package com.floragunn.searchguard.authc.internal_users_db;

import com.floragunn.fluent.collections.ImmutableMap;
import com.floragunn.searchguard.TypedComponent;
import com.floragunn.searchguard.authc.AuthenticationBackend;
import com.floragunn.searchguard.authc.AuthenticatorUnavailableException;
import com.floragunn.searchguard.authc.CredentialsException;
import com.floragunn.searchguard.authc.UserInformationBackend;
import com.floragunn.searchguard.user.AuthCredentials;
import com.floragunn.searchsupport.cstate.ComponentState;
import com.floragunn.searchsupport.cstate.metrics.Meter;
import java.nio.ByteBuffer;
import java.nio.CharBuffer;
import java.nio.charset.StandardCharsets;
import java.util.Arrays;
import java.util.Collection;
import java.util.concurrent.CompletableFuture;
import org.bouncycastle.crypto.generators.OpenBSDBCrypt;

/* loaded from: input_file:com/floragunn/searchguard/authc/internal_users_db/InternalUsersAuthenticationBackend.class */
public class InternalUsersAuthenticationBackend implements AuthenticationBackend, UserInformationBackend {
    public static final String TYPE = "internal_users_db";
    private final InternalUsersDatabase internalUsersDatabase;
    private final ComponentState componentState = new ComponentState(0, "authentication_backend", TYPE).initialized();

    /* loaded from: input_file:com/floragunn/searchguard/authc/internal_users_db/InternalUsersAuthenticationBackend$Info.class */
    public static class Info implements TypedComponent.Info<AuthenticationBackend> {
        private final InternalUsersDatabase internalUsersDatabase;

        public Info(InternalUsersDatabase internalUsersDatabase) {
            this.internalUsersDatabase = internalUsersDatabase;
        }

        @Override // com.floragunn.searchguard.TypedComponent.Info
        public Class<AuthenticationBackend> getType() {
            return AuthenticationBackend.class;
        }

        @Override // com.floragunn.searchguard.TypedComponent.Info
        public String getName() {
            return InternalUsersAuthenticationBackend.TYPE;
        }

        @Override // com.floragunn.searchguard.TypedComponent.Info
        public TypedComponent.Factory<AuthenticationBackend> getFactory() {
            return (docNode, context) -> {
                return new InternalUsersAuthenticationBackend(this.internalUsersDatabase);
            };
        }
    }

    /* loaded from: input_file:com/floragunn/searchguard/authc/internal_users_db/InternalUsersAuthenticationBackend$UserInformationBackendInfo.class */
    public static class UserInformationBackendInfo implements TypedComponent.Info<UserInformationBackend> {
        private final InternalUsersDatabase internalUsersDatabase;

        public UserInformationBackendInfo(InternalUsersDatabase internalUsersDatabase) {
            this.internalUsersDatabase = internalUsersDatabase;
        }

        @Override // com.floragunn.searchguard.TypedComponent.Info
        public Class<UserInformationBackend> getType() {
            return UserInformationBackend.class;
        }

        @Override // com.floragunn.searchguard.TypedComponent.Info
        public String getName() {
            return InternalUsersAuthenticationBackend.TYPE;
        }

        @Override // com.floragunn.searchguard.TypedComponent.Info
        public TypedComponent.Factory<UserInformationBackend> getFactory() {
            return (docNode, context) -> {
                return new InternalUsersAuthenticationBackend(this.internalUsersDatabase);
            };
        }
    }

    /* loaded from: input_file:com/floragunn/searchguard/authc/internal_users_db/InternalUsersAuthenticationBackend$UserMappingAttributes.class */
    public interface UserMappingAttributes {
        public static final String USER_ENTRY = "user_entry";
    }

    InternalUsersAuthenticationBackend(InternalUsersDatabase internalUsersDatabase) {
        this.internalUsersDatabase = internalUsersDatabase;
    }

    @Override // com.floragunn.searchguard.authc.AuthenticationBackend
    public String getType() {
        return TYPE;
    }

    @Override // com.floragunn.searchguard.authc.AuthenticationBackend
    public CompletableFuture<AuthCredentials> authenticate(AuthCredentials authCredentials, Meter meter) throws AuthenticatorUnavailableException, CredentialsException {
        InternalUser internalUser = this.internalUsersDatabase.get(authCredentials.getUsername());
        if (internalUser == null) {
            return CompletableFuture.completedFuture(null);
        }
        byte[] password = authCredentials.getPassword();
        if (password == null || password.length == 0) {
            return CompletableFuture.completedFuture(null);
        }
        ByteBuffer wrap = ByteBuffer.wrap(password);
        CharBuffer decode = StandardCharsets.UTF_8.decode(wrap);
        char[] cArr = new char[decode.limit()];
        decode.get(cArr);
        Arrays.fill(password, (byte) 0);
        try {
            if (OpenBSDBCrypt.checkPassword(internalUser.getPasswordHash(), cArr)) {
                CompletableFuture<AuthCredentials> completedFuture = CompletableFuture.completedFuture(authCredentials.copy().backendRoles((Collection<String>) internalUser.getBackendRoles()).searchGuardRoles(internalUser.getSearchGuardRoles()).userMappingAttribute(UserMappingAttributes.USER_ENTRY, internalUser.m35toRedactedBasicObject().with("name", authCredentials.getUsername())).authDomainInfo(authCredentials.getAuthDomainInfo().authBackendType(getType())).build());
                Arrays.fill(wrap.array(), (byte) 0);
                Arrays.fill(decode.array(), (char) 0);
                Arrays.fill(cArr, (char) 0);
                return completedFuture;
            }
            CompletableFuture<AuthCredentials> completedFuture2 = CompletableFuture.completedFuture(null);
            Arrays.fill(wrap.array(), (byte) 0);
            Arrays.fill(decode.array(), (char) 0);
            Arrays.fill(cArr, (char) 0);
            return completedFuture2;
        } catch (Throwable th) {
            Arrays.fill(wrap.array(), (byte) 0);
            Arrays.fill(decode.array(), (char) 0);
            Arrays.fill(cArr, (char) 0);
            throw th;
        }
    }

    @Override // com.floragunn.searchguard.authc.UserInformationBackend
    public CompletableFuture<AuthCredentials> getUserInformation(AuthCredentials authCredentials, Meter meter) throws AuthenticatorUnavailableException {
        InternalUser internalUser = this.internalUsersDatabase.get(authCredentials.getUsername());
        return internalUser == null ? CompletableFuture.completedFuture(null) : CompletableFuture.completedFuture(authCredentials.copy().backendRoles((Collection<String>) internalUser.getBackendRoles()).searchGuardRoles(internalUser.getSearchGuardRoles()).userMappingAttribute(UserMappingAttributes.USER_ENTRY, internalUser.m35toRedactedBasicObject().with("name", authCredentials.getUsername())).build());
    }

    @Override // com.floragunn.searchguard.authc.AuthenticationBackend
    public ImmutableMap<String, String> describeAvailableUserMappingAttributes() {
        return ImmutableMap.of(UserMappingAttributes.USER_ENTRY, "The user entry from the internal users db");
    }

    public ComponentState getComponentState() {
        return this.componentState;
    }
}
