package org.killbill.billing.util.security.shiro.dao;

import com.google.common.base.Predicate;
import com.google.common.collect.Iterables;
import java.util.Iterator;
import java.util.List;
import javax.inject.Inject;
import org.apache.shiro.crypto.RandomNumberGenerator;
import org.apache.shiro.crypto.SecureRandomNumberGenerator;
import org.apache.shiro.crypto.hash.SimpleHash;
import org.apache.shiro.util.ByteSource;
import org.joda.time.DateTime;
import org.killbill.billing.ErrorCode;
import org.killbill.billing.security.SecurityApiException;
import org.killbill.billing.util.config.definition.SecurityConfig;
import org.killbill.billing.util.security.shiro.KillbillCredentialsMatcher;
import org.killbill.clock.Clock;
import org.skife.jdbi.v2.Handle;
import org.skife.jdbi.v2.IDBI;
import org.skife.jdbi.v2.TransactionCallback;
import org.skife.jdbi.v2.TransactionStatus;

/* loaded from: input_file:org/killbill/billing/util/security/shiro/dao/DefaultUserDao.class */
public class DefaultUserDao implements UserDao {
    private static final RandomNumberGenerator rng = new SecureRandomNumberGenerator();
    private final IDBI dbi;
    private final Clock clock;
    private final SecurityConfig securityConfig;

    @Inject
    public DefaultUserDao(IDBI idbi, Clock clock, SecurityConfig securityConfig) {
        this.dbi = idbi;
        this.clock = clock;
        this.securityConfig = securityConfig;
    }

    @Override // org.killbill.billing.util.security.shiro.dao.UserDao
    public void insertUser(final String str, String str2, final List<String> list, final String str3) throws SecurityApiException {
        final ByteSource nextBytes = rng.nextBytes();
        final String base64 = new SimpleHash(KillbillCredentialsMatcher.HASH_ALGORITHM_NAME, str2, nextBytes.toBase64(), this.securityConfig.getShiroNbHashIterations().intValue()).toBase64();
        final DateTime uTCNow = this.clock.getUTCNow();
        inTransactionWithExceptionHandling(new TransactionCallback<Void>() { // from class: org.killbill.billing.util.security.shiro.dao.DefaultUserDao.1
            /* renamed from: inTransaction, reason: merged with bridge method [inline-methods] */
            public Void m59inTransaction(Handle handle, TransactionStatus transactionStatus) throws Exception {
                UserRolesSqlDao userRolesSqlDao = (UserRolesSqlDao) handle.attach(UserRolesSqlDao.class);
                Iterator it = list.iterator();
                while (it.hasNext()) {
                    userRolesSqlDao.create(new UserRolesModelDao(str, (String) it.next(), uTCNow, str3));
                }
                UsersSqlDao usersSqlDao = (UsersSqlDao) handle.attach(UsersSqlDao.class);
                if (usersSqlDao.getByUsername(str) != null) {
                    throw new SecurityApiException(ErrorCode.SECURITY_USER_ALREADY_EXISTS, new Object[]{str});
                }
                usersSqlDao.create(new UserModelDao(str, base64, nextBytes.toBase64(), uTCNow, str3));
                return null;
            }
        });
    }

    @Override // org.killbill.billing.util.security.shiro.dao.UserDao
    public List<UserRolesModelDao> getUserRoles(final String str) throws SecurityApiException {
        return (List) inTransactionWithExceptionHandling(new TransactionCallback<List<UserRolesModelDao>>() { // from class: org.killbill.billing.util.security.shiro.dao.DefaultUserDao.2
            /* renamed from: inTransaction, reason: merged with bridge method [inline-methods] */
            public List<UserRolesModelDao> m60inTransaction(Handle handle, TransactionStatus transactionStatus) throws Exception {
                if (((UsersSqlDao) handle.attach(UsersSqlDao.class)).getByUsername(str) == null) {
                    throw new SecurityApiException(ErrorCode.SECURITY_INVALID_USER, new Object[]{str});
                }
                return ((UserRolesSqlDao) handle.attach(UserRolesSqlDao.class)).getByUsername(str);
            }
        });
    }

    @Override // org.killbill.billing.util.security.shiro.dao.UserDao
    public void addRoleDefinition(final String str, final List<String> list, final String str2) throws SecurityApiException {
        final DateTime uTCNow = this.clock.getUTCNow();
        inTransactionWithExceptionHandling(new TransactionCallback<Void>() { // from class: org.killbill.billing.util.security.shiro.dao.DefaultUserDao.3
            /* renamed from: inTransaction, reason: merged with bridge method [inline-methods] */
            public Void m61inTransaction(Handle handle, TransactionStatus transactionStatus) throws Exception {
                RolesPermissionsSqlDao rolesPermissionsSqlDao = (RolesPermissionsSqlDao) handle.attach(RolesPermissionsSqlDao.class);
                if (!rolesPermissionsSqlDao.getByRoleName(str).isEmpty()) {
                    throw new SecurityApiException(ErrorCode.SECURITY_ROLE_ALREADY_EXISTS, new Object[]{str});
                }
                Iterator it = list.iterator();
                while (it.hasNext()) {
                    rolesPermissionsSqlDao.create(new RolesPermissionsModelDao(str, (String) it.next(), uTCNow, str2));
                }
                return null;
            }
        });
    }

    @Override // org.killbill.billing.util.security.shiro.dao.UserDao
    public void updateRoleDefinition(final String str, final List<String> list, final String str2) throws SecurityApiException {
        final DateTime uTCNow = this.clock.getUTCNow();
        inTransactionWithExceptionHandling(new TransactionCallback<Void>() { // from class: org.killbill.billing.util.security.shiro.dao.DefaultUserDao.4
            /* renamed from: inTransaction, reason: merged with bridge method [inline-methods] */
            public Void m62inTransaction(Handle handle, TransactionStatus transactionStatus) throws Exception {
                RolesPermissionsSqlDao rolesPermissionsSqlDao = (RolesPermissionsSqlDao) handle.attach(RolesPermissionsSqlDao.class);
                final List<RolesPermissionsModelDao> byRoleName = rolesPermissionsSqlDao.getByRoleName(str);
                Iterable filter = byRoleName.isEmpty() ? byRoleName : Iterables.filter(byRoleName, new Predicate<RolesPermissionsModelDao>() { // from class: org.killbill.billing.util.security.shiro.dao.DefaultUserDao.4.1
                    public boolean apply(RolesPermissionsModelDao rolesPermissionsModelDao) {
                        return !list.contains(rolesPermissionsModelDao.getPermission());
                    }
                });
                Iterable filter2 = Iterables.filter(list, new Predicate<String>() { // from class: org.killbill.billing.util.security.shiro.dao.DefaultUserDao.4.2
                    public boolean apply(String str3) {
                        Iterator it = byRoleName.iterator();
                        while (it.hasNext()) {
                            if (((RolesPermissionsModelDao) it.next()).getPermission().equals(str3)) {
                                return false;
                            }
                        }
                        return true;
                    }
                });
                Iterator it = filter.iterator();
                while (it.hasNext()) {
                    rolesPermissionsSqlDao.unactiveEvent(((RolesPermissionsModelDao) it.next()).getRecordId(), uTCNow, str2);
                }
                Iterator it2 = filter2.iterator();
                while (it2.hasNext()) {
                    rolesPermissionsSqlDao.create(new RolesPermissionsModelDao(str, (String) it2.next(), uTCNow, str2));
                }
                return null;
            }
        });
    }

    @Override // org.killbill.billing.util.security.shiro.dao.UserDao
    public List<RolesPermissionsModelDao> getRoleDefinition(final String str) {
        return (List) this.dbi.inTransaction(new TransactionCallback<List<RolesPermissionsModelDao>>() { // from class: org.killbill.billing.util.security.shiro.dao.DefaultUserDao.5
            /* renamed from: inTransaction, reason: merged with bridge method [inline-methods] */
            public List<RolesPermissionsModelDao> m63inTransaction(Handle handle, TransactionStatus transactionStatus) throws Exception {
                return ((RolesPermissionsSqlDao) handle.attach(RolesPermissionsSqlDao.class)).getByRoleName(str);
            }
        });
    }

    @Override // org.killbill.billing.util.security.shiro.dao.UserDao
    public void updateUserPassword(final String str, String str2, final String str3) throws SecurityApiException {
        final ByteSource nextBytes = rng.nextBytes();
        final String base64 = new SimpleHash(KillbillCredentialsMatcher.HASH_ALGORITHM_NAME, str2, nextBytes.toBase64(), this.securityConfig.getShiroNbHashIterations().intValue()).toBase64();
        inTransactionWithExceptionHandling(new TransactionCallback<Void>() { // from class: org.killbill.billing.util.security.shiro.dao.DefaultUserDao.6
            /* renamed from: inTransaction, reason: merged with bridge method [inline-methods] */
            public Void m64inTransaction(Handle handle, TransactionStatus transactionStatus) throws Exception {
                DateTime uTCNow = DefaultUserDao.this.clock.getUTCNow();
                UsersSqlDao usersSqlDao = (UsersSqlDao) handle.attach(UsersSqlDao.class);
                if (usersSqlDao.getByUsername(str) == null) {
                    throw new SecurityApiException(ErrorCode.SECURITY_INVALID_USER, new Object[]{str});
                }
                usersSqlDao.updatePassword(str, base64, nextBytes.toBase64(), uTCNow.toDate(), str3);
                return null;
            }
        });
    }

    @Override // org.killbill.billing.util.security.shiro.dao.UserDao
    public void updateUserRoles(final String str, final List<String> list, final String str2) throws SecurityApiException {
        inTransactionWithExceptionHandling(new TransactionCallback<Void>() { // from class: org.killbill.billing.util.security.shiro.dao.DefaultUserDao.7
            /* renamed from: inTransaction, reason: merged with bridge method [inline-methods] */
            public Void m65inTransaction(Handle handle, TransactionStatus transactionStatus) throws Exception {
                DateTime uTCNow = DefaultUserDao.this.clock.getUTCNow();
                if (((UsersSqlDao) handle.attach(UsersSqlDao.class)).getByUsername(str) == null) {
                    throw new SecurityApiException(ErrorCode.SECURITY_INVALID_USER, new Object[]{str});
                }
                UserRolesSqlDao userRolesSqlDao = (UserRolesSqlDao) handle.attach(UserRolesSqlDao.class);
                List<UserRolesModelDao> byUsername = userRolesSqlDao.getByUsername(str);
                for (final UserRolesModelDao userRolesModelDao : byUsername) {
                    if (Iterables.tryFind(list, new Predicate<String>() { // from class: org.killbill.billing.util.security.shiro.dao.DefaultUserDao.7.1
                        public boolean apply(String str3) {
                            return str3.equals(userRolesModelDao.getRoleName());
                        }
                    }).orNull() == null) {
                        userRolesSqlDao.invalidate(str, userRolesModelDao.getRoleName(), uTCNow.toDate(), str2);
                    }
                }
                for (final String str3 : list) {
                    if (Iterables.tryFind(byUsername, new Predicate<UserRolesModelDao>() { // from class: org.killbill.billing.util.security.shiro.dao.DefaultUserDao.7.2
                        public boolean apply(UserRolesModelDao userRolesModelDao2) {
                            return userRolesModelDao2.getRoleName().equals(str3);
                        }
                    }).orNull() == null) {
                        userRolesSqlDao.create(new UserRolesModelDao(str, str3, uTCNow, str2));
                    }
                }
                return null;
            }
        });
    }

    @Override // org.killbill.billing.util.security.shiro.dao.UserDao
    public void invalidateUser(final String str, final String str2) throws SecurityApiException {
        inTransactionWithExceptionHandling(new TransactionCallback<Void>() { // from class: org.killbill.billing.util.security.shiro.dao.DefaultUserDao.8
            /* renamed from: inTransaction, reason: merged with bridge method [inline-methods] */
            public Void m66inTransaction(Handle handle, TransactionStatus transactionStatus) throws Exception {
                DateTime uTCNow = DefaultUserDao.this.clock.getUTCNow();
                UsersSqlDao usersSqlDao = (UsersSqlDao) handle.attach(UsersSqlDao.class);
                if (usersSqlDao.getByUsername(str) == null) {
                    throw new SecurityApiException(ErrorCode.SECURITY_INVALID_USER, new Object[]{str});
                }
                usersSqlDao.invalidate(str, uTCNow.toDate(), str2);
                return null;
            }
        });
    }

    private <T> T inTransactionWithExceptionHandling(TransactionCallback<T> transactionCallback) throws SecurityApiException {
        try {
            return (T) this.dbi.inTransaction(transactionCallback);
        } catch (RuntimeException e) {
            throwSecurityApiException(e);
            return null;
        }
    }

    private void throwSecurityApiException(Throwable th) throws SecurityApiException {
        if (th.getCause() != null && th.getCause().getClass().isAssignableFrom(SecurityApiException.class)) {
            throw th.getCause();
        }
        if (th.getCause() != null) {
            throwSecurityApiException(th.getCause());
        } else if (!(th instanceof RuntimeException)) {
            throw new RuntimeException(th);
        }
    }
}
