package org.wildfly.security.auth.provider;

import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.util.Collections;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;
import org.wildfly.common.Assert;
import org.wildfly.security._private.ElytronMessages;
import org.wildfly.security.auth.server.CredentialSupport;
import org.wildfly.security.auth.server.NameRewriter;
import org.wildfly.security.auth.server.RealmIdentity;
import org.wildfly.security.auth.server.RealmUnavailableException;
import org.wildfly.security.auth.server.SecurityRealm;
import org.wildfly.security.authz.Attributes;
import org.wildfly.security.authz.AuthorizationIdentity;
import org.wildfly.security.password.Password;
import org.wildfly.security.password.PasswordFactory;
import org.wildfly.security.password.interfaces.ClearPassword;

/* loaded from: input_file:org/wildfly/security/auth/provider/SimpleMapBackedSecurityRealm.class */
public class SimpleMapBackedSecurityRealm implements SecurityRealm {
    private final NameRewriter rewriter;
    private volatile Map<String, SimpleRealmEntry> map;

    /* loaded from: input_file:org/wildfly/security/auth/provider/SimpleMapBackedSecurityRealm$SimpleMapRealmIdentity.class */
    private class SimpleMapRealmIdentity implements RealmIdentity {
        private final String name;

        SimpleMapRealmIdentity(String str) {
            this.name = str;
        }

        @Override // org.wildfly.security.auth.server.RealmIdentity
        public String getName() {
            return this.name;
        }

        @Override // org.wildfly.security.auth.server.RealmIdentity
        public CredentialSupport getCredentialSupport(Class<?> cls, String str) {
            SimpleRealmEntry simpleRealmEntry = (SimpleRealmEntry) SimpleMapBackedSecurityRealm.this.map.get(this.name);
            if (simpleRealmEntry != null && cls.isInstance(simpleRealmEntry.getPassword())) {
                return CredentialSupport.FULLY_SUPPORTED;
            }
            return CredentialSupport.UNSUPPORTED;
        }

        @Override // org.wildfly.security.auth.server.RealmIdentity
        public <C> C getCredential(Class<C> cls, String str) {
            SimpleRealmEntry simpleRealmEntry = (SimpleRealmEntry) SimpleMapBackedSecurityRealm.this.map.get(this.name);
            if (simpleRealmEntry == null) {
                return null;
            }
            Password password = simpleRealmEntry.getPassword();
            if (cls.isInstance(password)) {
                return cls.cast(password);
            }
            return null;
        }

        @Override // org.wildfly.security.auth.server.RealmIdentity
        public AuthorizationIdentity getAuthorizationIdentity() {
            SimpleRealmEntry simpleRealmEntry = (SimpleRealmEntry) SimpleMapBackedSecurityRealm.this.map.get(this.name);
            return simpleRealmEntry == null ? AuthorizationIdentity.EMPTY : AuthorizationIdentity.basicIdentity(simpleRealmEntry.getAttributes());
        }

        @Override // org.wildfly.security.auth.server.RealmIdentity
        public boolean verifyCredential(Object obj) throws RealmUnavailableException {
            try {
                SimpleRealmEntry simpleRealmEntry = (SimpleRealmEntry) SimpleMapBackedSecurityRealm.this.map.get(this.name);
                if (simpleRealmEntry == null) {
                    return false;
                }
                if (obj instanceof char[]) {
                    Password password = simpleRealmEntry.getPassword();
                    return PasswordFactory.getInstance(password.getAlgorithm()).verify(password, (char[]) obj);
                }
                if (!(obj instanceof ClearPassword)) {
                    return false;
                }
                Password password2 = simpleRealmEntry.getPassword();
                return PasswordFactory.getInstance(password2.getAlgorithm()).verify(password2, ((ClearPassword) obj).getPassword());
            } catch (InvalidKeyException | NoSuchAlgorithmException e) {
                throw new RealmUnavailableException(e);
            }
        }

        @Override // org.wildfly.security.auth.server.RealmIdentity
        public boolean exists() throws RealmUnavailableException {
            return SimpleMapBackedSecurityRealm.this.map.containsKey(this.name);
        }
    }

    public SimpleMapBackedSecurityRealm(NameRewriter nameRewriter) {
        this.map = Collections.emptyMap();
        Assert.checkNotNullParam("rewriter", nameRewriter);
        this.rewriter = nameRewriter;
    }

    public SimpleMapBackedSecurityRealm() {
        this(NameRewriter.IDENTITY_REWRITER);
    }

    public void setPasswordMap(Map<String, SimpleRealmEntry> map) {
        this.map = map;
    }

    public void setPasswordMap(String str, Password password, Attributes attributes) {
        this.map = Collections.singletonMap(str, new SimpleRealmEntry(password, attributes));
    }

    public void setPasswordMap(String str, Password password) {
        this.map = Collections.singletonMap(str, new SimpleRealmEntry(password));
    }

    @Override // org.wildfly.security.auth.server.SecurityRealm
    public RealmIdentity createRealmIdentity(String str) {
        String rewriteName = this.rewriter.rewriteName(str);
        if (rewriteName == null) {
            throw ElytronMessages.log.invalidName();
        }
        return new SimpleMapRealmIdentity(rewriteName);
    }

    private boolean checkType(Set<Class<?>> set, HashSet<Class<?>> hashSet, Class<?> cls) {
        return cls != null && hashSet.add(cls) && (set.contains(cls) || checkType(set, hashSet, cls.getSuperclass()) || checkInterfaces(set, hashSet, cls));
    }

    private boolean checkInterfaces(Set<Class<?>> set, HashSet<Class<?>> hashSet, Class<?> cls) {
        for (Class<?> cls2 : cls.getInterfaces()) {
            if (checkType(set, hashSet, cls2)) {
                return true;
            }
        }
        return false;
    }

    @Override // org.wildfly.security.auth.server.SecurityRealm
    public CredentialSupport getCredentialSupport(Class<?> cls, String str) {
        return Password.class.isAssignableFrom(cls) ? CredentialSupport.UNKNOWN : CredentialSupport.UNSUPPORTED;
    }
}
