package org.jasig.cas.adaptors.jdbc;

import java.security.GeneralSecurityException;
import javax.security.auth.login.FailedLoginException;
import javax.validation.constraints.NotNull;
import org.jasig.cas.authentication.HandlerResult;
import org.jasig.cas.authentication.PreventedException;
import org.jasig.cas.authentication.UsernamePasswordCredential;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.dao.DataAccessException;

/* loaded from: input_file:WEB-INF/lib/cas-server-support-jdbc-4.1.2.jar:org/jasig/cas/adaptors/jdbc/SearchModeSearchDatabaseAuthenticationHandler.class */
public class SearchModeSearchDatabaseAuthenticationHandler extends AbstractJdbcUsernamePasswordAuthenticationHandler implements InitializingBean {
    private static final String SQL_PREFIX = "Select count('x') from ";

    @NotNull
    private String fieldUser;

    @NotNull
    private String fieldPassword;

    @NotNull
    private String tableUsers;
    private String sql;

    @Override // org.jasig.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler
    protected final HandlerResult authenticateUsernamePasswordInternal(UsernamePasswordCredential usernamePasswordCredential) throws GeneralSecurityException, PreventedException {
        String username = usernamePasswordCredential.getUsername();
        try {
            if (((Integer) getJdbcTemplate().queryForObject(this.sql, Integer.class, username, getPasswordEncoder().encode(usernamePasswordCredential.getPassword()))).intValue() == 0) {
                throw new FailedLoginException(username + " not found with SQL query.");
            }
            return createHandlerResult(usernamePasswordCredential, this.principalFactory.createPrincipal(username), null);
        } catch (DataAccessException e) {
            throw new PreventedException("SQL exception while executing query for " + username, e);
        }
    }

    @Override // org.springframework.beans.factory.InitializingBean
    public void afterPropertiesSet() throws Exception {
        this.sql = SQL_PREFIX + this.tableUsers + " WHERE " + this.fieldUser + " = ? AND " + this.fieldPassword + " = ?";
    }

    public final void setFieldPassword(String str) {
        this.fieldPassword = str;
    }

    public final void setFieldUser(String str) {
        this.fieldUser = str;
    }

    public final void setTableUsers(String str) {
        this.tableUsers = str;
    }
}
