package org.wildfly.iiop.openjdk;

import com.sun.corba.se.spi.orb.ORB;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Iterator;
import java.util.Properties;
import javax.net.ssl.SSLContext;
import org.jboss.as.controller.AbstractBoottimeAddStepHandler;
import org.jboss.as.controller.AttributeDefinition;
import org.jboss.as.controller.OperationContext;
import org.jboss.as.controller.OperationFailedException;
import org.jboss.as.controller.OperationStepHandler;
import org.jboss.as.controller.PathAddress;
import org.jboss.as.controller.PersistentResourceDefinition;
import org.jboss.as.controller.PropertiesAttributeDefinition;
import org.jboss.as.controller.registry.Resource;
import org.jboss.as.naming.InitialContext;
import org.jboss.as.naming.service.DefaultNamespaceContextSelectorService;
import org.jboss.as.network.SocketBinding;
import org.jboss.as.server.AbstractDeploymentChainStep;
import org.jboss.as.server.DeploymentProcessorTarget;
import org.jboss.as.server.Services;
import org.jboss.as.server.deployment.Phase;
import org.jboss.dmr.ModelNode;
import org.jboss.dmr.Property;
import org.jboss.metadata.ejb.jboss.IORASContextMetaData;
import org.jboss.metadata.ejb.jboss.IORSASContextMetaData;
import org.jboss.metadata.ejb.jboss.IORSecurityConfigMetaData;
import org.jboss.metadata.ejb.jboss.IORTransportConfigMetaData;
import org.jboss.msc.service.ServiceBuilder;
import org.jboss.msc.service.ServiceController;
import org.omg.PortableServer.IdAssignmentPolicyValue;
import org.omg.PortableServer.LifespanPolicyValue;
import org.omg.PortableServer.POA;
import org.wildfly.iiop.openjdk.csiv2.CSIV2IORToSocketInfo;
import org.wildfly.iiop.openjdk.csiv2.ElytronSASClientInterceptor;
import org.wildfly.iiop.openjdk.deployment.IIOPDependencyProcessor;
import org.wildfly.iiop.openjdk.deployment.IIOPMarkerProcessor;
import org.wildfly.iiop.openjdk.logging.IIOPLogger;
import org.wildfly.iiop.openjdk.naming.jndi.JBossCNCtxFactory;
import org.wildfly.iiop.openjdk.rmi.DelegatingStubFactoryFactory;
import org.wildfly.iiop.openjdk.security.LegacySSLSocketFactory;
import org.wildfly.iiop.openjdk.security.NoSSLSocketFactory;
import org.wildfly.iiop.openjdk.security.SSLSocketFactory;
import org.wildfly.iiop.openjdk.service.CorbaNamingService;
import org.wildfly.iiop.openjdk.service.CorbaORBService;
import org.wildfly.iiop.openjdk.service.CorbaPOAService;
import org.wildfly.iiop.openjdk.service.IORSecConfigMetaDataService;
import org.wildfly.security.auth.client.AuthenticationContext;
import org.wildfly.security.manager.WildFlySecurityManager;

/* loaded from: input_file:org/wildfly/iiop/openjdk/IIOPSubsystemAdd.class */
public class IIOPSubsystemAdd extends AbstractBoottimeAddStepHandler {
    private static final String SSL_CONTEXT_CAPABILITY = "org.wildfly.security.ssl-context";
    private static final String AUTH_CONTEXT_CAPABILITY = "org.wildfly.security.authentication-context";

    public IIOPSubsystemAdd(Collection<? extends AttributeDefinition> collection) {
        super(collection);
    }

    protected void performBoottime(OperationContext operationContext, ModelNode modelNode, ModelNode modelNode2) throws OperationFailedException {
        operationContext.addStep(new OperationStepHandler() { // from class: org.wildfly.iiop.openjdk.IIOPSubsystemAdd.1
            public void execute(OperationContext operationContext2, ModelNode modelNode3) throws OperationFailedException {
                IIOPSubsystemAdd.this.launchServices(operationContext2, Resource.Tools.readModel(operationContext2.readResource(PathAddress.EMPTY_ADDRESS)));
                operationContext2.completeStep(OperationContext.RollbackHandler.NOOP_ROLLBACK_HANDLER);
            }
        }, OperationContext.Stage.RUNTIME);
    }

    protected void populateModel(OperationContext operationContext, ModelNode modelNode, Resource resource) throws OperationFailedException {
        super.populateModel(operationContext, modelNode, resource);
        ConfigValidator.validateConfig(operationContext, resource.getModel());
    }

    protected void launchServices(OperationContext operationContext, ModelNode modelNode) throws OperationFailedException {
        IIOPLogger.ROOT_LOGGER.activatingSubsystem();
        WildFlySecurityManager.setPropertyPrivileged("org.jboss.com.sun.CORBA.ORBUseDynamicStub", "true");
        ORB.getPresentationManager().setStubFactoryFactory(true, new DelegatingStubFactoryFactory());
        ORB.getPresentationManager().setStubFactoryFactory(false, new DelegatingStubFactoryFactory());
        InitialContext.addUrlContextFactory("corbaloc", JBossCNCtxFactory.INSTANCE);
        InitialContext.addUrlContextFactory("corbaname", JBossCNCtxFactory.INSTANCE);
        InitialContext.addUrlContextFactory("IOR", JBossCNCtxFactory.INSTANCE);
        InitialContext.addUrlContextFactory("iiopname", JBossCNCtxFactory.INSTANCE);
        InitialContext.addUrlContextFactory("iiop", JBossCNCtxFactory.INSTANCE);
        operationContext.addStep(new AbstractDeploymentChainStep() { // from class: org.wildfly.iiop.openjdk.IIOPSubsystemAdd.2
            public void execute(DeploymentProcessorTarget deploymentProcessorTarget) {
                deploymentProcessorTarget.addDeploymentProcessor(IIOPExtension.SUBSYSTEM_NAME, Phase.DEPENDENCIES, 4992, new IIOPDependencyProcessor());
                deploymentProcessorTarget.addDeploymentProcessor(IIOPExtension.SUBSYSTEM_NAME, Phase.PARSE, 16768, new IIOPMarkerProcessor());
            }
        }, OperationContext.Stage.RUNTIME);
        Properties configurationProperties = getConfigurationProperties(operationContext, modelNode);
        setupInitializers(configurationProperties);
        boolean z = setupSSLFactories(configurationProperties);
        CorbaORBService corbaORBService = new CorbaORBService(configurationProperties);
        ServiceBuilder addService = operationContext.getServiceTarget().addService(CorbaORBService.SERVICE_NAME, corbaORBService);
        Services.addServerExecutorDependency(addService, corbaORBService.getExecutorInjector());
        String property = configurationProperties.getProperty(Constants.SECURITY_SECURITY_DOMAIN);
        if (property != null) {
            addService.addDependency(operationContext.getCapabilityServiceName(Capabilities.CAPABILITY_LEGACY_SECURITY_DOMAIN, property, (Class) null));
            addService.addDependency(DefaultNamespaceContextSelectorService.SERVICE_NAME);
        }
        String property2 = configurationProperties.getProperty(Constants.SERVER_SSL_CONTEXT);
        if (property2 != null) {
            addService.addDependency(operationContext.getCapabilityServiceName(SSL_CONTEXT_CAPABILITY, property2, SSLContext.class));
        }
        String property3 = configurationProperties.getProperty(Constants.CLIENT_SSL_CONTEXT);
        if (property3 != null) {
            addService.addDependency(operationContext.getCapabilityServiceName(SSL_CONTEXT_CAPABILITY, property3, SSLContext.class));
        }
        String property4 = configurationProperties.getProperty(Constants.ORB_INIT_AUTH_CONTEXT);
        if (property4 != null) {
            addService.addDependency(operationContext.getCapabilityServiceName(AUTH_CONTEXT_CAPABILITY, property4, AuthenticationContext.class));
        }
        addService.addDependency(SocketBinding.JBOSS_BINDING_NAME.append(new String[]{configurationProperties.getProperty(Constants.ORB_SOCKET_BINDING)}), SocketBinding.class, corbaORBService.getIIOPSocketBindingInjector());
        String property5 = configurationProperties.getProperty(Constants.ORB_SSL_SOCKET_BINDING);
        if (property5 != null) {
            addService.addDependency(SocketBinding.JBOSS_BINDING_NAME.append(new String[]{property5}), SocketBinding.class, corbaORBService.getIIOPSSLSocketBindingInjector());
        }
        operationContext.getServiceTarget().addService(IORSecConfigMetaDataService.SERVICE_NAME, new IORSecConfigMetaDataService(createIORSecurityConfigMetaData(operationContext, modelNode, z))).setInitialMode(ServiceController.Mode.ACTIVE).install();
        addService.addDependency(IORSecConfigMetaDataService.SERVICE_NAME);
        addService.setInitialMode(ServiceController.Mode.ACTIVE).install();
        CorbaPOAService corbaPOAService = new CorbaPOAService("RootPOA", "poa");
        operationContext.getServiceTarget().addService(CorbaPOAService.ROOT_SERVICE_NAME, corbaPOAService).addDependency(CorbaORBService.SERVICE_NAME, org.omg.CORBA.ORB.class, corbaPOAService.getORBInjector()).setInitialMode(ServiceController.Mode.ACTIVE).install();
        CorbaPOAService corbaPOAService2 = new CorbaPOAService("IRPOA", "irpoa", IdAssignmentPolicyValue.USER_ID, null, null, LifespanPolicyValue.PERSISTENT, null, null, null);
        operationContext.getServiceTarget().addService(CorbaPOAService.INTERFACE_REPOSITORY_SERVICE_NAME, corbaPOAService2).addDependency(CorbaPOAService.ROOT_SERVICE_NAME, POA.class, corbaPOAService2.getParentPOAInjector()).setInitialMode(ServiceController.Mode.ACTIVE).install();
        CorbaPOAService corbaPOAService3 = new CorbaPOAService("Naming", null, IdAssignmentPolicyValue.USER_ID, null, null, LifespanPolicyValue.PERSISTENT, null, null, null);
        operationContext.getServiceTarget().addService(CorbaPOAService.SERVICE_NAME.append(new String[]{"namingpoa"}), corbaPOAService3).addDependency(CorbaPOAService.ROOT_SERVICE_NAME, POA.class, corbaPOAService3.getParentPOAInjector()).setInitialMode(ServiceController.Mode.ACTIVE).install();
        CorbaNamingService corbaNamingService = new CorbaNamingService(configurationProperties);
        operationContext.getServiceTarget().addService(CorbaNamingService.SERVICE_NAME, corbaNamingService).addDependency(CorbaORBService.SERVICE_NAME, org.omg.CORBA.ORB.class, corbaNamingService.getORBInjector()).addDependency(CorbaPOAService.ROOT_SERVICE_NAME, POA.class, corbaNamingService.getRootPOAInjector()).addDependency(CorbaPOAService.SERVICE_NAME.append(new String[]{"namingpoa"}), POA.class, corbaNamingService.getNamingPOAInjector()).setInitialMode(ServiceController.Mode.ACTIVE).install();
        configureClientSecurity(configurationProperties);
    }

    protected Properties getConfigurationProperties(OperationContext operationContext, ModelNode modelNode) throws OperationFailedException {
        Properties properties = new Properties();
        getResourceProperties(properties, IIOPRootDefinition.INSTANCE, operationContext, modelNode);
        ModelNode modelNode2 = modelNode.get(Constants.CONFIGURATION);
        if (modelNode2.hasDefined(Constants.PROPERTIES)) {
            for (Property property : modelNode2.get(Constants.PROPERTIES).get(Constants.PROPERTY).asPropertyList()) {
                properties.setProperty(property.getName(), property.getValue().get(Constants.PROPERTY_VALUE).asString());
            }
        }
        return properties;
    }

    private void getResourceProperties(Properties properties, PersistentResourceDefinition persistentResourceDefinition, OperationContext operationContext, ModelNode modelNode) throws OperationFailedException {
        for (PropertiesAttributeDefinition propertiesAttributeDefinition : persistentResourceDefinition.getAttributes()) {
            if (propertiesAttributeDefinition instanceof PropertiesAttributeDefinition) {
                ModelNode resolveModelAttribute = propertiesAttributeDefinition.resolveModelAttribute(operationContext, modelNode);
                if (resolveModelAttribute.isDefined()) {
                    for (Property property : resolveModelAttribute.asPropertyList()) {
                        properties.setProperty(property.getName(), property.getValue().asString());
                    }
                }
            } else {
                ModelNode resolveModelAttribute2 = propertiesAttributeDefinition.resolveModelAttribute(operationContext, modelNode);
                if (resolveModelAttribute2.isDefined()) {
                    String name = propertiesAttributeDefinition.getName();
                    String asString = resolveModelAttribute2.asString();
                    String str = PropertiesMap.PROPS_MAP.get(name);
                    if (str != null) {
                        name = str;
                    }
                    properties.setProperty(name, asString);
                }
            }
        }
    }

    private void setupInitializers(Properties properties) {
        ArrayList arrayList = new ArrayList();
        String str = (String) properties.remove("security");
        if (str.equalsIgnoreCase(Constants.CLIENT)) {
            arrayList.addAll(Arrays.asList(IIOPInitializer.SECURITY_CLIENT.getInitializerClasses()));
        } else if (str.equalsIgnoreCase(Constants.IDENTITY)) {
            arrayList.addAll(Arrays.asList(IIOPInitializer.SECURITY_IDENTITY.getInitializerClasses()));
        } else if (str.equalsIgnoreCase(Constants.ELYTRON)) {
            ElytronSASClientInterceptor.setAuthenticationContextName(properties.getProperty(Constants.ORB_INIT_AUTH_CONTEXT));
            arrayList.addAll(Arrays.asList(IIOPInitializer.SECURITY_ELYTRON.getInitializerClasses()));
        }
        String str2 = (String) properties.remove(Constants.ORB_INIT_TRANSACTIONS);
        if (str2.equalsIgnoreCase(Constants.FULL)) {
            arrayList.addAll(Arrays.asList(IIOPInitializer.TRANSACTIONS.getInitializerClasses()));
        } else if (str2.equalsIgnoreCase(Constants.SPEC)) {
            arrayList.addAll(Arrays.asList(IIOPInitializer.SPEC_TRANSACTIONS.getInitializerClasses()));
        }
        Iterator it = arrayList.iterator();
        while (it.hasNext()) {
            properties.setProperty(Constants.ORB_INITIALIZER_PREFIX + ((String) it.next()), "");
        }
    }

    private boolean setupSSLFactories(Properties properties) throws OperationFailedException {
        boolean z;
        if ("true".equalsIgnoreCase(properties.getProperty(Constants.SECURITY_SUPPORT_SSL))) {
            String property = properties.getProperty(Constants.SERVER_SSL_CONTEXT);
            String property2 = properties.getProperty(Constants.CLIENT_SSL_CONTEXT);
            if (property == null || property2 == null) {
                LegacySSLSocketFactory.setSecurityDomain(properties.getProperty(Constants.SECURITY_SECURITY_DOMAIN));
                properties.setProperty("com.sun.CORBA.transport.ORBSocketFactoryClass", LegacySSLSocketFactory.class.getName());
            } else {
                SSLSocketFactory.setServerSSLContextName(property);
                SSLSocketFactory.setClientSSLContextName(property2);
                properties.setProperty("com.sun.CORBA.transport.ORBSocketFactoryClass", SSLSocketFactory.class.getName());
            }
            z = true;
        } else {
            properties.setProperty("com.sun.CORBA.transport.ORBSocketFactoryClass", NoSSLSocketFactory.class.getName());
            z = false;
        }
        return z;
    }

    private IORSecurityConfigMetaData createIORSecurityConfigMetaData(OperationContext operationContext, ModelNode modelNode, boolean z) throws OperationFailedException {
        IORSecurityConfigMetaData iORSecurityConfigMetaData = new IORSecurityConfigMetaData();
        IORSASContextMetaData iORSASContextMetaData = new IORSASContextMetaData();
        iORSASContextMetaData.setCallerPropagation(IIOPRootDefinition.CALLER_PROPAGATION.resolveModelAttribute(operationContext, modelNode).asString());
        iORSecurityConfigMetaData.setSasContext(iORSASContextMetaData);
        IORASContextMetaData iORASContextMetaData = new IORASContextMetaData();
        iORASContextMetaData.setAuthMethod(IIOPRootDefinition.AUTH_METHOD.resolveModelAttribute(operationContext, modelNode).asString());
        if (modelNode.hasDefined(IIOPRootDefinition.REALM.getName())) {
            iORASContextMetaData.setRealm(IIOPRootDefinition.REALM.resolveModelAttribute(operationContext, modelNode).asString());
        }
        iORASContextMetaData.setRequired(IIOPRootDefinition.REQUIRED.resolveModelAttribute(operationContext, modelNode).asBoolean());
        iORSecurityConfigMetaData.setAsContext(iORASContextMetaData);
        boolean asBoolean = IIOPRootDefinition.SERVER_REQUIRES_SSL.resolveModelAttribute(operationContext, modelNode).asBoolean();
        IORTransportConfigMetaData iORTransportConfigMetaData = new IORTransportConfigMetaData();
        ModelNode resolveModelAttribute = IIOPRootDefinition.INTEGRITY.resolveModelAttribute(operationContext, modelNode);
        if (resolveModelAttribute.isDefined()) {
            iORTransportConfigMetaData.setIntegrity(resolveModelAttribute.asString());
        } else {
            iORTransportConfigMetaData.setIntegrity(z ? asBoolean ? "required" : Constants.IOR_SUPPORTED : "none");
        }
        ModelNode resolveModelAttribute2 = IIOPRootDefinition.CONFIDENTIALITY.resolveModelAttribute(operationContext, modelNode);
        if (resolveModelAttribute2.isDefined()) {
            iORTransportConfigMetaData.setConfidentiality(resolveModelAttribute2.asString());
        } else {
            iORTransportConfigMetaData.setConfidentiality(z ? asBoolean ? "required" : Constants.IOR_SUPPORTED : "none");
        }
        if (IIOPRootDefinition.TRUST_IN_TARGET.resolveModelAttribute(operationContext, modelNode).isDefined()) {
            iORTransportConfigMetaData.setEstablishTrustInTarget(resolveModelAttribute2.asString());
        } else {
            iORTransportConfigMetaData.setEstablishTrustInTarget(z ? Constants.IOR_SUPPORTED : "none");
        }
        ModelNode resolveModelAttribute3 = IIOPRootDefinition.TRUST_IN_CLIENT.resolveModelAttribute(operationContext, modelNode);
        if (resolveModelAttribute3.isDefined()) {
            iORTransportConfigMetaData.setEstablishTrustInClient(resolveModelAttribute3.asString());
        } else {
            iORTransportConfigMetaData.setEstablishTrustInClient(z ? asBoolean ? "required" : Constants.IOR_SUPPORTED : "none");
        }
        iORTransportConfigMetaData.setDetectMisordering(Constants.IOR_SUPPORTED);
        iORTransportConfigMetaData.setDetectReplay(Constants.IOR_SUPPORTED);
        iORSecurityConfigMetaData.setTransportConfig(iORTransportConfigMetaData);
        return iORSecurityConfigMetaData;
    }

    private void configureClientSecurity(Properties properties) {
        CSIV2IORToSocketInfo.setClientRequiresSSL(Boolean.getBoolean(properties.getProperty(Constants.SECURITY_CLIENT_REQUIRES_SSL)));
    }
}
