package com.bokesoft.yes.mid.session;

import com.bokesoft.yes.mid.connection.DBUtil;
import com.bokesoft.yes.mid.connection.dbmanager.PSArgs;
import com.bokesoft.yigo.meta.dataobject.MetaTable;
import com.bokesoft.yigo.meta.factory.IMetaFactory;
import com.bokesoft.yigo.mid.base.DefaultContext;
import com.bokesoft.yigo.mid.base.SessionException;
import com.bokesoft.yigo.mid.connection.IDBManager;
import com.bokesoft.yigo.mid.para.SysPara;
import com.bokesoft.yigo.mid.rsa.RSAMidUtil;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.util.ArrayList;
import java.util.Base64;
import org.json.JSONObject;

/* loaded from: input_file:com/bokesoft/yes/mid/session/DefaultUserCheck.class */
public class DefaultUserCheck {
    public void check(DefaultContext defaultContext, String str) throws Throwable {
        JSONObject jSONObject = new JSONObject(new String(Base64.getDecoder().decode(str), "UTF-8"));
        String string = jSONObject.getString("user");
        String string2 = jSONObject.getString("password");
        String initSQLQuery = initSQLQuery(defaultContext);
        IDBManager dBManager = defaultContext.getDBManager();
        PreparedStatement preparedQueryStatement = dBManager.preparedQueryStatement(initSQLQuery);
        ResultSet resultSet = null;
        try {
            PSArgs pSArgs = new PSArgs();
            pSArgs.addIntArg(1);
            pSArgs.addStringArg(string);
            ResultSet executeQuery = dBManager.executeQuery(preparedQueryStatement, initSQLQuery, pSArgs);
            resultSet = executeQuery;
            if (!executeQuery.next() || !checkPwd(resultSet.getString(3), string2)) {
                throw new SessionException(1, SessionException.formatMessage(defaultContext.getEnv(), 1, new Object[0]));
            }
            if (resultSet != null) {
                resultSet.close();
            }
            if (preparedQueryStatement != null) {
                preparedQueryStatement.close();
            }
            System.out.println(string + " auth success!");
        } catch (Throwable th) {
            if (resultSet != null) {
                resultSet.close();
            }
            if (preparedQueryStatement != null) {
                preparedQueryStatement.close();
            }
            throw th;
        }
    }

    private boolean checkPwd(String str, String str2) throws Throwable {
        return str2.equals(RSAMidUtil.decryptByPrivate(SysPara.getInstance().get("PrivateKey"), str));
    }

    private String initSQLQuery(DefaultContext defaultContext) throws Throwable {
        IMetaFactory metaFactory = defaultContext.getVE().getMetaFactory();
        IDBManager dBManager = defaultContext.getDBManager();
        MetaTable metaTable = metaFactory.getDataObject("Operator").getTableCollection().get("SYS_Operator");
        ArrayList arrayList = new ArrayList();
        arrayList.add(metaTable.getOIDColumn().getBindingDBColumnName());
        arrayList.add(metaTable.get("Name").getBindingDBColumnName());
        arrayList.add(metaTable.get("Password").getBindingDBColumnName());
        return DBUtil.appendSQLFilters(DBUtil.getQuerySQL(dBManager, arrayList, metaTable.getBindingDBTableName(), metaTable.get("Enable").getBindingDBColumnName()), new String[]{" UPPER(" + dBManager.keyWordEscape(metaTable.get("Code").getBindingDBColumnName()) + ")=?"});
    }
}
