package org.wildfly.extension.elytron;

import java.util.Arrays;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import javax.naming.InvalidNameException;
import javax.naming.directory.BasicAttribute;
import javax.naming.directory.BasicAttributes;
import javax.naming.directory.DirContext;
import javax.naming.ldap.LdapName;
import org.jboss.as.controller.AbstractAddStepHandler;
import org.jboss.as.controller.AttributeDefinition;
import org.jboss.as.controller.ObjectListAttributeDefinition;
import org.jboss.as.controller.ObjectTypeAttributeDefinition;
import org.jboss.as.controller.OperationContext;
import org.jboss.as.controller.OperationFailedException;
import org.jboss.as.controller.OperationStepHandler;
import org.jboss.as.controller.PathAddress;
import org.jboss.as.controller.PathElement;
import org.jboss.as.controller.RestartParentWriteAttributeHandler;
import org.jboss.as.controller.SimpleAttributeDefinition;
import org.jboss.as.controller.SimpleAttributeDefinitionBuilder;
import org.jboss.as.controller.SimpleResourceDefinition;
import org.jboss.as.controller.StringListAttributeDefinition;
import org.jboss.as.controller.capability.RuntimeCapability;
import org.jboss.as.controller.registry.AttributeAccess;
import org.jboss.as.controller.registry.ManagementResourceRegistration;
import org.jboss.as.controller.registry.OperationEntry;
import org.jboss.dmr.ModelNode;
import org.jboss.dmr.ModelType;
import org.jboss.msc.service.ServiceBuilder;
import org.jboss.msc.service.ServiceController;
import org.jboss.msc.service.ServiceName;
import org.jboss.msc.service.ServiceTarget;
import org.jboss.msc.value.InjectedValue;
import org.wildfly.common.function.ExceptionSupplier;
import org.wildfly.security.auth.realm.ldap.AttributeMapping;
import org.wildfly.security.auth.realm.ldap.LdapSecurityRealmBuilder;
import org.wildfly.security.auth.server.SecurityRealm;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:org/wildfly/extension/elytron/LdapRealmDefinition.class */
public class LdapRealmDefinition extends SimpleResourceDefinition {
    static List<CredentialMappingObjectDefinition> CREDENTIAL_MAPPERS = Arrays.asList(new UserPasswordCredentialMappingObjectDefinition(), new OtpCredentialMappingObjectDefinition(), new X509CredentialMappingObjectDefinition());
    static final SimpleAttributeDefinition DIR_CONTEXT = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.DIR_CONTEXT, ModelType.STRING, false).setAllowExpression(true).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_RESOURCE_SERVICES}).setCapabilityReference("org.wildfly.security.dir-context", "org.wildfly.security.security-realm", true).build();
    static final SimpleAttributeDefinition DIRECT_VERIFICATION = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.DIRECT_VERIFICATION, ModelType.BOOLEAN, true).setDefaultValue(new ModelNode(false)).setAllowExpression(true).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_RESOURCE_SERVICES}).build();
    static final AttributeDefinition[] ATTRIBUTES = {IdentityMappingObjectDefinition.OBJECT_DEFINITION, DIR_CONTEXT, DIRECT_VERIFICATION};
    private static final AbstractAddStepHandler ADD = new RealmAddHandler();
    private static final OperationStepHandler REMOVE = new TrivialCapabilityServiceRemoveHandler(ADD, Capabilities.MODIFIABLE_SECURITY_REALM_RUNTIME_CAPABILITY, Capabilities.SECURITY_REALM_RUNTIME_CAPABILITY);
    private static final OperationStepHandler WRITE = new WriteAttributeHandler();

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/wildfly/extension/elytron/LdapRealmDefinition$AttributeMappingObjectDefinition.class */
    public static class AttributeMappingObjectDefinition {
        static final SimpleAttributeDefinition FROM = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.FROM, ModelType.STRING, false).setAlternatives(new String[]{ElytronDescriptionConstants.FILTER}).setAllowExpression(true).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_RESOURCE_SERVICES}).build();
        static final SimpleAttributeDefinition TO = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.TO, ModelType.STRING, true).setRequires(new String[]{ElytronDescriptionConstants.FROM}).setAllowExpression(true).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_RESOURCE_SERVICES}).build();
        static final SimpleAttributeDefinition FILTER = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.FILTER, ModelType.STRING, true).setRequires(new String[]{ElytronDescriptionConstants.TO}).setAlternatives(new String[]{ElytronDescriptionConstants.FROM}).setAllowExpression(true).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_RESOURCE_SERVICES}).build();
        static final SimpleAttributeDefinition FILTER_BASE_DN = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.FILTER_BASE_DN, ModelType.STRING, true).setRequires(new String[]{ElytronDescriptionConstants.FILTER}).setAllowExpression(true).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_RESOURCE_SERVICES}).build();
        static final SimpleAttributeDefinition AS_RDN = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.AS_RDN, ModelType.STRING, true).setAllowExpression(true).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_RESOURCE_SERVICES}).build();
        static final SimpleAttributeDefinition[] ATTRIBUTES = {FROM, TO, FILTER, FILTER_BASE_DN, AS_RDN};
        static final ObjectTypeAttributeDefinition OBJECT_DEFINITION = new ObjectTypeAttributeDefinition.Builder(ElytronDescriptionConstants.ATTRIBUTE, ATTRIBUTES).build();

        AttributeMappingObjectDefinition() {
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/wildfly/extension/elytron/LdapRealmDefinition$CredentialMappingObjectDefinition.class */
    public interface CredentialMappingObjectDefinition {
        void configure(LdapSecurityRealmBuilder ldapSecurityRealmBuilder, OperationContext operationContext, ModelNode modelNode) throws OperationFailedException;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/wildfly/extension/elytron/LdapRealmDefinition$IdentityMappingObjectDefinition.class */
    public static class IdentityMappingObjectDefinition {
        static final SimpleAttributeDefinition RDN_IDENTIFIER = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.RDN_IDENTIFIER, ModelType.STRING, false).setAllowExpression(true).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_RESOURCE_SERVICES}).build();
        static final SimpleAttributeDefinition USE_RECURSIVE_SEARCH = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.USE_RECURSIVE_SEARCH, ModelType.BOOLEAN, true).setRequires(new String[]{ElytronDescriptionConstants.SEARCH_BASE_DN}).setDefaultValue(new ModelNode(false)).setAllowExpression(true).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_RESOURCE_SERVICES}).build();
        static final SimpleAttributeDefinition SEARCH_BASE_DN = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.SEARCH_BASE_DN, ModelType.STRING, true).setRequires(new String[]{ElytronDescriptionConstants.RDN_IDENTIFIER}).setAllowExpression(true).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_RESOURCE_SERVICES}).build();
        static final ObjectListAttributeDefinition ATTRIBUTE_MAPPINGS = new ObjectListAttributeDefinition.Builder(ElytronDescriptionConstants.ATTRIBUTE_MAPPING, AttributeMappingObjectDefinition.OBJECT_DEFINITION).setAllowNull(true).setAttributeGroup(ElytronDescriptionConstants.ATTRIBUTE).setAllowDuplicates(true).build();
        static final ObjectListAttributeDefinition NEW_IDENTITY_ATTRIBUTES = new ObjectListAttributeDefinition.Builder(ElytronDescriptionConstants.NEW_IDENTITY_ATTRIBUTES, NewIdentityAttributeObjectDefinition.OBJECT_DEFINITION).setAllowNull(true).setAllowDuplicates(true).build();
        static final SimpleAttributeDefinition FILTER_NAME = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.FILTER_NAME, ModelType.STRING, true).setAllowExpression(true).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_RESOURCE_SERVICES}).build();
        static final SimpleAttributeDefinition ITERATOR_FILTER = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.ITERATOR_FILTER, ModelType.STRING, true).setAllowExpression(true).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_RESOURCE_SERVICES}).build();
        static final SimpleAttributeDefinition NEW_IDENTITY_PARENT_DN = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.NEW_IDENTITY_PARENT_DN, ModelType.STRING, true).setAllowExpression(true).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_RESOURCE_SERVICES}).build();
        static final AttributeDefinition[] ATTRIBUTES = {RDN_IDENTIFIER, USE_RECURSIVE_SEARCH, SEARCH_BASE_DN, ATTRIBUTE_MAPPINGS, FILTER_NAME, ITERATOR_FILTER, NEW_IDENTITY_PARENT_DN, NEW_IDENTITY_ATTRIBUTES};
        static final ObjectTypeAttributeDefinition OBJECT_DEFINITION = new ObjectTypeAttributeDefinition.Builder(ElytronDescriptionConstants.IDENTITY_MAPPING, new AttributeDefinition[]{RDN_IDENTIFIER, USE_RECURSIVE_SEARCH, SEARCH_BASE_DN, ATTRIBUTE_MAPPINGS, FILTER_NAME, ITERATOR_FILTER, NEW_IDENTITY_PARENT_DN, NEW_IDENTITY_ATTRIBUTES, UserPasswordCredentialMappingObjectDefinition.OBJECT_DEFINITION, OtpCredentialMappingObjectDefinition.OBJECT_DEFINITION, X509CredentialMappingObjectDefinition.OBJECT_DEFINITION}).setAllowNull(false).build();

        IdentityMappingObjectDefinition() {
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/wildfly/extension/elytron/LdapRealmDefinition$NewIdentityAttributeObjectDefinition.class */
    public static class NewIdentityAttributeObjectDefinition {
        static final SimpleAttributeDefinition NAME = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.NAME, ModelType.STRING, false).setAllowExpression(true).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_RESOURCE_SERVICES}).build();
        static final StringListAttributeDefinition VALUE = new StringListAttributeDefinition.Builder(ElytronDescriptionConstants.VALUE).setAllowExpression(true).setMinSize(1).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_RESOURCE_SERVICES}).build();
        static final AttributeDefinition[] ATTRIBUTES = {NAME, VALUE};
        static final ObjectTypeAttributeDefinition OBJECT_DEFINITION = new ObjectTypeAttributeDefinition.Builder(ElytronDescriptionConstants.ATTRIBUTE, ATTRIBUTES).build();

        NewIdentityAttributeObjectDefinition() {
        }
    }

    /* loaded from: input_file:org/wildfly/extension/elytron/LdapRealmDefinition$OtpCredentialMappingObjectDefinition.class */
    static class OtpCredentialMappingObjectDefinition implements CredentialMappingObjectDefinition {
        static final SimpleAttributeDefinition ALGORITHM_FROM = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.ALGORITHM_FROM, ModelType.STRING, false).setAllowExpression(true).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_RESOURCE_SERVICES}).build();
        static final SimpleAttributeDefinition HASH_FROM = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.HASH_FROM, ModelType.STRING, false).setAllowExpression(true).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_RESOURCE_SERVICES}).build();
        static final SimpleAttributeDefinition SEED_FROM = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.SEED_FROM, ModelType.STRING, false).setAllowExpression(true).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_RESOURCE_SERVICES}).build();
        static final SimpleAttributeDefinition SEQUENCE_FROM = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.SEQUENCE_FROM, ModelType.STRING, false).setAllowExpression(true).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_RESOURCE_SERVICES}).build();
        static final AttributeDefinition[] ATTRIBUTES = {ALGORITHM_FROM, HASH_FROM, SEED_FROM, SEQUENCE_FROM};
        static final ObjectTypeAttributeDefinition OBJECT_DEFINITION = new ObjectTypeAttributeDefinition.Builder(ElytronDescriptionConstants.OTP_CREDENTIAL_MAPPER, ATTRIBUTES).build();

        OtpCredentialMappingObjectDefinition() {
        }

        @Override // org.wildfly.extension.elytron.LdapRealmDefinition.CredentialMappingObjectDefinition
        public void configure(LdapSecurityRealmBuilder ldapSecurityRealmBuilder, OperationContext operationContext, ModelNode modelNode) throws OperationFailedException {
            ModelNode resolveModelAttribute = OBJECT_DEFINITION.resolveModelAttribute(operationContext, modelNode);
            if (resolveModelAttribute.isDefined()) {
                String asString = ALGORITHM_FROM.resolveModelAttribute(operationContext, resolveModelAttribute).asString();
                String asString2 = HASH_FROM.resolveModelAttribute(operationContext, resolveModelAttribute).asString();
                String asString3 = SEED_FROM.resolveModelAttribute(operationContext, resolveModelAttribute).asString();
                String asString4 = SEQUENCE_FROM.resolveModelAttribute(operationContext, resolveModelAttribute).asString();
                LdapSecurityRealmBuilder.OtpCredentialLoaderBuilder otpCredentialLoader = ldapSecurityRealmBuilder.otpCredentialLoader();
                if (asString != null) {
                    otpCredentialLoader.setOtpAlgorithmAttribute(asString);
                }
                if (asString2 != null) {
                    otpCredentialLoader.setOtpHashAttribute(asString2);
                }
                if (asString3 != null) {
                    otpCredentialLoader.setOtpSeedAttribute(asString3);
                }
                if (asString4 != null) {
                    otpCredentialLoader.setOtpSequenceAttribute(asString4);
                }
                otpCredentialLoader.build();
            }
        }
    }

    /* loaded from: input_file:org/wildfly/extension/elytron/LdapRealmDefinition$RealmAddHandler.class */
    private static class RealmAddHandler extends BaseAddHandler {
        private RealmAddHandler() {
            super(new HashSet(Arrays.asList(Capabilities.MODIFIABLE_SECURITY_REALM_RUNTIME_CAPABILITY, Capabilities.SECURITY_REALM_RUNTIME_CAPABILITY)), LdapRealmDefinition.ATTRIBUTES);
        }

        protected void performRuntime(OperationContext operationContext, ModelNode modelNode, ModelNode modelNode2) throws OperationFailedException {
            ServiceTarget serviceTarget = operationContext.getServiceTarget();
            String currentAddressValue = operationContext.getCurrentAddressValue();
            ServiceName capabilityServiceName = Capabilities.MODIFIABLE_SECURITY_REALM_RUNTIME_CAPABILITY.fromBaseCapability(currentAddressValue).getCapabilityServiceName();
            ServiceName capabilityServiceName2 = Capabilities.SECURITY_REALM_RUNTIME_CAPABILITY.fromBaseCapability(currentAddressValue).getCapabilityServiceName();
            LdapSecurityRealmBuilder builder = LdapSecurityRealmBuilder.builder();
            if (LdapRealmDefinition.DIRECT_VERIFICATION.resolveModelAttribute(operationContext, modelNode2).asBoolean()) {
                builder.addDirectEvidenceVerification();
            }
            builder.getClass();
            ServiceBuilder<SecurityRealm> addAliases = serviceTarget.addService(capabilityServiceName, new TrivialService(builder::build)).addAliases(new ServiceName[]{capabilityServiceName2});
            ElytronDefinition.commonDependencies(addAliases);
            configureIdentityMapping(operationContext, modelNode2, builder);
            configureDirContext(operationContext, modelNode2, builder, addAliases);
            addAliases.setInitialMode(ServiceController.Mode.ACTIVE).install();
        }

        private void configureDirContext(OperationContext operationContext, ModelNode modelNode, LdapSecurityRealmBuilder ldapSecurityRealmBuilder, ServiceBuilder<SecurityRealm> serviceBuilder) throws OperationFailedException {
            ServiceName capabilityServiceName = operationContext.getCapabilityServiceName(RuntimeCapability.buildDynamicCapabilityName("org.wildfly.security.dir-context", ElytronExtension.asStringIfDefined(operationContext, LdapRealmDefinition.DIR_CONTEXT, modelNode)), ExceptionSupplier.class);
            InjectedValue injectedValue = new InjectedValue();
            serviceBuilder.addDependency(capabilityServiceName, ExceptionSupplier.class, injectedValue);
            ldapSecurityRealmBuilder.setDirContextSupplier(() -> {
                return (DirContext) ((ExceptionSupplier) injectedValue.getValue()).get();
            });
        }

        private void configureIdentityMapping(OperationContext operationContext, ModelNode modelNode, LdapSecurityRealmBuilder ldapSecurityRealmBuilder) throws OperationFailedException {
            ModelNode resolveModelAttribute = IdentityMappingObjectDefinition.OBJECT_DEFINITION.resolveModelAttribute(operationContext, modelNode);
            LdapSecurityRealmBuilder.IdentityMappingBuilder identityMapping = ldapSecurityRealmBuilder.identityMapping();
            identityMapping.setRdnIdentifier(IdentityMappingObjectDefinition.RDN_IDENTIFIER.resolveModelAttribute(operationContext, resolveModelAttribute).asString());
            ModelNode resolveModelAttribute2 = IdentityMappingObjectDefinition.SEARCH_BASE_DN.resolveModelAttribute(operationContext, resolveModelAttribute);
            if (resolveModelAttribute2.isDefined()) {
                identityMapping.setSearchDn(resolveModelAttribute2.asString());
            }
            if (IdentityMappingObjectDefinition.USE_RECURSIVE_SEARCH.resolveModelAttribute(operationContext, resolveModelAttribute).asBoolean()) {
                identityMapping.searchRecursive();
            }
            Iterator<CredentialMappingObjectDefinition> it = LdapRealmDefinition.CREDENTIAL_MAPPERS.iterator();
            while (it.hasNext()) {
                it.next().configure(ldapSecurityRealmBuilder, operationContext, resolveModelAttribute);
            }
            ModelNode resolveModelAttribute3 = IdentityMappingObjectDefinition.ATTRIBUTE_MAPPINGS.resolveModelAttribute(operationContext, resolveModelAttribute);
            if (resolveModelAttribute3.isDefined()) {
                for (ModelNode modelNode2 : resolveModelAttribute3.asList()) {
                    ModelNode resolveModelAttribute4 = AttributeMappingObjectDefinition.FROM.resolveModelAttribute(operationContext, modelNode2);
                    ModelNode resolveModelAttribute5 = AttributeMappingObjectDefinition.FILTER.resolveModelAttribute(operationContext, modelNode2);
                    ModelNode resolveModelAttribute6 = AttributeMappingObjectDefinition.FILTER_BASE_DN.resolveModelAttribute(operationContext, modelNode2);
                    AttributeMapping fromFilter = resolveModelAttribute6.isDefined() ? AttributeMapping.fromFilter(resolveModelAttribute6.asString(), resolveModelAttribute5.asString(), resolveModelAttribute4.asString()) : resolveModelAttribute5.isDefined() ? AttributeMapping.fromFilter(resolveModelAttribute5.asString(), resolveModelAttribute4.asString()) : AttributeMapping.from(resolveModelAttribute4.asString());
                    ModelNode resolveModelAttribute7 = AttributeMappingObjectDefinition.TO.resolveModelAttribute(operationContext, modelNode2);
                    if (resolveModelAttribute7.isDefined()) {
                        fromFilter.to(resolveModelAttribute7.asString());
                    }
                    ModelNode resolveModelAttribute8 = AttributeMappingObjectDefinition.AS_RDN.resolveModelAttribute(operationContext, modelNode2);
                    if (resolveModelAttribute8.isDefined()) {
                        fromFilter.asRdn(resolveModelAttribute8.asString());
                    }
                    identityMapping.map(new AttributeMapping[]{fromFilter});
                }
            }
            ModelNode resolveModelAttribute9 = IdentityMappingObjectDefinition.FILTER_NAME.resolveModelAttribute(operationContext, resolveModelAttribute);
            if (resolveModelAttribute9.isDefined()) {
                identityMapping.setFilterName(resolveModelAttribute9.asString());
            }
            ModelNode resolveModelAttribute10 = IdentityMappingObjectDefinition.ITERATOR_FILTER.resolveModelAttribute(operationContext, resolveModelAttribute);
            if (resolveModelAttribute10.isDefined()) {
                identityMapping.setIteratorFilter(resolveModelAttribute10.asString());
            }
            ModelNode resolveModelAttribute11 = IdentityMappingObjectDefinition.NEW_IDENTITY_PARENT_DN.resolveModelAttribute(operationContext, resolveModelAttribute);
            if (resolveModelAttribute11.isDefined()) {
                try {
                    identityMapping.setNewIdentityParent(new LdapName(resolveModelAttribute11.asString()));
                } catch (InvalidNameException e) {
                    throw new OperationFailedException(e);
                }
            }
            ModelNode resolveModelAttribute12 = IdentityMappingObjectDefinition.NEW_IDENTITY_ATTRIBUTES.resolveModelAttribute(operationContext, resolveModelAttribute);
            if (resolveModelAttribute12.isDefined()) {
                BasicAttributes basicAttributes = new BasicAttributes(true);
                for (ModelNode modelNode3 : resolveModelAttribute12.asList()) {
                    ModelNode resolveModelAttribute13 = NewIdentityAttributeObjectDefinition.NAME.resolveModelAttribute(operationContext, modelNode3);
                    ModelNode resolveModelAttribute14 = NewIdentityAttributeObjectDefinition.VALUE.resolveModelAttribute(operationContext, modelNode3);
                    if (resolveModelAttribute14.getType() == ModelType.LIST) {
                        BasicAttribute basicAttribute = new BasicAttribute(resolveModelAttribute13.asString());
                        Iterator it2 = resolveModelAttribute14.asList().iterator();
                        while (it2.hasNext()) {
                            basicAttribute.add(((ModelNode) it2.next()).asString());
                        }
                        basicAttributes.put(basicAttribute);
                    } else {
                        basicAttributes.put(new BasicAttribute(resolveModelAttribute13.asString(), resolveModelAttribute14.asString()));
                    }
                }
                identityMapping.setNewIdentityAttributes(basicAttributes);
            }
            identityMapping.build();
        }
    }

    /* loaded from: input_file:org/wildfly/extension/elytron/LdapRealmDefinition$UserPasswordCredentialMappingObjectDefinition.class */
    static class UserPasswordCredentialMappingObjectDefinition implements CredentialMappingObjectDefinition {
        static final SimpleAttributeDefinition FROM = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.FROM, ModelType.STRING, false).setAllowExpression(true).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_RESOURCE_SERVICES}).build();
        static final SimpleAttributeDefinition WRITABLE = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.WRITABLE, ModelType.BOOLEAN, true).setDefaultValue(new ModelNode(false)).setAllowExpression(true).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_RESOURCE_SERVICES}).build();
        static final SimpleAttributeDefinition VERIFIABLE = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.VERIFIABLE, ModelType.BOOLEAN, true).setDefaultValue(new ModelNode(true)).setAllowExpression(true).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_RESOURCE_SERVICES}).build();
        static final AttributeDefinition[] ATTRIBUTES = {FROM, WRITABLE, VERIFIABLE};
        static final ObjectTypeAttributeDefinition OBJECT_DEFINITION = new ObjectTypeAttributeDefinition.Builder(ElytronDescriptionConstants.USER_PASSWORD_MAPPER, ATTRIBUTES).build();

        UserPasswordCredentialMappingObjectDefinition() {
        }

        @Override // org.wildfly.extension.elytron.LdapRealmDefinition.CredentialMappingObjectDefinition
        public void configure(LdapSecurityRealmBuilder ldapSecurityRealmBuilder, OperationContext operationContext, ModelNode modelNode) throws OperationFailedException {
            ModelNode resolveModelAttribute = OBJECT_DEFINITION.resolveModelAttribute(operationContext, modelNode);
            if (resolveModelAttribute.isDefined()) {
                String asString = FROM.resolveModelAttribute(operationContext, resolveModelAttribute).asString();
                boolean asBoolean = WRITABLE.resolveModelAttribute(operationContext, resolveModelAttribute).asBoolean();
                boolean asBoolean2 = VERIFIABLE.resolveModelAttribute(operationContext, resolveModelAttribute).asBoolean();
                LdapSecurityRealmBuilder.UserPasswordCredentialLoaderBuilder userPasswordCredentialLoader = ldapSecurityRealmBuilder.userPasswordCredentialLoader();
                if (asString != null) {
                    userPasswordCredentialLoader.setUserPasswordAttribute(asString);
                }
                if (asBoolean) {
                    userPasswordCredentialLoader.enablePersistence();
                }
                if (!asBoolean2) {
                    userPasswordCredentialLoader.disableVerification();
                }
                userPasswordCredentialLoader.build();
            }
        }
    }

    /* loaded from: input_file:org/wildfly/extension/elytron/LdapRealmDefinition$WriteAttributeHandler.class */
    private static class WriteAttributeHandler extends RestartParentWriteAttributeHandler {
        WriteAttributeHandler() {
            super(ElytronDescriptionConstants.LDAP_REALM, LdapRealmDefinition.ATTRIBUTES);
        }

        protected ServiceName getParentServiceName(PathAddress pathAddress) {
            return Capabilities.MODIFIABLE_SECURITY_REALM_RUNTIME_CAPABILITY.fromBaseCapability(pathAddress.getLastElement().getValue()).getCapabilityServiceName();
        }
    }

    /* loaded from: input_file:org/wildfly/extension/elytron/LdapRealmDefinition$X509CredentialMappingObjectDefinition.class */
    static class X509CredentialMappingObjectDefinition implements CredentialMappingObjectDefinition {
        static final SimpleAttributeDefinition DIGEST_FROM = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.DIGEST_FROM, ModelType.STRING, true).setAllowExpression(true).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_RESOURCE_SERVICES}).build();
        static final SimpleAttributeDefinition DIGEST_ALGORITHM = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.DIGEST_ALGORITHM, ModelType.STRING, true).setAllowExpression(true).setDefaultValue(new ModelNode("SHA-1")).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_RESOURCE_SERVICES}).build();
        static final SimpleAttributeDefinition CERTIFICATE_FROM = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.CERTIFICATE_FROM, ModelType.STRING, true).setAllowExpression(true).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_RESOURCE_SERVICES}).build();
        static final SimpleAttributeDefinition SERIAL_NUMBER_FROM = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.SERIAL_NUMBER_FROM, ModelType.STRING, true).setAllowExpression(true).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_RESOURCE_SERVICES}).build();
        static final SimpleAttributeDefinition SUBJECT_DN_FROM = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.SUBJECT_DN_FROM, ModelType.STRING, true).setAllowExpression(true).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_RESOURCE_SERVICES}).build();
        static final AttributeDefinition[] ATTRIBUTES = {DIGEST_FROM, DIGEST_ALGORITHM, CERTIFICATE_FROM, SERIAL_NUMBER_FROM, SUBJECT_DN_FROM};
        static final ObjectTypeAttributeDefinition OBJECT_DEFINITION = new ObjectTypeAttributeDefinition.Builder(ElytronDescriptionConstants.X509_CREDENTIAL_MAPPER, ATTRIBUTES).build();

        X509CredentialMappingObjectDefinition() {
        }

        @Override // org.wildfly.extension.elytron.LdapRealmDefinition.CredentialMappingObjectDefinition
        public void configure(LdapSecurityRealmBuilder ldapSecurityRealmBuilder, OperationContext operationContext, ModelNode modelNode) throws OperationFailedException {
            ModelNode resolveModelAttribute = OBJECT_DEFINITION.resolveModelAttribute(operationContext, modelNode);
            if (resolveModelAttribute.isDefined()) {
                LdapSecurityRealmBuilder.X509EvidenceVerifierBuilder x509EvidenceVerifier = ldapSecurityRealmBuilder.x509EvidenceVerifier();
                ModelNode resolveModelAttribute2 = DIGEST_FROM.resolveModelAttribute(operationContext, resolveModelAttribute);
                ModelNode resolveModelAttribute3 = DIGEST_ALGORITHM.resolveModelAttribute(operationContext, resolveModelAttribute);
                if (resolveModelAttribute2.isDefined()) {
                    x509EvidenceVerifier.addDigestCertificateVerifier(resolveModelAttribute2.asString(), resolveModelAttribute3.asString());
                }
                ModelNode resolveModelAttribute4 = CERTIFICATE_FROM.resolveModelAttribute(operationContext, resolveModelAttribute);
                if (resolveModelAttribute4.isDefined()) {
                    x509EvidenceVerifier.addEncodedCertificateVerifier(resolveModelAttribute4.asString());
                }
                ModelNode resolveModelAttribute5 = SERIAL_NUMBER_FROM.resolveModelAttribute(operationContext, resolveModelAttribute);
                if (resolveModelAttribute5.isDefined()) {
                    x509EvidenceVerifier.addSerialNumberCertificateVerifier(resolveModelAttribute5.asString());
                }
                x509EvidenceVerifier.addSubjectDnCertificateVerifier(SUBJECT_DN_FROM.resolveModelAttribute(operationContext, resolveModelAttribute).asString());
                x509EvidenceVerifier.build();
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public LdapRealmDefinition() {
        super(new SimpleResourceDefinition.Parameters(PathElement.pathElement(ElytronDescriptionConstants.LDAP_REALM), ElytronExtension.getResourceDescriptionResolver(ElytronDescriptionConstants.LDAP_REALM)).setAddHandler(ADD).setRemoveHandler(REMOVE).setAddRestartLevel(OperationEntry.Flag.RESTART_RESOURCE_SERVICES).setRemoveRestartLevel(OperationEntry.Flag.RESTART_RESOURCE_SERVICES).setCapabilities(new RuntimeCapability[]{Capabilities.MODIFIABLE_SECURITY_REALM_RUNTIME_CAPABILITY, Capabilities.SECURITY_REALM_RUNTIME_CAPABILITY}));
    }

    public void registerAttributes(ManagementResourceRegistration managementResourceRegistration) {
        for (AttributeDefinition attributeDefinition : ATTRIBUTES) {
            managementResourceRegistration.registerReadWriteAttribute(attributeDefinition, (OperationStepHandler) null, WRITE);
        }
    }
}
