package org.mortbay.jaas.spi;

import java.io.IOException;
import java.security.Principal;
import java.security.acl.Group;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.Map;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.mortbay.jaas.JAASGroup;
import org.mortbay.jaas.JAASPrincipal;
import org.mortbay.jaas.JAASRole;
import org.mortbay.jaas.callback.ObjectCallback;
import org.mortbay.util.Credential;
import org.mortbay.util.Loader;

/* loaded from: input_file:org/mortbay/jaas/spi/JDBCLoginModule.class */
public class JDBCLoginModule implements LoginModule {
    private static Log log;
    private CallbackHandler callbackHandler = null;
    private boolean authState = false;
    private boolean commitState = false;
    private Subject subject = null;
    private Principal principal = null;
    private Credential credential = null;
    private Group roleGroup = null;
    private String dbCredential = null;
    private String dbDriver;
    private String dbUrl;
    private String dbUserName;
    private String dbPassword;
    private String userQuery;
    private String rolesQuery;
    static Class class$org$mortbay$jaas$spi$JDBCLoginModule;

    public boolean abort() throws LoginException {
        this.principal = null;
        this.credential = null;
        this.roleGroup = null;
        this.dbCredential = null;
        return this.authState && this.commitState;
    }

    public boolean commit() throws LoginException {
        if (this.authState) {
            this.subject.getPrincipals().add(this.principal);
            this.subject.getPrivateCredentials().add(this.credential);
            this.subject.getPrincipals().add(this.roleGroup);
            this.commitState = true;
            this.dbCredential = null;
            return true;
        }
        this.principal = null;
        this.credential = null;
        this.roleGroup = null;
        this.commitState = false;
        this.dbCredential = null;
        return this.authState;
    }

    public boolean login() throws LoginException {
        if (this.callbackHandler == null) {
            throw new LoginException("No callback handler");
        }
        NameCallback[] nameCallbackArr = {new NameCallback("Enter user name"), new ObjectCallback()};
        try {
            this.callbackHandler.handle(nameCallbackArr);
            String name = nameCallbackArr[0].getName();
            Object object = ((ObjectCallback) nameCallbackArr[1]).getObject();
            if (name == null) {
                this.authState = false;
                return this.authState;
            }
            if (object == null) {
                this.authState = false;
                return this.authState;
            }
            loadUser(name);
            this.principal = new JAASPrincipal(name);
            if (this.dbCredential == null) {
                this.authState = false;
                return this.authState;
            }
            this.credential = Credential.getCredential(this.dbCredential);
            this.authState = this.credential.check(object);
            return this.authState;
        } catch (IOException e) {
            throw new LoginException(e.toString());
        } catch (SQLException e2) {
            throw new LoginException(e2.toString());
        } catch (UnsupportedCallbackException e3) {
            throw new LoginException(e3.toString());
        }
    }

    public boolean logout() throws LoginException {
        this.subject.getPrincipals().remove(this.principal);
        this.subject.getPrivateCredentials().remove(this.credential);
        this.subject.getPrincipals().remove(this.roleGroup);
        return true;
    }

    public void initialize(Subject subject, CallbackHandler callbackHandler, Map map, Map map2) {
        try {
            this.dbDriver = (String) map2.get("dbDriver");
            this.dbUrl = (String) map2.get("dbUrl");
            this.dbUserName = (String) map2.get("dbUserName");
            this.dbPassword = (String) map2.get("dbPassword");
            if (this.dbUserName == null) {
                this.dbUserName = "";
            }
            if (this.dbPassword == null) {
                this.dbPassword = "";
            }
            if (this.dbDriver != null) {
                Loader.loadClass(getClass(), this.dbDriver).newInstance();
            }
            String str = (String) map2.get("userTable");
            this.userQuery = new StringBuffer().append("select ").append((String) map2.get("credentialField")).append(" from ").append(str).append(" where ").append((String) map2.get("userField")).append("=?").toString();
            String str2 = (String) map2.get("userRoleTable");
            this.rolesQuery = new StringBuffer().append("select ").append((String) map2.get("userRoleRoleField")).append(" from ").append(str2).append(" where ").append((String) map2.get("userRoleUserField")).append("=?").toString();
            if (log.isDebugEnabled()) {
                log.debug(new StringBuffer().append("userQuery = ").append(this.userQuery).toString());
            }
            if (log.isDebugEnabled()) {
                log.debug(new StringBuffer().append("rolesQuery = ").append(this.rolesQuery).toString());
            }
            this.subject = subject;
            this.callbackHandler = callbackHandler;
        } catch (ClassNotFoundException e) {
            throw new IllegalStateException(e.toString());
        } catch (IllegalAccessException e2) {
            throw new IllegalStateException(e2.toString());
        } catch (InstantiationException e3) {
            throw new IllegalStateException(e3.toString());
        }
    }

    public void loadUser(String str) throws SQLException {
        Connection connection = null;
        try {
            if (this.dbDriver == null || this.dbUrl == null) {
                throw new IllegalStateException("Database connection information not configured");
            }
            if (log.isDebugEnabled()) {
                log.debug(new StringBuffer().append("Connecting using dbDriver=").append(this.dbDriver).append("+ dbUserName=").append(this.dbUserName).append(", dbPassword=").append(this.dbUrl).toString());
            }
            Connection connection2 = DriverManager.getConnection(this.dbUrl, this.dbUserName, this.dbPassword);
            PreparedStatement prepareStatement = connection2.prepareStatement(this.userQuery);
            prepareStatement.setString(1, str);
            ResultSet executeQuery = prepareStatement.executeQuery();
            if (executeQuery.next()) {
                this.dbCredential = executeQuery.getString(1);
            }
            executeQuery.close();
            prepareStatement.close();
            PreparedStatement prepareStatement2 = connection2.prepareStatement(this.rolesQuery);
            prepareStatement2.setString(1, str);
            ResultSet executeQuery2 = prepareStatement2.executeQuery();
            this.roleGroup = new JAASGroup(JAASGroup.ROLES);
            while (executeQuery2.next()) {
                this.roleGroup.addMember(new JAASRole(executeQuery2.getString(1)));
            }
            executeQuery2.close();
            prepareStatement2.close();
            connection2.close();
        } catch (Throwable th) {
            connection.close();
            throw th;
        }
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$org$mortbay$jaas$spi$JDBCLoginModule == null) {
            cls = class$("org.mortbay.jaas.spi.JDBCLoginModule");
            class$org$mortbay$jaas$spi$JDBCLoginModule = cls;
        } else {
            cls = class$org$mortbay$jaas$spi$JDBCLoginModule;
        }
        log = LogFactory.getLog(cls);
    }
}
