package org.apache.shiro.samples.spring.realm;

import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import org.apache.shiro.authc.AccountException;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.realm.jdbc.JdbcRealm;
import org.apache.shiro.util.ByteSource;
import org.apache.shiro.util.JdbcUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/classes/org/apache/shiro/samples/spring/realm/SaltAwareJdbcRealm.class */
public class SaltAwareJdbcRealm extends JdbcRealm {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) SaltAwareJdbcRealm.class);

    @Override // org.apache.shiro.realm.jdbc.JdbcRealm, org.apache.shiro.realm.AuthenticatingRealm
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        String username = ((UsernamePasswordToken) authenticationToken).getUsername();
        if (username == null) {
            throw new AccountException("Null usernames are not allowed by this realm.");
        }
        try {
            try {
                Connection connection = this.dataSource.getConnection();
                String passwordForUser = getPasswordForUser(connection, username);
                if (passwordForUser == null) {
                    throw new UnknownAccountException("No account found for user [" + username + "]");
                }
                SimpleAuthenticationInfo simpleAuthenticationInfo = new SimpleAuthenticationInfo(username, passwordForUser, getName());
                simpleAuthenticationInfo.setCredentialsSalt(ByteSource.Util.bytes(username));
                JdbcUtils.closeConnection(connection);
                return simpleAuthenticationInfo;
            } catch (SQLException e) {
                String str = "There was a SQL error while authenticating user [" + username + "]";
                if (log.isErrorEnabled()) {
                    log.error(str, (Throwable) e);
                }
                throw new AuthenticationException(str, e);
            }
        } catch (Throwable th) {
            JdbcUtils.closeConnection(null);
            throw th;
        }
    }

    private String getPasswordForUser(Connection connection, String str) throws SQLException {
        PreparedStatement preparedStatement = null;
        ResultSet resultSet = null;
        String str2 = null;
        try {
            preparedStatement = connection.prepareStatement(this.authenticationQuery);
            preparedStatement.setString(1, str);
            resultSet = preparedStatement.executeQuery();
            boolean z = false;
            while (resultSet.next()) {
                if (z) {
                    throw new AuthenticationException("More than one user row found for user [" + str + "]. Usernames must be unique.");
                }
                str2 = resultSet.getString(1);
                z = true;
            }
            JdbcUtils.closeResultSet(resultSet);
            JdbcUtils.closeStatement(preparedStatement);
            return str2;
        } catch (Throwable th) {
            JdbcUtils.closeResultSet(resultSet);
            JdbcUtils.closeStatement(preparedStatement);
            throw th;
        }
    }
}
