package org.apache.tomcat.request;

import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.Hashtable;
import java.util.Vector;
import org.apache.tomcat.core.BaseInterceptor;
import org.apache.tomcat.core.Context;
import org.apache.tomcat.core.ContextManager;
import org.apache.tomcat.core.Request;
import org.apache.tomcat.core.Response;
import org.apache.tomcat.core.TomcatException;
import org.apache.tomcat.util.SecurityTools;
import org.apache.tomcat.util.StringManager;

/* loaded from: input_file:org/apache/tomcat/request/JDBCRealm.class */
public class JDBCRealm extends BaseInterceptor {
    ContextManager cm;
    int reqRolesNote;
    private static StringManager sm = StringManager.getManager("org.apache.tomcat.request");
    private Connection dbConnection = null;
    private PreparedStatement preparedAuthenticate = null;
    private PreparedStatement preparedRoles = null;
    private String connectionURL = null;
    private String connectionName = null;
    private String connectionPassword = null;
    private String userTable = null;
    private String userNameCol = null;
    private String userCredCol = null;
    private String userRoleTable = null;
    private String roleNameCol = null;
    private String driverName = null;
    private boolean started = false;

    public synchronized boolean authenticate(String str, String str2) {
        try {
            if (this.dbConnection == null || this.dbConnection.isClosed()) {
                log(sm.getString("jdbcRealm.authDBClosed"));
                this.dbConnection = DriverManager.getConnection(this.connectionURL);
                if (this.dbConnection == null || this.dbConnection.isClosed()) {
                    log(sm.getString("jdbcRealm.authDBReOpenFail"));
                    return false;
                }
                this.dbConnection.setReadOnly(true);
            }
            if (this.preparedAuthenticate == null) {
                String stringBuffer = new StringBuffer("SELECT ").append(this.userCredCol).append(" FROM ").append(this.userTable).append(" WHERE ").append(this.userNameCol).append(" = ?").toString();
                if (this.debug >= 1) {
                    log(new StringBuffer("JDBCRealm.authenticate: ").append(stringBuffer).toString());
                }
                this.preparedAuthenticate = this.dbConnection.prepareStatement(stringBuffer);
            }
            this.preparedAuthenticate.setString(1, str);
            ResultSet executeQuery = this.preparedAuthenticate.executeQuery();
            if (executeQuery.next() && str2.equals(executeQuery.getString(1))) {
                if (this.debug < 2) {
                    return true;
                }
                log(sm.getString("jdbcRealm.authenticateSuccess", str));
                return true;
            }
            executeQuery.close();
            if (this.debug < 2) {
                return false;
            }
            log(sm.getString("jdbcRealm.authenticateFailure", str));
            return false;
        } catch (SQLException e) {
            log(sm.getString("jdbcRealm.authenticateSQLException", str));
            log(new StringBuffer("SQLException: ").append(e).toString());
            if (this.preparedAuthenticate != null) {
                try {
                    this.preparedAuthenticate.close();
                } catch (Throwable unused) {
                }
                this.preparedAuthenticate = null;
            }
            if (this.dbConnection == null) {
                return false;
            }
            try {
                this.dbConnection.close();
            } catch (Throwable unused2) {
            }
            this.dbConnection = null;
            return false;
        }
    }

    @Override // org.apache.tomcat.core.BaseInterceptor, org.apache.tomcat.core.RequestInterceptor
    public int authenticate(Request request, Response response) {
        Hashtable hashtable = new Hashtable();
        SecurityTools.credentials(request, hashtable);
        String str = (String) hashtable.get("username");
        if (!authenticate(str, (String) hashtable.get("password"))) {
            return 0;
        }
        if (this.debug > 0) {
            log(new StringBuffer("Auth ok, user=").append(str).toString());
        }
        request.setRemoteUser(str);
        Context context = request.getContext();
        if (context == null) {
            return 0;
        }
        request.setAuthType(context.getAuthMethod());
        return 0;
    }

    @Override // org.apache.tomcat.core.BaseInterceptor, org.apache.tomcat.core.RequestInterceptor
    public int authorize(Request request, Response response, String[] strArr) {
        if (strArr == null) {
            return 0;
        }
        request.getContext();
        String remoteUser = request.getRemoteUser();
        if (remoteUser == null) {
            return 401;
        }
        if (this.debug > 0) {
            log(new StringBuffer("Controled access for ").append(remoteUser).append(" ").append(request).append(" ").append(request.getContainer()).toString());
        }
        String[] userRoles = getUserRoles(remoteUser);
        request.setUserRoles(userRoles);
        if (this.debug > 0) {
            if (userRoles == null || userRoles.length <= 0) {
                log("Auth ok, user has no roles");
            } else {
                log(new StringBuffer("Auth ok, first role=").append(userRoles[0]).toString());
            }
        }
        if (SecurityTools.haveRole(userRoles, strArr)) {
            return 0;
        }
        if (this.debug <= 0) {
            return 401;
        }
        if (strArr == null || strArr.length <= 0) {
            log("UnAuthorized - no roles specified");
            return 401;
        }
        log(new StringBuffer("UnAuthorized ").append(strArr[0]).toString());
        return 401;
    }

    @Override // org.apache.tomcat.core.BaseInterceptor, org.apache.tomcat.core.ContextInterceptor
    public void contextInit(Context context) throws TomcatException {
        if (this.started) {
            return;
        }
        this.started = true;
        try {
            Class.forName(this.driverName);
            if ((this.connectionName == null || this.connectionName.equals("")) && (this.connectionPassword == null || this.connectionPassword.equals(""))) {
                this.dbConnection = DriverManager.getConnection(this.connectionURL);
            } else {
                this.dbConnection = DriverManager.getConnection(this.connectionURL, this.connectionName, this.connectionPassword);
            }
        } catch (ClassNotFoundException e) {
            throw new RuntimeException(new StringBuffer("JDBCRealm.start.readXml: ").append(e).toString());
        } catch (SQLException e2) {
            throw new RuntimeException(new StringBuffer("JDBCRealm.start.readXml: ").append(e2).toString());
        }
    }

    @Override // org.apache.tomcat.core.BaseInterceptor, org.apache.tomcat.core.ContextInterceptor
    public void contextShutdown(Context context) throws TomcatException {
        if (!this.started || this.dbConnection == null) {
            return;
        }
        try {
            this.dbConnection.close();
        } catch (SQLException unused) {
            log("dbConnection.close Exception!!!");
        }
    }

    public synchronized String[] getUserRoles(String str) {
        try {
            if (this.dbConnection == null || this.dbConnection.isClosed()) {
                log(sm.getString("jdbcRealm.getUserRolesDBClosed"));
                this.dbConnection = DriverManager.getConnection(this.connectionURL);
                if (this.dbConnection == null || this.dbConnection.isClosed()) {
                    log(sm.getString("jdbcRealm.getUserRolesDBReOpenFail"));
                    return null;
                }
            }
            if (this.preparedRoles == null) {
                String stringBuffer = new StringBuffer("SELECT ").append(this.roleNameCol).append(" FROM ").append(this.userRoleTable).append(" WHERE ").append(this.userNameCol).append(" = ?").toString();
                if (this.debug >= 1) {
                    log(new StringBuffer("JDBCRealm.roles: ").append(stringBuffer).toString());
                }
                this.preparedRoles = this.dbConnection.prepareStatement(stringBuffer);
            }
            this.preparedRoles.clearParameters();
            this.preparedRoles.setString(1, str);
            ResultSet executeQuery = this.preparedRoles.executeQuery();
            Vector vector = new Vector();
            while (executeQuery.next()) {
                vector.addElement(executeQuery.getString(1));
            }
            String[] strArr = new String[vector.size()];
            for (int i = 0; i < vector.size(); i++) {
                strArr[i] = (String) vector.elementAt(i);
            }
            return strArr;
        } catch (SQLException e) {
            log(sm.getString("jdbcRealm.getUserRolesSQLException", str));
            log(new StringBuffer("SQLException: ").append(e).toString());
            if (this.preparedRoles != null) {
                try {
                    this.preparedRoles.close();
                } catch (Throwable unused) {
                }
                this.preparedRoles = null;
            }
            if (this.dbConnection == null) {
                return null;
            }
            try {
                this.dbConnection.close();
            } catch (Throwable unused2) {
            }
            this.dbConnection = null;
            return null;
        }
    }

    public void setConnectionName(String str) {
        this.connectionName = str;
    }

    public void setConnectionPassword(String str) {
        this.connectionPassword = str;
    }

    public void setConnectionURL(String str) {
        this.connectionURL = str;
    }

    @Override // org.apache.tomcat.core.BaseInterceptor
    public void setContextManager(ContextManager contextManager) {
        super.setContextManager(contextManager);
        this.cm = contextManager;
        try {
            this.reqRolesNote = contextManager.getNoteId(2, "required.roles");
        } catch (TomcatException e) {
            e.printStackTrace();
            throw new RuntimeException("Invalid state ");
        }
    }

    public void setDriverName(String str) {
        this.driverName = str;
    }

    public void setRoleNameCol(String str) {
        this.roleNameCol = str;
    }

    public void setUserCredCol(String str) {
        this.userCredCol = str;
    }

    public void setUserNameCol(String str) {
        this.userNameCol = str;
    }

    public void setUserRoleTable(String str) {
        this.userRoleTable = str;
    }

    public void setUserTable(String str) {
        this.userTable = str;
    }
}
