package org.apache.jetspeed.security.spi.impl;

import org.apache.jetspeed.security.PasswordCredential;
import org.apache.jetspeed.security.SecurityException;
import org.apache.jetspeed.security.User;
import org.apache.jetspeed.security.spi.UserPasswordCredentialAccessManager;
import org.apache.jetspeed.security.spi.UserPasswordCredentialManager;
import org.apache.jetspeed.security.spi.UserPasswordCredentialPolicyManager;
import org.apache.jetspeed.security.spi.UserPasswordCredentialStorageManager;

/* loaded from: input_file:tomcat-portal.zip:webapps/jetspeed/WEB-INF/lib/jetspeed-security-2.2.2.jar:org/apache/jetspeed/security/spi/impl/UserPasswordCredentialManagerImpl.class */
public class UserPasswordCredentialManagerImpl implements UserPasswordCredentialManager {
    private UserPasswordCredentialStorageManager upcsm;
    private UserPasswordCredentialAccessManager upcam;
    private UserPasswordCredentialPolicyManager upcpm;

    public UserPasswordCredentialManagerImpl(UserPasswordCredentialStorageManager userPasswordCredentialStorageManager, UserPasswordCredentialAccessManager userPasswordCredentialAccessManager) {
        this.upcsm = userPasswordCredentialStorageManager;
        this.upcam = userPasswordCredentialAccessManager;
    }

    public UserPasswordCredentialManagerImpl(UserPasswordCredentialStorageManager userPasswordCredentialStorageManager, UserPasswordCredentialAccessManager userPasswordCredentialAccessManager, UserPasswordCredentialPolicyManager userPasswordCredentialPolicyManager) {
        this(userPasswordCredentialStorageManager, userPasswordCredentialAccessManager);
        this.upcpm = userPasswordCredentialPolicyManager;
    }

    @Override // org.apache.jetspeed.security.spi.UserPasswordCredentialStorageManager
    public PasswordCredential getPasswordCredential(User user) throws SecurityException {
        PasswordCredential passwordCredential = this.upcsm.getPasswordCredential(user);
        if (!passwordCredential.isNew() && this.upcpm != null && this.upcpm.onLoad(passwordCredential, user.getName())) {
            this.upcsm.storePasswordCredential(passwordCredential);
        }
        return passwordCredential;
    }

    @Override // org.apache.jetspeed.security.spi.UserPasswordCredentialStorageManager
    public void storePasswordCredential(PasswordCredential passwordCredential) throws SecurityException {
        if (this.upcpm != null) {
            this.upcpm.onStore(passwordCredential);
        }
        this.upcsm.storePasswordCredential(passwordCredential);
    }

    @Override // org.apache.jetspeed.security.spi.UserPasswordCredentialManager
    public PasswordCredential getAuthenticatedPasswordCredential(String str, String str2) throws SecurityException {
        PasswordCredential passwordCredential = this.upcam.getPasswordCredential(str);
        if (passwordCredential == null) {
            throw new SecurityException(SecurityException.PRINCIPAL_DOES_NOT_EXIST.createScoped("user", str));
        }
        if (this.upcpm != null) {
            if (this.upcpm.onLoad(passwordCredential, str)) {
                this.upcsm.storePasswordCredential(passwordCredential);
            }
            if (passwordCredential.isEnabled() && !passwordCredential.isExpired()) {
                if (this.upcpm.authenticate(passwordCredential, str, str2)) {
                    this.upcsm.storePasswordCredential(passwordCredential);
                }
                if (!passwordCredential.isEnabled() || passwordCredential.isExpired()) {
                    throw new SecurityException(SecurityException.PRINCIPAL_DOES_NOT_EXIST.createScoped("user", str));
                }
                if (passwordCredential.getAuthenticationFailures() != 0) {
                    throw new SecurityException(SecurityException.INVALID_PASSWORD);
                }
            }
        } else {
            if (str2 == null) {
                throw new SecurityException(SecurityException.PASSWORD_REQUIRED);
            }
            if (passwordCredential.getPassword() == null || !str2.equals(new String(passwordCredential.getPassword()))) {
                throw new SecurityException(SecurityException.INVALID_PASSWORD);
            }
            if (!passwordCredential.isEnabled() || passwordCredential.isExpired()) {
                throw new SecurityException(SecurityException.PRINCIPAL_DOES_NOT_EXIST.createScoped("user", str));
            }
        }
        try {
            this.upcam.loadPasswordCredentialUser(passwordCredential);
            if (passwordCredential.getUser() == null || !passwordCredential.getUser().isEnabled()) {
                throw new SecurityException(SecurityException.PRINCIPAL_DOES_NOT_EXIST.createScoped("user", str));
            }
            return passwordCredential;
        } catch (Exception e) {
            throw new SecurityException(SecurityException.PRINCIPAL_DOES_NOT_EXIST.createScoped("user", str), e);
        }
    }
}
