package net.sf.jguard.ext.authentication.manager;

import com.google.inject.Inject;
import com.google.inject.Provider;
import java.net.URL;
import java.security.Principal;
import java.util.Collection;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import javax.security.auth.Subject;
import net.sf.jguard.core.ApplicationName;
import net.sf.jguard.core.authentication.credentials.JGuardCredential;
import net.sf.jguard.core.authentication.exception.AuthenticationException;
import net.sf.jguard.core.authentication.manager.AuthenticationXmlStoreFileLocation;
import net.sf.jguard.core.principals.Organization;
import net.sf.jguard.core.principals.OrganizationTemplate;
import net.sf.jguard.core.util.SubjectUtils;
import net.sf.jguard.ext.principals.HibernatePrincipalUtils;
import net.sf.jguard.ext.principals.PersistedOrganization;
import net.sf.jguard.ext.principals.PersistedPrincipal;
import net.sf.jguard.ext.principals.PersistedSubject;
import org.hibernate.Criteria;
import org.hibernate.HibernateException;
import org.hibernate.Query;
import org.hibernate.Session;
import org.hibernate.Transaction;
import org.hibernate.criterion.Example;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:net/sf/jguard/ext/authentication/manager/HibernateAuthenticationManager.class */
public class HibernateAuthenticationManager extends AbstractAuthenticationManager {
    private static Logger logger = LoggerFactory.getLogger(HibernateAuthenticationManager.class.getName());
    private static final String LOGIN = "login";
    private static final String ACTIVE = "active";
    private static final String NAME = "name";
    private static final String VALUE = "value";
    private Provider<Session> sessionProvider;
    private static final String SELECT_ORGA_TEMPLATE = " select orga from net.sf.jguard.ext.principals.PersistedOrganization as orga inner join orga.credentials as creds where creds.name='id' and creds.value='template' ";

    @Inject
    public HibernateAuthenticationManager(@ApplicationName String str, @AuthenticationXmlStoreFileLocation URL url, Provider<Session> provider) {
        super(str);
        this.sessionProvider = provider;
        Transaction transaction = null;
        try {
            try {
                transaction = ((Session) provider.get()).beginTransaction();
                if (isEmpty()) {
                    importXmlData(url);
                }
                transaction.commit();
                if (provider.get() == null || !((Session) provider.get()).isOpen()) {
                    return;
                }
                ((Session) provider.get()).close();
            } catch (Exception e) {
                if (transaction != null) {
                    transaction.rollback();
                }
                throw new RuntimeException(e);
            }
        } catch (Throwable th) {
            if (provider.get() != null && ((Session) provider.get()).isOpen()) {
                ((Session) provider.get()).close();
            }
            throw th;
        }
    }

    @Override // net.sf.jguard.ext.authentication.manager.AbstractAuthenticationManager
    protected void persistUser(Subject subject) throws AuthenticationException {
        PersistedSubject persistedSubject = new PersistedSubject(subject, getPersistedOrganizationFromSubject(subject));
        ((Session) this.sessionProvider.get()).saveOrUpdate(persistedSubject);
        if (persistedSubject.getId() != null && !persistedSubject.getId().toString().equals("0")) {
            subject.getPrivateCredentials().add(new JGuardCredential(PersistedSubject.PERSISTENCE_ID, persistedSubject.getId().toString()));
        }
        persistedSubject.toJavaxSecuritySubject();
    }

    @Override // net.sf.jguard.ext.authentication.manager.AbstractAuthenticationManager
    protected void persistPrincipal(Principal principal) throws AuthenticationException {
        PersistedPrincipal persistedPrincipal = new HibernatePrincipalUtils().getPersistedPrincipal(principal);
        if (persistedPrincipal != null) {
            ((Session) this.sessionProvider.get()).saveOrUpdate(persistedPrincipal);
        }
    }

    @Override // net.sf.jguard.ext.authentication.manager.AbstractAuthenticationManager
    protected void persistOrganization(Organization organization) throws AuthenticationException {
        PersistedOrganization persistedOrganization = new PersistedOrganization(organization);
        ((Session) this.sessionProvider.get()).saveOrUpdate(persistedOrganization);
        organization.setId(persistedOrganization.getId());
    }

    @Override // net.sf.jguard.ext.authentication.manager.AbstractAuthenticationManager
    protected void updateUserImpl(JGuardCredential jGuardCredential, Subject subject) throws AuthenticationException {
        checkCredential(jGuardCredential);
        checkCredential(SubjectUtils.getIdentityCredential(subject, this));
        PersistedSubject findPersistedUser = findPersistedUser((String) jGuardCredential.getValue());
        PersistedOrganization organization = findPersistedUser.getOrganization();
        if (!organization.toOrganization().equals(SubjectUtils.getOrganization(subject))) {
            throw new IllegalStateException("user " + subject + " has got an organization different" + SubjectUtils.getOrganization(subject) + " from the user stored in database" + organization.toOrganization());
        }
        findPersistedUser.update(subject);
        ((Session) this.sessionProvider.get()).update(findPersistedUser);
    }

    private void checkCredential(JGuardCredential jGuardCredential) {
        if (jGuardCredential == null || jGuardCredential.getName() == null || jGuardCredential.getValue() == null) {
            throw new IllegalArgumentException("an identity credential is null, or has got a name or value null " + jGuardCredential);
        }
    }

    @Override // net.sf.jguard.ext.authentication.manager.AbstractAuthenticationManager
    public Set findUsers(Collection<JGuardCredential> collection, Collection<JGuardCredential> collection2) throws AuthenticationException {
        HashSet hashSet = new HashSet();
        Iterator<JGuardCredential> it = collection.iterator();
        while (it.hasNext()) {
            Set findUsers = findUsers(it.next(), true);
            if (hashSet.size() > 0) {
                hashSet.retainAll(findUsers);
            } else {
                hashSet.addAll(findUsers);
            }
        }
        Iterator<JGuardCredential> it2 = collection2.iterator();
        while (it2.hasNext()) {
            hashSet.addAll(findUsers(it2.next(), false));
        }
        return hashSet;
    }

    private Set findUsers(JGuardCredential jGuardCredential, boolean z) {
        String str;
        if (jGuardCredential.getName().equals("login") || jGuardCredential.getName().equals("active")) {
            str = " select subject from net.sf.jguard.ext.principals.PersistedSubject as subject   where subject." + jGuardCredential.getName() + "= :" + jGuardCredential.getName();
        } else {
            str = (z ? " select subject from net.sf.jguard.ext.principals.PersistedSubject as subject  inner join subject.privateCredentials as cred " : " select subject from net.sf.jguard.ext.principals.PersistedSubject as subject  inner join subject.publicCredentials as cred ") + " where cred.name= :name and cred.value= :value ";
        }
        Query createQuery = ((Session) this.sessionProvider.get()).createQuery(str);
        if (jGuardCredential.getName().equals("login")) {
            createQuery.setString(jGuardCredential.getName(), jGuardCredential.getValue().toString());
        } else if (jGuardCredential.getName().equals("active")) {
            createQuery.setBoolean(jGuardCredential.getName(), Boolean.valueOf(jGuardCredential.getValue().toString()).booleanValue());
        } else {
            createQuery.setString(NAME, jGuardCredential.getName());
            createQuery.setString(VALUE, jGuardCredential.getValue().toString());
        }
        return new HashSet(createQuery.list());
    }

    @Override // net.sf.jguard.ext.authentication.manager.AbstractAuthenticationManager
    public Subject findUser(String str) {
        PersistedSubject findPersistedUser = findPersistedUser(str);
        if (findPersistedUser == null) {
            return null;
        }
        HashSet hashSet = new HashSet();
        hashSet.add(findPersistedUser);
        return getJavaxSecuritySubjects(hashSet).iterator().next();
    }

    private PersistedSubject findPersistedUser(String str) {
        Query createQuery = ((Session) this.sessionProvider.get()).createQuery(" select subject from net.sf.jguard.ext.principals.PersistedSubject as subject  where subject.login=:login ");
        createQuery.setString("login", str);
        PersistedSubject persistedSubject = (PersistedSubject) createQuery.uniqueResult();
        if (persistedSubject == null) {
            return null;
        }
        return persistedSubject;
    }

    @Override // net.sf.jguard.ext.authentication.manager.AbstractAuthenticationManager
    public Set<Subject> getUsers() throws AuthenticationException {
        return getJavaxSecuritySubjects(new HashSet(((Session) this.sessionProvider.get()).createCriteria(PersistedSubject.class).list()));
    }

    public Collection<Organization> findOrganizations(Collection<JGuardCredential> collection) throws AuthenticationException {
        Criteria createCriteria = ((Session) this.sessionProvider.get()).createCriteria(PersistedSubject.class);
        Organization organization = new Organization();
        organization.setCredentials(new HashSet(collection));
        createCriteria.add(Example.create(organization));
        return new HashSet(createCriteria.list());
    }

    public void deleteOrganization(Organization organization) {
        ((Session) this.sessionProvider.get()).delete(organization);
    }

    public Set<Organization> getOrganizations() throws AuthenticationException {
        return HibernatePrincipalUtils.getOrganizations(new HashSet(((Session) this.sessionProvider.get()).createQuery(SELECT_ORGA_TEMPLATE).list()));
    }

    public void updateOrganization(String str, Organization organization) throws AuthenticationException {
        ((Session) this.sessionProvider.get()).update(findPersistedOrganization(organization.getName()));
    }

    public Organization findOrganization(String str) {
        PersistedOrganization findPersistedOrganization = findPersistedOrganization(str);
        Organization organization = null;
        if (findPersistedOrganization != null) {
            organization = findPersistedOrganization.toOrganization();
        }
        return organization;
    }

    public Set<Principal> getAllPrincipalsSet() throws AuthenticationException {
        return HibernatePrincipalUtils.getjavaSecurityPrincipals(new HashSet(((Session) this.sessionProvider.get()).createCriteria(PersistedPrincipal.class).list()));
    }

    public void deleteUser(Subject subject) throws AuthenticationException {
        String credentialValueAsString = SubjectUtils.getCredentialValueAsString(subject, false, PersistedSubject.PERSISTENCE_ID);
        if (credentialValueAsString == null || credentialValueAsString.equals("")) {
            throw new IllegalArgumentException("subject hasn't got any persistenceId. we cannot delete a subject not persisted ");
        }
        Session session = (Session) this.sessionProvider.get();
        session.delete((PersistedSubject) session.get(PersistedSubject.class, new Long(credentialValueAsString)));
    }

    public boolean isEmpty() {
        Session session = (Session) this.sessionProvider.get();
        return session.createCriteria(Organization.class).list().size() <= 0 && session.createCriteria(PersistedSubject.class).list().size() <= 0 && session.createCriteria(PersistedPrincipal.class).list().size() <= 0;
    }

    public void updatePrincipal(String str, Principal principal) throws AuthenticationException {
        PersistedPrincipal persistedPrincipal = new HibernatePrincipalUtils().getPersistedPrincipal(principal);
        if (persistedPrincipal == null || persistedPrincipal.getId() == null) {
            logger.warn(" principal to update is not persisted in the database");
        } else {
            ((Session) this.sessionProvider.get()).update(persistedPrincipal);
        }
    }

    public boolean deletePrincipal(Principal principal) throws AuthenticationException {
        PersistedPrincipal persistedPrincipal = new HibernatePrincipalUtils().getPersistedPrincipal(principal);
        if (persistedPrincipal == null) {
            return true;
        }
        ((Session) this.sessionProvider.get()).delete(persistedPrincipal);
        return true;
    }

    @Override // net.sf.jguard.ext.authentication.manager.AbstractAuthenticationManager
    public OrganizationTemplate getOrganizationTemplate() {
        PersistedOrganization persistedOrganization = (PersistedOrganization) ((Session) this.sessionProvider.get()).createQuery(SELECT_ORGA_TEMPLATE).uniqueResult();
        if (persistedOrganization == null) {
            return null;
        }
        return new OrganizationTemplate(persistedOrganization.toOrganization());
    }

    @Override // net.sf.jguard.ext.authentication.manager.AbstractAuthenticationManager
    public void setOrganizationTemplate(OrganizationTemplate organizationTemplate) throws AuthenticationException {
        Session session = (Session) this.sessionProvider.get();
        PersistedOrganization persistedOrganization = (PersistedOrganization) session.createQuery(SELECT_ORGA_TEMPLATE).uniqueResult();
        if (persistedOrganization == null) {
            session.save(new PersistedOrganization(organizationTemplate.toOrganization()));
            return;
        }
        PersistedOrganization persistedOrganization2 = new PersistedOrganization(organizationTemplate.toOrganization());
        persistedOrganization.setCredentials(persistedOrganization2.getCredentials());
        persistedOrganization.setPrincipals(persistedOrganization2.getPrincipals());
        persistedOrganization.setSubjectTemplate(persistedOrganization2.getSubjectTemplate());
        session.update(persistedOrganization);
    }

    private PersistedOrganization findPersistedOrganization(String str) throws HibernateException, IllegalStateException {
        Query createQuery = ((Session) this.sessionProvider.get()).createQuery(" select organization from net.sf.jguard.ext.principals.PersistedOrganization as organization join organization.credentials as credentials where credentials.name='id' and credentials.value=:organizationId");
        createQuery.setString("organizationId", str);
        List list = createQuery.list();
        PersistedOrganization persistedOrganization = null;
        if (list.size() > 1) {
            throw new IllegalStateException(" more than one organization is identified by " + str);
        }
        if (list.size() == 1) {
            persistedOrganization = (PersistedOrganization) list.get(0);
        }
        return persistedOrganization;
    }

    private PersistedOrganization getPersistedOrganizationFromSubject(Subject subject) {
        return findPersistedOrganization(SubjectUtils.getOrganization(subject).getName());
    }

    private static Set<Subject> getJavaxSecuritySubjects(Set<PersistedSubject> set) {
        HashSet hashSet = new HashSet();
        Iterator<PersistedSubject> it = set.iterator();
        while (it.hasNext()) {
            hashSet.add(it.next().toJavaxSecuritySubject());
        }
        return hashSet;
    }
}
