package com.ebmwebsourcing.webcommons.user.auth;

import com.ebmwebsourcing.webcommons.user.api.service.UserException;
import com.ebmwebsourcing.webcommons.user.api.to.RoleTO;
import com.ebmwebsourcing.webcommons.user.api.to.UserTO;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;
import org.apache.log4j.Logger;

/* loaded from: input_file:com/ebmwebsourcing/webcommons/user/auth/JDBCLoginModule.class */
public class JDBCLoginModule implements LoginModule {
    private String jdbcURL;
    private String jdbcDriver;
    private String requestUser;
    private String requestRole;
    private String userDb;
    private String passDb;
    private UserTO user;
    private List<RoleTO> roles;
    private final Logger logger = Logger.getLogger(getClass());
    private boolean success = false;
    private CallbackHandler callbackHandler = null;
    private Subject subject = null;
    private boolean commited = false;

    public boolean abort() throws LoginException {
        if (!this.success) {
            return false;
        }
        if (!this.success || this.commited) {
            logout();
            return true;
        }
        reset();
        return true;
    }

    public boolean commit() throws LoginException {
        if (!this.success) {
            return false;
        }
        if (!this.subject.getPrincipals().contains(this.user)) {
            this.subject.getPrincipals().add(this.user);
        }
        if (!this.subject.getPrincipals().contains(this.roles)) {
            this.subject.getPrincipals().addAll(this.roles);
        }
        this.commited = true;
        return true;
    }

    public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> map, Map<String, ?> map2) {
        this.subject = subject;
        this.callbackHandler = callbackHandler;
        this.jdbcURL = (String) map2.get("url");
        this.jdbcDriver = (String) map2.get("driver");
        this.requestUser = (String) map2.get("requestUser");
        this.requestRole = (String) map2.get("requestRole");
        this.userDb = (String) map2.get("userDb");
        this.passDb = (String) map2.get("passDb");
    }

    public boolean login() throws LoginException {
        if (this.callbackHandler == null) {
            throw new LoginException("Erreur : pas de callback");
        }
        NameCallback[] nameCallbackArr = {new NameCallback("Name : "), new PasswordCallback("Password :", false)};
        try {
            this.callbackHandler.handle(nameCallbackArr);
            String name = nameCallbackArr[0].getName();
            char[] password = ((PasswordCallback) nameCallbackArr[1]).getPassword();
            char[] cArr = new char[password.length];
            System.arraycopy(password, 0, cArr, 0, password.length);
            String str = new String(cArr);
            ((PasswordCallback) nameCallbackArr[1]).clearPassword();
            this.success = rdbValidate(name, str);
            nameCallbackArr[0] = null;
            nameCallbackArr[1] = null;
            if (!this.success) {
                throw new LoginException("Authentification incorrecte !");
            }
            System.out.println("Vous êtes maintenant connecté");
            return this.success;
        } catch (Exception e) {
            e.printStackTrace();
            return false;
        }
    }

    public boolean logout() throws LoginException {
        Iterator<Principal> it = this.subject.getPrincipals().iterator();
        while (it.hasNext()) {
            if (it.next() instanceof UserTO) {
                this.subject.getPrincipals().remove(it);
            }
        }
        return true;
    }

    private boolean rdbValidate(String str, String str2) throws UserException {
        boolean z = false;
        try {
            Class.forName(this.jdbcDriver);
        } catch (ClassNotFoundException e) {
            this.logger.info(e);
        }
        try {
            String str3 = this.requestUser + "'" + str + "'";
            Connection connection = DriverManager.getConnection(this.jdbcURL, this.userDb, this.passDb);
            Statement createStatement = connection.createStatement();
            ResultSet executeQuery = createStatement.executeQuery(str3);
            String str4 = null;
            String str5 = null;
            while (executeQuery.next()) {
                str4 = executeQuery.getString(2);
                str5 = executeQuery.getString(1);
            }
            if (str4 == null) {
                this.logger.info("The user name or the password isn't correct");
            }
            z = passwordCrypting(str2).equals(str4);
            executeQuery.close();
            this.user = new UserTO();
            this.user.setName(str5);
            this.user.setPassword(str4);
            ResultSet executeQuery2 = createStatement.executeQuery(this.requestRole + "'" + str5 + "'");
            this.roles = new ArrayList();
            RoleTO roleTO = new RoleTO();
            roleTO.setName("ROLE_AUTH");
            this.roles.add(roleTO);
            while (executeQuery2.next()) {
                String string = executeQuery2.getString(1);
                RoleTO roleTO2 = new RoleTO();
                roleTO2.setName("ROLE_" + string);
                this.roles.add(roleTO2);
            }
            executeQuery2.close();
            createStatement.close();
            connection.close();
        } catch (SQLException e2) {
            this.logger.info(e2);
        }
        return z;
    }

    private void reset() {
        this.success = false;
        this.callbackHandler = null;
        this.subject = null;
        this.commited = false;
    }

    private String passwordCrypting(String str) {
        try {
            byte[] digest = MessageDigest.getInstance("MD5").digest(str.getBytes());
            StringBuilder sb = new StringBuilder();
            for (byte b : digest) {
                String hexString = Integer.toHexString(b);
                if (hexString.length() == 1) {
                    sb.append('0');
                    sb.append(hexString.charAt(hexString.length() - 1));
                } else {
                    sb.append(hexString.substring(hexString.length() - 2));
                }
            }
            return sb.toString();
        } catch (NoSuchAlgorithmException e) {
            throw new Error("No MD5 support in this VM.");
        }
    }
}
