package org.jboss.as.connector.security;

import java.security.AccessController;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import javax.security.auth.Subject;
import org.jboss.jca.core.spi.security.SecurityContext;
import org.wildfly.clustering.ejb.BeanManagerFactoryServiceConfiguratorConfiguration;
import org.wildfly.security.auth.server.SecurityIdentity;
import org.wildfly.security.manager.WildFlySecurityManager;

/* loaded from: input_file:m2repo/org/wildfly/wildfly-connector/18.0.1.Final/wildfly-connector-18.0.1.Final.jar:org/jboss/as/connector/security/ElytronSecurityContext.class */
public class ElytronSecurityContext implements SecurityContext {
    private Subject authenticatedSubject;

    @Override // org.jboss.jca.core.spi.security.SecurityContext
    public Subject getAuthenticatedSubject() {
        return this.authenticatedSubject;
    }

    @Override // org.jboss.jca.core.spi.security.SecurityContext
    public void setAuthenticatedSubject(Subject subject) {
        this.authenticatedSubject = subject;
    }

    @Override // org.jboss.jca.core.spi.security.SecurityContext
    public String[] getRoles() {
        if (this.authenticatedSubject == null) {
            return new String[0];
        }
        Set privateCredentials = getPrivateCredentials(SecurityIdentity.class);
        HashSet hashSet = new HashSet();
        Iterator it = privateCredentials.iterator();
        while (it.hasNext()) {
            Iterator<String> it2 = ((SecurityIdentity) it.next()).getRoles(BeanManagerFactoryServiceConfiguratorConfiguration.DEFAULT_CONTAINER_NAME).iterator();
            while (it2.hasNext()) {
                hashSet.add(it2.next());
            }
        }
        return (String[]) hashSet.toArray(new String[hashSet.size()]);
    }

    public void runWork(Runnable runnable) {
        if (this.authenticatedSubject != null) {
            Set privateCredentials = getPrivateCredentials(SecurityIdentity.class);
            if (!privateCredentials.isEmpty()) {
                ((SecurityIdentity) privateCredentials.iterator().next()).runAs(runnable);
                return;
            }
        }
        runnable.run();
    }

    protected <T> Set<T> getPrivateCredentials(Class<T> cls) {
        return !WildFlySecurityManager.isChecking() ? this.authenticatedSubject.getPrivateCredentials(cls) : (Set) AccessController.doPrivileged(() -> {
            return this.authenticatedSubject.getPrivateCredentials(cls);
        });
    }
}
