package com.pivotal.gemfirexd.internal.impl.jdbc.authentication;

import com.pivotal.gemfirexd.Constants;
import com.pivotal.gemfirexd.auth.callback.CredentialInitializer;
import com.pivotal.gemfirexd.auth.callback.UserAuthenticator;
import com.pivotal.gemfirexd.internal.engine.distributed.utils.GemFireXDUtils;
import com.pivotal.gemfirexd.internal.engine.distributed.utils.SecurityUtils;
import com.pivotal.gemfirexd.internal.iapi.error.StandardException;
import com.pivotal.gemfirexd.internal.iapi.services.monitor.Monitor;
import com.pivotal.gemfirexd.internal.iapi.services.sanity.SanityManager;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.sql.SQLException;
import java.util.Properties;

/* loaded from: input_file:com/pivotal/gemfirexd/internal/impl/jdbc/authentication/BasicAuthenticationServiceImpl.class */
public final class BasicAuthenticationServiceImpl extends AuthenticationServiceBase implements UserAuthenticator, CredentialInitializer {
    protected static final String AUTHFACTORYMETHOD = BasicAuthenticationServiceImpl.class.getName() + AuthenticationServiceBase.factoryMethodForGFEAuth;

    @Override // com.pivotal.gemfirexd.internal.iapi.services.monitor.ModuleSupportable
    public boolean canSupport(String str, Properties properties) {
        return checkAndSetSchemeSupported(str, properties, Constants.AUTHENTICATION_PROVIDER_BUILTIN);
    }

    @Override // com.pivotal.gemfirexd.internal.impl.jdbc.authentication.AuthenticationServiceBase, com.pivotal.gemfirexd.internal.iapi.services.monitor.ModuleControl
    public void boot(boolean z, Properties properties) throws StandardException {
        SecurityUtils.prepareUserDefinitionForBuiltInScheme(properties);
        super.boot(z, properties);
        try {
            MessageDigest.getInstance("SHA-256").reset();
            MessageDigest.getInstance("SHA-1").reset();
            setAuthenticationService(this);
        } catch (NoSuchAlgorithmException e) {
            throw Monitor.exceptionStartingModule(e);
        }
    }

    @Override // com.pivotal.gemfirexd.auth.callback.UserAuthenticator
    public String authenticateUser(String str, String str2, String str3, Properties properties) throws SQLException {
        String str4;
        int i = 0;
        if (str == null) {
            return "Null user name";
        }
        String property = properties.getProperty("drdaSecMec");
        if (property != null) {
            i = Integer.parseInt(property);
        }
        String concat = "gemfirexd.user.".concat(str);
        String concat2 = "sqlfire.user.".concat(str);
        String databaseProperty = getDatabaseProperty(concat);
        if (databaseProperty == null) {
            databaseProperty = getDatabaseProperty(concat2);
        }
        if (databaseProperty == null) {
            databaseProperty = getSystemProperty(concat);
            if (databaseProperty == null) {
                databaseProperty = getSystemProperty(concat2);
            }
            str4 = str2;
            if (databaseProperty != null && i == 8) {
                databaseProperty = substitutePassword(str, databaseProperty, properties, false);
            } else if (databaseProperty != null) {
                boolean z = false;
                boolean z2 = true;
                if (!databaseProperty.startsWith(AuthenticationServiceBase.ID_PATTERN_NEW_SCHEME_V3)) {
                    z2 = false;
                    z = databaseProperty.startsWith(AuthenticationServiceBase.ID_PATTERN_NEW_SCHEME_V2);
                }
                str4 = encryptUserPassword(str, str2, false, z, z2);
            }
        } else if (i != 8) {
            boolean z3 = false;
            boolean z4 = true;
            if (!databaseProperty.startsWith(AuthenticationServiceBase.ID_PATTERN_NEW_SCHEME_V3)) {
                z4 = false;
                z3 = databaseProperty.startsWith(AuthenticationServiceBase.ID_PATTERN_NEW_SCHEME_V2);
            }
            str4 = encryptUserPassword(str, str2, false, z3, z4);
        } else {
            databaseProperty = substitutePassword(str, databaseProperty, properties, true);
            str4 = str2;
        }
        if (GemFireXDUtils.TraceAuthentication) {
            if (databaseProperty == null) {
                SanityManager.DEBUG_PRINT("TraceAuthentication", "BUILTIN authentication couldn't find user definition for '" + str + "'");
            }
            if (str4 == null) {
                SanityManager.DEBUG_PRINT("TraceAuthentication", "BUILTIN authentication received improper credentials for user '" + str + "'");
            }
        }
        if (SanityManager.DEBUG_ON("__PINT__")) {
            SanityManager.DEBUG_PRINT("TraceAuthentication", "BUILTIN authentication evaluating defined pwd " + databaseProperty + " with incoming pwd " + str4 + " for user '" + str + "'");
        }
        if (databaseProperty == null) {
            return "No such user '" + str + "'";
        }
        if (databaseProperty.equals(str4)) {
            return null;
        }
        return str4 != null ? "Incorrect password for user '" + str + "'" : "Null password for user '" + str + "'";
    }

    @Override // com.pivotal.gemfirexd.auth.callback.CredentialInitializer
    public Properties getCredentials(Properties properties) throws SQLException {
        return SecurityUtils.getCredentials(properties);
    }

    public String toString() {
        return Constants.AUTHENTICATION_PROVIDER_BUILTIN;
    }
}
