package org.springframework.security.userdetails.jdbc;

import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.List;
import javax.sql.DataSource;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.context.ApplicationContextException;
import org.springframework.jdbc.core.SqlParameter;
import org.springframework.jdbc.object.MappingSqlQuery;
import org.springframework.jdbc.object.SqlQuery;
import org.springframework.jdbc.object.SqlUpdate;
import org.springframework.security.AccessDeniedException;
import org.springframework.security.Authentication;
import org.springframework.security.AuthenticationException;
import org.springframework.security.AuthenticationManager;
import org.springframework.security.context.SecurityContextHolder;
import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
import org.springframework.security.providers.dao.UserCache;
import org.springframework.security.providers.dao.cache.NullUserCache;
import org.springframework.security.userdetails.UserDetails;
import org.springframework.security.userdetails.UserDetailsManager;
import org.springframework.util.Assert;

/* loaded from: input_file:WEB-INF/lib/spring-security-core-2.0-M1.jar:org/springframework/security/userdetails/jdbc/JdbcUserDetailsManager.class */
public class JdbcUserDetailsManager extends JdbcDaoImpl implements UserDetailsManager {
    public static final String DEF_CREATE_USER_SQL = "insert into users (username, password, enabled) values (?,?,?)";
    public static final String DEF_DELETE_USER_SQL = "delete from users where username = ?";
    public static final String DEF_UPDATE_USER_SQL = "update users set password = ?, enabled = ? where username = ?";
    public static final String DEF_INSERT_AUTHORITY_SQL = "insert into authorities (username, authority) values (?,?)";
    public static final String DEF_DELETE_USER_AUTHORITIES_SQL = "delete from authorities where username = ?";
    public static final String DEF_USER_EXISTS_SQL = "select username from users where username = ?";
    public static final String DEF_CHANGE_PASSWORD_SQL = "update users set password = ? where username = ?";
    protected SqlUpdate insertUser;
    protected SqlUpdate deleteUser;
    protected SqlUpdate updateUser;
    protected SqlUpdate insertAuthority;
    protected SqlUpdate deleteUserAuthorities;
    protected SqlQuery userExistsQuery;
    protected SqlUpdate changePassword;
    private AuthenticationManager authenticationManager;
    protected final Log logger = LogFactory.getLog(getClass());
    private String createUserSql = DEF_CREATE_USER_SQL;
    private String deleteUserSql = DEF_DELETE_USER_SQL;
    private String updateUserSql = DEF_UPDATE_USER_SQL;
    private String createAuthoritySql = DEF_INSERT_AUTHORITY_SQL;
    private String deleteUserAuthoritiesSql = DEF_DELETE_USER_AUTHORITIES_SQL;
    private String userExistsSql = DEF_USER_EXISTS_SQL;
    private String changePasswordSql = DEF_CHANGE_PASSWORD_SQL;
    private UserCache userCache = new NullUserCache();

    /* loaded from: input_file:WEB-INF/lib/spring-security-core-2.0-M1.jar:org/springframework/security/userdetails/jdbc/JdbcUserDetailsManager$ChangePassword.class */
    protected class ChangePassword extends SqlUpdate {
        private final JdbcUserDetailsManager this$0;

        public ChangePassword(JdbcUserDetailsManager jdbcUserDetailsManager, DataSource dataSource) {
            super(dataSource, jdbcUserDetailsManager.changePasswordSql);
            this.this$0 = jdbcUserDetailsManager;
            declareParameter(new SqlParameter(12));
            declareParameter(new SqlParameter(12));
            compile();
        }
    }

    /* loaded from: input_file:WEB-INF/lib/spring-security-core-2.0-M1.jar:org/springframework/security/userdetails/jdbc/JdbcUserDetailsManager$DeleteUser.class */
    protected class DeleteUser extends SqlUpdate {
        private final JdbcUserDetailsManager this$0;

        public DeleteUser(JdbcUserDetailsManager jdbcUserDetailsManager, DataSource dataSource) {
            super(dataSource, jdbcUserDetailsManager.deleteUserSql);
            this.this$0 = jdbcUserDetailsManager;
            declareParameter(new SqlParameter(12));
            compile();
        }
    }

    /* loaded from: input_file:WEB-INF/lib/spring-security-core-2.0-M1.jar:org/springframework/security/userdetails/jdbc/JdbcUserDetailsManager$DeleteUserAuthorities.class */
    protected class DeleteUserAuthorities extends SqlUpdate {
        private final JdbcUserDetailsManager this$0;

        public DeleteUserAuthorities(JdbcUserDetailsManager jdbcUserDetailsManager, DataSource dataSource) {
            super(dataSource, jdbcUserDetailsManager.deleteUserAuthoritiesSql);
            this.this$0 = jdbcUserDetailsManager;
            declareParameter(new SqlParameter(12));
            compile();
        }
    }

    /* loaded from: input_file:WEB-INF/lib/spring-security-core-2.0-M1.jar:org/springframework/security/userdetails/jdbc/JdbcUserDetailsManager$InsertAuthority.class */
    protected class InsertAuthority extends SqlUpdate {
        private final JdbcUserDetailsManager this$0;

        public InsertAuthority(JdbcUserDetailsManager jdbcUserDetailsManager, DataSource dataSource) {
            super(dataSource, jdbcUserDetailsManager.createAuthoritySql);
            this.this$0 = jdbcUserDetailsManager;
            declareParameter(new SqlParameter(12));
            declareParameter(new SqlParameter(12));
            compile();
        }
    }

    /* loaded from: input_file:WEB-INF/lib/spring-security-core-2.0-M1.jar:org/springframework/security/userdetails/jdbc/JdbcUserDetailsManager$InsertUser.class */
    protected class InsertUser extends SqlUpdate {
        private final JdbcUserDetailsManager this$0;

        public InsertUser(JdbcUserDetailsManager jdbcUserDetailsManager, DataSource dataSource) {
            super(dataSource, jdbcUserDetailsManager.createUserSql);
            this.this$0 = jdbcUserDetailsManager;
            declareParameter(new SqlParameter(12));
            declareParameter(new SqlParameter(12));
            declareParameter(new SqlParameter(16));
            compile();
        }
    }

    /* loaded from: input_file:WEB-INF/lib/spring-security-core-2.0-M1.jar:org/springframework/security/userdetails/jdbc/JdbcUserDetailsManager$UpdateUser.class */
    protected class UpdateUser extends SqlUpdate {
        private final JdbcUserDetailsManager this$0;

        public UpdateUser(JdbcUserDetailsManager jdbcUserDetailsManager, DataSource dataSource) {
            super(dataSource, jdbcUserDetailsManager.updateUserSql);
            this.this$0 = jdbcUserDetailsManager;
            declareParameter(new SqlParameter(12));
            declareParameter(new SqlParameter(16));
            declareParameter(new SqlParameter(12));
            compile();
        }
    }

    /* loaded from: input_file:WEB-INF/lib/spring-security-core-2.0-M1.jar:org/springframework/security/userdetails/jdbc/JdbcUserDetailsManager$UserExistsQuery.class */
    protected class UserExistsQuery extends MappingSqlQuery {
        private final JdbcUserDetailsManager this$0;

        public UserExistsQuery(JdbcUserDetailsManager jdbcUserDetailsManager, DataSource dataSource) {
            super(dataSource, jdbcUserDetailsManager.userExistsSql);
            this.this$0 = jdbcUserDetailsManager;
            declareParameter(new SqlParameter(12));
            compile();
        }

        @Override // org.springframework.jdbc.object.MappingSqlQuery
        protected Object mapRow(ResultSet resultSet, int i) throws SQLException {
            return resultSet.getString(1);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.springframework.security.userdetails.jdbc.JdbcDaoImpl, org.springframework.dao.support.DaoSupport
    public void initDao() throws ApplicationContextException {
        if (this.authenticationManager == null) {
            this.logger.info("No authentication manager set. Reauthentication of users when changing passwords willnot be performed.");
        }
        this.insertUser = new InsertUser(this, getDataSource());
        this.deleteUser = new DeleteUser(this, getDataSource());
        this.updateUser = new UpdateUser(this, getDataSource());
        this.insertAuthority = new InsertAuthority(this, getDataSource());
        this.deleteUserAuthorities = new DeleteUserAuthorities(this, getDataSource());
        this.userExistsQuery = new UserExistsQuery(this, getDataSource());
        this.changePassword = new ChangePassword(this, getDataSource());
        super.initDao();
    }

    @Override // org.springframework.security.userdetails.UserDetailsManager
    public void createUser(UserDetails userDetails) {
        this.insertUser.update(new Object[]{userDetails.getUsername(), userDetails.getPassword(), Boolean.valueOf(userDetails.isEnabled())});
        for (int i = 0; i < userDetails.getAuthorities().length; i++) {
            this.insertAuthority.update(userDetails.getUsername(), userDetails.getAuthorities()[i].getAuthority());
        }
    }

    @Override // org.springframework.security.userdetails.UserDetailsManager
    public void updateUser(UserDetails userDetails) {
        this.updateUser.update(new Object[]{userDetails.getPassword(), Boolean.valueOf(userDetails.isEnabled()), userDetails.getUsername()});
        this.deleteUserAuthorities.update(userDetails.getUsername());
        for (int i = 0; i < userDetails.getAuthorities().length; i++) {
            this.insertAuthority.update(userDetails.getUsername(), userDetails.getAuthorities()[i].getAuthority());
        }
        this.userCache.removeUserFromCache(userDetails.getUsername());
    }

    @Override // org.springframework.security.userdetails.UserDetailsManager
    public void deleteUser(String str) {
        this.deleteUserAuthorities.update(str);
        this.deleteUser.update(str);
        this.userCache.removeUserFromCache(str);
    }

    @Override // org.springframework.security.userdetails.UserDetailsManager
    public void changePassword(String str, String str2) throws AuthenticationException {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication == null) {
            throw new AccessDeniedException("Can't change password as no Authentication object found in context for current user.");
        }
        String name = authentication.getName();
        if (this.authenticationManager != null) {
            this.logger.debug(new StringBuffer().append("Reauthenticating user '").append(name).append("' for password change request.").toString());
            this.authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(name, str));
        } else {
            this.logger.debug("No authentication manager set. Password won't be re-checked.");
        }
        this.logger.debug(new StringBuffer().append("Changing password for user '").append(name).append("'").toString());
        this.changePassword.update(new String[]{str2, name});
        SecurityContextHolder.getContext().setAuthentication(createNewAuthentication(authentication, str2));
        this.userCache.removeUserFromCache(name);
    }

    protected Authentication createNewAuthentication(Authentication authentication, String str) {
        UserDetails loadUserByUsername = loadUserByUsername(authentication.getName());
        UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken(loadUserByUsername, loadUserByUsername.getPassword(), loadUserByUsername.getAuthorities());
        usernamePasswordAuthenticationToken.setDetails(authentication.getDetails());
        return usernamePasswordAuthenticationToken;
    }

    @Override // org.springframework.security.userdetails.UserDetailsManager
    public boolean userExists(String str) {
        List execute = this.userExistsQuery.execute(str);
        if (execute.size() > 1) {
            throw new IllegalStateException(new StringBuffer().append("More than one user found with name '").append(str).append("'").toString());
        }
        return execute.size() == 1;
    }

    public void setAuthenticationManager(AuthenticationManager authenticationManager) {
        this.authenticationManager = authenticationManager;
    }

    public void setCreateUserSql(String str) {
        Assert.hasText(str);
        this.createUserSql = str;
    }

    public void setDeleteUserSql(String str) {
        Assert.hasText(str);
        this.deleteUserSql = str;
    }

    public void setUpdateUserSql(String str) {
        Assert.hasText(str);
        this.updateUserSql = str;
    }

    public void setCreateAuthoritySql(String str) {
        Assert.hasText(str);
        this.createAuthoritySql = str;
    }

    public void setDeleteUserAuthoritiesSql(String str) {
        Assert.hasText(str);
        this.deleteUserAuthoritiesSql = str;
    }

    public void setUserExistsSql(String str) {
        Assert.hasText(str);
        this.userExistsSql = str;
    }

    public void setChangePasswordSql(String str) {
        Assert.hasText(str);
        this.changePasswordSql = str;
    }

    public void setUserCache(UserCache userCache) {
        Assert.notNull(userCache, "userCache cannot be null");
        this.userCache = userCache;
    }
}
