package net.krotscheck.kangaroo.authz.common.authenticator.password;

import com.mchange.v2.sql.SqlUtils;
import java.net.URI;
import java.util.List;
import javax.inject.Inject;
import javax.ws.rs.core.MultivaluedMap;
import javax.ws.rs.core.Response;
import net.krotscheck.kangaroo.authz.common.authenticator.AuthenticatorType;
import net.krotscheck.kangaroo.authz.common.authenticator.IAuthenticator;
import net.krotscheck.kangaroo.authz.common.database.entity.Authenticator;
import net.krotscheck.kangaroo.authz.common.database.entity.UserIdentity;
import net.krotscheck.kangaroo.authz.common.util.PasswordUtil;
import net.krotscheck.kangaroo.authz.oauth2.exception.RFC6749;
import net.krotscheck.kangaroo.util.ParamUtil;
import org.glassfish.jersey.internal.inject.AbstractBinder;
import org.glassfish.jersey.process.internal.RequestScoped;
import org.hibernate.Criteria;
import org.hibernate.Session;
import org.hibernate.criterion.Restrictions;

/* loaded from: input_file:net/krotscheck/kangaroo/authz/common/authenticator/password/PasswordAuthenticator.class */
public final class PasswordAuthenticator implements IAuthenticator {
    private final Session session;

    /* loaded from: input_file:net/krotscheck/kangaroo/authz/common/authenticator/password/PasswordAuthenticator$Binder.class */
    public static final class Binder extends AbstractBinder {
        @Override // org.glassfish.jersey.internal.inject.AbstractBinder
        protected void configure() {
            bind(PasswordAuthenticator.class).to(PasswordAuthenticator.class).to(IAuthenticator.class).named(AuthenticatorType.Password.name()).in(RequestScoped.class);
        }
    }

    @Inject
    public PasswordAuthenticator(Session session) {
        this.session = session;
    }

    @Override // net.krotscheck.kangaroo.authz.common.authenticator.IAuthenticator
    public Response delegate(Authenticator authenticator, URI uri) {
        return null;
    }

    @Override // net.krotscheck.kangaroo.authz.common.authenticator.IAuthenticator
    public UserIdentity authenticate(Authenticator authenticator, MultivaluedMap<String, String> multivaluedMap, URI uri) {
        if (authenticator == null || multivaluedMap == null) {
            throw new RFC6749.InvalidRequestException();
        }
        String one = ParamUtil.getOne(multivaluedMap, "username");
        String one2 = ParamUtil.getOne(multivaluedMap, SqlUtils.DRIVER_MANAGER_PASSWORD_PROPERTY);
        Criteria createCriteria = this.session.createCriteria(UserIdentity.class);
        createCriteria.add(Restrictions.eq("remoteId", one));
        createCriteria.add(Restrictions.eq("type", authenticator.getType()));
        createCriteria.createAlias("user", "u");
        createCriteria.add(Restrictions.eq("u.application", authenticator.getClient().getApplication()));
        createCriteria.setFirstResult(0);
        createCriteria.setMaxResults(1);
        List list = createCriteria.list();
        if (createCriteria.list().size() == 0) {
            return null;
        }
        UserIdentity userIdentity = (UserIdentity) list.get(0);
        if (PasswordUtil.isValid(one2, userIdentity.getSalt(), userIdentity.getPassword()).booleanValue()) {
            return userIdentity;
        }
        return null;
    }
}
