package org.jivesoftware.openfire.auth;

import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import org.jivesoftware.database.DbConnectionManager;
import org.jivesoftware.openfire.XMPPServer;
import org.jivesoftware.openfire.user.UserNotFoundException;
import org.jivesoftware.util.JiveGlobals;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/jivesoftware/openfire/auth/DefaultAuthProvider.class */
public class DefaultAuthProvider implements AuthProvider {
    private static final Logger Log = LoggerFactory.getLogger(DefaultAuthProvider.class);
    private static final String LOAD_PASSWORD = "SELECT plainPassword,encryptedPassword FROM ofUser WHERE username=?";
    private static final String UPDATE_PASSWORD = "UPDATE ofUser SET plainPassword=?, encryptedPassword=? WHERE username=?";

    @Override // org.jivesoftware.openfire.auth.AuthProvider
    public void authenticate(String str, String str2) throws UnauthorizedException {
        if (str == null || str2 == null) {
            throw new UnauthorizedException();
        }
        String lowerCase = str.trim().toLowerCase();
        if (lowerCase.contains("@")) {
            int indexOf = lowerCase.indexOf("@");
            if (!lowerCase.substring(indexOf + 1).equals(XMPPServer.getInstance().getServerInfo().getXMPPDomain())) {
                throw new UnauthorizedException();
            }
            lowerCase = lowerCase.substring(0, indexOf);
        }
        try {
            if (str2.equals(getPassword(lowerCase))) {
            } else {
                throw new UnauthorizedException();
            }
        } catch (UserNotFoundException e) {
            throw new UnauthorizedException();
        }
    }

    @Override // org.jivesoftware.openfire.auth.AuthProvider
    public void authenticate(String str, String str2, String str3) throws UnauthorizedException {
        if (str == null || str2 == null || str3 == null) {
            throw new UnauthorizedException();
        }
        String lowerCase = str.trim().toLowerCase();
        if (lowerCase.contains("@")) {
            int indexOf = lowerCase.indexOf("@");
            if (!lowerCase.substring(indexOf + 1).equals(XMPPServer.getInstance().getServerInfo().getXMPPDomain())) {
                throw new UnauthorizedException();
            }
            lowerCase = lowerCase.substring(0, indexOf);
        }
        try {
            if (str3.equalsIgnoreCase(AuthFactory.createDigest(str2, getPassword(lowerCase)))) {
            } else {
                throw new UnauthorizedException();
            }
        } catch (UserNotFoundException e) {
            throw new UnauthorizedException();
        }
    }

    @Override // org.jivesoftware.openfire.auth.AuthProvider
    public boolean isPlainSupported() {
        return true;
    }

    @Override // org.jivesoftware.openfire.auth.AuthProvider
    public boolean isDigestSupported() {
        return true;
    }

    @Override // org.jivesoftware.openfire.auth.AuthProvider
    public String getPassword(String str) throws UserNotFoundException {
        if (!supportsPasswordRetrieval()) {
            throw new UnsupportedOperationException();
        }
        if (str.contains("@")) {
            int indexOf = str.indexOf("@");
            if (!str.substring(indexOf + 1).equals(XMPPServer.getInstance().getServerInfo().getXMPPDomain())) {
                throw new UserNotFoundException();
            }
            str = str.substring(0, indexOf);
        }
        try {
            try {
                Connection connection = DbConnectionManager.getConnection();
                PreparedStatement prepareStatement = connection.prepareStatement(LOAD_PASSWORD);
                prepareStatement.setString(1, str);
                ResultSet executeQuery = prepareStatement.executeQuery();
                if (!executeQuery.next()) {
                    throw new UserNotFoundException(str);
                }
                String string = executeQuery.getString(1);
                String string2 = executeQuery.getString(2);
                if (string2 != null) {
                    try {
                        String decryptPassword = AuthFactory.decryptPassword(string2);
                        DbConnectionManager.closeConnection(executeQuery, prepareStatement, connection);
                        return decryptPassword;
                    } catch (UnsupportedOperationException e) {
                    }
                }
                DbConnectionManager.closeConnection(executeQuery, prepareStatement, connection);
                return string;
            } catch (SQLException e2) {
                throw new UserNotFoundException(e2);
            }
        } catch (Throwable th) {
            DbConnectionManager.closeConnection(null, null, null);
            throw th;
        }
    }

    @Override // org.jivesoftware.openfire.auth.AuthProvider
    public void setPassword(String str, String str2) throws UserNotFoundException {
        boolean booleanProperty = JiveGlobals.getBooleanProperty("user.usePlainPassword");
        String str3 = null;
        if (str.contains("@")) {
            int indexOf = str.indexOf("@");
            if (!str.substring(indexOf + 1).equals(XMPPServer.getInstance().getServerInfo().getXMPPDomain())) {
                throw new UserNotFoundException();
            }
            str = str.substring(0, indexOf);
        }
        if (!booleanProperty) {
            try {
                str3 = AuthFactory.encryptPassword(str2);
                str2 = null;
            } catch (UnsupportedOperationException e) {
            }
        }
        Connection connection = null;
        PreparedStatement preparedStatement = null;
        try {
            try {
                connection = DbConnectionManager.getConnection();
                preparedStatement = connection.prepareStatement(UPDATE_PASSWORD);
                if (str2 == null) {
                    preparedStatement.setNull(1, 12);
                } else {
                    preparedStatement.setString(1, str2);
                }
                if (str3 == null) {
                    preparedStatement.setNull(2, 12);
                } else {
                    preparedStatement.setString(2, str3);
                }
                preparedStatement.setString(3, str);
                preparedStatement.executeUpdate();
                DbConnectionManager.closeConnection(preparedStatement, connection);
            } catch (SQLException e2) {
                throw new UserNotFoundException(e2);
            }
        } catch (Throwable th) {
            DbConnectionManager.closeConnection(preparedStatement, connection);
            throw th;
        }
    }

    @Override // org.jivesoftware.openfire.auth.AuthProvider
    public boolean supportsPasswordRetrieval() {
        return true;
    }
}
