package org.vaadin.appfoundation.authentication.util;

import java.util.HashMap;
import org.vaadin.appfoundation.authentication.SessionHandler;
import org.vaadin.appfoundation.authentication.data.User;
import org.vaadin.appfoundation.authentication.exceptions.AccountLockedException;
import org.vaadin.appfoundation.authentication.exceptions.InvalidCredentialsException;
import org.vaadin.appfoundation.persistence.facade.FacadeFactory;

/* loaded from: input_file:org/vaadin/appfoundation/authentication/util/AuthenticationUtil.class */
public class AuthenticationUtil {
    public static User authenticate(String str, String str2) throws InvalidCredentialsException, AccountLockedException {
        if (str == null || str2 == null) {
            throw new InvalidCredentialsException();
        }
        User userForUsername = getUserForUsername(str);
        if (userForUsername == null) {
            throw new InvalidCredentialsException();
        }
        if (userForUsername.isAccountLocked()) {
            throw new AccountLockedException();
        }
        if (!PasswordUtil.verifyPassword(userForUsername, str2)) {
            incrementFailedLoginAttempts(userForUsername);
            throw new InvalidCredentialsException();
        }
        SessionHandler.setUser(userForUsername);
        clearFailedLoginAttempts(userForUsername);
        return userForUsername;
    }

    private static User getUserForUsername(String str) {
        HashMap hashMap = new HashMap();
        hashMap.put("username", str);
        return (User) FacadeFactory.getFacade().find("SELECT u FROM User u WHERE u.username = :username", hashMap);
    }

    private static void clearFailedLoginAttempts(User user) {
        if (user.getFailedLoginAttempts() > 0) {
            user.clearFailedLoginAttempts();
            FacadeFactory.getFacade().store(user);
        }
    }

    private static void incrementFailedLoginAttempts(User user) throws AccountLockedException {
        user.incrementFailedLoginAttempts();
        try {
            if (user.getFailedLoginAttempts() > numberOfAllowedFailedLoginAttempts()) {
                user.setAccountLocked(true);
                user.setReasonForLockedAccount("tooManyLoginAttempts");
                throw new AccountLockedException();
            }
        } finally {
            FacadeFactory.getFacade().store(user);
        }
    }

    private static int numberOfAllowedFailedLoginAttempts() {
        String property = System.getProperty("authentication.maxFailedLoginAttempts");
        if (property == null) {
            System.setProperty("authentication.maxFailedLoginAttempts", "5");
            return 5;
        }
        try {
            return Integer.valueOf(property).intValue();
        } catch (NumberFormatException e) {
            throw new IllegalArgumentException("authentication.maxFailedLoginAttempts must be an integer");
        }
    }
}
