package org.wildfly.security.sasl.util;

import java.security.GeneralSecurityException;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
import java.util.Map;
import javax.net.ssl.X509KeyManager;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.sasl.SaslException;
import javax.security.sasl.SaslServer;
import javax.security.sasl.SaslServerFactory;
import org.wildfly.common.Assert;
import org.wildfly.security.FixedSecurityFactory;
import org.wildfly.security.SecurityFactory;
import org.wildfly.security.auth.callback.ServerCredentialCallback;
import org.wildfly.security.credential.X509CertificateChainPrivateCredential;

/* JADX WARN: Classes with same name are omitted:
  input_file:WEB-INF/lib/wildfly-elytron-sasl-1.15.3.Final.jar:org/wildfly/security/sasl/util/KeyManagerCredentialSaslServerFactory.class
 */
/* loaded from: input_file:WEB-INF/lib/wildfly-elytron-1.15.3.Final.jar:org/wildfly/security/sasl/util/KeyManagerCredentialSaslServerFactory.class */
public final class KeyManagerCredentialSaslServerFactory extends AbstractDelegatingSaslServerFactory {
    private final SecurityFactory<X509KeyManager> keyManagerFactory;

    public KeyManagerCredentialSaslServerFactory(SaslServerFactory saslServerFactory, X509KeyManager x509KeyManager) {
        super(saslServerFactory);
        Assert.checkNotNullParam("keyManager", x509KeyManager);
        this.keyManagerFactory = new FixedSecurityFactory(x509KeyManager);
    }

    @Override // org.wildfly.security.sasl.util.AbstractDelegatingSaslServerFactory
    public SaslServer createSaslServer(String str, String str2, String str3, Map<String, ?> map, CallbackHandler callbackHandler) throws SaslException {
        return this.delegate.createSaslServer(str, str2, str3, map, callbackArr -> {
            String chooseServerAlias;
            ArrayList arrayList = new ArrayList(Arrays.asList(callbackArr));
            Iterator it = arrayList.iterator();
            while (it.hasNext()) {
                Callback callback = (Callback) it.next();
                if (callback instanceof ServerCredentialCallback) {
                    try {
                        X509KeyManager create = this.keyManagerFactory.create();
                        ServerCredentialCallback serverCredentialCallback = (ServerCredentialCallback) callback;
                        String algorithm = serverCredentialCallback.getAlgorithm();
                        if (algorithm != null && serverCredentialCallback.isCredentialTypeSupported(X509CertificateChainPrivateCredential.class, algorithm) && (chooseServerAlias = create.chooseServerAlias(algorithm, null, null)) != null) {
                            X509Certificate[] certificateChain = create.getCertificateChain(chooseServerAlias);
                            PrivateKey privateKey = create.getPrivateKey(chooseServerAlias);
                            if (certificateChain != null && certificateChain.length != 0) {
                                serverCredentialCallback.setCredential(new X509CertificateChainPrivateCredential(privateKey, certificateChain));
                                it.remove();
                            }
                        }
                    } catch (GeneralSecurityException e) {
                        throw new SaslException(e.getMessage(), e);
                    }
                }
            }
            if (arrayList.isEmpty()) {
                return;
            }
            callbackHandler.handle((Callback[]) arrayList.toArray(new Callback[arrayList.size()]));
        });
    }
}
