package ips.security.jaas;

import java.io.IOException;
import java.security.Principal;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.AccountNotFoundException;
import javax.security.auth.login.FailedLoginException;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;
import org.jasypt.util.password.rfc2307.RFC2307SSHAPasswordEncryptor;

/* loaded from: input_file:ips/security/jaas/JDBCLoginModule.class */
public class JDBCLoginModule implements LoginModule {
    public static final String DB_CONN_URL = "dbURL";
    public static final String DB_USER = "dbUser";
    public static final String DB_PASSWORD = "dbPassword";
    public static final String ACCOUNT_TABLENAME_PARAM_NAME = "userTable";
    public static final String ROLES_TABLENAME_PARAM_NAME = "userRoleTable";
    public static final String USERNAME_COL_PARAM_NAME = "userNameCol";
    public static final String ACCOUNT_DISABLED_COL_PARAM_NAME = "accountDisabledCol";
    public static final String USERNAME_CASE_INSENSITIVE_COL_PARAM_NAME = "userNameCaseInsensitivCol";
    public static final String ROLENAME_COL_PARAM_NAME = "roleNameCol";
    public static final String CRED_COL_PARAM_NAME = "userCredCol";
    private Subject subject;
    private CallbackHandler callbackHandler;
    private Map<String, ?> options;
    private String username;
    private char[] password;
    private Principal userPrincipal;
    private boolean debug = false;
    private boolean succeeded = false;
    private boolean commitSucceeded = false;
    private String principalName = null;
    private List<RolePrincipal> rolePrincipalList = new ArrayList();

    public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> map, Map<String, ?> map2) {
        this.subject = subject;
        this.callbackHandler = callbackHandler;
        this.options = map2;
        this.debug = "true".equalsIgnoreCase((String) map2.get("debug"));
        if (this.debug) {
            System.out.println(getClass().getName() + " Initialized");
        }
    }

    public boolean login() throws LoginException {
        String concat;
        if (this.callbackHandler == null) {
            throw new LoginException("No CallbackHandler available.");
        }
        NameCallback[] nameCallbackArr = {new NameCallback("Login: "), new PasswordCallback("Password: ", false)};
        try {
            this.callbackHandler.handle(nameCallbackArr);
            this.username = nameCallbackArr[0].getName();
            char[] password = ((PasswordCallback) nameCallbackArr[1]).getPassword();
            if (password == null) {
                password = new char[0];
            }
            this.password = new char[password.length];
            System.arraycopy(password, 0, this.password, 0, password.length);
            ((PasswordCallback) nameCallbackArr[1]).clearPassword();
            if (this.debug) {
                System.out.println("[JDBCLoginModule] user entered user name: " + this.username);
                System.out.println("[JDBCLoginModule] user entered a password");
            }
            String trim = ((String) this.options.get(ACCOUNT_TABLENAME_PARAM_NAME)).trim();
            String trim2 = ((String) this.options.get(USERNAME_COL_PARAM_NAME)).trim();
            String str = null;
            Object obj = this.options.get(ACCOUNT_DISABLED_COL_PARAM_NAME);
            if (this.debug) {
                System.out.println("[JDBCLoginModule] accountDisabledCol: " + obj);
            }
            if (obj instanceof String) {
                String trim3 = ((String) obj).trim();
                if (!trim3.isBlank()) {
                    str = trim3;
                }
            }
            String str2 = null;
            Object obj2 = this.options.get(USERNAME_CASE_INSENSITIVE_COL_PARAM_NAME);
            if (this.debug) {
                System.out.println("[JDBCLoginModule] userNameCaseInsensitivCol: " + obj2);
            }
            if (obj2 instanceof String) {
                String trim4 = ((String) obj2).trim();
                if (!trim4.isBlank()) {
                    str2 = trim4;
                }
            }
            String trim5 = ((String) this.options.get(CRED_COL_PARAM_NAME)).trim();
            String trim6 = ((String) this.options.get(ROLES_TABLENAME_PARAM_NAME)).trim();
            String trim7 = ((String) this.options.get(ROLENAME_COL_PARAM_NAME)).trim();
            String str3 = (String) this.options.get(DB_CONN_URL);
            String trim8 = ((String) this.options.get(DB_USER)).trim();
            String trim9 = ((String) this.options.get(DB_PASSWORD)).trim();
            if (this.debug) {
                System.out.println("[JDBCLoginModule] try to connect to " + str3 + " as user " + trim8);
            }
            FailedLoginException failedLoginException = null;
            try {
                Connection connection = DriverManager.getConnection(str3, trim8, trim9);
                if (this.debug) {
                    System.out.println("[JDBCLoginModule] JDBC connection: " + connection);
                }
                String str4 = "SELECT " + trim2;
                if (str != null) {
                    str4 = str4.concat("," + str);
                }
                if (str2 != null) {
                    str4 = str4.concat("," + str2);
                }
                String concat2 = str4.concat("," + trim5 + " FROM " + trim + " WHERE ");
                if (str2 == null) {
                    concat = concat2.concat(trim2 + "=?");
                } else {
                    if (this.debug) {
                        System.out.println("[JDBCLoginModule] Case-insensitive column: " + str2);
                    }
                    concat = concat2.concat("((" + trim2 + "=? ) OR (" + str2 + "=TRUE AND lower(" + trim2 + ") = lower(?)))");
                }
                PreparedStatement prepareStatement = connection.prepareStatement(concat);
                prepareStatement.setString(1, this.username);
                if (str2 != null) {
                    prepareStatement.setString(2, this.username);
                }
                ResultSet executeQuery = prepareStatement.executeQuery();
                if (executeQuery.next()) {
                    String string = executeQuery.getString(trim5);
                    RFC2307SSHAPasswordEncryptor rFC2307SSHAPasswordEncryptor = new RFC2307SSHAPasswordEncryptor();
                    String valueOf = String.valueOf(this.password);
                    boolean z = false;
                    if (str != null) {
                        z = executeQuery.getBoolean(str);
                    }
                    this.succeeded = !z && rFC2307SSHAPasswordEncryptor.checkPassword(valueOf, string);
                    this.principalName = executeQuery.getString(trim2);
                    if (this.succeeded) {
                        if (this.debug) {
                            System.out.println("[JDBCLoginModule] user " + this.username + " authenticated as " + this.principalName + " .");
                        }
                        PreparedStatement prepareStatement2 = connection.prepareStatement("SELECT " + trim2 + "," + trim7 + " FROM " + trim6 + " WHERE " + trim2 + "=?");
                        prepareStatement2.setString(1, this.principalName);
                        ResultSet executeQuery2 = prepareStatement2.executeQuery();
                        while (executeQuery2.next()) {
                            RolePrincipal rolePrincipal = new RolePrincipal(executeQuery2.getString(trim7));
                            this.rolePrincipalList.add(rolePrincipal);
                            if (this.debug) {
                                System.out.println("[JDBCLoginModule] added role " + rolePrincipal + " to user " + this.principalName);
                            }
                        }
                    } else {
                        failedLoginException = new FailedLoginException("Password could not be verified.");
                        if (this.debug) {
                            System.out.println("[JDBCLoginModule] password could not be verified for user " + this.username);
                        }
                    }
                } else {
                    failedLoginException = new AccountNotFoundException();
                    if (this.debug) {
                        System.out.println("[JDBCLoginModule] user " + this.username + " not found in database.");
                    }
                }
                connection.close();
                if (this.debug) {
                    System.out.println("[JDBCLoginModule] finished password check for user " + this.username);
                }
            } catch (SQLException e) {
                e.printStackTrace();
                if (this.debug) {
                    System.out.println("[JDBCLoginModule] could not connect to database.");
                }
                failedLoginException = new FailedLoginException("Could not connect to database");
            }
            if (failedLoginException != null) {
                throw failedLoginException;
            }
            return true;
        } catch (IOException e2) {
            throw new LoginException(e2.toString());
        } catch (UnsupportedCallbackException e3) {
            throw new LoginException("Error: Unsupported callback:" + e3.getCallback());
        }
    }

    public boolean commit() throws LoginException {
        if (!this.succeeded) {
            return false;
        }
        Set<Principal> principals = this.subject.getPrincipals();
        this.userPrincipal = new JDBCPrincipal(this.principalName);
        if (!principals.contains(this.userPrincipal)) {
            principals.add(this.userPrincipal);
            if (this.debug) {
                System.out.println("[JDBCLoginModule] added Principal " + this.userPrincipal.getName() + " to Subject");
            }
        }
        for (RolePrincipal rolePrincipal : this.rolePrincipalList) {
            if (!principals.contains(rolePrincipal)) {
                principals.add(rolePrincipal);
                if (this.debug) {
                    System.out.println("[JDBCLoginModule] added RolePrincipal " + rolePrincipal.getName() + " to Subject");
                }
            }
        }
        this.username = null;
        this.principalName = null;
        for (int i = 0; i < this.password.length; i++) {
            this.password[i] = ' ';
        }
        this.password = null;
        this.commitSucceeded = true;
        return true;
    }

    public boolean abort() throws LoginException {
        if (!this.succeeded) {
            return false;
        }
        if (!this.succeeded || this.commitSucceeded) {
            logout();
            return true;
        }
        this.succeeded = false;
        this.username = null;
        this.principalName = null;
        if (this.password != null) {
            for (int i = 0; i < this.password.length; i++) {
                this.password[i] = ' ';
            }
            this.password = null;
        }
        this.userPrincipal = null;
        this.rolePrincipalList.clear();
        return true;
    }

    public boolean logout() throws LoginException {
        this.subject.getPrincipals().clear();
        this.succeeded = false;
        this.succeeded = this.commitSucceeded;
        this.username = null;
        if (this.password != null) {
            for (int i = 0; i < this.password.length; i++) {
                this.password[i] = ' ';
            }
            this.password = null;
        }
        this.userPrincipal = null;
        this.rolePrincipalList.clear();
        return true;
    }
}
