package org.springframework.security.provisioning;

import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.Collection;
import java.util.Iterator;
import java.util.List;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.context.ApplicationContextException;
import org.springframework.dao.IncorrectResultSizeDataAccessException;
import org.springframework.jdbc.core.PreparedStatementSetter;
import org.springframework.jdbc.core.RowMapper;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserCache;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.cache.NullUserCache;
import org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl;
import org.springframework.util.Assert;

/* loaded from: input_file:fk-ui-war-3.0.15.war:WEB-INF/lib/spring-security-core-3.1.1.RELEASE.jar:org/springframework/security/provisioning/JdbcUserDetailsManager.class */
public class JdbcUserDetailsManager extends JdbcDaoImpl implements UserDetailsManager, GroupManager {
    public static final String DEF_CREATE_USER_SQL = "insert into users (username, password, enabled) values (?,?,?)";
    public static final String DEF_DELETE_USER_SQL = "delete from users where username = ?";
    public static final String DEF_UPDATE_USER_SQL = "update users set password = ?, enabled = ? where username = ?";
    public static final String DEF_INSERT_AUTHORITY_SQL = "insert into authorities (username, authority) values (?,?)";
    public static final String DEF_DELETE_USER_AUTHORITIES_SQL = "delete from authorities where username = ?";
    public static final String DEF_USER_EXISTS_SQL = "select username from users where username = ?";
    public static final String DEF_CHANGE_PASSWORD_SQL = "update users set password = ? where username = ?";
    public static final String DEF_FIND_GROUPS_SQL = "select group_name from groups";
    public static final String DEF_FIND_USERS_IN_GROUP_SQL = "select username from group_members gm, groups g where gm.group_id = g.id and g.group_name = ?";
    public static final String DEF_INSERT_GROUP_SQL = "insert into groups (group_name) values (?)";
    public static final String DEF_FIND_GROUP_ID_SQL = "select id from groups where group_name = ?";
    public static final String DEF_INSERT_GROUP_AUTHORITY_SQL = "insert into group_authorities (group_id, authority) values (?,?)";
    public static final String DEF_DELETE_GROUP_SQL = "delete from groups where id = ?";
    public static final String DEF_DELETE_GROUP_AUTHORITIES_SQL = "delete from group_authorities where group_id = ?";
    public static final String DEF_DELETE_GROUP_MEMBERS_SQL = "delete from group_members where group_id = ?";
    public static final String DEF_RENAME_GROUP_SQL = "update groups set group_name = ? where group_name = ?";
    public static final String DEF_INSERT_GROUP_MEMBER_SQL = "insert into group_members (group_id, username) values (?,?)";
    public static final String DEF_DELETE_GROUP_MEMBER_SQL = "delete from group_members where group_id = ? and username = ?";
    public static final String DEF_GROUP_AUTHORITIES_QUERY_SQL = "select g.id, g.group_name, ga.authority from groups g, group_authorities ga where g.group_name = ? and g.id = ga.group_id ";
    public static final String DEF_DELETE_GROUP_AUTHORITY_SQL = "delete from group_authorities where group_id = ? and authority = ?";
    private AuthenticationManager authenticationManager;
    protected final Log logger = LogFactory.getLog(getClass());
    private String createUserSql = DEF_CREATE_USER_SQL;
    private String deleteUserSql = DEF_DELETE_USER_SQL;
    private String updateUserSql = DEF_UPDATE_USER_SQL;
    private String createAuthoritySql = DEF_INSERT_AUTHORITY_SQL;
    private String deleteUserAuthoritiesSql = DEF_DELETE_USER_AUTHORITIES_SQL;
    private String userExistsSql = DEF_USER_EXISTS_SQL;
    private String changePasswordSql = DEF_CHANGE_PASSWORD_SQL;
    private String findAllGroupsSql = DEF_FIND_GROUPS_SQL;
    private String findUsersInGroupSql = DEF_FIND_USERS_IN_GROUP_SQL;
    private String insertGroupSql = DEF_INSERT_GROUP_SQL;
    private String findGroupIdSql = DEF_FIND_GROUP_ID_SQL;
    private String insertGroupAuthoritySql = DEF_INSERT_GROUP_AUTHORITY_SQL;
    private String deleteGroupSql = DEF_DELETE_GROUP_SQL;
    private String deleteGroupAuthoritiesSql = DEF_DELETE_GROUP_AUTHORITIES_SQL;
    private String deleteGroupMembersSql = DEF_DELETE_GROUP_MEMBERS_SQL;
    private String renameGroupSql = DEF_RENAME_GROUP_SQL;
    private String insertGroupMemberSql = DEF_INSERT_GROUP_MEMBER_SQL;
    private String deleteGroupMemberSql = DEF_DELETE_GROUP_MEMBER_SQL;
    private String groupAuthoritiesSql = DEF_GROUP_AUTHORITIES_QUERY_SQL;
    private String deleteGroupAuthoritySql = DEF_DELETE_GROUP_AUTHORITY_SQL;
    private UserCache userCache = new NullUserCache();

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl, org.springframework.dao.support.DaoSupport
    public void initDao() throws ApplicationContextException {
        if (this.authenticationManager == null) {
            this.logger.info("No authentication manager set. Reauthentication of users when changing passwords will not be performed.");
        }
        super.initDao();
    }

    @Override // org.springframework.security.provisioning.UserDetailsManager
    public void createUser(final UserDetails userDetails) {
        validateUserDetails(userDetails);
        getJdbcTemplate().update(this.createUserSql, new PreparedStatementSetter() { // from class: org.springframework.security.provisioning.JdbcUserDetailsManager.1
            @Override // org.springframework.jdbc.core.PreparedStatementSetter
            public void setValues(PreparedStatement preparedStatement) throws SQLException {
                preparedStatement.setString(1, userDetails.getUsername());
                preparedStatement.setString(2, userDetails.getPassword());
                preparedStatement.setBoolean(3, userDetails.isEnabled());
            }
        });
        if (getEnableAuthorities()) {
            insertUserAuthorities(userDetails);
        }
    }

    @Override // org.springframework.security.provisioning.UserDetailsManager
    public void updateUser(final UserDetails userDetails) {
        validateUserDetails(userDetails);
        getJdbcTemplate().update(this.updateUserSql, new PreparedStatementSetter() { // from class: org.springframework.security.provisioning.JdbcUserDetailsManager.2
            @Override // org.springframework.jdbc.core.PreparedStatementSetter
            public void setValues(PreparedStatement preparedStatement) throws SQLException {
                preparedStatement.setString(1, userDetails.getPassword());
                preparedStatement.setBoolean(2, userDetails.isEnabled());
                preparedStatement.setString(3, userDetails.getUsername());
            }
        });
        if (getEnableAuthorities()) {
            deleteUserAuthorities(userDetails.getUsername());
            insertUserAuthorities(userDetails);
        }
        this.userCache.removeUserFromCache(userDetails.getUsername());
    }

    private void insertUserAuthorities(UserDetails userDetails) {
        Iterator<? extends GrantedAuthority> it = userDetails.getAuthorities().iterator();
        while (it.hasNext()) {
            getJdbcTemplate().update(this.createAuthoritySql, userDetails.getUsername(), it.next().getAuthority());
        }
    }

    @Override // org.springframework.security.provisioning.UserDetailsManager
    public void deleteUser(String str) {
        if (getEnableAuthorities()) {
            deleteUserAuthorities(str);
        }
        getJdbcTemplate().update(this.deleteUserSql, str);
        this.userCache.removeUserFromCache(str);
    }

    private void deleteUserAuthorities(String str) {
        getJdbcTemplate().update(this.deleteUserAuthoritiesSql, str);
    }

    @Override // org.springframework.security.provisioning.UserDetailsManager
    public void changePassword(String str, String str2) throws AuthenticationException {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication == null) {
            throw new AccessDeniedException("Can't change password as no Authentication object found in context for current user.");
        }
        String name = authentication.getName();
        if (this.authenticationManager != null) {
            this.logger.debug("Reauthenticating user '" + name + "' for password change request.");
            this.authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(name, str));
        } else {
            this.logger.debug("No authentication manager set. Password won't be re-checked.");
        }
        this.logger.debug("Changing password for user '" + name + "'");
        getJdbcTemplate().update(this.changePasswordSql, str2, name);
        SecurityContextHolder.getContext().setAuthentication(createNewAuthentication(authentication, str2));
        this.userCache.removeUserFromCache(name);
    }

    protected Authentication createNewAuthentication(Authentication authentication, String str) {
        UserDetails loadUserByUsername = loadUserByUsername(authentication.getName());
        UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken(loadUserByUsername, loadUserByUsername.getPassword(), loadUserByUsername.getAuthorities());
        usernamePasswordAuthenticationToken.setDetails(authentication.getDetails());
        return usernamePasswordAuthenticationToken;
    }

    @Override // org.springframework.security.provisioning.UserDetailsManager
    public boolean userExists(String str) {
        List queryForList = getJdbcTemplate().queryForList(this.userExistsSql, new String[]{str}, String.class);
        if (queryForList.size() > 1) {
            throw new IncorrectResultSizeDataAccessException("More than one user found with name '" + str + "'", 1);
        }
        return queryForList.size() == 1;
    }

    @Override // org.springframework.security.provisioning.GroupManager
    public List<String> findAllGroups() {
        return getJdbcTemplate().queryForList(this.findAllGroupsSql, String.class);
    }

    @Override // org.springframework.security.provisioning.GroupManager
    public List<String> findUsersInGroup(String str) {
        Assert.hasText(str);
        return getJdbcTemplate().queryForList(this.findUsersInGroupSql, new String[]{str}, String.class);
    }

    @Override // org.springframework.security.provisioning.GroupManager
    public void createGroup(String str, List<GrantedAuthority> list) {
        Assert.hasText(str);
        Assert.notNull(list);
        this.logger.debug("Creating new group '" + str + "' with authorities " + AuthorityUtils.authorityListToSet(list));
        getJdbcTemplate().update(this.insertGroupSql, str);
        final int findGroupId = findGroupId(str);
        Iterator<GrantedAuthority> it = list.iterator();
        while (it.hasNext()) {
            final String authority = it.next().getAuthority();
            getJdbcTemplate().update(this.insertGroupAuthoritySql, new PreparedStatementSetter() { // from class: org.springframework.security.provisioning.JdbcUserDetailsManager.3
                @Override // org.springframework.jdbc.core.PreparedStatementSetter
                public void setValues(PreparedStatement preparedStatement) throws SQLException {
                    preparedStatement.setInt(1, findGroupId);
                    preparedStatement.setString(2, authority);
                }
            });
        }
    }

    @Override // org.springframework.security.provisioning.GroupManager
    public void deleteGroup(String str) {
        this.logger.debug("Deleting group '" + str + "'");
        Assert.hasText(str);
        final int findGroupId = findGroupId(str);
        PreparedStatementSetter preparedStatementSetter = new PreparedStatementSetter() { // from class: org.springframework.security.provisioning.JdbcUserDetailsManager.4
            @Override // org.springframework.jdbc.core.PreparedStatementSetter
            public void setValues(PreparedStatement preparedStatement) throws SQLException {
                preparedStatement.setInt(1, findGroupId);
            }
        };
        getJdbcTemplate().update(this.deleteGroupMembersSql, preparedStatementSetter);
        getJdbcTemplate().update(this.deleteGroupAuthoritiesSql, preparedStatementSetter);
        getJdbcTemplate().update(this.deleteGroupSql, preparedStatementSetter);
    }

    @Override // org.springframework.security.provisioning.GroupManager
    public void renameGroup(String str, String str2) {
        this.logger.debug("Changing group name from '" + str + "' to '" + str2 + "'");
        Assert.hasText(str);
        Assert.hasText(str2);
        getJdbcTemplate().update(this.renameGroupSql, str2, str);
    }

    @Override // org.springframework.security.provisioning.GroupManager
    public void addUserToGroup(final String str, String str2) {
        this.logger.debug("Adding user '" + str + "' to group '" + str2 + "'");
        Assert.hasText(str);
        Assert.hasText(str2);
        final int findGroupId = findGroupId(str2);
        getJdbcTemplate().update(this.insertGroupMemberSql, new PreparedStatementSetter() { // from class: org.springframework.security.provisioning.JdbcUserDetailsManager.5
            @Override // org.springframework.jdbc.core.PreparedStatementSetter
            public void setValues(PreparedStatement preparedStatement) throws SQLException {
                preparedStatement.setInt(1, findGroupId);
                preparedStatement.setString(2, str);
            }
        });
        this.userCache.removeUserFromCache(str);
    }

    @Override // org.springframework.security.provisioning.GroupManager
    public void removeUserFromGroup(final String str, String str2) {
        this.logger.debug("Removing user '" + str + "' to group '" + str2 + "'");
        Assert.hasText(str);
        Assert.hasText(str2);
        final int findGroupId = findGroupId(str2);
        getJdbcTemplate().update(this.deleteGroupMemberSql, new PreparedStatementSetter() { // from class: org.springframework.security.provisioning.JdbcUserDetailsManager.6
            @Override // org.springframework.jdbc.core.PreparedStatementSetter
            public void setValues(PreparedStatement preparedStatement) throws SQLException {
                preparedStatement.setInt(1, findGroupId);
                preparedStatement.setString(2, str);
            }
        });
        this.userCache.removeUserFromCache(str);
    }

    @Override // org.springframework.security.provisioning.GroupManager
    public List<GrantedAuthority> findGroupAuthorities(String str) {
        this.logger.debug("Loading authorities for group '" + str + "'");
        Assert.hasText(str);
        return getJdbcTemplate().query(this.groupAuthoritiesSql, new String[]{str}, new RowMapper<GrantedAuthority>() { // from class: org.springframework.security.provisioning.JdbcUserDetailsManager.7
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // org.springframework.jdbc.core.RowMapper
            public GrantedAuthority mapRow(ResultSet resultSet, int i) throws SQLException {
                return new SimpleGrantedAuthority(JdbcUserDetailsManager.this.getRolePrefix() + resultSet.getString(3));
            }
        });
    }

    @Override // org.springframework.security.provisioning.GroupManager
    public void removeGroupAuthority(String str, final GrantedAuthority grantedAuthority) {
        this.logger.debug("Removing authority '" + grantedAuthority + "' from group '" + str + "'");
        Assert.hasText(str);
        Assert.notNull(grantedAuthority);
        final int findGroupId = findGroupId(str);
        getJdbcTemplate().update(this.deleteGroupAuthoritySql, new PreparedStatementSetter() { // from class: org.springframework.security.provisioning.JdbcUserDetailsManager.8
            @Override // org.springframework.jdbc.core.PreparedStatementSetter
            public void setValues(PreparedStatement preparedStatement) throws SQLException {
                preparedStatement.setInt(1, findGroupId);
                preparedStatement.setString(2, grantedAuthority.getAuthority());
            }
        });
    }

    @Override // org.springframework.security.provisioning.GroupManager
    public void addGroupAuthority(String str, final GrantedAuthority grantedAuthority) {
        this.logger.debug("Adding authority '" + grantedAuthority + "' to group '" + str + "'");
        Assert.hasText(str);
        Assert.notNull(grantedAuthority);
        final int findGroupId = findGroupId(str);
        getJdbcTemplate().update(this.insertGroupAuthoritySql, new PreparedStatementSetter() { // from class: org.springframework.security.provisioning.JdbcUserDetailsManager.9
            @Override // org.springframework.jdbc.core.PreparedStatementSetter
            public void setValues(PreparedStatement preparedStatement) throws SQLException {
                preparedStatement.setInt(1, findGroupId);
                preparedStatement.setString(2, grantedAuthority.getAuthority());
            }
        });
    }

    private int findGroupId(String str) {
        return getJdbcTemplate().queryForInt(this.findGroupIdSql, str);
    }

    public void setAuthenticationManager(AuthenticationManager authenticationManager) {
        this.authenticationManager = authenticationManager;
    }

    public void setCreateUserSql(String str) {
        Assert.hasText(str);
        this.createUserSql = str;
    }

    public void setDeleteUserSql(String str) {
        Assert.hasText(str);
        this.deleteUserSql = str;
    }

    public void setUpdateUserSql(String str) {
        Assert.hasText(str);
        this.updateUserSql = str;
    }

    public void setCreateAuthoritySql(String str) {
        Assert.hasText(str);
        this.createAuthoritySql = str;
    }

    public void setDeleteUserAuthoritiesSql(String str) {
        Assert.hasText(str);
        this.deleteUserAuthoritiesSql = str;
    }

    public void setUserExistsSql(String str) {
        Assert.hasText(str);
        this.userExistsSql = str;
    }

    public void setChangePasswordSql(String str) {
        Assert.hasText(str);
        this.changePasswordSql = str;
    }

    public void setFindAllGroupsSql(String str) {
        Assert.hasText(str);
        this.findAllGroupsSql = str;
    }

    public void setFindUsersInGroupSql(String str) {
        Assert.hasText(str);
        this.findUsersInGroupSql = str;
    }

    public void setInsertGroupSql(String str) {
        Assert.hasText(str);
        this.insertGroupSql = str;
    }

    public void setFindGroupIdSql(String str) {
        Assert.hasText(str);
        this.findGroupIdSql = str;
    }

    public void setInsertGroupAuthoritySql(String str) {
        Assert.hasText(str);
        this.insertGroupAuthoritySql = str;
    }

    public void setDeleteGroupSql(String str) {
        Assert.hasText(str);
        this.deleteGroupSql = str;
    }

    public void setDeleteGroupAuthoritiesSql(String str) {
        Assert.hasText(str);
        this.deleteGroupAuthoritiesSql = str;
    }

    public void setDeleteGroupMembersSql(String str) {
        Assert.hasText(str);
        this.deleteGroupMembersSql = str;
    }

    public void setRenameGroupSql(String str) {
        Assert.hasText(str);
        this.renameGroupSql = str;
    }

    public void setInsertGroupMemberSql(String str) {
        Assert.hasText(str);
        this.insertGroupMemberSql = str;
    }

    public void setDeleteGroupMemberSql(String str) {
        Assert.hasText(str);
        this.deleteGroupMemberSql = str;
    }

    public void setGroupAuthoritiesSql(String str) {
        Assert.hasText(str);
        this.groupAuthoritiesSql = str;
    }

    public void setDeleteGroupAuthoritySql(String str) {
        Assert.hasText(str);
        this.deleteGroupAuthoritySql = str;
    }

    public void setUserCache(UserCache userCache) {
        Assert.notNull(userCache, "userCache cannot be null");
        this.userCache = userCache;
    }

    private void validateUserDetails(UserDetails userDetails) {
        Assert.hasText(userDetails.getUsername(), "Username may not be empty or null");
        validateAuthorities(userDetails.getAuthorities());
    }

    private void validateAuthorities(Collection<? extends GrantedAuthority> collection) {
        Assert.notNull(collection, "Authorities list must not be null");
        for (GrantedAuthority grantedAuthority : collection) {
            Assert.notNull(grantedAuthority, "Authorities list contains a null entry");
            Assert.hasText(grantedAuthority.getAuthority(), "getAuthority() method must return a non-empty string");
        }
    }
}
