package org.infinispan.server.configuration.security;

import java.security.GeneralSecurityException;
import java.util.EnumSet;
import java.util.function.Consumer;
import java.util.function.Supplier;
import javax.net.ssl.SSLContext;
import org.infinispan.commons.CacheConfigurationException;
import org.infinispan.commons.configuration.Builder;
import org.infinispan.commons.configuration.attributes.AttributeSet;
import org.infinispan.commons.util.SslContextFactory;
import org.infinispan.server.security.ServerSecurityRealm;
import org.infinispan.server.security.realm.CachingModifiableSecurityRealm;
import org.infinispan.server.security.realm.CachingSecurityRealm;
import org.wildfly.security.auth.permission.LoginPermission;
import org.wildfly.security.auth.realm.CacheableSecurityRealm;
import org.wildfly.security.auth.server.ModifiableSecurityRealm;
import org.wildfly.security.auth.server.SecurityDomain;
import org.wildfly.security.auth.server.SecurityRealm;
import org.wildfly.security.cache.LRURealmIdentityCache;
import org.wildfly.security.cache.RealmIdentityCache;
import org.wildfly.security.permission.PermissionVerifier;
import org.wildfly.security.ssl.SSLContextBuilder;

/* loaded from: input_file:org/infinispan/server/configuration/security/RealmConfigurationBuilder.class */
public class RealmConfigurationBuilder implements Builder<RealmConfiguration> {
    private final RealmsConfigurationBuilder realmsBuilder;
    private RealmIdentityCache cache;
    private final SecurityDomain.Builder domainBuilder = SecurityDomain.builder();
    private final ServerIdentitiesConfigurationBuilder serverIdentitiesConfiguration = new ServerIdentitiesConfigurationBuilder(this);
    private final FileSystemRealmConfigurationBuilder fileSystemConfiguration = new FileSystemRealmConfigurationBuilder(this);
    private final LdapRealmConfigurationBuilder ldapConfiguration = new LdapRealmConfigurationBuilder(this);
    private final LocalRealmConfigurationBuilder localConfiguration = new LocalRealmConfigurationBuilder();
    private final TokenRealmConfigurationBuilder tokenConfiguration = new TokenRealmConfigurationBuilder(this);
    private final TrustStoreRealmConfigurationBuilder trustStoreConfiguration = new TrustStoreRealmConfigurationBuilder(this);
    private final PropertiesRealmConfigurationBuilder propertiesRealmConfiguration = new PropertiesRealmConfigurationBuilder(this);
    private SSLContext sslContext = null;
    private SSLContextBuilder sslContextBuilder = null;
    private Supplier<Boolean> httpChallengeReadiness = () -> {
        return true;
    };
    private ServerSecurityRealm serverSecurityRealm = null;
    private EnumSet<ServerSecurityRealm.Feature> features = EnumSet.noneOf(ServerSecurityRealm.Feature.class);
    private final AttributeSet attributes = RealmConfiguration.attributeDefinitionSet();

    /* JADX INFO: Access modifiers changed from: package-private */
    public RealmConfigurationBuilder(String str, RealmsConfigurationBuilder realmsConfigurationBuilder) {
        this.realmsBuilder = realmsConfigurationBuilder;
        this.domainBuilder.setPermissionMapper((permissionMappable, roles) -> {
            return PermissionVerifier.from(new LoginPermission());
        });
        this.attributes.attribute(RealmConfiguration.NAME).set(str);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public RealmsConfigurationBuilder realmsBuilder() {
        return this.realmsBuilder;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SSLContextBuilder sslContextBuilder() {
        if (this.sslContextBuilder == null) {
            this.sslContextBuilder = new SSLContextBuilder();
        }
        return this.sslContextBuilder;
    }

    SecurityDomain.Builder domainBuilder() {
        return this.domainBuilder;
    }

    public RealmConfigurationBuilder cacheMaxSize(int i) {
        this.attributes.attribute(RealmConfiguration.CACHE_MAX_SIZE).set(Integer.valueOf(i));
        return this;
    }

    public RealmConfigurationBuilder cacheLifespan(long j) {
        this.attributes.attribute(RealmConfiguration.CACHE_LIFESPAN).set(Long.valueOf(j));
        return this;
    }

    public FileSystemRealmConfigurationBuilder fileSystemConfiguration() {
        return this.fileSystemConfiguration;
    }

    public LdapRealmConfigurationBuilder ldapConfiguration() {
        return this.ldapConfiguration;
    }

    public LocalRealmConfigurationBuilder localConfiguration() {
        return this.localConfiguration;
    }

    public TokenRealmConfigurationBuilder tokenConfiguration() {
        return this.tokenConfiguration;
    }

    public TrustStoreRealmConfigurationBuilder trustStoreConfiguration() {
        return this.trustStoreConfiguration;
    }

    public ServerIdentitiesConfigurationBuilder serverIdentitiesConfiguration() {
        return this.serverIdentitiesConfiguration;
    }

    public PropertiesRealmConfigurationBuilder propertiesRealm() {
        return this.propertiesRealmConfiguration;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setHttpChallengeReadiness(Supplier<Boolean> supplier) {
        this.httpChallengeReadiness = supplier;
    }

    public void validate() {
        this.fileSystemConfiguration.validate();
        this.ldapConfiguration.validate();
        this.localConfiguration.validate();
        this.tokenConfiguration.validate();
        this.trustStoreConfiguration.validate();
        this.serverIdentitiesConfiguration.validate();
        this.propertiesRealmConfiguration.validate();
    }

    /* renamed from: create, reason: merged with bridge method [inline-methods] */
    public RealmConfiguration m79create() {
        return new RealmConfiguration(this.attributes.protect(), this.fileSystemConfiguration.m53create(), this.ldapConfiguration.m69create(), this.localConfiguration.m73create(), this.tokenConfiguration.m91create(), this.trustStoreConfiguration.m93create(), this.serverIdentitiesConfiguration.m89create(), this.propertiesRealmConfiguration.m77create());
    }

    public RealmConfigurationBuilder read(RealmConfiguration realmConfiguration) {
        this.attributes.read(realmConfiguration.attributes());
        this.fileSystemConfiguration.read(realmConfiguration.fileSystemConfiguration());
        this.ldapConfiguration.read(realmConfiguration.ldapConfiguration());
        this.localConfiguration.read(realmConfiguration.localConfiguration());
        this.tokenConfiguration.read(realmConfiguration.tokenConfiguration());
        this.trustStoreConfiguration.read(realmConfiguration.trustStoreConfiguration());
        this.serverIdentitiesConfiguration.read(realmConfiguration.serverIdentitiesConfiguration());
        this.propertiesRealmConfiguration.read(realmConfiguration.propertiesRealm());
        return this;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public ServerSecurityRealm getServerSecurityRealm() {
        if (this.serverSecurityRealm == null) {
            this.serverSecurityRealm = new ServerSecurityRealm((String) this.attributes.attribute(RealmConfiguration.NAME).get(), this.domainBuilder.build(), this.httpChallengeReadiness, this.serverIdentitiesConfiguration.m89create(), this.features);
        }
        return this.serverSecurityRealm;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SSLContext getSSLContext() {
        if (this.sslContextBuilder == null) {
            return null;
        }
        if (this.sslContext == null) {
            if (this.features.contains(ServerSecurityRealm.Feature.TRUST)) {
                this.sslContextBuilder.setSecurityDomain(this.serverSecurityRealm.getSecurityDomain());
            }
            this.sslContextBuilder.setWrap(false);
            String sslProvider = SslContextFactory.getSslProvider();
            if (sslProvider != null) {
                this.sslContextBuilder.setProviderName(sslProvider);
            }
            try {
                this.sslContext = (SSLContext) this.sslContextBuilder.build().create();
            } catch (GeneralSecurityException e) {
                throw new CacheConfigurationException(e);
            }
        }
        return this.sslContext;
    }

    public void addFeature(ServerSecurityRealm.Feature feature) {
        this.features.add(feature);
    }

    private SecurityRealm cacheable(SecurityRealm securityRealm) {
        int intValue = ((Integer) this.attributes.attribute(RealmConfiguration.CACHE_MAX_SIZE).get()).intValue();
        if (intValue <= 0 || !(securityRealm instanceof CacheableSecurityRealm)) {
            return securityRealm;
        }
        if (this.cache == null) {
            this.cache = new LRURealmIdentityCache(intValue, ((Long) this.attributes.attribute(RealmConfiguration.CACHE_LIFESPAN).get()).longValue());
        }
        return securityRealm instanceof ModifiableSecurityRealm ? new CachingModifiableSecurityRealm((CacheableSecurityRealm) securityRealm, this.cache) : new CachingSecurityRealm((CacheableSecurityRealm) securityRealm, this.cache);
    }

    public void addRealm(String str, SecurityRealm securityRealm) {
        addRealm(str, securityRealm, null);
    }

    public void addRealm(String str, SecurityRealm securityRealm, Consumer<SecurityDomain.RealmBuilder> consumer) {
        SecurityDomain.RealmBuilder addRealm = this.domainBuilder.addRealm(str, cacheable(securityRealm));
        if (consumer != null) {
            consumer.accept(addRealm);
        }
        addRealm.build();
        if (this.domainBuilder.getDefaultRealmName() == null) {
            this.domainBuilder.setDefaultRealmName(str);
        }
    }
}
