package org.wildfly.extension.elytron;

import java.security.NoSuchAlgorithmException;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.KeySpec;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.TimeoutException;
import org.jboss.as.controller.AttributeDefinition;
import org.jboss.as.controller.DelegatingResourceDefinition;
import org.jboss.as.controller.ObjectTypeAttributeDefinition;
import org.jboss.as.controller.OperationContext;
import org.jboss.as.controller.OperationFailedException;
import org.jboss.as.controller.ResourceDefinition;
import org.jboss.as.controller.SimpleAttributeDefinition;
import org.jboss.as.controller.SimpleAttributeDefinitionBuilder;
import org.jboss.as.controller.SimpleListAttributeDefinition;
import org.jboss.as.controller.SimpleOperationDefinitionBuilder;
import org.jboss.as.controller.descriptions.ResourceDescriptionResolver;
import org.jboss.as.controller.descriptions.StandardResourceDescriptionResolver;
import org.jboss.as.controller.operations.validation.StringAllowedValuesValidator;
import org.jboss.as.controller.registry.ManagementResourceRegistration;
import org.jboss.dmr.ModelNode;
import org.jboss.dmr.ModelType;
import org.jboss.msc.service.ServiceController;
import org.wildfly.extension.elytron._private.ElytronSubsystemMessages;
import org.wildfly.security.auth.principal.NamePrincipal;
import org.wildfly.security.auth.server.ModifiableRealmIdentity;
import org.wildfly.security.auth.server.ModifiableSecurityRealm;
import org.wildfly.security.auth.server.RealmIdentity;
import org.wildfly.security.auth.server.RealmUnavailableException;
import org.wildfly.security.authz.Attributes;
import org.wildfly.security.authz.AuthorizationIdentity;
import org.wildfly.security.authz.MapAttributes;
import org.wildfly.security.credential.PasswordCredential;
import org.wildfly.security.password.Password;
import org.wildfly.security.password.PasswordFactory;
import org.wildfly.security.password.interfaces.DigestPassword;
import org.wildfly.security.password.interfaces.OneTimePassword;
import org.wildfly.security.password.interfaces.SaltedSimpleDigestPassword;
import org.wildfly.security.password.interfaces.ScramDigestPassword;
import org.wildfly.security.password.interfaces.SimpleDigestPassword;
import org.wildfly.security.password.spec.ClearPasswordSpec;
import org.wildfly.security.password.spec.DigestPasswordAlgorithmSpec;
import org.wildfly.security.password.spec.EncryptablePasswordSpec;
import org.wildfly.security.password.spec.IteratedSaltedPasswordAlgorithmSpec;
import org.wildfly.security.password.spec.OneTimePasswordAlgorithmSpec;
import org.wildfly.security.password.spec.SaltedPasswordAlgorithmSpec;

/* loaded from: input_file:wildfly.zip:modules/system/layers/base/org/wildfly/extension/elytron/main/wildfly-elytron-integration-14.0.0.Final.jar:org/wildfly/extension/elytron/ModifiableRealmDecorator.class */
class ModifiableRealmDecorator extends DelegatingResourceDefinition {

    /* loaded from: input_file:wildfly.zip:modules/system/layers/base/org/wildfly/extension/elytron/main/wildfly-elytron-integration-14.0.0.Final.jar:org/wildfly/extension/elytron/ModifiableRealmDecorator$AddIdentityAttributeHandler.class */
    static class AddIdentityAttributeHandler extends ElytronRuntimeOnlyHandler {
        static final SimpleAttributeDefinition IDENTITY = new SimpleAttributeDefinitionBuilder("identity", ModelType.STRING, false).build();
        static final SimpleAttributeDefinition NAME = new SimpleAttributeDefinitionBuilder("name", ModelType.STRING, false).build();
        static final SimpleAttributeDefinition VALUE = new SimpleAttributeDefinitionBuilder("value", ModelType.STRING, false).setMinSize(0).build();
        static final SimpleListAttributeDefinition VALUES = new SimpleListAttributeDefinition.Builder("value", VALUE).setMinSize(1).build();

        AddIdentityAttributeHandler() {
        }

        static void register(ManagementResourceRegistration managementResourceRegistration, ResourceDescriptionResolver resourceDescriptionResolver) {
            managementResourceRegistration.registerOperationHandler(new SimpleOperationDefinitionBuilder(ElytronDescriptionConstants.ADD_IDENTITY_ATTRIBUTE, resourceDescriptionResolver).setParameters(IDENTITY, NAME, VALUES).setRuntimeOnly().build(), new AddIdentityAttributeHandler());
        }

        @Override // org.jboss.as.controller.AbstractRuntimeOnlyHandler
        protected void executeRuntimeStep(OperationContext operationContext, ModelNode modelNode) throws OperationFailedException {
            ModifiableRealmIdentity realmIdentity = ModifiableRealmDecorator.getRealmIdentity(operationContext, IDENTITY.resolveModelAttribute(operationContext, modelNode).asString());
            try {
                try {
                    MapAttributes mapAttributes = new MapAttributes(realmIdentity.getAuthorizationIdentity().getAttributes());
                    String asString = NAME.resolveModelAttribute(operationContext, modelNode).asString();
                    Iterator<ModelNode> it = VALUES.resolveModelAttribute(operationContext, modelNode).asList().iterator();
                    while (it.hasNext()) {
                        mapAttributes.addLast(asString, it.next().asString());
                    }
                    realmIdentity.setAttributes(mapAttributes);
                } catch (RealmUnavailableException e) {
                    throw ElytronSubsystemMessages.ROOT_LOGGER.couldNotAddAttribute(e);
                }
            } catch (RealmUnavailableException e2) {
                throw ElytronSubsystemMessages.ROOT_LOGGER.couldNotObtainAuthorizationIdentity(e2);
            }
        }
    }

    /* loaded from: input_file:wildfly.zip:modules/system/layers/base/org/wildfly/extension/elytron/main/wildfly-elytron-integration-14.0.0.Final.jar:org/wildfly/extension/elytron/ModifiableRealmDecorator$AddIdentityHandler.class */
    static class AddIdentityHandler extends ElytronRuntimeOnlyHandler {
        static final SimpleAttributeDefinition IDENTITY = new SimpleAttributeDefinitionBuilder("identity", ModelType.STRING, false).build();

        AddIdentityHandler() {
        }

        static void register(ManagementResourceRegistration managementResourceRegistration, ResourceDescriptionResolver resourceDescriptionResolver) {
            managementResourceRegistration.registerOperationHandler(new SimpleOperationDefinitionBuilder(ElytronDescriptionConstants.ADD_IDENTITY, resourceDescriptionResolver).setParameters(IDENTITY).setRuntimeOnly().build(), new AddIdentityHandler());
        }

        @Override // org.jboss.as.controller.AbstractRuntimeOnlyHandler
        protected void executeRuntimeStep(OperationContext operationContext, ModelNode modelNode) throws OperationFailedException {
            String asString = IDENTITY.resolveModelAttribute(operationContext, modelNode).asString();
            RealmIdentity realmIdentity = null;
            try {
                try {
                    ModifiableRealmIdentity realmIdentityForUpdate = ModifiableRealmDecorator.getModifiableSecurityRealm(operationContext).getRealmIdentityForUpdate(new NamePrincipal(asString));
                    if (realmIdentityForUpdate.exists()) {
                        throw ElytronSubsystemMessages.ROOT_LOGGER.identityAlreadyExists(asString);
                    }
                    realmIdentityForUpdate.create();
                    if (realmIdentityForUpdate != null) {
                        realmIdentityForUpdate.dispose();
                    }
                } catch (RealmUnavailableException e) {
                    throw ElytronSubsystemMessages.ROOT_LOGGER.couldNotCreateIdentity(asString, e);
                }
            } catch (Throwable th) {
                if (0 != 0) {
                    realmIdentity.dispose();
                }
                throw th;
            }
        }
    }

    /* loaded from: input_file:wildfly.zip:modules/system/layers/base/org/wildfly/extension/elytron/main/wildfly-elytron-integration-14.0.0.Final.jar:org/wildfly/extension/elytron/ModifiableRealmDecorator$ReadIdentityHandler.class */
    static class ReadIdentityHandler extends ElytronRuntimeOnlyHandler {
        static final SimpleAttributeDefinition IDENTITY = new SimpleAttributeDefinitionBuilder("identity", ModelType.STRING, false).build();

        ReadIdentityHandler() {
        }

        static void register(ManagementResourceRegistration managementResourceRegistration, ResourceDescriptionResolver resourceDescriptionResolver) {
            managementResourceRegistration.registerOperationHandler(new SimpleOperationDefinitionBuilder(ElytronDescriptionConstants.READ_IDENTITY, resourceDescriptionResolver).setParameters(IDENTITY).setRuntimeOnly().setReadOnly().build(), new ReadIdentityHandler());
        }

        @Override // org.jboss.as.controller.AbstractRuntimeOnlyHandler
        protected void executeRuntimeStep(OperationContext operationContext, ModelNode modelNode) throws OperationFailedException {
            String asString = IDENTITY.resolveModelAttribute(operationContext, modelNode).asString();
            try {
                AuthorizationIdentity authorizationIdentity = ModifiableRealmDecorator.getRealmIdentity(operationContext, asString).getAuthorizationIdentity();
                ModelNode result = operationContext.getResult();
                result.get("name").set(asString);
                ModelNode modelNode2 = result.get("attributes");
                for (Attributes.Entry entry : authorizationIdentity.getAttributes().entries()) {
                    ModelNode emptyList = modelNode2.get(entry.getKey()).setEmptyList();
                    Iterator<String> it = entry.iterator();
                    while (it.hasNext()) {
                        emptyList.add(it.next());
                    }
                }
            } catch (RealmUnavailableException e) {
                throw ElytronSubsystemMessages.ROOT_LOGGER.couldNotReadIdentity(asString, e);
            }
        }
    }

    /* loaded from: input_file:wildfly.zip:modules/system/layers/base/org/wildfly/extension/elytron/main/wildfly-elytron-integration-14.0.0.Final.jar:org/wildfly/extension/elytron/ModifiableRealmDecorator$RemoveIdentityAttributeHandler.class */
    static class RemoveIdentityAttributeHandler extends ElytronRuntimeOnlyHandler {
        static final SimpleAttributeDefinition IDENTITY = new SimpleAttributeDefinitionBuilder("identity", ModelType.STRING, false).build();
        public static final SimpleAttributeDefinition NAME = new SimpleAttributeDefinitionBuilder("name", ModelType.STRING, false).build();
        static final SimpleAttributeDefinition VALUE = new SimpleAttributeDefinitionBuilder("value", ModelType.STRING, false).build();
        static final SimpleListAttributeDefinition VALUES = ((SimpleListAttributeDefinition.Builder) new SimpleListAttributeDefinition.Builder("value", VALUE).setRequired(false)).setMinSize(0).build();

        RemoveIdentityAttributeHandler() {
        }

        static void register(ManagementResourceRegistration managementResourceRegistration, ResourceDescriptionResolver resourceDescriptionResolver) {
            managementResourceRegistration.registerOperationHandler(new SimpleOperationDefinitionBuilder(ElytronDescriptionConstants.REMOVE_IDENTITY_ATTRIBUTE, resourceDescriptionResolver).setParameters(IDENTITY, NAME, VALUES).setRuntimeOnly().build(), new RemoveIdentityAttributeHandler());
        }

        @Override // org.jboss.as.controller.AbstractRuntimeOnlyHandler
        protected void executeRuntimeStep(OperationContext operationContext, ModelNode modelNode) throws OperationFailedException {
            ModifiableRealmIdentity realmIdentity = ModifiableRealmDecorator.getRealmIdentity(operationContext, IDENTITY.resolveModelAttribute(operationContext, modelNode).asString());
            try {
                try {
                    MapAttributes mapAttributes = new MapAttributes(realmIdentity.getAuthorizationIdentity().getAttributes());
                    String asString = NAME.resolveModelAttribute(operationContext, modelNode).asString();
                    ModelNode resolveModelAttribute = VALUES.resolveModelAttribute(operationContext, modelNode);
                    if (resolveModelAttribute.isDefined()) {
                        Iterator<ModelNode> it = resolveModelAttribute.asList().iterator();
                        while (it.hasNext()) {
                            mapAttributes.removeAll(asString, it.next().asString());
                        }
                    } else {
                        mapAttributes.remove(asString);
                    }
                    realmIdentity.setAttributes(mapAttributes);
                } catch (RealmUnavailableException e) {
                    throw ElytronSubsystemMessages.ROOT_LOGGER.couldNotRemoveAttribute(e);
                }
            } catch (RealmUnavailableException e2) {
                throw ElytronSubsystemMessages.ROOT_LOGGER.couldNotObtainAuthorizationIdentity(e2);
            }
        }
    }

    /* loaded from: input_file:wildfly.zip:modules/system/layers/base/org/wildfly/extension/elytron/main/wildfly-elytron-integration-14.0.0.Final.jar:org/wildfly/extension/elytron/ModifiableRealmDecorator$RemoveIdentityHandler.class */
    static class RemoveIdentityHandler extends ElytronRuntimeOnlyHandler {
        static final SimpleAttributeDefinition IDENTITY = new SimpleAttributeDefinitionBuilder("identity", ModelType.STRING, false).build();

        RemoveIdentityHandler() {
        }

        static void register(ManagementResourceRegistration managementResourceRegistration, ResourceDescriptionResolver resourceDescriptionResolver) {
            managementResourceRegistration.registerOperationHandler(new SimpleOperationDefinitionBuilder(ElytronDescriptionConstants.REMOVE_IDENTITY, resourceDescriptionResolver).setParameters(IDENTITY).setRuntimeOnly().build(), new RemoveIdentityHandler());
        }

        @Override // org.jboss.as.controller.AbstractRuntimeOnlyHandler
        protected void executeRuntimeStep(OperationContext operationContext, ModelNode modelNode) throws OperationFailedException {
            String asString = IDENTITY.resolveModelAttribute(operationContext, modelNode).asString();
            RealmIdentity realmIdentity = null;
            try {
                try {
                    ModifiableRealmIdentity realmIdentityForUpdate = ModifiableRealmDecorator.getModifiableSecurityRealm(operationContext).getRealmIdentityForUpdate(new NamePrincipal(asString));
                    if (!realmIdentityForUpdate.exists()) {
                        throw new OperationFailedException(ElytronSubsystemMessages.ROOT_LOGGER.identityNotFound(asString));
                    }
                    realmIdentityForUpdate.delete();
                    realmIdentityForUpdate.dispose();
                    if (realmIdentityForUpdate != null) {
                        realmIdentityForUpdate.dispose();
                    }
                } catch (RealmUnavailableException e) {
                    throw ElytronSubsystemMessages.ROOT_LOGGER.couldNotDeleteIdentity(asString, e);
                }
            } catch (Throwable th) {
                if (0 != 0) {
                    realmIdentity.dispose();
                }
                throw th;
            }
        }
    }

    /* loaded from: input_file:wildfly.zip:modules/system/layers/base/org/wildfly/extension/elytron/main/wildfly-elytron-integration-14.0.0.Final.jar:org/wildfly/extension/elytron/ModifiableRealmDecorator$SetPasswordHandler.class */
    static class SetPasswordHandler extends ElytronRuntimeOnlyHandler {
        static final SimpleAttributeDefinition PASSWORD = new SimpleAttributeDefinitionBuilder("password", ModelType.STRING, false).build();
        static final SimpleAttributeDefinition IDENTITY = new SimpleAttributeDefinitionBuilder("identity", ModelType.STRING, false).build();
        static AttributeDefinition[] SUPPORTED_PASSWORDS = {Bcrypt.OBJECT_DEFINITION, Clear.OBJECT_DEFINITION, SimpleDigest.OBJECT_DEFINITION, SaltedSimpleDigest.OBJECT_DEFINITION, ScramDigest.OBJECT_DEFINITION, Digest.OBJECT_DEFINITION, OTPassword.OBJECT_DEFINITION};
        static AttributeDefinition[] ATTRIBUTES = {IDENTITY, Bcrypt.OBJECT_DEFINITION, Clear.OBJECT_DEFINITION, SimpleDigest.OBJECT_DEFINITION, SaltedSimpleDigest.OBJECT_DEFINITION, ScramDigest.OBJECT_DEFINITION, Digest.OBJECT_DEFINITION, OTPassword.OBJECT_DEFINITION};

        /* JADX INFO: Access modifiers changed from: package-private */
        /* loaded from: input_file:wildfly.zip:modules/system/layers/base/org/wildfly/extension/elytron/main/wildfly-elytron-integration-14.0.0.Final.jar:org/wildfly/extension/elytron/ModifiableRealmDecorator$SetPasswordHandler$Bcrypt.class */
        public static class Bcrypt {
            static final SimpleAttributeDefinition ALGORITHM = new SimpleAttributeDefinitionBuilder("algorithm", ModelType.STRING).setRequired(false).setDefaultValue(new ModelNode("bcrypt")).setValidator(new StringAllowedValuesValidator("bcrypt")).build();
            static final SimpleAttributeDefinition ITERATION_COUNT = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.ITERATION_COUNT, ModelType.INT, false).build();
            static final SimpleAttributeDefinition SALT = new SimpleAttributeDefinitionBuilder("salt", ModelType.BYTES, false).build();
            static final ObjectTypeAttributeDefinition OBJECT_DEFINITION = new ObjectTypeAttributeDefinition.Builder("bcrypt", ALGORITHM, SetPasswordHandler.PASSWORD, SALT, ITERATION_COUNT).setRequired(false).build();

            Bcrypt() {
            }
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        /* loaded from: input_file:wildfly.zip:modules/system/layers/base/org/wildfly/extension/elytron/main/wildfly-elytron-integration-14.0.0.Final.jar:org/wildfly/extension/elytron/ModifiableRealmDecorator$SetPasswordHandler$Clear.class */
        public static class Clear {
            static final SimpleAttributeDefinition ALGORITHM = new SimpleAttributeDefinitionBuilder("algorithm", ModelType.STRING).setRequired(false).setDefaultValue(new ModelNode("clear")).setValidator(new StringAllowedValuesValidator("clear")).build();
            static final ObjectTypeAttributeDefinition OBJECT_DEFINITION = new ObjectTypeAttributeDefinition.Builder("clear", SetPasswordHandler.PASSWORD).setRequired(false).build();

            Clear() {
            }
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        /* loaded from: input_file:wildfly.zip:modules/system/layers/base/org/wildfly/extension/elytron/main/wildfly-elytron-integration-14.0.0.Final.jar:org/wildfly/extension/elytron/ModifiableRealmDecorator$SetPasswordHandler$Digest.class */
        public static class Digest {
            static final SimpleAttributeDefinition ALGORITHM = new SimpleAttributeDefinitionBuilder("algorithm", ModelType.STRING).setRequired(false).setDefaultValue(new ModelNode(DigestPassword.ALGORITHM_DIGEST_SHA_512)).setValidator(new StringAllowedValuesValidator(DigestPassword.ALGORITHM_DIGEST_MD5, DigestPassword.ALGORITHM_DIGEST_SHA, DigestPassword.ALGORITHM_DIGEST_SHA_256, DigestPassword.ALGORITHM_DIGEST_SHA_384, DigestPassword.ALGORITHM_DIGEST_SHA_512)).build();
            static final SimpleAttributeDefinition REALM = new SimpleAttributeDefinitionBuilder("realm", ModelType.STRING, false).build();
            static final ObjectTypeAttributeDefinition OBJECT_DEFINITION = new ObjectTypeAttributeDefinition.Builder("digest", ALGORITHM, SetPasswordHandler.PASSWORD, REALM).setRequired(false).build();

            Digest() {
            }
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        /* loaded from: input_file:wildfly.zip:modules/system/layers/base/org/wildfly/extension/elytron/main/wildfly-elytron-integration-14.0.0.Final.jar:org/wildfly/extension/elytron/ModifiableRealmDecorator$SetPasswordHandler$OTPassword.class */
        public static class OTPassword {
            static final SimpleAttributeDefinition ALGORITHM = new SimpleAttributeDefinitionBuilder("algorithm", ModelType.STRING).setRequired(false).setDefaultValue(new ModelNode(OneTimePassword.ALGORITHM_OTP_SHA1)).setValidator(new StringAllowedValuesValidator(OneTimePassword.ALGORITHM_OTP_MD5, OneTimePassword.ALGORITHM_OTP_SHA1, OneTimePassword.ALGORITHM_OTP_SHA_256, OneTimePassword.ALGORITHM_OTP_SHA_384, OneTimePassword.ALGORITHM_OTP_SHA_512)).setAllowExpression(false).build();
            static final SimpleAttributeDefinition SEED = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.SEED, ModelType.STRING, false).setAllowExpression(true).build();
            static final SimpleAttributeDefinition SEQUENCE = new SimpleAttributeDefinitionBuilder("sequence", ModelType.INT, false).setAllowExpression(true).build();
            static final ObjectTypeAttributeDefinition OBJECT_DEFINITION = new ObjectTypeAttributeDefinition.Builder(ElytronDescriptionConstants.OTP, ALGORITHM, SetPasswordHandler.PASSWORD, SEED, SEQUENCE).setAllowNull(true).build();

            OTPassword() {
            }
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        /* loaded from: input_file:wildfly.zip:modules/system/layers/base/org/wildfly/extension/elytron/main/wildfly-elytron-integration-14.0.0.Final.jar:org/wildfly/extension/elytron/ModifiableRealmDecorator$SetPasswordHandler$SaltedSimpleDigest.class */
        public static class SaltedSimpleDigest {
            static final SimpleAttributeDefinition ALGORITHM = new SimpleAttributeDefinitionBuilder("algorithm", ModelType.STRING).setRequired(false).setDefaultValue(new ModelNode(SaltedSimpleDigestPassword.ALGORITHM_PASSWORD_SALT_DIGEST_SHA_512)).setValidator(new StringAllowedValuesValidator(SaltedSimpleDigestPassword.ALGORITHM_PASSWORD_SALT_DIGEST_MD5, SaltedSimpleDigestPassword.ALGORITHM_PASSWORD_SALT_DIGEST_SHA_1, SaltedSimpleDigestPassword.ALGORITHM_PASSWORD_SALT_DIGEST_SHA_256, SaltedSimpleDigestPassword.ALGORITHM_PASSWORD_SALT_DIGEST_SHA_384, SaltedSimpleDigestPassword.ALGORITHM_PASSWORD_SALT_DIGEST_SHA_512, SaltedSimpleDigestPassword.ALGORITHM_SALT_PASSWORD_DIGEST_MD5, SaltedSimpleDigestPassword.ALGORITHM_SALT_PASSWORD_DIGEST_SHA_1, SaltedSimpleDigestPassword.ALGORITHM_SALT_PASSWORD_DIGEST_SHA_256, SaltedSimpleDigestPassword.ALGORITHM_SALT_PASSWORD_DIGEST_SHA_384, SaltedSimpleDigestPassword.ALGORITHM_SALT_PASSWORD_DIGEST_SHA_512)).build();
            static final SimpleAttributeDefinition SALT = new SimpleAttributeDefinitionBuilder("salt", ModelType.BYTES, false).build();
            static final ObjectTypeAttributeDefinition OBJECT_DEFINITION = new ObjectTypeAttributeDefinition.Builder(ElytronDescriptionConstants.SALTED_SIMPLE_DIGEST, ALGORITHM, SetPasswordHandler.PASSWORD, SALT).setRequired(false).build();

            SaltedSimpleDigest() {
            }
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        /* loaded from: input_file:wildfly.zip:modules/system/layers/base/org/wildfly/extension/elytron/main/wildfly-elytron-integration-14.0.0.Final.jar:org/wildfly/extension/elytron/ModifiableRealmDecorator$SetPasswordHandler$ScramDigest.class */
        public static class ScramDigest {
            static final SimpleAttributeDefinition ALGORITHM = new SimpleAttributeDefinitionBuilder("algorithm", ModelType.STRING).setRequired(false).setDefaultValue(new ModelNode(ScramDigestPassword.ALGORITHM_SCRAM_SHA_512)).setValidator(new StringAllowedValuesValidator(ScramDigestPassword.ALGORITHM_SCRAM_SHA_1, ScramDigestPassword.ALGORITHM_SCRAM_SHA_256, ScramDigestPassword.ALGORITHM_SCRAM_SHA_384, ScramDigestPassword.ALGORITHM_SCRAM_SHA_512)).build();
            static final SimpleAttributeDefinition SALT = new SimpleAttributeDefinitionBuilder("salt", ModelType.BYTES, false).build();
            static final SimpleAttributeDefinition ITERATION_COUNT = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.ITERATION_COUNT, ModelType.INT, false).build();
            static final ObjectTypeAttributeDefinition OBJECT_DEFINITION = new ObjectTypeAttributeDefinition.Builder(ElytronDescriptionConstants.SCRAM_DIGEST, ALGORITHM, SetPasswordHandler.PASSWORD, SALT, ITERATION_COUNT).setRequired(false).build();

            ScramDigest() {
            }
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        /* loaded from: input_file:wildfly.zip:modules/system/layers/base/org/wildfly/extension/elytron/main/wildfly-elytron-integration-14.0.0.Final.jar:org/wildfly/extension/elytron/ModifiableRealmDecorator$SetPasswordHandler$SimpleDigest.class */
        public static class SimpleDigest {
            static final SimpleAttributeDefinition ALGORITHM = new SimpleAttributeDefinitionBuilder("algorithm", ModelType.STRING).setRequired(false).setDefaultValue(new ModelNode(SimpleDigestPassword.ALGORITHM_SIMPLE_DIGEST_SHA_512)).setValidator(new StringAllowedValuesValidator(SimpleDigestPassword.ALGORITHM_SIMPLE_DIGEST_MD2, SimpleDigestPassword.ALGORITHM_SIMPLE_DIGEST_MD5, SimpleDigestPassword.ALGORITHM_SIMPLE_DIGEST_SHA_1, SimpleDigestPassword.ALGORITHM_SIMPLE_DIGEST_SHA_256, SimpleDigestPassword.ALGORITHM_SIMPLE_DIGEST_SHA_384, SimpleDigestPassword.ALGORITHM_SIMPLE_DIGEST_SHA_512)).build();
            static final ObjectTypeAttributeDefinition OBJECT_DEFINITION = new ObjectTypeAttributeDefinition.Builder(ElytronDescriptionConstants.SIMPLE_DIGEST, ALGORITHM, SetPasswordHandler.PASSWORD).setRequired(false).build();

            SimpleDigest() {
            }
        }

        SetPasswordHandler() {
        }

        static void register(ManagementResourceRegistration managementResourceRegistration, ResourceDescriptionResolver resourceDescriptionResolver) {
            managementResourceRegistration.registerOperationHandler(new SimpleOperationDefinitionBuilder(ElytronDescriptionConstants.SET_PASSWORD, resourceDescriptionResolver).setParameters(ATTRIBUTES).setRuntimeOnly().build(), new SetPasswordHandler());
        }

        @Override // org.jboss.as.controller.AbstractRuntimeOnlyHandler
        protected void executeRuntimeStep(OperationContext operationContext, ModelNode modelNode) throws OperationFailedException {
            String asString = IDENTITY.resolveModelAttribute(operationContext, modelNode).asString();
            ModifiableRealmIdentity realmIdentity = ModifiableRealmDecorator.getRealmIdentity(operationContext, asString);
            ArrayList arrayList = new ArrayList();
            try {
                for (AttributeDefinition attributeDefinition : SUPPORTED_PASSWORDS) {
                    String name = attributeDefinition.getName();
                    if (modelNode.hasDefined(name)) {
                        arrayList.add(new PasswordCredential(createPassword(operationContext, asString, name, modelNode.get(name))));
                    }
                }
                realmIdentity.setCredentials(arrayList);
            } catch (NoSuchAlgorithmException | InvalidKeySpecException | RealmUnavailableException e) {
                throw ElytronSubsystemMessages.ROOT_LOGGER.couldNotCreatePassword(e);
            }
        }

        private Password createPassword(OperationContext operationContext, String str, String str2, ModelNode modelNode) throws OperationFailedException, NoSuchAlgorithmException, InvalidKeySpecException {
            String asString;
            KeySpec encryptablePasswordSpec;
            String asString2 = PASSWORD.resolveModelAttribute(operationContext, modelNode).asString();
            if (str2.equals("bcrypt")) {
                byte[] asBytes = Bcrypt.SALT.resolveModelAttribute(operationContext, modelNode).asBytes();
                encryptablePasswordSpec = new EncryptablePasswordSpec(asString2.toCharArray(), new IteratedSaltedPasswordAlgorithmSpec(Bcrypt.ITERATION_COUNT.resolveModelAttribute(operationContext, modelNode).asInt(), asBytes));
                asString = Bcrypt.ALGORITHM.resolveModelAttribute(operationContext, modelNode).asString();
            } else if (str2.equals("clear")) {
                encryptablePasswordSpec = new ClearPasswordSpec(asString2.toCharArray());
                asString = Clear.ALGORITHM.resolveModelAttribute(operationContext, modelNode).asString();
            } else if (str2.equals(ElytronDescriptionConstants.SIMPLE_DIGEST)) {
                encryptablePasswordSpec = new EncryptablePasswordSpec(asString2.toCharArray(), null);
                asString = SimpleDigest.ALGORITHM.resolveModelAttribute(operationContext, modelNode).asString();
            } else if (str2.equals(ElytronDescriptionConstants.SALTED_SIMPLE_DIGEST)) {
                encryptablePasswordSpec = new EncryptablePasswordSpec(asString2.toCharArray(), new SaltedPasswordAlgorithmSpec(SaltedSimpleDigest.SALT.resolveModelAttribute(operationContext, modelNode).asBytes()));
                asString = SaltedSimpleDigest.ALGORITHM.resolveModelAttribute(operationContext, modelNode).asString();
            } else if (str2.equals(ElytronDescriptionConstants.SCRAM_DIGEST)) {
                byte[] asBytes2 = ScramDigest.SALT.resolveModelAttribute(operationContext, modelNode).asBytes();
                encryptablePasswordSpec = new EncryptablePasswordSpec(asString2.toCharArray(), new IteratedSaltedPasswordAlgorithmSpec(ScramDigest.ITERATION_COUNT.resolveModelAttribute(operationContext, modelNode).asInt(), asBytes2));
                asString = ScramDigest.ALGORITHM.resolveModelAttribute(operationContext, modelNode).asString();
            } else if (str2.equals("digest")) {
                String asString3 = Digest.REALM.resolveModelAttribute(operationContext, modelNode).asString();
                asString = Digest.ALGORITHM.resolveModelAttribute(operationContext, modelNode).asString();
                encryptablePasswordSpec = new EncryptablePasswordSpec(asString2.toCharArray(), new DigestPasswordAlgorithmSpec(str, asString3));
            } else {
                if (!str2.equals(ElytronDescriptionConstants.OTP)) {
                    throw ElytronSubsystemMessages.ROOT_LOGGER.unexpectedPasswordType(str2);
                }
                asString = OTPassword.ALGORITHM.resolveModelAttribute(operationContext, modelNode).asString();
                encryptablePasswordSpec = new EncryptablePasswordSpec(asString2.toCharArray(), new OneTimePasswordAlgorithmSpec(asString, OTPassword.SEED.resolveModelAttribute(operationContext, modelNode).asString(), OTPassword.SEQUENCE.resolveModelAttribute(operationContext, modelNode).asInt()));
            }
            return PasswordFactory.getInstance(asString).generatePassword(encryptablePasswordSpec);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static ResourceDefinition wrap(ResourceDefinition resourceDefinition) {
        return new ModifiableRealmDecorator(resourceDefinition);
    }

    private ModifiableRealmDecorator(ResourceDefinition resourceDefinition) {
        setDelegate(resourceDefinition);
    }

    @Override // org.jboss.as.controller.DelegatingResourceDefinition, org.jboss.as.controller.ResourceDefinition
    public void registerOperations(ManagementResourceRegistration managementResourceRegistration) {
        super.registerOperations(managementResourceRegistration);
        StandardResourceDescriptionResolver resourceDescriptionResolver = ElytronExtension.getResourceDescriptionResolver(ElytronDescriptionConstants.MODIFIABLE_SECURITY_REALM);
        ReadIdentityHandler.register(managementResourceRegistration, resourceDescriptionResolver);
        if (ElytronExtension.isServerOrHostController(managementResourceRegistration)) {
            AddIdentityHandler.register(managementResourceRegistration, resourceDescriptionResolver);
            RemoveIdentityHandler.register(managementResourceRegistration, resourceDescriptionResolver);
            AddIdentityAttributeHandler.register(managementResourceRegistration, resourceDescriptionResolver);
            RemoveIdentityAttributeHandler.register(managementResourceRegistration, resourceDescriptionResolver);
            SetPasswordHandler.register(managementResourceRegistration, resourceDescriptionResolver);
        }
    }

    static ModifiableSecurityRealm getModifiableSecurityRealm(OperationContext operationContext) throws OperationFailedException {
        ServiceController requiredService = ElytronExtension.getRequiredService(operationContext.getServiceRegistry(true), Capabilities.MODIFIABLE_SECURITY_REALM_RUNTIME_CAPABILITY.fromBaseCapability(operationContext.getCurrentAddress().getLastElement().getValue()).getCapabilityServiceName(), ModifiableSecurityRealm.class);
        if (requiredService.getState() != ServiceController.State.UP) {
            try {
                requiredService.awaitValue(500L, TimeUnit.MILLISECONDS);
            } catch (IllegalStateException | InterruptedException | TimeoutException e) {
                throw ElytronSubsystemMessages.ROOT_LOGGER.requiredServiceNotUp(requiredService.getName(), requiredService.getState());
            }
        }
        return (ModifiableSecurityRealm) requiredService.getValue();
    }

    static ModifiableRealmIdentity getRealmIdentity(OperationContext operationContext, String str) throws OperationFailedException {
        ModifiableRealmIdentity modifiableRealmIdentity = null;
        try {
            try {
                modifiableRealmIdentity = getModifiableSecurityRealm(operationContext).getRealmIdentityForUpdate(new NamePrincipal(str));
                if (!modifiableRealmIdentity.exists()) {
                    throw new OperationFailedException(ElytronSubsystemMessages.ROOT_LOGGER.identityNotFound(str));
                }
                if (modifiableRealmIdentity != null) {
                    modifiableRealmIdentity.dispose();
                }
                return modifiableRealmIdentity;
            } catch (RealmUnavailableException e) {
                throw ElytronSubsystemMessages.ROOT_LOGGER.couldNotReadIdentity(str, e);
            }
        } catch (Throwable th) {
            if (modifiableRealmIdentity != null) {
                modifiableRealmIdentity.dispose();
            }
            throw th;
        }
    }
}
