package org.webswing.server.services.security.modules.database;

import java.beans.BeanInfo;
import java.beans.Introspector;
import java.beans.PropertyDescriptor;
import java.util.Map;
import javax.sql.DataSource;
import org.apache.activemq.command.ActiveMQDestination;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authc.credential.CredentialsMatcher;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.authc.credential.SimpleCredentialsMatcher;
import org.apache.shiro.realm.jdbc.JdbcRealm;
import org.webswing.server.services.security.api.AbstractWebswingUser;
import org.webswing.server.services.security.api.WebswingAuthenticationException;
import org.webswing.server.services.security.modules.AbstractUserPasswordSecurityModule;
import org.webswing.server.services.security.modules.property.ShiroWebswingUser;

/* loaded from: input_file:WEB-INF/lib/webswing-server-security-2.5.11.jar:org/webswing/server/services/security/modules/database/DatabaseSecurityModule.class */
public class DatabaseSecurityModule extends AbstractUserPasswordSecurityModule<DatabaseSecurityModuleConfig> {
    private JdbcRealm realm;

    public DatabaseSecurityModule(DatabaseSecurityModuleConfig databaseSecurityModuleConfig) {
        super(databaseSecurityModuleConfig);
    }

    @Override // org.webswing.server.services.security.modules.AbstractUserPasswordSecurityModule, org.webswing.server.services.security.modules.AbstractExtendableSecurityModule, org.webswing.server.services.security.modules.AbstractSecurityModule, org.webswing.server.services.security.api.WebswingSecurityModule
    public void init() {
        super.init();
        this.realm = new JdbcRealm();
        this.realm.setDataSource(initializeDataSource());
        this.realm.setAuthenticationQuery(((DatabaseSecurityModuleConfig) getConfig()).getAuthenticationQuery());
        this.realm.setUserRolesQuery(((DatabaseSecurityModuleConfig) getConfig()).getUserRolesQuery());
        this.realm.setPermissionsQuery(((DatabaseSecurityModuleConfig) getConfig()).getPermissionsQuery());
        this.realm.setCredentialsMatcher(initializeCredentialMatcher());
        this.realm.setSaltStyle(((DatabaseSecurityModuleConfig) getConfig()).isPasswordSalted() ? JdbcRealm.SaltStyle.COLUMN : JdbcRealm.SaltStyle.NO_SALT);
        this.realm.setPermissionsLookupEnabled(((DatabaseSecurityModuleConfig) getConfig()).isPermissionsEnabled());
        this.realm.init();
    }

    protected CredentialsMatcher initializeCredentialMatcher() {
        String hashAlgorithm = ((DatabaseSecurityModuleConfig) getConfig()).getHashAlgorithm();
        try {
            hashAlgorithm = HashType.valueOf(hashAlgorithm).getValue();
        } catch (Exception e) {
        }
        if (hashAlgorithm == null) {
            return new SimpleCredentialsMatcher();
        }
        HashedCredentialsMatcher hashedCredentialsMatcher = new HashedCredentialsMatcher();
        hashedCredentialsMatcher.setHashAlgorithmName(hashAlgorithm);
        hashedCredentialsMatcher.setHashIterations(((DatabaseSecurityModuleConfig) getConfig()).getHashIterations());
        hashedCredentialsMatcher.setStoredCredentialsHexEncoded(((DatabaseSecurityModuleConfig) getConfig()).getHashHexEncoded());
        return hashedCredentialsMatcher;
    }

    protected DataSource initializeDataSource() throws RuntimeException {
        try {
            Class<?> loadClass = Thread.currentThread().getContextClassLoader().loadClass(((DatabaseSecurityModuleConfig) getConfig()).getDataSourceClass());
            DataSource dataSource = (DataSource) loadClass.newInstance();
            BeanInfo beanInfo = Introspector.getBeanInfo(loadClass);
            Map<String, String> dataSourceProperties = ((DatabaseSecurityModuleConfig) getConfig()).getDataSourceProperties();
            for (PropertyDescriptor propertyDescriptor : beanInfo.getPropertyDescriptors()) {
                String str = dataSourceProperties.get(propertyDescriptor.getName());
                if (propertyDescriptor.getWriteMethod() != null && str != null) {
                    try {
                        Class<?> cls = propertyDescriptor.getWriteMethod().getParameterTypes()[0];
                        if (cls == String.class) {
                            propertyDescriptor.getWriteMethod().invoke(dataSource, str);
                        } else if (cls == Boolean.TYPE) {
                            propertyDescriptor.getWriteMethod().invoke(dataSource, Boolean.valueOf(Boolean.parseBoolean(str)));
                        } else if (cls == Integer.TYPE) {
                            propertyDescriptor.getWriteMethod().invoke(dataSource, Integer.valueOf(Integer.parseInt(str)));
                        }
                    } catch (Exception e) {
                        throw new IllegalStateException("Setting the value of " + ((DatabaseSecurityModuleConfig) getConfig()).getDataSourceClass() + ActiveMQDestination.PATH_SEPERATOR + propertyDescriptor.getName() + " to " + str + " failed.", e);
                    }
                }
            }
            return dataSource;
        } catch (Exception e2) {
            throw new IllegalStateException("Failed to initialize DataSource " + ((DatabaseSecurityModuleConfig) getConfig()).getDataSourceClass(), e2);
        }
    }

    @Override // org.webswing.server.services.security.modules.AbstractUserPasswordSecurityModule
    public AbstractWebswingUser verifyUserPassword(String str, String str2) throws WebswingAuthenticationException {
        try {
            AuthenticationInfo authenticationInfo = this.realm.getAuthenticationInfo(new UsernamePasswordToken(str, str2));
            if (authenticationInfo == null) {
                throw new WebswingAuthenticationException("User not found!", WebswingAuthenticationException.INVALID_USER_OR_PASSWORD);
            }
            return new ShiroWebswingUser(this.realm, authenticationInfo);
        } catch (AuthenticationException e) {
            throw new WebswingAuthenticationException("Username or password is not valid!", WebswingAuthenticationException.INVALID_USER_OR_PASSWORD, e);
        }
    }
}
