package org.forgerock.opendj.grizzly;

import java.io.EOFException;
import java.io.IOException;
import javax.net.ssl.SSLEngine;
import org.forgerock.opendj.grizzly.LDAPBaseFilter;
import org.forgerock.opendj.io.AbstractLDAPMessageHandler;
import org.forgerock.opendj.io.LDAP;
import org.forgerock.opendj.io.LDAPReader;
import org.forgerock.opendj.io.LDAPWriter;
import org.forgerock.opendj.ldap.ConnectionSecurityLayer;
import org.forgerock.opendj.ldap.DecodeException;
import org.forgerock.opendj.ldap.DecodeOptions;
import org.forgerock.opendj.ldap.LdapException;
import org.forgerock.opendj.ldap.ResultCode;
import org.forgerock.opendj.ldap.requests.AddRequest;
import org.forgerock.opendj.ldap.requests.BindClient;
import org.forgerock.opendj.ldap.requests.CompareRequest;
import org.forgerock.opendj.ldap.requests.DeleteRequest;
import org.forgerock.opendj.ldap.requests.ExtendedRequest;
import org.forgerock.opendj.ldap.requests.ModifyDNRequest;
import org.forgerock.opendj.ldap.requests.ModifyRequest;
import org.forgerock.opendj.ldap.requests.SearchRequest;
import org.forgerock.opendj.ldap.requests.StartTLSExtendedRequest;
import org.forgerock.opendj.ldap.responses.BindResult;
import org.forgerock.opendj.ldap.responses.CompareResult;
import org.forgerock.opendj.ldap.responses.ExtendedResult;
import org.forgerock.opendj.ldap.responses.IntermediateResponse;
import org.forgerock.opendj.ldap.responses.Responses;
import org.forgerock.opendj.ldap.responses.Result;
import org.forgerock.opendj.ldap.responses.SearchResultEntry;
import org.forgerock.opendj.ldap.responses.SearchResultReference;
import org.forgerock.opendj.ldap.spi.BindResultLdapPromiseImpl;
import org.forgerock.opendj.ldap.spi.ExtendedResultLdapPromiseImpl;
import org.forgerock.opendj.ldap.spi.ResultLdapPromiseImpl;
import org.forgerock.opendj.ldap.spi.SearchResultLdapPromiseImpl;
import org.glassfish.grizzly.CompletionHandler;
import org.glassfish.grizzly.Connection;
import org.glassfish.grizzly.EmptyCompletionHandler;
import org.glassfish.grizzly.Grizzly;
import org.glassfish.grizzly.WriteResult;
import org.glassfish.grizzly.attributes.Attribute;
import org.glassfish.grizzly.attributes.AttributeStorage;
import org.glassfish.grizzly.filterchain.FilterChainContext;
import org.glassfish.grizzly.filterchain.NextAction;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:org/forgerock/opendj/grizzly/LDAPClientFilter.class */
public final class LDAPClientFilter extends LDAPBaseFilter {
    private static final Attribute<GrizzlyLDAPConnection> LDAP_CONNECTION_ATTR = Grizzly.DEFAULT_ATTRIBUTE_BUILDER.createAttribute("LDAPClientConnection");
    private static final Attribute<ClientResponseHandler> RESPONSE_HANDLER_ATTR = Grizzly.DEFAULT_ATTRIBUTE_BUILDER.createAttribute("ClientResponseHandler");

    /* loaded from: input_file:org/forgerock/opendj/grizzly/LDAPClientFilter$ClientResponseHandler.class */
    static final class ClientResponseHandler extends AbstractLDAPMessageHandler implements LDAPBaseFilter.LDAPBaseHandler {
        private final LDAPReader<ASN1BufferReader> reader;
        private FilterChainContext context;

        ClientResponseHandler(LDAPReader<ASN1BufferReader> lDAPReader) {
            this.reader = lDAPReader;
        }

        void setFilterChainContext(FilterChainContext filterChainContext) {
            this.context = filterChainContext;
        }

        @Override // org.forgerock.opendj.grizzly.LDAPBaseFilter.LDAPBaseHandler
        public LDAPReader<ASN1BufferReader> getReader() {
            return this.reader;
        }

        @Override // org.forgerock.opendj.io.AbstractLDAPMessageHandler, org.forgerock.opendj.io.LDAPMessageHandler
        public void addResult(int i, Result result) throws DecodeException, IOException {
            ResultLdapPromiseImpl<?, ?> removePendingRequest;
            GrizzlyLDAPConnection grizzlyLDAPConnection = (GrizzlyLDAPConnection) LDAPClientFilter.LDAP_CONNECTION_ATTR.get(this.context.getConnection());
            if (grizzlyLDAPConnection == null || (removePendingRequest = grizzlyLDAPConnection.removePendingRequest(Integer.valueOf(i))) == null) {
                return;
            }
            if (!(removePendingRequest.getRequest() instanceof AddRequest)) {
                throw newUnexpectedResponseException(i, result);
            }
            removePendingRequest.setResultOrError(result);
        }

        @Override // org.forgerock.opendj.io.AbstractLDAPMessageHandler, org.forgerock.opendj.io.LDAPMessageHandler
        public void bindResult(int i, BindResult bindResult) throws DecodeException, IOException {
            ResultLdapPromiseImpl<?, ?> removePendingRequest;
            ConnectionSecurityLayer connectionSecurityLayer;
            GrizzlyLDAPConnection grizzlyLDAPConnection = (GrizzlyLDAPConnection) LDAPClientFilter.LDAP_CONNECTION_ATTR.get(this.context.getConnection());
            if (grizzlyLDAPConnection == null || (removePendingRequest = grizzlyLDAPConnection.removePendingRequest(Integer.valueOf(i))) == null) {
                return;
            }
            if (!(removePendingRequest instanceof BindResultLdapPromiseImpl)) {
                throw newUnexpectedResponseException(i, bindResult);
            }
            BindResultLdapPromiseImpl bindResultLdapPromiseImpl = (BindResultLdapPromiseImpl) removePendingRequest;
            BindClient bindClient = bindResultLdapPromiseImpl.getBindClient();
            try {
                if (bindClient.evaluateResult(bindResult)) {
                    if (bindResult.getResultCode() == ResultCode.SUCCESS && (connectionSecurityLayer = bindClient.getConnectionSecurityLayer()) != null) {
                        grizzlyLDAPConnection.installFilter(new ConnectionSecurityLayerFilter(connectionSecurityLayer, this.context.getConnection().getTransport().getMemoryManager()));
                    }
                    grizzlyLDAPConnection.setBindOrStartTLSInProgress(false);
                    bindResultLdapPromiseImpl.setResultOrError(bindResult);
                    return;
                }
                int continuePendingBindRequest = grizzlyLDAPConnection.continuePendingBindRequest(bindResultLdapPromiseImpl);
                LDAPWriter<ASN1BufferWriter> writer = GrizzlyUtils.getWriter();
                try {
                    writer.writeBindRequest(continuePendingBindRequest, 3, bindClient.nextBindRequest());
                    this.context.write(writer.getASN1Writer().getBuffer(), (CompletionHandler<WriteResult>) null);
                    GrizzlyUtils.recycleWriter(writer);
                } catch (Throwable th) {
                    GrizzlyUtils.recycleWriter(writer);
                    throw th;
                }
            } catch (LdapException e) {
                grizzlyLDAPConnection.setBindOrStartTLSInProgress(false);
                bindResultLdapPromiseImpl.adaptErrorResult(e.getResult());
            } catch (IOException e2) {
                grizzlyLDAPConnection.setBindOrStartTLSInProgress(false);
                bindResultLdapPromiseImpl.adaptErrorResult(Responses.newResult(ResultCode.CLIENT_SIDE_LOCAL_ERROR).setDiagnosticMessage("An error occurred during multi-stage authentication").setCause(e2));
            }
        }

        @Override // org.forgerock.opendj.io.AbstractLDAPMessageHandler, org.forgerock.opendj.io.LDAPMessageHandler
        public void compareResult(int i, CompareResult compareResult) throws DecodeException, IOException {
            ResultLdapPromiseImpl<?, ?> removePendingRequest;
            GrizzlyLDAPConnection grizzlyLDAPConnection = (GrizzlyLDAPConnection) LDAPClientFilter.LDAP_CONNECTION_ATTR.get(this.context.getConnection());
            if (grizzlyLDAPConnection == null || (removePendingRequest = grizzlyLDAPConnection.removePendingRequest(Integer.valueOf(i))) == null) {
                return;
            }
            if (!(removePendingRequest.getRequest() instanceof CompareRequest)) {
                throw newUnexpectedResponseException(i, compareResult);
            }
            removePendingRequest.setResultOrError(compareResult);
        }

        @Override // org.forgerock.opendj.io.AbstractLDAPMessageHandler, org.forgerock.opendj.io.LDAPMessageHandler
        public void deleteResult(int i, Result result) throws DecodeException, IOException {
            ResultLdapPromiseImpl<?, ?> removePendingRequest;
            GrizzlyLDAPConnection grizzlyLDAPConnection = (GrizzlyLDAPConnection) LDAPClientFilter.LDAP_CONNECTION_ATTR.get(this.context.getConnection());
            if (grizzlyLDAPConnection == null || (removePendingRequest = grizzlyLDAPConnection.removePendingRequest(Integer.valueOf(i))) == null) {
                return;
            }
            if (!(removePendingRequest.getRequest() instanceof DeleteRequest)) {
                throw newUnexpectedResponseException(i, result);
            }
            removePendingRequest.setResultOrError(result);
        }

        @Override // org.forgerock.opendj.io.AbstractLDAPMessageHandler, org.forgerock.opendj.io.LDAPMessageHandler
        public void extendedResult(int i, ExtendedResult extendedResult) throws DecodeException, IOException {
            GrizzlyLDAPConnection grizzlyLDAPConnection = (GrizzlyLDAPConnection) LDAPClientFilter.LDAP_CONNECTION_ATTR.get(this.context.getConnection());
            if (grizzlyLDAPConnection != null) {
                if (i == 0) {
                    if (LDAP.OID_NOTICE_OF_DISCONNECTION.equals(extendedResult.getOID())) {
                        grizzlyLDAPConnection.close(null, true, Responses.newResult(extendedResult.getResultCode()).setDiagnosticMessage(extendedResult.getDiagnosticMessage()));
                        return;
                    } else {
                        grizzlyLDAPConnection.handleUnsolicitedNotification(extendedResult);
                        return;
                    }
                }
                ResultLdapPromiseImpl<?, ?> removePendingRequest = grizzlyLDAPConnection.removePendingRequest(Integer.valueOf(i));
                if (removePendingRequest != null) {
                    if (!(removePendingRequest.getRequest() instanceof ExtendedRequest)) {
                        throw newUnexpectedResponseException(i, extendedResult);
                    }
                    ExtendedResultLdapPromiseImpl extendedResultLdapPromiseImpl = (ExtendedResultLdapPromiseImpl) removePendingRequest;
                    try {
                        handleExtendedResult0(grizzlyLDAPConnection, extendedResultLdapPromiseImpl, extendedResult);
                    } catch (DecodeException e) {
                        extendedResultLdapPromiseImpl.adaptErrorResult(Responses.newResult(ResultCode.CLIENT_SIDE_DECODING_ERROR).setDiagnosticMessage(e.getLocalizedMessage()).setCause(e));
                    }
                }
            }
        }

        @Override // org.forgerock.opendj.io.AbstractLDAPMessageHandler, org.forgerock.opendj.io.LDAPMessageHandler
        public void intermediateResponse(int i, IntermediateResponse intermediateResponse) throws DecodeException, IOException {
            ResultLdapPromiseImpl<?, ?> pendingRequest;
            GrizzlyLDAPConnection grizzlyLDAPConnection = (GrizzlyLDAPConnection) LDAPClientFilter.LDAP_CONNECTION_ATTR.get(this.context.getConnection());
            if (grizzlyLDAPConnection == null || (pendingRequest = grizzlyLDAPConnection.getPendingRequest(Integer.valueOf(i))) == null) {
                return;
            }
            pendingRequest.handleIntermediateResponse(intermediateResponse);
        }

        @Override // org.forgerock.opendj.io.AbstractLDAPMessageHandler, org.forgerock.opendj.io.LDAPMessageHandler
        public void modifyDNResult(int i, Result result) throws DecodeException, IOException {
            ResultLdapPromiseImpl<?, ?> removePendingRequest;
            GrizzlyLDAPConnection grizzlyLDAPConnection = (GrizzlyLDAPConnection) LDAPClientFilter.LDAP_CONNECTION_ATTR.get(this.context.getConnection());
            if (grizzlyLDAPConnection == null || (removePendingRequest = grizzlyLDAPConnection.removePendingRequest(Integer.valueOf(i))) == null) {
                return;
            }
            if (!(removePendingRequest.getRequest() instanceof ModifyDNRequest)) {
                throw newUnexpectedResponseException(i, result);
            }
            removePendingRequest.setResultOrError(result);
        }

        @Override // org.forgerock.opendj.io.AbstractLDAPMessageHandler, org.forgerock.opendj.io.LDAPMessageHandler
        public void modifyResult(int i, Result result) throws DecodeException, IOException {
            ResultLdapPromiseImpl<?, ?> removePendingRequest;
            GrizzlyLDAPConnection grizzlyLDAPConnection = (GrizzlyLDAPConnection) LDAPClientFilter.LDAP_CONNECTION_ATTR.get(this.context.getConnection());
            if (grizzlyLDAPConnection == null || (removePendingRequest = grizzlyLDAPConnection.removePendingRequest(Integer.valueOf(i))) == null) {
                return;
            }
            if (!(removePendingRequest.getRequest() instanceof ModifyRequest)) {
                throw newUnexpectedResponseException(i, result);
            }
            removePendingRequest.setResultOrError(result);
        }

        @Override // org.forgerock.opendj.io.AbstractLDAPMessageHandler, org.forgerock.opendj.io.LDAPMessageHandler
        public void searchResult(int i, Result result) throws DecodeException, IOException {
            ResultLdapPromiseImpl<?, ?> removePendingRequest;
            GrizzlyLDAPConnection grizzlyLDAPConnection = (GrizzlyLDAPConnection) LDAPClientFilter.LDAP_CONNECTION_ATTR.get(this.context.getConnection());
            if (grizzlyLDAPConnection == null || (removePendingRequest = grizzlyLDAPConnection.removePendingRequest(Integer.valueOf(i))) == null) {
                return;
            }
            if (!(removePendingRequest.getRequest() instanceof SearchRequest)) {
                throw newUnexpectedResponseException(i, result);
            }
            removePendingRequest.setResultOrError(result);
        }

        @Override // org.forgerock.opendj.io.AbstractLDAPMessageHandler, org.forgerock.opendj.io.LDAPMessageHandler
        public void searchResultEntry(int i, SearchResultEntry searchResultEntry) throws DecodeException, IOException {
            ResultLdapPromiseImpl<?, ?> pendingRequest;
            GrizzlyLDAPConnection grizzlyLDAPConnection = (GrizzlyLDAPConnection) LDAPClientFilter.LDAP_CONNECTION_ATTR.get(this.context.getConnection());
            if (grizzlyLDAPConnection == null || (pendingRequest = grizzlyLDAPConnection.getPendingRequest(Integer.valueOf(i))) == null) {
                return;
            }
            if (!(pendingRequest instanceof SearchResultLdapPromiseImpl)) {
                throw newUnexpectedResponseException(i, searchResultEntry);
            }
            ((SearchResultLdapPromiseImpl) pendingRequest).handleEntry(searchResultEntry);
        }

        @Override // org.forgerock.opendj.io.AbstractLDAPMessageHandler, org.forgerock.opendj.io.LDAPMessageHandler
        public void searchResultReference(int i, SearchResultReference searchResultReference) throws DecodeException, IOException {
            ResultLdapPromiseImpl<?, ?> pendingRequest;
            GrizzlyLDAPConnection grizzlyLDAPConnection = (GrizzlyLDAPConnection) LDAPClientFilter.LDAP_CONNECTION_ATTR.get(this.context.getConnection());
            if (grizzlyLDAPConnection == null || (pendingRequest = grizzlyLDAPConnection.getPendingRequest(Integer.valueOf(i))) == null) {
                return;
            }
            if (!(pendingRequest instanceof SearchResultLdapPromiseImpl)) {
                throw newUnexpectedResponseException(i, searchResultReference);
            }
            ((SearchResultLdapPromiseImpl) pendingRequest).handleReference(searchResultReference);
        }

        private <R extends ExtendedResult> void handleExtendedResult0(final GrizzlyLDAPConnection grizzlyLDAPConnection, final ExtendedResultLdapPromiseImpl<R> extendedResultLdapPromiseImpl, ExtendedResult extendedResult) throws DecodeException {
            final R decodeResult = extendedResultLdapPromiseImpl.decodeResult(extendedResult, grizzlyLDAPConnection.getLDAPOptions().getDecodeOptions());
            if (extendedResult.getResultCode() != ResultCode.SUCCESS || !(extendedResultLdapPromiseImpl.getRequest() instanceof StartTLSExtendedRequest)) {
                extendedResultLdapPromiseImpl.setResultOrError(decodeResult);
                return;
            }
            try {
                StartTLSExtendedRequest startTLSExtendedRequest = (StartTLSExtendedRequest) extendedResultLdapPromiseImpl.getRequest();
                grizzlyLDAPConnection.startTLS(startTLSExtendedRequest.getSSLContext(), startTLSExtendedRequest.getEnabledProtocols(), startTLSExtendedRequest.getEnabledCipherSuites(), new EmptyCompletionHandler<SSLEngine>() { // from class: org.forgerock.opendj.grizzly.LDAPClientFilter.ClientResponseHandler.1
                    @Override // org.glassfish.grizzly.EmptyCompletionHandler, org.glassfish.grizzly.CompletionHandler
                    public void completed(SSLEngine sSLEngine) {
                        grizzlyLDAPConnection.setBindOrStartTLSInProgress(false);
                        extendedResultLdapPromiseImpl.setResultOrError(decodeResult);
                    }

                    @Override // org.glassfish.grizzly.EmptyCompletionHandler, org.glassfish.grizzly.CompletionHandler
                    public void failed(Throwable th) {
                        Result diagnosticMessage = Responses.newResult(ResultCode.CLIENT_SIDE_LOCAL_ERROR).setCause(th).setDiagnosticMessage("SSL handshake failed");
                        grizzlyLDAPConnection.setBindOrStartTLSInProgress(false);
                        grizzlyLDAPConnection.close(null, false, diagnosticMessage);
                        extendedResultLdapPromiseImpl.adaptErrorResult(diagnosticMessage);
                    }
                });
            } catch (IOException e) {
                Result diagnosticMessage = Responses.newResult(ResultCode.CLIENT_SIDE_LOCAL_ERROR).setCause(e).setDiagnosticMessage(e.getMessage());
                extendedResultLdapPromiseImpl.adaptErrorResult(diagnosticMessage);
                grizzlyLDAPConnection.close(null, false, diagnosticMessage);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public LDAPClientFilter(DecodeOptions decodeOptions, int i) {
        super(decodeOptions, i);
    }

    @Override // org.glassfish.grizzly.filterchain.BaseFilter, org.glassfish.grizzly.filterchain.Filter
    public void exceptionOccurred(FilterChainContext filterChainContext, Throwable th) {
        Connection connection = filterChainContext.getConnection();
        if (connection.isOpen()) {
            LDAP_CONNECTION_ATTR.get(connection).close(null, false, th instanceof EOFException ? Responses.newResult(ResultCode.CLIENT_SIDE_SERVER_DOWN).setCause(th) : Responses.newResult(ResultCode.CLIENT_SIDE_LOCAL_ERROR).setCause(th));
        }
    }

    @Override // org.glassfish.grizzly.filterchain.BaseFilter, org.glassfish.grizzly.filterchain.Filter
    public NextAction handleClose(FilterChainContext filterChainContext) throws IOException {
        GrizzlyLDAPConnection remove = LDAP_CONNECTION_ATTR.remove(filterChainContext.getConnection());
        if (remove != null) {
            remove.close(null, false, Responses.newResult(ResultCode.CLIENT_SIDE_SERVER_DOWN));
        }
        return filterChainContext.getInvokeAction();
    }

    @Override // org.forgerock.opendj.grizzly.LDAPBaseFilter
    final void handleReadException(FilterChainContext filterChainContext, IOException iOException) {
        LDAP_CONNECTION_ATTR.get(filterChainContext.getConnection()).close(null, false, Responses.newResult(ResultCode.CLIENT_SIDE_DECODING_ERROR).setCause(iOException).setDiagnosticMessage(iOException.getMessage()));
    }

    @Override // org.forgerock.opendj.grizzly.LDAPBaseFilter
    final LDAPBaseFilter.LDAPBaseHandler getLDAPHandler(FilterChainContext filterChainContext) {
        Connection connection = filterChainContext.getConnection();
        ClientResponseHandler clientResponseHandler = RESPONSE_HANDLER_ATTR.get(connection);
        if (clientResponseHandler == null) {
            clientResponseHandler = new ClientResponseHandler(GrizzlyUtils.createReader(this.decodeOptions, this.maxASN1ElementSize, connection.getTransport().getMemoryManager()));
            RESPONSE_HANDLER_ATTR.set((AttributeStorage) connection, (Connection) clientResponseHandler);
        }
        clientResponseHandler.setFilterChainContext(filterChainContext);
        return clientResponseHandler;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void registerConnection(Connection<?> connection, GrizzlyLDAPConnection grizzlyLDAPConnection) {
        LDAP_CONNECTION_ATTR.set(connection, (Connection<?>) grizzlyLDAPConnection);
    }
}
