package org.geoserver.security.jdbc;

import java.io.IOException;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.SQLException;
import java.sql.SQLInvalidAuthorizationSpecException;
import java.util.HashSet;
import javax.servlet.http.HttpServletRequest;
import org.geoserver.security.GeoServerAuthenticationProvider;
import org.geoserver.security.config.SecurityNamedServiceConfig;
import org.geoserver.security.impl.GeoServerRole;
import org.geoserver.security.impl.GeoServerUser;
import org.geoserver.security.impl.RoleCalculator;
import org.geoserver.security.jdbc.config.JDBCConnectAuthProviderConfig;
import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.DisabledException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UsernameNotFoundException;

/* loaded from: input_file:org/geoserver/security/jdbc/JDBCConnectAuthProvider.class */
public class JDBCConnectAuthProvider extends GeoServerAuthenticationProvider {
    protected String connectUrl;
    protected String driverClassName;
    protected String userGroupServiceName;

    public boolean supports(Class<? extends Object> cls, HttpServletRequest httpServletRequest) {
        return UsernamePasswordAuthenticationToken.class.isAssignableFrom(cls);
    }

    public Authentication authenticate(Authentication authentication, HttpServletRequest httpServletRequest) throws AuthenticationException {
        UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = (UsernamePasswordAuthenticationToken) authentication;
        if (usernamePasswordAuthenticationToken.getPrincipal() == null || usernamePasswordAuthenticationToken.getPrincipal().toString().isEmpty()) {
            return null;
        }
        String obj = usernamePasswordAuthenticationToken.getPrincipal().toString();
        String obj2 = usernamePasswordAuthenticationToken.getCredentials() == null ? "" : usernamePasswordAuthenticationToken.getCredentials().toString();
        UserDetails userDetails = null;
        if (this.userGroupServiceName != null) {
            try {
                userDetails = getSecurityManager().loadUserGroupService(this.userGroupServiceName).loadUserByUsername(obj);
                if (!userDetails.isEnabled()) {
                    log(new DisabledException("User " + obj + " is disabled"));
                    return null;
                }
            } catch (UsernameNotFoundException e) {
                log(e);
            } catch (IOException e2) {
                log(new AuthenticationServiceException(e2.getLocalizedMessage(), e2));
                return null;
            } catch (AuthenticationException e3) {
                log(e3);
                return null;
            }
        }
        Connection connection = null;
        try {
            try {
                try {
                    connection = DriverManager.getConnection(this.connectUrl, obj, obj2);
                    if (connection != null) {
                        try {
                            connection.close();
                        } catch (SQLException e4) {
                        }
                    }
                    HashSet hashSet = new HashSet();
                    if (userDetails != null) {
                        hashSet.addAll(userDetails.getAuthorities());
                    } else {
                        try {
                            hashSet.addAll(new RoleCalculator(getSecurityManager().getActiveRoleService()).calculateRoles(new GeoServerUser(obj)));
                        } catch (IOException e5) {
                            throw new AuthenticationServiceException(e5.getLocalizedMessage(), e5);
                        }
                    }
                    hashSet.add(GeoServerRole.AUTHENTICATED_ROLE);
                    UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken2 = new UsernamePasswordAuthenticationToken(authentication.getPrincipal(), (Object) null, hashSet);
                    usernamePasswordAuthenticationToken2.setDetails(authentication.getDetails());
                    return usernamePasswordAuthenticationToken2;
                } catch (SQLInvalidAuthorizationSpecException e6) {
                    log(new BadCredentialsException("Bad credentials for " + obj, e6));
                    if (connection == null) {
                        return null;
                    }
                    try {
                        connection.close();
                        return null;
                    } catch (SQLException e7) {
                        return null;
                    }
                }
            } catch (SQLException e8) {
                log(new AuthenticationServiceException("JDBC connect error", e8));
                if (connection == null) {
                    return null;
                }
                try {
                    connection.close();
                    return null;
                } catch (SQLException e9) {
                    return null;
                }
            }
        } catch (Throwable th) {
            if (connection != null) {
                try {
                    connection.close();
                } catch (SQLException e10) {
                }
            }
            throw th;
        }
    }

    public void initializeFromConfig(SecurityNamedServiceConfig securityNamedServiceConfig) throws IOException {
        super.initializeFromConfig(securityNamedServiceConfig);
        JDBCConnectAuthProviderConfig jDBCConnectAuthProviderConfig = (JDBCConnectAuthProviderConfig) securityNamedServiceConfig;
        this.userGroupServiceName = jDBCConnectAuthProviderConfig.getUserGroupServiceName();
        this.connectUrl = jDBCConnectAuthProviderConfig.getConnectURL();
        this.driverClassName = jDBCConnectAuthProviderConfig.getDriverClassName();
        try {
            Class.forName(this.driverClassName);
        } catch (ClassNotFoundException e) {
            throw new IOException(e);
        }
    }
}
