package org.wildfly.extension.elytron;

import java.security.NoSuchAlgorithmException;
import java.security.spec.InvalidKeySpecException;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import org.jboss.as.controller.AbstractAddStepHandler;
import org.jboss.as.controller.AbstractWriteAttributeHandler;
import org.jboss.as.controller.AttributeDefinition;
import org.jboss.as.controller.OperationContext;
import org.jboss.as.controller.OperationFailedException;
import org.jboss.as.controller.OperationStepHandler;
import org.jboss.as.controller.PathAddress;
import org.jboss.as.controller.PathElement;
import org.jboss.as.controller.SimpleAttributeDefinition;
import org.jboss.as.controller.SimpleAttributeDefinitionBuilder;
import org.jboss.as.controller.SimpleOperationDefinition;
import org.jboss.as.controller.SimpleOperationDefinitionBuilder;
import org.jboss.as.controller.SimpleResourceDefinition;
import org.jboss.as.controller.descriptions.StandardResourceDescriptionResolver;
import org.jboss.as.controller.registry.ManagementResourceRegistration;
import org.jboss.as.controller.registry.OperationEntry;
import org.jboss.as.controller.registry.Resource;
import org.jboss.dmr.ModelNode;
import org.jboss.dmr.ModelType;
import org.jboss.dmr.Property;
import org.wildfly.extension.elytron.CredentialStoreResourceDefinition;
import org.wildfly.extension.elytron._private.ElytronSubsystemMessages;
import org.wildfly.security.credential.PasswordCredential;
import org.wildfly.security.credential.store.CredentialStore;
import org.wildfly.security.credential.store.CredentialStoreException;
import org.wildfly.security.credential.store.UnsupportedCredentialTypeException;
import org.wildfly.security.password.PasswordFactory;
import org.wildfly.security.password.spec.ClearPasswordSpec;

/* loaded from: input_file:org/wildfly/extension/elytron/CredentialStoreAliasDefinition.class */
class CredentialStoreAliasDefinition extends SimpleResourceDefinition {
    static final String OTHER = "Other";
    private static final Class<?>[] SUPPORTED_CREDENTIAL_TYPES = {PasswordCredential.class};
    static final SimpleAttributeDefinition ENTRY_TYPE;
    static final StandardResourceDescriptionResolver RESOURCE_DESCRIPTION_RESOLVER;
    static final SimpleAttributeDefinition SECRET_VALUE;
    private static final AttributeDefinition[] CONFIG_ATTRIBUTES;
    private static final SimpleOperationDefinition ADD_DEFINITION;
    private static final AddHandler ADD_HANDLER;

    /* loaded from: input_file:org/wildfly/extension/elytron/CredentialStoreAliasDefinition$AddHandler.class */
    private static class AddHandler extends AbstractAddStepHandler {
        AddHandler() {
            super(CredentialStoreAliasDefinition.CONFIG_ATTRIBUTES);
        }

        protected void performRuntime(OperationContext operationContext, ModelNode modelNode, Resource resource) throws OperationFailedException {
            String alias = CredentialStoreAliasDefinition.alias(modelNode);
            String asStringIfDefined = ElytronExtension.asStringIfDefined(operationContext, CredentialStoreAliasDefinition.SECRET_VALUE, resource.getModel());
            String asStringIfDefined2 = ElytronExtension.asStringIfDefined(operationContext, CredentialStoreAliasDefinition.ENTRY_TYPE, resource.getModel());
            CredentialStore credentialStore = ((CredentialStoreService) operationContext.getServiceRegistry(false).getRequiredService(CredentialStoreResourceDefinition.CREDENTIAL_STORE_CLIENT_UTIL.serviceName(modelNode)).getService()).m14getValue().getCredentialStore();
            if (asStringIfDefined2 != null) {
                try {
                    if (!ElytronDescriptionConstants.CLEAR.equals(asStringIfDefined2)) {
                        throw ElytronSubsystemMessages.ROOT_LOGGER.credentialStoreEntryTypeNotSupported(CredentialStoreResourceDefinition.credentialStoreName(modelNode), asStringIfDefined2);
                    }
                } catch (CredentialStoreException e) {
                    throw ElytronSubsystemMessages.ROOT_LOGGER.unableToCompleteOperation(e, e.getLocalizedMessage());
                }
            }
            if (credentialStore.exists(alias, PasswordCredential.class)) {
                throw ElytronSubsystemMessages.ROOT_LOGGER.credentialAlreadyExists(alias, PasswordCredential.class.getName());
            }
            credentialStore.store(alias, CredentialStoreAliasDefinition.createCredentialFromPassword(asStringIfDefined.toCharArray()));
            credentialStore.flush();
        }

        public void execute(OperationContext operationContext, ModelNode modelNode) throws OperationFailedException {
            CredentialStoreAliasDefinition.transformOperationAddress(modelNode);
            super.execute(operationContext, modelNode);
        }

        protected Resource createResource(OperationContext operationContext, ModelNode modelNode) {
            Resource create = Resource.Factory.create(true);
            if (CredentialStoreAliasDefinition.sameAlias(operationContext, modelNode)) {
                operationContext.addResource(PathAddress.EMPTY_ADDRESS, create);
            }
            return create;
        }
    }

    /* loaded from: input_file:org/wildfly/extension/elytron/CredentialStoreAliasDefinition$RemoveHandler.class */
    private static class RemoveHandler extends CredentialStoreResourceDefinition.CredentialStoreRuntimeOnlyHandler {
        RemoveHandler() {
            super(true, true);
        }

        @Override // org.wildfly.extension.elytron.CredentialStoreResourceDefinition.CredentialStoreRuntimeOnlyHandler
        protected void performRuntime(ModelNode modelNode, OperationContext operationContext, ModelNode modelNode2, CredentialStoreService credentialStoreService) throws OperationFailedException {
            String alias = CredentialStoreAliasDefinition.alias(modelNode2);
            try {
                CredentialStore credentialStore = credentialStoreService.m14getValue().getCredentialStore();
                credentialStore.remove(alias, PasswordCredential.class);
                credentialStore.flush();
            } catch (CredentialStoreException e) {
                throw new OperationFailedException(e);
            }
        }
    }

    /* loaded from: input_file:org/wildfly/extension/elytron/CredentialStoreAliasDefinition$WriteAttributeHandler.class */
    private static class WriteAttributeHandler extends AbstractWriteAttributeHandler<String> {
        WriteAttributeHandler() {
            super(CredentialStoreAliasDefinition.CONFIG_ATTRIBUTES);
        }

        protected boolean applyUpdateToRuntime(OperationContext operationContext, ModelNode modelNode, String str, ModelNode modelNode2, ModelNode modelNode3, AbstractWriteAttributeHandler.HandbackHolder<String> handbackHolder) throws OperationFailedException {
            return false;
        }

        /* JADX INFO: Access modifiers changed from: protected */
        public void revertUpdateToRuntime(OperationContext operationContext, ModelNode modelNode, String str, ModelNode modelNode2, ModelNode modelNode3, String str2) throws OperationFailedException {
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public CredentialStoreAliasDefinition() {
        super(new SimpleResourceDefinition.Parameters(PathElement.pathElement(ElytronDescriptionConstants.ALIAS), RESOURCE_DESCRIPTION_RESOLVER).setRemoveHandler(new RemoveHandler()).setAddRestartLevel(OperationEntry.Flag.RESTART_NONE).setRemoveRestartLevel(OperationEntry.Flag.RESTART_NONE).setRuntime());
    }

    public void registerOperations(ManagementResourceRegistration managementResourceRegistration) {
        super.registerOperations(managementResourceRegistration);
        managementResourceRegistration.registerOperationHandler(ADD_DEFINITION, ADD_HANDLER);
    }

    public void registerAttributes(ManagementResourceRegistration managementResourceRegistration) {
        managementResourceRegistration.registerReadWriteAttribute(SECRET_VALUE, (OperationStepHandler) null, new WriteAttributeHandler());
        managementResourceRegistration.registerReadWriteAttribute(ENTRY_TYPE, (OperationStepHandler) null, new WriteAttributeHandler());
    }

    static String alias(ModelNode modelNode) {
        String str = null;
        PathAddress pathAddress = PathAddress.pathAddress(modelNode.require("address"));
        int size = pathAddress.size() - 1;
        while (true) {
            if (size <= 0) {
                break;
            }
            PathElement element = pathAddress.getElement(size);
            if (ElytronDescriptionConstants.ALIAS.equals(element.getKey())) {
                str = element.getValue();
                break;
            }
            size--;
        }
        if (str == null) {
            throw ElytronSubsystemMessages.ROOT_LOGGER.operationAddressMissingKey(ElytronDescriptionConstants.ALIAS);
        }
        return str.toLowerCase(Locale.ROOT);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static void transformOperationAddress(ModelNode modelNode) {
        Property propertyAliasFromOperation = propertyAliasFromOperation(modelNode);
        propertyAliasFromOperation.getValue().set(propertyAliasFromOperation.getValue().asString().toLowerCase(Locale.ROOT));
    }

    private static Property propertyAliasFromOperation(ModelNode modelNode) {
        Property property = null;
        Iterator it = modelNode.get("address").asPropertyList().iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            Property property2 = (Property) it.next();
            if (ElytronDescriptionConstants.ALIAS.equals(property2.getName())) {
                property = property2;
                break;
            }
        }
        return property;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static boolean sameAlias(OperationContext operationContext, ModelNode modelNode) {
        return propertyAliasFromOperation(modelNode).getValue().asString().equals(operationContext.getCurrentAddress().getLastElement().getValue());
    }

    static PasswordCredential createCredentialFromPassword(char[] cArr) throws UnsupportedCredentialTypeException {
        try {
            return new PasswordCredential(PasswordFactory.getInstance(ElytronDescriptionConstants.CLEAR).generatePassword(new ClearPasswordSpec(cArr)));
        } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
            throw new UnsupportedCredentialTypeException(e);
        }
    }

    static {
        List list = (List) Stream.of((Object[]) SUPPORTED_CREDENTIAL_TYPES).map((v0) -> {
            return v0.getName();
        }).collect(Collectors.toList());
        list.add(OTHER);
        ENTRY_TYPE = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.ENTRY_TYPE, ModelType.STRING, true).setStorageRuntime().setAllowedValues((String[]) list.toArray(new String[list.size()])).build();
        RESOURCE_DESCRIPTION_RESOLVER = ElytronExtension.getResourceDescriptionResolver(ElytronDescriptionConstants.CREDENTIAL_STORE, ElytronDescriptionConstants.ALIAS);
        SECRET_VALUE = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.SECRET_VALUE, ModelType.STRING, false).setStorageRuntime().build();
        CONFIG_ATTRIBUTES = new AttributeDefinition[]{SECRET_VALUE, ENTRY_TYPE};
        ADD_DEFINITION = new SimpleOperationDefinitionBuilder("add", RESOURCE_DESCRIPTION_RESOLVER).setParameters(new AttributeDefinition[]{SECRET_VALUE, ENTRY_TYPE}).build();
        ADD_HANDLER = new AddHandler();
    }
}
