package org.opends.server.api;

import java.net.InetAddress;
import java.nio.channels.Selector;
import java.nio.channels.SocketChannel;
import java.util.Collection;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import java.util.concurrent.CopyOnWriteArrayList;
import java.util.concurrent.atomic.AtomicBoolean;
import org.opends.messages.CoreMessages;
import org.opends.messages.Message;
import org.opends.server.api.plugin.PluginResult;
import org.opends.server.config.ConfigConstants;
import org.opends.server.core.DirectoryServer;
import org.opends.server.core.PersistentSearch;
import org.opends.server.core.SearchOperation;
import org.opends.server.core.networkgroups.NetworkGroup;
import org.opends.server.extensions.ExtensionsConstants;
import org.opends.server.extensions.RedirectingByteChannel;
import org.opends.server.loggers.debug.DebugLogger;
import org.opends.server.loggers.debug.DebugTracer;
import org.opends.server.tools.ToolConstants;
import org.opends.server.types.Attribute;
import org.opends.server.types.AttributeValue;
import org.opends.server.types.AuthenticationInfo;
import org.opends.server.types.CancelRequest;
import org.opends.server.types.CancelResult;
import org.opends.server.types.DN;
import org.opends.server.types.DebugLogLevel;
import org.opends.server.types.DirectoryException;
import org.opends.server.types.DisconnectReason;
import org.opends.server.types.Entry;
import org.opends.server.types.IntermediateResponse;
import org.opends.server.types.Operation;
import org.opends.server.types.OperationType;
import org.opends.server.types.Privilege;
import org.opends.server.types.PublicAPI;
import org.opends.server.types.SearchResultEntry;
import org.opends.server.types.SearchResultReference;
import org.opends.server.types.StabilityLevel;
import org.opends.server.types.operation.PreParseOperation;
import org.opends.server.util.StaticUtils;
import org.opends.server.util.TimeThread;

@PublicAPI(stability = StabilityLevel.VOLATILE, mayInstantiate = true, mayExtend = true, mayInvoke = true)
/* loaded from: input_file:WEB-INF/lib/OpenDS.jar:org/opends/server/api/ClientConnection.class */
public abstract class ClientConnection {
    private static final DebugTracer TRACER = DebugLogger.getTracer();
    protected boolean mustEvaluateNetworkGroup;
    private final long connectTime = TimeThread.getTime();
    private final String connectTimeString = TimeThread.getGMTTime();
    private AuthenticationInfo authenticationInfo = new AuthenticationInfo();
    private Object saslAuthState = null;
    protected AtomicBoolean saslBindInProgress = new AtomicBoolean(false);
    protected AtomicBoolean bindOrStartTLSInProgress = new AtomicBoolean(false);
    private final CopyOnWriteArrayList<PersistentSearch> persistentSearches = new CopyOnWriteArrayList<>();
    private int sizeLimit = DirectoryServer.getSizeLimit();
    private int timeLimit = DirectoryServer.getTimeLimit();
    private long idleTimeLimit = DirectoryServer.getIdleTimeLimit();
    private int lookthroughLimit = DirectoryServer.getLookthroughLimit();
    private boolean finalized = false;
    private HashSet<Privilege> privileges = new HashSet<>();
    private NetworkGroup networkGroup = NetworkGroup.getDefaultNetworkGroup();

    /* JADX INFO: Access modifiers changed from: protected */
    public ClientConnection() {
        this.networkGroup.addConnection(this);
        this.mustEvaluateNetworkGroup = true;
        if (DebugLogger.debugEnabled()) {
            TRACER.debugMessage(DebugLogLevel.INFO, CoreMessages.INFO_CHANGE_NETWORK_GROUP.get(Long.valueOf(getConnectionID()), "null", this.networkGroup.getID()).toString());
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @PublicAPI(stability = StabilityLevel.PRIVATE, mayInstantiate = false, mayExtend = false, mayInvoke = true, notes = "This method should only be invoked by connection handlers.")
    public final void finalizeConnectionInternal() {
        if (this.finalized) {
            return;
        }
        this.finalized = true;
        Entry authenticationEntry = this.authenticationInfo.getAuthenticationEntry();
        Entry authorizationEntry = this.authenticationInfo.getAuthorizationEntry();
        if (authenticationEntry != null) {
            if (authorizationEntry == null || authorizationEntry.getDN().equals(authenticationEntry.getDN())) {
                DirectoryServer.getAuthenticatedUsers().remove(authenticationEntry.getDN(), this);
            } else {
                DirectoryServer.getAuthenticatedUsers().remove(authenticationEntry.getDN(), this);
                DirectoryServer.getAuthenticatedUsers().remove(authorizationEntry.getDN(), this);
            }
        } else if (authorizationEntry != null) {
            DirectoryServer.getAuthenticatedUsers().remove(authorizationEntry.getDN(), this);
        }
        this.networkGroup.removeConnection(this);
        try {
            finalizeClientConnection();
        } catch (Exception e) {
            if (DebugLogger.debugEnabled()) {
                TRACER.debugCaught(DebugLogLevel.ERROR, e);
            }
        }
    }

    @PublicAPI(stability = StabilityLevel.VOLATILE, mayInstantiate = false, mayExtend = true, mayInvoke = false)
    protected void finalizeClientConnection() {
    }

    public final long getConnectTime() {
        return this.connectTime;
    }

    public final String getConnectTimeString() {
        return this.connectTimeString;
    }

    public abstract long getConnectionID();

    public abstract ConnectionHandler<?> getConnectionHandler();

    public abstract String getProtocol();

    public abstract String getClientAddress();

    public abstract int getClientPort();

    public final String getClientHostPort() {
        int clientPort = getClientPort();
        return clientPort >= 0 ? getClientAddress() + ToolConstants.LIST_TABLE_SEPARATOR + clientPort : getClientAddress();
    }

    public abstract String getServerAddress();

    public abstract int getServerPort();

    public final String getServerHostPort() {
        int serverPort = getServerPort();
        return serverPort >= 0 ? getServerAddress() + ToolConstants.LIST_TABLE_SEPARATOR + serverPort : getServerAddress();
    }

    public abstract InetAddress getRemoteAddress();

    public abstract InetAddress getLocalAddress();

    public abstract boolean isSecure();

    public Selector getWriteSelector() {
        return null;
    }

    public long getMaxBlockedWriteTimeLimit() {
        return 0L;
    }

    public abstract long getNumberOfOperations();

    public boolean mustEvaluateNetworkGroup(PreParseOperation preParseOperation) {
        if (this.networkGroup == NetworkGroup.getInternalNetworkGroup() || this.networkGroup == NetworkGroup.getAdminNetworkGroup()) {
            return false;
        }
        if (preParseOperation == null || preParseOperation.getOperationType() != OperationType.BIND) {
            return this.mustEvaluateNetworkGroup;
        }
        return true;
    }

    public void mustEvaluateNetworkGroup(boolean z) {
        this.mustEvaluateNetworkGroup = z;
    }

    public abstract void sendResponse(Operation operation);

    public abstract void sendSearchEntry(SearchOperation searchOperation, SearchResultEntry searchResultEntry) throws DirectoryException;

    public abstract boolean sendSearchReference(SearchOperation searchOperation, SearchResultReference searchResultReference) throws DirectoryException;

    public final boolean sendIntermediateResponse(IntermediateResponse intermediateResponse) {
        PluginResult.IntermediateResponse invokeIntermediateResponsePlugins = DirectoryServer.getPluginConfigManager().invokeIntermediateResponsePlugins(intermediateResponse);
        boolean z = true;
        if (invokeIntermediateResponsePlugins.sendResponse()) {
            z = sendIntermediateResponseMessage(intermediateResponse);
        }
        return z && invokeIntermediateResponsePlugins.continueProcessing();
    }

    protected abstract boolean sendIntermediateResponseMessage(IntermediateResponse intermediateResponse);

    public abstract void disconnect(DisconnectReason disconnectReason, boolean z, Message message);

    public final boolean mustChangePassword() {
        if (this.authenticationInfo == null) {
            return false;
        }
        return this.authenticationInfo.mustChangePassword();
    }

    public final void setMustChangePassword(boolean z) {
        if (this.authenticationInfo == null) {
            setAuthenticationInfo(new AuthenticationInfo());
        }
        this.authenticationInfo.setMustChangePassword(z);
    }

    public abstract Collection<Operation> getOperationsInProgress();

    public abstract Operation getOperationInProgress(int i);

    public abstract boolean removeOperationInProgress(int i);

    public final List<PersistentSearch> getPersistentSearches() {
        return this.persistentSearches;
    }

    @PublicAPI(stability = StabilityLevel.PRIVATE, mayInstantiate = false, mayExtend = false, mayInvoke = false)
    public final void registerPersistentSearch(PersistentSearch persistentSearch) {
        this.persistentSearches.add(persistentSearch);
    }

    @PublicAPI(stability = StabilityLevel.PRIVATE, mayInstantiate = false, mayExtend = false, mayInvoke = false)
    public final void deregisterPersistentSearch(PersistentSearch persistentSearch) {
        this.persistentSearches.remove(persistentSearch);
    }

    public abstract CancelResult cancelOperation(int i, CancelRequest cancelRequest);

    public abstract void cancelAllOperations(CancelRequest cancelRequest);

    public abstract void cancelAllOperationsExcept(CancelRequest cancelRequest, int i);

    public AuthenticationInfo getAuthenticationInfo() {
        return this.authenticationInfo;
    }

    public void setAuthenticationInfo(AuthenticationInfo authenticationInfo) {
        if (this.authenticationInfo != null) {
            Entry authenticationEntry = this.authenticationInfo.getAuthenticationEntry();
            Entry authorizationEntry = this.authenticationInfo.getAuthorizationEntry();
            if (authenticationEntry != null) {
                if (authorizationEntry == null || authorizationEntry.getDN().equals(authenticationEntry.getDN())) {
                    DirectoryServer.getAuthenticatedUsers().remove(authenticationEntry.getDN(), this);
                } else {
                    DirectoryServer.getAuthenticatedUsers().remove(authenticationEntry.getDN(), this);
                    DirectoryServer.getAuthenticatedUsers().remove(authorizationEntry.getDN(), this);
                }
            } else if (authorizationEntry != null) {
                DirectoryServer.getAuthenticatedUsers().remove(authorizationEntry.getDN(), this);
            }
        }
        if (authenticationInfo == null) {
            this.authenticationInfo = new AuthenticationInfo();
            updatePrivileges(null, false);
            return;
        }
        this.authenticationInfo = authenticationInfo;
        Entry authenticationEntry2 = authenticationInfo.getAuthenticationEntry();
        Entry authorizationEntry2 = authenticationInfo.getAuthorizationEntry();
        if (authenticationEntry2 != null) {
            if (authorizationEntry2 == null || authorizationEntry2.getDN().equals(authenticationEntry2.getDN())) {
                DirectoryServer.getAuthenticatedUsers().put(authenticationEntry2.getDN(), this);
            } else {
                DirectoryServer.getAuthenticatedUsers().put(authenticationEntry2.getDN(), this);
                DirectoryServer.getAuthenticatedUsers().put(authorizationEntry2.getDN(), this);
            }
        } else if (authorizationEntry2 != null) {
            DirectoryServer.getAuthenticatedUsers().put(authorizationEntry2.getDN(), this);
        }
        updatePrivileges(authorizationEntry2, authenticationInfo.isRoot());
    }

    public final void updateAuthenticationInfo(Entry entry, Entry entry2) {
        Entry authenticationEntry = this.authenticationInfo.getAuthenticationEntry();
        Entry authorizationEntry = this.authenticationInfo.getAuthorizationEntry();
        if (authenticationEntry == null || !authenticationEntry.getDN().equals(entry.getDN())) {
            if (authorizationEntry == null || !authorizationEntry.getDN().equals(entry.getDN())) {
                return;
            }
            setAuthenticationInfo(this.authenticationInfo.duplicate(authenticationEntry, entry2));
            return;
        }
        if (authorizationEntry == null || !authorizationEntry.getDN().equals(authenticationEntry.getDN())) {
            setAuthenticationInfo(this.authenticationInfo.duplicate(entry2, authorizationEntry));
            updatePrivileges(entry2, this.authenticationInfo.isRoot());
        } else {
            setAuthenticationInfo(this.authenticationInfo.duplicate(entry2, entry2));
            updatePrivileges(entry2, this.authenticationInfo.isRoot());
        }
    }

    public void setUnauthenticated() {
        setAuthenticationInfo(new AuthenticationInfo());
        this.sizeLimit = this.networkGroup.getSizeLimit();
        this.timeLimit = this.networkGroup.getTimeLimit();
    }

    public static boolean hasPrivilege(Entry entry, Privilege privilege) {
        return getPrivileges(entry, DirectoryServer.isRootDN(entry.getDN())).contains(privilege) || DirectoryServer.isDisabled(privilege);
    }

    public boolean hasPrivilege(Privilege privilege, Operation operation) {
        boolean z;
        if (privilege == Privilege.PROXIED_AUTH) {
            return getPrivileges(this.authenticationInfo.getAuthenticationEntry(), this.authenticationInfo.isRoot()).contains(Privilege.PROXIED_AUTH) || DirectoryServer.isDisabled(Privilege.PROXIED_AUTH);
        }
        if (operation == null) {
            z = this.privileges.contains(privilege);
            if (DebugLogger.debugEnabled()) {
                TRACER.debugMessage(DebugLogLevel.INFO, CoreMessages.INFO_CLIENTCONNECTION_AUDIT_HASPRIVILEGE.get(Long.valueOf(getConnectionID()), -1L, String.valueOf(this.authenticationInfo.getAuthenticationDN()), privilege.getName(), Boolean.valueOf(z)).toString());
            }
        } else if (operation.getAuthorizationDN().equals(this.authenticationInfo.getAuthorizationDN()) || (operation.getAuthorizationDN().equals(DN.NULL_DN) && !this.authenticationInfo.isAuthenticated())) {
            z = this.privileges.contains(privilege) || DirectoryServer.isDisabled(privilege);
            if (DebugLogger.debugEnabled()) {
                TRACER.debugMessage(DebugLogLevel.INFO, CoreMessages.INFO_CLIENTCONNECTION_AUDIT_HASPRIVILEGE.get(Long.valueOf(getConnectionID()), Long.valueOf(operation.getOperationID()), String.valueOf(this.authenticationInfo.getAuthenticationDN()), privilege.getName(), Boolean.valueOf(z)).toString());
            }
        } else {
            Entry authorizationEntry = operation.getAuthorizationEntry();
            if (authorizationEntry == null) {
                z = false;
            } else {
                z = getPrivileges(authorizationEntry, DirectoryServer.isRootDN(authorizationEntry.getDN())).contains(privilege) || DirectoryServer.isDisabled(privilege);
            }
        }
        return z;
    }

    public boolean hasAllPrivileges(Privilege[] privilegeArr, Operation operation) {
        HashSet<Privilege> hashSet = this.privileges;
        if (DebugLogger.debugEnabled()) {
            for (Privilege privilege : privilegeArr) {
                if (!hashSet.contains(privilege)) {
                    return false;
                }
            }
            return true;
        }
        boolean z = true;
        StringBuilder sb = new StringBuilder();
        sb.append(ExtensionsConstants.STORAGE_SCHEME_PREFIX);
        for (int i = 0; i < privilegeArr.length; i++) {
            if (i > 0) {
                sb.append(",");
            }
            sb.append(privilegeArr[i].getName());
            if (!hashSet.contains(privilegeArr[i])) {
                z = false;
            }
        }
        sb.append(" }");
        if (operation == null) {
            TRACER.debugMessage(DebugLogLevel.INFO, CoreMessages.INFO_CLIENTCONNECTION_AUDIT_HASPRIVILEGES.get(Long.valueOf(getConnectionID()), -1L, String.valueOf(this.authenticationInfo.getAuthenticationDN()), sb.toString(), Boolean.valueOf(z)).toString());
        } else {
            TRACER.debugMessage(DebugLogLevel.INFO, CoreMessages.INFO_CLIENTCONNECTION_AUDIT_HASPRIVILEGES.get(Long.valueOf(getConnectionID()), Long.valueOf(operation.getOperationID()), String.valueOf(this.authenticationInfo.getAuthenticationDN()), sb.toString(), Boolean.valueOf(z)).toString());
        }
        return z;
    }

    private static HashSet<Privilege> getPrivileges(Entry entry, boolean z) {
        if (entry == null) {
            return new HashSet<>(0);
        }
        HashSet<Privilege> hashSet = new HashSet<>();
        HashSet hashSet2 = new HashSet();
        if (z) {
            hashSet.addAll(DirectoryServer.getRootPrivileges());
        }
        List<Attribute> attribute = entry.getAttribute(DirectoryServer.getAttributeType(ConfigConstants.OP_ATTR_PRIVILEGE_NAME));
        if (attribute != null) {
            Iterator<Attribute> it = attribute.iterator();
            while (it.hasNext()) {
                Iterator<AttributeValue> it2 = it.next().iterator();
                while (it2.hasNext()) {
                    String lowerCase = StaticUtils.toLowerCase(it2.next().getValue().toString());
                    if (lowerCase.startsWith("-")) {
                        Privilege privilegeForName = Privilege.privilegeForName(lowerCase.substring(1));
                        if (privilegeForName == null) {
                            hashSet.clear();
                            return hashSet;
                        }
                        hashSet2.add(privilegeForName);
                    } else {
                        Privilege privilegeForName2 = Privilege.privilegeForName(lowerCase);
                        if (privilegeForName2 != null) {
                            hashSet.add(privilegeForName2);
                        }
                    }
                }
            }
        }
        Iterator it3 = hashSet2.iterator();
        while (it3.hasNext()) {
            hashSet.remove((Privilege) it3.next());
        }
        return hashSet;
    }

    private void updatePrivileges(Entry entry, boolean z) {
        this.privileges = getPrivileges(entry, z);
    }

    public final Object getSASLAuthStateInfo() {
        return this.saslAuthState;
    }

    public final void setSASLAuthStateInfo(Object obj) {
        this.saslAuthState = obj;
    }

    public RedirectingByteChannel getChannel() {
        return null;
    }

    public SocketChannel getSocketChannel() {
        return null;
    }

    public int getAppBufferSize() {
        return 0;
    }

    public final int getSizeLimit() {
        return this.sizeLimit;
    }

    public void setSizeLimit(int i) {
        this.sizeLimit = i;
    }

    public final long getIdleTimeLimit() {
        return this.idleTimeLimit;
    }

    public void setIdleTimeLimit(long j) {
        this.idleTimeLimit = j;
    }

    public final int getLookthroughLimit() {
        return this.lookthroughLimit;
    }

    public void setLookthroughLimit(int i) {
        this.lookthroughLimit = i;
    }

    public final int getTimeLimit() {
        return this.timeLimit;
    }

    public void setTimeLimit(int i) {
        this.timeLimit = i;
    }

    public abstract String getMonitorSummary();

    public boolean isMemberOf(Group<?> group, Operation operation) throws DirectoryException {
        return operation == null ? group.isMember(this.authenticationInfo.getAuthorizationDN()) : group.isMember(operation.getAuthorizationDN());
    }

    public Set<Group> getGroups(Operation operation) throws DirectoryException {
        DN authorizationDN = operation == null ? (this.authenticationInfo == null || !this.authenticationInfo.isAuthenticated()) ? null : this.authenticationInfo.getAuthorizationDN() : operation.getAuthorizationDN();
        if (authorizationDN == null || authorizationDN.isNullDN()) {
            return Collections.emptySet();
        }
        Entry entry = DirectoryServer.getEntry(authorizationDN);
        if (entry == null) {
            return Collections.emptySet();
        }
        HashSet hashSet = new HashSet();
        for (Group group : DirectoryServer.getGroupManager().getGroupInstances()) {
            if (group.isMember(entry)) {
                hashSet.add(group);
            }
        }
        return hashSet;
    }

    public DN getKeyManagerProviderDN() {
        return null;
    }

    public DN getTrustManagerProviderDN() {
        return null;
    }

    public String getCertificateAlias() {
        return null;
    }

    public final String toString() {
        StringBuilder sb = new StringBuilder();
        toString(sb);
        return sb.toString();
    }

    public abstract void toString(StringBuilder sb);

    public final NetworkGroup getNetworkGroup() {
        return this.networkGroup;
    }

    public final void setNetworkGroup(NetworkGroup networkGroup) {
        if (this.networkGroup != networkGroup) {
            if (DebugLogger.debugEnabled()) {
                TRACER.debugMessage(DebugLogLevel.INFO, CoreMessages.INFO_CHANGE_NETWORK_GROUP.get(Long.valueOf(getConnectionID()), this.networkGroup.getID(), networkGroup.getID()).toString());
            }
            this.networkGroup.removeConnection(this);
            this.networkGroup = networkGroup;
            this.networkGroup.addConnection(this);
            this.sizeLimit = networkGroup.getSizeLimit();
            this.timeLimit = networkGroup.getTimeLimit();
        }
    }

    public long getIdleTime() {
        return 0L;
    }

    public abstract int getSSF();

    public void finishBindOrStartTLS() {
        this.bindOrStartTLSInProgress.set(false);
    }

    public void finishSaslBind() {
        this.saslBindInProgress.set(false);
    }
}
