package org.jboss.as.security;

import java.io.IOException;
import java.util.HashMap;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.Locale;
import java.util.Map;
import java.util.Properties;
import java.util.concurrent.ConcurrentMap;
import javax.security.auth.login.AppConfigurationEntry;
import javax.security.auth.login.Configuration;
import org.jboss.as.controller.AbstractAddStepHandler;
import org.jboss.as.controller.OperationContext;
import org.jboss.as.controller.OperationFailedException;
import org.jboss.as.controller.OperationStepHandler;
import org.jboss.as.controller.PathAddress;
import org.jboss.as.controller.registry.Resource;
import org.jboss.as.domain.management.ModelDescriptionConstants;
import org.jboss.as.naming.deployment.ContextNames;
import org.jboss.as.security.logging.SecurityLogger;
import org.jboss.as.security.service.JaasConfigurationService;
import org.jboss.as.security.service.SecurityDomainService;
import org.jboss.as.security.service.SecurityManagementService;
import org.jboss.dmr.ModelNode;
import org.jboss.dmr.Property;
import org.jboss.msc.service.ServiceBuilder;
import org.jboss.msc.service.ServiceController;
import org.jboss.msc.service.ServiceName;
import org.jboss.msc.service.ServiceTarget;
import org.jboss.security.ISecurityManagement;
import org.jboss.security.JBossJSSESecurityDomain;
import org.jboss.security.JSSESecurityDomain;
import org.jboss.security.acl.config.ACLProviderEntry;
import org.jboss.security.audit.config.AuditProviderEntry;
import org.jboss.security.auth.container.config.AuthModuleEntry;
import org.jboss.security.auth.login.AuthenticationInfo;
import org.jboss.security.auth.login.BaseAuthenticationInfo;
import org.jboss.security.auth.login.JASPIAuthenticationInfo;
import org.jboss.security.auth.login.LoginModuleStackHolder;
import org.jboss.security.authorization.config.AuthorizationModuleEntry;
import org.jboss.security.config.ACLInfo;
import org.jboss.security.config.ApplicationPolicy;
import org.jboss.security.config.AuditInfo;
import org.jboss.security.config.AuthorizationInfo;
import org.jboss.security.config.ControlFlag;
import org.jboss.security.config.IdentityTrustInfo;
import org.jboss.security.config.MappingInfo;
import org.jboss.security.identitytrust.config.IdentityTrustModuleEntry;
import org.jboss.security.mapping.MappingType;
import org.jboss.security.mapping.config.MappingModuleEntry;
import org.wildfly.clustering.infinispan.spi.InfinispanCacheRequirement;
import org.wildfly.clustering.infinispan.spi.InfinispanDefaultCacheRequirement;
import org.wildfly.clustering.infinispan.spi.InfinispanRequirement;
import org.wildfly.clustering.infinispan.spi.service.CacheServiceConfigurator;
import org.wildfly.clustering.infinispan.spi.service.TemplateConfigurationServiceConfigurator;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:m2repo/org/wildfly/wildfly-security/15.0.1.Final/wildfly-security-15.0.1.Final.jar:org/jboss/as/security/SecurityDomainAdd.class */
public class SecurityDomainAdd extends AbstractAddStepHandler {
    private static final String DEFAULT_MODULE = "org.picketbox";
    private static final String LEGACY_CACHE_NAME = "auth-cache";
    static final SecurityDomainAdd INSTANCE = new SecurityDomainAdd();

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:m2repo/org/wildfly/wildfly-security/15.0.1.Final/wildfly-security-15.0.1.Final.jar:org/jboss/as/security/SecurityDomainAdd$KeyManagerConfig.class */
    public interface KeyManagerConfig {
        void setKeyManagerFactoryAlgorithm(String str);

        void setKeyManagerFactoryProvider(String str);
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:m2repo/org/wildfly/wildfly-security/15.0.1.Final/wildfly-security-15.0.1.Final.jar:org/jboss/as/security/SecurityDomainAdd$KeyStoreConfig.class */
    public interface KeyStoreConfig {
        void setKeyStorePassword(String str) throws Exception;

        void setKeyStoreType(String str);

        void setKeyStoreURL(String str) throws IOException;

        void setKeyStoreProvider(String str);

        void setKeyStoreProviderArgument(String str);
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:m2repo/org/wildfly/wildfly-security/15.0.1.Final/wildfly-security-15.0.1.Final.jar:org/jboss/as/security/SecurityDomainAdd$LoginModuleContainer.class */
    public interface LoginModuleContainer {
        void addAppConfigurationEntry(AppConfigurationEntry appConfigurationEntry);
    }

    private SecurityDomainAdd() {
        super(SecurityDomainResourceDefinition.CACHE_TYPE);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.jboss.as.controller.AbstractAddStepHandler
    public void performRuntime(OperationContext operationContext, ModelNode modelNode, ModelNode modelNode2) {
        final String value = PathAddress.pathAddress(modelNode.get("address")).getLastElement().getValue();
        operationContext.addStep(new OperationStepHandler() { // from class: org.jboss.as.security.SecurityDomainAdd.1
            @Override // org.jboss.as.controller.OperationStepHandler
            public void execute(OperationContext operationContext2, ModelNode modelNode3) throws OperationFailedException {
                SecurityDomainAdd.this.launchServices(operationContext2, value, Resource.Tools.readModel(operationContext2.readResource(PathAddress.EMPTY_ADDRESS)));
                operationContext2.completeStep(OperationContext.RollbackHandler.NOOP_ROLLBACK_HANDLER);
            }
        }, OperationContext.Stage.RUNTIME);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.jboss.as.controller.AbstractAddStepHandler
    public void recordCapabilitiesAndRequirements(OperationContext operationContext, ModelNode modelNode, Resource resource) throws OperationFailedException {
        super.recordCapabilitiesAndRequirements(operationContext, modelNode, resource);
        if ("infinispan".equals(getAuthenticationCacheType(resource.getModel()))) {
            operationContext.registerAdditionalCapabilityRequirement(InfinispanRequirement.CONTAINER.resolve("security"), SecurityDomainResourceDefinition.LEGACY_SECURITY_DOMAIN.getDynamicName(operationContext.getCurrentAddressValue()), SecurityDomainResourceDefinition.CACHE_TYPE.getName());
        }
    }

    public void launchServices(OperationContext operationContext, String str, ModelNode modelNode) throws OperationFailedException {
        ApplicationPolicy createApplicationPolicy = createApplicationPolicy(operationContext, str, modelNode);
        JSSESecurityDomain createJSSESecurityDomain = createJSSESecurityDomain(operationContext, str, modelNode);
        String authenticationCacheType = getAuthenticationCacheType(modelNode);
        SecurityDomainService securityDomainService = new SecurityDomainService(str, createApplicationPolicy, createJSSESecurityDomain, authenticationCacheType);
        ServiceTarget serviceTarget = operationContext.getServiceTarget();
        ServiceBuilder addDependency = serviceTarget.addService(SecurityDomainService.SERVICE_NAME.append(str), securityDomainService).addAliases(SecurityDomainResourceDefinition.LEGACY_SECURITY_DOMAIN.getCapabilityServiceName(str)).addDependency(SecurityManagementService.SERVICE_NAME, ISecurityManagement.class, securityDomainService.getSecurityManagementInjector()).addDependency(JaasConfigurationService.SERVICE_NAME, Configuration.class, securityDomainService.getConfigurationInjector());
        if (createJSSESecurityDomain != null) {
            addDependency.requires(ContextNames.JBOSS_CONTEXT_SERVICE_NAME.append(ModelDescriptionConstants.JAAS));
        }
        if ("infinispan".equals(authenticationCacheType)) {
            String resolve = InfinispanDefaultCacheRequirement.CONFIGURATION.resolve("security");
            String resolve2 = InfinispanCacheRequirement.CONFIGURATION.resolve("security", LEGACY_CACHE_NAME);
            String dynamicName = SecurityDomainResourceDefinition.LEGACY_SECURITY_DOMAIN.getDynamicName(operationContext.getCurrentAddress());
            String name = SecurityDomainResourceDefinition.CACHE_TYPE.getName();
            String str2 = null;
            if (!operationContext.hasOptionalCapability(resolve, dynamicName, name) && operationContext.hasOptionalCapability(resolve2, dynamicName, name)) {
                SecurityLogger.ROOT_LOGGER.defaultCacheRequirementMissing("security", LEGACY_CACHE_NAME);
                str2 = LEGACY_CACHE_NAME;
            }
            operationContext.requireOptionalCapability(InfinispanCacheRequirement.CONFIGURATION.resolve("security", str2), dynamicName, name);
            new TemplateConfigurationServiceConfigurator(InfinispanCacheRequirement.CONFIGURATION.getServiceName(operationContext, "security", str), "security", str, str2).configure(operationContext).build(serviceTarget).install();
            ServiceName serviceName = InfinispanCacheRequirement.CACHE.getServiceName(operationContext, "security", str);
            new CacheServiceConfigurator(serviceName, "security", str).configure(operationContext).build(serviceTarget).install();
            addDependency.addDependency(serviceName, ConcurrentMap.class, securityDomainService.getCacheInjector());
        }
        addDependency.setInitialMode(ServiceController.Mode.ACTIVE).install();
    }

    private ApplicationPolicy createApplicationPolicy(OperationContext operationContext, String str, ModelNode modelNode) throws OperationFailedException {
        ApplicationPolicy applicationPolicy = new ApplicationPolicy(str);
        if ((processClassicAuth(operationContext, str, modelNode, applicationPolicy) | processJASPIAuth(operationContext, str, modelNode, applicationPolicy) | processAuthorization(operationContext, str, modelNode, applicationPolicy) | processACL(operationContext, str, modelNode, applicationPolicy) | processAudit(operationContext, str, modelNode, applicationPolicy) | processIdentityTrust(operationContext, str, modelNode, applicationPolicy)) || processMapping(operationContext, str, modelNode, applicationPolicy)) {
            return applicationPolicy;
        }
        return null;
    }

    private boolean processMapping(OperationContext operationContext, String str, ModelNode modelNode, ApplicationPolicy applicationPolicy) throws OperationFailedException {
        ModelNode peek = peek(modelNode, Constants.MAPPING, Constants.CLASSIC, Constants.MAPPING_MODULE);
        if (peek == null) {
            return false;
        }
        Iterator<Property> it = peek.asPropertyList().iterator();
        while (it.hasNext()) {
            ModelNode value = it.next().getValue();
            MappingInfo mappingInfo = new MappingInfo(str);
            String extractCode = extractCode(operationContext, value, ModulesMap.MAPPING_MAP);
            String asString = value.hasDefined("type") ? MappingModuleDefinition.TYPE.resolveModelAttribute(operationContext, value).asString() : MappingType.ROLE.toString();
            mappingInfo.add((MappingInfo) new MappingModuleEntry(extractCode, extractOptions(operationContext, value), asString));
            applicationPolicy.setMappingInfo(asString, mappingInfo);
            ModelNode resolveModelAttribute = LoginModuleResourceDefinition.MODULE.resolveModelAttribute(operationContext, value);
            if (!resolveModelAttribute.isDefined() || resolveModelAttribute.asString().isEmpty()) {
                mappingInfo.addJBossModuleName(DEFAULT_MODULE);
            } else {
                mappingInfo.addJBossModuleName(resolveModelAttribute.asString());
            }
        }
        return true;
    }

    private boolean processIdentityTrust(OperationContext operationContext, String str, ModelNode modelNode, ApplicationPolicy applicationPolicy) throws OperationFailedException {
        ModelNode peek = peek(modelNode, Constants.IDENTITY_TRUST, Constants.CLASSIC, Constants.TRUST_MODULE);
        if (peek == null) {
            return false;
        }
        IdentityTrustInfo identityTrustInfo = new IdentityTrustInfo(str);
        Iterator<Property> it = peek.asPropertyList().iterator();
        while (it.hasNext()) {
            ModelNode value = it.next().getValue();
            String asString = LoginModuleResourceDefinition.CODE.resolveModelAttribute(operationContext, value).asString();
            ControlFlag valueOf = ControlFlag.valueOf(LoginModuleResourceDefinition.FLAG.resolveModelAttribute(operationContext, value).asString());
            IdentityTrustModuleEntry identityTrustModuleEntry = new IdentityTrustModuleEntry(asString, extractOptions(operationContext, value));
            identityTrustModuleEntry.setControlFlag(valueOf);
            identityTrustInfo.add((IdentityTrustInfo) identityTrustModuleEntry);
            ModelNode resolveModelAttribute = LoginModuleResourceDefinition.MODULE.resolveModelAttribute(operationContext, value);
            if (!resolveModelAttribute.isDefined() || resolveModelAttribute.asString().isEmpty()) {
                identityTrustInfo.addJBossModuleName(DEFAULT_MODULE);
            } else {
                identityTrustInfo.addJBossModuleName(resolveModelAttribute.asString());
            }
        }
        applicationPolicy.setIdentityTrustInfo(identityTrustInfo);
        return true;
    }

    private boolean processAudit(OperationContext operationContext, String str, ModelNode modelNode, ApplicationPolicy applicationPolicy) throws OperationFailedException {
        ModelNode peek = peek(modelNode, "audit", Constants.CLASSIC, Constants.PROVIDER_MODULE);
        if (peek == null) {
            return false;
        }
        AuditInfo auditInfo = new AuditInfo(str);
        Iterator<Property> it = peek.asPropertyList().iterator();
        while (it.hasNext()) {
            ModelNode value = it.next().getValue();
            auditInfo.add((AuditInfo) new AuditProviderEntry(MappingProviderModuleDefinition.CODE.resolveModelAttribute(operationContext, value).asString(), extractOptions(operationContext, value)));
            ModelNode resolveModelAttribute = MappingProviderModuleDefinition.MODULE.resolveModelAttribute(operationContext, value);
            if (!resolveModelAttribute.isDefined() || resolveModelAttribute.asString().isEmpty()) {
                auditInfo.addJBossModuleName(DEFAULT_MODULE);
            } else {
                auditInfo.addJBossModuleName(resolveModelAttribute.asString());
            }
        }
        applicationPolicy.setAuditInfo(auditInfo);
        return true;
    }

    private boolean processACL(OperationContext operationContext, String str, ModelNode modelNode, ApplicationPolicy applicationPolicy) throws OperationFailedException {
        ModelNode peek = peek(modelNode, "acl", Constants.CLASSIC, Constants.ACL_MODULE);
        if (peek == null) {
            return false;
        }
        ACLInfo aCLInfo = new ACLInfo(str);
        Iterator<Property> it = peek.asPropertyList().iterator();
        while (it.hasNext()) {
            ModelNode value = it.next().getValue();
            String asString = LoginModuleResourceDefinition.CODE.resolveModelAttribute(operationContext, value).asString();
            ControlFlag valueOf = ControlFlag.valueOf(LoginModuleResourceDefinition.FLAG.resolveModelAttribute(operationContext, value).asString());
            ACLProviderEntry aCLProviderEntry = new ACLProviderEntry(asString, extractOptions(operationContext, value));
            aCLProviderEntry.setControlFlag(valueOf);
            aCLInfo.add((ACLInfo) aCLProviderEntry);
            ModelNode resolveModelAttribute = LoginModuleResourceDefinition.MODULE.resolveModelAttribute(operationContext, value);
            if (!resolveModelAttribute.isDefined() || resolveModelAttribute.asString().isEmpty()) {
                aCLInfo.addJBossModuleName(DEFAULT_MODULE);
            } else {
                aCLInfo.addJBossModuleName(resolveModelAttribute.asString());
            }
        }
        applicationPolicy.setAclInfo(aCLInfo);
        return true;
    }

    private boolean processAuthorization(OperationContext operationContext, String str, ModelNode modelNode, ApplicationPolicy applicationPolicy) throws OperationFailedException {
        ModelNode peek = peek(modelNode, "authorization", Constants.CLASSIC, Constants.POLICY_MODULE);
        if (peek == null) {
            return false;
        }
        AuthorizationInfo authorizationInfo = new AuthorizationInfo(str);
        Iterator<Property> it = peek.asPropertyList().iterator();
        while (it.hasNext()) {
            ModelNode value = it.next().getValue();
            String extractCode = extractCode(operationContext, value, ModulesMap.AUTHORIZATION_MAP);
            ControlFlag valueOf = ControlFlag.valueOf(LoginModuleResourceDefinition.FLAG.resolveModelAttribute(operationContext, value).asString());
            AuthorizationModuleEntry authorizationModuleEntry = new AuthorizationModuleEntry(extractCode, extractOptions(operationContext, value));
            authorizationModuleEntry.setControlFlag(valueOf);
            authorizationInfo.add((AuthorizationInfo) authorizationModuleEntry);
            ModelNode resolveModelAttribute = LoginModuleResourceDefinition.MODULE.resolveModelAttribute(operationContext, value);
            if (!resolveModelAttribute.isDefined() || resolveModelAttribute.asString().isEmpty()) {
                authorizationInfo.addJBossModuleName(DEFAULT_MODULE);
            } else {
                authorizationInfo.addJBossModuleName(resolveModelAttribute.asString());
            }
        }
        applicationPolicy.setAuthorizationInfo(authorizationInfo);
        return true;
    }

    private boolean processJASPIAuth(OperationContext operationContext, String str, ModelNode modelNode, ApplicationPolicy applicationPolicy) throws OperationFailedException {
        ModelNode peek = peek(modelNode, "authentication", "jaspi");
        if (peek == null) {
            return false;
        }
        JASPIAuthenticationInfo jASPIAuthenticationInfo = new JASPIAuthenticationInfo(str);
        HashMap hashMap = new HashMap();
        if (peek.hasDefined(Constants.LOGIN_MODULE_STACK)) {
            for (Property property : peek.get(Constants.LOGIN_MODULE_STACK).asPropertyList()) {
                String name = property.getName();
                ModelNode value = property.getValue();
                final LoginModuleStackHolder loginModuleStackHolder = new LoginModuleStackHolder(name, null);
                hashMap.put(name, loginModuleStackHolder);
                jASPIAuthenticationInfo.add(loginModuleStackHolder);
                if (value.hasDefined(Constants.LOGIN_MODULE)) {
                    processLoginModules(operationContext, value.get(Constants.LOGIN_MODULE), jASPIAuthenticationInfo, new LoginModuleContainer() { // from class: org.jboss.as.security.SecurityDomainAdd.2
                        @Override // org.jboss.as.security.SecurityDomainAdd.LoginModuleContainer
                        public void addAppConfigurationEntry(AppConfigurationEntry appConfigurationEntry) {
                            loginModuleStackHolder.addAppConfigurationEntry(appConfigurationEntry);
                        }
                    });
                }
            }
        }
        Iterator<Property> it = peek.get(Constants.AUTH_MODULE).asPropertyList().iterator();
        while (it.hasNext()) {
            ModelNode value2 = it.next().getValue();
            String extractCode = extractCode(operationContext, value2, ModulesMap.AUTHENTICATION_MAP);
            String asString = value2.hasDefined(Constants.LOGIN_MODULE_STACK_REF) ? JASPIMappingModuleDefinition.LOGIN_MODULE_STACK_REF.resolveModelAttribute(operationContext, value2).asString() : null;
            AuthModuleEntry authModuleEntry = new AuthModuleEntry(extractCode, extractOptions(operationContext, value2), asString);
            if (value2.hasDefined("flag")) {
                authModuleEntry.setControlFlag(ControlFlag.valueOf(LoginModuleResourceDefinition.FLAG.resolveModelAttribute(operationContext, value2).asString()));
            }
            if (asString != null) {
                if (!hashMap.containsKey(asString)) {
                    throw SecurityLogger.ROOT_LOGGER.loginModuleStackIllegalArgument(asString);
                }
                authModuleEntry.setLoginModuleStackHolder((LoginModuleStackHolder) hashMap.get(asString));
            }
            jASPIAuthenticationInfo.add(authModuleEntry);
            ModelNode resolveModelAttribute = LoginModuleResourceDefinition.MODULE.resolveModelAttribute(operationContext, value2);
            if (!resolveModelAttribute.isDefined() || resolveModelAttribute.asString().isEmpty()) {
                jASPIAuthenticationInfo.addJBossModuleName(DEFAULT_MODULE);
            } else {
                jASPIAuthenticationInfo.addJBossModuleName(resolveModelAttribute.asString());
            }
        }
        applicationPolicy.setAuthenticationInfo(jASPIAuthenticationInfo);
        return true;
    }

    private static String extractCode(OperationContext operationContext, ModelNode modelNode, Map<String, String> map) throws OperationFailedException {
        String asString = LoginModuleResourceDefinition.CODE.resolveModelAttribute(operationContext, modelNode).asString();
        if (map.containsKey(asString)) {
            asString = map.get(asString);
        }
        return asString;
    }

    private ModelNode peek(ModelNode modelNode, String... strArr) {
        for (String str : strArr) {
            if (!modelNode.hasDefined(str)) {
                return null;
            }
            modelNode = modelNode.get(str);
        }
        return modelNode;
    }

    private boolean processClassicAuth(OperationContext operationContext, String str, ModelNode modelNode, ApplicationPolicy applicationPolicy) throws OperationFailedException {
        ModelNode peek = peek(modelNode, "authentication", Constants.CLASSIC);
        if (peek == null) {
            return false;
        }
        final AuthenticationInfo authenticationInfo = new AuthenticationInfo(str);
        if (peek.hasDefined(Constants.LOGIN_MODULE)) {
            processLoginModules(operationContext, peek.get(Constants.LOGIN_MODULE), authenticationInfo, new LoginModuleContainer() { // from class: org.jboss.as.security.SecurityDomainAdd.3
                @Override // org.jboss.as.security.SecurityDomainAdd.LoginModuleContainer
                public void addAppConfigurationEntry(AppConfigurationEntry appConfigurationEntry) {
                    authenticationInfo.add((AuthenticationInfo) appConfigurationEntry);
                }
            });
        }
        applicationPolicy.setAuthenticationInfo(authenticationInfo);
        return true;
    }

    private void processLoginModules(OperationContext operationContext, ModelNode modelNode, BaseAuthenticationInfo baseAuthenticationInfo, LoginModuleContainer loginModuleContainer) throws OperationFailedException {
        Iterator<Property> it = modelNode.asPropertyList().iterator();
        while (it.hasNext()) {
            ModelNode value = it.next().getValue();
            loginModuleContainer.addAppConfigurationEntry(new AppConfigurationEntry(extractCode(operationContext, value, ModulesMap.AUTHENTICATION_MAP), getControlFlag(LoginModuleResourceDefinition.FLAG.resolveModelAttribute(operationContext, value).asString()), extractOptions(operationContext, value)));
            ModelNode resolveModelAttribute = LoginModuleResourceDefinition.MODULE.resolveModelAttribute(operationContext, value);
            if (!resolveModelAttribute.isDefined() || resolveModelAttribute.asString().isEmpty()) {
                baseAuthenticationInfo.addJBossModuleName(DEFAULT_MODULE);
            } else {
                baseAuthenticationInfo.addJBossModuleName(resolveModelAttribute.asString());
            }
        }
    }

    private Map<String, Object> extractOptions(OperationContext operationContext, ModelNode modelNode) throws OperationFailedException {
        return new LinkedHashMap(MappingModuleDefinition.MODULE_OPTIONS.unwrap(operationContext, modelNode));
    }

    private JSSESecurityDomain createJSSESecurityDomain(OperationContext operationContext, String str, ModelNode modelNode) throws OperationFailedException {
        ModelNode peek = peek(modelNode, Constants.JSSE, Constants.CLASSIC);
        if (peek == null) {
            return null;
        }
        final JBossJSSESecurityDomain jBossJSSESecurityDomain = new JBossJSSESecurityDomain(str);
        processKeyStore(operationContext, peek, "keystore", new KeyStoreConfig() { // from class: org.jboss.as.security.SecurityDomainAdd.4
            @Override // org.jboss.as.security.SecurityDomainAdd.KeyStoreConfig
            public void setKeyStorePassword(String str2) throws Exception {
                jBossJSSESecurityDomain.setKeyStorePassword(str2);
            }

            @Override // org.jboss.as.security.SecurityDomainAdd.KeyStoreConfig
            public void setKeyStoreType(String str2) {
                jBossJSSESecurityDomain.setKeyStoreType(str2);
            }

            @Override // org.jboss.as.security.SecurityDomainAdd.KeyStoreConfig
            public void setKeyStoreURL(String str2) throws IOException {
                jBossJSSESecurityDomain.setKeyStoreURL(str2);
            }

            @Override // org.jboss.as.security.SecurityDomainAdd.KeyStoreConfig
            public void setKeyStoreProvider(String str2) {
                jBossJSSESecurityDomain.setKeyStoreProvider(str2);
            }

            @Override // org.jboss.as.security.SecurityDomainAdd.KeyStoreConfig
            public void setKeyStoreProviderArgument(String str2) {
                jBossJSSESecurityDomain.setKeyStoreProviderArgument(str2);
            }
        });
        processKeyStore(operationContext, peek, "truststore", new KeyStoreConfig() { // from class: org.jboss.as.security.SecurityDomainAdd.5
            @Override // org.jboss.as.security.SecurityDomainAdd.KeyStoreConfig
            public void setKeyStorePassword(String str2) throws Exception {
                jBossJSSESecurityDomain.setTrustStorePassword(str2);
            }

            @Override // org.jboss.as.security.SecurityDomainAdd.KeyStoreConfig
            public void setKeyStoreType(String str2) {
                jBossJSSESecurityDomain.setTrustStoreType(str2);
            }

            @Override // org.jboss.as.security.SecurityDomainAdd.KeyStoreConfig
            public void setKeyStoreURL(String str2) throws IOException {
                jBossJSSESecurityDomain.setTrustStoreURL(str2);
            }

            @Override // org.jboss.as.security.SecurityDomainAdd.KeyStoreConfig
            public void setKeyStoreProvider(String str2) {
                jBossJSSESecurityDomain.setTrustStoreProvider(str2);
            }

            @Override // org.jboss.as.security.SecurityDomainAdd.KeyStoreConfig
            public void setKeyStoreProviderArgument(String str2) {
                jBossJSSESecurityDomain.setTrustStoreProviderArgument(str2);
            }
        });
        processKeyManager(operationContext, peek, "key-manager", new KeyManagerConfig() { // from class: org.jboss.as.security.SecurityDomainAdd.6
            @Override // org.jboss.as.security.SecurityDomainAdd.KeyManagerConfig
            public void setKeyManagerFactoryAlgorithm(String str2) {
                jBossJSSESecurityDomain.setKeyManagerFactoryAlgorithm(str2);
            }

            @Override // org.jboss.as.security.SecurityDomainAdd.KeyManagerConfig
            public void setKeyManagerFactoryProvider(String str2) {
                jBossJSSESecurityDomain.setKeyManagerFactoryProvider(str2);
            }
        });
        processKeyManager(operationContext, peek, "trust-manager", new KeyManagerConfig() { // from class: org.jboss.as.security.SecurityDomainAdd.7
            @Override // org.jboss.as.security.SecurityDomainAdd.KeyManagerConfig
            public void setKeyManagerFactoryAlgorithm(String str2) {
                jBossJSSESecurityDomain.setTrustManagerFactoryAlgorithm(str2);
            }

            @Override // org.jboss.as.security.SecurityDomainAdd.KeyManagerConfig
            public void setKeyManagerFactoryProvider(String str2) {
                jBossJSSESecurityDomain.setTrustManagerFactoryProvider(str2);
            }
        });
        if (peek.hasDefined(Constants.CLIENT_ALIAS)) {
            jBossJSSESecurityDomain.setClientAlias(JSSEResourceDefinition.CLIENT_ALIAS.resolveModelAttribute(operationContext, peek).asString());
        }
        if (peek.hasDefined(Constants.SERVER_ALIAS)) {
            jBossJSSESecurityDomain.setServerAlias(JSSEResourceDefinition.SERVER_ALIAS.resolveModelAttribute(operationContext, peek).asString());
        }
        if (peek.hasDefined(Constants.CLIENT_AUTH)) {
            jBossJSSESecurityDomain.setClientAuth(JSSEResourceDefinition.CLIENT_AUTH.resolveModelAttribute(operationContext, peek).asBoolean());
        }
        if (peek.hasDefined(Constants.SERVICE_AUTH_TOKEN)) {
            try {
                jBossJSSESecurityDomain.setServiceAuthToken(JSSEResourceDefinition.SERVICE_AUTH_TOKEN.resolveModelAttribute(operationContext, peek).asString());
            } catch (Exception e) {
                throw SecurityLogger.ROOT_LOGGER.runtimeException(e);
            }
        }
        if (peek.hasDefined(Constants.CIPHER_SUITES)) {
            jBossJSSESecurityDomain.setCipherSuites(JSSEResourceDefinition.CIPHER_SUITES.resolveModelAttribute(operationContext, peek).asString());
        }
        if (peek.hasDefined("protocols")) {
            jBossJSSESecurityDomain.setProtocols(JSSEResourceDefinition.PROTOCOLS.resolveModelAttribute(operationContext, peek).asString());
        }
        if (peek.hasDefined(Constants.ADDITIONAL_PROPERTIES)) {
            Properties properties = new Properties();
            properties.putAll(JSSEResourceDefinition.ADDITIONAL_PROPERTIES.unwrap(operationContext, peek));
            jBossJSSESecurityDomain.setAdditionalProperties(properties);
        }
        return jBossJSSESecurityDomain;
    }

    private void processKeyStore(OperationContext operationContext, ModelNode modelNode, String str, KeyStoreConfig keyStoreConfig) throws OperationFailedException {
        ModelNode peek = peek(modelNode, str, "password");
        ModelNode peek2 = peek(modelNode, str, "type");
        ModelNode peek3 = peek(modelNode, str, "url");
        ModelNode peek4 = peek(modelNode, str, "provider");
        ModelNode peek5 = peek(modelNode, str, Constants.PROVIDER_ARGUMENT);
        if (peek != null) {
            try {
                keyStoreConfig.setKeyStorePassword(operationContext.resolveExpressions(peek).asString());
            } catch (Exception e) {
                throw SecurityLogger.ROOT_LOGGER.runtimeException(e);
            }
        }
        if (peek2 != null) {
            keyStoreConfig.setKeyStoreType(operationContext.resolveExpressions(peek2).asString());
        }
        if (peek3 != null) {
            try {
                keyStoreConfig.setKeyStoreURL(operationContext.resolveExpressions(peek3).asString());
            } catch (Exception e2) {
                throw SecurityLogger.ROOT_LOGGER.runtimeException(e2);
            }
        }
        if (peek4 != null) {
            keyStoreConfig.setKeyStoreProvider(operationContext.resolveExpressions(peek4).asString());
        }
        if (peek5 != null) {
            keyStoreConfig.setKeyStoreProviderArgument(operationContext.resolveExpressions(peek5).asString());
        }
    }

    private void processKeyManager(OperationContext operationContext, ModelNode modelNode, String str, KeyManagerConfig keyManagerConfig) throws OperationFailedException {
        ModelNode peek = peek(modelNode, str, "algorithm");
        ModelNode peek2 = peek(modelNode, str, "provider");
        if (peek != null) {
            keyManagerConfig.setKeyManagerFactoryAlgorithm(operationContext.resolveExpressions(peek).asString());
        }
        if (peek2 != null) {
            keyManagerConfig.setKeyManagerFactoryProvider(operationContext.resolveExpressions(peek2).asString());
        }
    }

    private AppConfigurationEntry.LoginModuleControlFlag getControlFlag(String str) {
        switch (ModuleFlag.valueOf(str.toUpperCase(Locale.ENGLISH))) {
            case SUFFICIENT:
                return AppConfigurationEntry.LoginModuleControlFlag.SUFFICIENT;
            case OPTIONAL:
                return AppConfigurationEntry.LoginModuleControlFlag.OPTIONAL;
            case REQUISITE:
                return AppConfigurationEntry.LoginModuleControlFlag.REQUISITE;
            case REQUIRED:
            default:
                return AppConfigurationEntry.LoginModuleControlFlag.REQUIRED;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String getAuthenticationCacheType(ModelNode modelNode) {
        String str = null;
        if (modelNode.hasDefined(Constants.CACHE_TYPE)) {
            str = modelNode.get(Constants.CACHE_TYPE).asString();
        }
        return str;
    }
}
