package org.apereo.cas.adaptors.jdbc;

import java.security.GeneralSecurityException;
import javax.security.auth.login.FailedLoginException;
import javax.sql.DataSource;
import org.apache.commons.lang3.StringUtils;
import org.apereo.cas.authentication.HandlerResult;
import org.apereo.cas.authentication.PreventedException;
import org.apereo.cas.authentication.UsernamePasswordCredential;
import org.apereo.cas.authentication.principal.PrincipalFactory;
import org.apereo.cas.services.ServicesManager;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.dao.DataAccessException;

/* loaded from: input_file:WEB-INF/lib/cas-server-support-jdbc-authentication-5.1.5.jar:org/apereo/cas/adaptors/jdbc/SearchModeSearchDatabaseAuthenticationHandler.class */
public class SearchModeSearchDatabaseAuthenticationHandler extends AbstractJdbcUsernamePasswordAuthenticationHandler {
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) SearchModeSearchDatabaseAuthenticationHandler.class);
    private final String fieldUser;
    private final String fieldPassword;
    private final String tableUsers;

    public SearchModeSearchDatabaseAuthenticationHandler(String str, ServicesManager servicesManager, PrincipalFactory principalFactory, Integer num, DataSource dataSource, String str2, String str3, String str4) {
        super(str, servicesManager, principalFactory, num, dataSource);
        this.fieldUser = str2;
        this.fieldPassword = str3;
        this.tableUsers = str4;
    }

    @Override // org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler
    protected HandlerResult authenticateUsernamePasswordInternal(UsernamePasswordCredential usernamePasswordCredential, String str) throws GeneralSecurityException, PreventedException {
        String str2 = null;
        if (StringUtils.isNotBlank(this.tableUsers) || StringUtils.isNotBlank(this.fieldUser) || StringUtils.isNotBlank(this.fieldPassword)) {
            str2 = "SELECT COUNT('x') FROM ".concat(this.tableUsers).concat(" WHERE ").concat(this.fieldUser).concat(" = ? AND ").concat(this.fieldPassword).concat("= ?");
        }
        if (StringUtils.isBlank(str2) || getJdbcTemplate() == null) {
            throw new GeneralSecurityException("Authentication handler is not configured correctly. No SQL statement or JDBC template found");
        }
        String username = usernamePasswordCredential.getUsername();
        try {
            LOGGER.debug("Executing SQL query [{}]", str2);
            if (((Integer) getJdbcTemplate().queryForObject(str2, Integer.class, username, usernamePasswordCredential.getPassword())).intValue() == 0) {
                throw new FailedLoginException(username + " not found with SQL query.");
            }
            return createHandlerResult(usernamePasswordCredential, this.principalFactory.createPrincipal(username), null);
        } catch (DataAccessException e) {
            throw new PreventedException("SQL exception while executing query for " + username, e);
        }
    }
}
