package com.webify.wsf.client.subscriber.impl;

import com.ibm.ws.fabric.client.g11n.CatalogClientApiGlobalization;
import com.ibm.ws.fabric.support.g11n.MLMessage;
import com.ibm.ws.fabric.support.g11n.MultiLocale;
import com.ibm.ws.fabric.support.g11n.Translations;
import com.ibm.ws.fabric.support.g11n.logging.Log;
import com.webify.framework.support.security.Crypt;
import com.webify.wsf.client.query.ClientQueryAdmin;
import com.webify.wsf.client.subscriber.AuthenticationAdmin;
import com.webify.wsf.client.subscriber.Credentials;
import com.webify.wsf.client.subscriber.User;
import com.webify.wsf.client.subscriber.UserAdmin;
import com.webify.wsf.modelstore.adapter.AdapterObjectQuery;
import java.io.IOException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.List;
import org.apache.commons.codec.binary.Base64;

/* loaded from: input_file:lib/fabric-client-api.jar:com/webify/wsf/client/subscriber/impl/AuthenticationAdminImpl.class */
public class AuthenticationAdminImpl extends BaseSubscriberAdminImpl implements AuthenticationAdmin {
    private static final Translations TLNS = CatalogClientApiGlobalization.getTranslations();
    private static final Log log = CatalogClientApiGlobalization.getLog(AuthenticationAdminImpl.class);
    private ClientQueryAdmin _queryAdmin;
    private UserAdmin _userAdmin;

    public void setQueryAdmin(ClientQueryAdmin clientQueryAdmin) {
        this._queryAdmin = clientQueryAdmin;
    }

    public void setUserAdmin(UserAdmin userAdmin) {
        this._userAdmin = userAdmin;
    }

    @Override // com.webify.wsf.client.subscriber.AuthenticationAdmin
    public Credentials login(String str, String str2) {
        checkAssert(str != null, TLNS.getMLMessage("clientapi.subscriber.non-null-user-name").toString());
        checkAssert(str2 != null, TLNS.getMLMessage("clientapi.subscriber.non-null-password").toString());
        User findUserFromUsername = this._userAdmin.findUserFromUsername(str);
        if (findUserFromUsername == null) {
            MLMessage mLMessage = TLNS.getMLMessage("clientapi.subscriber.invalid-user-name");
            mLMessage.addArgument(str);
            log.info((MultiLocale) mLMessage);
            return null;
        }
        if (findUserFromUsername.isDisabled()) {
            MLMessage mLMessage2 = TLNS.getMLMessage("clientapi.subscriber.disabled-user");
            mLMessage2.addArgument(str);
            log.info((MultiLocale) mLMessage2);
            return null;
        }
        String str3 = str2;
        if (!Crypt.isPasswordEncrypted(str2)) {
            str3 = Crypt.encryptPassword(str2);
        }
        if (findUserFromUsername.getPassword().equals(str3)) {
            return new CredentialsImpl(findUserFromUsername);
        }
        log.info((MultiLocale) TLNS.getMLMessage("clientapi.subscriber.invalid-password"));
        return null;
    }

    @Override // com.webify.wsf.client.subscriber.AuthenticationAdmin
    public User login(String str, byte[] bArr) {
        AdapterObjectQuery newQuery = this._queryAdmin.newQuery("user from userId", "select ?user where (?user <rdf:type> <subscriber:User>)(?user <subscriber:userId> ?criteria)(?criteria <wsf:ilike> ?_0)using subscriber for <http://www.webifysolutions.com/2005/10/catalog/subscriber#>");
        newQuery.literalParam(str);
        List find = this._queryAdmin.find(newQuery);
        if (find.size() != 1) {
            if (find.size() != 0) {
                throw new IllegalStateException("Multiple users found with the same userId: " + find);
            }
            MLMessage mLMessage = TLNS.getMLMessage("clientapi.subscriber.invalid-user-name");
            mLMessage.addArgument(str);
            log.info((MultiLocale) mLMessage);
            return null;
        }
        User user = (User) find.iterator().next();
        if (user.isDisabled()) {
            MLMessage mLMessage2 = TLNS.getMLMessage("clientapi.subscriber.disabled-user");
            mLMessage2.addArgument(str);
            log.info((MultiLocale) mLMessage2);
            return null;
        }
        if (user.getPassword().equals(encryptPassword(bArr))) {
            return user;
        }
        log.info((MultiLocale) TLNS.getMLMessage("clientapi.subscriber.invalid-password"));
        return null;
    }

    private static String encryptPassword(byte[] bArr) throws SecurityException {
        try {
            String str = new String(Base64.encodeBase64(MessageDigest.getInstance("SHA").digest(bArr)), "UTF-8");
            if (str.charAt(str.length() - 1) == '=') {
                str = str.substring(0, str.length() - 4);
            }
            return str;
        } catch (IOException e) {
            MLMessage mLMessage = TLNS.getMLMessage("modelstore.support.password-encryption-error");
            mLMessage.addArgument(e);
            throw new SecurityException(mLMessage.toString());
        } catch (NoSuchAlgorithmException e2) {
            throw new SecurityException(TLNS.getMLMessage("modelstore.support.unavailable-encryption-algorithm-error").toString());
        }
    }

    @Override // com.webify.wsf.client.subscriber.AuthenticationAdmin
    public void logout(String str, String str2) {
    }
}
