package com.opensymphony.user.provider.jdbc;

import com.opensymphony.user.provider.CredentialsProvider;
import com.opensymphony.user.provider.ejb.util.Base64;
import com.opensymphony.user.provider.ejb.util.PasswordDigester;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.ArrayList;
import java.util.List;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: input_file:WEB-INF/lib/osuser-1.0-dev-31Oct04.jar:com/opensymphony/user/provider/jdbc/JDBCCredentialsProvider.class */
public class JDBCCredentialsProvider extends BaseJDBCProvider implements CredentialsProvider {
    private static final Log log;
    static Class class$com$opensymphony$user$provider$jdbc$JDBCCredentialsProvider;

    @Override // com.opensymphony.user.provider.CredentialsProvider
    public boolean authenticate(String str, String str2) {
        boolean z = false;
        Connection connection = null;
        PreparedStatement preparedStatement = null;
        ResultSet resultSet = null;
        try {
            try {
                connection = getConnection();
                preparedStatement = connection.prepareStatement(new StringBuffer().append("SELECT ").append(this.userPassword).append(" FROM ").append(this.userTable).append(" WHERE ").append(this.userName).append(" = ?").toString());
                preparedStatement.setString(1, str);
                resultSet = preparedStatement.executeQuery();
                if (resultSet.next()) {
                    z = compareHash(resultSet.getString(1), str2);
                }
                cleanup(connection, preparedStatement, resultSet);
            } catch (SQLException e) {
                log.fatal(new StringBuffer().append("Could not authenticate user [").append(str).append("]").toString(), e);
                cleanup(connection, preparedStatement, resultSet);
            }
            return z;
        } catch (Throwable th) {
            cleanup(connection, preparedStatement, resultSet);
            throw th;
        }
    }

    @Override // com.opensymphony.user.provider.CredentialsProvider
    public boolean changePassword(String str, String str2) {
        boolean z = false;
        Connection connection = null;
        PreparedStatement preparedStatement = null;
        try {
            try {
                connection = getConnection();
                preparedStatement = connection.prepareStatement(new StringBuffer().append("UPDATE ").append(this.userTable).append(" SET ").append(this.userPassword).append(" = ? WHERE ").append(this.userName).append(" = ?").toString());
                preparedStatement.setString(1, createHash(str2));
                preparedStatement.setString(2, str);
                preparedStatement.executeUpdate();
                z = true;
                cleanup(connection, preparedStatement, null);
            } catch (SQLException e) {
                log.fatal(new StringBuffer().append("Could not change password for user [").append(str).append("]").toString(), e);
                cleanup(connection, preparedStatement, null);
            }
            return z;
        } catch (Throwable th) {
            cleanup(connection, preparedStatement, null);
            throw th;
        }
    }

    @Override // com.opensymphony.user.provider.jdbc.BaseJDBCProvider, com.opensymphony.user.provider.UserProvider
    public boolean create(String str) {
        boolean z = false;
        try {
            try {
                Connection connection = getConnection();
                PreparedStatement prepareStatement = connection.prepareStatement(new StringBuffer().append("INSERT INTO ").append(this.userTable).append(" (").append(this.userName).append(") VALUES (?)").toString());
                prepareStatement.setString(1, str);
                try {
                    prepareStatement.executeUpdate();
                    z = true;
                } catch (SQLException e) {
                    log.warn(new StringBuffer().append("User [").append(str).append("] must already exist").toString(), e);
                }
                cleanup(connection, prepareStatement, null);
            } catch (SQLException e2) {
                log.fatal(new StringBuffer().append("Could not create user [").append(str).append("]").toString(), e2);
                cleanup(null, null, null);
            }
            return z;
        } catch (Throwable th) {
            cleanup(null, null, null);
            throw th;
        }
    }

    @Override // com.opensymphony.user.provider.UserProvider
    public boolean handles(String str) {
        boolean z = false;
        Connection connection = null;
        PreparedStatement preparedStatement = null;
        ResultSet resultSet = null;
        try {
            try {
                connection = getConnection();
                preparedStatement = connection.prepareStatement(new StringBuffer().append("SELECT * FROM ").append(this.userTable).append(" WHERE ").append(this.userName).append(" = ?").toString());
                preparedStatement.setString(1, str);
                resultSet = preparedStatement.executeQuery();
                z = resultSet.next();
                cleanup(connection, preparedStatement, resultSet);
            } catch (SQLException e) {
                log.fatal(new StringBuffer().append("Could not see if [").append(str).append("] is handled").toString(), e);
                cleanup(connection, preparedStatement, resultSet);
            }
            return z;
        } catch (Throwable th) {
            cleanup(connection, preparedStatement, resultSet);
            throw th;
        }
    }

    @Override // com.opensymphony.user.provider.UserProvider
    public List list() {
        ArrayList arrayList = new ArrayList();
        Connection connection = null;
        PreparedStatement preparedStatement = null;
        ResultSet resultSet = null;
        try {
            try {
                connection = getConnection();
                preparedStatement = connection.prepareStatement(new StringBuffer().append("SELECT ").append(this.userName).append(" FROM ").append(this.userTable).append(" ORDER BY ").append(this.userName).toString());
                resultSet = preparedStatement.executeQuery();
                while (resultSet.next()) {
                    arrayList.add(resultSet.getString(1));
                }
                cleanup(connection, preparedStatement, resultSet);
            } catch (SQLException e) {
                log.fatal("Could not list users", e);
                cleanup(connection, preparedStatement, resultSet);
            }
            return arrayList;
        } catch (Throwable th) {
            cleanup(connection, preparedStatement, resultSet);
            throw th;
        }
    }

    @Override // com.opensymphony.user.provider.jdbc.BaseJDBCProvider, com.opensymphony.user.provider.UserProvider
    public boolean remove(String str) {
        boolean z = false;
        Connection connection = null;
        PreparedStatement preparedStatement = null;
        try {
            try {
                connection = getConnection();
                PreparedStatement prepareStatement = connection.prepareStatement(new StringBuffer().append("DELETE FROM ").append(this.membershipTable).append(" WHERE ").append(this.membershipUserName).append(" = ?").toString());
                prepareStatement.setString(1, str);
                prepareStatement.executeUpdate();
                prepareStatement.close();
                preparedStatement = connection.prepareStatement(new StringBuffer().append("DELETE FROM ").append(this.userTable).append(" WHERE ").append(this.userName).append(" = ?").toString());
                preparedStatement.setString(1, str);
                if (preparedStatement.executeUpdate() == 1) {
                    z = true;
                }
                cleanup(connection, preparedStatement, null);
            } catch (SQLException e) {
                log.fatal(new StringBuffer().append("Unable to remove user [").append(str).append("]").toString(), e);
                cleanup(connection, preparedStatement, null);
            }
            return z;
        } catch (Throwable th) {
            cleanup(connection, preparedStatement, null);
            throw th;
        }
    }

    private boolean compareHash(String str, String str2) {
        return str.equals(createHash(str2));
    }

    private String createHash(String str) {
        return new String(Base64.encode(PasswordDigester.digest(str.getBytes())));
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$com$opensymphony$user$provider$jdbc$JDBCCredentialsProvider == null) {
            cls = class$("com.opensymphony.user.provider.jdbc.JDBCCredentialsProvider");
            class$com$opensymphony$user$provider$jdbc$JDBCCredentialsProvider = cls;
        } else {
            cls = class$com$opensymphony$user$provider$jdbc$JDBCCredentialsProvider;
        }
        log = LogFactory.getLog(cls);
    }
}
