package com.atlassian.crowd.util.persistence.hibernate;

import com.atlassian.config.db.HibernateConfig;
import com.atlassian.db.config.password.Cipher;
import com.atlassian.db.config.password.CipherProvider;
import com.google.common.base.Preconditions;
import com.google.common.collect.ImmutableSet;
import java.util.Optional;
import java.util.Properties;
import java.util.Set;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/atlassian/crowd/util/persistence/hibernate/CrowdHibernateConfig.class */
public class CrowdHibernateConfig extends HibernateConfig {
    private static final Logger log = LoggerFactory.getLogger(CrowdHibernateConfig.class);
    private static final Set<String> ENCRYPTABLE_PROPERTIES = ImmutableSet.of("hibernate.connection.password");
    private static final Set<String> ALLOWED_CIPHERS = ImmutableSet.of("com.atlassian.db.config.password.ciphers.algorithm.AesOnlyAlgorithmCipher");
    private CipherProvider cipherProvider;

    public Properties getHibernateProperties() {
        return decrypt(super.getHibernateProperties());
    }

    private Properties decrypt(Properties properties) {
        return (Properties) Optional.ofNullable(getApplicationConfig().getProperty("jdbc.password.decrypter.classname")).map((v0) -> {
            return v0.toString();
        }).map(this::instantiateCipher).map(cipher -> {
            return decryptWithCipher(properties, cipher);
        }).orElse(properties);
    }

    private Properties decryptWithCipher(Properties properties, Cipher cipher) {
        log.debug("Decrypting properties with cipher '{}'", cipher.getClass().getName());
        properties.replaceAll((obj, obj2) -> {
            return decryptEntry(obj, obj2, cipher);
        });
        return properties;
    }

    private Object decryptEntry(Object obj, Object obj2, Cipher cipher) {
        return ENCRYPTABLE_PROPERTIES.contains(obj) ? cipher.decrypt(obj2.toString()) : obj2;
    }

    private Cipher instantiateCipher(String str) {
        Preconditions.checkState(ALLOWED_CIPHERS.contains(str), "Cipher '%s' is not allowed for database password encryption as it's not an instance of %s", str, ALLOWED_CIPHERS);
        log.info("Password cipher property detected. Instantiating cipher for classname: '{}'", str);
        return (Cipher) this.cipherProvider.getInstance(str).orElseThrow(() -> {
            return new IllegalStateException(String.format("Cipher '%s' not found", str));
        });
    }

    public void setCipherProvider(CipherProvider cipherProvider) {
        this.cipherProvider = cipherProvider;
    }

    public boolean isHSQL() {
        return super.isHSQL() || isCrowdHsql18Dialect((String) getApplicationConfig().getProperty("hibernate.dialect"));
    }

    public static boolean isCrowdHsql18Dialect(String str) {
        return null != str && str.matches(".*?CrowdHsql18.*?Dialect$");
    }
}
