package org.wamblee.glassfish.auth;

import com.sun.enterprise.connectors.ConnectorRuntime;
import com.sun.enterprise.security.auth.realm.BadRealmException;
import com.sun.enterprise.security.auth.realm.IASRealm;
import com.sun.enterprise.security.auth.realm.InvalidOperationException;
import com.sun.enterprise.security.auth.realm.NoSuchRealmException;
import com.sun.enterprise.security.auth.realm.NoSuchUserException;
import java.math.BigInteger;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.text.MessageFormat;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Enumeration;
import java.util.Properties;
import java.util.Vector;
import java.util.logging.Level;
import javax.security.auth.login.LoginException;
import javax.sql.DataSource;

/* loaded from: input_file:org/wamblee/glassfish/auth/FlexibleJdbcRealm.class */
public class FlexibleJdbcRealm extends IASRealm {
    private static final String PROP_JAAS_CONTEXT = "jaas.context";
    private static final String PROP_DATASOURCE_JNDI = "datasource.jndi";
    private static final String PROP_DATASOURCE_USER = "datasource.user";
    private static final String PROP_DATASOURCE_PASSWORD = "datasource.password";
    private static final String PROP_SQL_PASSWORD = "sql.password";
    private static final String PROP_SQL_GROUPS = "sql.groups";
    private static final String PROP_SQL_SEED = "sql.seed";
    private static final String PROP_SEED_FORMAT = "password.seed.format";
    private static final String DEFAULT_SEED_FORMAT = "{0}{1}";
    private static final String PROP_ENCODING = "password.encoding";
    private static final String PLAIN_ENCODING = "PLAIN";
    private static final String PROP_ADDITIONAL_GROUPS = "additional_groups";
    private String _jaasContext;
    private String _datasource;
    private String _datasourceUser;
    private String _datasourcePassword;
    private String _sqlPasswordQuery;
    private String _sqlGroupsQuery;
    private String _sqlSeedQuery;
    private String _seedFormat;
    private String _encoding;
    private GroupCache _cache = new NoGroupCache();

    protected void init(Properties properties) throws BadRealmException, NoSuchRealmException {
        super.init(properties);
        this._jaasContext = getProp(properties, PROP_JAAS_CONTEXT);
        setProperty("jaas-context", this._jaasContext);
        this._datasource = getProp(properties, PROP_DATASOURCE_JNDI);
        this._datasourceUser = properties.getProperty(PROP_DATASOURCE_USER);
        this._datasourcePassword = properties.getProperty(PROP_DATASOURCE_PASSWORD);
        this._sqlPasswordQuery = getProp(properties, PROP_SQL_PASSWORD);
        this._sqlGroupsQuery = getProp(properties, PROP_SQL_GROUPS);
        this._encoding = getProp(properties, PROP_ENCODING);
        this._sqlSeedQuery = properties.getProperty(PROP_SQL_SEED);
        if (this._sqlSeedQuery != null && this._sqlSeedQuery.length() == 0) {
            this._sqlSeedQuery = null;
        }
        this._seedFormat = properties.getProperty(PROP_SEED_FORMAT);
        if (this._seedFormat == null || this._seedFormat.length() == 0) {
            this._seedFormat = DEFAULT_SEED_FORMAT;
        }
        System.out.println("Configuration read: " + this);
    }

    public String toString() {
        return "FlexibleJdbcRealm(jaasContext = " + this._jaasContext + ", dataSource = " + this._datasource + ", dataSourceUser = " + this._datasourceUser + ", dataSourcePassword = " + this._datasourcePassword + ", sqlPasswordQuery = " + this._sqlPasswordQuery + ", sqlGroupsQuery = " + this._sqlGroupsQuery + ", encoding = " + this._encoding + ", sqlSeedString = " + this._sqlSeedQuery + ", seedFormat = " + this._seedFormat + ")";
    }

    private String getProp(Properties properties, String str) throws BadRealmException {
        String property = properties.getProperty(str);
        if (property == null) {
            throw new BadRealmException("Missing property '" + str + "' for FlexibleJdbcRealm");
        }
        return property;
    }

    public Enumeration getGroupNames(String str) throws InvalidOperationException, NoSuchUserException {
        String[] groups = this._cache.getGroups(str);
        if (groups == null) {
            groups = findGroups(str);
            System.out.println("Group names are '" + groups + "'");
            this._cache.setGroups(str, groups);
        }
        return new Vector(Arrays.asList(groups)).elements();
    }

    private String[] findGroups(String str) {
        return executeQuery(this._sqlGroupsQuery, str);
    }

    public String getAuthType() {
        return "Flexible JDBC authentication against any type of database and schema";
    }

    public String[] authenticateUser(String str, String str2) {
        String[] strArr = null;
        if (isUserValid(str, str2)) {
            strArr = addAssignGroups(findGroups(str));
            this._cache.setGroups(str, strArr);
        }
        return strArr;
    }

    private boolean isUserValid(String str, String str2) {
        String findPassword = findPassword(str);
        if (findPassword == null) {
            return false;
        }
        String format = MessageFormat.format(this._seedFormat, str2, findSeed(str));
        return (this._encoding.equals(PLAIN_ENCODING) ? format : encodePassword(format, this._encoding)).equals(findPassword);
    }

    private static String encodePassword(String str, String str2) {
        try {
            return new BigInteger(1, MessageDigest.getInstance(str2).digest(str.getBytes())).toString(16);
        } catch (NoSuchAlgorithmException e) {
            throw new RuntimeException("Could not get encoding '" + str2 + "' for encoding password", e);
        }
    }

    private String findPassword(String str) {
        String[] executeQuery = executeQuery(this._sqlPasswordQuery, str);
        if (executeQuery == null || executeQuery.length != 1) {
            return null;
        }
        return executeQuery[0];
    }

    private String findSeed(String str) {
        String[] executeQuery;
        return (this._sqlSeedQuery == null || (executeQuery = executeQuery(this._sqlSeedQuery, str)) == null || executeQuery.length != 1) ? "" : executeQuery[0];
    }

    private String[] executeQuery(String str, String str2) {
        System.out.println("Executing query '" + str + "' for user '" + str2 + "'");
        Connection connection = null;
        PreparedStatement preparedStatement = null;
        ResultSet resultSet = null;
        try {
            try {
                connection = getConnection();
                preparedStatement = connection.prepareStatement(str);
                preparedStatement.setString(1, str2);
                resultSet = preparedStatement.executeQuery();
                ArrayList arrayList = new ArrayList();
                while (resultSet.next()) {
                    arrayList.add(resultSet.getString(1));
                }
                String[] strArr = (String[]) arrayList.toArray(new String[0]);
                close(connection, preparedStatement, resultSet);
                return strArr;
            } catch (Exception e) {
                _logger.log(Level.SEVERE, "Error in query '" + str + "' for user " + str2);
                if (_logger.isLoggable(Level.FINE)) {
                    _logger.log(Level.FINE, "Cannot load group", (Throwable) e);
                }
                close(connection, preparedStatement, resultSet);
                return null;
            }
        } catch (Throwable th) {
            close(connection, preparedStatement, resultSet);
            throw th;
        }
    }

    private Connection getConnection() throws LoginException {
        try {
            DataSource dataSource = (DataSource) ConnectorRuntime.getRuntime().lookupNonTxResource(this._datasource, false);
            return (this._datasourceUser == null || this._datasourcePassword == null) ? dataSource.getConnection() : dataSource.getConnection(this._datasourceUser, this._datasourcePassword);
        } catch (Exception e) {
            LoginException loginException = new LoginException("FlexibleJdbcRealm Cannot connect, jndi = " + this._datasource + " user = " + this._datasourceUser);
            loginException.initCause(e);
            throw loginException;
        }
    }

    private void close(Connection connection, PreparedStatement preparedStatement, ResultSet resultSet) {
        if (resultSet != null) {
            try {
                resultSet.close();
            } catch (Exception e) {
            }
        }
        if (preparedStatement != null) {
            try {
                preparedStatement.close();
            } catch (Exception e2) {
            }
        }
        if (connection != null) {
            try {
                connection.close();
            } catch (Exception e3) {
            }
        }
    }
}
