package tigase.db.jdbc;

import java.io.IOException;
import java.security.NoSuchAlgorithmException;
import java.sql.Connection;
import java.sql.Date;
import java.sql.DriverManager;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
import java.util.Map;
import java.util.TreeMap;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.sasl.AuthorizeCallback;
import javax.security.sasl.RealmCallback;
import javax.security.sasl.Sasl;
import javax.security.sasl.SaslException;
import javax.security.sasl.SaslServer;
import tigase.conf.Configurable;
import tigase.db.AuthorizationException;
import tigase.db.DBInitException;
import tigase.db.TigaseDBException;
import tigase.db.UserAuthRepository;
import tigase.db.UserExistsException;
import tigase.db.UserNotFoundException;
import tigase.util.Algorithms;
import tigase.util.Base64;
import tigase.util.JIDUtils;

/* loaded from: input_file:tigase/db/jdbc/LibreSourceAuth.class */
public class LibreSourceAuth implements UserAuthRepository {
    private static final Logger log = Logger.getLogger(Configurable.LIBRESOURCE_REPO_CLASS_PROP_VAL);
    private static final String[] non_sasl_mechs = {TigaseCustomAuth.DEF_NONSASL_MECHS, "digest"};
    private static final String[] sasl_mechs = {"PLAIN", "DIGEST-MD5", "CRAM-MD5"};
    public static final String DEF_USERS_TBL = "casusers_";
    public static final String DEF_PROFILES_TBL = "profileresource_";
    private String users_tbl = DEF_USERS_TBL;
    private String profiles_tbl = DEF_PROFILES_TBL;
    private String db_conn = null;
    private Connection conn = null;
    private PreparedStatement pass_st = null;
    private PreparedStatement status_st = null;
    private PreparedStatement conn_valid_st = null;
    private PreparedStatement update_password = null;
    private PreparedStatement update_last_login_st = null;
    private PreparedStatement update_online_status = null;
    private long lastConnectionValidated = 0;
    private long connectionValidateInterval = 60000;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:tigase/db/jdbc/LibreSourceAuth$SaslCallbackHandler.class */
    public class SaslCallbackHandler implements CallbackHandler {
        private Map<String, Object> options;

        private SaslCallbackHandler(Map<String, Object> map) {
            this.options = null;
            this.options = map;
        }

        @Override // javax.security.auth.callback.CallbackHandler
        public void handle(Callback[] callbackArr) throws IOException, UnsupportedCallbackException {
            String str = null;
            for (int i = 0; i < callbackArr.length; i++) {
                if (LibreSourceAuth.log.isLoggable(Level.FINEST)) {
                    LibreSourceAuth.log.finest("Callback: " + callbackArr[i].getClass().getSimpleName());
                }
                if (callbackArr[i] instanceof RealmCallback) {
                    RealmCallback realmCallback = (RealmCallback) callbackArr[i];
                    String str2 = (String) this.options.get(UserAuthRepository.REALM_KEY);
                    if (str2 != null) {
                        realmCallback.setText(str2);
                    }
                    if (LibreSourceAuth.log.isLoggable(Level.FINEST)) {
                        LibreSourceAuth.log.finest("RealmCallback: " + str2);
                    }
                } else if (callbackArr[i] instanceof NameCallback) {
                    NameCallback nameCallback = (NameCallback) callbackArr[i];
                    String name = nameCallback.getName();
                    if (name == null) {
                        name = nameCallback.getDefaultName();
                    }
                    str = JIDUtils.getNodeID(name, (String) this.options.get(UserAuthRepository.REALM_KEY));
                    this.options.put(UserAuthRepository.USER_ID_KEY, str);
                    if (LibreSourceAuth.log.isLoggable(Level.FINEST)) {
                        LibreSourceAuth.log.finest("NameCallback: " + name);
                    }
                } else if (callbackArr[i] instanceof PasswordCallback) {
                    PasswordCallback passwordCallback = (PasswordCallback) callbackArr[i];
                    try {
                        String password = LibreSourceAuth.this.getPassword(str);
                        passwordCallback.setPassword(password.toCharArray());
                        if (LibreSourceAuth.log.isLoggable(Level.FINEST)) {
                            LibreSourceAuth.log.finest("PasswordCallback: " + password);
                        }
                    } catch (Exception e) {
                        throw new IOException("Password retrieving problem.", e);
                    }
                } else {
                    if (!(callbackArr[i] instanceof AuthorizeCallback)) {
                        throw new UnsupportedCallbackException(callbackArr[i], "Unrecognized Callback");
                    }
                    AuthorizeCallback authorizeCallback = (AuthorizeCallback) callbackArr[i];
                    String authenticationID = authorizeCallback.getAuthenticationID();
                    String authorizationID = authorizeCallback.getAuthorizationID();
                    if (LibreSourceAuth.log.isLoggable(Level.FINEST)) {
                        LibreSourceAuth.log.finest("AuthorizeCallback: authenId: " + authenticationID);
                        LibreSourceAuth.log.finest("AuthorizeCallback: authorId: " + authorizationID);
                    }
                    if (authenticationID.equals(authorizationID)) {
                        authorizeCallback.setAuthorized(true);
                    }
                }
            }
        }
    }

    private void initPreparedStatements() throws SQLException {
        this.pass_st = this.conn.prepareStatement("select passworddigest_ from " + this.users_tbl + " where username_ = ?;");
        this.status_st = this.conn.prepareStatement("select accountstatus_ from " + this.profiles_tbl + " where id_ = ?;");
        this.conn_valid_st = this.conn.prepareStatement("select 1;");
        this.update_password = this.conn.prepareStatement("update " + this.users_tbl + " set passworddigest_ = ? where username_ = ?;");
        this.update_last_login_st = this.conn.prepareStatement("update " + this.profiles_tbl + " set lastlogintime_ = ? where id_ = ?;");
        this.update_online_status = this.conn.prepareStatement("update " + this.profiles_tbl + " set onlinestatus_ = ? where id_ = ?;");
    }

    private boolean checkConnection() throws SQLException {
        try {
            synchronized (this.conn_valid_st) {
                long currentTimeMillis = System.currentTimeMillis();
                if (currentTimeMillis - this.lastConnectionValidated >= this.connectionValidateInterval) {
                    this.conn_valid_st.executeQuery();
                    this.lastConnectionValidated = currentTimeMillis;
                }
            }
            return true;
        } catch (Exception e) {
            initRepo();
            return true;
        }
    }

    private void release(Statement statement, ResultSet resultSet) {
        if (resultSet != null) {
            try {
                resultSet.close();
            } catch (SQLException e) {
            }
        }
        if (statement != null) {
            try {
                statement.close();
            } catch (SQLException e2) {
            }
        }
    }

    private void updateLastLogin(String str) throws TigaseDBException {
        try {
            synchronized (this.update_last_login_st) {
                this.update_last_login_st.setDate(1, new Date(System.currentTimeMillis()));
                this.update_last_login_st.setString(2, JIDUtils.getNodeNick(str));
                this.update_last_login_st.executeUpdate();
            }
        } catch (SQLException e) {
            throw new TigaseDBException("Error accessin repository.", e);
        }
    }

    private void updateOnlineStatus(String str, int i) throws TigaseDBException {
        try {
            synchronized (this.update_online_status) {
                this.update_online_status.setInt(1, i);
                this.update_online_status.setString(2, JIDUtils.getNodeNick(str));
                this.update_online_status.executeUpdate();
            }
        } catch (SQLException e) {
            throw new TigaseDBException("Error accessin repository.", e);
        }
    }

    private boolean isActive(String str) throws SQLException, UserNotFoundException {
        ResultSet executeQuery;
        boolean z;
        try {
            synchronized (this.status_st) {
                this.status_st.setString(1, JIDUtils.getNodeNick(str));
                executeQuery = this.status_st.executeQuery();
                if (!executeQuery.next()) {
                    throw new UserNotFoundException("User does not exist: " + str);
                }
                z = executeQuery.wasNull() || executeQuery.getInt(1) == 0;
            }
            release(null, executeQuery);
            return z;
        } catch (Throwable th) {
            release(null, null);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public String getPassword(String str) throws SQLException, UserNotFoundException {
        ResultSet executeQuery;
        String string;
        try {
            synchronized (this.pass_st) {
                this.pass_st.setString(1, JIDUtils.getNodeNick(str));
                executeQuery = this.pass_st.executeQuery();
                if (!executeQuery.next()) {
                    throw new UserNotFoundException("User does not exist: " + str);
                }
                string = executeQuery.getString(1);
            }
            release(null, executeQuery);
            return string;
        } catch (Throwable th) {
            release(null, null);
            throw th;
        }
    }

    @Override // tigase.db.UserAuthRepository
    public void queryAuth(Map<String, Object> map) {
        String str = (String) map.get(UserAuthRepository.PROTOCOL_KEY);
        if (str.equals(UserAuthRepository.PROTOCOL_VAL_NONSASL)) {
            map.put(UserAuthRepository.RESULT_KEY, non_sasl_mechs);
        }
        if (str.equals(UserAuthRepository.PROTOCOL_VAL_SASL)) {
            map.put(UserAuthRepository.RESULT_KEY, sasl_mechs);
        }
    }

    private void initRepo() throws SQLException {
        synchronized (this.db_conn) {
            this.conn = DriverManager.getConnection(this.db_conn);
            initPreparedStatements();
        }
    }

    @Override // tigase.db.UserAuthRepository
    public void initRepository(String str, Map<String, String> map) throws DBInitException {
        this.db_conn = str;
        try {
            initRepo();
        } catch (SQLException e) {
            this.conn = null;
            throw new DBInitException("Problem initializing jdbc connection: " + this.db_conn, e);
        }
    }

    @Override // tigase.db.UserAuthRepository
    public String getResourceUri() {
        return this.db_conn;
    }

    @Override // tigase.db.UserAuthRepository
    public boolean plainAuth(String str, String str2) throws UserNotFoundException, TigaseDBException, AuthorizationException {
        try {
            checkConnection();
            if (!isActive(str)) {
                throw new AuthorizationException("User account has been blocked.");
            }
            boolean equals = getPassword(str).equals(str2);
            if (equals) {
                updateLastLogin(str);
                updateOnlineStatus(str, 1);
            }
            return equals;
        } catch (SQLException e) {
            throw new TigaseDBException("Problem accessing repository.", e);
        }
    }

    @Override // tigase.db.UserAuthRepository
    public void logout(String str) throws UserNotFoundException, TigaseDBException {
        try {
            checkConnection();
            updateOnlineStatus(str, 0);
        } catch (SQLException e) {
            throw new TigaseDBException("Problem accessing repository.", e);
        }
    }

    @Override // tigase.db.UserAuthRepository
    public boolean digestAuth(String str, String str2, String str3, String str4) throws UserNotFoundException, TigaseDBException, AuthorizationException {
        try {
            checkConnection();
            if (!isActive(str)) {
                throw new AuthorizationException("User account has been blocked.");
            }
            String hexDigest = Algorithms.hexDigest(str3, getPassword(str), str4);
            if (log.isLoggable(Level.FINEST)) {
                log.finest("Comparing passwords, given: " + str2 + ", db: " + hexDigest);
            }
            return str2.equals(hexDigest);
        } catch (NoSuchAlgorithmException e) {
            throw new AuthorizationException("No such algorithm.", e);
        } catch (SQLException e2) {
            throw new TigaseDBException("Problem accessing repository.", e2);
        }
    }

    @Override // tigase.db.UserAuthRepository
    public boolean otherAuth(Map<String, Object> map) throws UserNotFoundException, TigaseDBException, AuthorizationException {
        String str = (String) map.get(UserAuthRepository.PROTOCOL_KEY);
        if (!str.equals(UserAuthRepository.PROTOCOL_VAL_SASL)) {
            throw new AuthorizationException("Protocol is not supported: " + str);
        }
        boolean saslAuth = saslAuth(map);
        if (saslAuth) {
            String str2 = (String) map.get(UserAuthRepository.USER_ID_KEY);
            updateLastLogin(str2);
            updateOnlineStatus(str2, 1);
        }
        return saslAuth;
    }

    @Override // tigase.db.UserAuthRepository
    public void addUser(String str, String str2) throws UserExistsException, TigaseDBException {
        Statement statement = null;
        try {
            try {
                checkConnection();
                statement = this.conn.createStatement();
                statement.executeUpdate("insert into " + this.users_tbl + " (username_, passworddigest_) values ('" + JIDUtils.getNodeNick(str) + "', '" + str2 + "');");
                statement.executeUpdate("insert into " + this.profiles_tbl + " (id_, accountstatus_) values ('" + JIDUtils.getNodeNick(str) + "', 0);");
                release(statement, null);
            } catch (SQLException e) {
                throw new UserExistsException("Error while adding user to repository, user exists?", e);
            }
        } catch (Throwable th) {
            release(statement, null);
            throw th;
        }
    }

    @Override // tigase.db.UserAuthRepository
    public void updatePassword(String str, String str2) throws UserExistsException, TigaseDBException {
        try {
            checkConnection();
            synchronized (this.update_password) {
                this.update_password.setString(1, str2);
                this.update_password.setString(2, JIDUtils.getNodeNick(str));
                this.update_password.executeUpdate();
            }
        } catch (SQLException e) {
            throw new TigaseDBException("Error accessin repository.", e);
        }
    }

    @Override // tigase.db.UserAuthRepository
    public void removeUser(String str) throws UserNotFoundException, TigaseDBException {
        Statement statement = null;
        try {
            try {
                checkConnection();
                statement = this.conn.createStatement();
                statement.executeUpdate("delete from " + this.users_tbl + " where (username_ = '" + JIDUtils.getNodeNick(str) + "');");
                statement.executeUpdate("delete from " + this.profiles_tbl + " where (id_ = '" + JIDUtils.getNodeNick(str) + "');");
                release(statement, null);
            } catch (SQLException e) {
                throw new UserExistsException("Error while adding user to repository, user exists?", e);
            }
        } catch (Throwable th) {
            release(statement, null);
            throw th;
        }
    }

    private boolean saslAuth(Map<String, Object> map) throws AuthorizationException {
        try {
            SaslServer saslServer = (SaslServer) map.get("SaslServer");
            if (saslServer == null) {
                TreeMap treeMap = new TreeMap();
                treeMap.put("javax.security.sasl.qop", "auth");
                saslServer = Sasl.createSaslServer((String) map.get(UserAuthRepository.MACHANISM_KEY), "xmpp", (String) map.get(UserAuthRepository.SERVER_NAME_KEY), treeMap, new SaslCallbackHandler(map));
                map.put("SaslServer", saslServer);
            }
            String str = (String) map.get("data");
            byte[] evaluateResponse = saslServer.evaluateResponse(str != null ? Base64.decode(str) : new byte[0]);
            if (log.isLoggable(Level.FINEST)) {
                log.finest("challenge: " + (evaluateResponse != null ? new String(evaluateResponse) : "null"));
            }
            map.put(UserAuthRepository.RESULT_KEY, (evaluateResponse == null || evaluateResponse.length <= 0) ? null : Base64.encode(evaluateResponse));
            return saslServer.isComplete();
        } catch (SaslException e) {
            throw new AuthorizationException("Sasl exception.", e);
        }
    }

    @Override // tigase.db.UserAuthRepository
    public long getUsersCount() {
        return 0L;
    }

    @Override // tigase.db.UserAuthRepository
    public long getUsersCount(String str) {
        return 0L;
    }
}
