package cat.gencat.ctti.canigo.arch.security.provider.sace.authentication.dao;

import cat.gencat.ctti.canigo.arch.core.i18n.I18nResourceBundleMessageSource;
import cat.gencat.ctti.canigo.arch.security.authentication.dao.AuthenticationDAO;
import cat.gencat.ctti.canigo.arch.security.authorities.dao.AuthoritiesDAO;
import cat.gencat.ctti.canigo.arch.security.provider.sace.authentication.AlwaysTrustManager;
import cat.gencat.ctti.canigo.arch.security.provider.sace.authentication.InputQueryVO;
import cat.gencat.ctti.canigo.arch.security.provider.sace.authentication.UserNameFormatEnum;
import cat.gencat.ctti.canigo.arch.security.provider.sace.authentication.utils.ReturnedCodeConverter;
import cat.gencat.ctti.canigo.arch.security.provider.sace.authentication.utils.XMLConverter;
import com.sun.net.ssl.internal.ssl.Provider;
import com.sun.net.ssl.internal.www.protocol.https.Handler;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.OutputStreamWriter;
import java.io.PrintWriter;
import java.io.UnsupportedEncodingException;
import java.net.HttpURLConnection;
import java.net.MalformedURLException;
import java.net.URL;
import java.net.URLConnection;
import java.net.URLEncoder;
import java.net.URLStreamHandler;
import java.security.KeyStore;
import java.security.Security;
import java.util.Collection;
import java.util.Iterator;
import java.util.Properties;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.core.io.DefaultResourceLoader;
import org.springframework.dao.DataAccessException;
import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.DisabledException;
import org.springframework.security.authentication.LockedException;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UsernameNotFoundException;

/* loaded from: input_file:cat/gencat/ctti/canigo/arch/security/provider/sace/authentication/dao/SACEPasswordAuthenticationDao.class */
public class SACEPasswordAuthenticationDao implements AuthenticationDAO {
    private static final Log logger = LogFactory.getLog(SACEPasswordAuthenticationDao.class);
    private static final String UTF_8 = "UTF-8";
    private AuthoritiesDAO authoritiesDAO;
    private Properties certificates;
    private UserNameFormatEnum format;
    private String keyStore;
    private String keyStorePassPhrase;
    private URL urlSACEServer;
    private boolean wasServer;
    private I18nResourceBundleMessageSource i18nResources;
    SSLSocketFactory sslSF = null;
    private XMLConverter xmlConverter = new XMLConverter();

    public void setHostName(String str) {
        try {
            this.urlSACEServer = new URL((URL) null, str, (URLStreamHandler) new Handler());
        } catch (MalformedURLException e) {
            throw new AuthenticationServiceException("Configuration problem, check the SACEHostName", e);
        }
    }

    public void setAuthoritiesDAO(AuthoritiesDAO authoritiesDAO) {
        this.authoritiesDAO = authoritiesDAO;
    }

    protected AuthoritiesDAO getAuthoritiesDAO() {
        return this.authoritiesDAO;
    }

    public void setUserNameFormat(String str) {
        if (str.equals(UserNameFormatEnum.NIF.toString())) {
            this.format = UserNameFormatEnum.NIF;
        } else {
            this.format = UserNameFormatEnum.INTERNAL_CODE;
        }
    }

    public UserNameFormatEnum getUserNameFormatEnum() {
        return this.format;
    }

    @Override // cat.gencat.ctti.canigo.arch.security.authentication.dao.AuthenticationDAO
    public UserDetails loadUserByUsernameAndPassword(String str, String str2) throws DataAccessException, BadCredentialsException {
        if (StringUtils.isBlank(str) || StringUtils.isBlank(str2)) {
            throw new AuthenticationServiceException("It should be the front-end application responsability to ensure that both user name and passwords are not empty!");
        }
        if (this.wasServer || this.keyStore == null) {
            try {
                writeLog("******* SACEPasswordAuthenticationDao --> loadUserByUsernameAndPassword(" + str + ",******)");
                writeLog("******* SACEPasswordAuthenticationDao --> sProtocolHandler: " + System.getProperty("java.protocol.handler.pkgs"));
                URLConnection openConnection = this.urlSACEServer.openConnection();
                writeLog("******* SACEPasswordAuthenticationDao --> securedHttpURLConnection: " + openConnection.getClass().getName());
                writeLog("******* SACEPasswordAuthenticationDao --> loadUserByUsernameAndPassword: connection open");
                openConnection.setDoOutput(true);
                OutputStreamWriter outputStreamWriter = new OutputStreamWriter(openConnection.getOutputStream(), UTF_8);
                writeLog("******* SACEPasswordAuthenticationDao --> loadUserByUsernameAndPassword: after securedHttpURLConnection.getOutputStream()");
                outputStreamWriter.write(getEncodedQuerryString(str, str2));
                outputStreamWriter.flush();
                outputStreamWriter.close();
                writeLog("******* SACEPasswordAuthenticationDao --> loadUserByUsernameAndPassword: after write to out");
                ReturnedCodeConverter.convertReturnedCode2AuthenticationServiceException(StringUtils.substringBetween(IOUtils.toString(openConnection.getInputStream()), "<Resultat>", "</Resultat>"), this.i18nResources);
                writeLog("******* SACEPasswordAuthenticationDao --> loadUserByUsernameAndPassword: end !!");
            } catch (LockedException e) {
                writeLog("******* SACEPasswordAuthenticationDao --> loadUserByUsernameAndPassword: LockedException " + e.getMessage());
                writeException(e);
                throw e;
            } catch (DataAccessException e2) {
                writeLog("******* SACEPasswordAuthenticationDao --> loadUserByUsernameAndPassword: DataAccessException " + e2.getMessage());
                writeException(e2);
                throw e2;
            } catch (IOException e3) {
                writeLog("******* SACEPasswordAuthenticationDao --> loadUserByUsernameAndPassword: IOException --> " + e3.getMessage());
                writeException(e3);
                throw new AuthenticationServiceException("", e3);
            } catch (Exception e4) {
                writeLog("******* SACEPasswordAuthenticationDao --> loadUserByUsernameAndPassword: PETE2 --> " + e4.getMessage());
                writeException(e4);
            } catch (DisabledException e5) {
                writeLog("******* SACEPasswordAuthenticationDao --> loadUserByUsernameAndPassword: DisabledException " + e5.getMessage());
                writeException(e5);
                throw e5;
            } catch (BadCredentialsException e6) {
                writeLog("******* SACEPasswordAuthenticationDao --> loadUserByUsernameAndPassword: BadCredentialsException " + e6.getMessage());
                writeException(e6);
                throw e6;
            }
        } else {
            StringBuffer stringBuffer = new StringBuffer();
            try {
                TrustManager[] trustManagerArr = {new AlwaysTrustManager()};
                SSLContext sSLContext = SSLContext.getInstance("SSL");
                KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509");
                keyManagerFactory.init(null, (char[]) null);
                sSLContext.init(keyManagerFactory.getKeyManagers(), trustManagerArr, null);
                HttpsURLConnection.setDefaultSSLSocketFactory(sSLContext.getSocketFactory());
                KeyStore keyStore = KeyStore.getInstance("JKS");
                InputStream inputStream = new DefaultResourceLoader().getResource(this.keyStore).getInputStream();
                try {
                    keyStore.load(inputStream, this.keyStorePassPhrase.toCharArray());
                    inputStream.close();
                    HttpURLConnection httpURLConnection = (HttpURLConnection) this.urlSACEServer.openConnection();
                    httpURLConnection.setDoInput(true);
                    httpURLConnection.setDoOutput(true);
                    PrintWriter printWriter = new PrintWriter(httpURLConnection.getOutputStream());
                    printWriter.write(getEncodedQuerryString(str, str2));
                    printWriter.close();
                    BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(httpURLConnection.getInputStream()));
                    while (true) {
                        String readLine = bufferedReader.readLine();
                        if (readLine == null) {
                            break;
                        }
                        stringBuffer.append(readLine);
                    }
                    bufferedReader.close();
                    ReturnedCodeConverter.convertReturnedCode2AuthenticationServiceException(StringUtils.substringBetween(stringBuffer.toString(), "<Resultat>", "</Resultat>"), this.i18nResources);
                } catch (IOException e7) {
                    e7.printStackTrace();
                    throw new Exception("Error carregant KeyStore " + e7);
                }
            } catch (IOException e8) {
                logger.error("Error sace", e8);
                throw new SecurityException("Error accedint al SACE ", e8);
            } catch (Exception e9) {
                logger.error("Error sace", e9);
                throw new SecurityException("Error general accedint al SACE ", e9);
            }
        }
        writeLog("******* SACEPasswordAuthenticationDao --> loadUserByUsernameAndPassword: before authoritiesDAO.getAuthorities(" + str + ")");
        Collection<GrantedAuthority> authorities = this.authoritiesDAO.getAuthorities(str, str2);
        writeLog("******* SACEPasswordAuthenticationDao --> loadUserByUsernameAndPassword: after authoritiesDAO.getAuthorities(" + str + ")");
        writeLog("******* SACEPasswordAuthenticationDao --> loadUserByUsernameAndPassword: autorities --> ");
        if (authorities != null) {
            Iterator<GrantedAuthority> it = authorities.iterator();
            while (it.hasNext()) {
                writeLog("******* SACEPasswordAuthenticationDao --> " + it.next().getAuthority());
            }
        } else {
            writeLog("******* SACEPasswordAuthenticationDao --> Authorities not found");
        }
        return new User(str, str2, true, true, true, true, authorities);
    }

    protected String getEncodedQuerryString(String str, String str2) {
        try {
            return "XMLIn=" + URLEncoder.encode(StringUtils.deleteWhitespace(this.xmlConverter.toXML(new InputQueryVO(this.format, str, str2))), UTF_8);
        } catch (UnsupportedEncodingException e) {
            throw new AuthenticationServiceException("", e);
        }
    }

    public void writeLog(String str) {
        try {
            logger.debug("\n" + str);
        } catch (Exception e) {
        }
    }

    public void writeException(Exception exc) {
        try {
            logger.error("\n ******* SACEPasswordAuthenticationDao --> stacktrace de la excepci�n " + exc.getClass().getName() + "\n", exc);
        } catch (Exception e) {
            logger.error(e);
        }
    }

    public boolean isWasServer() {
        return this.wasServer;
    }

    public void setWasServer(boolean z) {
        this.wasServer = z;
    }

    public Properties getCertificates() {
        return this.certificates;
    }

    public void setCertificates(Properties properties) {
        this.certificates = properties;
    }

    public String getKeyStore() {
        return this.keyStore;
    }

    public void setKeyStore(String str) {
        this.keyStore = str;
    }

    public String getKeyStorePassPhrase() {
        return this.keyStorePassPhrase;
    }

    public void setKeyStorePassPhrase(String str) {
        this.keyStorePassPhrase = str;
    }

    public UserDetails loadUserByUsername(String str) throws UsernameNotFoundException, DataAccessException {
        throw new UnsupportedOperationException("Use loadUserByUsernameAndPassword(String username, String password) instead!");
    }

    public I18nResourceBundleMessageSource getI18nResourceBundleMessageSource() {
        return this.i18nResources;
    }

    public void setI18nResourceBundleMessageSource(I18nResourceBundleMessageSource i18nResourceBundleMessageSource) {
        this.i18nResources = i18nResourceBundleMessageSource;
    }

    public URL getUrlSACEServer() {
        return this.urlSACEServer;
    }

    public void setUrlSACEServer(URL url) {
        this.urlSACEServer = url;
    }

    static {
        System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol|" + System.getProperty("java.protocol.handler.pkgs"));
        Security.addProvider(new Provider());
    }
}
