package nl.knowledgeplaza.securityfilter;

import java.security.Principal;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import nl.knowledgeplaza.util.ExceptionUtil;
import nl.knowledgeplaza.util.JdbcUtil;
import nl.knowledgeplaza.util.pool.JdbcConnectionPoolFactoryServletUtils;
import nl.knowledgeplaza.util.pool.ObjectPool;

/* loaded from: input_file:WEB-INF/lib/KpSecurityFilter-1.32-20160418.080748-18.jar:nl/knowledgeplaza/securityfilter/SecurityFilterJDBCScore.class */
public class SecurityFilterJDBCScore extends SecurityFilterJDBC {
    private String iJdbcScorePoolName;
    private String iJdbcScoreClassName;
    private String iJdbcScoreUrl;
    private String iJdbcScoreUsername;
    private String iJdbcScorePassword;
    private Map iScoreConnectionToPool = Collections.synchronizedMap(new HashMap());

    @Override // nl.knowledgeplaza.securityfilter.SecurityFilterJDBC, nl.knowledgeplaza.securityfilter.SecurityFilter
    public void initialize() throws ServletException {
        super.initialize();
        this.iJdbcScorePoolName = this.iConfigurationProperties.get2(this, "JdbcScorePoolName");
        this.iJdbcScoreClassName = this.iConfigurationProperties.get2(this, "JdbcScoreClassName");
        this.iJdbcScoreUrl = this.iConfigurationProperties.get2(this, "JdbcScoreUrl");
        this.iJdbcScoreUsername = this.iConfigurationProperties.get2(this, "JdbcScoreUsername");
        this.iJdbcScorePassword = this.iConfigurationProperties.get2(this, "JdbcScorePassword");
        if (cLog4J.isDebugEnabled()) {
            cLog4J.debug("JdbcPoolName=" + this.iJdbcScorePoolName);
        }
        if (cLog4J.isDebugEnabled()) {
            cLog4J.debug("JdbcClassName=" + this.iJdbcScoreClassName);
        }
        if (cLog4J.isDebugEnabled()) {
            cLog4J.debug("JdbcUrl=" + this.iJdbcScoreUrl);
        }
        if (cLog4J.isDebugEnabled()) {
            cLog4J.debug("JdbcUsername=" + this.iJdbcScoreUsername);
        }
        if (cLog4J.isDebugEnabled()) {
            cLog4J.debug("JdbcPassword=" + this.iJdbcScorePassword);
        }
    }

    @Override // nl.knowledgeplaza.securityfilter.SecurityFilterJDBC, nl.knowledgeplaza.securityfilter.SecurityFilter
    public Principal authenticate(HttpServletRequest httpServletRequest, String str, String str2, String str3) throws ServletException {
        Principal principal = null;
        if (checkScore(httpServletRequest, str, str2, str3)) {
            principal = super.authenticate(httpServletRequest, str, str2, str3);
        }
        if (principal == null) {
            StoreRequest(httpServletRequest, str, str2, str3);
        }
        return principal;
    }

    private boolean checkScore(HttpServletRequest httpServletRequest, String str, String str2, String str3) throws ServletException {
        boolean z = true;
        String remoteHost = httpServletRequest.getRemoteHost();
        String contextPath = httpServletRequest.getContextPath();
        Connection connection = null;
        PreparedStatement preparedStatement = null;
        ResultSet resultSet = null;
        try {
            try {
                if (cLog4J.isDebugEnabled()) {
                    cLog4J.debug("Check score for user " + str + " on ip address " + remoteHost + " for application " + contextPath);
                }
                connection = getScoreConnection(httpServletRequest);
                preparedStatement = connection.prepareStatement("select check_login(?,?,?,?,?) blocked");
                preparedStatement.setString(1, remoteHost);
                preparedStatement.setString(2, contextPath);
                preparedStatement.setString(3, str);
                preparedStatement.setString(4, str2);
                preparedStatement.setString(5, httpServletRequest.getRequestURI());
                resultSet = preparedStatement.executeQuery();
                if (resultSet.next() && resultSet.getInt("blocked") != 0) {
                    z = false;
                    if (cLog4J.isDebugEnabled()) {
                        cLog4J.debug("User " + str + " blocked on ip address " + remoteHost);
                    }
                }
                JdbcUtil.close(resultSet);
                JdbcUtil.close(preparedStatement);
                releaseScoreConnection(httpServletRequest, connection);
            } catch (SQLException e) {
                cLog4J.error(ExceptionUtil.getStacktrace(e));
                httpServletRequest.getSession().setAttribute(SecurityFilter.SESSIONATTRIBUTE_REASON, "Database problems");
                JdbcUtil.close(resultSet);
                JdbcUtil.close(preparedStatement);
                releaseScoreConnection(httpServletRequest, connection);
            }
            return z;
        } catch (Throwable th) {
            JdbcUtil.close(resultSet);
            JdbcUtil.close(preparedStatement);
            releaseScoreConnection(httpServletRequest, connection);
            throw th;
        }
    }

    private void StoreRequest(HttpServletRequest httpServletRequest, String str, String str2, String str3) throws ServletException {
        String remoteHost = httpServletRequest.getRemoteHost();
        String contextPath = httpServletRequest.getContextPath();
        Connection connection = null;
        PreparedStatement preparedStatement = null;
        ResultSet resultSet = null;
        if (cLog4J.isDebugEnabled()) {
            cLog4J.debug("Storing login for user " + str + " on ip address " + remoteHost + " for application " + contextPath);
        }
        try {
            try {
                connection = getScoreConnection(httpServletRequest);
                preparedStatement = connection.prepareStatement("select store_login(?,?,?,?,?) blocked");
                preparedStatement.setString(1, remoteHost);
                preparedStatement.setString(2, contextPath);
                preparedStatement.setString(3, str);
                preparedStatement.setString(4, str2);
                preparedStatement.setString(5, httpServletRequest.getRequestURI());
                resultSet = preparedStatement.executeQuery();
                JdbcUtil.close(resultSet);
                JdbcUtil.close(preparedStatement);
                releaseScoreConnection(httpServletRequest, connection);
            } catch (SQLException e) {
                cLog4J.error(ExceptionUtil.getStacktrace(e));
                httpServletRequest.getSession().setAttribute(SecurityFilter.SESSIONATTRIBUTE_REASON, "Database problems");
                JdbcUtil.close(resultSet);
                JdbcUtil.close(preparedStatement);
                releaseScoreConnection(httpServletRequest, connection);
            }
        } catch (Throwable th) {
            JdbcUtil.close(resultSet);
            JdbcUtil.close(preparedStatement);
            releaseScoreConnection(httpServletRequest, connection);
            throw th;
        }
    }

    private Connection getScoreConnection(HttpServletRequest httpServletRequest) throws ServletException, SQLException {
        Connection connection;
        String str = SecurityFilterJDBC.class.getName() + ":" + this.iJdbcScoreUsername + "@" + this.iJdbcScoreUrl;
        if (this.iJdbcScorePoolName != null) {
            if (cLog4J.isDebugEnabled()) {
                cLog4J.debug("Using JdbcPool " + this.iJdbcScorePoolName);
            }
            ObjectPool connectionPool = JdbcConnectionPoolFactoryServletUtils.getConnectionPool(httpServletRequest.getSession().getServletContext(), this.iJdbcScorePoolName, this.iConfigurationProperties);
            connection = (Connection) connectionPool.borrowObject();
            this.iScoreConnectionToPool.put(connection, connectionPool);
        } else {
            if (cLog4J.isDebugEnabled()) {
                cLog4J.debug("Using the internal dedicated connection");
            }
            try {
                if (cLog4J.isDebugEnabled()) {
                    cLog4J.debug("Finding JDBC class " + this.iJdbcScoreClassName);
                }
                Class.forName(this.iJdbcScoreClassName);
                if (cLog4J.isDebugEnabled()) {
                    cLog4J.debug("Looking for jdbc connection in application context " + str);
                }
                connection = (Connection) httpServletRequest.getSession().getServletContext().getAttribute(str);
                if (connection == null) {
                    if (cLog4J.isDebugEnabled()) {
                        cLog4J.debug("Opening new connection " + this.iJdbcScoreUrl + " as " + this.iJdbcScoreUsername);
                    }
                    connection = DriverManager.getConnection(this.iJdbcScoreUrl, this.iJdbcScoreUsername, this.iJdbcScorePassword);
                    httpServletRequest.getSession().getServletContext().setAttribute(str, connection);
                } else if (cLog4J.isDebugEnabled()) {
                    cLog4J.debug("Connection found");
                }
            } catch (ClassNotFoundException e) {
                cLog4J.error(ExceptionUtil.getStacktrace(e));
                httpServletRequest.getSession().setAttribute(SecurityFilter.SESSIONATTRIBUTE_REASON, "JDBC driver not found");
                return null;
            }
        }
        return connection;
    }

    private void releaseScoreConnection(HttpServletRequest httpServletRequest, Connection connection) {
        httpServletRequest.getSession().getServletContext().removeAttribute(SecurityFilterJDBC.class.getName() + ":" + this.iJdbcScoreUsername + "@" + this.iJdbcScoreUrl);
        if (this.iScoreConnectionToPool.containsKey(connection)) {
            try {
                ((ObjectPool) this.iScoreConnectionToPool.get(connection)).returnObject(connection);
                this.iScoreConnectionToPool.remove(connection);
            } catch (Throwable th) {
                this.iScoreConnectionToPool.remove(connection);
                throw th;
            }
        }
    }
}
