package org.infinispan.server.endpoint.subsystem;

import java.util.Map;
import org.infinispan.server.core.security.AuthorizingCallbackHandler;
import org.infinispan.server.core.security.ServerAuthenticationProvider;
import org.infinispan.server.endpoint.subsystem.security.ElytronCallbackHandlers;
import org.infinispan.server.endpoint.subsystem.security.JBossSaslCallbackHandlers;
import org.jboss.as.domain.management.AuthMechanism;
import org.jboss.as.domain.management.SecurityRealm;

/* loaded from: input_file:org/infinispan/server/endpoint/subsystem/EndpointServerAuthenticationProvider.class */
public class EndpointServerAuthenticationProvider implements ServerAuthenticationProvider {
    private static final String SASL_OPT_REALM_PROPERTY = "com.sun.security.sasl.digest.realm";
    private static final String JBOSS_SASL_OPT_PRE_DIGESTED_PROPERTY = "org.jboss.sasl.digest.pre_digested";
    private static final String ELYTRON_SASL_OPT_PRE_DIGESTED_PROPERTY = "org.wildfly.security.sasl.digest.pre_digested";
    private static final String DIGEST_MD5 = "DIGEST-MD5";
    private static final String EXTERNAL = "EXTERNAL";
    private static final String GSSAPI = "GSSAPI";
    private static final String PLAIN = "PLAIN";
    private final SecurityRealm realm;
    private final boolean elytron;

    /* JADX INFO: Access modifiers changed from: package-private */
    public EndpointServerAuthenticationProvider(SecurityRealm securityRealm, boolean z) {
        this.realm = securityRealm;
        this.elytron = z;
    }

    public AuthorizingCallbackHandler getCallbackHandler(String str, Map<String, String> map) {
        if (GSSAPI.equals(str)) {
            return this.elytron ? new ElytronCallbackHandlers.GSSAPIEndpointAuthorizingCallbackHandler(this.realm) : new JBossSaslCallbackHandlers.GSSAPIEndpointAuthorizingCallbackHandler(this.realm);
        }
        if (PLAIN.equals(str)) {
            return getAuthCallbackHandler(AuthMechanism.PLAIN);
        }
        if (!DIGEST_MD5.equals(str)) {
            if (EXTERNAL.equals(str)) {
                return getAuthCallbackHandler(AuthMechanism.CLIENT_CERT);
            }
            throw new IllegalArgumentException("Unsupported mech " + str);
        }
        Map mechanismConfig = this.realm.getMechanismConfig(AuthMechanism.DIGEST);
        boolean z = true;
        if (mechanismConfig.containsKey("org.jboss.as.domain.management.digest.plain_text")) {
            z = Boolean.parseBoolean((String) mechanismConfig.get("org.jboss.as.domain.management.digest.plain_text"));
        }
        String str2 = map.get(SASL_OPT_REALM_PROPERTY);
        if (this.elytron) {
            map.put(ELYTRON_SASL_OPT_PRE_DIGESTED_PROPERTY, Boolean.toString(z));
            return new ElytronCallbackHandlers.RealmAuthorizingCallbackHandler(this.realm.getAuthorizingCallbackHandler(AuthMechanism.DIGEST), str2 == null ? new String[]{this.realm.getName()} : str2.split(" "));
        }
        if (str2 == null) {
            map.put(SASL_OPT_REALM_PROPERTY, this.realm.getName());
        }
        if (!z) {
            map.put(JBOSS_SASL_OPT_PRE_DIGESTED_PROPERTY, "true");
        }
        return getAuthCallbackHandler(AuthMechanism.DIGEST);
    }

    private AuthorizingCallbackHandler getAuthCallbackHandler(AuthMechanism authMechanism) {
        org.jboss.as.domain.management.AuthorizingCallbackHandler authorizingCallbackHandler = this.realm.getAuthorizingCallbackHandler(authMechanism);
        return this.elytron ? new ElytronCallbackHandlers.RealmAuthorizingCallbackHandler(authorizingCallbackHandler) : new JBossSaslCallbackHandlers.RealmAuthorizingCallbackHandler(authorizingCallbackHandler);
    }
}
