package com.predic8.membrane.core.interceptor.authentication.session;

import com.predic8.membrane.annot.MCAttribute;
import com.predic8.membrane.annot.MCElement;
import com.predic8.membrane.core.Router;
import com.predic8.membrane.core.interceptor.registration.SecurityUtils;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.ResultSetMetaData;
import java.sql.SQLException;
import java.sql.Statement;
import java.util.HashMap;
import java.util.Map;
import java.util.NoSuchElementException;
import javax.sql.DataSource;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Required;

@MCElement(name = "jdbcUserDataProvider")
/* loaded from: input_file:lib/service-proxy-core-4.8.5.jar:com/predic8/membrane/core/interceptor/authentication/session/JdbcUserDataProvider.class */
public class JdbcUserDataProvider implements UserDataProvider {
    private static final Logger log = LoggerFactory.getLogger(JdbcUserDataProvider.class.getName());
    private DataSource datasource;
    private String tableName;
    private String userColumnName;
    private String passwordColumnName;
    private Router router;

    @Override // com.predic8.membrane.core.interceptor.authentication.session.UserDataProvider
    public void init(Router router) {
        this.router = router;
        sanitizeUserInputs();
        getDatasourceIfNull();
        try {
            createTableIfNeeded();
        } catch (SQLException e) {
            e.printStackTrace();
            log.error("Something went wrong at jdbcUserDataProvider table creation");
            log.error(e.getMessage());
        }
    }

    private void sanitizeUserInputs() {
    }

    private void createTableIfNeeded() throws SQLException {
        Connection connection = null;
        Statement statement = null;
        try {
            connection = this.datasource.getConnection();
            statement = connection.createStatement();
            statement.executeUpdate(getCreateTableSql());
            if (statement != null) {
                statement.close();
            }
            if (connection != null) {
                connection.close();
            }
        } catch (Throwable th) {
            if (statement != null) {
                statement.close();
            }
            if (connection != null) {
                connection.close();
            }
            throw th;
        }
    }

    private String getCreateTableSql() {
        return "CREATE TABLE IF NOT EXISTS " + getTableName() + "(id bigint NOT NULL PRIMARY KEY AUTO_INCREMENT, " + getUserColumnName() + " varchar NOT NULL, " + getPasswordColumnName() + " varchar NOT NULL, verified boolean NOT NULL DEFAULT false);";
    }

    private void getDatasourceIfNull() {
        if (this.datasource != null) {
            return;
        }
        DataSource[] dataSourceArr = (DataSource[]) this.router.getBeanFactory().getBeansOfType(DataSource.class).values().toArray(new DataSource[0]);
        if (dataSourceArr.length <= 0) {
            throw new RuntimeException("No datasource found - specifiy a DataSource bean in your Membrane configuration");
        }
        this.datasource = dataSourceArr[0];
    }

    @Override // com.predic8.membrane.core.interceptor.authentication.session.UserDataProvider
    public Map<String, String> verify(Map<String, String> map) {
        String str = map.get("username");
        if (str == null) {
            throw new NoSuchElementException();
        }
        String str2 = map.get("password");
        if (str2 == null) {
            throw new NoSuchElementException();
        }
        HashMap hashMap = null;
        try {
            Connection connection = this.datasource.getConnection();
            PreparedStatement prepareStatement = connection.prepareStatement(createGetUsersSql());
            prepareStatement.setString(1, str);
            ResultSet executeQuery = prepareStatement.executeQuery();
            ResultSetMetaData metaData = executeQuery.getMetaData();
            hashMap = new HashMap();
            while (executeQuery.next()) {
                for (int i = 1; i <= metaData.getColumnCount(); i++) {
                    hashMap.put(metaData.getColumnName(i).toLowerCase(), executeQuery.getObject(i).toString());
                }
            }
            executeQuery.close();
            prepareStatement.close();
            connection.close();
        } catch (SQLException e) {
            e.printStackTrace();
            log.error(e.getMessage());
        }
        if (hashMap != null && hashMap.size() > 0) {
            String str3 = (String) hashMap.get(getPasswordColumnName().toLowerCase());
            if (!SecurityUtils.isHashedPassword(str2)) {
                str2 = SecurityUtils.createPasswdCompatibleHash(str2, SecurityUtils.extractSalt(str3));
            }
            if (str.equals(hashMap.get(getUserColumnName().toLowerCase())) && str2.equals(str3)) {
                return hashMap;
            }
        }
        throw new NoSuchElementException();
    }

    private String createGetUsersSql() {
        return "SELECT * FROM " + getTableName() + " WHERE " + getUserColumnName() + "=?";
    }

    public DataSource getDatasource() {
        return this.datasource;
    }

    @MCAttribute
    public void setDatasource(DataSource dataSource) {
        this.datasource = dataSource;
    }

    public String getTableName() {
        return this.tableName.toUpperCase();
    }

    @MCAttribute
    @Required
    public void setTableName(String str) {
        this.tableName = str;
    }

    public String getUserColumnName() {
        return this.userColumnName.toUpperCase();
    }

    @MCAttribute
    @Required
    public void setUserColumnName(String str) {
        this.userColumnName = str;
    }

    public String getPasswordColumnName() {
        return this.passwordColumnName.toUpperCase();
    }

    @MCAttribute
    @Required
    public void setPasswordColumnName(String str) {
        this.passwordColumnName = str;
    }
}
