package org.apache.shardingsphere.proxy.frontend.postgresql.authentication;

import com.google.common.base.Strings;
import java.util.Collection;
import java.util.LinkedList;
import org.apache.shardingsphere.db.protocol.postgresql.constant.PostgreSQLErrorCode;
import org.apache.shardingsphere.db.protocol.postgresql.packet.handshake.PostgreSQLPasswordMessagePacket;
import org.apache.shardingsphere.infra.executor.check.SQLCheckEngine;
import org.apache.shardingsphere.infra.metadata.database.ShardingSphereDatabase;
import org.apache.shardingsphere.infra.metadata.user.Grantee;
import org.apache.shardingsphere.infra.metadata.user.ShardingSphereUser;
import org.apache.shardingsphere.infra.rule.ShardingSphereRule;
import org.apache.shardingsphere.proxy.backend.context.ProxyContext;
import org.apache.shardingsphere.proxy.frontend.postgresql.authentication.authenticator.PostgreSQLAuthenticator;
import org.apache.shardingsphere.proxy.frontend.postgresql.authentication.authenticator.PostgreSQLMD5PasswordAuthenticator;

/* loaded from: input_file:org/apache/shardingsphere/proxy/frontend/postgresql/authentication/PostgreSQLAuthenticationHandler.class */
public final class PostgreSQLAuthenticationHandler {
    public PostgreSQLLoginResult login(String str, String str2, byte[] bArr, PostgreSQLPasswordMessagePacket postgreSQLPasswordMessagePacket) {
        String digest = postgreSQLPasswordMessagePacket.getDigest();
        Grantee grantee = new Grantee(str, "%");
        if (!Strings.isNullOrEmpty(str2) && !ProxyContext.getInstance().databaseExists(str2)) {
            return new PostgreSQLLoginResult(PostgreSQLErrorCode.INVALID_CATALOG_NAME, String.format("database \"%s\" does not exist", str2));
        }
        if (!SQLCheckEngine.check(grantee, getRules(str2))) {
            return new PostgreSQLLoginResult(PostgreSQLErrorCode.INVALID_AUTHORIZATION_SPECIFICATION, String.format("unknown username: %s", str));
        }
        PostgreSQLAuthenticator authenticator = getAuthenticator(str, grantee.getHostname());
        return !SQLCheckEngine.check(grantee, (obj, obj2) -> {
            return authenticator.authenticate((ShardingSphereUser) obj, (Object[]) obj2);
        }, new Object[]{digest, bArr}, getRules(str2)) ? new PostgreSQLLoginResult(PostgreSQLErrorCode.INVALID_PASSWORD, String.format("password authentication failed for user \"%s\"", str)) : (null == str2 || SQLCheckEngine.check(str2, getRules(str2), grantee)) ? new PostgreSQLLoginResult(PostgreSQLErrorCode.SUCCESSFUL_COMPLETION, null) : new PostgreSQLLoginResult(PostgreSQLErrorCode.PRIVILEGE_NOT_GRANTED, String.format("Access denied for user '%s' to database '%s'", str, str2));
    }

    private Collection<ShardingSphereRule> getRules(String str) {
        LinkedList linkedList = new LinkedList();
        if (!Strings.isNullOrEmpty(str) && ProxyContext.getInstance().databaseExists(str)) {
            linkedList.addAll(((ShardingSphereDatabase) ProxyContext.getInstance().getContextManager().getMetaDataContexts().getMetaData().getDatabases().get(str)).getRuleMetaData().getRules());
        }
        linkedList.addAll(ProxyContext.getInstance().getContextManager().getMetaDataContexts().getMetaData().getGlobalRuleMetaData().getRules());
        return linkedList;
    }

    public PostgreSQLAuthenticator getAuthenticator(String str, String str2) {
        return new PostgreSQLMD5PasswordAuthenticator();
    }
}
