package com.centit.framework.cas.handler;

import com.alibaba.fastjson.JSONObject;
import com.centit.framework.cas.config.QueryUserProperties;
import com.centit.framework.cas.model.Md5PasswordCredential;
import com.centit.support.algorithm.BooleanBaseOpt;
import com.centit.support.database.utils.DatabaseAccess;
import com.centit.support.database.utils.DbcpConnectPools;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.sql.Connection;
import java.sql.SQLException;
import javax.security.auth.login.AccountNotFoundException;
import javax.security.auth.login.FailedLoginException;
import org.apache.commons.lang3.StringUtils;
import org.apereo.cas.authentication.Credential;
import org.apereo.cas.authentication.HandlerResult;
import org.apereo.cas.authentication.PreventedException;
import org.apereo.cas.authentication.exceptions.AccountDisabledException;
import org.apereo.cas.authentication.exceptions.AccountPasswordMustChangeException;
import org.apereo.cas.authentication.handler.support.AbstractPreAndPostProcessingAuthenticationHandler;
import org.apereo.cas.authentication.principal.PrincipalFactory;
import org.apereo.cas.services.ServicesManager;
import org.springframework.security.crypto.password.PasswordEncoder;

/* loaded from: input_file:WEB-INF/lib/centit-cas-login-plugin-1.0.2-SNAPSHOT.jar:com/centit/framework/cas/handler/Md5PasswordAuthenticationHandler.class */
public class Md5PasswordAuthenticationHandler extends AbstractPreAndPostProcessingAuthenticationHandler {
    public QueryUserProperties queryUserProperties;
    private PasswordEncoder passwordEncoder;

    public Md5PasswordAuthenticationHandler(String str, ServicesManager servicesManager, PrincipalFactory principalFactory, Integer num) {
        super(str, servicesManager, principalFactory, num);
    }

    @Override // org.apereo.cas.authentication.handler.support.AbstractPreAndPostProcessingAuthenticationHandler
    protected HandlerResult doAuthentication(Credential credential) throws GeneralSecurityException, PreventedException {
        Md5PasswordCredential md5PasswordCredential = (Md5PasswordCredential) credential;
        if (StringUtils.isBlank(md5PasswordCredential.getUsername())) {
            throw new AccountNotFoundException("输入的用户名为空！");
        }
        try {
            Connection dbcpConnect = DbcpConnectPools.getDbcpConnect(this.queryUserProperties.getDatasource());
            Throwable th = null;
            try {
                Integer paramRepeatTimes = this.queryUserProperties.getParamRepeatTimes();
                if (paramRepeatTimes == null || paramRepeatTimes.intValue() < 1) {
                    paramRepeatTimes = 1;
                }
                Object[] objArr = new Object[paramRepeatTimes.intValue()];
                for (int i = 0; i < paramRepeatTimes.intValue(); i++) {
                    objArr[i] = md5PasswordCredential.getUsername();
                }
                JSONObject objectAsJSON = DatabaseAccess.getObjectAsJSON(dbcpConnect, this.queryUserProperties.getSql(), objArr);
                if (objectAsJSON == null) {
                    throw new AccountNotFoundException("用户找不到！");
                }
                if (!this.passwordEncoder.matches(md5PasswordCredential.getPassword(), objectAsJSON.getString(DatabaseAccess.mapColumnNameToField(this.queryUserProperties.getPinField())))) {
                    throw new FailedLoginException("用户名密码不匹配。");
                }
                if (StringUtils.isNotBlank(this.queryUserProperties.getDisabledField()) && BooleanBaseOpt.castObjectToBoolean(objectAsJSON.get(DatabaseAccess.mapColumnNameToField(this.queryUserProperties.getDisabledField())), false).booleanValue()) {
                    throw new AccountDisabledException("用户已经失效");
                }
                if (StringUtils.isNotBlank(this.queryUserProperties.getExpiredField()) && BooleanBaseOpt.castObjectToBoolean(objectAsJSON.get(DatabaseAccess.mapColumnNameToField(this.queryUserProperties.getExpiredField())), false).booleanValue()) {
                    throw new AccountPasswordMustChangeException("密码已过期");
                }
                String username = md5PasswordCredential.getUsername();
                String principalField = this.queryUserProperties.getPrincipalField();
                if (StringUtils.isNotBlank(principalField) && !"none".equalsIgnoreCase(principalField)) {
                    String string = objectAsJSON.getString(DatabaseAccess.mapColumnNameToField(principalField));
                    if (StringUtils.isNotBlank(string)) {
                        username = string;
                    }
                }
                objectAsJSON.remove(DatabaseAccess.mapColumnNameToField(this.queryUserProperties.getPinField()));
                HandlerResult createHandlerResult = createHandlerResult(credential, this.principalFactory.createPrincipal(username, objectAsJSON), null);
                if (dbcpConnect != null) {
                    if (0 != 0) {
                        try {
                            dbcpConnect.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        dbcpConnect.close();
                    }
                }
                return createHandlerResult;
            } catch (Throwable th3) {
                if (dbcpConnect != null) {
                    if (0 != 0) {
                        try {
                            dbcpConnect.close();
                        } catch (Throwable th4) {
                            th.addSuppressed(th4);
                        }
                    } else {
                        dbcpConnect.close();
                    }
                }
                throw th3;
            }
        } catch (IOException | SQLException e) {
            throw new AccountNotFoundException("查找用户 " + md5PasswordCredential.getUsername() + " 报错 " + e.getLocalizedMessage());
        }
    }

    @Override // org.apereo.cas.authentication.AuthenticationHandler
    public boolean supports(Credential credential) {
        return credential instanceof Md5PasswordCredential;
    }

    public void setPasswordEncoder(PasswordEncoder passwordEncoder) {
        this.passwordEncoder = passwordEncoder;
    }

    public void setQueryUserProperties(QueryUserProperties queryUserProperties) {
        this.queryUserProperties = queryUserProperties;
    }
}
