package org.apereo.cas.adaptors.jdbc;

import java.util.ArrayList;
import java.util.Map;
import javax.security.auth.login.AccountNotFoundException;
import javax.security.auth.login.FailedLoginException;
import javax.sql.DataSource;
import org.apache.commons.lang3.BooleanUtils;
import org.apache.commons.lang3.StringUtils;
import org.apereo.cas.authentication.AuthenticationHandlerExecutionResult;
import org.apereo.cas.authentication.PreventedException;
import org.apereo.cas.authentication.credential.UsernamePasswordCredential;
import org.apereo.cas.authentication.exceptions.AccountDisabledException;
import org.apereo.cas.authentication.exceptions.AccountPasswordMustChangeException;
import org.apereo.cas.authentication.principal.PrincipalFactory;
import org.apereo.cas.configuration.model.support.jdbc.authn.QueryEncodeJdbcAuthenticationProperties;
import org.apereo.cas.monitor.Monitorable;
import org.apereo.cas.services.ServicesManager;
import org.springframework.dao.DataAccessException;
import org.springframework.dao.IncorrectResultSizeDataAccessException;

@Monitorable
/* loaded from: input_file:org/apereo/cas/adaptors/jdbc/QueryAndEncodeDatabaseAuthenticationHandler.class */
public class QueryAndEncodeDatabaseAuthenticationHandler extends AbstractJdbcUsernamePasswordAuthenticationHandler {
    private final QueryEncodeJdbcAuthenticationProperties properties;
    private final DatabasePasswordEncoder databasePasswordEncoder;

    public QueryAndEncodeDatabaseAuthenticationHandler(QueryEncodeJdbcAuthenticationProperties queryEncodeJdbcAuthenticationProperties, ServicesManager servicesManager, PrincipalFactory principalFactory, DataSource dataSource, DatabasePasswordEncoder databasePasswordEncoder) {
        super(queryEncodeJdbcAuthenticationProperties.getName(), servicesManager, principalFactory, Integer.valueOf(queryEncodeJdbcAuthenticationProperties.getOrder()), dataSource);
        this.properties = queryEncodeJdbcAuthenticationProperties;
        this.databasePasswordEncoder = databasePasswordEncoder;
    }

    protected AuthenticationHandlerExecutionResult authenticateUsernamePasswordInternal(UsernamePasswordCredential usernamePasswordCredential, String str) throws Throwable {
        String username = usernamePasswordCredential.getUsername();
        try {
            Map<String, Object> performSqlQuery = performSqlQuery(username);
            if (!performSqlQuery.get(this.properties.getPasswordFieldName()).equals(this.databasePasswordEncoder.encode(usernamePasswordCredential.toPassword(), performSqlQuery))) {
                throw new FailedLoginException("Password does not match value on record.");
            }
            if (StringUtils.isNotBlank(this.properties.getExpiredFieldName()) && performSqlQuery.containsKey(this.properties.getExpiredFieldName())) {
                String obj = performSqlQuery.get(this.properties.getExpiredFieldName()).toString();
                if (BooleanUtils.toBoolean(obj) || "1".equals(obj)) {
                    throw new AccountPasswordMustChangeException("Password has expired");
                }
            }
            if (StringUtils.isNotBlank(this.properties.getDisabledFieldName()) && performSqlQuery.containsKey(this.properties.getDisabledFieldName())) {
                String obj2 = performSqlQuery.get(this.properties.getDisabledFieldName()).toString();
                if (BooleanUtils.toBoolean(obj2) || "1".equals(obj2)) {
                    throw new AccountDisabledException("Account has been disabled");
                }
            }
            return createHandlerResult(usernamePasswordCredential, this.principalFactory.createPrincipal(username), new ArrayList(0));
        } catch (DataAccessException e) {
            throw new PreventedException(e);
        } catch (IncorrectResultSizeDataAccessException e2) {
            if (e2.getActualSize() == 0) {
                throw new AccountNotFoundException(username + " not found with SQL query");
            }
            throw new FailedLoginException("Multiple records found for " + username);
        }
    }

    protected Map<String, Object> performSqlQuery(String str) {
        return getJdbcTemplate().queryForMap(this.properties.getSql(), new Object[]{str});
    }
}
