package org.dcache.srm.request.sql;

import com.google.common.collect.Iterables;
import com.google.common.io.Files;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.sql.Connection;
import java.sql.DatabaseMetaData;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
import java.util.Iterator;
import org.dcache.srm.request.RequestCredential;
import org.dcache.srm.request.RequestCredentialStorage;
import org.dcache.srm.util.Configuration;
import org.dcache.util.Glob;
import org.globus.gsi.CredentialException;
import org.globus.gsi.X509Credential;
import org.globus.gsi.gssapi.GlobusGSSCredentialImpl;
import org.gridforum.jgss.ExtendedGSSCredential;
import org.ietf.jgss.GSSCredential;
import org.ietf.jgss.GSSException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.dao.DataAccessException;
import org.springframework.jdbc.core.ConnectionCallback;
import org.springframework.jdbc.core.JdbcTemplate;
import org.springframework.jdbc.core.RowMapper;

/* loaded from: input_file:org/dcache/srm/request/sql/DatabaseRequestCredentialStorage.class */
public class DatabaseRequestCredentialStorage implements RequestCredentialStorage {
    private static final Logger logger = LoggerFactory.getLogger(DatabaseRequestCredentialStorage.class);
    private final JdbcTemplate jdbcTemplate;
    protected static final String stringType = " VARCHAR(32672)  ";
    protected static final String longType = " BIGINT ";
    protected static final String intType = " INTEGER ";
    protected static final String dateTimeType = " TIMESTAMP ";
    protected static final String booleanType = " INT ";
    private final String credentialsDirectory;
    public static final String requestCredentialTableName = "srmrequestcredentials";
    public static final String createRequestCredentialTable = "CREATE TABLE srmrequestcredentials ( id  BIGINT  NOT NULL PRIMARY KEY,creationtime  BIGINT ,credentialname  VARCHAR(32672)  ,role  VARCHAR(32672)  ,numberofusers  INTEGER ,delegatedcredentials  VARCHAR(32672)  ,credentialexpiration  BIGINT  )";
    public static final String INSERT = "INSERT INTO srmrequestcredentials (id, creationtime, credentialname, role, numberofusers, delegatedcredentials, credentialexpiration)  VALUES ( ?,?,?,?,?,?,?) ";
    public static final String SELECT = "SELECT * FROM srmrequestcredentials WHERE ";
    public static final String SELECT_BY_ID = "SELECT * FROM srmrequestcredentials WHERE id=?";
    public static final String SELECT_BY_NAME = "SELECT * FROM srmrequestcredentials WHERE credentialname=? AND role IS null ORDER BY credentialexpiration DESC";
    public static final String SELECT_BY_NAME_AND_ROLE = "SELECT * FROM srmrequestcredentials WHERE credentialname=? AND role=? ORDER BY credentialexpiration DESC";
    private static final String UPDATE = "UPDATE srmrequestcredentials SET creationtime=?, credentialname=?, role=?,  numberofusers=?, delegatedcredentials=?, credentialexpiration=? where id=? ";
    private static final String COUNT_ROWS_MATCHING_NAME = "SELECT COUNT(1) FROM srmrequestcredentials WHERE credentialname=?";
    private static final String COUNT_ROWS_MATCHING_NAME_AND_ROLE = "SELECT COUNT(1) FROM srmrequestcredentials WHERE credentialname=? AND role=?";
    private static final String DELETE_GIVEN_ID = "DELETE FROM srmrequestcredentials WHERE id=?";
    private static final String SEARCH_BY_NAME = "SELECT * FROM srmrequestcredentials WHERE credentialname LIKE ? AND role IS NULL ORDER BY credentialexpiration DESC";
    private static final String SEARCH_BY_NAME_AND_ROLE = "SELECT * FROM srmrequestcredentials WHERE credentialname LIKE ? AND role LIKE ? ORDER BY credentialexpiration DESC";

    public DatabaseRequestCredentialStorage(Configuration configuration) throws DataAccessException {
        this.credentialsDirectory = configuration.getCredentialsDirectory();
        this.jdbcTemplate = new JdbcTemplate(configuration.getDataSource());
        File file = new File(this.credentialsDirectory);
        if (!file.exists() && !file.mkdir()) {
            logger.error("failed to create directory " + this.credentialsDirectory);
        }
        if (!file.isDirectory() || !file.canWrite()) {
            logger.error("credential directory " + this.credentialsDirectory + " does not exist or is not writable");
        }
        dbInit();
    }

    public String getTableName() {
        return requestCredentialTableName;
    }

    private void dbInit() throws DataAccessException {
        this.jdbcTemplate.execute(new ConnectionCallback<Void>() { // from class: org.dcache.srm.request.sql.DatabaseRequestCredentialStorage.1
            /* renamed from: doInConnection, reason: merged with bridge method [inline-methods] */
            public Void m85doInConnection(Connection connection) throws SQLException, DataAccessException {
                DatabaseMetaData metaData = connection.getMetaData();
                ResultSet tables = metaData.getTables(null, null, Utilities.getIdentifierAsStored(metaData, DatabaseRequestCredentialStorage.this.getTableName()), null);
                Throwable th = null;
                try {
                    if (!tables.next()) {
                        Statement createStatement = connection.createStatement();
                        Throwable th2 = null;
                        try {
                            try {
                                DatabaseRequestCredentialStorage.logger.debug("dbInit trying CREATE TABLE srmrequestcredentials ( id  BIGINT  NOT NULL PRIMARY KEY,creationtime  BIGINT ,credentialname  VARCHAR(32672)  ,role  VARCHAR(32672)  ,numberofusers  INTEGER ,delegatedcredentials  VARCHAR(32672)  ,credentialexpiration  BIGINT  )");
                                createStatement.executeUpdate(DatabaseRequestCredentialStorage.createRequestCredentialTable);
                                if (createStatement != null) {
                                    if (0 != 0) {
                                        try {
                                            createStatement.close();
                                        } catch (Throwable th3) {
                                            th2.addSuppressed(th3);
                                        }
                                    } else {
                                        createStatement.close();
                                    }
                                }
                            } catch (Throwable th4) {
                                th2 = th4;
                                throw th4;
                            }
                        } catch (Throwable th5) {
                            if (createStatement != null) {
                                if (th2 != null) {
                                    try {
                                        createStatement.close();
                                    } catch (Throwable th6) {
                                        th2.addSuppressed(th6);
                                    }
                                } else {
                                    createStatement.close();
                                }
                            }
                            throw th5;
                        }
                    }
                    if (tables == null) {
                        return null;
                    }
                    if (0 == 0) {
                        tables.close();
                        return null;
                    }
                    try {
                        tables.close();
                        return null;
                    } catch (Throwable th7) {
                        th.addSuppressed(th7);
                        return null;
                    }
                } catch (Throwable th8) {
                    if (tables != null) {
                        if (0 != 0) {
                            try {
                                tables.close();
                            } catch (Throwable th9) {
                                th.addSuppressed(th9);
                            }
                        } else {
                            tables.close();
                        }
                    }
                    throw th8;
                }
            }
        });
    }

    public void createRequestCredential(RequestCredential requestCredential) {
        GSSCredential delegatedCredential = requestCredential.getDelegatedCredential();
        String str = null;
        if (delegatedCredential != null) {
            str = this.credentialsDirectory + "/" + requestCredential.getId();
            write(delegatedCredential, str);
        }
        this.jdbcTemplate.update(INSERT, new Object[]{Long.valueOf(requestCredential.getId()), Long.valueOf(requestCredential.getCreationtime()), requestCredential.getCredentialName(), requestCredential.getRole(), 0, str, Long.valueOf(requestCredential.getDelegatedCredentialExpiration())});
    }

    private RequestCredential getRequestCredentialByCondition(String str, Object... objArr) throws DataAccessException {
        return (RequestCredential) Iterables.getFirst(this.jdbcTemplate.query(str, objArr, new RowMapper<RequestCredential>() { // from class: org.dcache.srm.request.sql.DatabaseRequestCredentialStorage.2
            /* renamed from: mapRow, reason: merged with bridge method [inline-methods] */
            public RequestCredential m86mapRow(ResultSet resultSet, int i) throws SQLException {
                return new RequestCredential(Long.valueOf(resultSet.getLong("id")), resultSet.getLong("creationtime"), resultSet.getString("credentialname"), resultSet.getString("role"), DatabaseRequestCredentialStorage.this.read(resultSet.getString("delegatedcredentials")), resultSet.getLong("credentialexpiration"), DatabaseRequestCredentialStorage.this);
            }
        }), (Object) null);
    }

    @Override // org.dcache.srm.request.RequestCredentialStorage
    public RequestCredential getRequestCredential(Long l) throws DataAccessException {
        return getRequestCredentialByCondition(SELECT_BY_ID, l);
    }

    @Override // org.dcache.srm.request.RequestCredentialStorage
    public RequestCredential getRequestCredential(String str, String str2) throws DataAccessException {
        return isRoleSpecified(str2) ? getRequestCredentialByCondition(SELECT_BY_NAME_AND_ROLE, str, str2) : getRequestCredentialByCondition(SELECT_BY_NAME, str);
    }

    @Override // org.dcache.srm.request.RequestCredentialStorage
    public void saveRequestCredential(RequestCredential requestCredential) {
        GSSCredential delegatedCredential = requestCredential.getDelegatedCredential();
        String str = null;
        if (delegatedCredential != null) {
            str = this.credentialsDirectory + "/" + requestCredential.getId();
            write(delegatedCredential, str);
        }
        if (this.jdbcTemplate.update(UPDATE, new Object[]{Long.valueOf(requestCredential.getCreationtime()), requestCredential.getCredentialName(), requestCredential.getRole(), 0, str, Long.valueOf(requestCredential.getDelegatedCredentialExpiration()), Long.valueOf(requestCredential.getId())}) == 0) {
            createRequestCredential(requestCredential);
        }
    }

    private void write(GSSCredential gSSCredential, String str) {
        if (gSSCredential != null) {
            try {
                if (gSSCredential instanceof ExtendedGSSCredential) {
                    Files.write(((ExtendedGSSCredential) gSSCredential).export(0), new File(str));
                }
            } catch (IOException | GSSException e) {
                logger.error(e.toString());
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public GSSCredential read(String str) {
        if (str == null) {
            return null;
        }
        try {
            try {
                FileInputStream fileInputStream = new FileInputStream(str);
                Throwable th = null;
                try {
                    try {
                        GlobusGSSCredentialImpl globusGSSCredentialImpl = new GlobusGSSCredentialImpl(new X509Credential(fileInputStream), 1);
                        if (fileInputStream != null) {
                            if (0 != 0) {
                                try {
                                    fileInputStream.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            } else {
                                fileInputStream.close();
                            }
                        }
                        return globusGSSCredentialImpl;
                    } catch (Throwable th3) {
                        th = th3;
                        throw th3;
                    }
                } catch (Throwable th4) {
                    if (fileInputStream != null) {
                        if (th != null) {
                            try {
                                fileInputStream.close();
                            } catch (Throwable th5) {
                                th.addSuppressed(th5);
                            }
                        } else {
                            fileInputStream.close();
                        }
                    }
                    throw th4;
                }
            } catch (IOException e) {
                logger.debug("fileNameToGSSCredentilal(" + str + ") failed with " + e);
                return null;
            }
        } catch (GSSException | CredentialException e2) {
            logger.error("error reading the credentials from database: {}", e2.toString());
            return null;
        }
    }

    public static int update(Connection connection, String str, Object... objArr) throws SQLException {
        PreparedStatement prepareStatement = connection.prepareStatement(str);
        Throwable th = null;
        try {
            for (int i = 0; i < objArr.length; i++) {
                prepareStatement.setObject(i + 1, objArr[i]);
            }
            int executeUpdate = prepareStatement.executeUpdate();
            if (prepareStatement != null) {
                if (0 != 0) {
                    try {
                        prepareStatement.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                } else {
                    prepareStatement.close();
                }
            }
            return executeUpdate;
        } catch (Throwable th3) {
            if (prepareStatement != null) {
                if (0 != 0) {
                    try {
                        prepareStatement.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    prepareStatement.close();
                }
            }
            throw th3;
        }
    }

    public static int delete(Connection connection, String str, Object... objArr) throws SQLException {
        return update(connection, str, objArr);
    }

    public static int insert(Connection connection, String str, Object... objArr) throws SQLException {
        return update(connection, str, objArr);
    }

    public static PreparedStatement prepare(Connection connection, String str, Object... objArr) throws SQLException {
        PreparedStatement prepareStatement = connection.prepareStatement(str);
        for (int i = 0; i < objArr.length; i++) {
            prepareStatement.setObject(i + 1, objArr[i]);
        }
        return prepareStatement;
    }

    private static boolean isRoleSpecified(String str) {
        return (str == null || str.equalsIgnoreCase("null")) ? false : true;
    }

    @Override // org.dcache.srm.request.RequestCredentialStorage
    public boolean hasRequestCredential(String str, String str2) throws IOException {
        return isRoleSpecified(str2) ? queryForInt(COUNT_ROWS_MATCHING_NAME_AND_ROLE, str, str2) > 0 : queryForInt(COUNT_ROWS_MATCHING_NAME, str) > 0;
    }

    public int queryForInt(String str, Object... objArr) {
        return ((Integer) this.jdbcTemplate.queryForObject(str, objArr, Integer.class)).intValue();
    }

    @Override // org.dcache.srm.request.RequestCredentialStorage
    public boolean deleteRequestCredential(String str, String str2) throws IOException {
        boolean z = false;
        boolean z2 = false;
        Iterator<Long> it = idsMatching(str, str2).iterator();
        while (it.hasNext()) {
            long longValue = it.next().longValue();
            File file = new File(new File(this.credentialsDirectory), String.valueOf(longValue));
            if (!file.exists()) {
                logger.warn("cannot find credential file to delete it: {}", file.getAbsolutePath());
            }
            if (file.delete()) {
                this.jdbcTemplate.update(DELETE_GIVEN_ID, new Object[]{Long.valueOf(longValue)});
                z = true;
            } else {
                logger.error("cannot delete credential file: {}", file.getAbsolutePath());
                z2 = true;
            }
        }
        if (z2) {
            throw new IOException("Internal problem prevented credential destruction");
        }
        return z;
    }

    private Iterable<Long> idsMatching(String str, String str2) {
        return isRoleSpecified(str2) ? this.jdbcTemplate.queryForList("SELECT id FROM srmrequestcredentials WHERE credentialname=? AND role=?", Long.class, new Object[]{str, str2}) : this.jdbcTemplate.queryForList("SELECT id FROM srmrequestcredentials WHERE credentialname=?", Long.class, new Object[]{str});
    }

    @Override // org.dcache.srm.request.RequestCredentialStorage
    public RequestCredential searchRequestCredential(Glob glob, Glob glob2) {
        String sql = glob.toSql();
        return glob2 != null ? getRequestCredentialByCondition(SEARCH_BY_NAME_AND_ROLE, sql, glob2.toSql()) : getRequestCredentialByCondition(SEARCH_BY_NAME, sql);
    }
}
