package com.ashtonit.odb.realm;

import com.orientechnologies.orient.core.db.OPartitionedDatabasePool;
import com.orientechnologies.orient.core.db.OPartitionedDatabasePoolFactory;
import com.orientechnologies.orient.core.db.document.ODatabaseDocumentTx;
import com.orientechnologies.orient.core.record.impl.ODocument;
import com.orientechnologies.orient.core.sql.query.OSQLSynchQuery;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import java.util.logging.Logger;
import javax.naming.Context;
import javax.naming.InitialContext;
import javax.naming.NamingException;
import org.apache.catalina.realm.GenericPrincipal;
import org.apache.catalina.realm.MessageDigestCredentialHandler;
import org.apache.catalina.realm.RealmBase;
import org.ietf.jgss.GSSContext;

/* loaded from: input_file:com/ashtonit/odb/realm/OdbRealm.class */
public class OdbRealm extends RealmBase {
    protected static final String name = "OdbRealm";
    private static final String NAME = "name";
    private static final String PASSWORD = "password";
    private static final String ROLES = "roles";
    private static final String SELECT = "select from OUser where name = ?";
    private static final String SHA256 = "SHA-256";
    private static final String SHA256_PREFIX = "{SHA-256}";
    private String dbPass;
    private String dbResource;
    private String dbUrl;
    private String dbUser;
    private OPartitionedDatabasePool pool;
    protected static final String info = OdbRealm.class.getName() + "/2.1.0";
    private static final Logger log = Logger.getLogger(OdbRealm.class.getName());

    public OdbRealm() {
        MessageDigestCredentialHandler messageDigestCredentialHandler = new MessageDigestCredentialHandler();
        try {
            messageDigestCredentialHandler.setAlgorithm(SHA256);
        } catch (NoSuchAlgorithmException e) {
            this.containerLog.error("Authentication failed: dbUrl=" + this.dbUrl, e);
            log.severe("authenticate(String, String): dbUrl=" + this.dbUrl);
            log.throwing(OdbRealm.class.getName(), "authenticate(String, String)", e);
        }
        setCredentialHandler(messageDigestCredentialHandler);
    }

    public Principal authenticate(GSSContext gSSContext, boolean z) throws UnsupportedOperationException {
        log.severe("authenticate(String): dbUrl=" + this.dbUrl);
        throw new UnsupportedOperationException();
    }

    public Principal authenticate(String str) throws UnsupportedOperationException {
        log.severe("authenticate(String): username=" + str + " dbUrl=" + this.dbUrl);
        throw new UnsupportedOperationException();
    }

    public Principal authenticate(String str, String str2) {
        log.info("authenticate(String, String): username=" + str + " dbUrl=" + this.dbUrl);
        if (str == null) {
            this.containerLog.warn("username is null");
            return null;
        }
        if (str2 == null) {
            this.containerLog.warn("credentials is null");
            return null;
        }
        ODatabaseDocumentTx oDatabaseDocumentTx = null;
        try {
            try {
                oDatabaseDocumentTx = getDb();
                ODocument oDocument = getODocument(oDatabaseDocumentTx, str);
                if (getCredentialHandler().matches(str2, getPassword(oDocument))) {
                    GenericPrincipal odbPrincipal = new OdbPrincipal(str, str2, getRoles(oDocument), this.dbUrl);
                    if (oDatabaseDocumentTx != null) {
                        oDatabaseDocumentTx.close();
                    }
                    return odbPrincipal;
                }
                if (oDatabaseDocumentTx == null) {
                    return null;
                }
                oDatabaseDocumentTx.close();
                return null;
            } catch (Exception e) {
                this.containerLog.error("Authentication failed: dbUrl=" + this.dbUrl, e);
                log.warning("authenticate(String, String): username=" + str + " dbUrl=" + this.dbUrl);
                log.throwing(OdbRealm.class.getName(), "authenticate(String, String)", e);
                if (oDatabaseDocumentTx == null) {
                    return null;
                }
                oDatabaseDocumentTx.close();
                return null;
            }
        } catch (Throwable th) {
            if (oDatabaseDocumentTx != null) {
                oDatabaseDocumentTx.close();
            }
            throw th;
        }
    }

    public Principal authenticate(String str, String str2, String str3, String str4, String str5, String str6, String str7, String str8) throws UnsupportedOperationException {
        log.severe("authenticate(String, String, String, String, String, String, String, String): username=" + str + " dbUrl=" + this.dbUrl);
        throw new UnsupportedOperationException();
    }

    public Principal authenticate(X509Certificate[] x509CertificateArr) throws UnsupportedOperationException {
        log.severe("authenticate(X509Certificate[]): dbUrl=" + this.dbUrl);
        throw new UnsupportedOperationException();
    }

    public void setDbPass(String str) {
        this.dbPass = str;
    }

    public void setDbResource(String str) {
        this.dbResource = str;
    }

    public void setDbUrl(String str) {
        this.dbUrl = str;
    }

    public void setDbUser(String str) {
        this.dbUser = str;
    }

    protected String getName() {
        return name;
    }

    protected String getPassword(String str) throws UnsupportedOperationException {
        log.severe("getPassword(String): username=" + str + " dbUrl=" + this.dbUrl);
        throw new UnsupportedOperationException();
    }

    protected Principal getPrincipal(String str) throws UnsupportedOperationException {
        log.severe("getPrincipal(String): username=" + str + " dbUrl=" + this.dbUrl);
        throw new UnsupportedOperationException();
    }

    private final ODatabaseDocumentTx getDb() throws NamingException {
        if (this.pool == null) {
            if (this.dbResource != null) {
                this.pool = ((OPartitionedDatabasePoolFactory) ((Context) new InitialContext().lookup("java:comp/env")).lookup(this.dbResource)).get(this.dbUrl, this.dbUser, this.dbPass);
            } else {
                this.pool = new OPartitionedDatabasePool(this.dbUrl, this.dbUser, this.dbPass);
            }
        }
        return this.pool.acquire();
    }

    private final ODocument getODocument(ODatabaseDocumentTx oDatabaseDocumentTx, String str) {
        List list = (List) oDatabaseDocumentTx.command(new OSQLSynchQuery(SELECT, 1)).execute(new Object[]{str});
        if (!list.isEmpty()) {
            return (ODocument) list.get(0);
        }
        this.containerLog.warn(str + " not found in database " + this.dbUrl);
        return null;
    }

    private String getPassword(ODocument oDocument) throws NoSuchAlgorithmException {
        if (oDocument == null) {
            return null;
        }
        String str = (String) oDocument.field(PASSWORD);
        return (str == null || !str.startsWith(SHA256_PREFIX)) ? str : str.substring(SHA256_PREFIX.length());
    }

    private final List<String> getRoles(ODocument oDocument) {
        Set set;
        ArrayList arrayList = new ArrayList();
        if (oDocument != null && (set = (Set) oDocument.field(ROLES)) != null) {
            Iterator it = set.iterator();
            while (it.hasNext()) {
                arrayList.add((String) ((ODocument) it.next()).field(NAME));
            }
        }
        return arrayList;
    }
}
