package org.jboss.as.ejb3.subsystem;

import java.util.ArrayList;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import java.util.function.BooleanSupplier;
import java.util.function.Consumer;
import java.util.function.Function;
import org.jboss.as.controller.AbstractAddStepHandler;
import org.jboss.as.controller.AttributeDefinition;
import org.jboss.as.controller.OperationContext;
import org.jboss.as.controller.OperationFailedException;
import org.jboss.as.controller.OperationStepHandler;
import org.jboss.as.controller.ReloadRequiredRemoveStepHandler;
import org.jboss.as.controller.ReloadRequiredWriteAttributeHandler;
import org.jboss.as.controller.SimpleResourceDefinition;
import org.jboss.as.controller.StringListAttributeDefinition;
import org.jboss.as.controller.access.management.AccessConstraintDefinition;
import org.jboss.as.controller.access.management.SensitiveTargetAccessConstraintDefinition;
import org.jboss.as.controller.capability.RuntimeCapability;
import org.jboss.as.controller.registry.AttributeAccess;
import org.jboss.as.controller.registry.ManagementResourceRegistration;
import org.jboss.as.controller.registry.OperationEntry;
import org.jboss.as.controller.registry.Resource;
import org.jboss.dmr.ModelNode;
import org.jboss.msc.inject.Injector;
import org.jboss.msc.service.Service;
import org.jboss.msc.service.ServiceBuilder;
import org.jboss.msc.service.ServiceController;
import org.jboss.msc.service.StartContext;
import org.jboss.msc.service.StartException;
import org.jboss.msc.service.StopContext;
import org.jboss.msc.value.InjectedValue;
import org.wildfly.security.auth.server.RealmUnavailableException;
import org.wildfly.security.auth.server.SecurityDomain;
import org.wildfly.security.auth.server.SecurityIdentity;
import org.wildfly.security.auth.server.ServerAuthenticationContext;

/* loaded from: input_file:org/jboss/as/ejb3/subsystem/IdentityResourceDefinition.class */
public class IdentityResourceDefinition extends SimpleResourceDefinition {
    public static final String IDENTITY_CAPABILITY = "org.wildfly.ejb3.identity";
    static final RuntimeCapability<Void> IDENTITY_RUNTIME_CAPABILITY = RuntimeCapability.Builder.of(IDENTITY_CAPABILITY, Consumer.class).build();
    private static final String SECURITY_DOMAIN_CAPABILITY = "org.wildfly.security.security-domain";
    public static final StringListAttributeDefinition OUTFLOW_SECURITY_DOMAINS = new StringListAttributeDefinition.Builder(EJB3SubsystemModel.OUTFLOW_SECURITY_DOMAINS).setRequired(false).setMinSize(1).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_ALL_SERVICES}).setCapabilityReference(SECURITY_DOMAIN_CAPABILITY, IDENTITY_CAPABILITY, false).setAccessConstraints(new AccessConstraintDefinition[]{SensitiveTargetAccessConstraintDefinition.ELYTRON_SECURITY_DOMAIN_REF}).build();
    static final IdentityResourceDefinition INSTANCE = new IdentityResourceDefinition();
    private static final AttributeDefinition[] ATTRIBUTES = {OUTFLOW_SECURITY_DOMAINS};
    private static List<String> outflowSecurityDomains = Collections.synchronizedList(new ArrayList());

    /* loaded from: input_file:org/jboss/as/ejb3/subsystem/IdentityResourceDefinition$AddHandler.class */
    private static class AddHandler extends AbstractAddStepHandler {
        private AddHandler() {
            super(IdentityResourceDefinition.IDENTITY_RUNTIME_CAPABILITY, new AttributeDefinition[]{IdentityResourceDefinition.OUTFLOW_SECURITY_DOMAINS});
        }

        protected void populateModel(OperationContext operationContext, ModelNode modelNode, Resource resource) throws OperationFailedException {
            super.populateModel(operationContext, modelNode, resource);
            List unused = IdentityResourceDefinition.outflowSecurityDomains = IdentityResourceDefinition.OUTFLOW_SECURITY_DOMAINS.unwrap(operationContext, resource.getModel());
        }

        protected void performRuntime(OperationContext operationContext, ModelNode modelNode, ModelNode modelNode2) throws OperationFailedException {
            IdentityService identityService = new IdentityService();
            ServiceBuilder initialMode = operationContext.getServiceTarget().addService(IdentityResourceDefinition.IDENTITY_RUNTIME_CAPABILITY.getCapabilityServiceName(), identityService).setInitialMode(ServiceController.Mode.ACTIVE);
            Iterator it = IdentityResourceDefinition.outflowSecurityDomains.iterator();
            while (it.hasNext()) {
                initialMode.addDependency(operationContext.getCapabilityServiceName(IdentityResourceDefinition.SECURITY_DOMAIN_CAPABILITY, (String) it.next(), SecurityDomain.class), SecurityDomain.class, identityService.createOutflowSecurityDomainInjector());
            }
            initialMode.install();
        }
    }

    /* loaded from: input_file:org/jboss/as/ejb3/subsystem/IdentityResourceDefinition$IdentityService.class */
    static class IdentityService implements Service<Function<SecurityIdentity, Set<SecurityIdentity>>> {
        private final List<InjectedValue<SecurityDomain>> outflowSecurityDomainInjectors = new ArrayList();
        private Set<SecurityDomain> outflowSecurityDomains = new HashSet();

        IdentityService() {
        }

        public void start(StartContext startContext) throws StartException {
            HashSet hashSet = new HashSet();
            Iterator<InjectedValue<SecurityDomain>> it = this.outflowSecurityDomainInjectors.iterator();
            while (it.hasNext()) {
                hashSet.add((SecurityDomain) it.next().getValue());
            }
            this.outflowSecurityDomains.addAll(hashSet);
        }

        private Set<SecurityIdentity> outflowIdentity(SecurityIdentity securityIdentity) {
            HashSet hashSet = new HashSet(this.outflowSecurityDomains.size());
            if (securityIdentity != null) {
                Iterator<SecurityDomain> it = this.outflowSecurityDomains.iterator();
                while (it.hasNext()) {
                    try {
                        ServerAuthenticationContext createNewAuthenticationContext = it.next().createNewAuthenticationContext();
                        if (createNewAuthenticationContext.importIdentity(securityIdentity)) {
                            hashSet.add(createNewAuthenticationContext.getAuthorizedIdentity());
                        }
                    } catch (RealmUnavailableException | IllegalStateException e) {
                    }
                }
            }
            return hashSet;
        }

        public void stop(StopContext stopContext) {
            this.outflowSecurityDomains = null;
        }

        /* renamed from: getValue, reason: merged with bridge method [inline-methods] */
        public Function<SecurityIdentity, Set<SecurityIdentity>> m258getValue() throws IllegalStateException, IllegalArgumentException {
            return this::outflowIdentity;
        }

        Injector<SecurityDomain> createOutflowSecurityDomainInjector() {
            InjectedValue<SecurityDomain> injectedValue = new InjectedValue<>();
            this.outflowSecurityDomainInjectors.add(injectedValue);
            return injectedValue;
        }
    }

    private IdentityResourceDefinition() {
        this(new SimpleResourceDefinition.Parameters(EJB3SubsystemModel.IDENTITY_PATH, EJB3Extension.getResourceDescriptionResolver(EJB3SubsystemModel.IDENTITY)).setCapabilities(new RuntimeCapability[]{IDENTITY_RUNTIME_CAPABILITY}), new AddHandler());
    }

    private IdentityResourceDefinition(SimpleResourceDefinition.Parameters parameters, AbstractAddStepHandler abstractAddStepHandler) {
        super(parameters.setAddHandler(abstractAddStepHandler).setRemoveHandler(new ReloadRequiredRemoveStepHandler(new RuntimeCapability[]{IDENTITY_RUNTIME_CAPABILITY})).setRemoveRestartLevel(OperationEntry.Flag.RESTART_ALL_SERVICES));
    }

    public void registerAttributes(ManagementResourceRegistration managementResourceRegistration) {
        outflowSecurityDomains.clear();
        ReloadRequiredWriteAttributeHandler reloadRequiredWriteAttributeHandler = new ReloadRequiredWriteAttributeHandler(ATTRIBUTES);
        for (AttributeDefinition attributeDefinition : ATTRIBUTES) {
            managementResourceRegistration.registerReadWriteAttribute(attributeDefinition, (OperationStepHandler) null, reloadRequiredWriteAttributeHandler);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public BooleanSupplier getOutflowSecurityDomainsConfiguredSupplier() {
        return () -> {
            return !outflowSecurityDomains.isEmpty();
        };
    }
}
