package org.wildfly.security.auth.client;

import java.io.IOException;
import java.security.GeneralSecurityException;
import java.util.Iterator;
import java.util.Set;
import java.util.function.Predicate;
import java.util.function.Supplier;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import org.jboss.as.controller.PathElement;
import org.wildfly.security.auth.callback.CredentialCallback;
import org.wildfly.security.auth.server.IdentityCredentials;
import org.wildfly.security.credential.Credential;
import org.wildfly.security.credential.PasswordCredential;
import org.wildfly.security.password.PasswordFactory;
import org.wildfly.security.password.TwoWayPassword;
import org.wildfly.security.password.interfaces.ClearPassword;
import org.wildfly.security.password.spec.ClearPasswordSpec;
import org.wildfly.security.sasl.util.SaslMechanismInformation;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:org/wildfly/security/auth/client/SetCredentialsConfiguration.class */
public class SetCredentialsConfiguration extends AuthenticationConfiguration {
    private static final Predicate<String> ALWAYS_MATCH_PREDICATE = str -> {
        return true;
    };
    private final Supplier<IdentityCredentials> credentialsSupplier;
    private final Predicate<String> matchPredicate;

    /* JADX INFO: Access modifiers changed from: package-private */
    public SetCredentialsConfiguration(AuthenticationConfiguration authenticationConfiguration, Supplier<IdentityCredentials> supplier, Predicate<String> predicate) {
        super(authenticationConfiguration.without(SetCallbackHandlerAuthenticationConfiguration.class).without(SetAnonymousAuthenticationConfiguration.class).without(SetPasswordCallbackHandlerAuthenticationConfiguration.class), predicate != null);
        this.credentialsSupplier = supplier;
        this.matchPredicate = predicate == null ? ALWAYS_MATCH_PREDICATE : predicate;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SetCredentialsConfiguration(AuthenticationConfiguration authenticationConfiguration, Supplier<IdentityCredentials> supplier) {
        this(authenticationConfiguration, supplier, ALWAYS_MATCH_PREDICATE);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // org.wildfly.security.auth.client.AuthenticationConfiguration
    public void handleCallback(Callback[] callbackArr, int i) throws UnsupportedCallbackException, IOException {
        Callback callback = callbackArr[i];
        if (callback instanceof CredentialCallback) {
            CredentialCallback credentialCallback = (CredentialCallback) callback;
            Credential credential = this.credentialsSupplier.get().getCredential(credentialCallback.getCredentialType(), credentialCallback.getAlgorithm());
            if (credential != null && credentialCallback.isCredentialSupported(credential)) {
                credentialCallback.setCredential(credential);
                return;
            }
        } else if (callback instanceof PasswordCallback) {
            PasswordCallback passwordCallback = (PasswordCallback) callback;
            if (this.matchPredicate.test(passwordCallback.getPrompt())) {
                TwoWayPassword twoWayPassword = (TwoWayPassword) this.credentialsSupplier.get().applyToCredential(PasswordCredential.class, ClearPassword.ALGORITHM_CLEAR, passwordCredential -> {
                    return (TwoWayPassword) passwordCredential.getPassword(TwoWayPassword.class);
                });
                if (twoWayPassword instanceof ClearPassword) {
                    passwordCallback.setPassword(((ClearPassword) twoWayPassword).getPassword());
                    return;
                } else if (twoWayPassword != null) {
                    try {
                        PasswordFactory passwordFactory = PasswordFactory.getInstance(twoWayPassword.getAlgorithm());
                        passwordCallback.setPassword(((ClearPasswordSpec) passwordFactory.getKeySpec(passwordFactory.translate(twoWayPassword), ClearPasswordSpec.class)).getEncodedPassword());
                        return;
                    } catch (GeneralSecurityException e) {
                    }
                }
            }
        }
        super.handleCallback(callbackArr, i);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // org.wildfly.security.auth.client.AuthenticationConfiguration
    public boolean filterOneSaslMechanism(String str) {
        Set<Class<? extends Credential>> supportedClientCredentialTypes = SaslMechanismInformation.getSupportedClientCredentialTypes(str);
        IdentityCredentials identityCredentials = this.credentialsSupplier.get();
        for (Class<? extends Credential> cls : supportedClientCredentialTypes) {
            Set<String> supportedClientCredentialAlgorithms = SaslMechanismInformation.getSupportedClientCredentialAlgorithms(str, cls);
            if (!supportedClientCredentialAlgorithms.contains(PathElement.WILDCARD_VALUE)) {
                Iterator<String> it = supportedClientCredentialAlgorithms.iterator();
                while (it.hasNext()) {
                    if (identityCredentials.getCredentialAcquireSupport(cls, it.next()).mayBeSupported()) {
                        return true;
                    }
                }
            } else if (identityCredentials.getCredentialAcquireSupport(cls, null).mayBeSupported()) {
                return true;
            }
        }
        return super.filterOneSaslMechanism(str);
    }

    @Override // org.wildfly.security.auth.client.AuthenticationConfiguration
    AuthenticationConfiguration reparent(AuthenticationConfiguration authenticationConfiguration) {
        return new SetCredentialsConfiguration(authenticationConfiguration, this.credentialsSupplier, this.matchPredicate);
    }
}
