package org.apache.cocoon.acting;

import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.http.HttpSession;
import org.apache.avalon.framework.configuration.Configuration;
import org.apache.avalon.framework.parameters.Parameters;
import org.apache.avalon.framework.thread.ThreadSafe;
import org.apache.cocoon.environment.ObjectModelHelper;
import org.apache.cocoon.environment.Redirector;
import org.apache.cocoon.environment.Request;
import org.apache.cocoon.environment.SourceResolver;
import org.apache.cocoon.transformation.SQLTransformer;
import org.apache.commons.lang.BooleanUtils;
import org.apache.commons.lang.StringUtils;

/* loaded from: input_file:org/apache/cocoon/acting/DatabaseAuthenticatorAction.class */
public class DatabaseAuthenticatorAction extends AbstractDatabaseAction implements ThreadSafe {
    public Map act(Redirector redirector, SourceResolver sourceResolver, Map map, String str, Parameters parameters) throws Exception {
        Connection connection = null;
        PreparedStatement preparedStatement = null;
        ResultSet resultSet = null;
        boolean z = true;
        if (this.settings.containsKey("reloadable")) {
            z = Boolean.valueOf((String) this.settings.get("reloadable")).booleanValue();
        }
        try {
            try {
                Configuration configuration = getConfiguration(parameters.getParameter("descriptor", (String) this.settings.get("descriptor")), sourceResolver, parameters.getParameterAsBoolean("reloadable", z));
                boolean z2 = true;
                String parameter = parameters.getParameter("create-session", (String) this.settings.get("create-session"));
                if (parameter != null) {
                    z2 = BooleanUtils.toBoolean(parameter.trim());
                }
                Connection connection2 = getDataSource(configuration).getConnection();
                Request request = ObjectModelHelper.getRequest(map);
                if (request == null) {
                    getLogger().debug("DBAUTH: no request object");
                    if (0 != 0) {
                        resultSet.close();
                    }
                    if (0 != 0) {
                        preparedStatement.close();
                    }
                    if (connection2 != null) {
                        try {
                            connection2.close();
                        } catch (Exception e) {
                        }
                    }
                    return null;
                }
                PreparedStatement authQuery = getAuthQuery(connection2, configuration, request);
                if (authQuery == null) {
                    getLogger().debug("DBAUTH: have not got query");
                    request.setAttribute("message", "The authenticator is misconfigured");
                    if (0 != 0) {
                        resultSet.close();
                    }
                    if (authQuery != null) {
                        authQuery.close();
                    }
                    if (connection2 != null) {
                        try {
                            connection2.close();
                        } catch (Exception e2) {
                        }
                    }
                    return null;
                }
                ResultSet executeQuery = authQuery.executeQuery();
                if (!executeQuery.next()) {
                    if (!connection2.getAutoCommit()) {
                        connection2.rollback();
                    }
                    request.setAttribute("message", "The username or password were incorrect, please check your CAPS LOCK key and try again.");
                    getLogger().debug("DBAUTH: no results for query");
                    if (executeQuery != null) {
                        executeQuery.close();
                    }
                    if (authQuery != null) {
                        authQuery.close();
                    }
                    if (connection2 == null) {
                        return null;
                    }
                    try {
                        connection2.close();
                        return null;
                    } catch (Exception e3) {
                        return null;
                    }
                }
                getLogger().debug("DBAUTH: authorized successfully");
                HttpSession httpSession = null;
                if (z2) {
                    HttpSession session = request.getSession(false);
                    if (session != null) {
                        session.invalidate();
                    }
                    httpSession = request.getSession(true);
                    if (httpSession == null) {
                        if (executeQuery != null) {
                            executeQuery.close();
                        }
                        if (authQuery != null) {
                            authQuery.close();
                        }
                        if (connection2 != null) {
                            try {
                                connection2.close();
                            } catch (Exception e4) {
                            }
                        }
                        return null;
                    }
                    getLogger().debug("DBAUTH: session created");
                } else {
                    getLogger().debug("DBAUTH: leaving session untouched");
                }
                HashMap propagateParameters = propagateParameters(configuration, executeQuery, httpSession);
                if (!connection2.getAutoCommit()) {
                    connection2.commit();
                }
                Map unmodifiableMap = Collections.unmodifiableMap(propagateParameters);
                if (executeQuery != null) {
                    executeQuery.close();
                }
                if (authQuery != null) {
                    authQuery.close();
                }
                if (connection2 != null) {
                    try {
                        connection2.close();
                    } catch (Exception e5) {
                    }
                }
                return unmodifiableMap;
            } catch (Exception e6) {
                if (0 != 0) {
                    try {
                        if (!connection.getAutoCommit()) {
                            connection.rollback();
                        }
                    } catch (Exception e7) {
                    }
                }
                getLogger().debug("exception: ", e6);
                if (0 != 0) {
                    resultSet.close();
                }
                if (0 != 0) {
                    preparedStatement.close();
                }
                if (0 != 0) {
                    try {
                        connection.close();
                    } catch (Exception e8) {
                    }
                }
                return null;
            }
        } catch (Throwable th) {
            if (0 != 0) {
                resultSet.close();
            }
            if (0 != 0) {
                preparedStatement.close();
            }
            if (0 != 0) {
                try {
                    connection.close();
                } catch (Exception e9) {
                }
            }
            throw th;
        }
    }

    private PreparedStatement getAuthQuery(Connection connection, Configuration configuration, Request request) {
        StringBuffer stringBuffer = new StringBuffer("SELECT ");
        StringBuffer stringBuffer2 = new StringBuffer("");
        Configuration child = configuration.getChild("table");
        Configuration[] children = child.getChildren("select");
        try {
            Object[] objArr = new Object[children.length];
            int i = 0;
            for (int i2 = 0; i2 < children.length; i2++) {
                String attribute = children[i2].getAttribute("dbcol");
                if (i2 > 0) {
                    stringBuffer.append(", ");
                }
                stringBuffer.append(attribute);
                String attribute2 = children[i2].getAttribute("request-param", (String) null);
                if (StringUtils.isNotBlank(attribute2)) {
                    String attribute3 = children[i2].getAttribute("nullable", (String) null);
                    boolean z = attribute3 != null ? BooleanUtils.toBoolean(attribute3.trim()) : false;
                    String parameter = request.getParameter(attribute2);
                    if (StringUtils.isBlank(parameter) && !z) {
                        getLogger().debug("DBAUTH: request-param " + attribute2 + " does not exist");
                        return null;
                    }
                    if (i > 0) {
                        stringBuffer2.append(" AND ");
                    }
                    stringBuffer2.append(attribute).append("= ?");
                    int i3 = i;
                    i++;
                    objArr[i3] = parameter;
                }
            }
            stringBuffer.append(" FROM ");
            stringBuffer.append(child.getAttribute("name"));
            if (StringUtils.isNotBlank(stringBuffer2.toString())) {
                stringBuffer.append(" WHERE ").append(stringBuffer2);
            }
            getLogger().debug("DBAUTH: query " + ((Object) stringBuffer));
            PreparedStatement prepareStatement = connection.prepareStatement(stringBuffer.toString());
            for (int i4 = 0; i4 < i; i4++) {
                getLogger().debug("DBAUTH: parameter " + (i4 + 1) + " = [" + String.valueOf(objArr[i4]) + "]");
                prepareStatement.setObject(i4 + 1, objArr[i4]);
            }
            return prepareStatement;
        } catch (Exception e) {
            getLogger().debug("DBAUTH: got exception: " + e);
            return null;
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v38, types: [java.lang.Double] */
    /* JADX WARN: Type inference failed for: r0v41, types: [java.lang.Long] */
    private HashMap propagateParameters(Configuration configuration, ResultSet resultSet, HttpSession httpSession) {
        Configuration[] children = configuration.getChild("table").getChildren("select");
        HashMap hashMap = new HashMap();
        for (int i = 0; i < children.length; i++) {
            try {
                try {
                    String attribute = children[i].getAttribute("to-session");
                    if (StringUtils.isNotBlank(attribute)) {
                        String str = null;
                        String string = resultSet.getString(i + 1);
                        String attribute2 = children[i].getAttribute(SQLTransformer.MAGIC_OUT_PARAMETER_TYPE_ATTRIBUTE, "");
                        if (StringUtils.isBlank(attribute2) || "string".equals(attribute2)) {
                            str = string;
                        } else if ("long".equals(attribute2)) {
                            str = Long.decode(string);
                        } else if ("double".equals(attribute2)) {
                            str = Double.valueOf(string);
                        }
                        if (httpSession != null) {
                            httpSession.setAttribute(attribute, str);
                            getLogger().debug("DBAUTH: propagating param " + attribute + "=" + string);
                        }
                        hashMap.put(attribute, str);
                    }
                } catch (Exception e) {
                }
            } catch (Exception e2) {
                getLogger().debug("exception: ", e2);
                return null;
            }
        }
        return hashMap;
    }
}
