package org.forgerock.opendj.examples;

import java.io.File;
import java.io.IOException;
import java.security.GeneralSecurityException;
import javax.net.ssl.X509TrustManager;
import org.forgerock.opendj.ldap.Connection;
import org.forgerock.opendj.ldap.LDAPConnectionFactory;
import org.forgerock.opendj.ldap.LDAPOptions;
import org.forgerock.opendj.ldap.LdapException;
import org.forgerock.opendj.ldap.ResultCode;
import org.forgerock.opendj.ldap.SSLContextBuilder;
import org.forgerock.opendj.ldap.TrustManagers;
import org.glassfish.grizzly.ssl.SSLContextConfigurator;

/* loaded from: input_file:org/forgerock/opendj/examples/SimpleAuth.class */
public final class SimpleAuth {
    private static String host;
    private static int port;
    private static String bindDN;
    private static String bindPassword;
    private static boolean useStartTLS;
    private static boolean useSSL;
    private static String keystore;
    private static String storepass;

    public static void main(String[] strArr) {
        parseArgs(strArr);
        if (useStartTLS) {
            connectStartTLS();
        } else if (useSSL) {
            connectSSL();
        } else {
            connect();
        }
    }

    private static void connect() {
        Connection connection = null;
        try {
            try {
                connection = new LDAPConnectionFactory(host, port).getConnection();
                connection.bind(bindDN, bindPassword.toCharArray());
                System.out.println("Authenticated as " + bindDN + ".");
                if (connection != null) {
                    connection.close();
                }
            } catch (LdapException e) {
                System.err.println(e.getMessage());
                System.exit(e.getResult().getResultCode().intValue());
                if (connection != null) {
                    connection.close();
                }
            }
        } catch (Throwable th) {
            if (connection != null) {
                connection.close();
            }
            throw th;
        }
    }

    private static LDAPOptions getTrustOptions(String str, String str2, String str3) throws GeneralSecurityException {
        LDAPOptions lDAPOptions = new LDAPOptions();
        X509TrustManager x509TrustManager = null;
        try {
            x509TrustManager = TrustManagers.checkValidityDates(TrustManagers.checkHostName(str, TrustManagers.checkUsingTrustStore(str2, str3.toCharArray(), null)));
        } catch (IOException e) {
            e.printStackTrace();
            System.exit(1);
        }
        if (x509TrustManager != null) {
            lDAPOptions.setSSLContext(new SSLContextBuilder().setTrustManager(x509TrustManager).getSSLContext());
        }
        lDAPOptions.setUseStartTLS(useStartTLS);
        return lDAPOptions;
    }

    private static void secureConnect() {
        Connection connection = null;
        try {
            try {
                connection = new LDAPConnectionFactory(host, port, getTrustOptions(host, keystore, storepass)).getConnection();
                connection.bind(bindDN, bindPassword.toCharArray());
                System.out.println("Authenticated as " + bindDN + ".");
                if (connection != null) {
                    connection.close();
                }
            } catch (GeneralSecurityException e) {
                System.err.println(e.getMessage());
                System.exit(ResultCode.CLIENT_SIDE_CONNECT_ERROR.intValue());
                if (connection != null) {
                    connection.close();
                }
            } catch (LdapException e2) {
                System.err.println(e2.getMessage());
                System.exit(e2.getResult().getResultCode().intValue());
                if (connection != null) {
                    connection.close();
                }
            }
        } catch (Throwable th) {
            if (connection != null) {
                connection.close();
            }
            throw th;
        }
    }

    private static LDAPOptions getTrustAllOptions() throws GeneralSecurityException {
        LDAPOptions lDAPOptions = new LDAPOptions();
        lDAPOptions.setSSLContext(new SSLContextBuilder().setTrustManager(TrustManagers.trustAll()).getSSLContext());
        lDAPOptions.setUseStartTLS(useStartTLS);
        return lDAPOptions;
    }

    private static void trustAllConnect() {
        Connection connection = null;
        try {
            try {
                try {
                    connection = new LDAPConnectionFactory(host, port, getTrustAllOptions()).getConnection();
                    connection.bind(bindDN, bindPassword.toCharArray());
                    System.out.println("Authenticated as " + bindDN + ".");
                    if (connection != null) {
                        connection.close();
                    }
                } catch (GeneralSecurityException e) {
                    System.err.println(e.getMessage());
                    System.exit(ResultCode.CLIENT_SIDE_CONNECT_ERROR.intValue());
                    if (connection != null) {
                        connection.close();
                    }
                }
            } catch (LdapException e2) {
                System.err.println(e2.getMessage());
                System.exit(e2.getResult().getResultCode().intValue());
                if (connection != null) {
                    connection.close();
                }
            }
        } catch (Throwable th) {
            if (connection != null) {
                connection.close();
            }
            throw th;
        }
    }

    private static void connectStartTLS() {
        secureConnect();
    }

    private static void connectSSL() {
        secureConnect();
    }

    private static void parseArgs(String[] strArr) {
        if (strArr.length < 4 || strArr.length > 5) {
            giveUp();
        }
        host = strArr[0];
        port = Integer.parseInt(strArr[1]);
        bindDN = strArr[2];
        bindPassword = strArr[3];
        if (strArr.length == 5) {
            if ("use-starttls".equals(strArr[4].toLowerCase())) {
                useStartTLS = true;
                useSSL = false;
            } else if ("use-ssl".equals(strArr[4].toLowerCase())) {
                useStartTLS = false;
                useSSL = true;
            } else {
                giveUp();
            }
        }
        keystore = System.getProperty(SSLContextConfigurator.TRUST_STORE_FILE);
        storepass = System.getProperty(SSLContextConfigurator.TRUST_STORE_PASSWORD);
        if (keystore == null) {
            keystore = System.getProperty("java.home") + File.separator + "lib" + File.separator + "security" + File.separator + "cacerts";
            storepass = "changeit";
        }
    }

    private static void giveUp() {
        printUsage();
        System.exit(1);
    }

    private static void printUsage() {
        System.err.println("Usage: host port bind-dn bind-password [ use-starttls | use-ssl ]");
        System.err.println("\thost, port, bind-dn, and bind-password arguments are required.");
        System.err.println("\tuse-starttls and use-ssl are optional and mutually exclusive.");
        System.err.println("\tOptionally set javax.net.ssl.trustStore and javax.net.ssl.trustStorePassword.");
    }

    private SimpleAuth() {
    }
}
