package blackboard.platform.security.authentication;

import blackboard.db.ConnectionManager;
import blackboard.db.ConnectionNotAvailableException;
import blackboard.db.DbUtil;
import blackboard.platform.BbServiceManager;
import blackboard.platform.config.ConfigurationService;
import blackboard.platform.intl.BbResourceBundle;
import blackboard.platform.security.SecurityUtil;
import blackboard.platform.servlet.RequestSessionFilter;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;

/* loaded from: input_file:blackboard/platform/security/authentication/RDBMSAuthUtil.class */
public class RDBMSAuthUtil {
    private static final int SQL_NULL = 0;
    private static final String SQL_LOAD_SESSION_ID_FOR_MD5 = "select session_id from sessions where md5 = ?";
    private static final String _sqlPersistChallengeToken = "update sessions set one_time_token = ? where session_id = ? ";
    private static final String _sqlLoadChallengeToken = "select one_time_token from sessions where session_id = ? ";

    public static void init(ConfigurationService configurationService) {
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String generateChallenge() {
        return SecurityUtil.getHashValue(String.valueOf(Math.random()));
    }

    public static String getHashValue(String str) {
        return SecurityUtil.getHashValue(str);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void persistChallengeToken(String str, int i) {
        ConnectionManager connectionManager = null;
        Connection connection = null;
        try {
            try {
                try {
                    connectionManager = ConnectionManager.getDefaultInstance();
                    connection = connectionManager.getConnection();
                    PreparedStatement prepareStatement = connection.prepareStatement(_sqlPersistChallengeToken);
                    int i2 = 0 + 1;
                    prepareStatement.setString(i2, str);
                    prepareStatement.setInt(i2 + 1, i);
                    prepareStatement.executeUpdate();
                    if (connectionManager != null) {
                        connectionManager.releaseConnection(connection);
                    }
                } catch (SQLException e) {
                    e.printStackTrace();
                    if (connectionManager != null) {
                        connectionManager.releaseConnection(connection);
                    }
                }
            } catch (ConnectionNotAvailableException e2) {
                e2.printStackTrace();
                if (connectionManager != null) {
                    connectionManager.releaseConnection(connection);
                }
            }
        } catch (Throwable th) {
            if (connectionManager != null) {
                connectionManager.releaseConnection(connection);
            }
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String loadChallengeToken(int i) {
        String str = null;
        ConnectionManager connectionManager = null;
        Connection connection = null;
        try {
            try {
                try {
                    connectionManager = ConnectionManager.getDefaultInstance();
                    connection = connectionManager.getConnection();
                    PreparedStatement prepareStatement = connection.prepareStatement(_sqlLoadChallengeToken);
                    prepareStatement.setInt(0 + 1, i);
                    ResultSet executeQuery = prepareStatement.executeQuery();
                    while (executeQuery.next()) {
                        str = executeQuery.getString(0 + 1);
                    }
                    if (connectionManager != null) {
                        connectionManager.releaseConnection(connection);
                    }
                } catch (ConnectionNotAvailableException e) {
                    e.printStackTrace();
                    if (connectionManager != null) {
                        connectionManager.releaseConnection(connection);
                    }
                }
            } catch (SQLException e2) {
                e2.printStackTrace();
                if (connectionManager != null) {
                    connectionManager.releaseConnection(connection);
                }
            } catch (Exception e3) {
                e3.printStackTrace();
                if (connectionManager != null) {
                    connectionManager.releaseConnection(connection);
                }
            }
            return str;
        } catch (Throwable th) {
            if (connectionManager != null) {
                connectionManager.releaseConnection(connection);
            }
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static int getSessionId(HttpServletRequest httpServletRequest) {
        int i = -1;
        try {
            i = getSessionIdForMd5(getCookieMD5SessionId(httpServletRequest));
        } catch (Exception e) {
            e.printStackTrace();
        }
        return i;
    }

    static String getCookieMD5SessionId(HttpServletRequest httpServletRequest) {
        String value;
        String str = null;
        Cookie[] cookies = httpServletRequest.getCookies();
        if (cookies == null) {
            return null;
        }
        for (Cookie cookie : cookies) {
            if (cookie.getName().toLowerCase().startsWith(RequestSessionFilter.SESSION_COOKIE) && (value = cookie.getValue()) != null && value.length() > 2) {
                str = value.startsWith("@@") ? value.substring(2) : value;
            }
        }
        if (str == null) {
            str = (String) httpServletRequest.getAttribute("session-id");
        }
        return str;
    }

    public static boolean sessionCookiePersisted(String str) throws BbSecurityException {
        return getSessionIdForMd5(str) > -1;
    }

    static int getSessionIdForMd5(String str) throws BbSecurityException {
        ConnectionManager defaultInstance;
        int i = -1;
        BbResourceBundle bundle = BbServiceManager.getBundleManager().getBundle("security");
        ConnectionManager connectionManager = null;
        try {
            try {
                defaultInstance = ConnectionManager.getDefaultInstance();
            } catch (ConnectionNotAvailableException e) {
                e.printStackTrace();
                DbUtil.closeResultSet(null);
                DbUtil.closeStatement(null);
                if (0 != 0) {
                    connectionManager.releaseConnection(null);
                }
            } catch (SQLException e2) {
                e2.printStackTrace();
                throw new BbSecurityException(bundle.getString("auth.persist.error.user"));
            }
            if (defaultInstance == null) {
                throw new SQLException(bundle.getString("auth.persist.no.connection.mgr"));
            }
            Connection connection = defaultInstance.getConnection();
            PreparedStatement prepareStatement = connection.prepareStatement(SQL_LOAD_SESSION_ID_FOR_MD5);
            prepareStatement.setString(1, str);
            ResultSet executeQuery = prepareStatement.executeQuery();
            if (executeQuery.next()) {
                i = executeQuery.getInt(1);
                if (i == 0) {
                    throw new BbSecurityException(bundle.getString("auth.persist.null.session"));
                }
            } else {
                BbServiceManager.getLogService().logDebug(bundle.getString("auth.persist.error.session"));
            }
            DbUtil.closeResultSet(executeQuery);
            DbUtil.closeStatement(prepareStatement);
            if (defaultInstance != null) {
                defaultInstance.releaseConnection(connection);
            }
            return i;
        } catch (Throwable th) {
            DbUtil.closeResultSet(null);
            DbUtil.closeStatement(null);
            if (0 != 0) {
                connectionManager.releaseConnection(null);
            }
            throw th;
        }
    }
}
