package com.amazon.dlic.auth.ldap.util;

import java.security.AccessController;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.util.ArrayList;
import java.util.List;
import javax.naming.InvalidNameException;
import javax.naming.ldap.LdapName;
import javax.naming.ldap.Rdn;
import org.elasticsearch.SpecialPermission;
import org.ldaptive.Connection;
import org.ldaptive.DerefAliases;
import org.ldaptive.LdapEntry;
import org.ldaptive.LdapException;
import org.ldaptive.ReturnAttributes;
import org.ldaptive.SearchFilter;
import org.ldaptive.SearchOperation;
import org.ldaptive.SearchRequest;
import org.ldaptive.SearchResult;
import org.ldaptive.SearchScope;
import org.ldaptive.referral.SearchReferralHandler;

/* loaded from: input_file:com/amazon/dlic/auth/ldap/util/LdapHelper.class */
public class LdapHelper {
    private static SearchFilter ALL = new SearchFilter("(objectClass=*)");

    public static List<LdapEntry> search(final Connection connection, String str, final SearchFilter searchFilter, final SearchScope searchScope) throws LdapException {
        SecurityManager securityManager = System.getSecurityManager();
        if (securityManager != null) {
            securityManager.checkPermission(new SpecialPermission());
        }
        try {
            final String escapeDn = escapeDn(str);
            return (List) AccessController.doPrivileged(new PrivilegedExceptionAction<List<LdapEntry>>() { // from class: com.amazon.dlic.auth.ldap.util.LdapHelper.1
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // java.security.PrivilegedExceptionAction
                public List<LdapEntry> run() throws Exception {
                    ArrayList arrayList = new ArrayList();
                    SearchRequest searchRequest = new SearchRequest(escapeDn, searchFilter);
                    searchRequest.setReferralHandler(new SearchReferralHandler());
                    searchRequest.setSearchScope(searchScope);
                    searchRequest.setDerefAliases(DerefAliases.ALWAYS);
                    searchRequest.setReturnAttributes(ReturnAttributes.ALL.value());
                    arrayList.addAll(((SearchResult) new SearchOperation(connection).execute(searchRequest).getResult()).getEntries());
                    return arrayList;
                }
            });
        } catch (InvalidNameException e) {
            throw new RuntimeException((Throwable) e);
        } catch (PrivilegedActionException e2) {
            if (e2.getException() instanceof LdapException) {
                throw e2.getException();
            }
            if (e2.getException() instanceof RuntimeException) {
                throw ((RuntimeException) e2.getException());
            }
            throw new RuntimeException(e2);
        }
    }

    public static LdapEntry lookup(Connection connection, String str) throws LdapException {
        List<LdapEntry> search = search(connection, str, ALL, SearchScope.OBJECT);
        if (search.size() == 1) {
            return search.get(0);
        }
        return null;
    }

    private static String escapeDn(String str) throws InvalidNameException {
        LdapName ldapName = new LdapName(str);
        ArrayList arrayList = new ArrayList(ldapName.size());
        for (Rdn rdn : ldapName.getRdns()) {
            arrayList.add(new Rdn(rdn.getType(), escapeForwardSlash(rdn.getValue())));
        }
        return new LdapName(arrayList).toString();
    }

    private static Object escapeForwardSlash(Object obj) {
        return (obj == null || !(obj instanceof String)) ? obj : ((String) obj).replace("/", "\\2f");
    }
}
