package edu.internet2.middleware.ldappc.spml.provider;

import edu.internet2.middleware.grouper.util.GrouperUtil;
import edu.internet2.middleware.ldappc.exception.LdappcException;
import edu.internet2.middleware.ldappc.spml.PSP;
import edu.internet2.middleware.ldappc.spml.PSPConstants;
import edu.internet2.middleware.ldappc.spml.definitions.PSODefinition;
import edu.internet2.middleware.ldappc.spml.definitions.PSOReferencesDefinition;
import edu.internet2.middleware.ldappc.spml.request.LdapFilterQueryClause;
import edu.internet2.middleware.ldappc.util.LdapUtil;
import edu.internet2.middleware.ldappc.util.PSPUtil;
import edu.internet2.middleware.shibboleth.common.service.ServiceException;
import edu.vt.middleware.ldap.BaseLdap;
import edu.vt.middleware.ldap.Ldap;
import edu.vt.middleware.ldap.SearchFilter;
import edu.vt.middleware.ldap.bean.LdapAttribute;
import edu.vt.middleware.ldap.bean.LdapAttributes;
import edu.vt.middleware.ldap.bean.LdapEntry;
import edu.vt.middleware.ldap.bean.LdapResult;
import edu.vt.middleware.ldap.bean.OrderedLdapBeanFactory;
import edu.vt.middleware.ldap.bean.SortedLdapBeanFactory;
import edu.vt.middleware.ldap.ldif.Ldif;
import edu.vt.middleware.ldap.ldif.LdifResultConverter;
import edu.vt.middleware.ldap.pool.LdapPool;
import edu.vt.middleware.ldap.pool.LdapPoolException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.TreeMap;
import javax.naming.InvalidNameException;
import javax.naming.NameAlreadyBoundException;
import javax.naming.NameNotFoundException;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.BasicAttribute;
import javax.naming.directory.ModificationItem;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import org.openspml.v2.msg.spml.AddRequest;
import org.openspml.v2.msg.spml.AddResponse;
import org.openspml.v2.msg.spml.DeleteRequest;
import org.openspml.v2.msg.spml.DeleteResponse;
import org.openspml.v2.msg.spml.ErrorCode;
import org.openspml.v2.msg.spml.Extensible;
import org.openspml.v2.msg.spml.LookupRequest;
import org.openspml.v2.msg.spml.LookupResponse;
import org.openspml.v2.msg.spml.Modification;
import org.openspml.v2.msg.spml.ModificationMode;
import org.openspml.v2.msg.spml.ModifyRequest;
import org.openspml.v2.msg.spml.ModifyResponse;
import org.openspml.v2.msg.spml.PSO;
import org.openspml.v2.msg.spml.PSOIdentifier;
import org.openspml.v2.msg.spml.QueryClause;
import org.openspml.v2.msg.spml.Response;
import org.openspml.v2.msg.spml.ReturnData;
import org.openspml.v2.msg.spml.StatusCode;
import org.openspml.v2.msg.spmlref.Reference;
import org.openspml.v2.msg.spmlsearch.Query;
import org.openspml.v2.msg.spmlsearch.Scope;
import org.openspml.v2.msg.spmlsearch.SearchRequest;
import org.openspml.v2.msg.spmlsearch.SearchResponse;
import org.openspml.v2.profiles.dsml.DSMLAttr;
import org.openspml.v2.profiles.dsml.DSMLModification;
import org.openspml.v2.profiles.dsml.DSMLProfileException;
import org.openspml.v2.profiles.dsml.DSMLValue;
import org.openspml.v2.util.Spml2Exception;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.context.ApplicationContext;

/* loaded from: input_file:edu/internet2/middleware/ldappc/spml/provider/LdapTargetProvider.class */
public class LdapTargetProvider extends BaseSpmlTargetProvider {
    private static final Logger LOG = LoggerFactory.getLogger(LdapTargetProvider.class);
    private String ldapPoolId;
    private LdapPool<Ldap> ldapPool;
    private boolean logLdif;
    private boolean logSpml;

    public String getLdapPoolId() {
        return this.ldapPoolId;
    }

    public void setLdapPoolId(String str) {
        this.ldapPoolId = str;
    }

    public LdapPool<Ldap> getLdapPool() {
        return this.ldapPool;
    }

    public boolean isLogLdif() {
        return this.logLdif;
    }

    public void setLogLdif(boolean z) {
        this.logLdif = z;
    }

    public boolean isLogSpml() {
        return this.logSpml;
    }

    public void setLogSpml(boolean z) {
        this.logSpml = z;
    }

    protected void onNewContextCreated(ApplicationContext applicationContext) throws ServiceException {
        LdapPool<Ldap> ldapPool = this.ldapPool;
        try {
            LOG.debug("Loading ldap pool '{}'", getLdapPoolId());
            this.ldapPool = (LdapPool) applicationContext.getBean(getLdapPoolId());
        } catch (Exception e) {
            this.ldapPool = ldapPool;
            LOG.error(getId() + " configuration is not valid, retaining old configuration", e);
            throw new ServiceException(getId() + " configuration is not valid, retaining old configuration", e);
        }
    }

    public AddResponse execute(AddRequest addRequest) {
        String pSPUtil = PSPUtil.toString(addRequest);
        LOG.info("{}", pSPUtil);
        if (isLogSpml()) {
            LOG.info("\n{}", toXML(addRequest));
        }
        AddResponse addResponse = new AddResponse();
        addResponse.setRequestID(getOrGenerateRequestID(addRequest));
        if (!getPSP().isValid(addRequest, addResponse)) {
            LOG.error(PSPUtil.toString(addResponse));
            if (isLogSpml()) {
                LOG.info("\n{}", toXML(addResponse));
            }
            return addResponse;
        }
        if (!isValidTargetId(addRequest.getPsoID(), addResponse)) {
            LOG.error(PSPUtil.toString(addResponse));
            if (isLogSpml()) {
                LOG.info("\n{}", toXML(addResponse));
            }
            return addResponse;
        }
        String id = addRequest.getPsoID().getID();
        try {
            handleEmptyReferences(addRequest);
            try {
                try {
                    try {
                        Extensible data = addRequest.getData();
                        SortedLdapBeanFactory sortedLdapBeanFactory = new SortedLdapBeanFactory();
                        LdapAttributes newLdapAttributes = sortedLdapBeanFactory.newLdapAttributes();
                        for (DSMLAttr dSMLAttr : PSP.getDSMLAttrMap(data).values()) {
                            BasicAttribute basicAttribute = new BasicAttribute(dSMLAttr.getName());
                            for (DSMLValue dSMLValue : dSMLAttr.getValues()) {
                                basicAttribute.add(dSMLValue.getValue());
                            }
                            LdapAttribute newLdapAttribute = sortedLdapBeanFactory.newLdapAttribute();
                            newLdapAttribute.setAttribute(basicAttribute);
                            newLdapAttributes.addAttribute(newLdapAttribute);
                        }
                        Map<String, List<Reference>> references = PSP.getReferences(addRequest.getCapabilityData());
                        for (String str : references.keySet()) {
                            BasicAttribute basicAttribute2 = new BasicAttribute(str);
                            for (Reference reference : references.get(str)) {
                                if (reference.getToPsoID().getTargetID().equals(getTargetDefinition().getId())) {
                                    String id2 = reference.getToPsoID().getID();
                                    if (id2 == null) {
                                        id2 = LdapUtil.EMPTY_NAME;
                                    }
                                    basicAttribute2.add(id2);
                                }
                            }
                            LdapAttribute newLdapAttribute2 = sortedLdapBeanFactory.newLdapAttribute();
                            newLdapAttribute2.setAttribute(basicAttribute2);
                            newLdapAttributes.addAttribute(newLdapAttribute2);
                        }
                        String escapeForwardSlash = LdapUtil.escapeForwardSlash(id);
                        LOG.debug("{} escaped dn '{}'", pSPUtil, escapeForwardSlash);
                        Ldap checkOut = this.ldapPool.checkOut();
                        LOG.info("{} create", PSPUtil.toString(addRequest));
                        checkOut.create(escapeForwardSlash, newLdapAttributes.toAttributes());
                        if (isLogLdif()) {
                            LdapEntry newLdapEntry = sortedLdapBeanFactory.newLdapEntry();
                            newLdapEntry.setDn(id);
                            newLdapEntry.setLdapAttributes(newLdapAttributes);
                            LdapResult newLdapResult = sortedLdapBeanFactory.newLdapResult();
                            newLdapResult.addEntry(newLdapEntry);
                            LOG.info("{}:\n{}", pSPUtil, new Ldif().createLdif(newLdapResult));
                        }
                        if (addRequest.getReturnData().equals(ReturnData.IDENTIFIER)) {
                            PSO pso = new PSO();
                            pso.setPsoID(addRequest.getPsoID());
                            addResponse.setPso(pso);
                        } else {
                            LookupRequest lookupRequest = new LookupRequest();
                            lookupRequest.setPsoID(addRequest.getPsoID());
                            lookupRequest.setReturnData(addRequest.getReturnData());
                            LookupResponse execute = execute(lookupRequest);
                            if (execute.getStatus() != StatusCode.SUCCESS) {
                                fail((Response) addResponse, execute.getError(), "Unable to lookup object after create.");
                                LOG.error(PSPUtil.toString(addResponse));
                                if (isLogSpml()) {
                                    LOG.info("\n{}", toXML(addResponse));
                                }
                                this.ldapPool.checkIn(checkOut);
                                return addResponse;
                            }
                            addResponse.setPso(execute.getPso());
                        }
                        this.ldapPool.checkIn(checkOut);
                        addResponse.setStatus(StatusCode.SUCCESS);
                        LOG.info(PSPUtil.toString(addResponse));
                        if (isLogSpml()) {
                            LOG.info("\n{}", toXML(addResponse));
                        }
                        return addResponse;
                    } catch (Throwable th) {
                        this.ldapPool.checkIn((BaseLdap) null);
                        throw th;
                    }
                } catch (LdappcException e) {
                    fail((Response) addResponse, ErrorCode.CUSTOM_ERROR, (Exception) e);
                    LOG.error(PSPUtil.toString(addResponse), e);
                    if (isLogSpml()) {
                        LOG.info("\n{}", toXML(addResponse));
                    }
                    this.ldapPool.checkIn((BaseLdap) null);
                    return addResponse;
                } catch (NameAlreadyBoundException e2) {
                    fail((Response) addResponse, ErrorCode.ALREADY_EXISTS, (Exception) e2);
                    LOG.error(PSPUtil.toString(addResponse), e2);
                    if (isLogSpml()) {
                        LOG.info("\n{}", toXML(addResponse));
                    }
                    this.ldapPool.checkIn((BaseLdap) null);
                    return addResponse;
                }
            } catch (LdapPoolException e3) {
                fail((Response) addResponse, ErrorCode.CUSTOM_ERROR, (Exception) e3);
                LOG.error(PSPUtil.toString(addResponse), e3);
                if (isLogSpml()) {
                    LOG.info("\n{}", toXML(addResponse));
                }
                this.ldapPool.checkIn((BaseLdap) null);
                return addResponse;
            } catch (NamingException e4) {
                fail((Response) addResponse, ErrorCode.CUSTOM_ERROR, (Exception) e4);
                LOG.error(PSPUtil.toString(addResponse), e4);
                if (isLogSpml()) {
                    LOG.info("\n{}", toXML(addResponse));
                }
                this.ldapPool.checkIn((BaseLdap) null);
                return addResponse;
            }
        } catch (DSMLProfileException e5) {
            fail((Response) addResponse, ErrorCode.CUSTOM_ERROR, (Exception) e5);
            LOG.error(PSPUtil.toString(addResponse), e5);
            if (isLogSpml()) {
                LOG.info("\n{}", toXML(addResponse));
            }
            return addResponse;
        }
    }

    public DeleteResponse execute(DeleteRequest deleteRequest) {
        String pSPUtil = PSPUtil.toString(deleteRequest);
        LOG.info("{}", pSPUtil);
        if (isLogSpml()) {
            LOG.info("\n{}", toXML(deleteRequest));
        }
        DeleteResponse deleteResponse = new DeleteResponse();
        deleteResponse.setRequestID(getOrGenerateRequestID(deleteRequest));
        if (!isValidTargetId(deleteRequest.getPsoID(), deleteResponse)) {
            LOG.error(PSPUtil.toString((Response) deleteResponse));
            if (isLogSpml()) {
                LOG.info("\n{}", toXML(deleteResponse));
            }
            return deleteResponse;
        }
        String id = deleteRequest.getPsoID().getID();
        Ldap ldap = null;
        try {
            try {
                ldap = this.ldapPool.checkOut();
                LOG.info("{}", pSPUtil);
                String escapeForwardSlash = LdapUtil.escapeForwardSlash(id);
                LOG.debug("{} escaped dn '{}'", pSPUtil, escapeForwardSlash);
                ldap.delete(escapeForwardSlash);
                this.ldapPool.checkIn(ldap);
                deleteResponse.setStatus(StatusCode.SUCCESS);
                if (isLogSpml()) {
                    LOG.info("\n{}", toXML(deleteResponse));
                }
                return deleteResponse;
            } catch (NameNotFoundException e) {
                fail((Response) deleteResponse, ErrorCode.NO_SUCH_IDENTIFIER, (Exception) e);
                LOG.error(PSPUtil.toString((Response) deleteResponse), e);
                if (isLogSpml()) {
                    LOG.info("\n{}", toXML(deleteResponse));
                }
                this.ldapPool.checkIn(ldap);
                return deleteResponse;
            } catch (NamingException e2) {
                fail((Response) deleteResponse, ErrorCode.CUSTOM_ERROR, (Exception) e2);
                LOG.error(PSPUtil.toString((Response) deleteResponse), e2);
                if (isLogSpml()) {
                    LOG.info("\n{}", toXML(deleteResponse));
                }
                this.ldapPool.checkIn(ldap);
                return deleteResponse;
            } catch (LdapPoolException e3) {
                fail((Response) deleteResponse, ErrorCode.CUSTOM_ERROR, (Exception) e3);
                LOG.error(PSPUtil.toString((Response) deleteResponse), e3);
                if (isLogSpml()) {
                    LOG.info("\n{}", toXML(deleteResponse));
                }
                this.ldapPool.checkIn(ldap);
                return deleteResponse;
            }
        } catch (Throwable th) {
            this.ldapPool.checkIn(ldap);
            throw th;
        }
    }

    public LookupResponse execute(LookupRequest lookupRequest) {
        String pSPUtil = PSPUtil.toString(lookupRequest);
        LOG.info("{}", pSPUtil);
        if (isLogSpml()) {
            LOG.info("\n{}", toXML(lookupRequest));
        }
        LookupResponse lookupResponse = new LookupResponse();
        lookupResponse.setRequestID(getOrGenerateRequestID(lookupRequest));
        if (lookupRequest.getPsoID() == null || lookupRequest.getPsoID().getID() == null) {
            fail((Response) lookupResponse, ErrorCode.MALFORMED_REQUEST, PSPConstants.ERROR_NULL_PSO_ID);
            LOG.error("{}", PSPUtil.toString(lookupResponse));
            if (isLogSpml()) {
                LOG.info("\n{}", toXML(lookupResponse));
            }
            return lookupResponse;
        }
        String targetID = lookupRequest.getPsoID().getTargetID();
        if (GrouperUtil.isBlank(targetID)) {
            fail((Response) lookupResponse, ErrorCode.MALFORMED_REQUEST, PSPConstants.ERROR_NULL_TARGET_ID);
            LOG.error("{}", PSPUtil.toString(lookupResponse));
            if (isLogSpml()) {
                LOG.info("\n{}", toXML(lookupResponse));
            }
            return lookupResponse;
        }
        if (!targetID.equals(getTargetDefinition().getId())) {
            fail((Response) lookupResponse, ErrorCode.INVALID_IDENTIFIER, new String[0]);
            LOG.error("{}", PSPUtil.toString(lookupResponse));
            if (isLogSpml()) {
                LOG.info("\n{}", toXML(lookupResponse));
            }
            return lookupResponse;
        }
        String id = lookupRequest.getPsoID().getID();
        try {
            try {
                try {
                    try {
                        SearchFilter searchFilter = new SearchFilter();
                        searchFilter.setFilter("objectclass=*");
                        SearchControls searchControls = new SearchControls();
                        searchControls.setSearchScope(0);
                        String[] strArr = (String[]) getTargetDefinition().getNames(lookupRequest.getReturnData()).toArray(new String[0]);
                        searchControls.setReturningAttributes(strArr);
                        String escapeForwardSlash = LdapUtil.escapeForwardSlash(id);
                        LOG.debug("{} dn '{}' attrs {}", new Object[]{pSPUtil, escapeForwardSlash, strArr});
                        Ldap checkOut = this.ldapPool.checkOut();
                        Iterator search = checkOut.search(escapeForwardSlash, searchFilter, searchControls);
                        if (!search.hasNext()) {
                            fail((Response) lookupResponse, ErrorCode.NO_SUCH_IDENTIFIER, new String[0]);
                            LOG.error("{}", PSPUtil.toString(lookupResponse));
                            if (isLogSpml()) {
                                LOG.info("\n{}", toXML(lookupResponse));
                            }
                            this.ldapPool.checkIn(checkOut);
                            return lookupResponse;
                        }
                        SearchResult searchResult = (SearchResult) search.next();
                        if (search.hasNext()) {
                            fail((Response) lookupResponse, ErrorCode.CUSTOM_ERROR, "More than one result found.");
                            LOG.error("{}", PSPUtil.toString(lookupResponse));
                            if (isLogSpml()) {
                                LOG.info("\n{}", toXML(lookupResponse));
                            }
                            this.ldapPool.checkIn(checkOut);
                            return lookupResponse;
                        }
                        Attributes attributes = searchResult.getAttributes();
                        OrderedLdapBeanFactory orderedLdapBeanFactory = new OrderedLdapBeanFactory();
                        SortedLdapBeanFactory sortedLdapBeanFactory = new SortedLdapBeanFactory();
                        LdapAttributes newLdapAttributes = orderedLdapBeanFactory.newLdapAttributes();
                        for (String str : strArr) {
                            Attribute attribute = attributes.get(str);
                            if (attribute != null) {
                                LdapAttribute newLdapAttribute = sortedLdapBeanFactory.newLdapAttribute();
                                newLdapAttribute.setAttribute(attribute);
                                newLdapAttributes.addAttribute(newLdapAttribute);
                            }
                        }
                        LdapEntry newLdapEntry = sortedLdapBeanFactory.newLdapEntry();
                        newLdapEntry.setDn(id);
                        newLdapEntry.setLdapAttributes(newLdapAttributes);
                        if (isLogLdif()) {
                            LdapResult newLdapResult = sortedLdapBeanFactory.newLdapResult();
                            newLdapResult.addEntry(newLdapEntry);
                            LOG.info("{}\n{}", pSPUtil, new LdifResultConverter().toLdif(newLdapResult));
                        }
                        lookupResponse.setPso(getPSO(newLdapEntry, lookupRequest.getReturnData()));
                        this.ldapPool.checkIn(checkOut);
                        lookupResponse.setStatus(StatusCode.SUCCESS);
                        LOG.info("{}", PSPUtil.toString(lookupResponse));
                        if (isLogSpml()) {
                            LOG.info("\n{}", toXML(lookupResponse));
                        }
                        return lookupResponse;
                    } catch (DSMLProfileException e) {
                        fail((Response) lookupResponse, ErrorCode.CUSTOM_ERROR, (Exception) e);
                        LOG.error(PSPUtil.toString(lookupResponse), e);
                        if (isLogSpml()) {
                            LOG.info("\n{}", toXML(lookupResponse));
                        }
                        this.ldapPool.checkIn((BaseLdap) null);
                        return lookupResponse;
                    } catch (NamingException e2) {
                        fail((Response) lookupResponse, ErrorCode.CUSTOM_ERROR, (Exception) e2);
                        LOG.error(PSPUtil.toString(lookupResponse), e2);
                        if (isLogSpml()) {
                            LOG.info("\n{}", toXML(lookupResponse));
                        }
                        this.ldapPool.checkIn((BaseLdap) null);
                        return lookupResponse;
                    }
                } catch (Spml2Exception e3) {
                    fail((Response) lookupResponse, ErrorCode.CUSTOM_ERROR, (Exception) e3);
                    LOG.error(PSPUtil.toString(lookupResponse), e3);
                    if (isLogSpml()) {
                        LOG.info("\n{}", toXML(lookupResponse));
                    }
                    this.ldapPool.checkIn((BaseLdap) null);
                    return lookupResponse;
                } catch (InvalidNameException e4) {
                    fail((Response) lookupResponse, ErrorCode.CUSTOM_ERROR, (Exception) e4);
                    LOG.error(PSPUtil.toString(lookupResponse), e4);
                    if (isLogSpml()) {
                        LOG.info("\n{}", toXML(lookupResponse));
                    }
                    this.ldapPool.checkIn((BaseLdap) null);
                    return lookupResponse;
                }
            } catch (LdapPoolException e5) {
                fail((Response) lookupResponse, ErrorCode.CUSTOM_ERROR, (Exception) e5);
                LOG.error(PSPUtil.toString(lookupResponse), e5);
                if (isLogSpml()) {
                    LOG.info("\n{}", toXML(lookupResponse));
                }
                this.ldapPool.checkIn((BaseLdap) null);
                return lookupResponse;
            } catch (NameNotFoundException e6) {
                fail((Response) lookupResponse, ErrorCode.NO_SUCH_IDENTIFIER, new String[0]);
                LOG.error(PSPUtil.toString(lookupResponse));
                LOG.debug(PSPUtil.toString(lookupResponse), e6);
                if (isLogSpml()) {
                    LOG.info("\n{}", toXML(lookupResponse));
                }
                this.ldapPool.checkIn((BaseLdap) null);
                return lookupResponse;
            }
        } catch (Throwable th) {
            this.ldapPool.checkIn((BaseLdap) null);
            throw th;
        }
    }

    public ModifyResponse execute(ModifyRequest modifyRequest) {
        String pSPUtil = PSPUtil.toString(modifyRequest);
        LOG.info("{}", pSPUtil);
        if (isLogSpml()) {
            LOG.info("\n{}", toXML(modifyRequest));
        }
        ModifyResponse modifyResponse = new ModifyResponse();
        modifyResponse.setRequestID(getOrGenerateRequestID(modifyRequest));
        if (!getPSP().isValid(modifyRequest, modifyResponse)) {
            LOG.error(PSPUtil.toString(modifyResponse));
            if (isLogSpml()) {
                LOG.info("\n{}", toXML(modifyResponse));
            }
            return modifyResponse;
        }
        if (!isValidTargetId(modifyRequest.getPsoID(), modifyResponse)) {
            LOG.error(PSPUtil.toString(modifyResponse));
            if (isLogSpml()) {
                LOG.info("\n{}", toXML(modifyResponse));
            }
            return modifyResponse;
        }
        String id = modifyRequest.getPsoID().getID();
        try {
            try {
                ArrayList arrayList = new ArrayList();
                for (Modification modification : modifyRequest.getModifications()) {
                    arrayList.addAll(getDsmlMods(modification));
                    arrayList.addAll(getReferenceMods(modification));
                }
                Ldap checkOut = this.ldapPool.checkOut();
                LOG.debug("{} mods {}", pSPUtil, arrayList);
                String escapeForwardSlash = LdapUtil.escapeForwardSlash(id);
                LOG.debug("{} escaped dn '{}'", pSPUtil, escapeForwardSlash);
                checkOut.modifyAttributes(escapeForwardSlash, (ModificationItem[]) arrayList.toArray(new ModificationItem[0]));
                if (modifyRequest.getReturnData().equals(ReturnData.IDENTIFIER)) {
                    PSO pso = new PSO();
                    pso.setPsoID(modifyRequest.getPsoID());
                    modifyResponse.setPso(pso);
                } else {
                    LookupRequest lookupRequest = new LookupRequest();
                    lookupRequest.setPsoID(modifyRequest.getPsoID());
                    lookupRequest.setReturnData(modifyRequest.getReturnData());
                    LookupResponse execute = execute(lookupRequest);
                    if (execute.getStatus() != StatusCode.SUCCESS) {
                        fail((Response) modifyResponse, execute.getError(), new String[0]);
                        LOG.error(PSPUtil.toString(modifyResponse));
                        if (isLogSpml()) {
                            LOG.info("\n{}", toXML(modifyResponse));
                        }
                        this.ldapPool.checkIn(checkOut);
                        return modifyResponse;
                    }
                    modifyResponse.setPso(execute.getPso());
                }
                this.ldapPool.checkIn(checkOut);
                modifyResponse.setStatus(StatusCode.SUCCESS);
                LOG.info(PSPUtil.toString(modifyResponse));
                if (isLogSpml()) {
                    LOG.info("\n{}", toXML(modifyResponse));
                }
                return modifyResponse;
            } catch (LdappcException e) {
                fail((Response) modifyResponse, ErrorCode.CUSTOM_ERROR, (Exception) e);
                LOG.error(PSPUtil.toString(modifyResponse), e);
                if (isLogSpml()) {
                    LOG.info("\n{}", toXML(modifyResponse));
                }
                this.ldapPool.checkIn((BaseLdap) null);
                return modifyResponse;
            } catch (LdapPoolException e2) {
                fail((Response) modifyResponse, ErrorCode.CUSTOM_ERROR, (Exception) e2);
                LOG.error(PSPUtil.toString(modifyResponse), e2);
                if (isLogSpml()) {
                    LOG.info("\n{}", toXML(modifyResponse));
                }
                this.ldapPool.checkIn((BaseLdap) null);
                return modifyResponse;
            } catch (NamingException e3) {
                fail((Response) modifyResponse, ErrorCode.CUSTOM_ERROR, (Exception) e3);
                LOG.error(PSPUtil.toString(modifyResponse), e3);
                if (isLogSpml()) {
                    LOG.info("\n{}", toXML(modifyResponse));
                }
                this.ldapPool.checkIn((BaseLdap) null);
                return modifyResponse;
            }
        } catch (Throwable th) {
            this.ldapPool.checkIn((BaseLdap) null);
            throw th;
        }
    }

    public SearchResponse execute(SearchRequest searchRequest) {
        String pSPUtil = PSPUtil.toString(searchRequest);
        LOG.info("{}", pSPUtil);
        if (isLogSpml()) {
            LOG.info("\n{}", toXML(searchRequest));
        }
        SearchResponse searchResponse = new SearchResponse();
        searchResponse.setRequestID(getOrGenerateRequestID(searchRequest));
        Query query = searchRequest.getQuery();
        if (GrouperUtil.isBlank(query)) {
            fail((Response) searchResponse, ErrorCode.MALFORMED_REQUEST, PSPConstants.ERROR_NULL_QUERY);
            LOG.error("{}", searchResponse);
            if (isLogSpml()) {
                LOG.info("\n{}", toXML(searchResponse));
            }
            return searchResponse;
        }
        if (query.getTargetID() != null && !query.getTargetID().equals(getTargetDefinition().getId())) {
            fail((Response) searchResponse, ErrorCode.MALFORMED_REQUEST, "Target ID " + query.getTargetID() + " does not match this target " + getTargetDefinition().getId());
            LOG.error("{}", searchResponse);
            if (isLogSpml()) {
                LOG.info("\n{}", toXML(searchResponse));
            }
            return searchResponse;
        }
        String str = null;
        for (QueryClause queryClause : query.getQueryClauses()) {
            if (queryClause instanceof LdapFilterQueryClause) {
                str = ((LdapFilterQueryClause) queryClause).getFilter();
            }
        }
        if (GrouperUtil.isBlank(str)) {
            fail((Response) searchResponse, ErrorCode.MALFORMED_REQUEST, "A filter is required.");
            LOG.error("{}", searchResponse);
            if (isLogSpml()) {
                LOG.info("\n{}", toXML(searchResponse));
            }
            return searchResponse;
        }
        if (query.getBasePsoID() == null || query.getBasePsoID().getID() == null) {
            fail((Response) searchResponse, ErrorCode.MALFORMED_REQUEST, "A basePsoID is required.");
            LOG.error("{}", searchResponse);
            if (isLogSpml()) {
                LOG.info("\n{}", toXML(searchResponse));
            }
            return searchResponse;
        }
        String id = query.getBasePsoID().getID();
        SearchControls searchControls = new SearchControls();
        Scope scope = query.getScope();
        if (scope != null) {
            searchControls.setSearchScope(PSPUtil.getScope(scope));
        }
        Ldap ldap = null;
        try {
            try {
                try {
                    String[] strArr = (String[]) getTargetDefinition().getNames(searchRequest.getReturnData()).toArray(new String[0]);
                    searchControls.setReturningAttributes(strArr);
                    ldap = this.ldapPool.checkOut();
                    LOG.debug("{} retAttrs {}", pSPUtil, Arrays.asList(strArr));
                    Iterator search = ldap.search(id, new SearchFilter(str), searchControls);
                    LdapResult newLdapResult = new SortedLdapBeanFactory().newLdapResult();
                    newLdapResult.addEntries(search);
                    Collection entries = newLdapResult.getEntries();
                    LOG.debug("{} found {}", pSPUtil, Integer.valueOf(entries.size()));
                    Iterator it = entries.iterator();
                    while (it.hasNext()) {
                        searchResponse.addPSO(getPSO((LdapEntry) it.next(), searchRequest.getReturnData()));
                    }
                    if (this.logLdif) {
                        LOG.info("{}:\n{}", pSPUtil, new Ldif().createLdif(newLdapResult));
                    }
                    this.ldapPool.checkIn(ldap);
                    searchResponse.setStatus(StatusCode.SUCCESS);
                    LOG.info("{}", PSPUtil.toString(searchResponse));
                    if (isLogSpml()) {
                        LOG.info("\n{}", toXML(searchResponse));
                    }
                    return searchResponse;
                } catch (NamingException e) {
                    fail((Response) searchResponse, ErrorCode.CUSTOM_ERROR, (Exception) e);
                    LOG.error(PSPUtil.toString(searchResponse), e);
                    if (isLogSpml()) {
                        LOG.info("\n{}", toXML(searchResponse));
                    }
                    this.ldapPool.checkIn(ldap);
                    return searchResponse;
                } catch (Spml2Exception e2) {
                    fail((Response) searchResponse, ErrorCode.CUSTOM_ERROR, (Exception) e2);
                    LOG.error(PSPUtil.toString(searchResponse), e2);
                    if (isLogSpml()) {
                        LOG.info("\n{}", toXML(searchResponse));
                    }
                    this.ldapPool.checkIn(ldap);
                    return searchResponse;
                }
            } catch (LdapPoolException e3) {
                fail((Response) searchResponse, ErrorCode.CUSTOM_ERROR, (Exception) e3);
                LOG.error(PSPUtil.toString(searchResponse), e3);
                if (isLogSpml()) {
                    LOG.info("\n{}", toXML(searchResponse));
                }
                this.ldapPool.checkIn(ldap);
                return searchResponse;
            } catch (NameNotFoundException e4) {
                fail((Response) searchResponse, ErrorCode.NO_SUCH_IDENTIFIER, (Exception) e4);
                LOG.error(PSPUtil.toString(searchResponse), e4);
                if (isLogSpml()) {
                    LOG.info("\n{}", toXML(searchResponse));
                }
                this.ldapPool.checkIn(ldap);
                return searchResponse;
            }
        } catch (Throwable th) {
            this.ldapPool.checkIn(ldap);
            throw th;
        }
    }

    protected PSO getPSO(LdapEntry ldapEntry, ReturnData returnData) throws Spml2Exception {
        String str = "get pso for '" + ldapEntry.getDn() + "' target '" + getTargetDefinition().getId() + "'";
        PSO pso = new PSO();
        PSODefinition pSODefinition = getPSODefinition(ldapEntry);
        LOG.debug("{} schema entity '{}'", str, pSODefinition.getId());
        pso.addOpenContentAttr(PSODefinition.ENTITY_NAME_ATTRIBUTE, pSODefinition.getId());
        PSOIdentifier pSOIdentifier = new PSOIdentifier();
        pSOIdentifier.setTargetID(getTargetDefinition().getId());
        try {
            pSOIdentifier.setID(LdapUtil.canonicalizeDn(ldapEntry.getDn()));
            pso.setPsoID(pSOIdentifier);
            LdapAttributes ldapAttributes = ldapEntry.getLdapAttributes();
            if (returnData.equals(ReturnData.DATA) || returnData.equals(ReturnData.EVERYTHING)) {
                TreeMap treeMap = new TreeMap(String.CASE_INSENSITIVE_ORDER);
                for (String str2 : pSODefinition.getAttributeNames()) {
                    treeMap.put(str2, str2);
                }
                TreeMap treeMap2 = new TreeMap(String.CASE_INSENSITIVE_ORDER);
                if (returnData.equals(ReturnData.EVERYTHING)) {
                    for (String str3 : pSODefinition.getReferenceNames()) {
                        treeMap2.put(str3, str3);
                    }
                }
                Extensible extensible = new Extensible();
                ArrayList arrayList = new ArrayList();
                for (LdapAttribute ldapAttribute : ldapAttributes.getAttributes()) {
                    if (treeMap.containsKey(ldapAttribute.getName())) {
                        extensible.addOpenContentElement(getDsmlAttr((String) treeMap.get(ldapAttribute.getName()), ldapAttribute.getStringValues()));
                    } else if (returnData.equals(ReturnData.EVERYTHING) && treeMap2.containsKey(ldapAttribute.getName())) {
                        arrayList.addAll(getReferences((String) treeMap2.get(ldapAttribute.getName()), ldapAttribute.getStringValues()));
                    } else {
                        LOG.trace("{} ignoring attribute '{}'", str, ldapAttribute.getName());
                    }
                    if (extensible.getOpenContentElements().length > 0) {
                        pso.setData(extensible);
                    }
                    if (returnData.equals(ReturnData.EVERYTHING)) {
                        PSPUtil.setReferences(pso, arrayList);
                    }
                }
            }
            return pso;
        } catch (InvalidNameException e) {
            LOG.error(str + " Unable to canonicalize entry dn.", e);
            throw new Spml2Exception(e);
        }
    }

    protected PSODefinition getPSODefinition(LdapEntry ldapEntry) throws LdappcException {
        Attributes attributes = ldapEntry.getLdapAttributes().toAttributes();
        PSODefinition pSODefinition = null;
        for (PSODefinition pSODefinition2 : getTargetDefinition().getPsoDefinitions()) {
            String name = pSODefinition2.getPsoIdentifierDefinition().getIdentifyingAttribute().getName();
            String value = pSODefinition2.getPsoIdentifierDefinition().getIdentifyingAttribute().getValue();
            Attribute attribute = attributes.get(name);
            if (attribute != null && attribute.contains(value)) {
                if (pSODefinition != null) {
                    LOG.error("More than one schema entity found for " + ldapEntry.getDn());
                    throw new LdappcException("More than one schema entity found for " + ldapEntry.getDn());
                }
                pSODefinition = pSODefinition2;
            }
        }
        if (pSODefinition != null) {
            return pSODefinition;
        }
        LOG.error("Unable to determine schema entity for " + ldapEntry.getDn());
        throw new LdappcException("Unable to determine schema entity for " + ldapEntry.getDn());
    }

    protected DSMLAttr getDsmlAttr(String str, Collection<String> collection) throws DSMLProfileException {
        DSMLAttr dSMLAttr = new DSMLAttr(str, (DSMLValue[]) null);
        Iterator<String> it = collection.iterator();
        while (it.hasNext()) {
            dSMLAttr.addValue(new DSMLValue(it.next()));
        }
        return dSMLAttr;
    }

    protected List<Reference> getReferences(String str, Collection<String> collection) throws Spml2Exception {
        try {
            ArrayList arrayList = new ArrayList();
            for (String str2 : collection) {
                Reference reference = new Reference();
                PSOIdentifier pSOIdentifier = new PSOIdentifier();
                pSOIdentifier.setID(LdapUtil.canonicalizeDn(str2));
                pSOIdentifier.setTargetID(getTargetDefinition().getId());
                reference.setToPsoID(pSOIdentifier);
                reference.setTypeOfReference(str);
                arrayList.add(reference);
            }
            return arrayList;
        } catch (InvalidNameException e) {
            LOG.error("Unable to canonicalize name", e);
            throw new Spml2Exception(e);
        }
    }

    protected List<ModificationItem> getDsmlMods(Modification modification) {
        int i;
        ArrayList arrayList = new ArrayList();
        for (DSMLModification dSMLModification : modification.getOpenContentElements(DSMLModification.class)) {
            BasicAttribute basicAttribute = new BasicAttribute(dSMLModification.getName());
            for (DSMLValue dSMLValue : dSMLModification.getValues()) {
                basicAttribute.add(dSMLValue.getValue());
            }
            if (dSMLModification.getOperation().equals(ModificationMode.ADD)) {
                i = 1;
            } else if (dSMLModification.getOperation().equals(ModificationMode.DELETE)) {
                i = 3;
            } else {
                if (!dSMLModification.getOperation().equals(ModificationMode.REPLACE)) {
                    throw new LdappcException("Unknown dsml modification operation : " + dSMLModification.getOperation());
                }
                i = 2;
            }
            arrayList.add(new ModificationItem(i, basicAttribute));
        }
        return arrayList;
    }

    protected List<ModificationItem> getReferenceMods(Modification modification) {
        int i;
        ArrayList arrayList = new ArrayList();
        Map<String, List<Reference>> references = PSP.getReferences(modification.getCapabilityData());
        if (references.isEmpty()) {
            return arrayList;
        }
        for (String str : references.keySet()) {
            ArrayList arrayList2 = new ArrayList();
            for (Reference reference : references.get(str)) {
                if (reference.getToPsoID().getTargetID().equals(getTargetDefinition().getId())) {
                    String id = reference.getToPsoID().getID();
                    if (id == null) {
                        id = LdapUtil.EMPTY_NAME;
                    }
                    arrayList2.add(id);
                }
            }
            BasicAttribute basicAttribute = new BasicAttribute(str);
            Iterator it = arrayList2.iterator();
            while (it.hasNext()) {
                basicAttribute.add((String) it.next());
            }
            if (modification.getModificationMode().equals(ModificationMode.ADD)) {
                i = 1;
            } else if (modification.getModificationMode().equals(ModificationMode.DELETE)) {
                i = 3;
            } else {
                if (!modification.getModificationMode().equals(ModificationMode.REPLACE)) {
                    throw new LdappcException("Unknown modification operation : " + modification.getModificationMode());
                }
                i = 2;
            }
            arrayList.add(new ModificationItem(i, basicAttribute));
        }
        return arrayList;
    }

    protected void handleEmptyReferences(AddRequest addRequest) throws DSMLProfileException {
        DSMLAttr dSMLAttr;
        if (addRequest.getReturnData().equals(ReturnData.DATA)) {
            LOG.trace("add request before:\n{}", toXML(addRequest));
            String findOpenContentAttrValueByName = addRequest.findOpenContentAttrValueByName(PSODefinition.ENTITY_NAME_ATTRIBUTE);
            if (findOpenContentAttrValueByName == null) {
                LOG.debug("TODO");
                return;
            }
            PSODefinition pSODefinition = getTargetDefinition().getPSODefinition(findOpenContentAttrValueByName);
            if (pSODefinition == null) {
                LOG.debug("TODO");
                return;
            }
            Map<String, DSMLAttr> dSMLAttrMap = PSP.getDSMLAttrMap(addRequest.getData());
            for (PSOReferencesDefinition pSOReferencesDefinition : pSODefinition.getReferenceDefinitions()) {
                if (pSOReferencesDefinition.getEmptyValue() != null && ((dSMLAttr = dSMLAttrMap.get(pSOReferencesDefinition.getName())) == null || dSMLAttr.getValues().length == 0)) {
                    LOG.debug("TODO");
                    addRequest.getData().addOpenContentElement(new DSMLAttr(pSOReferencesDefinition.getName(), pSOReferencesDefinition.getEmptyValue()));
                }
            }
            LOG.trace("add request after:\n{}", toXML(addRequest));
        }
    }

    public boolean isValidTargetId(PSOIdentifier pSOIdentifier, Response response) {
        if (pSOIdentifier.getTargetID().equals(getTargetDefinition().getId())) {
            return true;
        }
        fail(response, ErrorCode.INVALID_IDENTIFIER, new String[0]);
        return false;
    }
}
