package com.huawei.hetu.security;

import com.google.common.cache.Cache;
import com.google.common.cache.CacheBuilder;
import com.google.inject.Inject;
import com.huawei.hadoop.security.crypter.CrypterUtil;
import io.prestosql.server.security.AuthenticationException;
import java.security.Principal;
import java.time.Duration;
import java.util.Optional;
import org.wcc.framework.AppRuntimeException;

/* loaded from: input_file:com/huawei/hetu/security/LoginManager.class */
public final class LoginManager {
    private static final int MAX_SIZE = 1000;
    private final Cache<String, LoginUserInfo> userPassWordCache;
    private final Cache<String, Integer> loginFailTimes = CacheBuilder.newBuilder().maximumSize(1000).build();
    private final Cache<String, Boolean> lockupUser;
    private int lockupTimes;
    private int lockupDuration;
    private int cacheTTL;
    private boolean lockupEnabled;

    @Inject
    public LoginManager(LoginManagerConfig loginManagerConfig) {
        this.lockupTimes = loginManagerConfig.getLockupMaxTimes();
        this.lockupDuration = loginManagerConfig.getLockupDuration();
        this.cacheTTL = loginManagerConfig.getCacheTtl();
        this.lockupEnabled = loginManagerConfig.isLockupEnabled();
        this.userPassWordCache = CacheBuilder.newBuilder().maximumSize(1000L).expireAfterAccess(Duration.ofSeconds(this.cacheTTL)).build();
        this.lockupUser = CacheBuilder.newBuilder().maximumSize(1000L).expireAfterAccess(Duration.ofSeconds(this.lockupDuration)).build();
    }

    private synchronized void recordSuccess(String str, String str2, Principal principal) {
        if (this.cacheTTL > 0) {
            this.userPassWordCache.put(str, new LoginUserInfo(str, str2, principal));
        }
    }

    private synchronized void recordFail(String str) {
        if (this.lockupEnabled) {
            Integer num = (Integer) this.loginFailTimes.getIfPresent(str);
            if (num == null) {
                this.loginFailTimes.put(str, 1);
                return;
            }
            Integer valueOf = Integer.valueOf(num.intValue() + 1);
            if (valueOf.intValue() < this.lockupTimes) {
                this.loginFailTimes.put(str, valueOf);
            } else {
                this.lockupUser.put(str, Boolean.TRUE);
                this.loginFailTimes.invalidate(str);
            }
        }
    }

    private synchronized Optional<LoginUserInfo> getCachePassWord(String str) {
        LoginUserInfo loginUserInfo = (LoginUserInfo) this.userPassWordCache.getIfPresent(str);
        return loginUserInfo == null ? Optional.empty() : Optional.of(loginUserInfo);
    }

    public synchronized boolean isUserLockUp(String str) {
        return this.lockupUser.getIfPresent(str) != null;
    }

    public void recordFailQuietly(String str) {
        try {
            recordFail(str);
        } catch (Exception e) {
        }
    }

    public void addUserToCacheQuietly(String str, String str2, Principal principal) {
        try {
            recordSuccess(str, CrypterUtil.encrypt(str2), principal);
            this.loginFailTimes.invalidate(str);
        } catch (Exception e) {
        }
    }

    public Optional<Principal> getPrincipalIfPresent(String str, String str2) throws AuthenticationException {
        Optional<LoginUserInfo> cachePassWord = getCachePassWord(str);
        if (!cachePassWord.isPresent()) {
            return Optional.empty();
        }
        try {
            LoginUserInfo loginUserInfo = cachePassWord.get();
            if (CrypterUtil.decrypt(loginUserInfo.getEncryptPassWord()).equals(str2)) {
                return loginUserInfo.getPrincipal() == null ? Optional.empty() : Optional.of(loginUserInfo.getPrincipal());
            }
            throw new AuthenticationException("user or password incorrect.");
        } catch (AppRuntimeException e) {
            return Optional.empty();
        }
    }
}
