package org.jboss.as.security.elytron;

import java.security.KeyStore;
import javax.net.ssl.KeyManager;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509ExtendedKeyManager;
import javax.net.ssl.X509ExtendedTrustManager;
import org.jboss.as.controller.AttributeDefinition;
import org.jboss.as.controller.OperationContext;
import org.jboss.as.controller.OperationFailedException;
import org.jboss.as.controller.ResourceDefinition;
import org.jboss.as.controller.SimpleAttributeDefinition;
import org.jboss.as.controller.SimpleAttributeDefinitionBuilder;
import org.jboss.as.controller.access.management.SensitiveTargetAccessConstraintDefinition;
import org.jboss.as.controller.operations.validation.StringLengthValidator;
import org.jboss.as.controller.registry.AttributeAccess;
import org.jboss.as.security.Constants;
import org.jboss.as.security.elytron.BasicService;
import org.jboss.as.security.logging.SecurityLogger;
import org.jboss.as.security.plugins.SecurityDomainContext;
import org.jboss.as.security.service.SecurityDomainService;
import org.jboss.dmr.ModelNode;
import org.jboss.dmr.ModelType;
import org.jboss.msc.service.ServiceBuilder;
import org.jboss.msc.value.InjectedValue;
import org.jboss.security.JSSESecurityDomain;
import org.wildfly.security.auth.server.SecurityRealm;

/* loaded from: input_file:WEB-INF/lib/wildfly-security-11.0.0.Final.jar:org/jboss/as/security/elytron/ElytronIntegrationResourceDefinitions.class */
public class ElytronIntegrationResourceDefinitions {
    public static final SimpleAttributeDefinition LEGACY_JAAS_CONFIG = new SimpleAttributeDefinitionBuilder(Constants.LEGACY_JAAS_CONFIG, ModelType.STRING, false).setFlags(AttributeAccess.Flag.RESTART_RESOURCE_SERVICES).setValidator(new StringLengthValidator(1)).setAllowExpression(false).setAccessConstraints(SensitiveTargetAccessConstraintDefinition.SECURITY_DOMAIN_REF).build();
    public static final SimpleAttributeDefinition LEGACY_JSSE_CONFIG = new SimpleAttributeDefinitionBuilder(Constants.LEGACY_JSSE_CONFIG, ModelType.STRING, false).setFlags(AttributeAccess.Flag.RESTART_RESOURCE_SERVICES).setValidator(new StringLengthValidator(1)).setAllowExpression(false).setAccessConstraints(SensitiveTargetAccessConstraintDefinition.SECURITY_DOMAIN_REF).build();
    public static final SimpleAttributeDefinition APPLY_ROLE_MAPPERS = new SimpleAttributeDefinitionBuilder(Constants.APPLY_ROLE_MAPPERS, ModelType.BOOLEAN, true).setFlags(AttributeAccess.Flag.RESTART_RESOURCE_SERVICES).setDefaultValue(new ModelNode(true)).setAllowExpression(true).build();

    public static ResourceDefinition getElytronRealmResourceDefinition() {
        AttributeDefinition[] attributeDefinitionArr = {LEGACY_JAAS_CONFIG, APPLY_ROLE_MAPPERS};
        return new BasicResourceDefinition(Constants.ELYTRON_REALM, new BasicAddHandler<SecurityRealm>(attributeDefinitionArr, Capabilities.SECURITY_REALM_RUNTIME_CAPABILITY) { // from class: org.jboss.as.security.elytron.ElytronIntegrationResourceDefinitions.1
            @Override // org.jboss.as.security.elytron.BasicAddHandler
            protected BasicService.ValueSupplier<SecurityRealm> getValueSupplier(ServiceBuilder<SecurityRealm> serviceBuilder, OperationContext operationContext, ModelNode modelNode) throws OperationFailedException {
                String asStringIfDefined = ElytronIntegrationResourceDefinitions.asStringIfDefined(operationContext, ElytronIntegrationResourceDefinitions.LEGACY_JAAS_CONFIG, modelNode);
                boolean asBoolean = ElytronIntegrationResourceDefinitions.APPLY_ROLE_MAPPERS.resolveModelAttribute(operationContext, modelNode).asBoolean();
                InjectedValue injectedValue = new InjectedValue();
                if (asStringIfDefined != null) {
                    serviceBuilder.addDependency(SecurityDomainService.SERVICE_NAME.append(asStringIfDefined), SecurityDomainContext.class, injectedValue);
                }
                return () -> {
                    return new SecurityDomainContextRealm((SecurityDomainContext) injectedValue.getValue(), asBoolean);
                };
            }
        }, attributeDefinitionArr, Capabilities.SECURITY_REALM_RUNTIME_CAPABILITY);
    }

    public static ResourceDefinition getElytronKeyStoreResourceDefinition() {
        AttributeDefinition[] attributeDefinitionArr = {LEGACY_JSSE_CONFIG};
        return new BasicResourceDefinition(Constants.ELYTRON_KEY_STORE, new BasicAddHandler<KeyStore>(attributeDefinitionArr, Capabilities.KEY_STORE_RUNTIME_CAPABILITY) { // from class: org.jboss.as.security.elytron.ElytronIntegrationResourceDefinitions.2
            @Override // org.jboss.as.security.elytron.BasicAddHandler
            protected BasicService.ValueSupplier<KeyStore> getValueSupplier(ServiceBuilder<KeyStore> serviceBuilder, OperationContext operationContext, ModelNode modelNode) throws OperationFailedException {
                String asStringIfDefined = ElytronIntegrationResourceDefinitions.asStringIfDefined(operationContext, ElytronIntegrationResourceDefinitions.LEGACY_JSSE_CONFIG, modelNode);
                InjectedValue injectedValue = new InjectedValue();
                if (asStringIfDefined != null) {
                    serviceBuilder.addDependency(SecurityDomainService.SERVICE_NAME.append(asStringIfDefined), SecurityDomainContext.class, injectedValue);
                }
                return () -> {
                    JSSESecurityDomain jsse = ((SecurityDomainContext) injectedValue.getValue()).getJSSE();
                    if (jsse == null) {
                        throw SecurityLogger.ROOT_LOGGER.unableToLocateJSSEConfig(asStringIfDefined);
                    }
                    KeyStore keyStore = jsse.getKeyStore();
                    if (keyStore == null) {
                        throw SecurityLogger.ROOT_LOGGER.unableToLocateComponentInJSSEDomain("KeyStore", asStringIfDefined);
                    }
                    return keyStore;
                };
            }
        }, attributeDefinitionArr, Capabilities.KEY_STORE_RUNTIME_CAPABILITY);
    }

    public static ResourceDefinition getElytronTrustStoreResourceDefinition() {
        AttributeDefinition[] attributeDefinitionArr = {LEGACY_JSSE_CONFIG};
        return new BasicResourceDefinition(Constants.ELYTRON_TRUST_STORE, new BasicAddHandler<KeyStore>(attributeDefinitionArr, Capabilities.KEY_STORE_RUNTIME_CAPABILITY) { // from class: org.jboss.as.security.elytron.ElytronIntegrationResourceDefinitions.3
            @Override // org.jboss.as.security.elytron.BasicAddHandler
            protected BasicService.ValueSupplier<KeyStore> getValueSupplier(ServiceBuilder<KeyStore> serviceBuilder, OperationContext operationContext, ModelNode modelNode) throws OperationFailedException {
                String asStringIfDefined = ElytronIntegrationResourceDefinitions.asStringIfDefined(operationContext, ElytronIntegrationResourceDefinitions.LEGACY_JSSE_CONFIG, modelNode);
                InjectedValue injectedValue = new InjectedValue();
                if (asStringIfDefined != null) {
                    serviceBuilder.addDependency(SecurityDomainService.SERVICE_NAME.append(asStringIfDefined), SecurityDomainContext.class, injectedValue);
                }
                return () -> {
                    JSSESecurityDomain jsse = ((SecurityDomainContext) injectedValue.getValue()).getJSSE();
                    if (jsse == null) {
                        throw SecurityLogger.ROOT_LOGGER.unableToLocateJSSEConfig(asStringIfDefined);
                    }
                    KeyStore trustStore = jsse.getTrustStore();
                    if (trustStore == null) {
                        throw SecurityLogger.ROOT_LOGGER.unableToLocateComponentInJSSEDomain("TrustStore", asStringIfDefined);
                    }
                    return trustStore;
                };
            }
        }, attributeDefinitionArr, Capabilities.KEY_STORE_RUNTIME_CAPABILITY);
    }

    public static ResourceDefinition getElytronKeyManagersResourceDefinition() {
        AttributeDefinition[] attributeDefinitionArr = {LEGACY_JSSE_CONFIG};
        return new BasicResourceDefinition(Constants.ELYTRON_KEY_MANAGER, new BasicAddHandler<KeyManager>(attributeDefinitionArr, Capabilities.KEY_MANAGER_RUNTIME_CAPABILITY) { // from class: org.jboss.as.security.elytron.ElytronIntegrationResourceDefinitions.4
            @Override // org.jboss.as.security.elytron.BasicAddHandler
            protected BasicService.ValueSupplier<KeyManager> getValueSupplier(ServiceBuilder<KeyManager> serviceBuilder, OperationContext operationContext, ModelNode modelNode) throws OperationFailedException {
                String asStringIfDefined = ElytronIntegrationResourceDefinitions.asStringIfDefined(operationContext, ElytronIntegrationResourceDefinitions.LEGACY_JSSE_CONFIG, modelNode);
                InjectedValue injectedValue = new InjectedValue();
                if (asStringIfDefined != null) {
                    serviceBuilder.addDependency(SecurityDomainService.SERVICE_NAME.append(asStringIfDefined), SecurityDomainContext.class, injectedValue);
                }
                return () -> {
                    JSSESecurityDomain jsse = ((SecurityDomainContext) injectedValue.getValue()).getJSSE();
                    if (jsse == null) {
                        throw SecurityLogger.ROOT_LOGGER.unableToLocateJSSEConfig(asStringIfDefined);
                    }
                    KeyManager[] keyManagers = jsse.getKeyManagers();
                    if (keyManagers == null) {
                        throw SecurityLogger.ROOT_LOGGER.unableToLocateComponentInJSSEDomain("KeyManager", asStringIfDefined);
                    }
                    for (KeyManager keyManager : keyManagers) {
                        if (keyManager instanceof X509ExtendedKeyManager) {
                            return keyManager;
                        }
                    }
                    throw SecurityLogger.ROOT_LOGGER.expectedManagerTypeNotFound("KeyManager", X509ExtendedKeyManager.class.getSimpleName(), asStringIfDefined);
                };
            }
        }, attributeDefinitionArr, Capabilities.KEY_MANAGER_RUNTIME_CAPABILITY);
    }

    public static ResourceDefinition getElytronTrustManagersResourceDefinition() {
        AttributeDefinition[] attributeDefinitionArr = {LEGACY_JSSE_CONFIG};
        return new BasicResourceDefinition(Constants.ELYTRON_TRUST_MANAGER, new BasicAddHandler<TrustManager>(attributeDefinitionArr, Capabilities.TRUST_MANAGER_RUNTIME_CAPABILITY) { // from class: org.jboss.as.security.elytron.ElytronIntegrationResourceDefinitions.5
            @Override // org.jboss.as.security.elytron.BasicAddHandler
            protected BasicService.ValueSupplier<TrustManager> getValueSupplier(ServiceBuilder<TrustManager> serviceBuilder, OperationContext operationContext, ModelNode modelNode) throws OperationFailedException {
                String asStringIfDefined = ElytronIntegrationResourceDefinitions.asStringIfDefined(operationContext, ElytronIntegrationResourceDefinitions.LEGACY_JSSE_CONFIG, modelNode);
                InjectedValue injectedValue = new InjectedValue();
                if (asStringIfDefined != null) {
                    serviceBuilder.addDependency(SecurityDomainService.SERVICE_NAME.append(asStringIfDefined), SecurityDomainContext.class, injectedValue);
                }
                return () -> {
                    JSSESecurityDomain jsse = ((SecurityDomainContext) injectedValue.getValue()).getJSSE();
                    if (jsse == null) {
                        throw SecurityLogger.ROOT_LOGGER.unableToLocateJSSEConfig(asStringIfDefined);
                    }
                    TrustManager[] trustManagers = jsse.getTrustManagers();
                    if (trustManagers == null) {
                        throw SecurityLogger.ROOT_LOGGER.unableToLocateComponentInJSSEDomain("TrustManager", asStringIfDefined);
                    }
                    for (TrustManager trustManager : trustManagers) {
                        if (trustManager instanceof X509ExtendedTrustManager) {
                            return trustManager;
                        }
                    }
                    throw SecurityLogger.ROOT_LOGGER.expectedManagerTypeNotFound("TrustManager", X509ExtendedTrustManager.class.getSimpleName(), asStringIfDefined);
                };
            }
        }, attributeDefinitionArr, Capabilities.TRUST_MANAGER_RUNTIME_CAPABILITY);
    }

    static String asStringIfDefined(OperationContext operationContext, SimpleAttributeDefinition simpleAttributeDefinition, ModelNode modelNode) throws OperationFailedException {
        ModelNode resolveModelAttribute = simpleAttributeDefinition.resolveModelAttribute(operationContext, modelNode);
        if (resolveModelAttribute.isDefined()) {
            return resolveModelAttribute.asString();
        }
        return null;
    }
}
