package org.jboss.as.ejb3.subsystem;

import java.util.Arrays;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import org.jboss.as.controller.AbstractAddStepHandler;
import org.jboss.as.controller.AttributeDefinition;
import org.jboss.as.controller.CapabilityServiceBuilder;
import org.jboss.as.controller.OperationContext;
import org.jboss.as.controller.OperationFailedException;
import org.jboss.as.controller.OperationStepHandler;
import org.jboss.as.controller.PathElement;
import org.jboss.as.controller.ReloadRequiredWriteAttributeHandler;
import org.jboss.as.controller.ServiceRemoveStepHandler;
import org.jboss.as.controller.SimpleAttributeDefinition;
import org.jboss.as.controller.SimpleAttributeDefinitionBuilder;
import org.jboss.as.controller.SimpleResourceDefinition;
import org.jboss.as.controller.StringListAttributeDefinition;
import org.jboss.as.controller.access.constraint.ApplicationTypeConfig;
import org.jboss.as.controller.access.constraint.SensitivityClassification;
import org.jboss.as.controller.access.management.AccessConstraintDefinition;
import org.jboss.as.controller.access.management.ApplicationTypeAccessConstraintDefinition;
import org.jboss.as.controller.access.management.SensitiveTargetAccessConstraintDefinition;
import org.jboss.as.controller.capability.RuntimeCapability;
import org.jboss.as.controller.operations.validation.StringLengthValidator;
import org.jboss.as.controller.registry.AttributeAccess;
import org.jboss.as.controller.registry.ManagementResourceRegistration;
import org.jboss.as.controller.registry.Resource;
import org.jboss.as.ejb3.security.ApplicationSecurityDomainConfig;
import org.jboss.as.ejb3.subsystem.ApplicationSecurityDomainService;
import org.jboss.dmr.ModelNode;
import org.jboss.dmr.ModelType;
import org.jboss.msc.service.ServiceController;
import org.jboss.msc.service.ServiceName;
import org.wildfly.security.auth.server.SecurityDomain;

/* loaded from: input_file:org/jboss/as/ejb3/subsystem/ApplicationSecurityDomainDefinition.class */
public class ApplicationSecurityDomainDefinition extends SimpleResourceDefinition {
    public static final String CAPABILITY_APPLICATION_SECURITY_DOMAIN_KNOWN_DEPLOYMENTS = "org.wildfly.ejb3.application-security-domain.known-deployments";
    public static final String APPLICATION_SECURITY_DOMAIN_CAPABILITY_NAME = "org.wildfly.ejb3.application-security-domain";
    static final RuntimeCapability<Void> APPLICATION_SECURITY_DOMAIN_CAPABILITY = RuntimeCapability.Builder.of(APPLICATION_SECURITY_DOMAIN_CAPABILITY_NAME, true, ApplicationSecurityDomainService.ApplicationSecurityDomain.class).build();
    private static final String SECURITY_DOMAIN_CAPABILITY_NAME = "org.wildfly.security.security-domain";
    static final SimpleAttributeDefinition SECURITY_DOMAIN = new SimpleAttributeDefinitionBuilder(EJB3SubsystemModel.SECURITY_DOMAIN, ModelType.STRING, false).setValidator(new StringLengthValidator(1)).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_ALL_SERVICES}).setCapabilityReference(SECURITY_DOMAIN_CAPABILITY_NAME, APPLICATION_SECURITY_DOMAIN_CAPABILITY).setAccessConstraints(new AccessConstraintDefinition[]{SensitiveTargetAccessConstraintDefinition.ELYTRON_SECURITY_DOMAIN_REF}).build();
    private static final StringListAttributeDefinition REFERENCING_DEPLOYMENTS = new StringListAttributeDefinition.Builder(EJB3SubsystemModel.REFERENCING_DEPLOYMENTS).setStorageRuntime().build();
    static final SimpleAttributeDefinition ENABLE_JACC = new SimpleAttributeDefinitionBuilder(EJB3SubsystemModel.ENABLE_JACC, ModelType.BOOLEAN, true).setDefaultValue(ModelNode.FALSE).setMinSize(1).setRestartAllServices().build();
    static final SimpleAttributeDefinition LEGACY_COMPLIANT_PRINCIPAL_PROPAGATION = new SimpleAttributeDefinitionBuilder(EJB3SubsystemModel.LEGACY_COMPLIANT_PRINCIPAL_PROPAGATION, ModelType.BOOLEAN, true).setDefaultValue(ModelNode.TRUE).setRestartAllServices().build();
    private static final AttributeDefinition[] ATTRIBUTES = {SECURITY_DOMAIN, ENABLE_JACC, LEGACY_COMPLIANT_PRINCIPAL_PROPAGATION};
    private static final OperationContext.AttachmentKey<KnownDeploymentsApi> KNOWN_DEPLOYMENTS_KEY = OperationContext.AttachmentKey.create(KnownDeploymentsApi.class);

    /* loaded from: input_file:org/jboss/as/ejb3/subsystem/ApplicationSecurityDomainDefinition$AddHandler.class */
    private static class AddHandler extends AbstractAddStepHandler {
        private final Set<ApplicationSecurityDomainConfig> knownApplicationSecurityDomains;

        private AddHandler(Set<ApplicationSecurityDomainConfig> set) {
            super(ApplicationSecurityDomainDefinition.ATTRIBUTES);
            this.knownApplicationSecurityDomains = set;
        }

        protected void recordCapabilitiesAndRequirements(OperationContext operationContext, ModelNode modelNode, Resource resource) throws OperationFailedException {
            super.recordCapabilitiesAndRequirements(operationContext, modelNode, resource);
            KnownDeploymentsApi knownDeploymentsApi = new KnownDeploymentsApi();
            operationContext.registerCapability(RuntimeCapability.Builder.of(ApplicationSecurityDomainDefinition.CAPABILITY_APPLICATION_SECURITY_DOMAIN_KNOWN_DEPLOYMENTS, true, knownDeploymentsApi).build().fromBaseCapability(operationContext.getCurrentAddressValue()));
            operationContext.attach(ApplicationSecurityDomainDefinition.KNOWN_DEPLOYMENTS_KEY, knownDeploymentsApi);
        }

        protected void populateModel(OperationContext operationContext, ModelNode modelNode, Resource resource) throws OperationFailedException {
            super.populateModel(operationContext, modelNode, resource);
            ModelNode model = resource.getModel();
            boolean z = false;
            boolean z2 = true;
            if (model.hasDefined(ApplicationSecurityDomainDefinition.ENABLE_JACC.getName())) {
                z = ApplicationSecurityDomainDefinition.ENABLE_JACC.resolveModelAttribute(operationContext, model).asBoolean();
            }
            if (model.hasDefined(ApplicationSecurityDomainDefinition.LEGACY_COMPLIANT_PRINCIPAL_PROPAGATION.getName())) {
                z2 = ApplicationSecurityDomainDefinition.LEGACY_COMPLIANT_PRINCIPAL_PROPAGATION.resolveModelAttribute(operationContext, model).asBoolean();
            }
            this.knownApplicationSecurityDomains.add(new ApplicationSecurityDomainConfig(operationContext.getCurrentAddressValue(), z, z2));
        }

        protected void performRuntime(OperationContext operationContext, ModelNode modelNode, ModelNode modelNode2) throws OperationFailedException {
            String asString = ApplicationSecurityDomainDefinition.SECURITY_DOMAIN.resolveModelAttribute(operationContext, modelNode2).asString();
            boolean asBoolean = ApplicationSecurityDomainDefinition.ENABLE_JACC.resolveModelAttribute(operationContext, modelNode2).asBoolean();
            ApplicationSecurityDomainDefinition.LEGACY_COMPLIANT_PRINCIPAL_PROPAGATION.resolveModelAttribute(operationContext, modelNode2).asBoolean();
            ServiceName capabilityServiceName = ApplicationSecurityDomainDefinition.APPLICATION_SECURITY_DOMAIN_CAPABILITY.fromBaseCapability(operationContext.getCurrentAddressValue()).getCapabilityServiceName(ApplicationSecurityDomainService.ApplicationSecurityDomain.class);
            ServiceName append = capabilityServiceName.append(new String[]{EJB3SubsystemModel.SECURITY_DOMAIN});
            CapabilityServiceBuilder initialMode = operationContext.getCapabilityServiceTarget().addCapability(ApplicationSecurityDomainDefinition.APPLICATION_SECURITY_DOMAIN_CAPABILITY).setInitialMode(ServiceController.Mode.LAZY);
            ApplicationSecurityDomainService applicationSecurityDomainService = new ApplicationSecurityDomainService(asBoolean, initialMode.requires(operationContext.getCapabilityServiceName(ApplicationSecurityDomainDefinition.SECURITY_DOMAIN_CAPABILITY_NAME, asString, SecurityDomain.class)), initialMode.provides(new ServiceName[]{capabilityServiceName}), initialMode.provides(new ServiceName[]{append}));
            initialMode.setInstance(applicationSecurityDomainService);
            initialMode.install();
            ((KnownDeploymentsApi) operationContext.getAttachment(ApplicationSecurityDomainDefinition.KNOWN_DEPLOYMENTS_KEY)).setApplicationSecurityDomainService(applicationSecurityDomainService);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/jboss/as/ejb3/subsystem/ApplicationSecurityDomainDefinition$KnownDeploymentsApi.class */
    public static class KnownDeploymentsApi {
        private volatile ApplicationSecurityDomainService service;

        private KnownDeploymentsApi() {
        }

        List<String> getKnownDeployments() {
            return this.service != null ? Arrays.asList(this.service.getDeployments()) : Collections.emptyList();
        }

        void setApplicationSecurityDomainService(ApplicationSecurityDomainService applicationSecurityDomainService) {
            this.service = applicationSecurityDomainService;
        }
    }

    /* loaded from: input_file:org/jboss/as/ejb3/subsystem/ApplicationSecurityDomainDefinition$ReferencingDeploymentsHandler.class */
    private static class ReferencingDeploymentsHandler implements OperationStepHandler {
        private ReferencingDeploymentsHandler() {
        }

        public void execute(OperationContext operationContext, ModelNode modelNode) throws OperationFailedException {
            if (operationContext.isDefaultRequiresRuntime()) {
                operationContext.addStep((operationContext2, modelNode2) -> {
                    KnownDeploymentsApi knownDeploymentsApi = (KnownDeploymentsApi) operationContext.getCapabilityRuntimeAPI(ApplicationSecurityDomainDefinition.CAPABILITY_APPLICATION_SECURITY_DOMAIN_KNOWN_DEPLOYMENTS, operationContext2.getCurrentAddressValue(), KnownDeploymentsApi.class);
                    ModelNode modelNode2 = new ModelNode();
                    Iterator<String> it = knownDeploymentsApi.getKnownDeployments().iterator();
                    while (it.hasNext()) {
                        modelNode2.add(it.next());
                    }
                    operationContext.getResult().set(modelNode2);
                }, OperationContext.Stage.RUNTIME);
            }
        }
    }

    /* loaded from: input_file:org/jboss/as/ejb3/subsystem/ApplicationSecurityDomainDefinition$RemoveHandler.class */
    private static class RemoveHandler extends ServiceRemoveStepHandler {
        private final Set<ApplicationSecurityDomainConfig> knownApplicationSecurityDomains;

        protected RemoveHandler(AddHandler addHandler) {
            super(addHandler);
            this.knownApplicationSecurityDomains = addHandler.knownApplicationSecurityDomains;
        }

        protected void performRemove(OperationContext operationContext, ModelNode modelNode, ModelNode modelNode2) throws OperationFailedException {
            super.performRemove(operationContext, modelNode, modelNode2);
            String currentAddressValue = operationContext.getCurrentAddressValue();
            this.knownApplicationSecurityDomains.removeIf(applicationSecurityDomainConfig -> {
                return applicationSecurityDomainConfig.isSameDomain(currentAddressValue);
            });
        }

        protected void recordCapabilitiesAndRequirements(OperationContext operationContext, ModelNode modelNode, Resource resource) throws OperationFailedException {
            super.recordCapabilitiesAndRequirements(operationContext, modelNode, resource);
            operationContext.deregisterCapability(RuntimeCapability.buildDynamicCapabilityName(ApplicationSecurityDomainDefinition.CAPABILITY_APPLICATION_SECURITY_DOMAIN_KNOWN_DEPLOYMENTS, operationContext.getCurrentAddressValue()));
        }

        protected ServiceName serviceName(String str) {
            return ApplicationSecurityDomainDefinition.APPLICATION_SECURITY_DOMAIN_CAPABILITY.getCapabilityServiceName(ApplicationSecurityDomainService.ApplicationSecurityDomain.class, new String[]{str});
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public ApplicationSecurityDomainDefinition(Set<ApplicationSecurityDomainConfig> set) {
        this(new SimpleResourceDefinition.Parameters(PathElement.pathElement(EJB3SubsystemModel.APPLICATION_SECURITY_DOMAIN), EJB3Extension.getResourceDescriptionResolver(EJB3SubsystemModel.APPLICATION_SECURITY_DOMAIN)).setCapabilities(new RuntimeCapability[]{APPLICATION_SECURITY_DOMAIN_CAPABILITY}).addAccessConstraints(new AccessConstraintDefinition[]{new SensitiveTargetAccessConstraintDefinition(new SensitivityClassification("ejb3", EJB3SubsystemModel.APPLICATION_SECURITY_DOMAIN, false, false, false)), new ApplicationTypeAccessConstraintDefinition(new ApplicationTypeConfig("ejb3", EJB3SubsystemModel.APPLICATION_SECURITY_DOMAIN))}), new AddHandler(set));
    }

    private ApplicationSecurityDomainDefinition(SimpleResourceDefinition.Parameters parameters, AddHandler addHandler) {
        super(parameters.setAddHandler(addHandler).setRemoveHandler(new RemoveHandler(addHandler)));
    }

    public void registerAttributes(ManagementResourceRegistration managementResourceRegistration) {
        ReloadRequiredWriteAttributeHandler reloadRequiredWriteAttributeHandler = new ReloadRequiredWriteAttributeHandler(ATTRIBUTES);
        for (AttributeDefinition attributeDefinition : ATTRIBUTES) {
            managementResourceRegistration.registerReadWriteAttribute(attributeDefinition, (OperationStepHandler) null, reloadRequiredWriteAttributeHandler);
        }
        if (managementResourceRegistration.getProcessType().isServer()) {
            managementResourceRegistration.registerReadOnlyAttribute(REFERENCING_DEPLOYMENTS, new ReferencingDeploymentsHandler());
        }
    }
}
