package nl.gezondheidsmeter.saml.leiden;

import java.security.Principal;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.time.ZonedDateTime;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import nl.buildersenperformers.securityfilter.SamlInterface.SAMLHandler;
import nl.buildersenperformers.securityfilter.SamlInterface.SAMLUtil;
import nl.knowledgeplaza.securityfilter.SecurityFilter;
import nl.knowledgeplaza.securityfilter.SecurityFilterPrincipal;
import nl.knowledgeplaza.util.ConfigurationProperties;
import nl.knowledgeplaza.util.JdbcUtil;
import org.opensaml.saml2.core.Assertion;

/* loaded from: input_file:nl/gezondheidsmeter/saml/leiden/SAMLHandlerLeiden.class */
public class SAMLHandlerLeiden extends SAMLHandler {
    public SAMLHandlerLeiden() {
        this.iJdbcPoolName = ConfigurationProperties.get().get("saml.JdbcPoolName");
    }

    public Principal authenticate(SecurityFilter securityFilter, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Principal principal, Assertion assertion) throws ServletException {
        HttpSession session = httpServletRequest.getSession(true);
        if (session.getAttribute("S_PRS_PERSOON_NR") != null) {
            session.removeAttribute("S_PRS_PERSOON_NR");
        }
        SAMLUtil sAMLUtil = new SAMLUtil(assertion);
        String attribute = sAMLUtil.getAttribute("zorgverlener.zpId");
        String attribute2 = sAMLUtil.getAttribute("patient.bsn");
        Principal zorgverlener = getZorgverlener(httpServletRequest, attribute, (String) getConfig().get("configname"));
        int patient = getPatient(httpServletRequest, attribute2);
        if (patient != 0) {
            session.setAttribute("S_PRS_PERSOON_NR", "" + patient);
        }
        return zorgverlener;
    }

    private Principal getZorgverlener(HttpServletRequest httpServletRequest, String str, String str2) throws ServletException {
        if (log4j.isDebugEnabled()) {
            log4j.debug("SELECT prs_init FROM prs_persoon where prs_instelling=? and prs_sso=?");
        }
        SecurityFilterPrincipal securityFilterPrincipal = null;
        try {
            try {
                Connection connection = getConnection(httpServletRequest);
                PreparedStatement prepareStatement = connection.prepareStatement("SELECT prs_init FROM prs_persoon where prs_instelling=? and prs_sso=?");
                prepareStatement.setString(2, str);
                prepareStatement.setString(1, str2);
                ResultSet executeQuery = prepareStatement.executeQuery();
                if (executeQuery.next()) {
                    securityFilterPrincipal = new SecurityFilterPrincipal(executeQuery.getString(1), (String) null);
                } else if (log4j.isDebugEnabled()) {
                    log4j.debug("Authenticating SAML'" + str + "', " + str2 + " not found");
                }
                JdbcUtil.close(executeQuery);
                JdbcUtil.close(prepareStatement);
                releaseConnection(httpServletRequest, connection);
            } catch (SQLException e) {
                log4j.error("Could not lookup user", e);
                JdbcUtil.close((ResultSet) null);
                JdbcUtil.close((PreparedStatement) null);
                releaseConnection(httpServletRequest, null);
            }
            return securityFilterPrincipal;
        } catch (Throwable th) {
            JdbcUtil.close((ResultSet) null);
            JdbcUtil.close((PreparedStatement) null);
            releaseConnection(httpServletRequest, null);
            throw th;
        }
    }

    private int getPatient(HttpServletRequest httpServletRequest, String str) throws ServletException {
        if (log4j.isDebugEnabled()) {
            log4j.debug("SELECT to_number(to_char(prs_persoon_nr,'J')) prs_nr \tFROM prs_persoon p\tWHERE p.bsn_hash = cryptwrapper.hash(?)\tAND p.ref_prs_type=?");
        }
        int i = 0;
        try {
            try {
                Connection connection = getConnection(httpServletRequest);
                PreparedStatement prepareStatement = connection.prepareStatement("SELECT to_number(to_char(prs_persoon_nr,'J')) prs_nr \tFROM prs_persoon p\tWHERE p.bsn_hash = cryptwrapper.hash(?)\tAND p.ref_prs_type=?");
                prepareStatement.setString(1, str);
                prepareStatement.setString(2, "Patient");
                ResultSet executeQuery = prepareStatement.executeQuery();
                if (executeQuery.next()) {
                    if (log4j.isDebugEnabled()) {
                        log4j.debug("Patient' with bsn:" + str + "  found, pers_nr: 0");
                    }
                    i = executeQuery.getInt(1);
                } else if (log4j.isDebugEnabled()) {
                    log4j.debug("Patient' with bsn:" + str + " not found");
                }
                JdbcUtil.close(executeQuery);
                JdbcUtil.close(prepareStatement);
                releaseConnection(httpServletRequest, connection);
            } catch (SQLException e) {
                log4j.error("Could not lookup user", e);
                JdbcUtil.close((ResultSet) null);
                JdbcUtil.close((PreparedStatement) null);
                releaseConnection(httpServletRequest, null);
            }
            return i;
        } catch (Throwable th) {
            JdbcUtil.close((ResultSet) null);
            JdbcUtil.close((PreparedStatement) null);
            releaseConnection(httpServletRequest, null);
            throw th;
        }
    }

    private void dump(Assertion assertion) {
        System.out.println("Subject: " + assertion.getSubject().getNameID().getValue());
        System.out.println("Issuer: " + assertion.getIssuer().getValue());
        System.out.println("Asserion ID " + assertion.getID());
        System.out.println("NotOnOrAfter: " + assertion.getConditions().getNotOnOrAfter().toGregorianCalendar().toZonedDateTime());
        System.out.println("after now?" + assertion.getConditions().getNotOnOrAfter().toGregorianCalendar().toZonedDateTime().isAfter(ZonedDateTime.now()));
        System.out.println("OneTimeUse: " + assertion.getConditions().getOneTimeUse());
    }

    public Principal handleUnknownPrincipal(SecurityFilter securityFilter, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Principal principal) throws ServletException {
        return null;
    }
}
