package org.jboss.as.domain.management.operations;

import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import org.jboss.as.controller.AbstractAddStepHandler;
import org.jboss.as.controller.OperationContext;
import org.jboss.as.controller.OperationFailedException;
import org.jboss.as.controller.PathAddress;
import org.jboss.as.controller.ServiceVerificationHandler;
import org.jboss.as.controller.descriptions.DescriptionProvider;
import org.jboss.as.controller.descriptions.common.ManagementDescription;
import org.jboss.as.domain.management.CallbackHandlerFactory;
import org.jboss.as.domain.management.connections.ConnectionManager;
import org.jboss.as.domain.management.security.DomainCallbackHandler;
import org.jboss.as.domain.management.security.LdapConnectionManagerService;
import org.jboss.as.domain.management.security.PropertiesCallbackHandler;
import org.jboss.as.domain.management.security.SSLIdentityService;
import org.jboss.as.domain.management.security.SecretIdentityService;
import org.jboss.as.domain.management.security.SecurityRealmService;
import org.jboss.as.domain.management.security.UserDomainCallbackHandler;
import org.jboss.as.domain.management.security.UserLdapCallbackHandler;
import org.jboss.dmr.ModelNode;
import org.jboss.dmr.Property;
import org.jboss.msc.service.ServiceBuilder;
import org.jboss.msc.service.ServiceController;
import org.jboss.msc.service.ServiceName;
import org.jboss.msc.service.ServiceTarget;

/* loaded from: input_file:org/jboss/as/domain/management/operations/SecurityRealmAddHandler.class */
public class SecurityRealmAddHandler extends AbstractAddStepHandler implements DescriptionProvider {
    public static final SecurityRealmAddHandler INSTANCE = new SecurityRealmAddHandler();
    public static final String OPERATION_NAME = "add";

    protected void populateModel(ModelNode modelNode, ModelNode modelNode2) {
        ModelNode modelNode3 = modelNode.hasDefined("authentication") ? modelNode.get("authentication") : null;
        ModelNode modelNode4 = modelNode.hasDefined("server-identities") ? modelNode.get("server-identities") : null;
        if (modelNode4 != null) {
            modelNode2.get("server-identities").set(modelNode4);
        }
        if (modelNode3 != null) {
            modelNode2.get("authentication").set(modelNode3);
        }
    }

    protected boolean requiresRuntime(OperationContext operationContext) {
        return operationContext.getType() == OperationContext.Type.SERVER || operationContext.getType() == OperationContext.Type.HOST;
    }

    protected void performRuntime(OperationContext operationContext, ModelNode modelNode, ModelNode modelNode2, ServiceVerificationHandler serviceVerificationHandler, List<ServiceController<?>> list) throws OperationFailedException {
        String value = PathAddress.pathAddress(modelNode.get("address")).getLastElement().getValue();
        ModelNode modelNode3 = modelNode.hasDefined("authentication") ? modelNode.get("authentication") : null;
        ModelNode modelNode4 = modelNode.hasDefined("server-identities") ? modelNode.get("server-identities") : null;
        ServiceTarget serviceTarget = operationContext.getServiceTarget();
        SecurityRealmService securityRealmService = new SecurityRealmService(value);
        ServiceName append = SecurityRealmService.BASE_SERVICE_NAME.append(new String[]{value});
        ServiceBuilder addService = serviceTarget.addService(append, securityRealmService);
        ServiceName serviceName = null;
        if (modelNode3 != null) {
            if (modelNode3.hasDefined(UserLdapCallbackHandler.SERVICE_SUFFIX)) {
                serviceName = addLdapService(modelNode3.require(UserLdapCallbackHandler.SERVICE_SUFFIX), append, serviceTarget, list);
            } else if (modelNode3.hasDefined(PropertiesCallbackHandler.SERVICE_SUFFIX)) {
                serviceName = addPropertiesService(modelNode3.require(PropertiesCallbackHandler.SERVICE_SUFFIX), append, value, serviceTarget, list);
            } else if (modelNode3.hasDefined(UserDomainCallbackHandler.SERVICE_SUFFIX)) {
                serviceName = addUsersService(operationContext, modelNode3.require(UserDomainCallbackHandler.SERVICE_SUFFIX), append, value, serviceTarget, list);
            }
        }
        if (serviceName != null) {
            addService.addDependency(serviceName, DomainCallbackHandler.class, securityRealmService.getCallbackHandlerInjector());
        }
        if (modelNode4 != null) {
            if (modelNode4.hasDefined(SSLIdentityService.SERVICE_SUFFIX)) {
                addService.addDependency(addSSLService(operationContext, modelNode4.require(SSLIdentityService.SERVICE_SUFFIX), append, serviceTarget, list), SSLIdentityService.class, securityRealmService.getSSLIdentityInjector());
            }
            if (modelNode4.hasDefined(SecretIdentityService.SERVICE_SUFFIX)) {
                addService.addDependency(addSecretService(modelNode4.require(SecretIdentityService.SERVICE_SUFFIX), append, serviceTarget, list), CallbackHandlerFactory.class, securityRealmService.getSecretCallbackFactory());
            }
        }
        list.add(addService.setInitialMode(ServiceController.Mode.ON_DEMAND).install());
    }

    public ModelNode getModelDescription(Locale locale) {
        return ManagementDescription.getAddManagementSecurityRealmDescription(locale);
    }

    protected boolean requiresRuntimeVerification() {
        return false;
    }

    private ServiceName addLdapService(ModelNode modelNode, ServiceName serviceName, ServiceTarget serviceTarget, List<ServiceController<?>> list) {
        ServiceName append = serviceName.append(new String[]{UserLdapCallbackHandler.SERVICE_SUFFIX});
        UserLdapCallbackHandler userLdapCallbackHandler = new UserLdapCallbackHandler(modelNode);
        ServiceBuilder addService = serviceTarget.addService(append, userLdapCallbackHandler);
        addService.addDependency(LdapConnectionManagerService.BASE_SERVICE_NAME.append(new String[]{modelNode.require("connection").asString()}), ConnectionManager.class, userLdapCallbackHandler.getConnectionManagerInjector());
        list.add(addService.setInitialMode(ServiceController.Mode.ON_DEMAND).install());
        return append;
    }

    private ServiceName addPropertiesService(ModelNode modelNode, ServiceName serviceName, String str, ServiceTarget serviceTarget, List<ServiceController<?>> list) {
        ServiceName append = serviceName.append(new String[]{PropertiesCallbackHandler.SERVICE_SUFFIX});
        PropertiesCallbackHandler propertiesCallbackHandler = new PropertiesCallbackHandler(str, modelNode);
        ServiceBuilder addService = serviceTarget.addService(append, propertiesCallbackHandler);
        if (modelNode.hasDefined("relative-to")) {
            addService.addDependency(pathName(modelNode.get("relative-to").asString()), String.class, propertiesCallbackHandler.getRelativeToInjector());
        }
        list.add(addService.setInitialMode(ServiceController.Mode.ON_DEMAND).install());
        return append;
    }

    private ServiceName addSSLService(OperationContext operationContext, ModelNode modelNode, ServiceName serviceName, ServiceTarget serviceTarget, List<ServiceController<?>> list) throws OperationFailedException {
        ServiceName append = serviceName.append(new String[]{SSLIdentityService.SERVICE_SUFFIX});
        SSLIdentityService sSLIdentityService = new SSLIdentityService(modelNode, unmaskSslKeystorePassword(operationContext, modelNode));
        ServiceBuilder addService = serviceTarget.addService(append, sSLIdentityService);
        if (modelNode.hasDefined("keystore") && modelNode.get("keystore").hasDefined("relative-to")) {
            addService.addDependency(pathName(modelNode.get(new String[]{"keystore", "relative-to"}).asString()), String.class, sSLIdentityService.getRelativeToInjector());
        }
        list.add(addService.setInitialMode(ServiceController.Mode.ON_DEMAND).install());
        return append;
    }

    private ServiceName addSecretService(ModelNode modelNode, ServiceName serviceName, ServiceTarget serviceTarget, List<ServiceController<?>> list) {
        ServiceName append = serviceName.append(new String[]{SecretIdentityService.SERVICE_SUFFIX});
        serviceTarget.addService(append, new SecretIdentityService(modelNode.require("value").asString())).setInitialMode(ServiceController.Mode.ON_DEMAND).install();
        return append;
    }

    private ServiceName addUsersService(OperationContext operationContext, ModelNode modelNode, ServiceName serviceName, String str, ServiceTarget serviceTarget, List<ServiceController<?>> list) throws OperationFailedException {
        ServiceName append = serviceName.append(new String[]{UserDomainCallbackHandler.SERVICE_SUFFIX});
        list.add(serviceTarget.addService(append, new UserDomainCallbackHandler(str, unmaskUsersPasswords(operationContext, modelNode))).setInitialMode(ServiceController.Mode.ON_DEMAND).install());
        return append;
    }

    private static ServiceName pathName(String str) {
        return ServiceName.JBOSS.append(new String[]{"server", "path", str});
    }

    private String unmaskSslKeystorePassword(OperationContext operationContext, ModelNode modelNode) throws OperationFailedException {
        if (modelNode.hasDefined("keystore") && modelNode.hasDefined("password")) {
            return operationContext.resolveExpressions(modelNode.get(new String[]{"keystore", "password"})).asString();
        }
        return null;
    }

    private ModelNode unmaskUsersPasswords(OperationContext operationContext, ModelNode modelNode) throws OperationFailedException {
        ModelNode clone = modelNode.clone();
        Iterator it = clone.get("user").asPropertyList().iterator();
        while (it.hasNext()) {
            ModelNode value = ((Property) it.next()).getValue();
            if (value.hasDefined("password")) {
                value.set("password", operationContext.resolveExpressions(value.get("password")).asString());
            }
        }
        return clone;
    }
}
