package com.sun.identity.authentication.modules.jdbc;

import com.iplanet.am.util.Debug;
import com.iplanet.am.util.Misc;
import com.sun.identity.authentication.spi.AMLoginModule;
import com.sun.identity.authentication.spi.AuthLoginException;
import com.sun.identity.authentication.spi.InvalidPasswordException;
import java.security.Principal;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.util.Locale;
import java.util.Map;
import java.util.ResourceBundle;
import javax.naming.InitialContext;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.sql.DataSource;

/* loaded from: input_file:119465-08/SUNWamsdk/reloc/SUNWam/lib/am_services.jar:com/sun/identity/authentication/modules/jdbc/JDBC.class */
public class JDBC extends AMLoginModule {
    private String userTokenId;
    private String userName;
    private String password;
    private String resultPassword;
    private char[] passwordCharArray;
    private Map options;
    private String driver;
    private String connectionType;
    private String jndiName;
    private String url;
    private String dbuser;
    private String dbpassword;
    private String passwordColumn;
    private String statement;
    private String transform;
    private Map sharedState;
    private static final int MAX_NAME_LENGTH = 80;
    private static final String amAuthJDBC = "amAuthJDBC";
    private static Debug debug = Debug.getInstance(amAuthJDBC);
    private static String CONNECTIONTYPE = "sunAMAuthJDBCConnectionType";
    private static String JNDINAME = "sunAMAuthJDBCJndiName";
    private static String DRIVER = "sunAMAuthJDBCDriver";
    private static String URL = "sunAMAuthJDBCUrl";
    private static String DBUSER = "sunAMAuthJDBCDbuser";
    private static String DBPASSWORD = "sunAMAuthJDBCDbpassword";
    private static String PASSWORDCOLUMN = "sunAMAuthJDBCPasswordColumn";
    private static String STATEMENT = "sunAMAuthJDBCStatement";
    private static String TRANSFORM = "sunAMAuthJDBCPasswordSyntaxTransformPlugin";
    private static String AUTHLEVEL = "sunAMAuthJDBCAuthLevel";
    private static String DEFAULT_TRANSFORM = "com.sun.identity.authentication.modules.jdbc.ClearTextTransform";
    private Principal userPrincipal = null;
    private String errorMsg = null;
    private ResourceBundle bundle = null;
    private boolean getCredentialsFromSharedState = false;
    private boolean useJNDI = false;

    public JDBC() {
        debug.message("JDBC()");
    }

    @Override // com.sun.identity.authentication.spi.AMLoginModule
    public void init(Subject subject, Map map, Map map2) {
        debug.message("in initialize...");
        Locale loginLocale = getLoginLocale();
        this.bundle = AMLoginModule.amCache.getResBundle(amAuthJDBC, loginLocale);
        if (debug.messageEnabled()) {
            debug.message(new StringBuffer().append("amAuthJDBC Authentication resource bundle locale=").append(loginLocale).toString());
        }
        this.options = map2;
        this.sharedState = map;
        if (map2 != null) {
            try {
                this.connectionType = Misc.getMapAttr(map2, CONNECTIONTYPE);
                if (this.connectionType == null) {
                    debug.message("No CONNECTIONTYPE for configuring");
                    this.errorMsg = "noCONNECTIONTYPE";
                    return;
                }
                if (debug.messageEnabled()) {
                    debug.message(new StringBuffer().append("Found config for CONNECTIONTYPE: ").append(this.connectionType).toString());
                }
                if (this.connectionType.equals("JNDI")) {
                    this.useJNDI = true;
                }
                if (this.useJNDI) {
                    debug.message("Using JNDI Retrieved Connection pool");
                    this.jndiName = Misc.getMapAttr(map2, JNDINAME);
                    if (this.jndiName == null) {
                        debug.message("No JNDINAME for configuring");
                        this.errorMsg = "noJNDINAME";
                        return;
                    } else if (debug.messageEnabled()) {
                        debug.message(new StringBuffer().append("Found config for JNDINAME: ").append(this.jndiName).toString());
                    }
                } else {
                    debug.message("Using non pooled JDBC");
                    this.driver = Misc.getMapAttr(map2, DRIVER);
                    if (this.driver == null) {
                        debug.message("No DRIVER for configuring");
                        this.errorMsg = "noDRIVER";
                        return;
                    } else if (debug.messageEnabled()) {
                        debug.message(new StringBuffer().append("Found config for DRIVER: ").append(this.driver).toString());
                    }
                }
                this.url = Misc.getMapAttr(map2, URL);
                if (this.url == null) {
                    debug.message("No URL for configuring");
                    this.errorMsg = "noURL";
                    return;
                }
                if (debug.messageEnabled()) {
                    debug.message(new StringBuffer().append("Found config for URL: ").append(this.url).toString());
                }
                this.dbuser = Misc.getMapAttr(map2, DBUSER);
                if (this.dbuser == null) {
                    debug.message("No DBUSER for configuring");
                    this.errorMsg = "noDBUSER";
                    return;
                }
                if (debug.messageEnabled()) {
                    debug.message(new StringBuffer().append("Found config for DBUSER: ").append(this.dbuser).toString());
                }
                this.dbpassword = Misc.getMapAttr(map2, DBPASSWORD, "");
                if (this.dbpassword == null) {
                    debug.message("No DBPASSWORD for configuring");
                    this.errorMsg = "noDBPASSWORD";
                    return;
                }
                if (debug.messageEnabled()) {
                    debug.message(new StringBuffer().append("Found config for DBPASSWORD: ").append(this.dbpassword).toString());
                }
                this.passwordColumn = Misc.getMapAttr(map2, PASSWORDCOLUMN);
                if (this.passwordColumn == null) {
                    debug.message("No PASSWORDCOLUMN for configuring");
                    this.errorMsg = "noPASSWORDCOLUMN";
                    return;
                }
                if (debug.messageEnabled()) {
                    debug.message(new StringBuffer().append("Found config for PASSWORDCOLUMN: ").append(this.passwordColumn).toString());
                }
                this.statement = Misc.getMapAttr(map2, STATEMENT);
                if (this.statement == null) {
                    debug.message("No STATEMENT for configuring");
                    this.errorMsg = "noSTATEMENT";
                }
                this.transform = Misc.getMapAttr(map2, TRANSFORM);
                if (this.transform == null) {
                    if (debug.messageEnabled()) {
                        debug.message("No TRANSFORM for configuring.Using clear text");
                    }
                    this.transform = DEFAULT_TRANSFORM;
                } else if (debug.messageEnabled()) {
                    debug.message(new StringBuffer().append("Plugin for TRANSFORM: ").append(this.transform).toString());
                }
                String mapAttr = Misc.getMapAttr(map2, AUTHLEVEL);
                if (mapAttr != null) {
                    try {
                        setAuthLevel(Integer.parseInt(mapAttr));
                    } catch (Exception e) {
                        debug.error(new StringBuffer().append("Unable to set auth level ").append(mapAttr).toString(), e);
                    }
                }
            } catch (Exception e2) {
                debug.error("JDBC Init Exception", e2);
            }
        }
    }

    @Override // com.sun.identity.authentication.spi.AMLoginModule
    public int process(Callback[] callbackArr, int i) throws AuthLoginException {
        Connection connection;
        if (this.errorMsg != null) {
            throw new AuthLoginException(amAuthJDBC, this.errorMsg, null);
        }
        if (debug.messageEnabled()) {
            debug.message(new StringBuffer().append("State: ").append(i).toString());
        }
        if (i != 1) {
            throw new AuthLoginException(amAuthJDBC, "invalidState", null);
        }
        if (callbackArr == null || callbackArr.length != 0) {
            this.userName = ((NameCallback) callbackArr[0]).getName();
            if (debug.messageEnabled()) {
                debug.message(new StringBuffer().append("Authenticating this user: ").append(this.userName).toString());
            }
            this.passwordCharArray = ((PasswordCallback) callbackArr[1]).getPassword();
            this.password = new String(this.passwordCharArray);
            if (this.userName == null || this.userName.length() == 0) {
                throw new AuthLoginException(amAuthJDBC, "noUserName", null);
            }
        } else {
            this.userName = (String) this.sharedState.get(getUserKey());
            this.password = (String) this.sharedState.get(getPwdKey());
            if (this.userName == null || this.password == null) {
                return 1;
            }
            this.getCredentialsFromSharedState = true;
        }
        storeUsernamePasswd(this.userName, this.password);
        if (this.userName.length() > 80) {
            throw new AuthLoginException(amAuthJDBC, "userNameTooLong", null);
        }
        Connection connection2 = null;
        try {
            try {
                if (this.useJNDI) {
                    DataSource dataSource = (DataSource) new InitialContext().lookup(this.jndiName);
                    if (debug.messageEnabled()) {
                        debug.message(new StringBuffer().append("Datasource Acquired: ").append(dataSource.toString()).toString());
                    }
                    connection = dataSource.getConnection();
                    debug.message("Using JNDI Retrieved Connection pool");
                } else {
                    Class.forName(this.driver);
                    connection = DriverManager.getConnection(this.url, this.dbuser, this.dbpassword);
                }
                if (debug.messageEnabled()) {
                    debug.message(new StringBuffer().append("Connection Acquired: ").append(connection.toString()).toString());
                }
                if (debug.messageEnabled()) {
                    debug.message(new StringBuffer().append("PreparedStatement to build: ").append(this.statement).toString());
                }
                PreparedStatement prepareStatement = connection.prepareStatement(this.statement);
                prepareStatement.setString(1, this.userName);
                if (debug.messageEnabled()) {
                    debug.message(new StringBuffer().append("Statement to execute: ").append(prepareStatement).toString());
                }
                ResultSet executeQuery = prepareStatement.executeQuery();
                if (executeQuery == null) {
                    debug.message("returned null from executeQuery()");
                    throw new AuthLoginException(amAuthJDBC, "nullResult", null);
                }
                int i2 = 0;
                while (executeQuery.next()) {
                    i2++;
                    if (i2 > 1) {
                        if (debug.messageEnabled()) {
                            debug.message("Too many results.UID should be a primary key");
                        }
                        throw new AuthLoginException(amAuthJDBC, "multiEntry", null);
                    }
                    this.resultPassword = executeQuery.getString(this.passwordColumn).trim();
                }
                if (i2 == 0) {
                    if (debug.messageEnabled()) {
                        debug.message("No results from your SQL query.UID should be valid");
                    }
                    throw new AuthLoginException(amAuthJDBC, "nullResult", null);
                }
                if (connection != null) {
                    try {
                        connection.close();
                    } catch (Exception e) {
                        debug.error(new StringBuffer().append("Error in closing database connection: ").append(e.getMessage()).toString());
                        if (debug.messageEnabled()) {
                            debug.message("Fail to close database:", e);
                        }
                    }
                }
                if (!this.transform.equals(DEFAULT_TRANSFORM)) {
                    try {
                        JDBCPasswordSyntaxTransform jDBCPasswordSyntaxTransform = (JDBCPasswordSyntaxTransform) Class.forName(this.transform).newInstance();
                        if (debug.messageEnabled()) {
                            debug.message(new StringBuffer().append("Got my Transform Object").append(jDBCPasswordSyntaxTransform.toString()).toString());
                        }
                        this.resultPassword = jDBCPasswordSyntaxTransform.transform(this.resultPassword);
                        if (debug.messageEnabled()) {
                            debug.message(new StringBuffer().append("Password transformed by: ").append(this.transform).toString());
                        }
                    } catch (Throwable th) {
                        if (debug.messageEnabled()) {
                            debug.message(new StringBuffer().append("Syntax Transform Exception:").append(th.toString()).toString());
                        }
                        throw new AuthLoginException(th);
                    }
                }
                if (this.password != null && this.password.equals(this.resultPassword)) {
                    this.userTokenId = this.userName;
                    return -1;
                }
                debug.message("password not match. Auth failed.");
                setFailureID(this.userName);
                throw new InvalidPasswordException(amAuthJDBC, "loginFailed", null, this.userName, null);
            } catch (Throwable th2) {
                if (0 != 0) {
                    try {
                        connection2.close();
                    } catch (Exception e2) {
                        debug.error(new StringBuffer().append("Error in closing database connection: ").append(e2.getMessage()).toString());
                        if (debug.messageEnabled()) {
                            debug.message("Fail to close database:", e2);
                        }
                    }
                }
                throw th2;
            }
        } catch (Throwable th3) {
            if (!this.getCredentialsFromSharedState) {
                if (debug.messageEnabled()) {
                    debug.message("JDBC Exception:", th3);
                }
                throw new AuthLoginException(th3);
            }
            this.getCredentialsFromSharedState = false;
            if (0 != 0) {
                try {
                    connection2.close();
                } catch (Exception e3) {
                    debug.error(new StringBuffer().append("Error in closing database connection: ").append(e3.getMessage()).toString());
                    if (debug.messageEnabled()) {
                        debug.message("Fail to close database:", e3);
                    }
                }
            }
            return 1;
        }
    }

    @Override // com.sun.identity.authentication.spi.AMLoginModule
    public Principal getPrincipal() {
        if (this.userPrincipal != null) {
            return this.userPrincipal;
        }
        if (this.userTokenId == null) {
            return null;
        }
        this.userPrincipal = new JDBCPrincipal(this.userTokenId);
        return this.userPrincipal;
    }

    @Override // com.sun.identity.authentication.spi.AMLoginModule
    public void destroyModuleState() {
        this.userTokenId = null;
        this.userPrincipal = null;
    }

    public void nullifyUserdVars() {
        this.userName = null;
        this.password = null;
        this.resultPassword = null;
        this.passwordCharArray = null;
        this.errorMsg = null;
        this.bundle = null;
        this.options = null;
        this.driver = null;
        this.connectionType = null;
        this.jndiName = null;
        this.url = null;
        this.dbuser = null;
        this.dbpassword = null;
        this.passwordColumn = null;
        this.statement = null;
        this.transform = null;
        this.sharedState = null;
    }
}
