package org.jboss.as.security;

import java.security.Principal;
import java.util.EnumSet;
import java.util.Iterator;
import java.util.Set;
import org.jboss.as.controller.AbstractRuntimeOnlyHandler;
import org.jboss.as.controller.AttributeDefinition;
import org.jboss.as.controller.OperationContext;
import org.jboss.as.controller.OperationFailedException;
import org.jboss.as.controller.OperationStepHandler;
import org.jboss.as.controller.PathAddress;
import org.jboss.as.controller.PathElement;
import org.jboss.as.controller.SimpleAttributeDefinition;
import org.jboss.as.controller.SimpleAttributeDefinitionBuilder;
import org.jboss.as.controller.SimpleResourceDefinition;
import org.jboss.as.controller.operations.common.Util;
import org.jboss.as.controller.registry.ManagementResourceRegistration;
import org.jboss.as.controller.registry.OperationEntry;
import org.jboss.as.security.plugins.SecurityDomainContext;
import org.jboss.as.security.service.SecurityDomainService;
import org.jboss.dmr.ModelNode;
import org.jboss.dmr.ModelType;
import org.jboss.msc.service.ServiceController;
import org.jboss.msc.service.ServiceName;
import org.jboss.security.CacheableManager;
import org.jboss.security.SimplePrincipal;

/* loaded from: input_file:org/jboss/as/security/SecurityDomainResourceDefinition.class */
public class SecurityDomainResourceDefinition extends SimpleResourceDefinition {
    public static final SimpleAttributeDefinition CACHE_TYPE = new SimpleAttributeDefinitionBuilder(Constants.CACHE_TYPE, ModelType.STRING, true).build();
    private final boolean registerRuntimeOnly;

    /* loaded from: input_file:org/jboss/as/security/SecurityDomainResourceDefinition$FlushOperation.class */
    static final class FlushOperation extends AbstractRuntimeOnlyHandler {
        static final FlushOperation INSTANCE = new FlushOperation();

        FlushOperation() {
        }

        protected void executeRuntimeStep(OperationContext operationContext, ModelNode modelNode) throws OperationFailedException {
            String value = PathAddress.pathAddress(modelNode.require("address")).getLastElement().getValue();
            String str = null;
            if (modelNode.hasDefined(Constants.PRINCIPAL_ARGUMENT)) {
                str = modelNode.get(Constants.PRINCIPAL_ARGUMENT).asString();
            }
            ServiceController securityDomainService = SecurityDomainResourceDefinition.getSecurityDomainService(operationContext, value);
            if (securityDomainService != null) {
                waitFor(securityDomainService);
                CacheableManager authenticationManager = ((SecurityDomainContext) securityDomainService.getValue()).getAuthenticationManager();
                if (str != null) {
                    authenticationManager.flushCache(new SimplePrincipal(str));
                } else {
                    authenticationManager.flushCache();
                }
            } else {
                operationContext.getFailureDescription().set("No authentication cache for security domain " + value + " available");
            }
            operationContext.completeStep();
        }
    }

    /* loaded from: input_file:org/jboss/as/security/SecurityDomainResourceDefinition$ListCachePrincipals.class */
    static class ListCachePrincipals extends AbstractRuntimeOnlyHandler {
        static final ListCachePrincipals INSTANCE = new ListCachePrincipals();

        ListCachePrincipals() {
        }

        protected void executeRuntimeStep(OperationContext operationContext, ModelNode modelNode) throws OperationFailedException {
            String value = PathAddress.pathAddress(modelNode.require("address")).getLastElement().getValue();
            ServiceController securityDomainService = SecurityDomainResourceDefinition.getSecurityDomainService(operationContext, value);
            if (securityDomainService != null) {
                waitFor(securityDomainService);
                Set cachedKeys = ((SecurityDomainContext) securityDomainService.getValue()).getAuthenticationManager().getCachedKeys();
                ModelNode result = operationContext.getResult();
                Iterator it = cachedKeys.iterator();
                while (it.hasNext()) {
                    result.add(((Principal) it.next()).getName());
                }
                if (!result.isDefined()) {
                    result.setEmptyList();
                }
            } else {
                operationContext.getFailureDescription().set("No authentication cache for security domain " + value + " available");
            }
            operationContext.completeStep();
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SecurityDomainResourceDefinition(boolean z) {
        super(PathElement.pathElement(Constants.SECURITY_DOMAIN), SecurityExtension.getResourceDescriptionResolver(Constants.SECURITY_DOMAIN), SecurityDomainAdd.INSTANCE, SecurityDomainRemove.INSTANCE);
        this.registerRuntimeOnly = z;
    }

    public void registerAttributes(ManagementResourceRegistration managementResourceRegistration) {
        managementResourceRegistration.registerReadWriteAttribute(CACHE_TYPE, (OperationStepHandler) null, new SecurityDomainReloadWriteHandler((AttributeDefinition) CACHE_TYPE));
    }

    public void registerOperations(ManagementResourceRegistration managementResourceRegistration) {
        super.registerOperations(managementResourceRegistration);
        if (this.registerRuntimeOnly) {
            EnumSet of = EnumSet.of(OperationEntry.Flag.RUNTIME_ONLY);
            managementResourceRegistration.registerOperationHandler(Constants.LIST_CACHED_PRINCIPALS, ListCachePrincipals.INSTANCE, SecuritySubsystemDescriptions.LIST_CACHED_PRINCIPALS, of);
            managementResourceRegistration.registerOperationHandler(Constants.FLUSH_CACHE, FlushOperation.INSTANCE, SecuritySubsystemDescriptions.FLUSH_CACHE, of);
        }
    }

    public static ServiceName getSecurityDomainServiceName(PathAddress pathAddress) {
        PathAddress parentAddressByKey = Util.getParentAddressByKey(pathAddress, Constants.SECURITY_DOMAIN);
        if (parentAddressByKey == null) {
            throw SecurityMessages.MESSAGES.addressDidNotContainSecurityDomain();
        }
        return SecurityDomainService.SERVICE_NAME.append(new String[]{parentAddressByKey.getLastElement().getValue()});
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static ServiceController<SecurityDomainContext> getSecurityDomainService(OperationContext operationContext, String str) {
        return operationContext.getServiceRegistry(false).getRequiredService(SecurityDomainService.SERVICE_NAME.append(new String[]{str}));
    }
}
