package org.wildfly.extension.elytron;

import java.util.Properties;
import javax.net.ssl.SSLContext;
import org.jboss.as.controller.AbstractAddStepHandler;
import org.jboss.as.controller.AttributeDefinition;
import org.jboss.as.controller.ObjectTypeAttributeDefinition;
import org.jboss.as.controller.OperationContext;
import org.jboss.as.controller.OperationFailedException;
import org.jboss.as.controller.OperationStepHandler;
import org.jboss.as.controller.PathElement;
import org.jboss.as.controller.SimpleAttributeDefinition;
import org.jboss.as.controller.SimpleAttributeDefinitionBuilder;
import org.jboss.as.controller.SimpleResourceDefinition;
import org.jboss.as.controller.capability.RuntimeCapability;
import org.jboss.as.controller.operations.validation.EnumValidator;
import org.jboss.as.controller.registry.ManagementResourceRegistration;
import org.jboss.as.controller.registry.OperationEntry;
import org.jboss.as.controller.security.CredentialReference;
import org.jboss.dmr.ModelNode;
import org.jboss.dmr.ModelType;
import org.jboss.dmr.Property;
import org.jboss.modules.Module;
import org.jboss.modules.ModuleIdentifier;
import org.jboss.modules.ModuleLoadException;
import org.jboss.msc.service.ServiceBuilder;
import org.jboss.msc.service.ServiceController;
import org.jboss.msc.service.ServiceName;
import org.jboss.msc.value.InjectedValue;
import org.wildfly.common.function.ExceptionSupplier;
import org.wildfly.extension.elytron.TrivialService;
import org.wildfly.extension.elytron._private.ElytronSubsystemMessages;
import org.wildfly.extension.elytron.capabilities._private.DirContextSupplier;
import org.wildfly.security.auth.client.AuthenticationContext;
import org.wildfly.security.auth.realm.ldap.DirContextFactory;
import org.wildfly.security.auth.realm.ldap.SimpleDirContextFactoryBuilder;
import org.wildfly.security.credential.source.CredentialSource;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:m2repo/org/wildfly/core/wildfly-elytron-integration/7.0.0.Final/wildfly-elytron-integration-7.0.0.Final.jar:org/wildfly/extension/elytron/DirContextDefinition.class */
public class DirContextDefinition extends SimpleResourceDefinition {
    public static final String CONNECTION_POOLING_PROPERTY = "com.sun.jndi.ldap.connect.pool";
    static final SimpleAttributeDefinition URL = new SimpleAttributeDefinitionBuilder("url", ModelType.STRING, false).setAllowExpression(true).setRestartAllServices().build();
    static final SimpleAttributeDefinition AUTHENTICATION_LEVEL = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.AUTHENTICATION_LEVEL, ModelType.STRING, true).setDefaultValue(new ModelNode("simple")).setAllowExpression(true).setRestartAllServices().build();
    static final SimpleAttributeDefinition PRINCIPAL = new SimpleAttributeDefinitionBuilder("principal", ModelType.STRING, true).setAllowExpression(true).setAlternatives("authentication-context").setRestartAllServices().build();
    static final ObjectTypeAttributeDefinition CREDENTIAL_REFERENCE = CredentialReference.getAttributeBuilder(true, true).setAlternatives("authentication-context").build();
    static final SimpleAttributeDefinition ENABLE_CONNECTION_POOLING = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.ENABLE_CONNECTION_POOLING, ModelType.BOOLEAN, true).setDefaultValue(new ModelNode(false)).setAllowExpression(true).setRestartAllServices().build();
    static final SimpleAttributeDefinition REFERRAL_MODE = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.REFERRAL_MODE, ModelType.STRING, true).setDefaultValue(new ModelNode(DirContextFactory.ReferralMode.IGNORE.name())).setAllowedValues(DirContextFactory.ReferralMode.FOLLOW.name(), DirContextFactory.ReferralMode.IGNORE.name(), DirContextFactory.ReferralMode.THROW.name()).setValidator(EnumValidator.create(DirContextFactory.ReferralMode.class, true, true)).setAllowExpression(true).setRestartAllServices().build();
    static final SimpleAttributeDefinition AUTHENTICATION_CONTEXT = new SimpleAttributeDefinitionBuilder("authentication-context", ModelType.STRING, true).setAllowExpression(false).setRestartAllServices().setCapabilityReference("org.wildfly.security.authentication-context", "org.wildfly.security.dir-context").setAlternatives("credential-reference", "ssl-context", "principal").build();
    static final SimpleAttributeDefinition SSL_CONTEXT = new SimpleAttributeDefinitionBuilder("ssl-context", ModelType.STRING, true).setAllowExpression(false).setRestartAllServices().setCapabilityReference("org.wildfly.security.ssl-context", "org.wildfly.security.dir-context").setAlternatives("authentication-context").build();
    static final SimpleAttributeDefinition CONNECTION_TIMEOUT = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.CONNECTION_TIMEOUT, ModelType.INT, true).setAllowExpression(true).setRestartAllServices().build();
    static final SimpleAttributeDefinition READ_TIMEOUT = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.READ_TIMEOUT, ModelType.INT, true).setAllowExpression(true).setRestartAllServices().build();
    static final SimpleAttributeDefinition MODULE = new SimpleAttributeDefinitionBuilder("module", ModelType.STRING, true).setAllowExpression(true).setRestartAllServices().build();
    static final AttributeDefinition[] ATTRIBUTES = {URL, AUTHENTICATION_LEVEL, PRINCIPAL, CREDENTIAL_REFERENCE, ENABLE_CONNECTION_POOLING, REFERRAL_MODE, AUTHENTICATION_CONTEXT, SSL_CONTEXT, CONNECTION_TIMEOUT, READ_TIMEOUT, CommonAttributes.PROPERTIES, MODULE};
    private static final AbstractAddStepHandler ADD = new BaseAddHandler(Capabilities.DIR_CONTEXT_RUNTIME_CAPABILITY, ATTRIBUTES) { // from class: org.wildfly.extension.elytron.DirContextDefinition.1
        /* JADX INFO: Access modifiers changed from: protected */
        @Override // org.jboss.as.controller.AbstractAddStepHandler
        public void performRuntime(OperationContext operationContext, ModelNode modelNode, ModelNode modelNode2) throws OperationFailedException {
            ServiceName capabilityServiceName = Capabilities.DIR_CONTEXT_RUNTIME_CAPABILITY.fromBaseCapability(operationContext.getCurrentAddressValue()).getCapabilityServiceName(DirContextSupplier.class);
            InjectedValue injectedValue = new InjectedValue();
            InjectedValue injectedValue2 = new InjectedValue();
            InjectedValue injectedValue3 = new InjectedValue();
            ServiceBuilder addService = operationContext.getServiceTarget().addService(capabilityServiceName, new TrivialService(DirContextDefinition.obtainDirContextSupplier(operationContext, modelNode2, injectedValue, injectedValue2, injectedValue3)));
            String asStringOrNull = DirContextDefinition.SSL_CONTEXT.resolveModelAttribute(operationContext, modelNode2).asStringOrNull();
            if (asStringOrNull != null) {
                addService.addDependency(operationContext.getCapabilityServiceName(RuntimeCapability.buildDynamicCapabilityName("org.wildfly.security.ssl-context", asStringOrNull), SSLContext.class), SSLContext.class, injectedValue3);
            }
            if (DirContextDefinition.CREDENTIAL_REFERENCE.resolveModelAttribute(operationContext, modelNode2).isDefined()) {
                injectedValue.inject(CredentialReference.getCredentialSourceSupplier(operationContext, DirContextDefinition.CREDENTIAL_REFERENCE, modelNode2, addService));
            }
            String asStringOrNull2 = DirContextDefinition.AUTHENTICATION_CONTEXT.resolveModelAttribute(operationContext, modelNode2).asStringOrNull();
            if (asStringOrNull2 != null) {
                addService.addDependency(operationContext.getCapabilityServiceName(RuntimeCapability.buildDynamicCapabilityName("org.wildfly.security.authentication-context", asStringOrNull2), AuthenticationContext.class), AuthenticationContext.class, injectedValue2);
            }
            addService.setInitialMode(ServiceController.Mode.ACTIVE).install();
        }
    };
    private static final OperationStepHandler REMOVE = new TrivialCapabilityServiceRemoveHandler(ADD, Capabilities.DIR_CONTEXT_RUNTIME_CAPABILITY);

    /* JADX INFO: Access modifiers changed from: package-private */
    public DirContextDefinition() {
        super(new SimpleResourceDefinition.Parameters(PathElement.pathElement(ElytronDescriptionConstants.DIR_CONTEXT), ElytronExtension.getResourceDescriptionResolver(ElytronDescriptionConstants.DIR_CONTEXT)).setAddHandler(ADD).setRemoveHandler(REMOVE).setAddRestartLevel(OperationEntry.Flag.RESTART_RESOURCE_SERVICES).setRemoveRestartLevel(OperationEntry.Flag.RESTART_RESOURCE_SERVICES).setCapabilities(Capabilities.DIR_CONTEXT_RUNTIME_CAPABILITY));
    }

    @Override // org.jboss.as.controller.SimpleResourceDefinition, org.jboss.as.controller.ResourceDefinition
    public void registerAttributes(ManagementResourceRegistration managementResourceRegistration) {
        ElytronReloadRequiredWriteAttributeHandler elytronReloadRequiredWriteAttributeHandler = new ElytronReloadRequiredWriteAttributeHandler(ATTRIBUTES);
        for (AttributeDefinition attributeDefinition : ATTRIBUTES) {
            managementResourceRegistration.registerReadWriteAttribute(attributeDefinition, null, elytronReloadRequiredWriteAttributeHandler);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static TrivialService.ValueSupplier<DirContextSupplier> obtainDirContextSupplier(OperationContext operationContext, ModelNode modelNode, InjectedValue<ExceptionSupplier<CredentialSource, Exception>> injectedValue, InjectedValue<AuthenticationContext> injectedValue2, InjectedValue<SSLContext> injectedValue3) throws OperationFailedException {
        String asString = URL.resolveModelAttribute(operationContext, modelNode).asString();
        String asString2 = AUTHENTICATION_LEVEL.resolveModelAttribute(operationContext, modelNode).asString();
        String asStringOrNull = PRINCIPAL.resolveModelAttribute(operationContext, modelNode).asStringOrNull();
        String asString3 = modelNode.hasDefined(MODULE.getName()) ? MODULE.resolveModelAttribute(operationContext, modelNode).asString() : null;
        Module module = null;
        if (asString3 != null && !"".equals(asString3)) {
            try {
                module = Module.getCallerModule().getModule(ModuleIdentifier.create(asString3));
            } catch (ModuleLoadException e) {
                throw ElytronSubsystemMessages.ROOT_LOGGER.unableToLoadModule(asString3, e);
            }
        }
        Module module2 = module;
        Properties properties = new Properties();
        properties.put(CONNECTION_POOLING_PROPERTY, ENABLE_CONNECTION_POOLING.resolveModelAttribute(operationContext, modelNode).asString());
        ModelNode resolveModelAttribute = CommonAttributes.PROPERTIES.resolveModelAttribute(operationContext, modelNode);
        if (resolveModelAttribute.isDefined()) {
            for (Property property : resolveModelAttribute.asPropertyList()) {
                properties.put(property.getName(), property.getValue().asString());
            }
        }
        ModelNode resolveModelAttribute2 = CONNECTION_TIMEOUT.resolveModelAttribute(operationContext, modelNode);
        ModelNode resolveModelAttribute3 = READ_TIMEOUT.resolveModelAttribute(operationContext, modelNode);
        DirContextFactory.ReferralMode valueOf = DirContextFactory.ReferralMode.valueOf(REFERRAL_MODE.resolveModelAttribute(operationContext, modelNode).asString().toUpperCase());
        return () -> {
            SimpleDirContextFactoryBuilder connectionProperties = SimpleDirContextFactoryBuilder.builder().setProviderUrl(asString).setSecurityAuthentication(asString2).setConnectionProperties(properties);
            if (asStringOrNull != null) {
                connectionProperties.setSecurityPrincipal(asStringOrNull);
            }
            ExceptionSupplier exceptionSupplier = (ExceptionSupplier) injectedValue.getOptionalValue();
            if (exceptionSupplier != null) {
                try {
                    connectionProperties.setCredentialSource((CredentialSource) exceptionSupplier.get());
                } catch (Exception e2) {
                    throw ElytronSubsystemMessages.ROOT_LOGGER.dirContextPasswordCannotBeResolved(e2);
                }
            }
            AuthenticationContext authenticationContext = (AuthenticationContext) injectedValue2.getOptionalValue();
            if (authenticationContext != null) {
                connectionProperties.setAuthenticationContext(authenticationContext);
            }
            SSLContext sSLContext = (SSLContext) injectedValue3.getOptionalValue();
            if (sSLContext != null) {
                connectionProperties.setSocketFactory(sSLContext.getSocketFactory());
            }
            if (resolveModelAttribute2.isDefined()) {
                connectionProperties.setConnectTimeout(resolveModelAttribute2.asInt());
            }
            if (resolveModelAttribute3.isDefined()) {
                connectionProperties.setReadTimeout(resolveModelAttribute3.asInt());
            }
            if (module2 != null) {
                connectionProperties.setModule(module2);
            }
            DirContextFactory build = connectionProperties.build();
            return () -> {
                return build.obtainDirContext(valueOf);
            };
        };
    }
}
