package org.apache.wiki.auth.user;

import java.io.UnsupportedEncodingException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.util.ArrayList;
import java.util.Properties;
import java.util.UUID;
import org.apache.catalina.util.HexUtils;
import org.apache.log4j.Logger;
import org.apache.wiki.WikiEngine;
import org.apache.wiki.api.exceptions.NoRequiredPropertyException;
import org.apache.wiki.auth.NoSuchPrincipalException;
import org.apache.wiki.auth.WikiPrincipal;
import org.apache.wiki.auth.WikiSecurityException;
import org.apache.wiki.util.CryptoUtil;

/* loaded from: input_file:org/apache/wiki/auth/user/AbstractUserDatabase.class */
public abstract class AbstractUserDatabase implements UserDatabase {
    protected static final Logger log = Logger.getLogger(AbstractUserDatabase.class);
    protected static final String SHA_PREFIX = "{SHA}";
    protected static final String SSHA_PREFIX = "{SSHA}";

    @Override // org.apache.wiki.auth.user.UserDatabase
    public synchronized void commit() throws WikiSecurityException {
    }

    @Override // org.apache.wiki.auth.user.UserDatabase
    public UserProfile find(String str) throws NoSuchPrincipalException {
        UserProfile userProfile = null;
        try {
            userProfile = findByFullName(str);
        } catch (NoSuchPrincipalException e) {
        }
        if (userProfile != null) {
            return userProfile;
        }
        try {
            userProfile = findByWikiName(str);
        } catch (NoSuchPrincipalException e2) {
        }
        if (userProfile != null) {
            return userProfile;
        }
        try {
            userProfile = findByLoginName(str);
        } catch (NoSuchPrincipalException e3) {
        }
        if (userProfile != null) {
            return userProfile;
        }
        throw new NoSuchPrincipalException("Not in database: " + str);
    }

    @Override // org.apache.wiki.auth.user.UserDatabase
    public abstract UserProfile findByEmail(String str) throws NoSuchPrincipalException;

    @Override // org.apache.wiki.auth.user.UserDatabase
    public abstract UserProfile findByFullName(String str) throws NoSuchPrincipalException;

    @Override // org.apache.wiki.auth.user.UserDatabase
    public abstract UserProfile findByLoginName(String str) throws NoSuchPrincipalException;

    @Override // org.apache.wiki.auth.user.UserDatabase
    public abstract UserProfile findByWikiName(String str) throws NoSuchPrincipalException;

    @Override // org.apache.wiki.auth.user.UserDatabase
    public Principal[] getPrincipals(String str) throws NoSuchPrincipalException {
        try {
            UserProfile findByLoginName = findByLoginName(str);
            ArrayList arrayList = new ArrayList();
            if (findByLoginName.getLoginName() != null && findByLoginName.getLoginName().length() > 0) {
                arrayList.add(new WikiPrincipal(findByLoginName.getLoginName(), WikiPrincipal.LOGIN_NAME));
            }
            if (findByLoginName.getFullname() != null && findByLoginName.getFullname().length() > 0) {
                arrayList.add(new WikiPrincipal(findByLoginName.getFullname(), WikiPrincipal.FULL_NAME));
            }
            if (findByLoginName.getWikiName() != null && findByLoginName.getWikiName().length() > 0) {
                arrayList.add(new WikiPrincipal(findByLoginName.getWikiName(), WikiPrincipal.WIKI_NAME));
            }
            return (Principal[]) arrayList.toArray(new Principal[arrayList.size()]);
        } catch (NoSuchPrincipalException e) {
            throw e;
        }
    }

    @Override // org.apache.wiki.auth.user.UserDatabase
    public abstract void initialize(WikiEngine wikiEngine, Properties properties) throws NoRequiredPropertyException, WikiSecurityException;

    @Override // org.apache.wiki.auth.user.UserDatabase
    public UserProfile newProfile() {
        return DefaultUserProfile.newProfile(this);
    }

    @Override // org.apache.wiki.auth.user.UserDatabase
    public abstract void save(UserProfile userProfile) throws WikiSecurityException;

    @Override // org.apache.wiki.auth.user.UserDatabase
    public boolean validatePassword(String str, String str2) {
        try {
            UserProfile findByLoginName = findByLoginName(str);
            String password = findByLoginName.getPassword();
            if (password.startsWith(SSHA_PREFIX)) {
                getHash(str2);
                return CryptoUtil.verifySaltedPassword(str2.getBytes("UTF-8"), password);
            }
            if (password.startsWith(SHA_PREFIX)) {
                password = password.substring(SHA_PREFIX.length());
            }
            boolean equals = getOldHash(str2).equals(password);
            if (equals) {
                findByLoginName.setPassword(str2);
                save(findByLoginName);
            }
            return equals;
        } catch (UnsupportedEncodingException e) {
            log.fatal("You do not have UTF-8!?!");
            return false;
        } catch (NoSuchAlgorithmException e2) {
            log.error("Unsupported algorithm: " + e2.getMessage());
            return false;
        } catch (NoSuchPrincipalException e3) {
            return false;
        } catch (WikiSecurityException e4) {
            log.error("Could not upgrade SHA password to SSHA because profile could not be saved. Reason: " + e4.getMessage());
            e4.printStackTrace();
            return false;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static String generateUid(UserDatabase userDatabase) {
        while (true) {
            String uuid = UUID.randomUUID().toString();
            boolean z = true;
            try {
                userDatabase.findByUid(uuid);
            } catch (NoSuchPrincipalException e) {
                z = false;
            }
            if (!z && uuid != null) {
                return uuid;
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getHash(String str) {
        String str2 = null;
        try {
            str2 = CryptoUtil.getSaltedPassword(str.getBytes("UTF-8"));
        } catch (UnsupportedEncodingException e) {
            log.fatal("You do not have UTF-8!?!");
        } catch (NoSuchAlgorithmException e2) {
            log.error("Error creating salted SHA password hash:" + e2.getMessage());
            str2 = str;
        }
        return str2;
    }

    protected String getOldHash(String str) {
        String str2 = null;
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("SHA");
            messageDigest.update(str.getBytes("UTF-8"));
            str2 = HexUtils.convert(messageDigest.digest());
        } catch (UnsupportedEncodingException e) {
            log.fatal("UTF-8 not supported!?!");
        } catch (NoSuchAlgorithmException e2) {
            log.error("Error creating SHA password hash:" + e2.getMessage());
            str2 = str;
        }
        return str2;
    }

    protected long parseLong(String str) {
        if (str == null || str.length() == 0) {
            return 0L;
        }
        try {
            return Long.parseLong(str);
        } catch (NumberFormatException e) {
            return 0L;
        }
    }
}
