package org.jboss.as.security;

import java.io.IOException;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Properties;
import javax.security.auth.login.AppConfigurationEntry;
import javax.security.auth.login.Configuration;
import javax.transaction.TransactionManager;
import org.infinispan.manager.EmbeddedCacheManager;
import org.jboss.as.clustering.infinispan.subsystem.EmbeddedCacheManagerService;
import org.jboss.as.controller.AbstractAddStepHandler;
import org.jboss.as.controller.OperationContext;
import org.jboss.as.controller.PathAddress;
import org.jboss.as.controller.ServiceVerificationHandler;
import org.jboss.as.controller.operations.common.Util;
import org.jboss.as.security.service.JaasConfigurationService;
import org.jboss.as.security.service.SecurityDomainService;
import org.jboss.as.security.service.SecurityManagementService;
import org.jboss.as.txn.TransactionManagerService;
import org.jboss.dmr.ModelNode;
import org.jboss.dmr.Property;
import org.jboss.msc.inject.InjectionException;
import org.jboss.msc.inject.Injector;
import org.jboss.msc.service.ServiceBuilder;
import org.jboss.msc.service.ServiceController;
import org.jboss.security.ISecurityManagement;
import org.jboss.security.JBossJSSESecurityDomain;
import org.jboss.security.JSSESecurityDomain;
import org.jboss.security.acl.config.ACLProviderEntry;
import org.jboss.security.audit.config.AuditProviderEntry;
import org.jboss.security.auth.container.config.AuthModuleEntry;
import org.jboss.security.auth.login.AuthenticationInfo;
import org.jboss.security.auth.login.JASPIAuthenticationInfo;
import org.jboss.security.auth.login.LoginModuleStackHolder;
import org.jboss.security.authorization.config.AuthorizationModuleEntry;
import org.jboss.security.config.ACLInfo;
import org.jboss.security.config.ApplicationPolicy;
import org.jboss.security.config.AuditInfo;
import org.jboss.security.config.AuthorizationInfo;
import org.jboss.security.config.ControlFlag;
import org.jboss.security.config.IdentityTrustInfo;
import org.jboss.security.config.MappingInfo;
import org.jboss.security.identitytrust.config.IdentityTrustModuleEntry;
import org.jboss.security.mapping.MappingType;
import org.jboss.security.mapping.config.MappingModuleEntry;
import org.jboss.security.plugins.TransactionManagerLocator;

/* loaded from: input_file:org/jboss/as/security/SecurityDomainAdd.class */
class SecurityDomainAdd extends AbstractAddStepHandler {
    static final String OPERATION_NAME = "add";
    private static final String CACHE_CONTAINER_NAME = "security";
    static final SecurityDomainAdd INSTANCE = new SecurityDomainAdd();

    /* JADX INFO: Access modifiers changed from: package-private */
    public static final ModelNode getRecreateOperation(ModelNode modelNode, ModelNode modelNode2) {
        return Util.getOperation(OPERATION_NAME, modelNode, modelNode2);
    }

    private SecurityDomainAdd() {
    }

    protected void populateModel(ModelNode modelNode, ModelNode modelNode2) {
        Util.copyParamsToModel(modelNode, modelNode2);
    }

    protected void performRuntime(OperationContext operationContext, ModelNode modelNode, ModelNode modelNode2, ServiceVerificationHandler serviceVerificationHandler, List<ServiceController<?>> list) {
        String value = PathAddress.pathAddress(modelNode.get("address")).getLastElement().getValue();
        ApplicationPolicy createApplicationPolicy = createApplicationPolicy(value, modelNode);
        JSSESecurityDomain createJSSESecurityDomain = createJSSESecurityDomain(value, modelNode);
        String authenticationCacheType = getAuthenticationCacheType(modelNode);
        SecurityDomainService securityDomainService = new SecurityDomainService(value, createApplicationPolicy, createJSSESecurityDomain, authenticationCacheType);
        ServiceBuilder addDependency = operationContext.getServiceTarget().addService(SecurityDomainService.SERVICE_NAME.append(new String[]{value}), securityDomainService).addDependency(SecurityManagementService.SERVICE_NAME, ISecurityManagement.class, securityDomainService.getSecurityManagementInjector()).addDependency(JaasConfigurationService.SERVICE_NAME, Configuration.class, securityDomainService.getConfigurationInjector()).addDependency(TransactionManagerService.SERVICE_NAME, TransactionManager.class, new Injector<TransactionManager>() { // from class: org.jboss.as.security.SecurityDomainAdd.1
            public void inject(TransactionManager transactionManager) throws InjectionException {
                TransactionManagerLocator.setTransactionManager(transactionManager);
            }

            public void uninject() {
            }
        });
        if ("infinispan".equals(authenticationCacheType)) {
            addDependency.addDependency(EmbeddedCacheManagerService.getServiceName("security"), EmbeddedCacheManager.class, securityDomainService.getCacheManagerInjector());
        }
        list.add(addDependency.addListener(serviceVerificationHandler).setInitialMode(ServiceController.Mode.ACTIVE).install());
    }

    private ApplicationPolicy createApplicationPolicy(String str, ModelNode modelNode) {
        ModelNode modelNode2 = modelNode.get(Constants.AUTHENTICATION);
        if (modelNode2.isDefined()) {
            r9 = 0 == 0 ? new ApplicationPolicy(str) : null;
            AuthenticationInfo authenticationInfo = new AuthenticationInfo(str);
            for (ModelNode modelNode3 : modelNode2.asList()) {
                String asString = modelNode3.require(Constants.CODE).asString();
                if (ModulesMap.AUTHENTICATION_MAP.containsKey(asString)) {
                    asString = ModulesMap.AUTHENTICATION_MAP.get(asString);
                }
                AppConfigurationEntry.LoginModuleControlFlag controlFlag = getControlFlag(modelNode3.require(Constants.FLAG).asString());
                HashMap hashMap = new HashMap();
                if (modelNode3.hasDefined(Constants.MODULE_OPTIONS)) {
                    for (Property property : modelNode3.get(Constants.MODULE_OPTIONS).asPropertyList()) {
                        hashMap.put(property.getName(), property.getValue().asString());
                    }
                }
                authenticationInfo.addAppConfigurationEntry(new AppConfigurationEntry(asString, controlFlag, hashMap));
            }
            r9.setAuthenticationInfo(authenticationInfo);
        }
        ModelNode modelNode4 = modelNode.get(Constants.ACL);
        if (modelNode4.isDefined()) {
            if (r9 == null) {
                r9 = new ApplicationPolicy(str);
            }
            ACLInfo aCLInfo = new ACLInfo(str);
            for (ModelNode modelNode5 : modelNode4.asList()) {
                String asString2 = modelNode5.require(Constants.CODE).asString();
                ControlFlag valueOf = ControlFlag.valueOf(modelNode5.require(Constants.FLAG).asString());
                HashMap hashMap2 = new HashMap();
                if (modelNode5.hasDefined(Constants.MODULE_OPTIONS)) {
                    for (Property property2 : modelNode5.get(Constants.MODULE_OPTIONS).asPropertyList()) {
                        hashMap2.put(property2.getName(), property2.getValue().asString());
                    }
                }
                ACLProviderEntry aCLProviderEntry = new ACLProviderEntry(asString2, hashMap2);
                aCLProviderEntry.setControlFlag(valueOf);
                aCLInfo.add(aCLProviderEntry);
            }
            r9.setAclInfo(aCLInfo);
        }
        ModelNode modelNode6 = modelNode.get(Constants.AUDIT);
        if (modelNode6.isDefined()) {
            if (r9 == null) {
                r9 = new ApplicationPolicy(str);
            }
            AuditInfo auditInfo = new AuditInfo(str);
            for (ModelNode modelNode7 : modelNode6.asList()) {
                String asString3 = modelNode7.require(Constants.CODE).asString();
                HashMap hashMap3 = new HashMap();
                if (modelNode7.hasDefined(Constants.MODULE_OPTIONS)) {
                    for (Property property3 : modelNode7.get(Constants.MODULE_OPTIONS).asPropertyList()) {
                        hashMap3.put(property3.getName(), property3.getValue().asString());
                    }
                }
                auditInfo.add(new AuditProviderEntry(asString3, hashMap3));
            }
            r9.setAuditInfo(auditInfo);
        }
        ModelNode modelNode8 = modelNode.get(Constants.AUTHORIZATION);
        if (modelNode8.isDefined()) {
            if (r9 == null) {
                r9 = new ApplicationPolicy(str);
            }
            AuthorizationInfo authorizationInfo = new AuthorizationInfo(str);
            for (ModelNode modelNode9 : modelNode8.asList()) {
                String asString4 = modelNode9.require(Constants.CODE).asString();
                ControlFlag valueOf2 = ControlFlag.valueOf(modelNode9.require(Constants.FLAG).asString());
                HashMap hashMap4 = new HashMap();
                if (modelNode9.hasDefined(Constants.MODULE_OPTIONS)) {
                    for (Property property4 : modelNode9.get(Constants.MODULE_OPTIONS).asPropertyList()) {
                        hashMap4.put(property4.getName(), property4.getValue().asString());
                    }
                }
                AuthorizationModuleEntry authorizationModuleEntry = new AuthorizationModuleEntry(asString4, hashMap4);
                authorizationModuleEntry.setControlFlag(valueOf2);
                authorizationInfo.add(authorizationModuleEntry);
            }
            r9.setAuthorizationInfo(authorizationInfo);
        }
        ModelNode modelNode10 = modelNode.get(Constants.IDENTITY_TRUST);
        if (modelNode10.isDefined()) {
            if (r9 == null) {
                r9 = new ApplicationPolicy(str);
            }
            IdentityTrustInfo identityTrustInfo = new IdentityTrustInfo(str);
            for (ModelNode modelNode11 : modelNode10.asList()) {
                String asString5 = modelNode11.require(Constants.CODE).asString();
                ControlFlag valueOf3 = ControlFlag.valueOf(modelNode11.require(Constants.FLAG).asString());
                HashMap hashMap5 = new HashMap();
                if (modelNode11.hasDefined(Constants.MODULE_OPTIONS)) {
                    for (Property property5 : modelNode11.get(Constants.MODULE_OPTIONS).asPropertyList()) {
                        hashMap5.put(property5.getName(), property5.getValue().asString());
                    }
                }
                IdentityTrustModuleEntry identityTrustModuleEntry = new IdentityTrustModuleEntry(asString5, hashMap5);
                identityTrustModuleEntry.setControlFlag(valueOf3);
                identityTrustInfo.add(identityTrustModuleEntry);
            }
            r9.setIdentityTrustInfo(identityTrustInfo);
        }
        ModelNode modelNode12 = modelNode.get(Constants.MAPPING);
        if (modelNode12.isDefined()) {
            if (r9 == null) {
                r9 = new ApplicationPolicy(str);
            }
            for (ModelNode modelNode13 : modelNode12.asList()) {
                MappingInfo mappingInfo = new MappingInfo(str);
                String asString6 = modelNode13.require(Constants.CODE).asString();
                if (ModulesMap.MAPPING_MAP.containsKey(asString6)) {
                    asString6 = ModulesMap.MAPPING_MAP.get(asString6);
                }
                String asString7 = modelNode13.hasDefined(Constants.TYPE) ? modelNode13.get(Constants.TYPE).asString() : MappingType.ROLE.toString();
                HashMap hashMap6 = new HashMap();
                if (modelNode13.hasDefined(Constants.MODULE_OPTIONS)) {
                    for (Property property6 : modelNode13.get(Constants.MODULE_OPTIONS).asPropertyList()) {
                        hashMap6.put(property6.getName(), property6.getValue().asString());
                    }
                }
                mappingInfo.add(new MappingModuleEntry(asString6, hashMap6, asString7));
                r9.setMappingInfo(asString7, mappingInfo);
            }
        }
        ModelNode modelNode14 = modelNode.get(Constants.AUTHENTICATION_JASPI);
        if (modelNode14.isDefined()) {
            if (r9 == null) {
                r9 = new ApplicationPolicy(str);
            }
            JASPIAuthenticationInfo jASPIAuthenticationInfo = new JASPIAuthenticationInfo(str);
            HashMap hashMap7 = new HashMap();
            Iterator it = modelNode14.get(Constants.LOGIN_MODULE_STACK).asList().iterator();
            while (it.hasNext()) {
                Iterator it2 = ((ModelNode) it.next()).asList().iterator();
                String asString8 = ((ModelNode) it2.next()).get(Constants.NAME).asString();
                LoginModuleStackHolder loginModuleStackHolder = new LoginModuleStackHolder(asString8, (List) null);
                hashMap7.put(asString8, loginModuleStackHolder);
                jASPIAuthenticationInfo.add(loginModuleStackHolder);
                while (it2.hasNext()) {
                    for (ModelNode modelNode15 : ((ModelNode) it2.next()).asList()) {
                        String asString9 = modelNode15.require(Constants.CODE).asString();
                        AppConfigurationEntry.LoginModuleControlFlag controlFlag2 = getControlFlag(modelNode15.require(Constants.FLAG).asString());
                        HashMap hashMap8 = new HashMap();
                        if (modelNode15.hasDefined(Constants.MODULE_OPTIONS)) {
                            for (Property property7 : modelNode15.get(Constants.MODULE_OPTIONS).asPropertyList()) {
                                hashMap8.put(property7.getName(), property7.getValue().asString());
                            }
                        }
                        loginModuleStackHolder.addAppConfigurationEntry(new AppConfigurationEntry(asString9, controlFlag2, hashMap8));
                    }
                }
            }
            for (ModelNode modelNode16 : modelNode14.get(Constants.AUTH_MODULE).asList()) {
                String asString10 = modelNode16.require(Constants.CODE).asString();
                String asString11 = modelNode16.hasDefined(Constants.LOGIN_MODULE_STACK_REF) ? modelNode16.get(Constants.LOGIN_MODULE_STACK_REF).asString() : null;
                HashMap hashMap9 = new HashMap();
                if (modelNode16.hasDefined(Constants.MODULE_OPTIONS)) {
                    for (Property property8 : modelNode16.get(Constants.MODULE_OPTIONS).asPropertyList()) {
                        hashMap9.put(property8.getName(), property8.getValue().asString());
                    }
                }
                AuthModuleEntry authModuleEntry = new AuthModuleEntry(asString10, hashMap9, asString11);
                if (asString11 != null) {
                    if (!hashMap7.containsKey(asString11)) {
                        throw new IllegalArgumentException("auth-module references a login module stack that doesn't exist: " + asString11);
                    }
                    authModuleEntry.setLoginModuleStackHolder((LoginModuleStackHolder) hashMap7.get(asString11));
                }
                jASPIAuthenticationInfo.add(authModuleEntry);
            }
            r9.setAuthenticationInfo(jASPIAuthenticationInfo);
        }
        return r9;
    }

    private JSSESecurityDomain createJSSESecurityDomain(String str, ModelNode modelNode) {
        JBossJSSESecurityDomain jBossJSSESecurityDomain = null;
        ModelNode modelNode2 = modelNode.get(Constants.JSSE);
        if (modelNode2.isDefined()) {
            jBossJSSESecurityDomain = new JBossJSSESecurityDomain(str);
            if (modelNode2.hasDefined(Constants.KEYSTORE_PASSWORD)) {
                try {
                    jBossJSSESecurityDomain.setKeyStorePassword(modelNode2.get(Constants.KEYSTORE_PASSWORD).asString());
                } catch (Exception e) {
                    throw new IllegalArgumentException(e);
                }
            }
            if (modelNode2.hasDefined(Constants.KEYSTORE_TYPE)) {
                jBossJSSESecurityDomain.setKeyStoreType(modelNode2.get(Constants.KEYSTORE_TYPE).asString());
            }
            if (modelNode2.hasDefined(Constants.KEYSTORE_URL)) {
                try {
                    jBossJSSESecurityDomain.setKeyStoreURL(modelNode2.get(Constants.KEYSTORE_URL).asString());
                } catch (IOException e2) {
                    throw new IllegalArgumentException(e2);
                }
            }
            if (modelNode2.hasDefined(Constants.KEYSTORE_PROVIDER)) {
                jBossJSSESecurityDomain.setKeyStoreProvider(modelNode2.get(Constants.KEYSTORE_PROVIDER).asString());
            }
            if (modelNode2.hasDefined(Constants.KEYSTORE_PROVIDER_ARGUMENT)) {
                jBossJSSESecurityDomain.setKeyStoreProviderArgument(modelNode2.get(Constants.KEYSTORE_PROVIDER_ARGUMENT).asString());
            }
            if (modelNode2.hasDefined(Constants.KEY_MANAGER_FACTORY_PROVIDER)) {
                jBossJSSESecurityDomain.setKeyManagerFactoryProvider(modelNode2.get(Constants.KEY_MANAGER_FACTORY_PROVIDER).asString());
            }
            if (modelNode2.hasDefined(Constants.KEY_MANAGER_FACTORY_ALGORITHM)) {
                jBossJSSESecurityDomain.setKeyManagerFactoryAlgorithm(modelNode2.get(Constants.KEY_MANAGER_FACTORY_ALGORITHM).asString());
            }
            if (modelNode2.hasDefined(Constants.TRUSTSTORE_PASSWORD)) {
                try {
                    jBossJSSESecurityDomain.setTrustStorePassword(modelNode2.get(Constants.TRUSTSTORE_PASSWORD).asString());
                } catch (Exception e3) {
                    throw new IllegalArgumentException(e3);
                }
            }
            if (modelNode2.hasDefined(Constants.TRUSTSTORE_TYPE)) {
                jBossJSSESecurityDomain.setTrustStoreType(modelNode2.get(Constants.TRUSTSTORE_TYPE).asString());
            }
            if (modelNode2.hasDefined(Constants.TRUSTSTORE_URL)) {
                try {
                    jBossJSSESecurityDomain.setTrustStoreURL(modelNode2.get(Constants.TRUSTSTORE_URL).asString());
                } catch (IOException e4) {
                    throw new IllegalArgumentException(e4);
                }
            }
            if (modelNode2.hasDefined(Constants.TRUSTSTORE_PROVIDER)) {
                jBossJSSESecurityDomain.setTrustStoreProvider(modelNode2.get(Constants.TRUSTSTORE_PROVIDER).asString());
            }
            if (modelNode2.hasDefined(Constants.TRUSTSTORE_PROVIDER_ARGUMENT)) {
                jBossJSSESecurityDomain.setTrustStoreProviderArgument(modelNode2.get(Constants.TRUSTSTORE_PROVIDER_ARGUMENT).asString());
            }
            if (modelNode2.hasDefined(Constants.TRUST_MANAGER_FACTORY_PROVIDER)) {
                jBossJSSESecurityDomain.setTrustManagerFactoryProvider(modelNode2.get(Constants.TRUST_MANAGER_FACTORY_PROVIDER).asString());
            }
            if (modelNode2.hasDefined(Constants.TRUST_MANAGER_FACTORY_ALGORITHM)) {
                jBossJSSESecurityDomain.setTrustManagerFactoryAlgorithm(modelNode2.get(Constants.TRUST_MANAGER_FACTORY_ALGORITHM).asString());
            }
            if (modelNode2.hasDefined(Constants.CLIENT_ALIAS)) {
                jBossJSSESecurityDomain.setClientAlias(modelNode2.get(Constants.CLIENT_ALIAS).asString());
            }
            if (modelNode2.hasDefined(Constants.SERVER_ALIAS)) {
                jBossJSSESecurityDomain.setServerAlias(modelNode2.get(Constants.SERVER_ALIAS).asString());
            }
            if (modelNode2.hasDefined(Constants.CLIENT_AUTH)) {
                jBossJSSESecurityDomain.setClientAuth(modelNode2.get(Constants.CLIENT_AUTH).asBoolean());
            }
            if (modelNode2.hasDefined(Constants.SERVICE_AUTH_TOKEN)) {
                try {
                    jBossJSSESecurityDomain.setServiceAuthToken(modelNode2.get(Constants.SERVICE_AUTH_TOKEN).asString());
                } catch (Exception e5) {
                    throw new IllegalArgumentException(e5);
                }
            }
            if (modelNode2.hasDefined(Constants.CIPHER_SUITES)) {
                jBossJSSESecurityDomain.setCipherSuites(modelNode2.get(Constants.CIPHER_SUITES).asString());
            }
            if (modelNode2.hasDefined(Constants.PROTOCOLS)) {
                jBossJSSESecurityDomain.setProtocols(modelNode2.get(Constants.PROTOCOLS).asString());
            }
            if (modelNode2.hasDefined(Constants.ADDITIONAL_PROPERTIES)) {
                String[] split = modelNode2.get(Constants.ADDITIONAL_PROPERTIES).asString().replaceAll("\\r", "").replaceAll("\\n", "").replaceAll("\\t", "").split(";");
                Properties properties = new Properties();
                for (String str2 : split) {
                    String[] split2 = str2.replaceAll("^\\s+", "").split("=");
                    properties.put(split2[0], split2[1]);
                }
                jBossJSSESecurityDomain.setAdditionalProperties(properties);
            }
        }
        return jBossJSSESecurityDomain;
    }

    private AppConfigurationEntry.LoginModuleControlFlag getControlFlag(String str) {
        if ("required".equalsIgnoreCase(str)) {
            return AppConfigurationEntry.LoginModuleControlFlag.REQUIRED;
        }
        if ("sufficient".equalsIgnoreCase(str)) {
            return AppConfigurationEntry.LoginModuleControlFlag.SUFFICIENT;
        }
        if ("optional".equalsIgnoreCase(str)) {
            return AppConfigurationEntry.LoginModuleControlFlag.OPTIONAL;
        }
        if ("requisite".equalsIgnoreCase(str)) {
            return AppConfigurationEntry.LoginModuleControlFlag.REQUISITE;
        }
        throw new RuntimeException(str + " is not recognized");
    }

    private String getAuthenticationCacheType(ModelNode modelNode) {
        String str = null;
        if (modelNode.hasDefined(Constants.CACHE_TYPE)) {
            str = modelNode.get(Constants.CACHE_TYPE).asString();
        }
        return str;
    }
}
