package com.orientechnologies.orient.core.security.authenticator;

import com.orientechnologies.orient.core.db.ODatabaseDocumentInternal;
import com.orientechnologies.orient.core.db.ODatabaseSession;
import com.orientechnologies.orient.core.exception.OSecurityAccessException;
import com.orientechnologies.orient.core.metadata.security.OSecurityShared;
import com.orientechnologies.orient.core.metadata.security.OSecurityUser;
import com.orientechnologies.orient.core.metadata.security.OUser;
import com.orientechnologies.orient.core.metadata.security.auth.OAuthenticationInfo;
import com.orientechnologies.orient.core.metadata.security.auth.OTokenAuthInfo;
import com.orientechnologies.orient.core.metadata.security.auth.OUserPasswordAuthInfo;
import com.orientechnologies.orient.core.security.OParsedToken;
import com.orientechnologies.orient.enterprise.channel.binary.OTokenSecurityException;

/* loaded from: input_file:com/orientechnologies/orient/core/security/authenticator/ODatabaseUserAuthenticator.class */
public class ODatabaseUserAuthenticator extends OSecurityAuthenticatorAbstract {
    @Override // com.orientechnologies.orient.core.security.authenticator.OSecurityAuthenticatorAbstract, com.orientechnologies.orient.core.security.OSecurityAuthenticator
    public OSecurityUser authenticate(ODatabaseSession oDatabaseSession, OAuthenticationInfo oAuthenticationInfo) {
        if (oAuthenticationInfo instanceof OUserPasswordAuthInfo) {
            return authenticate(oDatabaseSession, ((OUserPasswordAuthInfo) oAuthenticationInfo).getUser(), ((OUserPasswordAuthInfo) oAuthenticationInfo).getPassword());
        }
        if (!(oAuthenticationInfo instanceof OTokenAuthInfo)) {
            return super.authenticate(oDatabaseSession, oAuthenticationInfo);
        }
        OParsedToken token = ((OTokenAuthInfo) oAuthenticationInfo).getToken();
        if (!getSecurity().getTokenSign().verifyTokenSign(token)) {
            throw new OTokenSecurityException("The token provided is expired");
        }
        if (!token.getToken().getIsValid()) {
            throw new OSecurityAccessException(oDatabaseSession.getName(), "Token not valid");
        }
        OUser user = token.getToken().getUser((ODatabaseDocumentInternal) oDatabaseSession);
        if (user == null && token.getToken().getUserName() != null) {
            user = ((OSecurityShared) ((ODatabaseDocumentInternal) oDatabaseSession).getSharedContext().getSecurity()).getUserInternal(oDatabaseSession, token.getToken().getUserName());
        }
        return user;
    }

    @Override // com.orientechnologies.orient.core.security.OSecurityAuthenticator
    public OSecurityUser authenticate(ODatabaseSession oDatabaseSession, String str, String str2) {
        if (oDatabaseSession == null) {
            return null;
        }
        String name = oDatabaseSession.getName();
        OUser userInternal = ((OSecurityShared) ((ODatabaseDocumentInternal) oDatabaseSession).getSharedContext().getSecurity()).getUserInternal(oDatabaseSession, str);
        if (userInternal == null) {
            return null;
        }
        if (userInternal.getAccountStatus() != OSecurityUser.STATUSES.ACTIVE) {
            throw new OSecurityAccessException(name, "User '" + str + "' is not active");
        }
        if (userInternal.checkPassword(str2)) {
            return userInternal;
        }
        try {
            Thread.sleep(200L);
        } catch (InterruptedException e) {
            Thread.currentThread().interrupt();
        }
        throw new OSecurityAccessException(name, "User or password not valid for database: '" + name + "'");
    }

    @Override // com.orientechnologies.orient.core.security.authenticator.OSecurityAuthenticatorAbstract, com.orientechnologies.orient.core.security.OSecurityAuthenticator
    public OSecurityUser getUser(String str) {
        return null;
    }

    @Override // com.orientechnologies.orient.core.security.authenticator.OSecurityAuthenticatorAbstract, com.orientechnologies.orient.core.security.OSecurityAuthenticator
    public boolean isAuthorized(String str, String str2) {
        return false;
    }

    @Override // com.orientechnologies.orient.core.security.authenticator.OSecurityAuthenticatorAbstract, com.orientechnologies.orient.core.security.OSecurityAuthenticator
    public boolean isSingleSignOnSupported() {
        return false;
    }
}
