package org.wildfly.extension.elytron;

import java.security.Principal;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.LinkedHashSet;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.function.Consumer;
import java.util.function.Function;
import java.util.function.Predicate;
import javax.security.sasl.SaslServerFactory;
import org.jboss.as.controller.AttributeDefinition;
import org.jboss.as.controller.AttributeMarshaller;
import org.jboss.as.controller.AttributeParser;
import org.jboss.as.controller.ObjectListAttributeDefinition;
import org.jboss.as.controller.ObjectTypeAttributeDefinition;
import org.jboss.as.controller.OperationContext;
import org.jboss.as.controller.OperationFailedException;
import org.jboss.as.controller.ResourceDefinition;
import org.jboss.as.controller.SimpleAttributeDefinition;
import org.jboss.as.controller.SimpleAttributeDefinitionBuilder;
import org.jboss.as.controller.capability.RuntimeCapability;
import org.jboss.as.controller.registry.AttributeAccess;
import org.jboss.dmr.ModelNode;
import org.jboss.dmr.ModelType;
import org.jboss.msc.inject.Injector;
import org.jboss.msc.service.ServiceBuilder;
import org.jboss.msc.service.ServiceController;
import org.jboss.msc.value.InjectedValue;
import org.wildfly.extension.elytron.TrivialService;
import org.wildfly.extension.elytron.capabilities.PrincipalTransformer;
import org.wildfly.security.SecurityFactory;
import org.wildfly.security.auth.server.HttpAuthenticationFactory;
import org.wildfly.security.auth.server.MechanismAuthenticationFactory;
import org.wildfly.security.auth.server.MechanismConfiguration;
import org.wildfly.security.auth.server.MechanismConfigurationSelector;
import org.wildfly.security.auth.server.MechanismInformation;
import org.wildfly.security.auth.server.MechanismRealmConfiguration;
import org.wildfly.security.auth.server.RealmMapper;
import org.wildfly.security.auth.server.SaslAuthenticationFactory;
import org.wildfly.security.auth.server.SecurityDomain;
import org.wildfly.security.http.HttpServerAuthenticationMechanismFactory;
import org.wildfly.security.http.util.FilterServerMechanismFactory;
import org.wildfly.security.http.util.SortedServerMechanismFactory;
import org.wildfly.security.sasl.util.FilterMechanismSaslServerFactory;
import org.wildfly.security.sasl.util.SortedMechanismSaslServerFactory;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:org/wildfly/extension/elytron/AuthenticationFactoryDefinitions.class */
public class AuthenticationFactoryDefinitions {
    static final SimpleAttributeDefinition BASE_SECURITY_DOMAIN_REF = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.SECURITY_DOMAIN, ModelType.STRING, false).setMinSize(1).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_RESOURCE_SERVICES}).build();
    static final SimpleAttributeDefinition HTTP_SERVER_MECHANISM_FACTORY = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.HTTP_SERVER_MECHANISM_FACTORY, ModelType.STRING, false).setMinSize(1).setRestartAllServices().setCapabilityReference("org.wildfly.security.http-server-mechanism-factory", "org.wildfly.security.http-authentication-factory", true).build();
    static final SimpleAttributeDefinition SASL_SERVER_FACTORY = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.SASL_SERVER_FACTORY, ModelType.STRING, false).setMinSize(1).setRestartAllServices().setCapabilityReference("org.wildfly.security.sasl-server-factory", "org.wildfly.security.sasl-authentication-factory", true).build();
    static final SimpleAttributeDefinition MECHANISM_NAME = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.MECHANISM_NAME, ModelType.STRING, true).setAllowExpression(true).setMinSize(1).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_RESOURCE_SERVICES}).setAttributeGroup(ElytronDescriptionConstants.SELECTION_CRITERIA).build();
    static final SimpleAttributeDefinition HOST_NAME = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.HOST_NAME, ModelType.STRING, true).setAllowExpression(true).setMinSize(1).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_RESOURCE_SERVICES}).setAttributeGroup(ElytronDescriptionConstants.SELECTION_CRITERIA).build();
    static final SimpleAttributeDefinition PROTOCOL = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.PROTOCOL, ModelType.STRING, true).setAllowExpression(true).setMinSize(1).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_RESOURCE_SERVICES}).setAttributeGroup(ElytronDescriptionConstants.SELECTION_CRITERIA).build();
    static final SimpleAttributeDefinition BASE_CREDENTIAL_SECURITY_FACTORY = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.CREDENTIAL_SECURITY_FACTORY, ModelType.STRING, true).setMinSize(1).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_RESOURCE_SERVICES}).build();
    static final SimpleAttributeDefinition BASE_PRE_REALM_PRINCIPAL_TRANSFORMER = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.PRE_REALM_PRINCIPAL_TRANSFORMER, ModelType.STRING, true).setMinSize(1).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_RESOURCE_SERVICES}).build();
    static final SimpleAttributeDefinition BASE_POST_REALM_PRINCIPAL_TRANSFORMER = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.POST_REALM_PRINCIPAL_TRANSFORMER, ModelType.STRING, true).setMinSize(1).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_RESOURCE_SERVICES}).build();
    static final SimpleAttributeDefinition BASE_FINAL_PRINCIPAL_TRANSFORMER = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.FINAL_PRINCIPAL_TRANSFORMER, ModelType.STRING, true).setMinSize(1).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_RESOURCE_SERVICES}).build();
    static final SimpleAttributeDefinition BASE_REALM_MAPPER = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.REALM_MAPPER, ModelType.STRING, true).setMinSize(1).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_RESOURCE_SERVICES}).build();
    static final SimpleAttributeDefinition REALM_NAME = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.REALM_NAME, ModelType.STRING, false).setMinSize(1).setAllowExpression(true).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_RESOURCE_SERVICES}).build();

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/wildfly/extension/elytron/AuthenticationFactoryDefinitions$ResolvedMechanismConfiguration.class */
    public static class ResolvedMechanismConfiguration extends ResolvedMechanismRealmConfiguration {
        final Predicate<MechanismInformation> selectionPredicate;
        final Map<String, ResolvedMechanismRealmConfiguration> mechanismRealms;
        final InjectedValue<SecurityFactory> securityFactory;

        ResolvedMechanismConfiguration(Predicate<MechanismInformation> predicate) {
            super();
            this.mechanismRealms = new HashMap();
            this.securityFactory = new InjectedValue<>();
            this.selectionPredicate = predicate;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/wildfly/extension/elytron/AuthenticationFactoryDefinitions$ResolvedMechanismRealmConfiguration.class */
    public static class ResolvedMechanismRealmConfiguration {
        final InjectedValue<PrincipalTransformer> preRealmPrincipalTranformer;
        final InjectedValue<PrincipalTransformer> postRealmPrincipalTransformer;
        final InjectedValue<PrincipalTransformer> finalPrincipalTransformer;
        final InjectedValue<RealmMapper> realmMapper;

        private ResolvedMechanismRealmConfiguration() {
            this.preRealmPrincipalTranformer = new InjectedValue<>();
            this.postRealmPrincipalTransformer = new InjectedValue<>();
            this.finalPrincipalTransformer = new InjectedValue<>();
            this.realmMapper = new InjectedValue<>();
        }
    }

    AuthenticationFactoryDefinitions() {
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static AttributeDefinition getMechanismConfiguration(String str) {
        AttributeDefinition build = new SimpleAttributeDefinitionBuilder(BASE_PRE_REALM_PRINCIPAL_TRANSFORMER).setCapabilityReference("org.wildfly.security.principal-transformer", str, true).build();
        AttributeDefinition build2 = new SimpleAttributeDefinitionBuilder(BASE_POST_REALM_PRINCIPAL_TRANSFORMER).setCapabilityReference("org.wildfly.security.principal-transformer", str, true).build();
        AttributeDefinition build3 = new SimpleAttributeDefinitionBuilder(BASE_FINAL_PRINCIPAL_TRANSFORMER).setCapabilityReference("org.wildfly.security.principal-transformer", str, true).build();
        AttributeDefinition build4 = new SimpleAttributeDefinitionBuilder(BASE_REALM_MAPPER).setCapabilityReference("org.wildfly.security.realm-mapper", str, true).build();
        return new ObjectListAttributeDefinition.Builder(ElytronDescriptionConstants.MECHANISM_CONFIGURATIONS, new ObjectTypeAttributeDefinition.Builder(ElytronDescriptionConstants.MECHANISM_CONFIGURATION, new AttributeDefinition[]{MECHANISM_NAME, HOST_NAME, PROTOCOL, build, build2, build3, build4, new ObjectListAttributeDefinition.Builder(ElytronDescriptionConstants.MECHANISM_REALM_CONFIGURATIONS, new ObjectTypeAttributeDefinition.Builder(ElytronDescriptionConstants.MECHANISM_REALM_CONFIGURATION, new AttributeDefinition[]{REALM_NAME, build, build2, build3, build4}).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_RESOURCE_SERVICES}).setXmlName(ElytronDescriptionConstants.MECHANISM_REALM).build()).setRequired(false).setAllowExpression(false).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_RESOURCE_SERVICES}).setAttributeParser(AttributeParser.UNWRAPPED_OBJECT_LIST_PARSER).setAttributeMarshaller(AttributeMarshaller.UNWRAPPED_OBJECT_LIST_MARSHALLER).build(), new SimpleAttributeDefinitionBuilder(BASE_CREDENTIAL_SECURITY_FACTORY).setCapabilityReference("org.wildfly.security.security-factory.credential", str, true).build()}).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_RESOURCE_SERVICES}).setXmlName(ElytronDescriptionConstants.MECHANISM).build()).setRequired(false).setRestartAllServices().setXmlName(ElytronDescriptionConstants.MECHANISM_CONFIGURATION).build();
    }

    static Set<String> getConfiguredMechanismNames(AttributeDefinition attributeDefinition, OperationContext operationContext, ModelNode modelNode) throws OperationFailedException {
        ModelNode resolveModelAttribute = attributeDefinition.resolveModelAttribute(operationContext, modelNode);
        if (!resolveModelAttribute.isDefined()) {
            return Collections.emptySet();
        }
        LinkedHashSet linkedHashSet = new LinkedHashSet();
        Iterator it = resolveModelAttribute.asList().iterator();
        while (it.hasNext()) {
            String asStringIfDefined = ElytronExtension.asStringIfDefined(operationContext, MECHANISM_NAME, (ModelNode) it.next());
            if (asStringIfDefined == null) {
                return Collections.emptySet();
            }
            linkedHashSet.add(asStringIfDefined);
        }
        return linkedHashSet;
    }

    static List<ResolvedMechanismConfiguration> getResolvedMechanismConfiguration(AttributeDefinition attributeDefinition, ServiceBuilder<?> serviceBuilder, OperationContext operationContext, ModelNode modelNode) throws OperationFailedException {
        ModelNode resolveModelAttribute = attributeDefinition.resolveModelAttribute(operationContext, modelNode);
        if (!resolveModelAttribute.isDefined()) {
            return Collections.emptyList();
        }
        List<ModelNode> asList = resolveModelAttribute.asList();
        ArrayList arrayList = new ArrayList(asList.size());
        for (ModelNode modelNode2 : asList) {
            String asStringIfDefined = ElytronExtension.asStringIfDefined(operationContext, MECHANISM_NAME, modelNode2);
            String asStringIfDefined2 = ElytronExtension.asStringIfDefined(operationContext, HOST_NAME, modelNode2);
            String asStringIfDefined3 = ElytronExtension.asStringIfDefined(operationContext, PROTOCOL, modelNode2);
            Predicate predicate = asStringIfDefined != null ? mechanismInformation -> {
                return asStringIfDefined.equalsIgnoreCase(mechanismInformation.getMechanismName());
            } : null;
            if (asStringIfDefined2 != null) {
                Predicate predicate2 = mechanismInformation2 -> {
                    return asStringIfDefined2.equalsIgnoreCase(mechanismInformation2.getHostName());
                };
                predicate = predicate != null ? predicate.and(predicate2) : predicate2;
            }
            if (asStringIfDefined3 != null) {
                Predicate predicate3 = mechanismInformation3 -> {
                    return asStringIfDefined3.equalsIgnoreCase(mechanismInformation3.getProtocol());
                };
                predicate = predicate != null ? predicate.and(predicate3) : predicate3;
            }
            if (predicate == null) {
                predicate = mechanismInformation4 -> {
                    return true;
                };
            }
            ResolvedMechanismConfiguration resolvedMechanismConfiguration = new ResolvedMechanismConfiguration(predicate);
            injectPrincipalTransformer(BASE_PRE_REALM_PRINCIPAL_TRANSFORMER, serviceBuilder, operationContext, modelNode2, resolvedMechanismConfiguration.preRealmPrincipalTranformer);
            injectPrincipalTransformer(BASE_POST_REALM_PRINCIPAL_TRANSFORMER, serviceBuilder, operationContext, modelNode2, resolvedMechanismConfiguration.postRealmPrincipalTransformer);
            injectPrincipalTransformer(BASE_FINAL_PRINCIPAL_TRANSFORMER, serviceBuilder, operationContext, modelNode2, resolvedMechanismConfiguration.finalPrincipalTransformer);
            injectRealmMapper(BASE_REALM_MAPPER, serviceBuilder, operationContext, modelNode2, resolvedMechanismConfiguration.realmMapper);
            injectSecurityFactory(BASE_CREDENTIAL_SECURITY_FACTORY, serviceBuilder, operationContext, modelNode2, resolvedMechanismConfiguration.securityFactory);
            if (modelNode2.hasDefined(ElytronDescriptionConstants.MECHANISM_REALM_CONFIGURATIONS)) {
                for (ModelNode modelNode3 : modelNode2.require(ElytronDescriptionConstants.MECHANISM_REALM_CONFIGURATIONS).asList()) {
                    String asString = REALM_NAME.resolveModelAttribute(operationContext, modelNode3).asString();
                    ResolvedMechanismRealmConfiguration resolvedMechanismRealmConfiguration = new ResolvedMechanismRealmConfiguration();
                    injectPrincipalTransformer(BASE_PRE_REALM_PRINCIPAL_TRANSFORMER, serviceBuilder, operationContext, modelNode3, resolvedMechanismRealmConfiguration.preRealmPrincipalTranformer);
                    injectPrincipalTransformer(BASE_POST_REALM_PRINCIPAL_TRANSFORMER, serviceBuilder, operationContext, modelNode3, resolvedMechanismRealmConfiguration.postRealmPrincipalTransformer);
                    injectPrincipalTransformer(BASE_FINAL_PRINCIPAL_TRANSFORMER, serviceBuilder, operationContext, modelNode3, resolvedMechanismRealmConfiguration.finalPrincipalTransformer);
                    injectRealmMapper(BASE_REALM_MAPPER, serviceBuilder, operationContext, modelNode3, resolvedMechanismRealmConfiguration.realmMapper);
                    resolvedMechanismConfiguration.mechanismRealms.put(asString, resolvedMechanismRealmConfiguration);
                }
            }
            arrayList.add(resolvedMechanismConfiguration);
        }
        return arrayList;
    }

    static void buildMechanismConfiguration(List<ResolvedMechanismConfiguration> list, MechanismAuthenticationFactory.Builder builder) {
        ArrayList arrayList = new ArrayList(list.size());
        for (ResolvedMechanismConfiguration resolvedMechanismConfiguration : list) {
            MechanismConfiguration.Builder builder2 = MechanismConfiguration.builder();
            InjectedValue<PrincipalTransformer> injectedValue = resolvedMechanismConfiguration.preRealmPrincipalTranformer;
            builder2.getClass();
            setPrincipalTransformer(injectedValue, builder2::setPreRealmRewriter);
            InjectedValue<PrincipalTransformer> injectedValue2 = resolvedMechanismConfiguration.postRealmPrincipalTransformer;
            builder2.getClass();
            setPrincipalTransformer(injectedValue2, builder2::setPostRealmRewriter);
            InjectedValue<PrincipalTransformer> injectedValue3 = resolvedMechanismConfiguration.finalPrincipalTransformer;
            builder2.getClass();
            setPrincipalTransformer(injectedValue3, builder2::setFinalRewriter);
            InjectedValue<RealmMapper> injectedValue4 = resolvedMechanismConfiguration.realmMapper;
            builder2.getClass();
            setRealmMapper(injectedValue4, builder2::setRealmMapper);
            InjectedValue<SecurityFactory> injectedValue5 = resolvedMechanismConfiguration.securityFactory;
            builder2.getClass();
            setSecurityFactory(injectedValue5, builder2::setServerCredential);
            for (Map.Entry<String, ResolvedMechanismRealmConfiguration> entry : resolvedMechanismConfiguration.mechanismRealms.entrySet()) {
                MechanismRealmConfiguration.Builder builder3 = MechanismRealmConfiguration.builder();
                builder3.setRealmName(entry.getKey());
                ResolvedMechanismRealmConfiguration value = entry.getValue();
                InjectedValue<PrincipalTransformer> injectedValue6 = value.preRealmPrincipalTranformer;
                builder3.getClass();
                setPrincipalTransformer(injectedValue6, builder3::setPreRealmRewriter);
                InjectedValue<PrincipalTransformer> injectedValue7 = value.postRealmPrincipalTransformer;
                builder3.getClass();
                setPrincipalTransformer(injectedValue7, builder3::setPostRealmRewriter);
                InjectedValue<PrincipalTransformer> injectedValue8 = value.finalPrincipalTransformer;
                builder3.getClass();
                setPrincipalTransformer(injectedValue8, builder3::setFinalRewriter);
                InjectedValue<RealmMapper> injectedValue9 = value.realmMapper;
                builder3.getClass();
                setRealmMapper(injectedValue9, builder3::setRealmMapper);
                builder2.addMechanismRealm(builder3.build());
            }
            arrayList.add(MechanismConfigurationSelector.predicateSelector(resolvedMechanismConfiguration.selectionPredicate, builder2.build()));
        }
        builder.setMechanismConfigurationSelector(MechanismConfigurationSelector.aggregate((MechanismConfigurationSelector[]) arrayList.toArray(new MechanismConfigurationSelector[arrayList.size()])));
    }

    private static void setPrincipalTransformer(InjectedValue<PrincipalTransformer> injectedValue, Consumer<Function<Principal, Principal>> consumer) {
        PrincipalTransformer principalTransformer = (PrincipalTransformer) injectedValue.getOptionalValue();
        if (principalTransformer != null) {
            consumer.accept(principalTransformer);
        }
    }

    private static void injectPrincipalTransformer(SimpleAttributeDefinition simpleAttributeDefinition, ServiceBuilder<?> serviceBuilder, OperationContext operationContext, ModelNode modelNode, Injector<PrincipalTransformer> injector) throws OperationFailedException {
        String asStringIfDefined = ElytronExtension.asStringIfDefined(operationContext, simpleAttributeDefinition, modelNode);
        if (asStringIfDefined != null) {
            serviceBuilder.addDependency(operationContext.getCapabilityServiceName(RuntimeCapability.buildDynamicCapabilityName("org.wildfly.security.principal-transformer", asStringIfDefined), PrincipalTransformer.class), PrincipalTransformer.class, injector);
        }
    }

    private static void setSecurityFactory(InjectedValue<SecurityFactory> injectedValue, Consumer<SecurityFactory> consumer) {
        SecurityFactory securityFactory = (SecurityFactory) injectedValue.getOptionalValue();
        if (securityFactory != null) {
            consumer.accept(securityFactory);
        }
    }

    private static void injectSecurityFactory(SimpleAttributeDefinition simpleAttributeDefinition, ServiceBuilder<?> serviceBuilder, OperationContext operationContext, ModelNode modelNode, Injector<SecurityFactory> injector) throws OperationFailedException {
        String asStringIfDefined = ElytronExtension.asStringIfDefined(operationContext, simpleAttributeDefinition, modelNode);
        if (asStringIfDefined != null) {
            serviceBuilder.addDependency(operationContext.getCapabilityServiceName(RuntimeCapability.buildDynamicCapabilityName("org.wildfly.security.security-factory.credential", asStringIfDefined), SecurityFactory.class), SecurityFactory.class, injector);
        }
    }

    private static void setRealmMapper(InjectedValue<RealmMapper> injectedValue, Consumer<RealmMapper> consumer) {
        RealmMapper realmMapper = (RealmMapper) injectedValue.getOptionalValue();
        if (realmMapper != null) {
            consumer.accept(realmMapper);
        }
    }

    private static void injectRealmMapper(SimpleAttributeDefinition simpleAttributeDefinition, ServiceBuilder<?> serviceBuilder, OperationContext operationContext, ModelNode modelNode, Injector<RealmMapper> injector) throws OperationFailedException {
        String asStringIfDefined = ElytronExtension.asStringIfDefined(operationContext, simpleAttributeDefinition, modelNode);
        if (asStringIfDefined != null) {
            serviceBuilder.addDependency(operationContext.getCapabilityServiceName(RuntimeCapability.buildDynamicCapabilityName("org.wildfly.security.realm-mapper", asStringIfDefined), RealmMapper.class), RealmMapper.class, injector);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static ResourceDefinition getHttpAuthenticationFactory() {
        final AttributeDefinition build = new SimpleAttributeDefinitionBuilder(BASE_SECURITY_DOMAIN_REF).setCapabilityReference("org.wildfly.security.security-domain", "org.wildfly.security.http-authentication-factory", true).setRestartAllServices().build();
        final AttributeDefinition mechanismConfiguration = getMechanismConfiguration("org.wildfly.security.http-authentication-factory");
        AttributeDefinition[] attributeDefinitionArr = {build, HTTP_SERVER_MECHANISM_FACTORY, mechanismConfiguration};
        return AvailableMechanismsRuntimeResource.wrap(new TrivialResourceDefinition(ElytronDescriptionConstants.HTTP_AUTHENTICATION_FACTORY, new TrivialAddHandler<HttpAuthenticationFactory>(HttpAuthenticationFactory.class, attributeDefinitionArr, Capabilities.HTTP_AUTHENTICATION_FACTORY_RUNTIME_CAPABILITY) { // from class: org.wildfly.extension.elytron.AuthenticationFactoryDefinitions.1
            @Override // org.wildfly.extension.elytron.TrivialAddHandler
            protected TrivialService.ValueSupplier<HttpAuthenticationFactory> getValueSupplier(ServiceBuilder<HttpAuthenticationFactory> serviceBuilder, OperationContext operationContext, ModelNode modelNode) throws OperationFailedException {
                InjectedValue injectedValue = new InjectedValue();
                InjectedValue injectedValue2 = new InjectedValue();
                serviceBuilder.addDependency(operationContext.getCapabilityServiceName(RuntimeCapability.buildDynamicCapabilityName("org.wildfly.security.security-domain", build.resolveModelAttribute(operationContext, modelNode).asString()), SecurityDomain.class), SecurityDomain.class, injectedValue);
                serviceBuilder.addDependency(operationContext.getCapabilityServiceName(RuntimeCapability.buildDynamicCapabilityName("org.wildfly.security.http-server-mechanism-factory", AuthenticationFactoryDefinitions.HTTP_SERVER_MECHANISM_FACTORY.resolveModelAttribute(operationContext, modelNode).asString()), HttpServerAuthenticationMechanismFactory.class), HttpServerAuthenticationMechanismFactory.class, injectedValue2);
                Set<String> configuredMechanismNames = AuthenticationFactoryDefinitions.getConfiguredMechanismNames(mechanismConfiguration, operationContext, modelNode);
                List<ResolvedMechanismConfiguration> resolvedMechanismConfiguration = AuthenticationFactoryDefinitions.getResolvedMechanismConfiguration(mechanismConfiguration, serviceBuilder, operationContext, modelNode);
                return () -> {
                    SortedServerMechanismFactory sortedServerMechanismFactory;
                    HttpServerAuthenticationMechanismFactory httpServerAuthenticationMechanismFactory = (HttpServerAuthenticationMechanismFactory) injectedValue2.getValue();
                    if (configuredMechanismNames.isEmpty()) {
                        sortedServerMechanismFactory = new SortedServerMechanismFactory(httpServerAuthenticationMechanismFactory, (str, str2) -> {
                            return AuthenticationFactoryDefinitions.compareHttp(str, str2);
                        });
                    } else {
                        FilterServerMechanismFactory filterServerMechanismFactory = new FilterServerMechanismFactory(httpServerAuthenticationMechanismFactory, true, configuredMechanismNames);
                        String[] strArr = (String[]) configuredMechanismNames.toArray(new String[configuredMechanismNames.size()]);
                        sortedServerMechanismFactory = new SortedServerMechanismFactory(filterServerMechanismFactory, (str3, str4) -> {
                            for (String str3 : strArr) {
                                if (str3.equals(str3)) {
                                    return -1;
                                }
                                if (str4.equals(str3)) {
                                    return 1;
                                }
                            }
                            return 0;
                        });
                    }
                    HttpAuthenticationFactory.Builder factory = HttpAuthenticationFactory.builder().setSecurityDomain((SecurityDomain) injectedValue.getValue()).setFactory(sortedServerMechanismFactory);
                    AuthenticationFactoryDefinitions.buildMechanismConfiguration(resolvedMechanismConfiguration, factory);
                    return factory.build();
                };
            }
        }, attributeDefinitionArr, Capabilities.HTTP_AUTHENTICATION_FACTORY_RUNTIME_CAPABILITY), AuthenticationFactoryDefinitions::getAvailableHttpMechanisms);
    }

    private static String[] getAvailableHttpMechanisms(OperationContext operationContext) {
        ServiceController requiredService = ElytronExtension.getRequiredService(operationContext.getServiceRegistry(false), Capabilities.HTTP_AUTHENTICATION_FACTORY_RUNTIME_CAPABILITY.fromBaseCapability(operationContext.getCurrentAddressValue()).getCapabilityServiceName(HttpAuthenticationFactory.class), HttpAuthenticationFactory.class);
        if (requiredService.getState() != ServiceController.State.UP) {
            return null;
        }
        Collection mechanismNames = ((HttpAuthenticationFactory) requiredService.getValue()).getMechanismNames();
        return (String[]) mechanismNames.toArray(new String[mechanismNames.size()]);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static ResourceDefinition getSaslAuthenticationFactory() {
        final AttributeDefinition build = new SimpleAttributeDefinitionBuilder(BASE_SECURITY_DOMAIN_REF).setCapabilityReference("org.wildfly.security.security-domain", "org.wildfly.security.sasl-authentication-factory", true).setRestartAllServices().build();
        final AttributeDefinition mechanismConfiguration = getMechanismConfiguration("org.wildfly.security.sasl-authentication-factory");
        AttributeDefinition[] attributeDefinitionArr = {build, SASL_SERVER_FACTORY, mechanismConfiguration};
        return AvailableMechanismsRuntimeResource.wrap(new TrivialResourceDefinition(ElytronDescriptionConstants.SASL_AUTHENTICATION_FACTORY, new TrivialAddHandler<SaslAuthenticationFactory>(SaslAuthenticationFactory.class, attributeDefinitionArr, Capabilities.SASL_AUTHENTICATION_FACTORY_RUNTIME_CAPABILITY) { // from class: org.wildfly.extension.elytron.AuthenticationFactoryDefinitions.2
            @Override // org.wildfly.extension.elytron.TrivialAddHandler
            protected TrivialService.ValueSupplier<SaslAuthenticationFactory> getValueSupplier(ServiceBuilder<SaslAuthenticationFactory> serviceBuilder, OperationContext operationContext, ModelNode modelNode) throws OperationFailedException {
                String asString = build.resolveModelAttribute(operationContext, modelNode).asString();
                String asString2 = AuthenticationFactoryDefinitions.SASL_SERVER_FACTORY.resolveModelAttribute(operationContext, modelNode).asString();
                InjectedValue injectedValue = new InjectedValue();
                InjectedValue injectedValue2 = new InjectedValue();
                serviceBuilder.addDependency(operationContext.getCapabilityServiceName(RuntimeCapability.buildDynamicCapabilityName("org.wildfly.security.security-domain", asString), SecurityDomain.class), SecurityDomain.class, injectedValue);
                serviceBuilder.addDependency(operationContext.getCapabilityServiceName(RuntimeCapability.buildDynamicCapabilityName("org.wildfly.security.sasl-server-factory", asString2), SaslServerFactory.class), SaslServerFactory.class, injectedValue2);
                Set<String> configuredMechanismNames = AuthenticationFactoryDefinitions.getConfiguredMechanismNames(mechanismConfiguration, operationContext, modelNode);
                List<ResolvedMechanismConfiguration> resolvedMechanismConfiguration = AuthenticationFactoryDefinitions.getResolvedMechanismConfiguration(mechanismConfiguration, serviceBuilder, operationContext, modelNode);
                return () -> {
                    SaslServerFactory saslServerFactory = (SaslServerFactory) injectedValue2.getValue();
                    SaslAuthenticationFactory.Builder factory = SaslAuthenticationFactory.builder().setSecurityDomain((SecurityDomain) injectedValue.getValue()).setFactory(!configuredMechanismNames.isEmpty() ? new SortedMechanismSaslServerFactory(new FilterMechanismSaslServerFactory(saslServerFactory, true, configuredMechanismNames), (String[]) configuredMechanismNames.toArray(new String[configuredMechanismNames.size()])) : new SortedMechanismSaslServerFactory(saslServerFactory, (str, str2) -> {
                        return AuthenticationFactoryDefinitions.compareSasl(str, str2);
                    }));
                    AuthenticationFactoryDefinitions.buildMechanismConfiguration(resolvedMechanismConfiguration, factory);
                    return factory.build();
                };
            }
        }, attributeDefinitionArr, Capabilities.SASL_AUTHENTICATION_FACTORY_RUNTIME_CAPABILITY), AuthenticationFactoryDefinitions::getAvailableSaslMechanisms);
    }

    private static String[] getAvailableSaslMechanisms(OperationContext operationContext) {
        ServiceController requiredService = ElytronExtension.getRequiredService(operationContext.getServiceRegistry(false), Capabilities.SASL_AUTHENTICATION_FACTORY_RUNTIME_CAPABILITY.fromBaseCapability(operationContext.getCurrentAddressValue()).getCapabilityServiceName(SaslAuthenticationFactory.class), SaslAuthenticationFactory.class);
        if (requiredService.getState() != ServiceController.State.UP) {
            return null;
        }
        Collection mechanismNames = ((SaslAuthenticationFactory) requiredService.getValue()).getMechanismNames();
        return (String[]) mechanismNames.toArray(new String[mechanismNames.size()]);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static int compareSasl(String str, String str2) {
        return toPrioritySasl(str2) - toPrioritySasl(str);
    }

    private static int toPrioritySasl(String str) {
        boolean z = -1;
        switch (str.hashCode()) {
            case -1038134325:
                if (str.equals("EXTERNAL")) {
                    z = false;
                    break;
                }
                break;
            case 76210602:
                if (str.equals("PLAIN")) {
                    z = 3;
                    break;
                }
                break;
            case 690783309:
                if (str.equals("ANONYMOUS")) {
                    z = 4;
                    break;
                }
                break;
            case 2065029603:
                if (str.equals("JBOSS-LOCAL-USER")) {
                    z = 2;
                    break;
                }
                break;
            case 2111859635:
                if (str.equals("GSSAPI")) {
                    z = true;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                return 30;
            case true:
                return 20;
            case true:
                return 10;
            case true:
                return -10;
            case true:
                return -20;
            default:
                return 0;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static int compareHttp(String str, String str2) {
        return toPriorityHttp(str2) - toPriorityHttp(str);
    }

    private static int toPriorityHttp(String str) {
        boolean z = -1;
        switch (str.hashCode()) {
            case -1842473796:
                if (str.equals("SPNEGO")) {
                    z = true;
                    break;
                }
                break;
            case 62970894:
                if (str.equals("BASIC")) {
                    z = 3;
                    break;
                }
                break;
            case 978538363:
                if (str.equals("BEARER_TOKEN")) {
                    z = 2;
                    break;
                }
                break;
            case 2008316440:
                if (str.equals("CLIENT_CERT")) {
                    z = false;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                return 30;
            case true:
                return 20;
            case true:
                return 10;
            case true:
                return -10;
            default:
                return 0;
        }
    }
}
