package org.ow2.jonas.security.internal.realm.factory;

import com.ibm.wsdl.Constants;
import java.security.NoSuchAlgorithmException;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.ArrayList;
import javax.naming.InitialContext;
import javax.naming.NamingException;
import javax.naming.Reference;
import javax.naming.StringRefAddr;
import javax.sql.DataSource;
import org.apache.log4j.spi.LoggingEventFieldResolver;
import org.objectweb.util.monolog.api.BasicLevel;
import org.ow2.jonas.security.internal.realm.lib.HashHelper;
import org.ow2.jonas.security.internal.realm.principal.User;
import org.ow2.jonas.security.realm.factory.JResourceException;
import org.ow2.jonas.security.realm.principal.JUser;

/* loaded from: input_file:WEB-INF/lib/jonas-security-5.1.0-RC2.jar:org/ow2/jonas/security/internal/realm/factory/JResourceDS.class */
public class JResourceDS extends AbstractJResource implements JResourceDSMBean {
    private static final String FACTORY_TYPE = "org.ow2.jonas.security.realm.factory.JResourceDS";
    private static final String FACTORY_NAME = "org.ow2.jonas.security.realm.factory.JResourceDSFactory";
    private String dsName = null;
    private String userTable = null;
    private String userTableUsernameCol = null;
    private String userTablePasswordCol = null;
    private String roleTable = null;
    private String roleTableUsernameCol = null;
    private String roleTableRolenameCol = null;
    private String algorithm = null;
    private DataSource dataSource = null;
    private String userPrincipalsQuery = null;
    private String userRolesQuery = null;

    @Override // org.ow2.jonas.security.internal.realm.factory.JResourceDSMBean
    public void setDsName(String str) {
        this.dsName = str;
    }

    @Override // org.ow2.jonas.security.internal.realm.factory.JResourceDSMBean
    public void setUserTable(String str) {
        this.userTable = str;
    }

    @Override // org.ow2.jonas.security.internal.realm.factory.JResourceDSMBean
    public void setUserTableUsernameCol(String str) {
        this.userTableUsernameCol = str;
    }

    @Override // org.ow2.jonas.security.internal.realm.factory.JResourceDSMBean
    public void setUserTablePasswordCol(String str) {
        this.userTablePasswordCol = str;
    }

    @Override // org.ow2.jonas.security.internal.realm.factory.JResourceDSMBean
    public void setRoleTable(String str) {
        this.roleTable = str;
    }

    @Override // org.ow2.jonas.security.internal.realm.factory.JResourceDSMBean
    public void setRoleTableUsernameCol(String str) {
        this.roleTableUsernameCol = str;
    }

    @Override // org.ow2.jonas.security.internal.realm.factory.JResourceDSMBean
    public void setRoleTableRolenameCol(String str) {
        this.roleTableRolenameCol = str;
    }

    @Override // org.ow2.jonas.security.internal.realm.factory.JResourceDSMBean
    public void setAlgorithm(String str) {
        this.algorithm = str;
    }

    public void setUserPrincipalsQuery(String str) {
        this.userPrincipalsQuery = str;
    }

    public void setUserRolesQuery(String str) {
        this.userRolesQuery = str;
    }

    @Override // org.ow2.jonas.security.internal.realm.factory.JResourceDSMBean
    public String getDsName() {
        return this.dsName;
    }

    @Override // org.ow2.jonas.security.internal.realm.factory.JResourceDSMBean
    public String getUserTable() {
        return this.userTable;
    }

    @Override // org.ow2.jonas.security.internal.realm.factory.JResourceDSMBean
    public String getUserTableUsernameCol() {
        return this.userTableUsernameCol;
    }

    @Override // org.ow2.jonas.security.internal.realm.factory.JResourceDSMBean
    public String getUserTablePasswordCol() {
        return this.userTablePasswordCol;
    }

    @Override // org.ow2.jonas.security.internal.realm.factory.JResourceDSMBean
    public String getRoleTable() {
        return this.roleTable;
    }

    @Override // org.ow2.jonas.security.internal.realm.factory.JResourceDSMBean
    public String getRoleTableUsernameCol() {
        return this.roleTableUsernameCol;
    }

    @Override // org.ow2.jonas.security.internal.realm.factory.JResourceDSMBean
    public String getRoleTableRolenameCol() {
        return this.roleTableRolenameCol;
    }

    @Override // org.ow2.jonas.security.internal.realm.factory.JResourceDSMBean
    public String getAlgorithm() {
        return this.algorithm;
    }

    public String setUserPrincipalsQuery() {
        return this.userPrincipalsQuery;
    }

    public String setUserRolesQuery() {
        return this.userRolesQuery;
    }

    @Override // org.ow2.jonas.security.realm.factory.JResource
    public JUser findUser(String str) throws JResourceException {
        if (str == null) {
            return null;
        }
        User user = new User();
        Connection connection = getConnection();
        user.setName(str);
        try {
            PreparedStatement userStatement = userStatement(connection, str);
            ResultSet executeQuery = userStatement.executeQuery();
            if (executeQuery == null || !executeQuery.next()) {
                if (executeQuery != null) {
                    executeQuery.close();
                }
                userStatement.close();
                closeConnection(connection);
                throw new JResourceException("No user found with username '" + str + "'.");
            }
            if (executeQuery.getRow() > 1) {
                getLogger().log(BasicLevel.ERROR, "There are more than one user with the name" + str);
            }
            String trim = executeQuery.getString(1).trim();
            executeQuery.close();
            userStatement.close();
            if (trim == null) {
                closeConnection(connection);
                return null;
            }
            user.setPassword(trim);
            try {
                PreparedStatement roleStatement = roleStatement(connection, str);
                ResultSet executeQuery2 = roleStatement.executeQuery();
                while (executeQuery2.next()) {
                    user.addRole(executeQuery2.getString(1).trim());
                }
                executeQuery2.close();
                roleStatement.close();
                try {
                    if (!connection.getAutoCommit()) {
                        connection.commit();
                    }
                } catch (SQLException e) {
                    if (getLogger().isLoggable(BasicLevel.DEBUG)) {
                        getLogger().log(BasicLevel.DEBUG, "Cannot commit on the current connection :  : '" + e.getMessage() + "'");
                    }
                }
                closeConnection(connection);
                return user;
            } catch (SQLException e2) {
                closeConnection(connection);
                throw new JResourceException(e2.getMessage(), e2);
            }
        } catch (SQLException e3) {
            closeConnection(connection);
            throw new JResourceException(e3.getMessage(), e3);
        }
    }

    @Override // org.ow2.jonas.security.realm.factory.JResource
    public boolean isValidUser(JUser jUser, String str) {
        boolean z = false;
        String password = jUser.getHashPassword().getPassword();
        String algorithm = jUser.getHashPassword().getAlgorithm();
        if (algorithm != null) {
            try {
                z = HashHelper.hashPassword(str, algorithm).equalsIgnoreCase(password);
            } catch (NoSuchAlgorithmException e) {
                getLogger().log(BasicLevel.ERROR, "Can't make a password with the algorithm " + algorithm + ". " + e.getMessage());
            }
        } else if (this.algorithm == null || this.algorithm.equals(LoggingEventFieldResolver.EMPTY_STRING)) {
            z = str.equals(password);
        } else {
            try {
                z = HashHelper.hashPassword(str, this.algorithm).equalsIgnoreCase(password);
            } catch (NoSuchAlgorithmException e2) {
                getLogger().log(BasicLevel.ERROR, "Can't make a password with the algorithm " + this.algorithm + ". " + e2.getMessage());
            }
        }
        return z;
    }

    @Override // org.ow2.jonas.security.realm.factory.JResource
    public ArrayList getArrayListCombinedRoles(JUser jUser) throws JResourceException {
        ArrayList arrayList = new ArrayList();
        if (jUser == null) {
            return arrayList;
        }
        for (String str : jUser.getArrayRoles()) {
            if (!arrayList.contains(str)) {
                arrayList.add(str);
            }
        }
        jUser.setCombinedRoles(arrayList);
        return arrayList;
    }

    public String toXML() {
        StringBuffer stringBuffer = new StringBuffer("    <dsrealm name=\"");
        stringBuffer.append(getName());
        stringBuffer.append("\"\n             dsName=\"");
        if (this.dsName != null) {
            stringBuffer.append(this.dsName);
        }
        stringBuffer.append("\"\n             userTable=\"");
        if (this.userTable != null) {
            stringBuffer.append(this.userTable);
        }
        stringBuffer.append("\" userTableUsernameCol=\"");
        if (this.userTableUsernameCol != null) {
            stringBuffer.append(this.userTableUsernameCol);
        }
        stringBuffer.append("\" userTablePasswordCol=\"");
        if (this.userTablePasswordCol != null) {
            stringBuffer.append(this.userTablePasswordCol);
        }
        stringBuffer.append("\"\n             roleTable=\"");
        if (this.roleTable != null) {
            stringBuffer.append(this.roleTable);
        }
        stringBuffer.append("\" roleTableUsernameCol=\"");
        if (this.roleTableUsernameCol != null) {
            stringBuffer.append(this.roleTableUsernameCol);
        }
        stringBuffer.append("\" roleTableRolenameCol=\"");
        if (this.roleTableRolenameCol != null) {
            stringBuffer.append(this.roleTableRolenameCol);
        }
        if (this.userPrincipalsQuery != null && !this.userPrincipalsQuery.equals(LoggingEventFieldResolver.EMPTY_STRING)) {
            stringBuffer.append("\"\n             userPrincipalsQuery=\"");
            stringBuffer.append(this.userPrincipalsQuery);
        }
        if (this.userRolesQuery != null && !this.userRolesQuery.equals(LoggingEventFieldResolver.EMPTY_STRING)) {
            stringBuffer.append("\"\n             userRolesQuery=\"");
            stringBuffer.append(this.userRolesQuery);
        }
        if (this.algorithm != null && !this.algorithm.equals(LoggingEventFieldResolver.EMPTY_STRING)) {
            stringBuffer.append("\"\n             algorithm=\"");
            stringBuffer.append(this.algorithm);
        }
        stringBuffer.append("\" />");
        return stringBuffer.toString();
    }

    public String toString() {
        return toXML();
    }

    @Override // org.ow2.jonas.security.realm.factory.JResource
    public Reference getReference() throws NamingException {
        Reference reference = new Reference(FACTORY_TYPE, FACTORY_NAME, (String) null);
        reference.add(new StringRefAddr(Constants.ATTR_NAME, getName()));
        reference.add(new StringRefAddr("dsName", this.dsName));
        reference.add(new StringRefAddr("userTable", this.userTable));
        reference.add(new StringRefAddr("userTableUsernameCol", this.userTableUsernameCol));
        reference.add(new StringRefAddr("userTablePasswordCol", this.userTablePasswordCol));
        reference.add(new StringRefAddr("roleTable", this.roleTable));
        reference.add(new StringRefAddr("roleTableUsernameCol", this.roleTableUsernameCol));
        reference.add(new StringRefAddr("roleTableRolenameCol", this.roleTableRolenameCol));
        reference.add(new StringRefAddr("userPrincipalsQuery", this.userPrincipalsQuery));
        reference.add(new StringRefAddr("userRolesQuery", this.userRolesQuery));
        reference.add(new StringRefAddr("algorithm", this.algorithm));
        return reference;
    }

    private void closeConnection(Connection connection) {
        if (connection == null) {
            return;
        }
        try {
            connection.close();
        } catch (Exception e) {
            if (getLogger().isLoggable(BasicLevel.DEBUG)) {
                getLogger().log(BasicLevel.DEBUG, "Can not close the connection");
            }
        }
    }

    private Connection getConnection() throws JResourceException {
        if (this.dataSource == null) {
            try {
                this.dataSource = (DataSource) new InitialContext().lookup(this.dsName);
            } catch (Exception e) {
                String str = "Cannot find resource " + this.dsName + " in the registry " + e.getMessage();
                getLogger().log(BasicLevel.ERROR, str);
                throw new JResourceException(str, e);
            }
        }
        try {
            return this.dataSource.getConnection();
        } catch (SQLException e2) {
            getLogger().log(BasicLevel.ERROR, e2.getMessage());
            throw new JResourceException(e2.getMessage(), e2);
        }
    }

    private String userQuery() {
        if (this.userPrincipalsQuery != null) {
            if (getLogger().isLoggable(BasicLevel.DEBUG)) {
                getLogger().log(BasicLevel.DEBUG, "Return user defined SQL query for user" + this.userPrincipalsQuery);
            }
            return this.userPrincipalsQuery;
        }
        StringBuffer stringBuffer = new StringBuffer("SELECT ");
        stringBuffer.append(this.userTablePasswordCol);
        stringBuffer.append(" FROM ");
        stringBuffer.append(this.userTable);
        stringBuffer.append(" WHERE ");
        stringBuffer.append(this.userTableUsernameCol);
        stringBuffer.append(" = ?");
        return stringBuffer.toString();
    }

    private String rolesOfUserQuery() {
        if (this.userRolesQuery != null) {
            if (getLogger().isLoggable(BasicLevel.DEBUG)) {
                getLogger().log(BasicLevel.DEBUG, "Return user defined SQL query for roles" + this.userRolesQuery);
            }
            return this.userRolesQuery;
        }
        StringBuffer stringBuffer = new StringBuffer("SELECT r.");
        stringBuffer.append(this.roleTableRolenameCol);
        stringBuffer.append(" FROM ");
        stringBuffer.append(this.userTable);
        stringBuffer.append(" u, ");
        stringBuffer.append(this.roleTable);
        stringBuffer.append(" r WHERE u.");
        stringBuffer.append(this.userTableUsernameCol);
        stringBuffer.append(" = r.");
        stringBuffer.append(this.roleTableUsernameCol);
        stringBuffer.append(" AND u.");
        stringBuffer.append(this.userTableUsernameCol);
        stringBuffer.append(" = ?");
        return stringBuffer.toString();
    }

    private PreparedStatement userStatement(Connection connection, String str) throws SQLException {
        if (getLogger().isLoggable(BasicLevel.DEBUG)) {
            getLogger().log(BasicLevel.DEBUG, "Creating user statement for the user '" + str + "'");
        }
        PreparedStatement prepareStatement = connection.prepareStatement(userQuery());
        prepareStatement.setString(1, str);
        return prepareStatement;
    }

    private PreparedStatement roleStatement(Connection connection, String str) throws SQLException {
        if (getLogger().isLoggable(BasicLevel.DEBUG)) {
            getLogger().log(BasicLevel.DEBUG, "Creating role statement for the user " + str + "'");
        }
        PreparedStatement prepareStatement = connection.prepareStatement(rolesOfUserQuery());
        prepareStatement.setString(1, str);
        return prepareStatement;
    }

    @Override // org.ow2.jonas.security.realm.factory.JResource
    public void removeMBeans() throws JResourceException {
    }
}
