package org.wildfly.url.http;

import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
import java.security.AccessController;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.spec.InvalidKeySpecException;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import org.apache.http.HttpHost;
import org.apache.http.auth.AuthScope;
import org.apache.http.auth.Credentials;
import org.apache.http.auth.UsernamePasswordCredentials;
import org.apache.http.client.CredentialsProvider;
import org.wildfly.security._private.ElytronMessages;
import org.wildfly.security.auth.callback.CredentialCallback;
import org.wildfly.security.auth.client.AuthenticationConfiguration;
import org.wildfly.security.auth.client.AuthenticationContext;
import org.wildfly.security.auth.client.AuthenticationContextConfigurationClient;
import org.wildfly.security.credential.PasswordCredential;
import org.wildfly.security.password.PasswordFactory;
import org.wildfly.security.password.TwoWayPassword;
import org.wildfly.security.password.spec.ClearPasswordSpec;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:org/wildfly/url/http/ElytronCredentialsProvider.class */
public class ElytronCredentialsProvider implements CredentialsProvider {
    static final ElytronCredentialsProvider INSTANCE = new ElytronCredentialsProvider();
    static final AuthenticationContextConfigurationClient client = (AuthenticationContextConfigurationClient) AccessController.doPrivileged(AuthenticationContextConfigurationClient.ACTION);

    ElytronCredentialsProvider() {
    }

    @Override // org.apache.http.client.CredentialsProvider
    public Credentials getCredentials(AuthScope authScope) {
        TwoWayPassword twoWayPassword;
        AuthenticationContext captureCurrent = AuthenticationContext.captureCurrent();
        HttpHost origin = authScope.getOrigin();
        try {
            AuthenticationConfiguration authenticationConfiguration = client.getAuthenticationConfiguration(new URI(origin != null ? origin.getSchemeName() : authScope.getPort() == 443 ? "https" : "http", null, authScope.getHost(), authScope.getPort(), null, null, null), captureCurrent);
            if (authenticationConfiguration == null) {
                return null;
            }
            CallbackHandler callbackHandler = client.getCallbackHandler(authenticationConfiguration);
            Callback nameCallback = new NameCallback("Username");
            Callback credentialCallback = new CredentialCallback(PasswordCredential.class);
            char[] cArr = null;
            try {
                callbackHandler.handle(new Callback[]{nameCallback, credentialCallback});
                twoWayPassword = (TwoWayPassword) credentialCallback.applyToCredential(PasswordCredential.class, passwordCredential -> {
                    return passwordCredential.getPassword().castAs(TwoWayPassword.class);
                });
            } catch (IOException e) {
                ElytronMessages.log.trace("IOException handling callback:", e);
                return null;
            } catch (InvalidKeyException e2) {
                ElytronMessages.log.trace("InvalidKeyException getting ClearPasswordSpec:", e2);
                return null;
            } catch (NoSuchAlgorithmException e3) {
                ElytronMessages.log.trace("NoSuchAlgorithmException getting PasswordFactory:", e3);
                return null;
            } catch (InvalidKeySpecException e4) {
                ElytronMessages.log.trace("InvalidKeySpecException getting ClearPasswordSpec:", e4);
                return null;
            } catch (UnsupportedCallbackException e5) {
                if (e5.getCallback() == credentialCallback) {
                    PasswordCallback passwordCallback = new PasswordCallback("Password", false);
                    try {
                        callbackHandler.handle(new Callback[]{nameCallback, passwordCallback});
                        cArr = passwordCallback.getPassword();
                    } catch (IOException | UnsupportedCallbackException e6) {
                        ElytronMessages.log.trace("Error handling callback:", e6);
                        return null;
                    }
                }
            }
            if (twoWayPassword == null) {
                return null;
            }
            PasswordFactory passwordFactory = PasswordFactory.getInstance(twoWayPassword.getAlgorithm(), client.getProviderSupplier(authenticationConfiguration));
            cArr = passwordFactory.getKeySpec(passwordFactory.translate(twoWayPassword), ClearPasswordSpec.class).getEncodedPassword();
            String name = nameCallback.getName();
            if (name == null || cArr == null) {
                return null;
            }
            return new UsernamePasswordCredentials(name, new String(cArr));
        } catch (URISyntaxException e7) {
            ElytronMessages.log.tracef("URISyntaxException getting URI from the requesting AuthScope [%s]:", authScope.toString(), e7);
            return null;
        }
    }

    @Override // org.apache.http.client.CredentialsProvider
    public void setCredentials(AuthScope authScope, Credentials credentials) {
        throw new IllegalStateException("unsupported");
    }

    @Override // org.apache.http.client.CredentialsProvider
    public void clear() {
        throw new IllegalStateException("unsupported");
    }
}
