package org.jboss.as.domain.management.security;

import java.util.Iterator;
import java.util.Set;
import org.jboss.as.controller.AttributeDefinition;
import org.jboss.as.controller.OperationContext;
import org.jboss.as.controller.OperationFailedException;
import org.jboss.as.controller.OperationStepHandler;
import org.jboss.as.controller.SimpleAttributeDefinition;
import org.jboss.as.controller.SimpleAttributeDefinitionBuilder;
import org.jboss.as.controller.SimpleOperationDefinition;
import org.jboss.as.controller.SimpleOperationDefinitionBuilder;
import org.jboss.as.controller.access.Authorizer;
import org.jboss.as.controller.access.rbac.RunAsRoleMapper;
import org.jboss.as.controller.descriptions.common.ControllerResolver;
import org.jboss.as.domain.management.ModelDescriptionConstants;
import org.jboss.as.domain.management.logging.DomainManagementLogger;
import org.jboss.dmr.ModelNode;
import org.jboss.dmr.ModelType;
import org.wildfly.security.auth.server.SecurityIdentity;
import org.wildfly.security.authz.Attributes;
import org.wildfly.security.authz.Roles;

/* loaded from: input_file:org/jboss/as/domain/management/security/WhoAmIOperation.class */
public class WhoAmIOperation implements OperationStepHandler {
    private static final SimpleAttributeDefinition VERBOSE = new SimpleAttributeDefinitionBuilder(ModelDescriptionConstants.VERBOSE, ModelType.BOOLEAN).setAllowNull(true).setDefaultValue(new ModelNode(false)).build();
    public static final SimpleOperationDefinition DEFINITION = new SimpleOperationDefinitionBuilder(ModelDescriptionConstants.WHOAMI, ControllerResolver.getResolver(new String[]{"core", "management"})).setParameters(new AttributeDefinition[]{VERBOSE}).setReadOnly().setReplyType(ModelType.STRING).build();
    private final Authorizer authorizer;

    private WhoAmIOperation(Authorizer authorizer) {
        this.authorizer = authorizer;
    }

    public void execute(OperationContext operationContext, ModelNode modelNode) throws OperationFailedException {
        boolean asBoolean = VERBOSE.resolveModelAttribute(operationContext, modelNode).asBoolean();
        SecurityIdentity securityIdentity = operationContext.getSecurityIdentity();
        if (securityIdentity == null) {
            throw new OperationFailedException(DomainManagementLogger.ROOT_LOGGER.noSecurityContextEstablished());
        }
        ModelNode result = operationContext.getResult();
        result.get(ModelDescriptionConstants.IDENTITY).get(ModelDescriptionConstants.USERNAME).set(securityIdentity.getPrincipal().getName());
        if (asBoolean) {
            Roles roles = securityIdentity.getRoles();
            if (!roles.isEmpty()) {
                ModelNode modelNode2 = result.get(ModelDescriptionConstants.ROLES);
                roles.forEach(str -> {
                    modelNode2.add(str);
                });
            }
            Attributes attributes = securityIdentity.getAttributes();
            if (!attributes.isEmpty()) {
                ModelNode modelNode3 = result.get(ModelDescriptionConstants.ATTRIBUTES);
                attributes.entries().forEach(entry -> {
                    ModelNode modelNode4 = modelNode3.get(entry.getKey());
                    entry.forEach(str2 -> {
                        modelNode4.add(str2);
                    });
                });
            }
            Set callerRoles = this.authorizer == null ? null : this.authorizer.getCallerRoles(operationContext.getCaller(), operationContext.getCallEnvironment(), RunAsRoleMapper.getOperationHeaderRoles(modelNode));
            if (callerRoles != null) {
                ModelNode modelNode4 = result.get(ModelDescriptionConstants.MAPPED_ROLES);
                Iterator it = callerRoles.iterator();
                while (it.hasNext()) {
                    modelNode4.add((String) it.next());
                }
            }
        }
        operationContext.completeStep(OperationContext.RollbackHandler.NOOP_ROLLBACK_HANDLER);
    }

    public static OperationStepHandler createOperation(Authorizer authorizer) {
        return new WhoAmIOperation(authorizer);
    }
}
