package org.h2.security.auth;

import java.io.InputStream;
import java.net.URL;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.xml.parsers.SAXParser;
import javax.xml.parsers.SAXParserFactory;
import nxt.j9;
import nxt.s5;
import nxt.vi;
import org.h2.api.CredentialsValidator;
import org.h2.api.UserToRolesMapper;
import org.h2.engine.Database;
import org.h2.engine.Right;
import org.h2.engine.Role;
import org.h2.engine.SysProperties;
import org.h2.engine.User;
import org.h2.message.Trace;
import org.h2.security.auth.impl.AssignRealmNameRole;
import org.h2.security.auth.impl.JaasCredentialsValidator;
import org.h2.util.MathUtils;
import org.h2.util.StringUtils;

/* loaded from: classes.dex */
public class DefaultAuthenticator implements Authenticator {
    public static DefaultAuthenticator f;
    public Map<String, CredentialsValidator> a = new HashMap();
    public List<UserToRolesMapper> b = new ArrayList();
    public boolean c;
    public boolean d;
    public boolean e;

    @Override // org.h2.security.auth.Authenticator
    public final User a(AuthenticationInfo authenticationInfo, Database database) {
        String a = authenticationInfo.a();
        User J = database.J(a);
        if (J == null && !this.c) {
            throw new AuthenticationException(vi.m("User ", a, " not found in db"));
        }
        CredentialsValidator credentialsValidator = this.a.get(authenticationInfo.c);
        if (credentialsValidator == null) {
            throw new AuthenticationException(s5.o(j9.o("realm "), authenticationInfo.c, " not configured"));
        }
        try {
            if (!credentialsValidator.a(authenticationInfo)) {
                return null;
            }
            if (J == null) {
                synchronized (database.A2) {
                    J = new User(database, -1, authenticationInfo.a(), false);
                    J.s0(authenticationInfo.c == null ? authenticationInfo.a.h2 : MathUtils.h(64));
                    J.h2 = true;
                    database.a(database.A2, J);
                    database.A2.L(false);
                }
            }
            if (J.i2 != null) {
                ArrayList arrayList = new ArrayList();
                for (Map.Entry<Role, Right> entry : J.i2.entrySet()) {
                    if (!entry.getValue().h2) {
                        if (!(entry.getValue().e2 != -1)) {
                        }
                    }
                    arrayList.add(entry.getKey());
                }
                Iterator it = arrayList.iterator();
                while (it.hasNext()) {
                    J.k0((Role) it.next());
                }
            }
            HashSet hashSet = new HashSet();
            Iterator<UserToRolesMapper> it2 = this.b.iterator();
            while (it2.hasNext()) {
                Collection<String> b = it2.next().b(authenticationInfo);
                if (b != null && !b.isEmpty()) {
                    hashSet.addAll(b);
                }
            }
            Iterator it3 = hashSet.iterator();
            while (it3.hasNext()) {
                String str = (String) it3.next();
                if (str != null && !str.isEmpty()) {
                    Role role = database.i2.get(StringUtils.C(str));
                    if (role == null && this.d) {
                        synchronized (database.A2) {
                            role = new Role(database, database.h(), str, false);
                            database.a(database.A2, role);
                            database.A2.L(false);
                        }
                    }
                    if (role != null && J.h0(role) == null) {
                        Right right = new Right(database, -1, J, role);
                        right.h2 = true;
                        if (J.i2 == null) {
                            J.i2 = new HashMap<>();
                        }
                        J.i2.put(role, right);
                    }
                }
            }
            return J;
        } catch (Exception e) {
            throw new AuthenticationException(e);
        }
    }

    public void b(URL url) {
        int i = H2AuthConfigXml.d2;
        InputStream openStream = url.openStream();
        try {
            SAXParser newSAXParser = SAXParserFactory.newInstance().newSAXParser();
            H2AuthConfigXml h2AuthConfigXml = new H2AuthConfigXml();
            newSAXParser.parse(openStream, h2AuthConfigXml);
            H2AuthConfig h2AuthConfig = h2AuthConfigXml.b2;
            if (openStream != null) {
                openStream.close();
            }
            this.c = h2AuthConfig.a;
            this.d = h2AuthConfig.b;
            HashMap hashMap = new HashMap();
            if (h2AuthConfig.c == null) {
                h2AuthConfig.c = new ArrayList();
            }
            for (RealmConfig realmConfig : h2AuthConfig.c) {
                String str = realmConfig.a;
                if (str == null) {
                    throw new AuthenticationException("Missing realm name");
                }
                String upperCase = str.toUpperCase();
                try {
                    CredentialsValidator credentialsValidator = (CredentialsValidator) Class.forName(realmConfig.b).getDeclaredConstructor(new Class[0]).newInstance(new Object[0]);
                    if (realmConfig.c == null) {
                        realmConfig.c = new ArrayList();
                    }
                    credentialsValidator.c(new ConfigProperties(realmConfig.c));
                    if (hashMap.put(realmConfig.a.toUpperCase(), credentialsValidator) != null) {
                        StringBuilder o = j9.o("Duplicate realm ");
                        o.append(realmConfig.a);
                        throw new AuthenticationException(o.toString());
                    }
                } catch (Exception e) {
                    throw new AuthenticationException(vi.l("invalid validator class fo realm ", upperCase), e);
                }
            }
            this.a = hashMap;
            ArrayList arrayList = new ArrayList();
            if (h2AuthConfig.d == null) {
                h2AuthConfig.d = new ArrayList();
            }
            for (UserToRolesMapperConfig userToRolesMapperConfig : h2AuthConfig.d) {
                try {
                    UserToRolesMapper userToRolesMapper = (UserToRolesMapper) Class.forName(userToRolesMapperConfig.a).getDeclaredConstructor(new Class[0]).newInstance(new Object[0]);
                    if (userToRolesMapperConfig.b == null) {
                        userToRolesMapperConfig.b = new ArrayList();
                    }
                    userToRolesMapper.c(new ConfigProperties(userToRolesMapperConfig.b));
                    arrayList.add(userToRolesMapper);
                } catch (Exception e2) {
                    throw new AuthenticationException("Invalid class in UserToRolesMapperConfig", e2);
                }
            }
            this.b = arrayList;
        } catch (Throwable th) {
            try {
                throw th;
            } catch (Throwable th2) {
                if (openStream != null) {
                    try {
                        openStream.close();
                    } catch (Throwable th3) {
                        th.addSuppressed(th3);
                    }
                }
                throw th2;
            }
        }
    }

    public final void c() {
        this.d = false;
        this.c = true;
        this.a = new HashMap();
        JaasCredentialsValidator jaasCredentialsValidator = new JaasCredentialsValidator();
        jaasCredentialsValidator.c(new ConfigProperties());
        this.a.put("H2", jaasCredentialsValidator);
        AssignRealmNameRole assignRealmNameRole = new AssignRealmNameRole();
        assignRealmNameRole.c(new ConfigProperties());
        this.b.add(assignRealmNameRole);
    }

    public void d(Database database) {
        if (this.e) {
            return;
        }
        synchronized (this) {
            if (this.e) {
                return;
            }
            Trace q0 = database.q0(2);
            URL url = null;
            try {
                String str = SysProperties.d0;
                if (str != null) {
                    if (q0.l()) {
                        q0.b("DefaultAuthenticator.config: configuration read from system property h2auth.configurationfile={0}", str);
                    }
                    url = new URL(str);
                }
                if (url == null) {
                    if (q0.l()) {
                        q0.a("DefaultAuthenticator.config: default configuration");
                    }
                    c();
                } else {
                    b(url);
                }
                this.e = true;
            } catch (Exception e) {
                q0.f(e, "DefaultAuthenticator.config: an error occurred during configuration from {0} ", null);
                throw new AuthConfigException("Failed to configure authentication from " + ((Object) null), e);
            }
        }
    }
}
