package com.apusic.aas.security.common;

import com.apusic.aas.security.entity.DBResource;
import com.apusic.aas.security.entity.DBRole;
import com.apusic.aas.security.entity.DBRoleResource;
import com.apusic.aas.security.entity.DBUser;
import com.apusic.aas.security.entity.DBUserRole;
import com.apusic.aas.security.service.impl.DBResourceServiceImpl;
import com.apusic.aas.security.service.impl.DBRoleResourceServiceImpl;
import com.apusic.aas.security.service.impl.DBRoleServiceImpl;
import com.apusic.aas.security.service.impl.DBUserRoleServiceImpl;
import com.apusic.aas.security.service.impl.DBUserServiceImpl;
import com.apusic.aas.server.ServerEnvironmentImpl;
import com.sun.enterprise.universal.ApusicBase64Decoder;
import com.sun.enterprise.universal.ApusicBase64Encoder;
import com.sun.enterprise.util.SystemPropertyConstants;
import com.sun.enterprise.util.Utility;
import com.sun.enterprise.util.i18n.StringManager;
import java.io.File;
import java.io.IOException;
import java.nio.charset.Charset;
import java.security.SecureRandom;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import java.util.StringTokenizer;
import java.util.logging.Logger;
import java.util.regex.Pattern;

/* loaded from: input_file:com/apusic/aas/security/common/DBUtil.class */
public class DBUtil {
    private static DBUserServiceImpl dbUserService;
    private static DBUserRoleServiceImpl dbUserRoleService;
    private static DBRoleServiceImpl dbRoleService;
    private static DBRoleResourceServiceImpl dbRoleResourceService;
    private static DBResourceServiceImpl dbResourceService;
    private static final String SAVED_ROLE = "Saved_Role";
    private static final StringManager strings;
    private static final int SALT_SIZE = 8;
    private static final String ALGO_SHA256 = "SHA-256";
    private static ApusicBase64Encoder encoder;
    private static ApusicBase64Decoder decoder;
    private static final StringManager sm;
    private static Logger logger;
    static final /* synthetic */ boolean $assertionsDisabled;

    public static byte[] computeUserPwdHash(byte[] bArr, char[] cArr, String str) {
        try {
            return SSHA.compute(bArr, Utility.convertCharArrayToByteArray(cArr, Charset.defaultCharset().displayName()), str);
        } catch (Exception e) {
            throw new IllegalArgumentException(e);
        }
    }

    public static Boolean isRightPwd(DBUser dBUser, char[] cArr) throws IOException {
        boolean z = false;
        byte[] decodeBuffer = decoder.decodeBuffer(dBUser.getSalt());
        String pwdHash = dBUser.getPwdHash();
        String encode = encoder.encode(computeUserPwdHash(decodeBuffer, cArr, dBUser.getAlgorithm()));
        if (pwdHash != null && encode != null && pwdHash.equals(encode)) {
            z = true;
        }
        return Boolean.valueOf(z);
    }

    public static Boolean authenticate(DBUser dBUser, char[] cArr) {
        if (dBUser == null) {
            return false;
        }
        try {
            return Boolean.valueOf(SSHA.verify(decoder.decodeBuffer(dBUser.getSalt()), decoder.decodeBuffer(dBUser.getPwdHash()), Utility.convertCharArrayToByteArray(cArr, Charset.defaultCharset().displayName()), dBUser.getAlgorithm()));
        } catch (Exception e) {
            return false;
        }
    }

    public static synchronized boolean updateUser(String str, String str2, char[] cArr, String str3) throws IllegalArgumentException, IOException {
        return updateUser(str, str2, cArr, str3, null);
    }

    public static synchronized boolean updateUser(String str, String str2, char[] cArr, String str3, String str4) throws IllegalArgumentException, IOException {
        new DBUser();
        new DBRole();
        validateUserName(str);
        DBUser findUserByName = dbUserService.findUserByName(str);
        if (findUserByName == null) {
            throw new IllegalArgumentException(strings.getString("filerealm.nouser", str));
        }
        validateUserName(str2);
        validateRoleName2(str3);
        if (cArr != null) {
            validatePassword(cArr);
        }
        if (!str.equals(str2) && findUserByName != null) {
            throw new IllegalArgumentException(strings.getString("filerealm.dupuser", str));
        }
        DBRole findRoleByName = dbRoleService.findRoleByName(str3);
        if (str3 != null && findRoleByName.getRoleId() != null) {
            DBUserRole findUserRoleByUserName = dbUserRoleService.findUserRoleByUserName(str);
            if (findUserRoleByUserName.getUserRoleId() != null) {
                dbUserRoleService.deleteUserRole(findUserRoleByUserName);
            }
            dbUserRoleService.addUserRole(new DBUserRole(findUserByName.getUserId(), findUserByName.getUserName(), findRoleByName.getRoleId(), findRoleByName.getRoleName()));
        }
        if (cArr != null) {
            setPassword(findUserByName, cArr);
            findUserByName.setAlgorithm("SHA-256");
        } else if (findUserByName.getAlgorithm().equals("RESET")) {
            findUserByName.setAlgorithm("SHA-256");
        }
        if (str4 != null) {
            findUserByName.setMail(str4);
        }
        dbUserService.updateUser(findUserByName);
        JSONFileUtil.writeEntityJSON(str2, SSHA.encode(decoder.decodeBuffer(findUserByName.getSalt()), decoder.decodeBuffer(findUserByName.getPwdHash()), findUserByName.getAlgorithm()));
        JSONFileUtil.persist(new File(System.getProperty(SystemPropertyConstants.INSTANCE_ROOT_PROPERTY) + File.separator + ServerEnvironmentImpl.kConfigDirName + File.separator + "history-password.json"));
        return true;
    }

    public static synchronized boolean addUser(String str, char[] cArr, String str2, boolean z, String str3) {
        validateUserName(str);
        validatePassword(cArr);
        validateRoleName(str2);
        if (dbUserService.findUserByName(str).getUserId() != null) {
            throw new IllegalArgumentException(strings.getString("filerealm.dupuser", str));
        }
        SecureRandom secureRandom = SharedSecureRandomImpl.get();
        byte[] bArr = new byte[SALT_SIZE];
        secureRandom.nextBytes(bArr);
        try {
            byte[] compute = SSHA.compute(bArr, Utility.convertCharArrayToByteArray(cArr, Charset.defaultCharset().displayName()), "SHA-256");
            DBUser dBUser = new DBUser(str, encoder.encode(compute), encoder.encode(bArr), "SHA-256", "false", str3);
            dbUserService.addUser(dBUser);
            DBUser findUserByName = dbUserService.findUserByName(str);
            DBRole findRoleByName = dbRoleService.findRoleByName(str2);
            dbUserRoleService.addUserRole(new DBUserRole(findUserByName.getUserId(), findUserByName.getUserName(), findRoleByName.getRoleId(), findRoleByName.getRoleName()));
            JSONFileUtil.writeEntityJSON(str, SSHA.encode(bArr, compute, dBUser.getAlgorithm()));
            JSONFileUtil.persist(new File(System.getProperty(SystemPropertyConstants.INSTANCE_ROOT_PROPERTY) + File.separator + ServerEnvironmentImpl.kConfigDirName + File.separator + "history-password.json"));
            return true;
        } catch (Exception e) {
            logger.warning(e.getMessage());
            return false;
        }
    }

    public static synchronized Boolean deleteUser(DBUser dBUser) throws IllegalArgumentException {
        if (dbUserService.findUserByName(dBUser.getUserName()) == null) {
            throw new IllegalArgumentException(sm.getString("filerealm.nouser", dBUser.getUserName()));
        }
        if (Boolean.valueOf(dBUser.getPrivilege()).booleanValue()) {
            throw new IllegalArgumentException(sm.getString("filerealm.privilegeuser"));
        }
        dbUserRoleService.deleteUserRoleByUserName(dBUser.getUserName());
        dbUserService.deleteUser(dBUser);
        return true;
    }

    public static synchronized boolean deleteRole(DBRole dBRole) throws IllegalArgumentException {
        if (dbRoleService.findRoleByName(dBRole.getRoleName()) == null) {
            throw new IllegalArgumentException(sm.getString("dbtable.norole", dBRole.getRoleName()));
        }
        if (Boolean.valueOf(dBRole.getPrivilege()).booleanValue()) {
            throw new IllegalArgumentException(sm.getString("dbtable.privilegerole"));
        }
        dbUserRoleService.deleteUserRole(dbUserRoleService.findUserRoleByRoleName(dBRole.getRoleName()));
        dbRoleResourceService.deleteRoleResource(dbRoleResourceService.findRoleResourceByRoleName(dBRole.getRoleName()));
        dbRoleService.deleteRole(dBRole);
        return true;
    }

    public static synchronized boolean addRole(String str, String[] strArr) throws IllegalArgumentException {
        validateRoleName(str);
        DBRole dBRole = new DBRole(str, "false");
        if (dbRoleService.findRoleByName(str).getRoleId() != null) {
            throw new IllegalArgumentException(strings.getString("dbtable.duprole", str));
        }
        dbRoleService.addRole(dBRole);
        DBRole findRoleByName = dbRoleService.findRoleByName(str);
        for (String str2 : strArr) {
            validateResourceName(str2);
            DBResource findResourceByName = dbResourceService.findResourceByName(str2);
            if (findResourceByName == null) {
                throw new IllegalArgumentException(strings.getString("dbtable.noresource", str2));
            }
            dbRoleResourceService.addRoleResource(new DBRoleResource(findRoleByName.getRoleId(), findRoleByName.getRoleName(), findResourceByName.getResourceId(), findResourceByName.getResourceName()));
        }
        return true;
    }

    public static synchronized boolean updateRole(String str, String[] strArr) {
        validateRoleName(str);
        DBRole findRoleByName = dbRoleService.findRoleByName(str);
        if (findRoleByName == null) {
            throw new IllegalArgumentException(strings.getString("dbtable.norole", str));
        }
        if (Boolean.valueOf(findRoleByName.getPrivilege()).booleanValue()) {
            throw new IllegalArgumentException(sm.getString("dbtable.privilegerole"));
        }
        dbRoleResourceService.deleteRoleResource(dbRoleResourceService.findRoleResourceByRoleName(findRoleByName.getRoleName()));
        for (String str2 : strArr) {
            validateResourceName(str2);
            DBResource findResourceByName = dbResourceService.findResourceByName(str2);
            if (findResourceByName == null) {
                throw new IllegalArgumentException(strings.getString("dbtable.noresource", str2));
            }
            dbRoleResourceService.addRoleResource(new DBRoleResource(findRoleByName.getRoleId(), findRoleByName.getRoleName(), findResourceByName.getResourceId(), findResourceByName.getResourceName()));
        }
        dbRoleService.updateRole(findRoleByName);
        return true;
    }

    public static synchronized boolean deleteResource(DBResource dBResource) throws IllegalArgumentException {
        if (dbResourceService.findResourceByName(dBResource.getResourceName()) == null) {
            throw new IllegalArgumentException(sm.getString("dbtable.noresource", dBResource.getResourceName()));
        }
        if (Boolean.valueOf(dBResource.getPrivilege()).booleanValue()) {
            throw new IllegalArgumentException(sm.getString("dbtable.privilegeresource"));
        }
        dbRoleResourceService.deleteRoleResource(dbRoleResourceService.findRoleResourceByResourceName(dBResource.getResourceName()));
        dbResourceService.deleteResource(dBResource);
        return true;
    }

    public static synchronized boolean addResource(DBResource dBResource) throws IllegalArgumentException {
        validateResourceName(dBResource.getResourceName());
        validateResourceMapPath(dBResource.getResourceMapPath());
        if (dbResourceService.findResourceByName(dBResource.getResourceName()).getResourceId() != null) {
            throw new IllegalArgumentException(strings.getString("dbtable.dupresource", dBResource.getResourceName()));
        }
        if (dbResourceService.findResourceByAlias(dBResource.getResourceAlias()).getResourceId() != null) {
            throw new IllegalArgumentException(strings.getString("dbtable.dupresource", dBResource.getResourceAlias()));
        }
        dbResourceService.addResource(dBResource);
        return true;
    }

    public static synchronized boolean updateResource(DBResource dBResource) throws IllegalArgumentException {
        validateResourceName(dBResource.getResourceName());
        validateResourceMapPath(dBResource.getResourceMapPath());
        DBResource findResourceByName = dbResourceService.findResourceByName(dBResource.getResourceName());
        if (findResourceByName == null) {
            throw new IllegalArgumentException(strings.getString("dbtable.norole", dBResource.getResourceName()));
        }
        if (Boolean.valueOf(findResourceByName.getPrivilege()).booleanValue()) {
            throw new IllegalArgumentException(sm.getString("dbtable.privilegeresource"));
        }
        findResourceByName.setResourceAlias(dBResource.getResourceAlias());
        findResourceByName.setResourceName(dBResource.getResourceName());
        findResourceByName.setResourceMapPath(dBResource.getResourceMapPath());
        dbResourceService.updateResource(findResourceByName);
        return true;
    }

    private static void validateUserName(String str) throws IllegalArgumentException {
        if (str == null || str.length() == 0) {
            throw new IllegalArgumentException(strings.getString("filerealm.noname"));
        }
        if (!isValid(str, true)) {
            throw new IllegalArgumentException(strings.getString("filerealm.badname", str));
        }
        if (!str.equals(str.trim())) {
            throw new IllegalArgumentException(strings.getString("filerealm.badspaces", str));
        }
    }

    private static boolean isValid(String str, boolean z) {
        for (int i = 0; i < str.length(); i++) {
            char charAt = str.charAt(i);
            if (!Character.isLetterOrDigit(charAt) && !Character.isWhitespace(charAt) && FileRealmHelper.MISC_VALID_CHARS.indexOf(charAt) == -1 && (!z || charAt != '@')) {
                return false;
            }
        }
        return true;
    }

    private static void validatePassword(char[] cArr) throws IllegalArgumentException {
        if (Arrays.equals((char[]) null, cArr)) {
            throw new IllegalArgumentException(strings.getString("filerealm.emptypwd"));
        }
        for (char c : cArr) {
            if (Character.isSpaceChar(c)) {
                throw new IllegalArgumentException(strings.getString("filerealm.badspacespwd"));
            }
        }
    }

    private static void validateRoleName(String str) throws IllegalArgumentException {
        if (str == null || str.length() == 0) {
            throw new IllegalArgumentException(strings.getString("filerealm.nogroup"));
        }
        if (!isValid(str, false)) {
            throw new IllegalArgumentException(strings.getString("filerealm.badchars", str));
        }
        if (!str.equals(str.trim())) {
            throw new IllegalArgumentException(strings.getString("filerealm.badspaces", str));
        }
    }

    private static void validateRoleName2(String str) throws IllegalArgumentException {
        if (str == null || str.length() == 0) {
            return;
        }
        if (!isValid(str, false)) {
            throw new IllegalArgumentException(strings.getString("filerealm.badchars", str));
        }
        if (!str.equals(str.trim())) {
            throw new IllegalArgumentException(strings.getString("filerealm.badspaces", str));
        }
    }

    private static void validateResourceName(String str) {
    }

    private static void validateResourceMapPath(String str) {
    }

    private static void setPassword(DBUser dBUser, char[] cArr) throws IllegalArgumentException {
        if (!$assertionsDisabled && dBUser == null) {
            throw new AssertionError();
        }
        try {
            byte[] convertCharArrayToByteArray = Utility.convertCharArrayToByteArray(cArr, Charset.defaultCharset().displayName());
            SecureRandom secureRandom = SharedSecureRandomImpl.get();
            byte[] bArr = new byte[SALT_SIZE];
            secureRandom.nextBytes(bArr);
            dBUser.setSalt(encoder.encode(bArr));
            String algorithm = dBUser.getAlgorithm();
            if (algorithm == null) {
                algorithm = "SHA-256";
            }
            dBUser.setPwdHash(encoder.encode(SSHA.compute(bArr, convertCharArrayToByteArray, algorithm)));
        } catch (Exception e) {
            throw new IllegalArgumentException(e);
        }
    }

    public static DBRole authenticateViaUserDB(String str, String str2) throws IOException {
        try {
            if (!isRightPwd(dbUserService.findUserByName(str), str2.toCharArray()).booleanValue()) {
                return null;
            }
            return new DBRoleServiceImpl().findRoleByName(new DBUserRoleServiceImpl().findUserRoleByUserName(str).getRoleName());
        } catch (IOException e) {
            throw e;
        }
    }

    public static Boolean isAuthorized(String str, String str2, String str3) {
        if (str == null && str.equals(SystemPropertyConstants.DEFAULT_ADMIN_PASSWORD)) {
            return false;
        }
        if (str2 == null && str.equals(SystemPropertyConstants.DEFAULT_ADMIN_PASSWORD)) {
            return false;
        }
        Iterator<DBRoleResource> it = dbRoleResourceService.findRoleResourceByRoleName(str).iterator();
        while (it.hasNext()) {
            StringTokenizer stringTokenizer = new StringTokenizer(dbResourceService.findResourceByName(it.next().getResourceName()).getResourceMapPath(), ",");
            while (stringTokenizer.hasMoreTokens()) {
                if (Pattern.compile(stringTokenizer.nextToken()).matcher(str2).matches()) {
                    return true;
                }
            }
        }
        return false;
    }

    public static boolean hasResourcePermission(String str, String str2, List<DBResource> list) {
        if (str == null || !str2.contains(".jsf") || list == null || str2.contains("jsf.js.jsf")) {
            return true;
        }
        Iterator<DBResource> it = list.iterator();
        while (it.hasNext()) {
            StringTokenizer stringTokenizer = new StringTokenizer(it.next().getResourceMapPath(), ",");
            while (stringTokenizer.hasMoreTokens()) {
                String nextToken = stringTokenizer.nextToken();
                if (nextToken.endsWith("*")) {
                    nextToken = nextToken.substring(0, nextToken.length() - 2);
                }
                if (str2.startsWith(nextToken)) {
                    return true;
                }
            }
        }
        return false;
    }

    static {
        $assertionsDisabled = !DBUtil.class.desiredAssertionStatus();
        dbUserService = new DBUserServiceImpl();
        dbUserRoleService = new DBUserRoleServiceImpl();
        dbRoleService = new DBRoleServiceImpl();
        dbRoleResourceService = new DBRoleResourceServiceImpl();
        dbResourceService = new DBResourceServiceImpl();
        strings = StringManager.getManager(DBUtil.class);
        encoder = new ApusicBase64Encoder();
        decoder = new ApusicBase64Decoder();
        sm = StringManager.getManager(DBUtil.class);
        logger = Logger.getLogger(DBUtil.class.getName());
    }
}
