package org.apache.airavata.services.registry.rest.security.local;

import java.security.NoSuchAlgorithmException;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import javax.servlet.ServletContext;
import org.apache.airavata.common.utils.DBUtil;
import org.apache.airavata.common.utils.SecurityUtil;
import org.apache.airavata.persistance.registry.jpa.JPAConstants;
import org.apache.airavata.registry.api.util.RegistrySettings;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/airavata-rest-services-0.8.jar:org/apache/airavata/services/registry/rest/security/local/LocalUserStore.class */
public class LocalUserStore {
    protected static Logger log = LoggerFactory.getLogger(LocalUserStore.class);
    private DBUtil dbUtil;
    private String hashMethod;

    public LocalUserStore(ServletContext servletContext) throws Exception {
        this.hashMethod = RegistrySettings.getSetting("default.registry.password.hash.method");
        this.dbUtil = new DBUtil(RegistrySettings.getSetting("registry.jdbc.url"), RegistrySettings.getSetting(JPAConstants.KEY_JDBC_USER), RegistrySettings.getSetting(JPAConstants.KEY_JDBC_PASSWORD), RegistrySettings.getSetting(JPAConstants.KEY_JDBC_DRIVER));
    }

    public LocalUserStore(DBUtil dBUtil) {
        this.dbUtil = dBUtil;
    }

    public void addUser(String str, String str2) {
        Connection connection = null;
        PreparedStatement preparedStatement = null;
        try {
            try {
                try {
                    connection = this.dbUtil.getConnection();
                    preparedStatement = connection.prepareStatement("insert into Users values (?, ?)");
                    preparedStatement.setString(1, str);
                    preparedStatement.setString(2, SecurityUtil.digestString(str2, this.hashMethod));
                    preparedStatement.executeUpdate();
                    connection.commit();
                    log.debug("User " + str + " successfully added.");
                    DBUtil dBUtil = this.dbUtil;
                    DBUtil.cleanup(preparedStatement, connection);
                } catch (SQLException e) {
                    StringBuilder sb = new StringBuilder("Error persisting user information.");
                    sb.append(" user - ").append(str);
                    log.error(sb.toString(), (Throwable) e);
                    throw new RuntimeException(sb.toString(), e);
                }
            } catch (NoSuchAlgorithmException e2) {
                log.error("Error creating hash value for password.", (Throwable) e2);
                throw new RuntimeException("Error creating hash value for password.", e2);
            }
        } catch (Throwable th) {
            DBUtil dBUtil2 = this.dbUtil;
            DBUtil.cleanup(preparedStatement, connection);
            throw th;
        }
    }

    protected String getPassword(String str, Connection connection) {
        PreparedStatement preparedStatement = null;
        ResultSet resultSet = null;
        try {
            try {
                preparedStatement = connection.prepareStatement("select password from Users where user_name = ?");
                preparedStatement.setString(1, str);
                resultSet = preparedStatement.executeQuery();
                if (resultSet.next()) {
                    String string = resultSet.getString("password");
                    if (resultSet != null) {
                        try {
                            resultSet.close();
                        } catch (SQLException e) {
                            log.error("Error closing result set", (Throwable) e);
                        }
                    }
                    if (preparedStatement != null) {
                        try {
                            preparedStatement.close();
                        } catch (SQLException e2) {
                            log.error("Error closing prepared statement", (Throwable) e2);
                        }
                    }
                    return string;
                }
                if (resultSet != null) {
                    try {
                        resultSet.close();
                    } catch (SQLException e3) {
                        log.error("Error closing result set", (Throwable) e3);
                    }
                }
                if (preparedStatement == null) {
                    return null;
                }
                try {
                    preparedStatement.close();
                    return null;
                } catch (SQLException e4) {
                    log.error("Error closing prepared statement", (Throwable) e4);
                    return null;
                }
            } catch (SQLException e5) {
                StringBuilder sb = new StringBuilder("Error retrieving credentials for user.");
                sb.append("name - ").append(str);
                log.error(sb.toString(), (Throwable) e5);
                throw new RuntimeException(sb.toString(), e5);
            }
        } catch (Throwable th) {
            if (resultSet != null) {
                try {
                    resultSet.close();
                } catch (SQLException e6) {
                    log.error("Error closing result set", (Throwable) e6);
                }
            }
            if (preparedStatement != null) {
                try {
                    preparedStatement.close();
                } catch (SQLException e7) {
                    log.error("Error closing prepared statement", (Throwable) e7);
                }
            }
            throw th;
        }
    }

    public void changePassword(String str, String str2, String str3) {
        try {
            try {
                Connection connection = this.dbUtil.getConnection();
                String password = getPassword(str, connection);
                String digestString = SecurityUtil.digestString(str2, this.hashMethod);
                if (password != null && !password.equals(digestString)) {
                    throw new RuntimeException("Previous password did not match correctly. Please specify old password correctly.");
                }
                PreparedStatement prepareStatement = connection.prepareStatement("update Users set password = ? where user_name = ?");
                prepareStatement.setString(1, SecurityUtil.digestString(str3, this.hashMethod));
                prepareStatement.setString(2, str);
                prepareStatement.executeUpdate();
                connection.commit();
                log.debug("Password changed for user " + str);
                DBUtil dBUtil = this.dbUtil;
                DBUtil.cleanup(prepareStatement, connection);
            } catch (NoSuchAlgorithmException e) {
                log.error("Error creating hash value for password.", (Throwable) e);
                throw new RuntimeException("Error creating hash value for password.", e);
            } catch (SQLException e2) {
                StringBuilder sb = new StringBuilder("Error updating credentials.");
                sb.append(" user - ").append(str);
                log.error(sb.toString(), (Throwable) e2);
                throw new RuntimeException(sb.toString(), e2);
            }
        } catch (Throwable th) {
            DBUtil dBUtil2 = this.dbUtil;
            DBUtil.cleanup(null, null);
            throw th;
        }
    }

    public void changePasswordByAdmin(String str, String str2) {
        Connection connection = null;
        PreparedStatement preparedStatement = null;
        try {
            try {
                try {
                    connection = this.dbUtil.getConnection();
                    preparedStatement = connection.prepareStatement("update Users set password = ? where user_name = ?");
                    preparedStatement.setString(1, SecurityUtil.digestString(str2, this.hashMethod));
                    preparedStatement.setString(2, str);
                    preparedStatement.executeUpdate();
                    connection.commit();
                    log.debug("Admin changed password of user " + str);
                    DBUtil dBUtil = this.dbUtil;
                    DBUtil.cleanup(preparedStatement, connection);
                } catch (SQLException e) {
                    StringBuilder sb = new StringBuilder("Error updating credentials.");
                    sb.append(" user - ").append(str);
                    log.error(sb.toString(), (Throwable) e);
                    throw new RuntimeException(sb.toString(), e);
                }
            } catch (NoSuchAlgorithmException e2) {
                log.error("Error creating hash value for password.", (Throwable) e2);
                throw new RuntimeException("Error creating hash value for password.", e2);
            }
        } catch (Throwable th) {
            DBUtil dBUtil2 = this.dbUtil;
            DBUtil.cleanup(preparedStatement, connection);
            throw th;
        }
    }

    public void deleteUser(String str) {
        Connection connection = null;
        PreparedStatement preparedStatement = null;
        try {
            try {
                connection = this.dbUtil.getConnection();
                preparedStatement = connection.prepareStatement("delete from Users where user_name=?");
                preparedStatement.setString(1, str);
                preparedStatement.executeUpdate();
                connection.commit();
                log.debug("User " + str + " deleted.");
                DBUtil dBUtil = this.dbUtil;
                DBUtil.cleanup(preparedStatement, connection);
            } catch (SQLException e) {
                StringBuilder sb = new StringBuilder("Error deleting user.");
                sb.append("user - ").append(str);
                log.error(sb.toString(), (Throwable) e);
                throw new RuntimeException(sb.toString(), e);
            }
        } catch (Throwable th) {
            DBUtil dBUtil2 = this.dbUtil;
            DBUtil.cleanup(preparedStatement, connection);
            throw th;
        }
    }

    public List<String> getUsers() {
        ArrayList arrayList = new ArrayList();
        PreparedStatement preparedStatement = null;
        ResultSet resultSet = null;
        Connection connection = null;
        try {
            try {
                connection = this.dbUtil.getConnection();
                preparedStatement = connection.prepareStatement("select user_name from Users");
                resultSet = preparedStatement.executeQuery();
                while (resultSet.next()) {
                    arrayList.add(resultSet.getString("user_name"));
                }
                if (resultSet != null) {
                    try {
                        resultSet.close();
                    } catch (SQLException e) {
                        log.error("Error closing result set", (Throwable) e);
                    }
                }
                if (preparedStatement != null) {
                    try {
                        preparedStatement.close();
                    } catch (SQLException e2) {
                        log.error("Error closing prepared statement", (Throwable) e2);
                    }
                }
                if (connection != null) {
                    try {
                        connection.close();
                    } catch (SQLException e3) {
                        log.error("Error closing connection", (Throwable) e3);
                    }
                }
                Collections.sort(arrayList);
                return arrayList;
            } catch (SQLException e4) {
                log.error("Error retrieving Users.", (Throwable) e4);
                throw new RuntimeException("Error retrieving Users.", e4);
            }
        } catch (Throwable th) {
            if (resultSet != null) {
                try {
                    resultSet.close();
                } catch (SQLException e5) {
                    log.error("Error closing result set", (Throwable) e5);
                }
            }
            if (preparedStatement != null) {
                try {
                    preparedStatement.close();
                } catch (SQLException e6) {
                    log.error("Error closing prepared statement", (Throwable) e6);
                }
            }
            if (connection != null) {
                try {
                    connection.close();
                } catch (SQLException e7) {
                    log.error("Error closing connection", (Throwable) e7);
                }
            }
            throw th;
        }
    }

    public static String getPasswordRegularExpression() {
        return "'^[a-zA-Z0-9_-]{6,15}$'";
    }
}
