package org.jboss.as.domain.management.security;

import java.io.IOException;
import java.util.Collections;
import java.util.LinkedList;
import java.util.Map;
import java.util.Set;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.sasl.AuthorizeCallback;
import javax.security.sasl.RealmCallback;
import org.jboss.as.domain.management.AuthMechanism;
import org.jboss.as.domain.management.RealmConfigurationConstants;
import org.jboss.as.domain.management.SecurityRealm;
import org.jboss.as.domain.management.logging.DomainManagementLogger;
import org.jboss.dmr.ModelNode;
import org.jboss.msc.service.Service;
import org.jboss.msc.service.ServiceName;
import org.jboss.msc.service.StartContext;
import org.jboss.msc.service.StartException;
import org.jboss.msc.service.StopContext;

/* loaded from: input_file:org/jboss/as/domain/management/security/UserDomainCallbackHandler.class */
public class UserDomainCallbackHandler implements Service<CallbackHandlerService>, CallbackHandlerService, CallbackHandler {
    private static final String SERVICE_SUFFIX = "users";
    private final String realm;
    private volatile ModelNode userDomain;

    /* loaded from: input_file:org/jboss/as/domain/management/security/UserDomainCallbackHandler$ServiceUtil.class */
    public static final class ServiceUtil {
        private ServiceUtil() {
        }

        public static ServiceName createServiceName(String str) {
            return SecurityRealm.ServiceUtil.createServiceName(str).append("users");
        }
    }

    public UserDomainCallbackHandler(String str, ModelNode modelNode) {
        this.realm = str;
        setUserDomain(modelNode);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setUserDomain(ModelNode modelNode) {
        this.userDomain = (modelNode == null || !modelNode.isDefined()) ? new ModelNode().setEmptyObject() : modelNode.m1469clone();
    }

    @Override // org.jboss.as.domain.management.security.CallbackHandlerService
    public AuthMechanism getPreferredMechanism() {
        return AuthMechanism.DIGEST;
    }

    @Override // org.jboss.as.domain.management.security.CallbackHandlerService
    public Set<AuthMechanism> getSupplementaryMechanisms() {
        return Collections.singleton(AuthMechanism.PLAIN);
    }

    @Override // org.jboss.as.domain.management.security.CallbackHandlerService
    public Map<String, String> getConfigurationOptions() {
        return Collections.singletonMap(RealmConfigurationConstants.DIGEST_PLAIN_TEXT, Boolean.TRUE.toString());
    }

    @Override // org.jboss.as.domain.management.security.CallbackHandlerService
    public boolean isReadyForHttpChallenge() {
        return true;
    }

    @Override // org.jboss.as.domain.management.security.CallbackHandlerService
    public CallbackHandler getCallbackHandler(Map<String, Object> map) {
        return this;
    }

    @Override // org.jboss.msc.service.Service
    public void start(StartContext startContext) throws StartException {
    }

    @Override // org.jboss.msc.service.Service
    public void stop(StopContext stopContext) {
    }

    @Override // org.jboss.msc.value.Value
    public UserDomainCallbackHandler getValue() throws IllegalStateException, IllegalArgumentException {
        return this;
    }

    @Override // javax.security.auth.callback.CallbackHandler
    public void handle(Callback[] callbackArr) throws IOException, UnsupportedCallbackException {
        ModelNode modelNode = this.userDomain;
        LinkedList<AuthorizeCallback> linkedList = new LinkedList();
        String str = null;
        ModelNode modelNode2 = null;
        for (Callback callback : callbackArr) {
            if (callback instanceof AuthorizeCallback) {
                linkedList.add(callback);
            } else if (callback instanceof NameCallback) {
                str = ((NameCallback) callback).getDefaultName();
                if (modelNode.get("user").hasDefined(str)) {
                    modelNode2 = modelNode.get("user", str);
                }
            } else if (callback instanceof PasswordCallback) {
                linkedList.add(callback);
            } else {
                if (!(callback instanceof RealmCallback)) {
                    throw new UnsupportedCallbackException(callback);
                }
                String defaultText = ((RealmCallback) callback).getDefaultText();
                if (!this.realm.equals(defaultText)) {
                    throw DomainManagementLogger.ROOT_LOGGER.invalidRealm(defaultText, this.realm);
                }
            }
        }
        for (AuthorizeCallback authorizeCallback : linkedList) {
            if (authorizeCallback instanceof AuthorizeCallback) {
                AuthorizeCallback authorizeCallback2 = authorizeCallback;
                boolean equals = authorizeCallback2.getAuthenticationID().equals(authorizeCallback2.getAuthorizationID());
                if (!equals) {
                    DomainManagementLogger.SECURITY_LOGGER.tracef("Checking 'AuthorizeCallback', authorized=false, authenticationID=%s, authorizationID=%s.", authorizeCallback2.getAuthenticationID(), authorizeCallback2.getAuthorizationID());
                }
                authorizeCallback2.setAuthorized(equals);
            } else if (!(authorizeCallback instanceof PasswordCallback)) {
                continue;
            } else {
                if (modelNode2 == null) {
                    DomainManagementLogger.SECURITY_LOGGER.tracef("User '%s' not found.", str);
                    throw new UserNotFoundException(str);
                }
                ((PasswordCallback) authorizeCallback).setPassword(modelNode2.require("password").asString().toCharArray());
            }
        }
    }
}
