package fr.gouv.finances.cp.xemelios.auth.dgcp;

import fr.gouv.finances.cp.xemelios.Splash;
import fr.gouv.finances.cp.xemelios.auth.AbstractAuthenticationManager;
import fr.gouv.finances.cp.xemelios.auth.AuthChecker;
import fr.gouv.finances.cp.xemelios.auth.AuthProvider;
import fr.gouv.finances.cp.xemelios.auth.AuthenticationCancelationException;
import fr.gouv.finances.cp.xemelios.auth.AuthenticationConfigurationException;
import fr.gouv.finances.cp.xemelios.auth.XemeliosUser;
import fr.gouv.finances.cp.xemelios.common.Crypter;
import fr.gouv.finances.cp.xemelios.data.DataAccessException;
import fr.gouv.finances.cp.xemelios.data.DataConfigurationException;
import fr.gouv.finances.cp.xemelios.data.DataLayerManager;
import fr.gouv.finances.cp.xemelios.data.impl.MySqlDataLayer;
import fr.gouv.finances.cp.xemelios.ui.MainWindow;
import java.awt.event.ActionEvent;
import java.awt.event.ActionListener;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.Hashtable;
import java.util.Properties;
import javax.naming.AuthenticationException;
import javax.naming.NamingException;
import javax.naming.directory.InitialDirContext;
import javax.swing.JMenu;
import javax.swing.JMenuBar;
import javax.swing.JMenuItem;
import org.apache.log4j.Logger;

/* loaded from: input_file:fr/gouv/finances/cp/xemelios/auth/dgcp/Manager.class */
public class Manager extends AbstractAuthenticationManager implements AuthChecker {
    private static final transient String LDAP_SERVICE_PROVIDER = "auth.ldap.service.provider";
    private static final transient String LDAP_SERVER_URL = "auth.ldap.server.url";
    public static final transient String LDAP_BASE_DN = "auth.ldap.userDn";
    private static Logger logger = Logger.getLogger(Manager.class);
    private String serviceProvider;
    private String ldapUrl;
    private String baseDn;
    private AuthProvider provider = null;

    public Manager(MainWindow mainWindow) throws AuthenticationConfigurationException, AuthenticationCancelationException {
        setMainWindow(mainWindow);
        try {
            if (!(DataLayerManager.getImplementation() instanceof MySqlDataLayer)) {
                throw new AuthenticationConfigurationException(getAuthenticationManagerName() + " can run only with mysql data layer");
            }
            MySqlDataLayer mySqlDataLayer = null;
            PreparedStatement preparedStatement = null;
            try {
                try {
                    MySqlDataLayer implementation = DataLayerManager.getImplementation();
                    Connection connection = implementation.getConnection();
                    connection.createStatement().executeUpdate("CREATE TABLE IF NOT EXISTS DGCP_USERS (LOGIN VARCHAR(24) NOT NULL, PASSWORD VARCHAR(128), ACCESS INT, CONSTRAINT UN_LOGIN UNIQUE (LOGIN))");
                    ResultSet executeQuery = connection.createStatement().executeQuery("SELECT COUNT(*) FROM DGCP_USERS");
                    if (executeQuery.next() && executeQuery.getInt(1) == 0) {
                        if (getMainWindow().getStartListener() instanceof Splash) {
                            Splash startListener = getMainWindow().getStartListener();
                            startListener.setAlwaysOnTop(false);
                            startListener.setVisible(false);
                        }
                        NewAdmin newAdmin = new NewAdmin(getMainWindow());
                        boolean run = newAdmin.run();
                        if (getMainWindow().getStartListener() instanceof Splash) {
                            Splash startListener2 = getMainWindow().getStartListener();
                            startListener2.setVisible(true);
                            startListener2.setAlwaysOnTop(true);
                        }
                        if (!run) {
                            throw new AuthenticationCancelationException("Action interrompue");
                        }
                        String newPassword = newAdmin.getNewPassword();
                        String newLogin = newAdmin.getNewLogin();
                        preparedStatement = connection.prepareStatement("INSERT INTO DGCP_USERS(LOGIN,PASSWORD,ACCESS) VALUES (?,?,?)");
                        preparedStatement.setString(1, newLogin);
                        preparedStatement.setString(2, Crypter.cryptPassword(newPassword));
                        preparedStatement.setInt(3, 65535);
                        preparedStatement.executeUpdate();
                    }
                    if (preparedStatement != null) {
                        try {
                            preparedStatement.close();
                        } catch (Throwable th) {
                        }
                    }
                    if (connection != null) {
                        implementation.releaseConnection(connection);
                    }
                } catch (Throwable th2) {
                    if (0 != 0) {
                        try {
                            preparedStatement.close();
                        } catch (Throwable th3) {
                        }
                    }
                    if (0 != 0) {
                        mySqlDataLayer.releaseConnection((Connection) null);
                    }
                    throw th2;
                }
            } catch (SQLException e) {
                throw new AuthenticationConfigurationException(e);
            }
        } catch (DataConfigurationException e2) {
        }
    }

    public boolean authenticate(XemeliosUser xemeliosUser) throws DataAccessException, AuthenticationConfigurationException {
        try {
            boolean authenticateLDAP = authenticateLDAP(xemeliosUser);
            logger.debug("LDAP->" + (authenticateLDAP ? "OK" : "failed"));
            if (authenticateLDAP) {
                authenticateSQL(xemeliosUser);
            } else if (isAdmin(xemeliosUser)) {
                logger.debug(xemeliosUser.getId() + " is admin");
                authenticateLDAP = authenticateSQL(xemeliosUser);
            }
            if (xemeliosUser.isAllowedTo((String) null, 1) && xemeliosUser.isAllowedTo((String) null, DgcpUser.ROLE_ADMIN)) {
                insertAdminMenu();
            }
            return authenticateLDAP && xemeliosUser.isAllowedTo((String) null, 1);
        } catch (DataConfigurationException e) {
            throw new AuthenticationConfigurationException(e);
        }
    }

    public AuthChecker getChecker() {
        return this;
    }

    public AuthProvider getProvider() {
        if (this.provider == null) {
            this.provider = new DgcpProvider(getMainWindow());
        }
        return this.provider;
    }

    public String getAuthenticationManagerName() {
        return "Authentification réseau DGCP";
    }

    protected boolean authenticateLDAP(XemeliosUser xemeliosUser) throws DataConfigurationException, AuthenticationConfigurationException {
        if (!(xemeliosUser instanceof DgcpUser)) {
            throw new DataConfigurationException("can only authenticate DcgpUser");
        }
        DgcpUser dgcpUser = (DgcpUser) xemeliosUser;
        Hashtable hashtable = new Hashtable();
        if (this.serviceProvider == null) {
            throw new NullPointerException("you must configure service provider in " + System.getProperty("xemelios.authentication.config.filename") + " - " + LDAP_SERVICE_PROVIDER);
        }
        if (this.ldapUrl == null) {
            throw new NullPointerException("You must configure ldap server url in " + System.getProperty("xemelios.authentication.config.filename") + " - " + LDAP_SERVER_URL);
        }
        hashtable.put("java.naming.factory.initial", this.serviceProvider);
        hashtable.put("java.naming.provider.url", this.ldapUrl);
        hashtable.put("java.naming.security.authentication", "simple");
        hashtable.put("java.naming.security.principal", this.baseDn.replaceAll("%LOGIN%", xemeliosUser.getId()));
        hashtable.put("java.naming.security.credentials", dgcpUser.getPassword());
        try {
            new InitialDirContext(hashtable).close();
            logger.debug("authenticated");
            dgcpUser.setAuthenticated(true);
            return true;
        } catch (AuthenticationException e) {
            logger.debug("authentication failed");
            return false;
        } catch (NamingException e2) {
            logger.warn(e2.getMessage());
            return false;
        }
    }

    protected boolean authenticateSQL(XemeliosUser xemeliosUser) throws DataConfigurationException, DataAccessException {
        MySqlDataLayer implementation = DataLayerManager.getImplementation();
        if (!(implementation instanceof MySqlDataLayer)) {
            throw new DataConfigurationException(getAuthenticationManagerName() + " can only deal with MySql data layer");
        }
        if (!(xemeliosUser instanceof DgcpUser)) {
            throw new DataConfigurationException(getAuthenticationManagerName() + " can only authenticate DgcpUser");
        }
        DgcpUser dgcpUser = (DgcpUser) xemeliosUser;
        MySqlDataLayer mySqlDataLayer = implementation;
        PreparedStatement preparedStatement = null;
        try {
            try {
                Connection connection = mySqlDataLayer.getConnection();
                PreparedStatement prepareStatement = connection.prepareStatement("SELECT ACCESS FROM DGCP_USERS WHERE LOGIN=? AND PASSWORD=?");
                prepareStatement.setString(1, dgcpUser.getId());
                prepareStatement.setString(2, Crypter.cryptPassword(dgcpUser.getPassword()));
                ResultSet executeQuery = prepareStatement.executeQuery();
                if (executeQuery.next()) {
                    dgcpUser.setAuth(executeQuery.getInt(1));
                    dgcpUser.setAuthenticated(true);
                    executeQuery.close();
                } else {
                    prepareStatement.close();
                    prepareStatement = connection.prepareStatement("SELECT ACCESS FROM DGCP_USERS WHERE LOGIN=? AND PASSWORD IS NULL");
                    prepareStatement.setString(1, xemeliosUser.getId());
                    ResultSet executeQuery2 = prepareStatement.executeQuery();
                    if (executeQuery2.next()) {
                        dgcpUser.setAuth(executeQuery2.getInt(1));
                    } else if (dgcpUser.isAuthenticated()) {
                        executeQuery2.close();
                        prepareStatement.close();
                        prepareStatement = connection.prepareStatement("INSERT INTO DGCP_USERS (LOGIN,ACCESS) VALUES (?,?)");
                        prepareStatement.setString(1, dgcpUser.getId());
                        prepareStatement.setInt(2, 113);
                        prepareStatement.executeUpdate();
                    }
                }
                if (prepareStatement != null) {
                    try {
                        prepareStatement.close();
                    } catch (Throwable th) {
                    }
                }
                if (connection != null) {
                    mySqlDataLayer.releaseConnection(connection);
                }
                dgcpUser.setPassword(null);
                return dgcpUser.isAuthenticated();
            } catch (SQLException e) {
                throw new DataAccessException(e);
            }
        } catch (Throwable th2) {
            if (0 != 0) {
                try {
                    preparedStatement.close();
                } catch (Throwable th3) {
                }
            }
            if (0 != 0) {
                mySqlDataLayer.releaseConnection((Connection) null);
            }
            dgcpUser.setPassword(null);
            throw th2;
        }
    }

    protected boolean isAdmin(XemeliosUser xemeliosUser) throws DataConfigurationException, DataAccessException {
        MySqlDataLayer implementation = DataLayerManager.getImplementation();
        if (!(implementation instanceof MySqlDataLayer)) {
            throw new DataConfigurationException(getAuthenticationManagerName() + " can only deal with MySql data layer");
        }
        MySqlDataLayer mySqlDataLayer = implementation;
        Connection connection = null;
        PreparedStatement preparedStatement = null;
        boolean z = false;
        try {
            try {
                connection = mySqlDataLayer.getConnection();
                preparedStatement = connection.prepareStatement("SELECT ACCESS FROM DGCP_USERS WHERE LOGIN=?");
                preparedStatement.setString(1, xemeliosUser.getId());
                ResultSet executeQuery = preparedStatement.executeQuery();
                if (executeQuery.next()) {
                    z = (4096 & executeQuery.getInt(1)) > 0;
                    executeQuery.close();
                }
                if (preparedStatement != null) {
                    try {
                        preparedStatement.close();
                    } catch (Throwable th) {
                    }
                }
                if (connection != null) {
                    mySqlDataLayer.releaseConnection(connection);
                }
                return z;
            } catch (SQLException e) {
                throw new DataAccessException(e);
            }
        } catch (Throwable th2) {
            if (preparedStatement != null) {
                try {
                    preparedStatement.close();
                } catch (Throwable th3) {
                }
            }
            if (connection != null) {
                mySqlDataLayer.releaseConnection(connection);
            }
            throw th2;
        }
    }

    public void setProperties(Properties properties) {
        super.setProperties(properties);
        this.serviceProvider = properties.getProperty(LDAP_SERVICE_PROVIDER);
        this.ldapUrl = properties.getProperty(LDAP_SERVER_URL);
        this.baseDn = properties.getProperty(LDAP_BASE_DN);
    }

    protected void insertAdminMenu() {
        logger.info("in insertAdminMenu");
        JMenu jMenu = new JMenu("Administration");
        JMenuItem jMenuItem = new JMenuItem("Gestion des utlisateurs...");
        jMenuItem.addActionListener(new ActionListener() { // from class: fr.gouv.finances.cp.xemelios.auth.dgcp.Manager.1
            public void actionPerformed(ActionEvent actionEvent) {
                new DlgAdminUsers(Manager.this.getMainWindow());
            }
        });
        jMenu.add(jMenuItem);
        JMenuBar jMenuBar = getMainWindow().getJMenuBar();
        JMenu menu = jMenuBar.getMenu(jMenuBar.getMenuCount() - 1);
        jMenuBar.add(jMenu);
        jMenuBar.add(menu);
        getMainWindow().setJMenuBar(jMenuBar);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void updateAuthUser(DgcpUser dgcpUser) {
        try {
            MySqlDataLayer implementation = DataLayerManager.getImplementation();
            if (!(implementation instanceof MySqlDataLayer)) {
                throw new DataConfigurationException(getAuthenticationManagerName() + " can only deal with MySql data layer");
            }
            MySqlDataLayer mySqlDataLayer = implementation;
            Connection connection = null;
            PreparedStatement preparedStatement = null;
            try {
                try {
                    connection = mySqlDataLayer.getConnection();
                    preparedStatement = connection.prepareStatement("UPDATE DGCP_USERS SET ACCESS=? WHERE LOGIN=?");
                    preparedStatement.setInt(1, dgcpUser.getAuth(null));
                    preparedStatement.setString(2, dgcpUser.getId());
                    preparedStatement.executeUpdate();
                    if (preparedStatement != null) {
                        try {
                            preparedStatement.close();
                        } catch (Throwable th) {
                        }
                    }
                    if (connection != null) {
                        mySqlDataLayer.releaseConnection(connection);
                    }
                } catch (Throwable th2) {
                    if (preparedStatement != null) {
                        try {
                            preparedStatement.close();
                        } catch (Throwable th3) {
                        }
                    }
                    if (connection != null) {
                        mySqlDataLayer.releaseConnection(connection);
                    }
                    throw th2;
                }
            } catch (SQLException e) {
                e.printStackTrace();
                if (preparedStatement != null) {
                    try {
                        preparedStatement.close();
                    } catch (Throwable th4) {
                    }
                }
                if (connection != null) {
                    mySqlDataLayer.releaseConnection(connection);
                }
            }
        } catch (Throwable th5) {
            th5.printStackTrace();
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean create(DgcpUser dgcpUser) {
        MySqlDataLayer implementation;
        boolean z = false;
        try {
            implementation = DataLayerManager.getImplementation();
        } catch (Throwable th) {
        }
        if (!(implementation instanceof MySqlDataLayer)) {
            throw new DataConfigurationException(getAuthenticationManagerName() + " can only deal with MySql data layer");
        }
        try {
            PreparedStatement prepareStatement = implementation.getConnection().prepareStatement("INSERT INTO DGCP_USERS (LOGIN,ACCESS) VALUES (?,?)");
            prepareStatement.setString(1, dgcpUser.getId());
            prepareStatement.setInt(2, dgcpUser.getAuth(null));
            prepareStatement.executeUpdate();
            z = true;
        } catch (SQLException e) {
            e.printStackTrace();
        }
        return z;
    }
}
