package org.nakedobjects.nos.store.hibernate.security;

import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.sql.DatabaseMetaData;
import java.util.List;
import org.hibernate.Hibernate;
import org.hibernate.SQLQuery;
import org.hibernate.dialect.Dialect;
import org.hibernate.hql.classic.ParserHelper;
import org.nakedobjects.noa.NakedObjectRuntimeException;
import org.nakedobjects.noa.security.AuthenticationRequest;
import org.nakedobjects.noa.security.Authenticator;
import org.nakedobjects.nof.core.context.NakedObjectsContext;
import org.nakedobjects.nof.core.security.PasswordAuthenticationRequest;
import org.nakedobjects.nof.core.util.Assert;
import org.nakedobjects.nos.store.hibernate.HibernateUtil;

/* loaded from: input_file:WEB-INF/lib/nos-objectstore-hibernate-3.0.2.jar:org/nakedobjects/nos/store/hibernate/security/DatabaseAuthenticator.class */
public class DatabaseAuthenticator implements Authenticator {
    private static final boolean FAILED_AUTHENTICATION = false;
    private static MessageDigest messageDigest;
    private static final String NO_ALGORITHM = "none";
    private static final String AUTH_CFG = "nakedobjects.component.authenticator.";
    private static final String SELECT_USER_CFG = "nakedobjects.component.authenticator.selectusersql.";
    private static final String SELECT_ROLES_CFG = "nakedobjects.component.authenticator.selectrolessql.";
    private static final String DEFAULT_CFG = "default";
    private static final String ALGORITHM_CFG = "nakedobjects.component.authenticator.algorithm";
    private static boolean initializedSQL;
    private static boolean initializedAlgorithm;
    private static String ALGORITHM = "MD5";
    private static String SELECT_USER_SQL = "select count(*) from user u where username = ? and password = ?";
    private static String SELECT_ROLES_SQL = "select r.rolename as rr from role r, user u, user_role ur where r.id = ur.role and ur.user = u.id and u.username = ?";

    private static String getDBType(String str) {
        if (str == null || !str.toLowerCase().startsWith("jdbc:")) {
            return "DEFAULT_CFG";
        }
        int indexOf = str.indexOf(ParserHelper.HQL_VARIABLE_PREFIX);
        int indexOf2 = str.indexOf(ParserHelper.HQL_VARIABLE_PREFIX, indexOf + 1);
        return indexOf2 > indexOf ? str.substring(indexOf + 1, indexOf2).trim() : "DEFAULT_CFG";
    }

    private static void justInTimeInitialiseSQL() {
        if (initializedSQL) {
            return;
        }
        try {
            HibernateUtil.startTransaction();
            DatabaseMetaData metaData = HibernateUtil.getCurrentSession().connection().getMetaData();
            HibernateUtil.commitTransaction();
            String dBType = getDBType(metaData.getURL());
            SELECT_USER_SQL = NakedObjectsContext.getConfiguration().getString("nakedobjects.component.authenticator.selectusersql.default", SELECT_USER_SQL);
            SELECT_ROLES_SQL = NakedObjectsContext.getConfiguration().getString("nakedobjects.component.authenticator.selectrolessql.default", SELECT_ROLES_SQL);
            SELECT_USER_SQL = NakedObjectsContext.getConfiguration().getString(SELECT_USER_CFG + dBType, SELECT_USER_SQL);
            SELECT_ROLES_SQL = NakedObjectsContext.getConfiguration().getString(SELECT_ROLES_CFG + dBType, SELECT_ROLES_SQL);
            initializedSQL = true;
        } catch (Exception e) {
            HibernateUtil.rollbackTransaction();
            throw new NakedObjectRuntimeException(e);
        }
    }

    private static void justInTimeInitialiseAlgorithm() {
        if (initializedAlgorithm) {
            return;
        }
        try {
            ALGORITHM = NakedObjectsContext.getConfiguration().getString(ALGORITHM_CFG, ALGORITHM);
            if (!ALGORITHM.equalsIgnoreCase("none")) {
                messageDigest = MessageDigest.getInstance(ALGORITHM);
            }
            initializedAlgorithm = true;
        } catch (NoSuchAlgorithmException e) {
            throw new NakedObjectRuntimeException(e);
        }
    }

    private final void setRoles(AuthenticationRequest authenticationRequest) {
        try {
            HibernateUtil.startTransaction();
            SQLQuery createSQLQuery = HibernateUtil.getCurrentSession().createSQLQuery(SELECT_ROLES_SQL);
            createSQLQuery.setString(0, authenticationRequest.getName());
            createSQLQuery.addScalar("rr", Hibernate.STRING);
            List list = createSQLQuery.list();
            HibernateUtil.commitTransaction();
            authenticationRequest.setRoles((String[]) list.toArray(new String[list.size()]));
        } catch (Exception e) {
            HibernateUtil.rollbackTransaction();
            throw new NakedObjectRuntimeException(e);
        }
    }

    public static String generateHash(String str) {
        String trim;
        justInTimeInitialiseAlgorithm();
        if (ALGORITHM.equalsIgnoreCase("none")) {
            return str;
        }
        synchronized (messageDigest) {
            messageDigest.reset();
            messageDigest.update(str.getBytes());
            byte[] digest = messageDigest.digest();
            StringBuffer stringBuffer = new StringBuffer();
            for (byte b : digest) {
                String hexString = Integer.toHexString(255 & b);
                if (hexString.length() == 1) {
                    stringBuffer.append(Dialect.NO_BATCH);
                }
                stringBuffer.append(hexString);
            }
            trim = stringBuffer.toString().trim();
        }
        return trim;
    }

    private int count(Object obj) {
        if (obj == null) {
            return 0;
        }
        if (obj instanceof Number) {
            return ((Number) obj).intValue();
        }
        throw new NakedObjectRuntimeException("Unexpected type");
    }

    public final boolean isValidUser(AuthenticationRequest authenticationRequest) {
        PasswordAuthenticationRequest passwordAuthenticationRequest = (PasswordAuthenticationRequest) authenticationRequest;
        String name = passwordAuthenticationRequest.getName();
        if (name == null || name.equals("")) {
            return false;
        }
        String password = passwordAuthenticationRequest.getPassword();
        Assert.assertNotNull(password);
        try {
            HibernateUtil.startTransaction();
            SQLQuery createSQLQuery = HibernateUtil.getCurrentSession().createSQLQuery(SELECT_USER_SQL);
            createSQLQuery.setString(0, name);
            createSQLQuery.setString(1, generateHash(password));
            Object uniqueResult = createSQLQuery.uniqueResult();
            HibernateUtil.commitTransaction();
            return count(uniqueResult) > 0;
        } catch (Exception e) {
            HibernateUtil.rollbackTransaction();
            return false;
        }
    }

    @Override // org.nakedobjects.noa.security.Authenticator
    public final boolean isValid(AuthenticationRequest authenticationRequest) {
        justInTimeInitialiseSQL();
        boolean isValidUser = isValidUser(authenticationRequest);
        if (isValidUser) {
            setRoles(authenticationRequest);
        }
        return isValidUser;
    }

    @Override // org.nakedobjects.noa.security.Authenticator
    public final boolean canAuthenticate(AuthenticationRequest authenticationRequest) {
        return authenticationRequest instanceof PasswordAuthenticationRequest;
    }
}
