package com.acciente.oacc.sql.internal;

import com.acciente.oacc.AuthenticationProvider;
import com.acciente.oacc.Credentials;
import com.acciente.oacc.IncorrectCredentialsException;
import com.acciente.oacc.InvalidCredentialsException;
import com.acciente.oacc.PasswordCredentials;
import com.acciente.oacc.Resource;
import com.acciente.oacc.UnsupportedCredentialsException;
import com.acciente.oacc.sql.SQLDialect;
import com.acciente.oacc.sql.internal.persister.ResourcePasswordPersister;
import com.acciente.oacc.sql.internal.persister.SQLConnection;
import com.acciente.oacc.sql.internal.persister.SQLPasswordStrings;
import java.io.IOException;
import java.io.ObjectInputStream;
import java.io.Serializable;
import java.sql.Connection;
import java.sql.SQLException;
import javax.sql.DataSource;

/* loaded from: input_file:com/acciente/oacc/sql/internal/SQLPasswordAuthenticationProvider.class */
public class SQLPasswordAuthenticationProvider implements AuthenticationProvider, Serializable {
    private static final long serialVersionUID = 1;
    private transient DataSource dataSource;
    private transient Connection connection;
    private transient CleanablePasswordEncryptor passwordEncryptor;
    private final ResourcePasswordPersister resourcePasswordPersister;

    /* JADX INFO: Access modifiers changed from: protected */
    public SQLPasswordAuthenticationProvider(Connection connection, String str, SQLDialect sQLDialect) {
        this(str, sQLDialect);
        this.connection = connection;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public SQLPasswordAuthenticationProvider(DataSource dataSource, String str, SQLDialect sQLDialect) {
        this(str, sQLDialect);
        this.dataSource = dataSource;
    }

    private SQLPasswordAuthenticationProvider(String str, SQLDialect sQLDialect) {
        this.passwordEncryptor = new StrongCleanablePasswordEncryptor();
        this.resourcePasswordPersister = new ResourcePasswordPersister(SQLPasswordStrings.getSQLPasswordStrings(str));
    }

    @Deprecated
    protected void preSerialize() {
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void postDeserialize(DataSource dataSource) {
        if (this.dataSource != null || this.connection != null) {
            throw new IllegalStateException("Cannot re-initialize an already initialized SQLPasswordAuthenticationProvider");
        }
        this.dataSource = dataSource;
        this.connection = null;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void postDeserialize(Connection connection) {
        if (this.dataSource != null || this.connection != null) {
            throw new IllegalStateException("Cannot re-initialize an already initialized SQLPasswordAuthenticationProvider");
        }
        this.dataSource = null;
        this.connection = connection;
    }

    private void readObject(ObjectInputStream objectInputStream) throws ClassNotFoundException, IOException {
        objectInputStream.defaultReadObject();
        this.passwordEncryptor = new StrongCleanablePasswordEncryptor();
    }

    @Override // com.acciente.oacc.AuthenticationProvider
    public void authenticate(Resource resource, Credentials credentials) {
        assertCredentialSpecified(credentials);
        assertSupportedCredentials(credentials);
        PasswordCredentials passwordCredentials = (PasswordCredentials) credentials;
        if (passwordCredentials.getPassword() == null) {
            throw new InvalidCredentialsException("Password required, none specified");
        }
        SQLConnection sQLConnection = null;
        try {
            sQLConnection = getConnection();
            __authenticate(sQLConnection, resource, passwordCredentials.getPassword());
            closeConnection(sQLConnection);
        } catch (Throwable th) {
            closeConnection(sQLConnection);
            throw th;
        }
    }

    @Override // com.acciente.oacc.AuthenticationProvider
    public void authenticate(Resource resource) {
        throw new UnsupportedOperationException("The built-in password authentication provider does not support authentication without credentials");
    }

    private void __authenticate(SQLConnection sQLConnection, Resource resource, char[] cArr) {
        String encryptedBoundPasswordByResourceId = this.resourcePasswordPersister.getEncryptedBoundPasswordByResourceId(sQLConnection, resource);
        char[] cArr2 = null;
        try {
            cArr2 = PasswordUtils.computeBoundPassword(resource, cArr);
            if (!this.passwordEncryptor.checkPassword(cArr2, encryptedBoundPasswordByResourceId)) {
                throw new IncorrectCredentialsException("Invalid password for resource " + resource);
            }
            PasswordUtils.cleanPassword(cArr2);
        } catch (Throwable th) {
            PasswordUtils.cleanPassword(cArr2);
            throw th;
        }
    }

    @Override // com.acciente.oacc.AuthenticationProvider
    public void validateCredentials(String str, String str2, Credentials credentials) {
        if (credentials == null) {
            throw new InvalidCredentialsException("Credentials required, none specified");
        }
        assertSupportedCredentials(credentials);
        char[] password = ((PasswordCredentials) credentials).getPassword();
        if (password == null) {
            throw new InvalidCredentialsException("Password required, none specified");
        }
        if (password.length == 0) {
            throw new InvalidCredentialsException("Password cannot be zero length");
        }
        if (isBlank(password)) {
            throw new InvalidCredentialsException("Password cannot be blank");
        }
    }

    @Override // com.acciente.oacc.AuthenticationProvider
    public void setCredentials(Resource resource, Credentials credentials) {
        assertCredentialSpecified(credentials);
        assertSupportedCredentials(credentials);
        PasswordCredentials passwordCredentials = (PasswordCredentials) credentials;
        SQLConnection sQLConnection = null;
        try {
            sQLConnection = getConnection();
            __setResourcePassword(sQLConnection, resource, passwordCredentials.getPassword());
            closeConnection(sQLConnection);
        } catch (Throwable th) {
            closeConnection(sQLConnection);
            throw th;
        }
    }

    @Override // com.acciente.oacc.AuthenticationProvider
    public void deleteCredentials(Resource resource) {
        SQLConnection sQLConnection = null;
        try {
            sQLConnection = getConnection();
            this.resourcePasswordPersister.removeEncryptedBoundPasswordByResourceId(sQLConnection, resource);
            closeConnection(sQLConnection);
        } catch (Throwable th) {
            closeConnection(sQLConnection);
            throw th;
        }
    }

    private void __setResourcePassword(SQLConnection sQLConnection, Resource resource, char[] cArr) {
        char[] cArr2 = null;
        try {
            cArr2 = PasswordUtils.computeBoundPassword(resource, cArr);
            this.resourcePasswordPersister.setEncryptedBoundPasswordByResourceId(sQLConnection, resource, this.passwordEncryptor.encryptPassword(cArr2));
            PasswordUtils.cleanPassword(cArr2);
        } catch (Throwable th) {
            PasswordUtils.cleanPassword(cArr2);
            throw th;
        }
    }

    private void assertCredentialSpecified(Credentials credentials) {
        if (credentials == null) {
            throw new NullPointerException("Credentials required, none specified");
        }
    }

    private void assertSupportedCredentials(Credentials credentials) {
        if (!(credentials instanceof PasswordCredentials)) {
            throw new UnsupportedCredentialsException(credentials.getClass());
        }
    }

    private boolean isBlank(char[] cArr) {
        for (char c : cArr) {
            if (!Character.isWhitespace(c)) {
                return false;
            }
        }
        return true;
    }

    private SQLConnection getConnection() {
        if (this.dataSource != null) {
            try {
                return new SQLConnection(this.dataSource.getConnection());
            } catch (SQLException e) {
                throw new RuntimeException(e);
            }
        }
        if (this.connection != null) {
            return new SQLConnection(this.connection);
        }
        throw new IllegalStateException("Not initialized! No data source or connection - don't forget to re-initialize after deserialization!");
    }

    private void closeConnection(SQLConnection sQLConnection) {
        if (this.dataSource == null || sQLConnection == null) {
            return;
        }
        try {
            sQLConnection.close();
        } catch (SQLException e) {
            throw new RuntimeException(e);
        }
    }
}
