package org.osivia.cas.fim;

import java.util.HashMap;
import java.util.Iterator;
import org.apache.commons.lang3.exception.ExceptionUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.jasig.cas.authentication.Credential;
import org.jasig.cas.authentication.principal.Principal;
import org.jasig.cas.authentication.principal.PrincipalResolver;
import org.jasig.cas.authentication.principal.SimplePrincipal;
import org.ldaptive.Connection;
import org.ldaptive.ConnectionFactory;
import org.ldaptive.LdapEntry;
import org.ldaptive.SearchOperation;
import org.ldaptive.SearchRequest;
import org.ldaptive.SearchResult;

/* loaded from: input_file:WEB-INF/classes/org/osivia/cas/fim/FimCredentialsToPrincipalResolver.class */
public class FimCredentialsToPrincipalResolver implements PrincipalResolver {
    private final Log logger = LogFactory.getLog("fim");
    private ConnectionFactory connectionFactory;

    public FimCredentialsToPrincipalResolver(ConnectionFactory connectionFactory) {
        this.connectionFactory = connectionFactory;
    }

    /* JADX WARN: Finally extract failed */
    @Override // org.jasig.cas.authentication.principal.PrincipalResolver
    public Principal resolve(Credential credential) {
        FimCredentials fimCredentials = (FimCredentials) credential;
        String id = fimCredentials.getId();
        try {
            if (fimCredentials.getHashNumen() != null) {
                Connection connection = this.connectionFactory.getConnection();
                try {
                    connection.open();
                    SearchOperation searchOperation = new SearchOperation(connection);
                    SearchResult result = searchOperation.execute(new SearchRequest("ou=users,dc=osivia,dc=org", "(portalPersonHashNumen=" + fimCredentials.getHashNumen() + ")", "uid")).getResult();
                    result.getEntry();
                    if (result.size() == 1) {
                        id = result.getEntry().getAttribute("uid").getStringValue();
                        this.logger.info("auth via hashnumen " + fimCredentials.getHashNumen() + " (" + id + ")");
                    } else if (result.size() > 1) {
                        Iterator<LdapEntry> it = result.getEntries().iterator();
                        while (it.hasNext()) {
                            this.logger.error("auth impossible via hashnumen " + fimCredentials.getHashNumen() + " (trouvé " + it.next().getAttribute("uid").getStringValue() + ")");
                        }
                    } else if (searchOperation.execute(new SearchRequest("ou=users,dc=osivia,dc=org", "(uid=" + fimCredentials.getId() + ")", "uid")).getResult().size() != 0) {
                        this.logger.error("auth via ctemail " + id + " (compte existant)");
                    } else if (fimCredentials.getMailAca() != null) {
                        id = fimCredentials.getMailAca();
                        this.logger.info("auth via mailaca " + fimCredentials.getMailAca() + " (nouveau compte)");
                    } else {
                        this.logger.info("auth via ctemail " + id + " (nouveau compte)");
                    }
                    connection.close();
                } catch (Throwable th) {
                    connection.close();
                    throw th;
                }
            }
        } catch (Exception e) {
            this.logger.error(ExceptionUtils.getStackTrace(e));
        }
        if (id == null) {
            return null;
        }
        id = id.toLowerCase();
        HashMap hashMap = new HashMap();
        hashMap.putAll(fimCredentials.getAttributes());
        return new SimplePrincipal(id, hashMap);
    }

    @Override // org.jasig.cas.authentication.principal.PrincipalResolver
    public boolean supports(Credential credential) {
        return credential instanceof FimCredentials;
    }
}
