package org.wso2.carbon.cassandra.server;

import java.util.Collections;
import java.util.Map;
import javax.cache.Cache;
import javax.cache.Caching;
import org.apache.cassandra.auth.AuthenticatedUser;
import org.apache.cassandra.auth.IAuthenticator;
import org.apache.cassandra.config.ConfigurationException;
import org.apache.cassandra.thrift.AuthenticationException;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.cassandra.common.cache.UserAccessKeyCache;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.identity.authentication.AuthenticationService;

/* loaded from: input_file:org/wso2/carbon/cassandra/server/CarbonCassandraAuthenticator.class */
public class CarbonCassandraAuthenticator implements IAuthenticator {
    private static final Log log;
    public static final String USERNAME_KEY = "username";
    public static final String PASSWORD_KEY = "password";
    private static final String CASSANDRA_ACCESS_KEY_CACHE = "CASSANDRA_ACCESS_KEY_CACHE";
    private static final String CASSANDRA_ACCESS_CACHE_MANAGER = "CASSANDRA_ACCESS_CACHE_MANAGER";
    private static final String CASSANDRA_API_CREDENTIAL_CACHE_MANAGER = "CASSANDRA_API_CREDENTIAL_CACHE_MANAGER";
    private static final String CASSANDRA_API_CREDENTIAL_CACHE = "CASSANDRA_API_CREDENTIAL_CACHE";
    private AuthenticationService authenticationService;
    static final /* synthetic */ boolean $assertionsDisabled;

    public AuthenticatedUser defaultUser() {
        return null;
    }

    public AuthenticatedUser authenticate(Map<? extends CharSequence, ? extends CharSequence> map) throws AuthenticationException {
        String str = "carbon.super";
        CharSequence charSequence = map.get(USERNAME_KEY);
        if (null == charSequence) {
            logAndAuthenticationException("Authentication request was missing the required key 'username'");
        }
        if (!$assertionsDisabled && charSequence == null) {
            throw new AssertionError();
        }
        String obj = charSequence.toString();
        if (obj.indexOf("@") > 0) {
            str = obj.substring(obj.indexOf("@") + 1);
            if (str == null || str.trim().equals("")) {
                logAndAuthenticationException("Authentication request was missing the domain name of the user in the key username");
            }
        }
        CharSequence charSequence2 = map.get(PASSWORD_KEY);
        if (null == charSequence2) {
            logAndAuthenticationException("Authentication request was missing the required key 'password'");
        }
        if (!$assertionsDisabled && charSequence2 == null) {
            throw new AssertionError();
        }
        String obj2 = charSequence2.toString();
        if (authenticateUser(obj, obj2)) {
            if (log.isDebugEnabled()) {
                log.debug("Credentials for Username : " + obj + " added to cache");
            }
            return new AuthenticatedUser(obj, Collections.emptySet(), str);
        }
        if (isAuthenticated(obj, obj2)) {
            return new AuthenticatedUser(obj, Collections.emptySet(), str);
        }
        return null;
    }

    private boolean isAuthenticated(String str, String str2) {
        try {
            PrivilegedCarbonContext.startTenantFlow();
            PrivilegedCarbonContext threadLocalCarbonContext = PrivilegedCarbonContext.getThreadLocalCarbonContext();
            threadLocalCarbonContext.setTenantDomain("carbon.super");
            threadLocalCarbonContext.setTenantId(-1234);
            UserAccessKeyCache userAccessKeyCache = (UserAccessKeyCache) Caching.getCacheManagerFactory().getCacheManager(CASSANDRA_ACCESS_CACHE_MANAGER).getCache(CASSANDRA_ACCESS_KEY_CACHE).get(str2);
            PrivilegedCarbonContext.endTenantFlow();
            if (userAccessKeyCache == null && log.isDebugEnabled()) {
                log.debug("The key is not present in CASSANDRA_ACCESS_KEY_CACHE");
            }
            return (str2 == null || userAccessKeyCache == null || !str2.equals(userAccessKeyCache.getAccessKey().substring(str.length()))) ? false : true;
        } catch (Throwable th) {
            PrivilegedCarbonContext.endTenantFlow();
            throw th;
        }
    }

    private boolean authenticateUser(String str, String str2) {
        try {
            PrivilegedCarbonContext.startTenantFlow();
            PrivilegedCarbonContext threadLocalCarbonContext = PrivilegedCarbonContext.getThreadLocalCarbonContext();
            threadLocalCarbonContext.setTenantDomain("carbon.super");
            threadLocalCarbonContext.setTenantId(-1234);
            Cache cache = Caching.getCacheManagerFactory().getCacheManager(CASSANDRA_API_CREDENTIAL_CACHE_MANAGER).getCache(CASSANDRA_API_CREDENTIAL_CACHE);
            if (cache.get(str) != null && ((UserAccessKeyCache) cache.get(str)).getAccessKey().equals(str2)) {
                PrivilegedCarbonContext.endTenantFlow();
                return true;
            }
            if (!this.authenticationService.authenticate(str, str2)) {
                return false;
            }
            cache.put(str, new UserAccessKeyCache(str2));
            PrivilegedCarbonContext.endTenantFlow();
            return true;
        } finally {
            PrivilegedCarbonContext.endTenantFlow();
        }
    }

    public void validateConfiguration() throws ConfigurationException {
        this.authenticationService = CassandraServerComponentManager.getInstance().getAuthenticationService();
    }

    private void logAndAuthenticationException(String str) throws AuthenticationException {
        log.error(str);
        throw new AuthenticationException(str);
    }

    static {
        $assertionsDisabled = !CarbonCassandraAuthenticator.class.desiredAssertionStatus();
        log = LogFactory.getLog(CarbonCassandraAuthenticator.class);
    }
}
