package org.apache.xindice.core.security;

import java.util.ArrayList;
import org.apache.xindice.Debug;
import org.apache.xindice.core.Collection;
import org.apache.xindice.core.DBException;
import org.apache.xindice.core.Database;
import org.apache.xindice.core.data.NodeSet;
import org.apache.xindice.core.query.XPathQueryResolver;
import org.apache.xindice.util.MD5;
import org.apache.xindice.util.XindiceException;
import org.w3c.dom.Document;
import org.w3c.dom.Element;

/* loaded from: input_file:WEB-INF/lib/xindice.jar:org/apache/xindice/core/security/PasswordCredentials.class */
public class PasswordCredentials implements Credentials {
    private static final String COLLECTION = "system/SysGroups";
    protected boolean isValid;
    protected String username;
    protected String password;
    protected ArrayList groups;
    protected Database db;

    public PasswordCredentials(String str, String str2, Database database) throws InvalidPasswordException, UnknownUserException {
        this.isValid = false;
        this.username = null;
        this.password = null;
        this.groups = null;
        this.db = null;
        this.username = str;
        this.password = str2;
        this.db = database;
        this.groups = new ArrayList();
        try {
            Collection collection = database.getCollection("system/SysUsers");
            Document document = null;
            try {
                Debug.println(new StringBuffer().append("USER: ").append(str).toString());
                document = collection.getDocument(str);
            } catch (DBException e) {
                Debug.printStackTrace(e);
            }
            if (document == null) {
                throw new UnknownUserException();
            }
            new MD5();
            if (!document.getDocumentElement().getAttribute("password").equals(MD5.md(str2).toString())) {
                throw new InvalidPasswordException();
            }
            NodeSet queryCollection = database.getCollection(COLLECTION).queryCollection(XPathQueryResolver.STYLE_XPATH, new StringBuffer().append("/group/members/member/@name='").append(str).append("'").toString(), null);
            if (queryCollection != null) {
                while (queryCollection.hasMoreNodes()) {
                    this.groups.add(((Element) queryCollection.getNextNode()).getAttribute("name"));
                }
            }
            this.isValid = true;
        } catch (XindiceException e2) {
            Debug.printStackTrace(e2);
            throw new UnknownUserException();
        }
    }

    @Override // org.apache.xindice.core.security.Credentials
    public void verify() throws InvalidCredentialsException {
        if (this.username == null || this.password == null || !this.isValid) {
            throw new InvalidCredentialsException();
        }
    }

    @Override // org.apache.xindice.core.security.Credentials
    public boolean checkGroup(String str) throws AccessDeniedException, InvalidCredentialsException {
        return this.groups.contains(str);
    }

    @Override // org.apache.xindice.core.security.Credentials
    public ArrayList getGroups() {
        return this.groups;
    }

    public String getUsername() {
        return this.username;
    }

    public String getPassword() {
        return this.password;
    }
}
