
        */
    @Override // com.sun.identity.idm.IdRepo
    public void removeAttributes(com.iplanet.sso.SSOToken r7, com.sun.identity.idm.IdType r8, java.lang.String r9, java.util.Set r10) throws com.sun.identity.idm.IdRepoException, com.iplanet.sso.SSOException {
        /*
            Method dump skipped, instructions count: 489
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.sun.identity.idm.plugins.ldapv3.LDAPv3Repo.removeAttributes(com.iplanet.sso.SSOToken, com.sun.identity.idm.IdType, java.lang.String, java.util.Set):void");
    }

    @Override // com.sun.identity.idm.IdRepo
    public RepoSearchResults search(SSOToken sSOToken, IdType idType, String str, int i, int i2, Set set, boolean z, int i3, Map map, boolean z2) throws IdRepoException, SSOException {
        String[] strArr;
        Enumeration stringValues;
        if (this.debug.messageEnabled()) {
            this.debug.message(new StringBuffer().append("LDAPv3Repo: new search called:type:").append(idType).append(" ;pattern:").append(str).append(" ;avPairs: ").append(map).toString());
            this.debug.message(new StringBuffer().append("  cont LDAPv3Repo: search: maxTime:").append(i).append(" ;maxResults:").append(i2).append(" ;returnAttrs: ").append(set).toString());
            this.debug.message(new StringBuffer().append("  cont LDAPv3Repo: search:returnAllAttrs:").append(z).append(" ;filterOp:").append(i3).append(" ;recursive:").append(z2).append(" ;returnAttrs: ").append(set).toString());
        }
        String baseDN = getBaseDN(idType);
        int i4 = z2 ? 2 : 1;
        LDAPConnection connection = this.connPool.getConnection();
        if (this.cacheEnabled) {
            connection.setCache(this.ldapCache);
        }
        LDAPSearchConstraints lDAPSearchConstraints = new LDAPSearchConstraints();
        if (i2 < 1) {
            lDAPSearchConstraints.setMaxResults(this.defaultMaxResults);
        } else {
            lDAPSearchConstraints.setMaxResults(i2);
        }
        if (i < 1) {
            lDAPSearchConstraints.setServerTimeLimit(this.timeLimit);
        } else {
            lDAPSearchConstraints.setServerTimeLimit(i * ClusterStateService.DEFAULT_TIMEOUT);
        }
        String namingAttr = getNamingAttr(idType);
        if (z) {
            strArr = new String[]{"*"};
        } else if (set == null || set.isEmpty()) {
            strArr = new String[]{namingAttr};
        } else {
            set.add(namingAttr);
            strArr = (String[]) set.toArray(new String[set.size()]);
        }
        String objClassFilter = getObjClassFilter(idType);
        StringBuffer stringBuffer = new StringBuffer();
        if (i3 == 0) {
            stringBuffer.append("(|");
        } else if (i3 == 1) {
            stringBuffer.append("(&");
        }
        stringBuffer.append("(&").append(constructFilter(namingAttr, objClassFilter, str));
        if (map != null && map.size() > 0) {
            stringBuffer.append(constructFilter(map));
        }
        stringBuffer.append(")");
        if (i3 == 1 || i3 == 0) {
            stringBuffer.append(")");
        }
        if (this.debug.messageEnabled()) {
            this.debug.message(new StringBuffer().append("LDAPv3Repo: before ld.search call:filterSB:").append((Object) stringBuffer).append(" ; base:").append(baseDN).toString());
            if (strArr != null) {
                this.debug.message(new StringBuffer().append("          theAttr[0]: ").append(strArr[0]).toString());
            } else {
                this.debug.message("          theAttr[0]:=null");
            }
        }
        try {
            LDAPSearchResults search = connection.search(baseDN, i4, stringBuffer.toString(), strArr, false, lDAPSearchConstraints);
            int i5 = 0;
            HashMap hashMap = new HashMap();
            HashSet hashSet = new HashSet();
            while (search.hasMoreElements()) {
                try {
                    LDAPEntry next = search.next();
                    String dn = next.getDN();
                    HashMap hashMap2 = new HashMap();
                    if (z) {
                        LDAPAttributeSet attributeSet = next.getAttributeSet();
                        int size = attributeSet.size();
                        for (int i6 = 0; i6 < size; i6++) {
                            LDAPAttribute elementAt = attributeSet.elementAt(i6);
                            if (elementAt != null) {
                                String name = elementAt.getName();
                                HashSet hashSet2 = new HashSet();
                                Enumeration stringValues2 = elementAt.getStringValues();
                                while (stringValues2 != null && stringValues2.hasMoreElements()) {
                                    hashSet2.add((String) stringValues2.nextElement());
                                }
                                hashMap2.put(name, hashSet2);
                            }
                        }
                        Set set2 = (Set) hashMap2.get(namingAttr);
                        String str2 = dn;
                        if (dn != null && DN.isDN(dn) && dn.toLowerCase().startsWith(namingAttr.toLowerCase())) {
                            str2 = new DN(dn).explodeDN(true)[0];
                        } else if (set2 != null && !set2.isEmpty()) {
                            str2 = (String) set2.iterator().next();
                        }
                        hashSet.add(str2);
                        hashMap.put(str2, hashMap2);
                        if (this.debug.messageEnabled()) {
                            this.debug.message(new StringBuffer().append("  search1 idName=").append(str2).append(";  attrEntryMap=").append(hashMap2).toString());
                        }
                    } else if (set == null || set.isEmpty()) {
                        String str3 = dn;
                        LDAPAttribute attribute = next.getAttribute(namingAttr);
                        if (dn != null && DN.isDN(dn) && dn.toLowerCase().startsWith(namingAttr.toLowerCase())) {
                            str3 = new DN(dn).explodeDN(true)[0];
                        } else if (attribute != null && (stringValues = attribute.getStringValues()) != null && stringValues.hasMoreElements()) {
                            str3 = (String) stringValues.nextElement();
                        }
                        hashSet.add(str3);
                        if (this.debug.messageEnabled()) {
                            this.debug.message(new StringBuffer().append("  search3 idName=").append(str3).append(";  allEntries=").append(hashSet).toString());
                        }
                    } else {
                        Iterator it = set.iterator();
                        while (it.hasNext()) {
                            String str4 = (String) it.next();
                            LDAPAttribute attribute2 = next.getAttribute(str4);
                            HashSet hashSet3 = new HashSet();
                            if (attribute2 != null) {
                                Enumeration stringValues3 = attribute2.getStringValues();
                                while (stringValues3 != null && stringValues3.hasMoreElements()) {
                                    hashSet3.add((String) stringValues3.nextElement());
                                }
                            }
                            hashMap2.put(str4, hashSet3);
                        }
                        Set set3 = (Set) hashMap2.get(namingAttr);
                        String str5 = dn;
                        if (dn != null && DN.isDN(dn) && dn.toLowerCase().startsWith(namingAttr.toLowerCase())) {
                            str5 = new DN(dn).explodeDN(true)[0];
                        } else if (set3 != null && !set3.isEmpty()) {
                            str5 = (String) set3.iterator().next();
                        }
                        hashSet.add(str5);
                        hashMap.put(str5, hashMap2);
                        if (this.debug.messageEnabled()) {
                            this.debug.message(new StringBuffer().append("  search2 idName=").append(str5).append(";  attrEntryMap=").append(hashMap2).toString());
                        }
                    }
                } catch (LDAPException e) {
                    int lDAPResultCode = e.getLDAPResultCode();
                    switch (i5) {
                        case 3:
                            i5 = 2;
                            break;
                        case 4:
                            i5 = 1;
                            break;
                        default:
                            i5 = lDAPResultCode;
                            break;
                    }
                }
            }
            this.connPool.close(connection);
            if (this.debug.messageEnabled()) {
                this.debug.message(new StringBuffer().append("LDAPv3Repo: exit search allEntries:").append(hashSet).append(" ;allEntryMap:").append(hashMap).toString());
            }
            return new RepoSearchResults(hashSet, i5, hashMap, idType);
        } catch (LDAPException e2) {
            int lDAPResultCode2 = e2.getLDAPResultCode();
            this.connPool.close(connection);
            if (this.debug.messageEnabled()) {
                this.debug.message(new StringBuffer().append("LDAPv3Repo: search, ld.search error: ").append(lDAPResultCode2).toString());
            }
            Object[] objArr = {CLASS_NAME, Integer.toString(lDAPResultCode2)};
            if (lDAPResultCode2 == 80 || lDAPResultCode2 == 81 || lDAPResultCode2 == 82) {
                throw new IdRepoFatalException(IdRepoBundle.BUNDLE_NAME, "306", objArr);
            }
            if (lDAPResultCode2 == 32) {
                return new RepoSearchResults(new HashSet(), 0, Collections.EMPTY_MAP, idType);
            }
            throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, "306", objArr);
        }
    }

    @Override // com.sun.identity.idm.IdRepo
    public RepoSearchResults search(SSOToken sSOToken, IdType idType, String str, Map map, boolean z, int i, int i2, Set set) throws IdRepoException, SSOException {
        if (this.debug.messageEnabled()) {
            this.debug.message(new StringBuffer().append("LDAPv3Repo: old search called").append(idType).append(": ").append(str).append(": ").append(map).toString());
        }
        return search(sSOToken, idType, str, i2, i, set, true, -1, map, z);
    }

    @Override // com.sun.identity.idm.IdRepo
    public void setAttributes(SSOToken sSOToken, IdType idType, String str, Map map, boolean z) throws IdRepoException, SSOException {
        setAttributes(sSOToken, idType, str, map, z, true);
    }

    public void setAttributes(SSOToken sSOToken, IdType idType, String str, Map map, boolean z, boolean z2) throws IdRepoException, SSOException {
        Set set;
        if (this.debug.messageEnabled()) {
            this.debug.message(new StringBuffer().append("LDAPv3Repo: setAttributes called: ").append(idType).append(": ").append(str).toString());
            prtAttrMap(map);
        }
        if (map == null || map.isEmpty()) {
            if (this.debug.messageEnabled()) {
                this.debug.message("LDAPv3Repo: setAttributes. Attributes are empty");
            }
            throw new IdRepoException(IdRepoBundle.getString("201"), "201");
        }
        String dn = getDN(idType, str);
        Set set2 = null;
        if (idType.equals(IdType.USER)) {
            set2 = this.userAtttributesAllowed;
        } else if (idType.equals(IdType.AGENT)) {
            set2 = this.agentAtttributesAllowed;
        } else if (idType.equals(IdType.GROUP)) {
            set2 = this.groupAtttributesAllowed;
        } else if (idType.equals(IdType.FILTEREDROLE)) {
            set2 = this.filteredroleAtttributesAllowed;
        }
        LDAPModificationSet lDAPModificationSet = new LDAPModificationSet();
        for (String str2 : map.keySet()) {
            if (set2 == null || set2.contains(str2)) {
                if (z2) {
                    Set set3 = (Set) map.get(str2);
                    String[] strArr = set3 == null ? null : (String[]) set3.toArray(new String[set3.size()]);
                    if (set3 == null || set3.isEmpty()) {
                        lDAPModificationSet.add(2, new LDAPAttribute(str2));
                    } else {
                        LDAPAttribute lDAPAttribute = new LDAPAttribute(str2, strArr);
                        if (z) {
                            lDAPModificationSet.add(0, lDAPAttribute);
                        } else {
                            lDAPModificationSet.add(2, lDAPAttribute);
                        }
                    }
                } else {
                    byte[][] bArr = (byte[][]) map.get(str2);
                    LDAPAttribute lDAPAttribute2 = new LDAPAttribute(str2);
                    int length = bArr.length;
                    for (int i = 0; i < length; i++) {
                        if (this.debug.messageEnabled()) {
                            this.debug.message(new StringBuffer().append("setAttributes binary:").append(bArr[i]).toString());
                        }
                        lDAPAttribute2.addValue(bArr[i]);
                    }
                    if (z) {
                        lDAPModificationSet.add(0, lDAPAttribute2);
                    } else {
                        lDAPModificationSet.add(2, lDAPAttribute2);
                    }
                    if (this.debug.messageEnabled()) {
                        this.debug.message(new StringBuffer().append("setAttribute binary attrBytes:").append(bArr).toString());
                    }
                }
            }
        }
        if (lDAPModificationSet.size() == 0) {
            if (this.debug.messageEnabled()) {
                this.debug.message("LDAPv3Repo: setAttributes. LdapModSet is empty");
            }
            throw new IdRepoException(IdRepoBundle.getString("201"), "201");
        }
        if (idType.equals(IdType.USER)) {
            HashSet hashSet = new HashSet();
            HashSet hashSet2 = new HashSet();
            hashSet2.add("objectclass");
            Map attributes = getAttributes(sSOToken, idType, str, hashSet2);
            if (attributes != null && !attributes.isEmpty() && (set = (Set) attributes.values().iterator().next()) != null && !set.isEmpty()) {
                for (String str3 : this.userObjClassSet) {
                    boolean z3 = false;
                    Iterator it = set.iterator();
                    while (true) {
                        if (it.hasNext()) {
                            if (str3.equalsIgnoreCase((String) it.next())) {
                                z3 = true;
                                break;
                            }
                        } else {
                            break;
                        }
                    }
                    if (!z3) {
                        hashSet.add(str3);
                    }
                }
            }
            if (!hashSet.isEmpty()) {
                lDAPModificationSet.add(0, new LDAPAttribute("objectclass", (String[]) hashSet.toArray(new String[hashSet.size()])));
            }
        }
        LDAPConnection connection = this.connPool.getConnection();
        if (this.cacheEnabled) {
            connection.setCache(this.ldapCache);
        }
        try {
            try {
                if (this.debug.messageEnabled()) {
                    this.debug.message("LDAPv3Repo: setAttributes. Calling ld.modify");
                }
                connection.modify(dn, lDAPModificationSet);
            } catch (LDAPException e) {
                int lDAPResultCode = e.getLDAPResultCode();
                if (this.debug.warningEnabled()) {
                    this.debug.warning(new StringBuffer().append("LDAPv3Repo: setAttributes, ld.modify error: ").append(lDAPResultCode).toString(), e);
                }
                Object[] objArr = {CLASS_NAME, Integer.toString(lDAPResultCode)};
                if (lDAPResultCode == 80 || lDAPResultCode == 81 || lDAPResultCode == 82) {
                    throw new IdRepoFatalException(IdRepoBundle.BUNDLE_NAME, "306", objArr);
                }
                if (lDAPResultCode != 32) {
                    throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, "306", objArr);
                }
                objArr[0] = CLASS_NAME;
                objArr[1] = dn;
                throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, "220", objArr);
            }
        } finally {
            this.connPool.close(connection);
        }
    }

    @Override // com.sun.identity.idm.IdRepo
    public void assignService(SSOToken sSOToken, IdType idType, String str, String str2, SchemaType schemaType, Map map) throws IdRepoException, SSOException {
        if (this.debug.messageEnabled()) {
            this.debug.message(new StringBuffer().append("LDAPv3Repo: assignService called. IdType=").append(idType).append("; name=").append(str).append("; serviceName=").append(str2).append("; SchemaType=").append(schemaType).append("; attrMap=").append(map).toString());
        }
        if (idType.equals(IdType.AGENT) || idType.equals(IdType.GROUP) || idType.equals(IdType.ROLE) || idType.equals(IdType.FILTEREDROLE)) {
            throw new IdRepoUnsupportedOpException(IdRepoBundle.BUNDLE_NAME, "213", new Object[]{getClass().getName()});
        }
        if (idType.equals(IdType.USER)) {
            Set set = (Set) map.get("objectclass");
            HashSet hashSet = new HashSet(1);
            hashSet.add("objectclass");
            map.put("objectclass", AMCommonUtils.combineOCs(set, (Set) getAttributes(sSOToken, idType, str, hashSet).get("objectclass")));
            if (schemaType.equals(SchemaType.USER)) {
                setAttributes(sSOToken, idType, str, map, false);
            } else if (schemaType.equals(SchemaType.DYNAMIC)) {
                return;
            }
        } else {
            if (!idType.equals(IdType.REALM)) {
                throw new IdRepoUnsupportedOpException(IdRepoBundle.BUNDLE_NAME, "213", new Object[]{getClass().getName()});
            }
            if (this.debug.messageEnabled()) {
                this.debug.message(new StringBuffer().append("LDAPv3Repo: assignService: before myServiceMap:").append(this.myServiceMap).toString());
            }
            if (str2 == null || str2.length() <= 0 || map == null) {
                this.debug.message("LDAPv3Repo: assignService: not stored. null or 0");
            } else {
                this.myServiceMap.put(str2, new HashMap(map));
            }
            if (this.debug.messageEnabled()) {
                this.debug.message(new StringBuffer().append("LDAPv3Repo: assignService: after myServiceMap:").append(this.myServiceMap).toString());
            }
            if (this.myListener != null) {
                this.myListener.setServiceAttributes(str2, this.myServiceMap);
            }
        }
        if (this.debug.messageEnabled()) {
            this.debug.message(new StringBuffer().append("  exit assignService.  myServiceMap:").append(this.myServiceMap).toString());
        }
    }

    @Override // com.sun.identity.idm.IdRepo
    public void unassignService(SSOToken sSOToken, IdType idType, String str, String str2, Map map) throws IdRepoException, SSOException {
        if (this.debug.messageEnabled()) {
            this.debug.message(new StringBuffer().append("LDAPv3Repo: unassignService called. IdType=").append(idType).append("; name=").append(str).append("; serviceName=").append(str2).append("; attrMap=").append(map).toString());
        }
        if (idType.equals(IdType.AGENT) || idType.equals(IdType.GROUP) || idType.equals(IdType.ROLE) || idType.equals(IdType.FILTEREDROLE)) {
            throw new IdRepoUnsupportedOpException(IdRepoBundle.BUNDLE_NAME, "213", new Object[]{getClass().getName()});
        }
        if (idType.equals(IdType.REALM)) {
            if (this.debug.messageEnabled()) {
                this.debug.message(new StringBuffer().append("LDAPv3Repo: unassignService: before myServiceMap:").append(this.myServiceMap).toString());
            }
            if (str2 == null || str2.length() <= 0) {
                this.debug.message("LDAPv3Repo: unassignService: serviceName is null or 0");
            } else {
                this.myServiceMap.remove(str2);
            }
            if (this.debug.messageEnabled()) {
                this.debug.message(new StringBuffer().append("LDAPv3Repo: unassignService: after myServiceMap:").append(this.myServiceMap).toString());
            }
            if (this.myListener != null) {
                this.myListener.setServiceAttributes(str2, this.myServiceMap);
                return;
            }
            return;
        }
        if (!idType.equals(IdType.USER)) {
            throw new IdRepoUnsupportedOpException(IdRepoBundle.BUNDLE_NAME, "213", new Object[]{getClass().getName()});
        }
        Set set = (Set) map.get("objectclass");
        HashSet hashSet = new HashSet();
        hashSet.add("objectclass");
        Set set2 = (Set) getAttributes(sSOToken, idType, str, hashSet).get("objectclass");
        Set updateAndGetRemovableOCs = AMCommonUtils.updateAndGetRemovableOCs(set2, set);
        HashSet hashSet2 = new HashSet();
        Iterator it = updateAndGetRemovableOCs.iterator();
        while (it.hasNext()) {
            try {
                Iterator it2 = new HashSet(getOCAttributes((String) it.next())).iterator();
                while (it2.hasNext()) {
                    hashSet2.add(((String) it2.next()).toLowerCase());
                }
            } catch (LDAPException e) {
                int lDAPResultCode = e.getLDAPResultCode();
                this.debug.error(new StringBuffer().append("LDAPv3Repo: unassignService. get Object Attributes failed: ").append(lDAPResultCode).toString());
                if (this.debug.messageEnabled()) {
                    this.debug.error("LDAPv3Repo: unassignService.", e);
                }
                Object[] objArr = {CLASS_NAME, Integer.toString(lDAPResultCode)};
                if (lDAPResultCode != 80 && lDAPResultCode != 81 && lDAPResultCode != 82) {
                    throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, "306", objArr);
                }
                throw new IdRepoFatalException(IdRepoBundle.BUNDLE_NAME, "306", objArr);
            }
        }
        for (String str3 : getAttributes(sSOToken, idType, str).keySet()) {
            if (hashSet2.contains(str3)) {
                try {
                    AMHashMap aMHashMap = new AMHashMap();
                    aMHashMap.put(str3, Collections.EMPTY_SET);
                    setAttributes(sSOToken, idType, str, aMHashMap, false);
                } catch (Exception e2) {
                    if (this.debug.messageEnabled()) {
                        this.debug.message(new StringBuffer().append("unassignService failed. error occurred while removing attribute: ").append(str3).toString());
                    }
                }
            }
        }
        AMHashMap aMHashMap2 = new AMHashMap();
        aMHashMap2.put("objectclass", set2);
        setAttributes(sSOToken, idType, str, aMHashMap2, false);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v24, types: [java.util.Set] */
    @Override // com.sun.identity.idm.IdRepo
    public Set getAssignedServices(SSOToken sSOToken, IdType idType, String str, Map map) throws IdRepoException, SSOException {
        if (this.debug.messageEnabled()) {
            this.debug.message(new StringBuffer().append("LDAPv3Repo: getAssignedServices. IdType=").append(idType).append("; Name=").append(str).append("; mapOfServiceNamesandOCs=").append(map).toString());
            this.debug.message(new StringBuffer().append("     getAssignedServices. myServiceMap=").append(this.myServiceMap).toString());
        }
        HashSet hashSet = new HashSet();
        if (idType.equals(IdType.AGENT) || idType.equals(IdType.GROUP) || idType.equals(IdType.ROLE) || idType.equals(IdType.FILTEREDROLE)) {
            throw new IdRepoUnsupportedOpException(IdRepoBundle.BUNDLE_NAME, "213", new Object[]{getClass().getName()});
        }
        if (idType.equals(IdType.USER)) {
            Set convertToLowerCase = convertToLowerCase(readObjectClass(sSOToken, idType, str));
            for (String str2 : map.keySet()) {
                Set convertToLowerCase2 = convertToLowerCase((Set) map.get(str2));
                if (convertToLowerCase != null && convertToLowerCase.containsAll(convertToLowerCase2)) {
                    hashSet.add(str2);
                }
            }
            if (this.myServiceMap != null) {
                hashSet.addAll(this.myServiceMap.keySet());
            }
            if (this.debug.messageEnabled()) {
                this.debug.message(new StringBuffer().append("LDAPv3Repo: getAssignedServices returns resultsSet: ").append(hashSet).toString());
            }
        } else {
            if (!idType.equals(IdType.REALM)) {
                throw new IdRepoUnsupportedOpException(IdRepoBundle.BUNDLE_NAME, "213", new Object[]{getClass().getName()});
            }
            hashSet = this.myServiceMap.keySet();
            if (this.debug.messageEnabled()) {
                this.debug.message(new StringBuffer().append("LDAPv3Repo: getAssignedServices: resultsSet: ").append(hashSet).append("; myServiceMap:").append(this.myServiceMap).toString());
            }
        }
        return hashSet;
    }

    @Override // com.sun.identity.idm.IdRepo
    public Map getServiceAttributes(SSOToken sSOToken, IdType idType, String str, String str2, Set set) throws IdRepoException, SSOException {
        if (this.debug.messageEnabled()) {
            this.debug.message(new StringBuffer().append("LDAPv3Repo: getServiceAttributes. IdType=").append(idType).append("; Name=").append(str).append("; serviceName=").append(str2).append("; attrNames=").append(set).toString());
        }
        if (idType.equals(IdType.AGENT) || idType.equals(IdType.GROUP) || idType.equals(IdType.ROLE) || idType.equals(IdType.FILTEREDROLE)) {
            throw new IdRepoUnsupportedOpException(IdRepoBundle.BUNDLE_NAME, "213", new Object[]{getClass().getName()});
        }
        if (!idType.equals(IdType.USER)) {
            if (!idType.equals(IdType.REALM)) {
                throw new IdRepoUnsupportedOpException(IdRepoBundle.BUNDLE_NAME, "213", new Object[]{getClass().getName()});
            }
            Map map = (Map) this.myServiceMap.get(str2);
            if (map == null || map.isEmpty()) {
                this.debug.message("LDAPv3Repo: getServiceAttributes. REALM returns empty");
                return new HashMap();
            }
            if (set == null || set.isEmpty()) {
                if (this.debug.messageEnabled()) {
                    this.debug.message(new StringBuffer().append("LDAPv3Repo: getServiceAttributes. REALM: attrNames is null or empty. srvCfgAttrMap=").append(map).toString());
                }
                return new HashMap(map);
            }
            HashMap hashMap = new HashMap();
            Set keySet = map.keySet();
            Iterator it = set.iterator();
            while (it.hasNext()) {
                String str3 = (String) it.next();
                if (keySet.contains(str3)) {
                    hashMap.put(str3, map.get(str3));
                }
            }
            if (this.debug.messageEnabled()) {
                this.debug.message(new StringBuffer().append("LDAPv3Repo: getServiceAttributes. REALM resultMap=").append(hashMap).toString());
            }
            return hashMap;
        }
        Map attributes = getAttributes(sSOToken, idType, str, set);
        if (str2 == null || str2.length() == 0) {
            if (this.debug.messageEnabled()) {
                this.debug.message(new StringBuffer().append("LDAPv3Repo: getServiceAttribute. userAttrs=").append(attributes).toString());
            }
            return attributes;
        }
        Map map2 = (Map) this.myServiceMap.get(str2);
        HashMap hashMap2 = new HashMap();
        if (map2 == null || map2.isEmpty()) {
            if (this.debug.messageEnabled()) {
                this.debug.message(new StringBuffer().append("LDAPv3Repo: getServiceAttribute: return userAttrs:").append(attributes).toString());
            }
            return attributes;
        }
        for (String str4 : map2.keySet()) {
            if (set.contains(str4)) {
                hashMap2.put(str4, map2.get(str4));
            }
        }
        if (this.debug.messageEnabled()) {
            this.debug.message(new StringBuffer().append("    mySrvAttrMap=").append(hashMap2).toString());
            this.debug.message(new StringBuffer().append("    srvCfgAttrMap=").append(map2).toString());
            this.debug.message(new StringBuffer().append("    userAttrs=").append(attributes).toString());
        }
        Set keySet2 = attributes.keySet();
        for (String str5 : hashMap2.keySet()) {
            if (!keySet2.contains(str5)) {
                attributes.put(str5, hashMap2.get(str5));
            }
        }
        if (this.debug.messageEnabled()) {
            this.debug.message(new StringBuffer().append("    on exit: userAttrs= ").append(attributes).toString());
        }
        return attributes;
    }

    @Override // com.sun.identity.idm.IdRepo
    public void modifyService(SSOToken sSOToken, IdType idType, String str, String str2, SchemaType schemaType, Map map) throws IdRepoException, SSOException {
        if (this.debug.messageEnabled()) {
            this.debug.message(new StringBuffer().append("LDAPv3Repo: modifyService. IdType=").append(idType).append("; Name=").append(str).append("; serviceName=").append(str2).append("; SchemaType=").append(schemaType).append("; attrMap=").append(map).toString());
        }
        if (idType.equals(IdType.AGENT) || idType.equals(IdType.GROUP) || idType.equals(IdType.ROLE) || idType.equals(IdType.FILTEREDROLE)) {
            throw new IdRepoUnsupportedOpException(IdRepoBundle.BUNDLE_NAME, "213", new Object[]{getClass().getName()});
        }
        if (!idType.equals(IdType.REALM)) {
            if (!idType.equals(IdType.USER)) {
                throw new IdRepoUnsupportedOpException(IdRepoBundle.BUNDLE_NAME, "213", new Object[]{getClass().getName()});
            }
            if (schemaType.equals(SchemaType.DYNAMIC)) {
                throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, "214", new Object[]{getClass().getName(), schemaType.toString(), idType.getName()});
            }
            setAttributes(sSOToken, idType, str, map, false);
            return;
        }
        if (this.debug.messageEnabled()) {
            this.debug.message(new StringBuffer().append("LDAPv3Repo: modifyService. REALM before. myServiceMap").append(this.myServiceMap).toString());
        }
        Map map2 = (Map) this.myServiceMap.get(str2);
        if (map2 == null || map2.isEmpty()) {
            this.myServiceMap.put(str2, new HashMap(map));
        } else {
            Set keySet = map2.keySet();
            for (String str3 : map.keySet()) {
                if (keySet.contains(str3)) {
                    Set set = (Set) map.get(str3);
                    Set set2 = (Set) map2.get(str3);
                    set2.clear();
                    set2.addAll(set);
                    map2.put(str3, set2);
                } else {
                    map2.put(str3, map.get(str3));
                }
            }
            this.myServiceMap.put(str2, map2);
        }
        if (this.debug.messageEnabled()) {
            this.debug.message(new StringBuffer().append("LDAPv3Repo: modifyService. REALM after. myServiceMap").append(this.myServiceMap).toString());
        }
        if (this.myListener != null) {
            this.myListener.setServiceAttributes(str2, this.myServiceMap);
            this.debug.message(new StringBuffer().append("LDAPv3Repo: modifyService calls setServiceAttributes:").append(this.myServiceMap).toString());
        }
    }

    public LDAPCache GetCache() {
        return this.ldapCache;
    }

    public void clearCache() {
        if (this.debug.messageEnabled()) {
            this.debug.message("clearCache");
        }
        if (!this.cacheEnabled || this.ldapCache == null) {
            return;
        }
        boolean flushEntries = this.ldapCache.flushEntries((String) null, 2);
        if (this.debug.messageEnabled()) {
            this.debug.message(new StringBuffer().append("clearCache: flushed return ").append(flushEntries).toString());
        }
    }

    public void objectChanged(String str, int i) {
        boolean flushEntries;
        boolean flushEntries2;
        boolean flushEntries3;
        boolean flushEntries4;
        boolean flushEntries5;
        boolean flushEntries6;
        if (this.debug.messageEnabled()) {
            this.debug.message(new StringBuffer().append("objectChanged:  dn=").append(str).toString());
        }
        if (!this.cacheEnabled || this.ldapCache == null) {
            return;
        }
        if (i == 1) {
            boolean flushEntries7 = this.ldapCache.flushEntries((String) null, 2);
            if (this.debug.messageEnabled()) {
                this.debug.message(new StringBuffer().append("objectChanged LDAPPersistSearchControl.ADD flushStatus= ").append(flushEntries7).toString());
                return;
            }
            return;
        }
        if (i != 4) {
            if (i != 8) {
                boolean flushEntries8 = this.ldapCache.flushEntries((String) null, 2);
                if (this.debug.messageEnabled()) {
                    this.debug.message(new StringBuffer().append("objectChanged. DELETE; dn=").append(str).append("flushStatus= ").append(flushEntries8).toString());
                    return;
                }
                return;
            }
            String dn = new DN(str).getParent().toString();
            do {
                flushEntries = this.ldapCache.flushEntries(dn, 1);
                if (this.debug.messageEnabled()) {
                    this.debug.message(new StringBuffer().append("objectChanged LDAPPersistSearchControl.MODDN parent scope_one: flushStatus= ").append(flushEntries).toString());
                }
            } while (flushEntries);
            do {
                flushEntries2 = this.ldapCache.flushEntries(dn, 0);
                if (this.debug.messageEnabled()) {
                    this.debug.message(new StringBuffer().append("objectChanged LDAPPersistSearchControl.MODDN parent scope_base: flushStatus= ").append(flushEntries2).toString());
                }
            } while (flushEntries2);
            return;
        }
        DN parent = new DN(str).getParent();
        String dn2 = parent.toString();
        String dn3 = parent.getParent().toString();
        do {
            flushEntries3 = this.ldapCache.flushEntries(dn2, 1);
            if (this.debug.messageEnabled()) {
                this.debug.message(new StringBuffer().append("objectChanged LDAPPersistSearchControl.MODIFY dn scope_base flushStatus= ").append(flushEntries3).toString());
            }
        } while (flushEntries3);
        do {
            flushEntries4 = this.ldapCache.flushEntries(dn2, 2);
            if (this.debug.messageEnabled()) {
                this.debug.message(new StringBuffer().append("objectChangedLDAPPersistSearchControl.MODIFY dn scope_base flushStatus= ").append(flushEntries4).toString());
            }
        } while (flushEntries4);
        do {
            flushEntries5 = this.ldapCache.flushEntries(dn3, 1);
            if (this.debug.messageEnabled()) {
                this.debug.message(new StringBuffer().append("objectChanged LDAPPersistSearchControl.MODIFY grandParent dn scope_base flushStatus= ").append(flushEntries5).toString());
            }
        } while (flushEntries5);
        do {
            flushEntries6 = this.ldapCache.flushEntries(dn3, 2);
            if (this.debug.messageEnabled()) {
                this.debug.message(new StringBuffer().append("objectChanged LDAPPersistSearchControl.MODIFY grandParent dn scope_base flushStatus= ").append(flushEntries6).toString());
            }
        } while (flushEntries6);
    }

    private Collection getOCAttributes(String str) throws LDAPException {
        Collection requiredAttributes = getRequiredAttributes(str);
        requiredAttributes.addAll(getOptionalAttributes(str));
        return requiredAttributes;
    }

    private Collection getRequiredAttributes(String str) throws LDAPException {
        ArrayList arrayList = new ArrayList();
        LDAPObjectClassSchema objectClass = getLDAPSchema().getObjectClass(str);
        if (objectClass != null) {
            Enumeration requiredAttributes = objectClass.getRequiredAttributes();
            while (requiredAttributes.hasMoreElements()) {
                arrayList.add((String) requiredAttributes.nextElement());
            }
        }
        return arrayList;
    }

    private Collection getOptionalAttributes(String str) throws LDAPException {
        ArrayList arrayList = new ArrayList();
        LDAPObjectClassSchema objectClass = getLDAPSchema().getObjectClass(str);
        if (objectClass != null) {
            Enumeration optionalAttributes = objectClass.getOptionalAttributes();
            while (optionalAttributes.hasMoreElements()) {
                arrayList.add((String) optionalAttributes.nextElement());
            }
        }
        return arrayList;
    }

    /* JADX WARN: Code restructure failed: missing block: B:39:0x00c3, code lost:
    
        if (r7 != null) goto L34;
     */
    /* JADX WARN: Code restructure failed: missing block: B:40:0x00c6, code lost:
    
        r0.setProperty("com.netscape.ldap.schema.quoting", r7);
     */
    /* JADX WARN: Code restructure failed: missing block: B:41:0x00ce, code lost:
    
        r4.connPool.close(r0);
     */
    /* JADX WARN: Code restructure failed: missing block: B:44:0x00d9, code lost:
    
        return r0;
     */
    /* JADX WARN: Code restructure failed: missing block: B:48:0x00c3, code lost:
    
        if (r7 == null) goto L35;
     */
    /* JADX WARN: Code restructure failed: missing block: B:49:0x00c6, code lost:
    
        r0.setProperty("com.netscape.ldap.schema.quoting", r7);
     */
    /* JADX WARN: Code restructure failed: missing block: B:50:0x00ce, code lost:
    
        r4.connPool.close(r0);
     */
    /* JADX WARN: Code restructure failed: missing block: B:52:0x00bf, code lost:
    
        throw r11;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private netscape.ldap.LDAPSchema getLDAPSchema() throws netscape.ldap.LDAPException {
        /*
            r4 = this;
            netscape.ldap.LDAPSchema r0 = new netscape.ldap.LDAPSchema
            r1 = r0
            r1.<init>()
            r5 = r0
            r0 = r4
            netscape.ldap.util.ConnectionPool r0 = r0.connPool
            netscape.ldap.LDAPConnection r0 = r0.getConnection()
            r6 = r0
            r0 = r4
            boolean r0 = r0.cacheEnabled
            if (r0 == 0) goto L1f
            r0 = r6
            r1 = r4
            netscape.ldap.LDAPCache r1 = r1.ldapCache
            r0.setCache(r1)
        L1f:
            r0 = 0
            r7 = r0
            r0 = r6
            java.lang.String r1 = "com.netscape.ldap.schema.quoting"
            java.lang.Object r0 = r0.getProperty(r1)     // Catch: netscape.ldap.LDAPException -> La7 java.lang.Throwable -> Lb8
            r7 = r0
            r0 = r6
            java.lang.String r1 = "com.netscape.ldap.schema.quoting"
            java.lang.String r2 = "standard"
            r0.setProperty(r1, r2)     // Catch: netscape.ldap.LDAPException -> La7 java.lang.Throwable -> Lb8
            r0 = 0
            r8 = r0
            goto L98
        L39:
            r0 = r4
            com.iplanet.am.util.Debug r0 = r0.debug     // Catch: netscape.ldap.LDAPException -> La7 java.lang.Throwable -> Lb8
            boolean r0 = r0.messageEnabled()     // Catch: netscape.ldap.LDAPException -> La7 java.lang.Throwable -> Lb8
            if (r0 == 0) goto L5f
            r0 = r4
            com.iplanet.am.util.Debug r0 = r0.debug     // Catch: netscape.ldap.LDAPException -> La7 java.lang.Throwable -> Lb8
            java.lang.StringBuffer r1 = new java.lang.StringBuffer     // Catch: netscape.ldap.LDAPException -> La7 java.lang.Throwable -> Lb8
            r2 = r1
            r2.<init>()     // Catch: netscape.ldap.LDAPException -> La7 java.lang.Throwable -> Lb8
            java.lang.String r2 = "LDAPv3Repo.getLDAPSchema retry: "
            java.lang.StringBuffer r1 = r1.append(r2)     // Catch: netscape.ldap.LDAPException -> La7 java.lang.Throwable -> Lb8
            r2 = r8
            java.lang.StringBuffer r1 = r1.append(r2)     // Catch: netscape.ldap.LDAPException -> La7 java.lang.Throwable -> Lb8
            java.lang.String r1 = r1.toString()     // Catch: netscape.ldap.LDAPException -> La7 java.lang.Throwable -> Lb8
            r0.message(r1)     // Catch: netscape.ldap.LDAPException -> La7 java.lang.Throwable -> Lb8
        L5f:
            r0 = r8
            if (r0 <= 0) goto L71
            r0 = r6
            java.lang.String r1 = "fake=fake"
            netscape.ldap.LDAPEntry r0 = r0.read(r1)     // Catch: java.lang.Exception -> L6f netscape.ldap.LDAPException -> L82 netscape.ldap.LDAPException -> La7 java.lang.Throwable -> Lb8
            goto L71
        L6f:
            r9 = move-exception
        L71:
            r0 = r5
            r1 = r6
            java.lang.String r2 = "cn=schema"
            r0.fetchSchema(r1, r2)     // Catch: netscape.ldap.LDAPException -> L82 netscape.ldap.LDAPException -> La7 java.lang.Throwable -> Lb8
            r0 = r5
            r9 = r0
            r0 = jsr -> Lc0
        L7f:
            r1 = r9
            return r1
        L82:
            r9 = move-exception
            int r8 = r8 + 1
            java.lang.Thread r0 = java.lang.Thread.currentThread()     // Catch: java.lang.InterruptedException -> L96 netscape.ldap.LDAPException -> La7 java.lang.Throwable -> Lb8
            r0 = r4
            int r0 = r0.connRetryInterval     // Catch: java.lang.InterruptedException -> L96 netscape.ldap.LDAPException -> La7 java.lang.Throwable -> Lb8
            long r0 = (long) r0     // Catch: java.lang.InterruptedException -> L96 netscape.ldap.LDAPException -> La7 java.lang.Throwable -> Lb8
            java.lang.Thread.sleep(r0)     // Catch: java.lang.InterruptedException -> L96 netscape.ldap.LDAPException -> La7 java.lang.Throwable -> Lb8
            goto L98
        L96:
            r10 = move-exception
        L98:
            r0 = r8
            r1 = r4
            int r1 = r1.connNumRetry     // Catch: netscape.ldap.LDAPException -> La7 java.lang.Throwable -> Lb8
            if (r0 <= r1) goto L39
            r0 = jsr -> Lc0
        La4:
            goto Ld8
        La7:
            r8 = move-exception
            r0 = r4
            com.iplanet.am.util.Debug r0 = r0.debug     // Catch: java.lang.Throwable -> Lb8
            java.lang.String r1 = "LDAPv3Repo.getLDAPSchema Exception: "
            r2 = r8
            r0.error(r1, r2)     // Catch: java.lang.Throwable -> Lb8
            r0 = r8
            throw r0     // Catch: java.lang.Throwable -> Lb8
        Lb8:
            r11 = move-exception
            r0 = jsr -> Lc0
        Lbd:
            r1 = r11
            throw r1
        Lc0:
            r12 = r0
            r0 = r7
            if (r0 == 0) goto Lce
            r0 = r6
            java.lang.String r1 = "com.netscape.ldap.schema.quoting"
            r2 = r7
            r0.setProperty(r1, r2)
        Lce:
            r0 = r4
            netscape.ldap.util.ConnectionPool r0 = r0.connPool
            r1 = r6
            r0.close(r1)
            ret r12
        Ld8:
            r1 = r5
            return r1
        */
        throw new UnsupportedOperationException("Method not decompiled: com.sun.identity.idm.plugins.ldapv3.LDAPv3Repo.getLDAPSchema():netscape.ldap.LDAPSchema");
    }

    private Set readObjectClass(SSOToken sSOToken, IdType idType, String str) throws IdRepoException, SSOException {
        HashSet hashSet = new HashSet();
        hashSet.add("objectclass");
        return (Set) getAttributes(sSOToken, idType, str, hashSet).get("objectclass");
    }

    private Set convertToLowerCase(Set set) {
        if (set == null || set.isEmpty()) {
            return set;
        }
        HashSet hashSet = new HashSet();
        Iterator it = set.iterator();
        while (it.hasNext()) {
            hashSet.add(((String) it.next()).toLowerCase());
        }
        return hashSet;
    }

    private Set parseInputedOps(StringTokenizer stringTokenizer, boolean z) {
        HashSet hashSet = new HashSet();
        while (stringTokenizer.hasMoreTokens()) {
            String nextToken = stringTokenizer.nextToken();
            if (nextToken.equalsIgnoreCase("read")) {
                hashSet.add(IdOperation.READ);
            } else if (nextToken.equalsIgnoreCase(AMAdminConstants.OPERATION_EDIT)) {
                hashSet.add(IdOperation.EDIT);
            } else if (nextToken.equalsIgnoreCase(GetHttpSession.CREATE_OP)) {
                hashSet.add(IdOperation.CREATE);
            } else if (nextToken.equalsIgnoreCase(ModelExecutionContext.OPERATION_DELETE)) {
                hashSet.add(IdOperation.DELETE);
            } else if (nextToken.equalsIgnoreCase(AuthXMLTags.INDEX_TYPE_SVC_ATTR) && z) {
                hashSet.add(IdOperation.SERVICE);
            }
        }
        if (this.debug.messageEnabled()) {
            this.debug.message(new StringBuffer().append("parseInputedOps exit: opsReadSet:").append(hashSet).toString());
        }
        return hashSet;
    }

    private void parsedUserSpecifiedOps(Set set) {
        if (this.debug.messageEnabled()) {
            this.debug.message(new StringBuffer().append("parsedUserSpecifiedOps entry: userSpecifiedOpsSet:").append(set).toString());
        }
        new HashMap(this.supportedOps);
        this.supportedOps.clear();
        Iterator it = set.iterator();
        while (it.hasNext()) {
            IdType idType = null;
            Set set2 = null;
            StringTokenizer stringTokenizer = new StringTokenizer((String) it.next(), "= ,");
            if (stringTokenizer.hasMoreTokens()) {
                String nextToken = stringTokenizer.nextToken();
                if (this.debug.messageEnabled()) {
                    this.debug.message(new StringBuffer().append("    idtypeToken:").append(nextToken).toString());
                }
                if (nextToken.equalsIgnoreCase("user")) {
                    idType = IdType.USER;
                    set2 = parseInputedOps(stringTokenizer, true);
                } else if (nextToken.equalsIgnoreCase("group")) {
                    idType = IdType.GROUP;
                    set2 = parseInputedOps(stringTokenizer, false);
                } else if (nextToken.equalsIgnoreCase("agent")) {
                    idType = IdType.AGENT;
                    set2 = parseInputedOps(stringTokenizer, false);
                } else if (nextToken.equalsIgnoreCase("role")) {
                    idType = IdType.ROLE;
                    set2 = parseInputedOps(stringTokenizer, false);
                } else if (nextToken.equalsIgnoreCase("filteredrole")) {
                    idType = IdType.FILTEREDROLE;
                    set2 = parseInputedOps(stringTokenizer, false);
                } else if (nextToken.equalsIgnoreCase("realm")) {
                    idType = IdType.REALM;
                    set2 = parseInputedOps(stringTokenizer, true);
                } else {
                    idType = null;
                }
            }
            if (idType != null && set2 != null && !set2.isEmpty()) {
                this.supportedOps.put(idType, set2);
                if (this.debug.messageEnabled()) {
                    this.debug.message(new StringBuffer().append("parsedUserSpecifiedOps called supportedOps:").append(this.supportedOps).append("; idTypeRead:").append(idType).append("; opsRead:").append(set2).toString());
                }
            }
        }
    }

    private void loadSupportedOps() {
        HashSet hashSet = new HashSet();
        hashSet.add(IdOperation.CREATE);
        hashSet.add(IdOperation.DELETE);
        hashSet.add(IdOperation.EDIT);
        hashSet.add(IdOperation.READ);
        hashSet.add(IdOperation.SERVICE);
        this.supportedOps.put(IdType.USER, Collections.unmodifiableSet(hashSet));
        this.supportedOps.put(IdType.REALM, Collections.unmodifiableSet(hashSet));
        HashSet hashSet2 = new HashSet(hashSet);
        hashSet2.remove(IdOperation.SERVICE);
        this.supportedOps.put(IdType.GROUP, Collections.unmodifiableSet(hashSet2));
        this.supportedOps.put(IdType.AGENT, Collections.unmodifiableSet(hashSet2));
        this.supportedOps.put(IdType.ROLE, Collections.unmodifiableSet(hashSet2));
        this.supportedOps.put(IdType.FILTEREDROLE, Collections.unmodifiableSet(hashSet2));
        if (this.debug.messageEnabled()) {
            this.debug.message(new StringBuffer().append("loadSupportedOps: supportedOps: ").append(this.supportedOps).toString());
        }
    }

    private String getObjClassFilter(IdType idType) {
        String str = idType.equals(IdType.USER) ? this.userSearchFilter : idType.equals(IdType.GROUP) ? this.groupSearchFilter : idType.equals(IdType.ROLE) ? this.roleSearchFilter : idType.equals(IdType.FILTEREDROLE) ? this.filterroleSearchFilter : idType.equals(IdType.AGENT) ? this.agentSearchFilter : this.userSearchFilter;
        if (this.debug.messageEnabled()) {
            this.debug.message(new StringBuffer().append("getObjClassFilter returns: objClassFilter=").append(str).toString());
        }
        return str;
    }

    private String getNamingAttr(IdType idType) {
        return idType.equals(IdType.USER) ? this.userSearchNamingAttr : idType.equals(IdType.GROUP) ? this.groupSearchNamingAttr : (idType.equals(IdType.ROLE) || idType.equals(IdType.FILTEREDROLE)) ? this.roleSearchNamingAttr : idType.equals(IdType.AGENT) ? this.agentSearchNamingAttr : this.userSearchNamingAttr;
    }

    /*  JADX ERROR: NullPointerException in pass: RegionMakerVisitor
        java.lang.NullPointerException
        */
    private java.lang.String getDN(com.sun.identity.idm.IdType r8, java.lang.String r9) throws com.sun.identity.idm.IdRepoException {
        /*
            Method dump skipped, instructions count: 724
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.sun.identity.idm.plugins.ldapv3.LDAPv3Repo.getDN(com.sun.identity.idm.IdType, java.lang.String):java.lang.String");
    }

    private String getBaseDN(IdType idType) throws IdRepoException {
        String str;
        if (idType.equals(IdType.USER)) {
            str = (this.peopleCtnrValue == null || this.peopleCtnrValue.length() == 0 || this.peopleCtnrNamingAttr == null || this.peopleCtnrNamingAttr.length() == 0) ? this.orgDN : new StringBuffer().append(this.peopleCtnrNamingAttr).append("=").append(this.peopleCtnrValue).append(",").append(this.orgDN).toString();
        } else if (idType.equals(IdType.AGENT)) {
            str = (this.agentCtnrValue == null || this.agentCtnrValue.length() == 0 || this.agentCtnrNamingAttr == null || this.agentCtnrNamingAttr.length() == 0) ? this.orgDN : new StringBuffer().append(this.agentCtnrNamingAttr).append("=").append(this.agentCtnrValue).append(",").append(this.orgDN).toString();
        } else if (idType.equals(IdType.GROUP)) {
            str = (this.groupCtnrValue == null || this.groupCtnrValue.length() == 0 || this.groupCtnrNamingAttr == null || this.groupCtnrNamingAttr.length() == 0) ? this.orgDN : new StringBuffer().append(this.groupCtnrNamingAttr).append("=").append(this.groupCtnrValue).append(",").append(this.orgDN).toString();
        } else {
            if (!idType.equals(IdType.ROLE) && !idType.equals(IdType.FILTEREDROLE)) {
                throw new IdRepoUnsupportedOpException(IdRepoBundle.BUNDLE_NAME, "305", new Object[]{CLASS_NAME, IdOperation.READ.getName(), idType.getName()});
            }
            str = this.orgDN;
        }
        return str;
    }

    private String constructFilter(Map map) {
        if (this.debug.messageEnabled()) {
            this.debug.message(new StringBuffer().append("LDAPv3Repo: constructFilter: avPairs=").append(map).toString());
        }
        StringBuffer stringBuffer = new StringBuffer();
        boolean z = false;
        Iterator it = map.keySet().iterator();
        if (it.hasNext()) {
            stringBuffer.append("(&");
            z = true;
        }
        while (it.hasNext()) {
            String str = (String) it.next();
            Iterator it2 = ((Set) map.get(str)).iterator();
            while (it2.hasNext()) {
                stringBuffer.append("(").append(str).append("=").append((String) it2.next()).append(")");
            }
        }
        if (z) {
            stringBuffer.append(")");
        }
        if (this.debug.messageEnabled()) {
            this.debug.message(new StringBuffer().append("LDAPv3Repo: exit constructFilter: filterSB= ").append((Object) stringBuffer).toString());
        }
        return stringBuffer.toString();
    }

    private String constructFilter(String str, String str2, String str3) {
        if (this.debug.messageEnabled()) {
            this.debug.message(new StringBuffer().append("LDAPv3Repo: constructFilter: objectClassFilter=").append(str2).append("; wildcard=").append(str3).append("; namingAttr=").append(str).toString());
        }
        StringBuffer stringBuffer = new StringBuffer();
        int indexOf = str2.indexOf("%U");
        int indexOf2 = str2.indexOf("%V");
        if (indexOf == -1 && indexOf2 == -1) {
            if (str == null || str.length() == 0) {
                stringBuffer.append(str2);
            } else {
                stringBuffer.append("(&(").append(str).append("=").append(str3).append(")").append(str2).append(")");
            }
            String stringBuffer2 = stringBuffer.toString();
            if (this.debug.messageEnabled()) {
                this.debug.message(new StringBuffer().append("LDAPv3Repo: exit 1 constructFilter . objectClassFilter=").append(stringBuffer2).toString());
            }
            return stringBuffer2;
        }
        int indexOf3 = str3.indexOf("@");
        if (indexOf3 != -1) {
            str3.substring(0, indexOf3);
            str3.substring(indexOf3 + 1);
        }
        while (indexOf != -1) {
            stringBuffer.append(str2.substring(0, indexOf)).append(str3).append(str2.substring(indexOf + 2));
            str2 = stringBuffer.toString();
            stringBuffer = new StringBuffer();
            indexOf = str2.indexOf("%U");
        }
        while (indexOf2 != -1) {
            stringBuffer.append(str2.substring(0, indexOf2)).append(str3).append(str2.substring(indexOf2 + 2));
            str2 = stringBuffer.toString();
            stringBuffer = new StringBuffer();
            indexOf2 = str2.indexOf("%V");
        }
        if (this.debug.messageEnabled()) {
            this.debug.message(new StringBuffer().append("LDAPv3Repo: exit constructFilter. objectClassFilter=").append(str2).toString());
        }
        return str2;
    }

    private Map getCreateUserAttrMapping(Map map) {
        Map map2;
        Set<String> set = (Set) map.get(LDAPv3Config_LDAP_CREATEUSERMAPPING);
        if (set == null || set.isEmpty()) {
            map2 = Collections.EMPTY_MAP;
        } else {
            if (this.debug.messageEnabled()) {
                this.debug.message(new StringBuffer().append("in getCreateUserAttrMapping: createUserAttrMappingSet=").append(set).toString());
            }
            map2 = new CaseInsensitiveHashMap(set.size());
            for (String str : set) {
                int indexOf = str.indexOf(61);
                if (indexOf > -1) {
                    map2.put(str.substring(0, indexOf), str.substring(indexOf + 1));
                } else {
                    map2.put(str, str);
                }
            }
        }
        if (this.debug.messageEnabled()) {
            this.debug.message(new StringBuffer().append("exit getCreateUserAttrMapping: createAttrMap=").append(map2).toString());
        }
        return map2;
    }

    private void prtAttrMap(Map map) {
        if (!map.containsKey("userpassword")) {
            this.debug.message(new StringBuffer().append("    attrs: ").append(map).toString());
            return;
        }
        AMHashMap aMHashMap = new AMHashMap();
        aMHashMap.copy(map);
        aMHashMap.remove("userpassword");
        aMHashMap.put("userpassword", "xxx...");
        this.debug.message(new StringBuffer().append("    attrs: ").append(aMHashMap).toString());
    }

    private int getPropertyIntValue(Map map, String str, int i) {
        int i2 = i;
        try {
            Set set = (Set) map.get(str);
            if (set != null && !set.isEmpty()) {
                i2 = Integer.parseInt((String) set.iterator().next());
            }
        } catch (NumberFormatException e) {
            i2 = i;
        }
        if (this.debug.messageEnabled()) {
            this.debug.message(new StringBuffer().append("    LDAPv3Repo.getPropertyIntValue(): ").append(str).append(" = ").append(i2).toString());
        }
        return i2;
    }

    private boolean getPropertyBooleanValue(Map map, String str) {
        String propertyStringValue = getPropertyStringValue(map, str);
        return propertyStringValue != null && propertyStringValue.equalsIgnoreCase("true");
    }

    private String getPropertyStringValue(Map map, String str) {
        String str2 = null;
        Set set = (Set) map.get(str);
        if (set != null && !set.isEmpty()) {
            str2 = (String) set.iterator().next();
        } else if (this.debug.messageEnabled()) {
            this.debug.message(new StringBuffer().append("LDAPv3Repo.getPropertyStringValue failed:").append(str).toString());
        }
        if (this.debug.messageEnabled()) {
            if (!str.equals(LDAPv3Config_AUTHPW)) {
                this.debug.message(new StringBuffer().append("    LDAPv3Repo.getPropertyStringValue(): ").append(str).append(" = ").append(str2).toString());
            } else if (str2 == null || str2.length() == 0) {
                this.debug.message(new StringBuffer().append("    LDAPv3Repo.getPropertyStringValue(): ").append(str).append(" = NULL or ZERO LENGTH").toString());
            } else {
                this.debug.message(new StringBuffer().append("    LDAPv3Repo.getPropertyStringValue(): ").append(str).append(" = has value XXX").toString());
            }
        }
        return str2;
    }
}
