package org.keycloak.adapters.wildfly;

import io.undertow.security.api.SecurityContext;
import io.undertow.server.HttpServerExchange;
import java.security.Principal;
import java.security.acl.Group;
import java.util.Collection;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.Set;
import javax.security.auth.Subject;
import org.jboss.logging.Logger;
import org.jboss.security.NestableGroup;
import org.jboss.security.SecurityContextAssociation;
import org.jboss.security.SimpleGroup;
import org.jboss.security.SimplePrincipal;
import org.keycloak.adapters.AdapterTokenStore;
import org.keycloak.adapters.HttpFacade;
import org.keycloak.adapters.KeycloakDeployment;
import org.keycloak.adapters.undertow.KeycloakUndertowAccount;
import org.keycloak.adapters.undertow.ServletRequestAuthenticator;

/* loaded from: input_file:WEB-INF/lib/keycloak-wildfly-adapter-1.2.0.Final.jar:org/keycloak/adapters/wildfly/WildflyRequestAuthenticator.class */
public class WildflyRequestAuthenticator extends ServletRequestAuthenticator {
    protected static Logger log = Logger.getLogger(WildflyRequestAuthenticator.class);

    public WildflyRequestAuthenticator(HttpFacade httpFacade, KeycloakDeployment keycloakDeployment, int i, SecurityContext securityContext, HttpServerExchange httpServerExchange, AdapterTokenStore adapterTokenStore) {
        super(httpFacade, keycloakDeployment, i, securityContext, httpServerExchange, adapterTokenStore);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.keycloak.adapters.undertow.ServletRequestAuthenticator, org.keycloak.adapters.undertow.AbstractUndertowRequestAuthenticator
    public void propagateKeycloakContext(KeycloakUndertowAccount keycloakUndertowAccount) {
        super.propagateKeycloakContext(keycloakUndertowAccount);
        SecurityInfoHelper.propagateSessionInfo(keycloakUndertowAccount);
        log.debug("propagate security context to wildfly");
        Subject subject = new Subject();
        Set<Principal> principals = subject.getPrincipals();
        principals.add(keycloakUndertowAccount.getPrincipal());
        for (Group group : getRoleSets(keycloakUndertowAccount.getRoles())) {
            Group createGroup = createGroup(group.getName(), principals);
            if (createGroup instanceof NestableGroup) {
                Group simpleGroup = new SimpleGroup("Roles");
                createGroup.addMember(simpleGroup);
                createGroup = simpleGroup;
            }
            Enumeration<? extends Principal> members = group.members();
            while (members.hasMoreElements()) {
                createGroup.addMember(members.nextElement());
            }
        }
        SimpleGroup simpleGroup2 = new SimpleGroup("CallerPrincipal");
        simpleGroup2.addMember(keycloakUndertowAccount.getPrincipal());
        principals.add(simpleGroup2);
        SecurityContextAssociation.getSecurityContext().getUtil().createSubjectInfo(getPrincipal(subject), keycloakUndertowAccount, subject);
    }

    protected Principal getPrincipal(Subject subject) {
        Set<Principal> principals;
        Principal principal = null;
        Principal principal2 = null;
        if (subject != null && (principals = subject.getPrincipals()) != null && !principals.isEmpty()) {
            for (Principal principal3 : principals) {
                if (!(principal3 instanceof Group) && principal == null) {
                    principal = principal3;
                }
                if (principal3 instanceof Group) {
                    Group group = (Group) Group.class.cast(principal3);
                    if (group.getName().equals("CallerPrincipal") && principal2 == null) {
                        Enumeration<? extends Principal> members = group.members();
                        if (members.hasMoreElements()) {
                            principal2 = members.nextElement();
                        }
                    }
                }
            }
        }
        return principal2 == null ? principal : principal2;
    }

    protected Group createGroup(String str, Set<Principal> set) {
        Group group = null;
        Iterator<Principal> it = set.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            Principal next = it.next();
            if (next instanceof Group) {
                Group group2 = (Group) next;
                if (group2.getName().equals(str)) {
                    group = group2;
                    break;
                }
            }
        }
        if (group == null) {
            group = new SimpleGroup(str);
            set.add(group);
        }
        return group;
    }

    protected Group[] getRoleSets(Collection<String> collection) {
        Group simpleGroup = new SimpleGroup("Roles");
        Group[] groupArr = {simpleGroup};
        Iterator<String> it = collection.iterator();
        while (it.hasNext()) {
            simpleGroup.addMember(new SimplePrincipal(it.next()));
        }
        return groupArr;
    }
}
