package org.apache.geronimo.security.realm.providers;

import java.io.IOException;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.FailedLoginException;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;
import javax.sql.DataSource;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.geronimo.gbean.AbstractName;
import org.apache.geronimo.gbean.AbstractNameQuery;
import org.apache.geronimo.kernel.GBeanNotFoundException;
import org.apache.geronimo.kernel.Kernel;
import org.apache.geronimo.kernel.KernelRegistry;
import org.apache.geronimo.kernel.NoSuchOperationException;
import org.apache.geronimo.kernel.repository.Artifact;
import org.apache.geronimo.security.jaas.JaasLoginModuleUse;
import org.apache.geronimo.security.jaas.WrappingLoginModule;

/* loaded from: input_file:org/apache/geronimo/security/realm/providers/GenericHttpHeaderSqlLoginmodule.class */
public class GenericHttpHeaderSqlLoginmodule extends GenericHttpHeaderLoginmodule implements LoginModule {
    private static final String GROUP_SELECT = "groupSelect";
    private static final String USER = "jdbcUser";
    private static final String DATABASE_POOL_NAME = "dataSourceName";
    private static final String DATABASE_POOL_APP_NAME = "dataSourceApplication";
    private String groupSelect;
    private DataSource dataSource;
    private static Log log = LogFactory.getLog(GenericHttpHeaderSqlLoginmodule.class);
    private static final String HEADER_NAMES = "headerNames";
    private static final String AUTHENTICATION_AUTHORITY = "authenticationAuthority";
    private static final List<String> supportedOptions = Collections.unmodifiableList(Arrays.asList("groupSelect", "jdbcUser", "dataSourceName", "dataSourceApplication", HEADER_NAMES, AUTHENTICATION_AUTHORITY));

    public boolean abort() throws LoginException {
        if (this.loginSucceeded) {
            this.username = null;
            this.groups.clear();
            this.allPrincipals.clear();
        }
        return this.loginSucceeded;
    }

    public boolean commit() throws LoginException {
        if (this.loginSucceeded && this.username != null) {
            super.commitHelper();
        }
        this.username = null;
        this.groups.clear();
        return this.loginSucceeded;
    }

    public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> map, Map<String, ?> map2) {
        this.subject = subject;
        this.callbackHandler = callbackHandler;
        for (String str : map2.keySet()) {
            if (!supportedOptions.contains(str) && !JaasLoginModuleUse.supportedOptions.contains(str) && !WrappingLoginModule.supportedOptions.contains(str)) {
                log.warn("Ignoring option: " + ((Object) str) + ". Not supported.");
            }
        }
        this.headerNames = (String) map2.get(HEADER_NAMES);
        this.authenticationAuthority = (String) map2.get(AUTHENTICATION_AUTHORITY);
        this.groupSelect = (String) map2.get("groupSelect");
        String str2 = (String) map2.get("dataSourceName");
        if (str2 != null) {
            String trim = str2.trim();
            String str3 = (String) map2.get("dataSourceApplication");
            String trim2 = (str3 == null || str3.trim().equals("")) ? "null" : str3.trim();
            Kernel kernel = KernelRegistry.getKernel((String) map2.get(JaasLoginModuleUse.KERNEL_NAME_LM_OPTION));
            HashMap hashMap = new HashMap();
            hashMap.put("name", trim);
            hashMap.put("J2EEApplication", trim2);
            hashMap.put("j2eeType", "JCAConnectionManager");
            Iterator it = kernel.listGBeans(new AbstractNameQuery((Artifact) null, hashMap)).iterator();
            while (it.hasNext()) {
                try {
                    this.dataSource = (DataSource) kernel.invoke((AbstractName) it.next(), "createConnectionFactory");
                    return;
                } catch (NoSuchOperationException e) {
                } catch (GBeanNotFoundException e2) {
                } catch (Exception e3) {
                }
            }
        }
    }

    public boolean login() throws LoginException {
        this.loginSucceeded = false;
        ResultSet resultSet = null;
        PreparedStatement preparedStatement = null;
        Callback[] callbackArr = {new RequestCallback()};
        try {
            this.callbackHandler.handle(callbackArr);
            this.httpRequest = ((RequestCallback) callbackArr[0]).getRequest();
            try {
                Map<String, String> matchHeaders = matchHeaders(this.httpRequest, this.headerNames.split(","));
                if (matchHeaders.isEmpty()) {
                    throw new FailedLoginException();
                }
                if (this.authenticationAuthority.equalsIgnoreCase("Siteminder")) {
                    this.username = new SiteminderHeaderHandler().getUser(matchHeaders);
                } else if (this.authenticationAuthority.equalsIgnoreCase("Datapower")) {
                }
                if (this.username == null || this.username.equals("")) {
                    this.username = null;
                    throw new FailedLoginException();
                }
                if (this.dataSource != null) {
                    try {
                        Connection connection = this.dataSource.getConnection();
                        try {
                            PreparedStatement prepareStatement = connection.prepareStatement(this.groupSelect);
                            int countParameters = countParameters(this.groupSelect);
                            for (int i = 0; i < countParameters; i++) {
                                prepareStatement.setObject(i + 1, this.username);
                            }
                            ResultSet executeQuery = prepareStatement.executeQuery();
                            while (executeQuery.next()) {
                                String string = executeQuery.getString(1);
                                String string2 = executeQuery.getString(2);
                                if (string.equals(this.username)) {
                                    this.groups.add(string2);
                                }
                            }
                            if (this.groups.isEmpty()) {
                                log.error("No roles associated with user " + this.username);
                                this.loginSucceeded = false;
                                throw new FailedLoginException();
                            }
                            this.loginSucceeded = true;
                            executeQuery.close();
                            prepareStatement.close();
                            connection.close();
                        } catch (Throwable th) {
                            resultSet.close();
                            preparedStatement.close();
                            connection.close();
                            throw th;
                        }
                    } catch (SQLException e) {
                        this.username = null;
                        this.groups.clear();
                        throw ((LoginException) new LoginException("SQL error").initCause(e));
                    } catch (LoginException e2) {
                        this.username = null;
                        this.groups.clear();
                        throw e2;
                    } catch (Exception e3) {
                        this.username = null;
                        this.groups.clear();
                        throw ((LoginException) new LoginException("Could not access datasource").initCause(e3));
                    }
                }
                return this.loginSucceeded;
            } catch (HeaderMismatchException e4) {
                throw ((LoginException) new LoginException("Header Mistmatch error").initCause(e4));
            }
        } catch (IOException e5) {
            throw ((LoginException) new LoginException().initCause(e5));
        } catch (UnsupportedCallbackException e6) {
            throw ((LoginException) new LoginException().initCause(e6));
        }
    }

    public boolean logout() throws LoginException {
        this.loginSucceeded = false;
        this.username = null;
        this.groups.clear();
        if (!this.subject.isReadOnly()) {
            this.subject.getPrincipals().removeAll(this.allPrincipals);
        }
        this.allPrincipals.clear();
        return true;
    }

    private static int countParameters(String str) {
        int i = 0;
        int i2 = -1;
        while (true) {
            int indexOf = str.indexOf(63, i2 + 1);
            i2 = indexOf;
            if (indexOf == -1) {
                return i;
            }
            i++;
        }
    }
}
