package edu.mit.touchstone.cams.login;

import edu.mit.touchstone.cams.helper.SHA1DigestUtil;
import java.security.Principal;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.ArrayList;
import java.util.Arrays;
import org.apache.catalina.LifecycleException;
import org.apache.catalina.realm.DataSourceRealm;
import org.apache.catalina.realm.GenericPrincipal;

/* loaded from: input_file:edu/mit/touchstone/cams/login/CamsDataSourceRealm.class */
public class CamsDataSourceRealm extends DataSourceRealm {
    protected String saltCol = "salt";
    private String preparedCredentials = null;
    private String preparedSuccess = null;
    private String preparedFailure = null;

    public String getSaltCol() {
        return this.saltCol;
    }

    public void setsaltCol(String str) {
        this.containerLog.info("settin saltCol to " + str);
        this.saltCol = str;
    }

    protected Principal authenticate(Connection connection, String str, String str2) throws SQLException {
        ResultSet resultSet = null;
        PreparedStatement preparedStatement = null;
        String str3 = null;
        String str4 = null;
        String lowerCase = str.toLowerCase();
        try {
            try {
                preparedStatement = prepareStatementByUsername(connection, this.preparedCredentials, lowerCase);
                resultSet = preparedStatement.executeQuery();
                if (resultSet.next()) {
                    str3 = resultSet.getString(1);
                    str4 = resultSet.getString(2);
                }
                if (resultSet != null) {
                    try {
                        resultSet.close();
                    } catch (SQLException e) {
                        this.containerLog.error("Exception retrieving credentials for " + lowerCase, e);
                    }
                }
                if (preparedStatement != null) {
                    preparedStatement.close();
                }
            } catch (Throwable th) {
                if (resultSet != null) {
                    try {
                        resultSet.close();
                    } catch (SQLException e2) {
                        this.containerLog.error("Exception retrieving credentials for " + lowerCase, e2);
                        throw th;
                    }
                }
                if (preparedStatement != null) {
                    preparedStatement.close();
                }
                throw th;
            }
        } catch (SQLException e3) {
            this.containerLog.error("Exception retrieving credentials for " + lowerCase, e3);
            if (resultSet != null) {
                try {
                    resultSet.close();
                } catch (SQLException e4) {
                    this.containerLog.error("Exception retrieving credentials for " + lowerCase, e4);
                }
            }
            if (preparedStatement != null) {
                preparedStatement.close();
            }
        }
        if (str3 == null || str4 == null) {
            return null;
        }
        if (this.containerLog.isTraceEnabled()) {
            this.containerLog.trace("retrieved encryptedPassword " + str3 + ", salt " + str4 + " for user " + lowerCase);
        }
        try {
            if (new SHA1DigestUtil().checkPasswordHash(str2, str3, str4)) {
                this.containerLog.info("Successful password authentication by user " + lowerCase);
                setSuccess(connection, lowerCase);
                return new GenericPrincipal(this, lowerCase, str2, getRoles(connection, lowerCase));
            }
            this.containerLog.warn("Password authentication FAILURE by user " + lowerCase);
            setFailure(connection, lowerCase);
            return null;
        } catch (Exception e5) {
            this.containerLog.error("Exception checking password hash", e5);
            return null;
        }
    }

    protected ArrayList<String> getRoles(Connection connection, String str) {
        return new ArrayList<>(Arrays.asList("person"));
    }

    protected void setSuccess(Connection connection, String str) {
        int updateLoginState = updateLoginState(connection, this.preparedSuccess, str);
        if (updateLoginState != 1) {
            this.containerLog.warn("Updated " + updateLoginState + " rows setting success for " + str);
        }
    }

    protected void setFailure(Connection connection, String str) {
        int updateLoginState = updateLoginState(connection, this.preparedFailure, str);
        if (updateLoginState != 1) {
            this.containerLog.warn("Updated " + updateLoginState + " rows setting failure for " + str);
        }
    }

    protected int updateLoginState(Connection connection, String str, String str2) {
        PreparedStatement preparedStatement = null;
        int i = 0;
        try {
            try {
                preparedStatement = prepareStatementByUsername(connection, str, str2);
                i = preparedStatement.executeUpdate();
                if (preparedStatement != null) {
                    try {
                        preparedStatement.close();
                    } catch (SQLException e) {
                        this.containerLog.error("SQL exception closing in updating state", e);
                    }
                }
            } catch (Throwable th) {
                if (preparedStatement != null) {
                    try {
                        preparedStatement.close();
                    } catch (SQLException e2) {
                        this.containerLog.error("SQL exception closing in updating state", e2);
                        throw th;
                    }
                }
                throw th;
            }
        } catch (SQLException e3) {
            this.containerLog.error("SQL exception updating state", e3);
            if (preparedStatement != null) {
                try {
                    preparedStatement.close();
                } catch (SQLException e4) {
                    this.containerLog.error("SQL exception closing in updating state", e4);
                }
            }
        }
        return i;
    }

    private PreparedStatement prepareStatementByUsername(Connection connection, String str, String str2) throws SQLException {
        PreparedStatement prepareStatement = connection.prepareStatement(str);
        prepareStatement.setString(1, str2);
        return prepareStatement;
    }

    public void start() throws LifecycleException {
        super.start();
        StringBuffer stringBuffer = new StringBuffer("SELECT ");
        stringBuffer.append("t1.encryptedPassword, t1.salt from Password t1, ExternalUser t2 where t2.emailAddress = ? and ");
        stringBuffer.append("!t2.deleted and !t2.deactivated and t1.id = t2.password_id");
        this.preparedCredentials = stringBuffer.toString();
        StringBuffer stringBuffer2 = new StringBuffer("UPDATE ");
        stringBuffer2.append("LoginState, ExternalUser");
        stringBuffer2.append(" SET LoginState.lastLogon = CURRENT_TIMESTAMP, ");
        stringBuffer2.append("LoginState.loginMechanism = 'Password' ");
        stringBuffer2.append(" WHERE ExternalUser.emailAddress = ?");
        stringBuffer2.append(" AND LoginState.id = ExternalUser.loginstateId");
        stringBuffer2.append(" AND !ExternalUser.deleted");
        stringBuffer2.append(" AND !ExternalUser.deactivated");
        this.preparedSuccess = stringBuffer2.toString();
        StringBuffer stringBuffer3 = new StringBuffer("UPDATE ");
        stringBuffer3.append("ExternalUser");
        stringBuffer3.append(" SET lastFailedOn = CURRENT_TIMESTAMP, ");
        stringBuffer3.append("numFailedAttempts = numFailedAttempts + 1 ");
        stringBuffer3.append(" WHERE ");
        stringBuffer3.append("emailAddress");
        stringBuffer3.append(" = ?");
        stringBuffer3.append(" AND !deleted");
        stringBuffer3.append(" AND !deactivated");
        this.preparedFailure = stringBuffer3.toString();
    }
}
