package org.wildfly.security.auth.realm;

import java.security.Principal;
import java.security.spec.AlgorithmParameterSpec;
import java.util.function.Function;
import org.wildfly.security.auth.SupportLevel;
import org.wildfly.security.auth.server.RealmIdentity;
import org.wildfly.security.auth.server.RealmUnavailableException;
import org.wildfly.security.auth.server.SecurityRealm;
import org.wildfly.security.auth.server.event.RealmAuthenticationEvent;
import org.wildfly.security.auth.server.event.RealmAuthorizationEvent;
import org.wildfly.security.auth.server.event.RealmEvent;
import org.wildfly.security.authz.Attributes;
import org.wildfly.security.authz.AuthorizationIdentity;
import org.wildfly.security.credential.Credential;
import org.wildfly.security.evidence.Evidence;

/* JADX WARN: Classes with same name are omitted:
  input_file:WEB-INF/lib/wildfly-elytron-realm-1.10.7.Final.jar:org/wildfly/security/auth/realm/AggregateSecurityRealm.class
 */
/* loaded from: input_file:WEB-INF/lib/wildfly-elytron-1.10.7.Final.jar:org/wildfly/security/auth/realm/AggregateSecurityRealm.class */
public final class AggregateSecurityRealm implements SecurityRealm {
    private final SecurityRealm authenticationRealm;
    private final SecurityRealm[] authorizationRealms;
    private final Function<Principal, Principal> principalTransformer;

    /* JADX WARN: Classes with same name are omitted:
      input_file:WEB-INF/lib/wildfly-elytron-realm-1.10.7.Final.jar:org/wildfly/security/auth/realm/AggregateSecurityRealm$Identity.class
     */
    /* loaded from: input_file:WEB-INF/lib/wildfly-elytron-1.10.7.Final.jar:org/wildfly/security/auth/realm/AggregateSecurityRealm$Identity.class */
    static final class Identity implements RealmIdentity {
        private final RealmIdentity authenticationIdentity;
        private final RealmIdentity[] authorizationIdentities;

        Identity(RealmIdentity realmIdentity, RealmIdentity[] realmIdentityArr) {
            this.authenticationIdentity = realmIdentity;
            this.authorizationIdentities = realmIdentityArr;
        }

        @Override // org.wildfly.security.auth.server.RealmIdentity
        public Principal getRealmIdentityPrincipal() {
            return this.authenticationIdentity.getRealmIdentityPrincipal();
        }

        @Override // org.wildfly.security.auth.server.RealmIdentity
        public SupportLevel getCredentialAcquireSupport(Class<? extends Credential> cls, String str, AlgorithmParameterSpec algorithmParameterSpec) throws RealmUnavailableException {
            return this.authenticationIdentity.getCredentialAcquireSupport(cls, str, algorithmParameterSpec);
        }

        @Override // org.wildfly.security.auth.server.RealmIdentity
        public SupportLevel getEvidenceVerifySupport(Class<? extends Evidence> cls, String str) throws RealmUnavailableException {
            return this.authenticationIdentity.getEvidenceVerifySupport(cls, str);
        }

        @Override // org.wildfly.security.auth.server.RealmIdentity
        public <C extends Credential> C getCredential(Class<C> cls, String str, AlgorithmParameterSpec algorithmParameterSpec) throws RealmUnavailableException {
            return (C) this.authenticationIdentity.getCredential(cls, str, algorithmParameterSpec);
        }

        @Override // org.wildfly.security.auth.server.RealmIdentity
        public <C extends Credential> C getCredential(Class<C> cls, String str) throws RealmUnavailableException {
            return (C) this.authenticationIdentity.getCredential(cls, str);
        }

        @Override // org.wildfly.security.auth.server.RealmIdentity
        public <C extends Credential> C getCredential(Class<C> cls) throws RealmUnavailableException {
            return (C) this.authenticationIdentity.getCredential(cls);
        }

        @Override // org.wildfly.security.auth.server.RealmIdentity
        public boolean verifyEvidence(Evidence evidence) throws RealmUnavailableException {
            return this.authenticationIdentity.verifyEvidence(evidence);
        }

        @Override // org.wildfly.security.auth.server.RealmIdentity
        public boolean exists() throws RealmUnavailableException {
            return this.authenticationIdentity.exists();
        }

        @Override // org.wildfly.security.auth.server.RealmIdentity
        public AuthorizationIdentity getAuthorizationIdentity() throws RealmUnavailableException {
            if (this.authorizationIdentities.length == 1) {
                return this.authorizationIdentities[0].getAuthorizationIdentity();
            }
            AuthorizationIdentity[] authorizationIdentityArr = new AuthorizationIdentity[this.authorizationIdentities.length];
            for (int i = 0; i < authorizationIdentityArr.length; i++) {
                authorizationIdentityArr[i] = this.authorizationIdentities[i].getAuthorizationIdentity();
            }
            return AuthorizationIdentity.basicIdentity(() -> {
                return combineAttributes(authorizationIdentityArr);
            }, "Aggregated");
        }

        private Attributes combineAttributes(AuthorizationIdentity[] authorizationIdentityArr) {
            Attributes[] attributesArr = new Attributes[authorizationIdentityArr.length];
            for (int i = 0; i < attributesArr.length; i++) {
                attributesArr[i] = authorizationIdentityArr[i].getAttributes();
            }
            return AggregateAttributes.aggregateOf(attributesArr);
        }

        @Override // org.wildfly.security.auth.server.RealmIdentity
        public void dispose() {
            this.authenticationIdentity.dispose();
            for (RealmIdentity realmIdentity : this.authorizationIdentities) {
                realmIdentity.dispose();
            }
        }
    }

    public AggregateSecurityRealm(SecurityRealm securityRealm, SecurityRealm securityRealm2) {
        this.authenticationRealm = securityRealm;
        this.authorizationRealms = new SecurityRealm[]{securityRealm2};
        this.principalTransformer = null;
    }

    public AggregateSecurityRealm(SecurityRealm securityRealm, SecurityRealm... securityRealmArr) {
        this.authenticationRealm = securityRealm;
        this.authorizationRealms = securityRealmArr;
        this.principalTransformer = null;
    }

    public AggregateSecurityRealm(SecurityRealm securityRealm, Function<Principal, Principal> function, SecurityRealm... securityRealmArr) {
        this.authenticationRealm = securityRealm;
        this.authorizationRealms = securityRealmArr;
        this.principalTransformer = function;
    }

    @Override // org.wildfly.security.auth.server.SecurityRealm
    public RealmIdentity getRealmIdentity(Evidence evidence) throws RealmUnavailableException {
        boolean z = false;
        RealmIdentity realmIdentity = this.authenticationRealm.getRealmIdentity(evidence);
        RealmIdentity[] realmIdentityArr = new RealmIdentity[this.authorizationRealms.length];
        for (int i = 0; i < realmIdentityArr.length; i++) {
            try {
                SecurityRealm securityRealm = this.authorizationRealms[i];
                if (this.principalTransformer == null) {
                    realmIdentityArr[i] = securityRealm == this.authenticationRealm ? realmIdentity : securityRealm.getRealmIdentity(evidence);
                } else {
                    realmIdentityArr[i] = securityRealm.getRealmIdentity(evidence, this.principalTransformer);
                }
            } catch (Throwable th) {
                if (!z) {
                    realmIdentity.dispose();
                    for (RealmIdentity realmIdentity2 : realmIdentityArr) {
                        if (realmIdentity2 != null) {
                            realmIdentity2.dispose();
                        }
                    }
                }
                throw th;
            }
        }
        Identity identity = new Identity(realmIdentity, realmIdentityArr);
        z = true;
        if (1 == 0) {
            realmIdentity.dispose();
            for (RealmIdentity realmIdentity3 : realmIdentityArr) {
                if (realmIdentity3 != null) {
                    realmIdentity3.dispose();
                }
            }
        }
        return identity;
    }

    @Override // org.wildfly.security.auth.server.SecurityRealm
    public RealmIdentity getRealmIdentity(Principal principal) throws RealmUnavailableException {
        boolean z = false;
        RealmIdentity realmIdentity = this.authenticationRealm.getRealmIdentity(principal);
        Principal principal2 = principal;
        if (this.principalTransformer != null) {
            principal2 = this.principalTransformer.apply(principal2);
            if (principal2 == null) {
                throw ElytronMessages.log.transformedPrincipalCannotBeNull();
            }
        }
        RealmIdentity[] realmIdentityArr = new RealmIdentity[this.authorizationRealms.length];
        for (int i = 0; i < realmIdentityArr.length; i++) {
            try {
                SecurityRealm securityRealm = this.authorizationRealms[i];
                realmIdentityArr[i] = (securityRealm == this.authenticationRealm && this.principalTransformer == null) ? realmIdentity : securityRealm.getRealmIdentity(principal2);
            } catch (Throwable th) {
                if (!z) {
                    realmIdentity.dispose();
                    for (RealmIdentity realmIdentity2 : realmIdentityArr) {
                        if (realmIdentity2 != null) {
                            realmIdentity2.dispose();
                        }
                    }
                }
                throw th;
            }
        }
        Identity identity = new Identity(realmIdentity, realmIdentityArr);
        z = true;
        if (1 == 0) {
            realmIdentity.dispose();
            for (RealmIdentity realmIdentity3 : realmIdentityArr) {
                if (realmIdentity3 != null) {
                    realmIdentity3.dispose();
                }
            }
        }
        return identity;
    }

    @Override // org.wildfly.security.auth.server.SecurityRealm
    public SupportLevel getCredentialAcquireSupport(Class<? extends Credential> cls, String str, AlgorithmParameterSpec algorithmParameterSpec) throws RealmUnavailableException {
        return this.authenticationRealm.getCredentialAcquireSupport(cls, str, algorithmParameterSpec);
    }

    @Override // org.wildfly.security.auth.server.SecurityRealm
    public SupportLevel getEvidenceVerifySupport(Class<? extends Evidence> cls, String str) throws RealmUnavailableException {
        return this.authenticationRealm.getEvidenceVerifySupport(cls, str);
    }

    @Override // org.wildfly.security.auth.server.SecurityRealm
    public void handleRealmEvent(RealmEvent realmEvent) {
        if (realmEvent instanceof RealmAuthenticationEvent) {
            this.authenticationRealm.handleRealmEvent(realmEvent);
            return;
        }
        if (realmEvent instanceof RealmAuthorizationEvent) {
            for (SecurityRealm securityRealm : this.authorizationRealms) {
                SecurityRealm.safeHandleRealmEvent(securityRealm, realmEvent);
            }
            return;
        }
        SecurityRealm.safeHandleRealmEvent(this.authenticationRealm, realmEvent);
        for (SecurityRealm securityRealm2 : this.authorizationRealms) {
            SecurityRealm.safeHandleRealmEvent(securityRealm2, realmEvent);
        }
    }
}
