package org.craftercms.studio.impl.v2.service.security;

import java.util.HashMap;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.craftercms.commons.crypto.CryptoUtils;
import org.craftercms.studio.api.v1.exception.security.AuthenticationSystemException;
import org.craftercms.studio.api.v1.exception.security.BadCredentialsException;
import org.craftercms.studio.api.v1.log.Logger;
import org.craftercms.studio.api.v1.log.LoggerFactory;
import org.craftercms.studio.api.v2.dal.User;
import org.craftercms.studio.api.v2.service.security.AuthenticationChain;
import org.craftercms.studio.api.v2.service.security.BaseAuthenticationProvider;
import org.craftercms.studio.model.AuthenticationType;

/* loaded from: input_file:org/craftercms/studio/impl/v2/service/security/DbAuthenticationProvider.class */
public class DbAuthenticationProvider extends BaseAuthenticationProvider {
    private static final Logger logger = LoggerFactory.getLogger(DbAuthenticationProvider.class);

    @Override // org.craftercms.studio.api.v2.service.security.AuthenticationProvider
    public boolean doAuthenticate(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationChain authenticationChain, String str, String str2) throws AuthenticationSystemException, BadCredentialsException {
        HashMap hashMap = new HashMap();
        hashMap.put("userId", -1);
        hashMap.put("username", str);
        try {
            User userByIdOrUsername = authenticationChain.getUserDao().getUserByIdOrUsername(hashMap);
            if (userByIdOrUsername == null || !userByIdOrUsername.isEnabled() || !CryptoUtils.matchPassword(userByIdOrUsername.getPassword(), str2)) {
                throw new BadCredentialsException();
            }
            storeAuthentication(new Authentication(str, createToken(userByIdOrUsername, authenticationChain), AuthenticationType.DB));
            return true;
        } catch (Exception e) {
            logger.debug("Unknown database error", e);
            throw new AuthenticationSystemException("Unknown database error", e);
        }
    }
}
