package org.apache.doris.mysql.privilege;

import com.google.common.collect.Lists;
import com.google.common.collect.Maps;
import com.google.gson.annotations.SerializedName;
import java.io.DataInput;
import java.io.DataOutput;
import java.io.IOException;
import java.util.List;
import java.util.Map;
import org.apache.doris.analysis.PasswordOptions;
import org.apache.doris.analysis.UserIdentity;
import org.apache.doris.common.AuthenticationException;
import org.apache.doris.common.io.Text;
import org.apache.doris.common.io.Writable;
import org.apache.doris.mysql.privilege.PasswordPolicy;
import org.apache.doris.persist.gson.GsonUtils;

/* loaded from: input_file:org/apache/doris/mysql/privilege/PasswordPolicyManager.class */
public class PasswordPolicyManager implements Writable {

    @SerializedName("policyMap")
    private Map<UserIdentity, PasswordPolicy> policyMap = Maps.newConcurrentMap();

    private PasswordPolicy getOrCreatePolicy(UserIdentity userIdentity) {
        PasswordPolicy passwordPolicy = this.policyMap.get(userIdentity);
        if (passwordPolicy == null) {
            PasswordPolicy createDefault = PasswordPolicy.createDefault();
            passwordPolicy = this.policyMap.putIfAbsent(userIdentity, createDefault);
            if (passwordPolicy == null) {
                passwordPolicy = createDefault;
            }
        }
        return passwordPolicy;
    }

    private boolean hasUser(UserIdentity userIdentity) {
        return this.policyMap.containsKey(userIdentity);
    }

    public void checkAccountLockedAndPasswordExpiration(UserIdentity userIdentity) throws AuthenticationException {
        if (hasUser(userIdentity)) {
            getOrCreatePolicy(userIdentity).checkAccountLockedAndPasswordExpiration(userIdentity);
        }
    }

    public boolean onFailedLogin(UserIdentity userIdentity) {
        if (hasUser(userIdentity)) {
            return getOrCreatePolicy(userIdentity).onFailedLogin();
        }
        return false;
    }

    public boolean checkPasswordHistory(UserIdentity userIdentity, byte[] bArr) {
        if (hasUser(userIdentity)) {
            return getOrCreatePolicy(userIdentity).checkPasswordHistory(bArr);
        }
        return true;
    }

    public void updatePolicy(UserIdentity userIdentity, byte[] bArr, PasswordOptions passwordOptions) {
        getOrCreatePolicy(userIdentity).update(bArr, passwordOptions);
    }

    public void updatePassword(UserIdentity userIdentity, byte[] bArr) {
        PasswordPolicy orCreatePolicy = getOrCreatePolicy(userIdentity);
        orCreatePolicy.updatePassword(bArr);
        PasswordPolicy.ExpirePolicy expirePolicy = orCreatePolicy.getExpirePolicy();
        if (expirePolicy.passwordCreateTime != 0) {
            expirePolicy.setPasswordCreateTime();
        }
    }

    public List<List<String>> getPolicyInfo(UserIdentity userIdentity) {
        return !hasUser(userIdentity) ? Lists.newArrayList() : getOrCreatePolicy(userIdentity).getInfo();
    }

    public void unlockUser(UserIdentity userIdentity) {
        if (hasUser(userIdentity)) {
            getOrCreatePolicy(userIdentity).unlockAccount();
        }
    }

    public void dropUser(UserIdentity userIdentity) {
        this.policyMap.remove(userIdentity);
    }

    public void write(DataOutput dataOutput) throws IOException {
        Text.writeString(dataOutput, GsonUtils.GSON.toJson(this));
    }

    public static PasswordPolicyManager read(DataInput dataInput) throws IOException {
        return (PasswordPolicyManager) GsonUtils.GSON.fromJson(Text.readString(dataInput), PasswordPolicyManager.class);
    }
}
