package org.wildfly.extension.elytron;

import java.security.PrivilegedAction;
import java.security.Provider;
import java.util.Map;
import java.util.function.Consumer;
import java.util.function.Function;
import java.util.function.Supplier;
import javax.net.ssl.SSLContext;
import javax.security.auth.message.config.AuthConfigFactory;
import org.jboss.as.controller.AbstractBoottimeAddStepHandler;
import org.jboss.as.controller.AbstractWriteAttributeHandler;
import org.jboss.as.controller.AttributeDefinition;
import org.jboss.as.controller.AttributeMarshaller;
import org.jboss.as.controller.AttributeParser;
import org.jboss.as.controller.OperationContext;
import org.jboss.as.controller.OperationFailedException;
import org.jboss.as.controller.OperationStepHandler;
import org.jboss.as.controller.PropertiesAttributeDefinition;
import org.jboss.as.controller.ReloadRequiredWriteAttributeHandler;
import org.jboss.as.controller.SimpleAttributeDefinition;
import org.jboss.as.controller.SimpleAttributeDefinitionBuilder;
import org.jboss.as.controller.SimpleResourceDefinition;
import org.jboss.as.controller.StringListAttributeDefinition;
import org.jboss.as.controller.access.constraint.ApplicationTypeConfig;
import org.jboss.as.controller.access.constraint.SensitivityClassification;
import org.jboss.as.controller.access.management.AccessConstraintDefinition;
import org.jboss.as.controller.access.management.ApplicationTypeAccessConstraintDefinition;
import org.jboss.as.controller.access.management.SensitiveTargetAccessConstraintDefinition;
import org.jboss.as.controller.capability.RuntimeCapability;
import org.jboss.as.controller.operations.validation.StringLengthValidator;
import org.jboss.as.controller.registry.ManagementResourceRegistration;
import org.jboss.as.controller.registry.Resource;
import org.jboss.as.controller.registry.RuntimePackageDependency;
import org.jboss.as.server.AbstractDeploymentChainStep;
import org.jboss.as.server.DeploymentProcessorTarget;
import org.jboss.as.server.deployment.Phase;
import org.jboss.dmr.ModelNode;
import org.jboss.dmr.ModelType;
import org.jboss.msc.service.Service;
import org.jboss.msc.service.ServiceBuilder;
import org.jboss.msc.service.ServiceController;
import org.jboss.msc.service.ServiceName;
import org.jboss.msc.service.ServiceTarget;
import org.jboss.security.SecurityContextAssociation;
import org.wildfly.extension.elytron._private.ElytronSubsystemMessages;
import org.wildfly.extension.elytron.capabilities.CredentialSecurityFactory;
import org.wildfly.extension.elytron.capabilities.PrincipalTransformer;
import org.wildfly.extension.elytron.capabilities._private.SecurityEventListener;
import org.wildfly.security.Version;
import org.wildfly.security.auth.client.AuthenticationContext;
import org.wildfly.security.auth.jaspi.DelegatingAuthConfigFactory;
import org.wildfly.security.auth.jaspi.ElytronAuthConfigFactory;
import org.wildfly.security.auth.server.EvidenceDecoder;
import org.wildfly.security.auth.server.ModifiableSecurityRealm;
import org.wildfly.security.auth.server.PrincipalDecoder;
import org.wildfly.security.auth.server.RealmMapper;
import org.wildfly.security.auth.server.SecurityRealm;
import org.wildfly.security.authz.PermissionMapper;
import org.wildfly.security.authz.RoleDecoder;
import org.wildfly.security.authz.RoleMapper;
import org.wildfly.security.manager.WildFlySecurityManager;
import org.wildfly.security.manager.action.ReadPropertyAction;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:org/wildfly/extension/elytron/ElytronDefinition.class */
public class ElytronDefinition extends SimpleResourceDefinition {
    static final String RESTORE_DEFAULT_SSL_CONTEXT = ElytronDefinition.class.getPackage().getName() + ".restore-default-ssl-context";
    private static final OperationContext.AttachmentKey<SecurityPropertyService> SECURITY_PROPERTY_SERVICE_KEY = OperationContext.AttachmentKey.create(SecurityPropertyService.class);
    private static final AuthenticationContextDependencyProcessor AUTHENITCATION_CONTEXT_PROCESSOR = new AuthenticationContextDependencyProcessor();
    static final SimpleAttributeDefinition DEFAULT_AUTHENTICATION_CONTEXT = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.DEFAULT_AUTHENTICATION_CONTEXT, ModelType.STRING, true).setCapabilityReference("org.wildfly.security.authentication-context", Capabilities.ELYTRON_RUNTIME_CAPABILITY).setRestartAllServices().build();
    static final SimpleAttributeDefinition DEFAULT_SSL_CONTEXT = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.DEFAULT_SSL_CONTEXT, ModelType.STRING, true).setCapabilityReference("org.wildfly.security.ssl-context", Capabilities.ELYTRON_RUNTIME_CAPABILITY).setRestartAllServices().build();
    static final SimpleAttributeDefinition INITIAL_PROVIDERS = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.INITIAL_PROVIDERS, ModelType.STRING, true).setCapabilityReference("org.wildfly.security.providers", Capabilities.ELYTRON_RUNTIME_CAPABILITY).setRestartAllServices().build();
    static final SimpleAttributeDefinition FINAL_PROVIDERS = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.FINAL_PROVIDERS, ModelType.STRING, true).setCapabilityReference("org.wildfly.security.providers", Capabilities.ELYTRON_RUNTIME_CAPABILITY).setRestartAllServices().build();
    static final StringListAttributeDefinition DISALLOWED_PROVIDERS = new StringListAttributeDefinition.Builder(ElytronDescriptionConstants.DISALLOWED_PROVIDERS).setRequired(false).setAttributeParser(AttributeParser.STRING_LIST).setAttributeMarshaller(AttributeMarshaller.STRING_LIST).setRestartJVM().setElementValidator(new StringLengthValidator(1)).setAllowExpression(true).build();
    static final SimpleAttributeDefinition REGISTER_JASPI_FACTORY = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.REGISTER_JASPI_FACTORY, ModelType.BOOLEAN, true).setDefaultValue(ModelNode.TRUE).setAllowExpression(true).setRestartAllServices().build();
    static final PropertiesAttributeDefinition SECURITY_PROPERTIES = new PropertiesAttributeDefinition.Builder(ElytronDescriptionConstants.SECURITY_PROPERTIES, true).build();
    public static final ElytronDefinition INSTANCE = new ElytronDefinition();
    private static final Supplier<Boolean> ALLOW_DELEGATION = new Supplier<Boolean>() { // from class: org.wildfly.extension.elytron.ElytronDefinition.3
        /* JADX WARN: Can't rename method to resolve collision */
        @Override // java.util.function.Supplier
        public Boolean get() {
            if (WildFlySecurityManager.isChecking()) {
                return (Boolean) SecurityActions.doPrivileged(() -> {
                    return Boolean.valueOf(SecurityContextAssociation.getSecurityContext() != null);
                });
            }
            return Boolean.valueOf(SecurityContextAssociation.getSecurityContext() != null);
        }
    };

    /* loaded from: input_file:org/wildfly/extension/elytron/ElytronDefinition$ElytronAdd.class */
    private static class ElytronAdd extends AbstractBoottimeAddStepHandler implements ElytronOperationStepHandler {
        private ElytronAdd() {
            super(Capabilities.ELYTRON_RUNTIME_CAPABILITY, new AttributeDefinition[]{ElytronDefinition.DEFAULT_AUTHENTICATION_CONTEXT, ElytronDefinition.INITIAL_PROVIDERS, ElytronDefinition.FINAL_PROVIDERS, ElytronDefinition.DISALLOWED_PROVIDERS, ElytronDefinition.SECURITY_PROPERTIES, ElytronDefinition.REGISTER_JASPI_FACTORY, ElytronDefinition.DEFAULT_SSL_CONTEXT});
        }

        protected void populateModel(ModelNode modelNode, ModelNode modelNode2) throws OperationFailedException {
            Version.getVersion();
            super.populateModel(modelNode, modelNode2);
        }

        protected void performBoottime(OperationContext operationContext, ModelNode modelNode, Resource resource) throws OperationFailedException {
            ModelNode model = resource.getModel();
            String asStringOrNull = ElytronDefinition.DEFAULT_AUTHENTICATION_CONTEXT.resolveModelAttribute(operationContext, model).asStringOrNull();
            ElytronDefinition.AUTHENITCATION_CONTEXT_PROCESSOR.setDefaultAuthenticationContext(asStringOrNull);
            Map unwrap = ElytronDefinition.SECURITY_PROPERTIES.unwrap(operationContext, model);
            final String asStringOrNull2 = ElytronDefinition.DEFAULT_SSL_CONTEXT.resolveModelAttribute(operationContext, model).asStringOrNull();
            ServiceTarget serviceTarget = operationContext.getServiceTarget();
            ElytronDefinition.installService(SecurityPropertyService.SERVICE_NAME, new SecurityPropertyService(unwrap), serviceTarget);
            ProviderRegistrationService providerRegistrationService = new ProviderRegistrationService(ElytronDefinition.DISALLOWED_PROVIDERS.unwrap(operationContext, modelNode));
            ServiceBuilder initialMode = serviceTarget.addService(ProviderRegistrationService.SERVICE_NAME, providerRegistrationService).setInitialMode(ServiceController.Mode.ACTIVE);
            String asStringOrNull3 = ElytronDefinition.INITIAL_PROVIDERS.resolveModelAttribute(operationContext, model).asStringOrNull();
            if (asStringOrNull3 != null) {
                initialMode.addDependency(operationContext.getCapabilityServiceName("org.wildfly.security.providers", asStringOrNull3, Provider[].class), Provider[].class, providerRegistrationService.getInitialProivders());
            }
            String asStringOrNull4 = ElytronDefinition.FINAL_PROVIDERS.resolveModelAttribute(operationContext, model).asStringOrNull();
            if (asStringOrNull4 != null) {
                initialMode.addDependency(operationContext.getCapabilityServiceName("org.wildfly.security.providers", asStringOrNull4, Provider[].class), Provider[].class, providerRegistrationService.getFinalProviders());
            }
            initialMode.install();
            if (asStringOrNull != null) {
                ServiceBuilder initialMode2 = serviceTarget.addService(DefaultAuthenticationContextService.SERVICE_NAME).setInitialMode(ServiceController.Mode.ACTIVE);
                initialMode2.setInstance(new DefaultAuthenticationContextService(initialMode2.requires(operationContext.getCapabilityServiceName("org.wildfly.security.authentication-context", asStringOrNull, AuthenticationContext.class)), initialMode2.provides(new ServiceName[]{DefaultAuthenticationContextService.SERVICE_NAME}))).install();
            }
            if (asStringOrNull2 != null) {
                ServiceBuilder initialMode3 = serviceTarget.addService(DefaultSSLContextService.SERVICE_NAME).setInitialMode(ServiceController.Mode.ACTIVE);
                initialMode3.setInstance(new DefaultSSLContextService(initialMode3.requires(operationContext.getCapabilityServiceName("org.wildfly.security.ssl-context", asStringOrNull2, SSLContext.class)), initialMode3.provides(new ServiceName[]{DefaultSSLContextService.SERVICE_NAME}))).install();
            }
            if (registerJaspiFactory(operationContext, model)) {
                AuthConfigFactory authConfigFactory = (AuthConfigFactory) SecurityActions.doPrivileged(() -> {
                    return ElytronDefinition.access$700();
                });
                if (authConfigFactory != null) {
                    ElytronDefinition.registerAuthConfigFactory(new DelegatingAuthConfigFactory(new ElytronAuthConfigFactory(), authConfigFactory, ElytronDefinition.ALLOW_DELEGATION));
                } else {
                    ElytronDefinition.registerAuthConfigFactory(new ElytronAuthConfigFactory());
                }
            }
            if (operationContext.isNormalServer()) {
                operationContext.addStep(new AbstractDeploymentChainStep() { // from class: org.wildfly.extension.elytron.ElytronDefinition.ElytronAdd.1
                    protected void execute(DeploymentProcessorTarget deploymentProcessorTarget) {
                        deploymentProcessorTarget.addDeploymentProcessor(ElytronExtension.SUBSYSTEM_NAME, Phase.DEPENDENCIES, 3153, new DependencyProcessor());
                        deploymentProcessorTarget.addDeploymentProcessor(ElytronExtension.SUBSYSTEM_NAME, Phase.DEPENDENCIES, 3154, new EESecurityDependencyProcessor());
                        deploymentProcessorTarget.addDeploymentProcessor(ElytronExtension.SUBSYSTEM_NAME, Phase.CONFIGURE_MODULE, 1280, ElytronDefinition.AUTHENITCATION_CONTEXT_PROCESSOR);
                        if (asStringOrNull2 != null) {
                            deploymentProcessorTarget.addDeploymentProcessor(ElytronExtension.SUBSYSTEM_NAME, Phase.CONFIGURE_MODULE, 1408, new SSLContextDependencyProcessor());
                        }
                        deploymentProcessorTarget.addDeploymentProcessor(ElytronExtension.SUBSYSTEM_NAME, Phase.FIRST_MODULE_USE, 1536, new AuthenticationContextAssociationProcessor());
                        deploymentProcessorTarget.addDeploymentProcessor(ElytronExtension.SUBSYSTEM_NAME, Phase.INSTALL, 864, new VirtualSecurityDomainProcessor());
                    }
                }, OperationContext.Stage.RUNTIME);
            }
        }

        private boolean registerJaspiFactory(OperationContext operationContext, ModelNode modelNode) throws OperationFailedException {
            return ((String) SecurityActions.doPrivileged((PrivilegedAction) new ReadPropertyAction("authconfigprovider.factory"))) == null && ElytronDefinition.REGISTER_JASPI_FACTORY.resolveModelAttribute(operationContext, modelNode).asBoolean();
        }

        protected void rollbackRuntime(OperationContext operationContext, ModelNode modelNode, Resource resource) {
            ElytronDefinition.uninstallSecurityPropertyService(operationContext);
            operationContext.removeService(ProviderRegistrationService.SERVICE_NAME);
            ElytronDefinition.AUTHENITCATION_CONTEXT_PROCESSOR.setDefaultAuthenticationContext(null);
        }

        protected boolean requiresRuntime(OperationContext operationContext) {
            return isServerOrHostController(operationContext);
        }
    }

    /* loaded from: input_file:org/wildfly/extension/elytron/ElytronDefinition$ElytronRemove.class */
    private static class ElytronRemove extends ElytronRemoveStepHandler {
        private ElytronRemove() {
            super(Capabilities.ELYTRON_RUNTIME_CAPABILITY);
        }

        protected void performRuntime(OperationContext operationContext, ModelNode modelNode, ModelNode modelNode2) throws OperationFailedException {
            if (!operationContext.isResourceServiceRestartAllowed()) {
                operationContext.reloadRequired();
                return;
            }
            ElytronDefinition.registerAuthConfigFactory(null);
            SecurityPropertyService uninstallSecurityPropertyService = ElytronDefinition.uninstallSecurityPropertyService(operationContext);
            if (uninstallSecurityPropertyService != null) {
                operationContext.attach(ElytronDefinition.SECURITY_PROPERTY_SERVICE_KEY, uninstallSecurityPropertyService);
            }
            operationContext.removeService(ProviderRegistrationService.SERVICE_NAME);
        }

        protected void recoverServices(OperationContext operationContext, ModelNode modelNode, ModelNode modelNode2) throws OperationFailedException {
            ServiceTarget serviceTarget = operationContext.getServiceTarget();
            SecurityPropertyService securityPropertyService = (SecurityPropertyService) operationContext.getAttachment(ElytronDefinition.SECURITY_PROPERTY_SERVICE_KEY);
            if (securityPropertyService != null) {
                ElytronDefinition.installService(SecurityPropertyService.SERVICE_NAME, securityPropertyService, serviceTarget);
            }
            ElytronDefinition.installService(ProviderRegistrationService.SERVICE_NAME, new ProviderRegistrationService(ElytronDefinition.DISALLOWED_PROVIDERS.unwrap(operationContext, modelNode2)), serviceTarget);
        }
    }

    private ElytronDefinition() {
        super(new SimpleResourceDefinition.Parameters(ElytronExtension.SUBSYSTEM_PATH, ElytronExtension.getResourceDescriptionResolver(new String[0])).setAddHandler(new ElytronAdd()).setRemoveHandler(new ElytronRemove()).setCapabilities(new RuntimeCapability[]{Capabilities.ELYTRON_RUNTIME_CAPABILITY}).addAccessConstraints(new AccessConstraintDefinition[]{new SensitiveTargetAccessConstraintDefinition(new SensitivityClassification(ElytronExtension.SUBSYSTEM_NAME, ElytronDescriptionConstants.ELYTRON_SECURITY, true, true, true)), new ApplicationTypeAccessConstraintDefinition(new ApplicationTypeConfig(ElytronExtension.SUBSYSTEM_NAME, ElytronDescriptionConstants.ELYTRON_SECURITY, false))}));
    }

    public void registerChildren(ManagementResourceRegistration managementResourceRegistration) {
        boolean isServerOrHostController = ElytronExtension.isServerOrHostController(managementResourceRegistration);
        managementResourceRegistration.registerSubModel(ProviderDefinitions.getAggregateProvidersDefinition());
        managementResourceRegistration.registerSubModel(ProviderDefinitions.getProviderLoaderDefinition(isServerOrHostController));
        managementResourceRegistration.registerSubModel(AuditResourceDefinitions.getAggregateSecurityEventListenerDefinition());
        managementResourceRegistration.registerSubModel(new CustomComponentDefinition(Consumer.class, SecurityEventListener::from, ElytronDescriptionConstants.CUSTOM_SECURITY_EVENT_LISTENER, Capabilities.SECURITY_EVENT_LISTENER_RUNTIME_CAPABILITY));
        managementResourceRegistration.registerSubModel(AuditResourceDefinitions.getFileAuditLogResourceDefinition());
        managementResourceRegistration.registerSubModel(AuditResourceDefinitions.getPeriodicRotatingFileAuditLogResourceDefinition());
        managementResourceRegistration.registerSubModel(AuditResourceDefinitions.getSizeRotatingFileAuditLogResourceDefinition());
        managementResourceRegistration.registerSubModel(AuditResourceDefinitions.getSyslogAuditLogResourceDefinition());
        managementResourceRegistration.registerSubModel(AuthenticationFactoryDefinitions.getSaslAuthenticationFactory());
        managementResourceRegistration.registerSubModel(AuthenticationFactoryDefinitions.getHttpAuthenticationFactory());
        managementResourceRegistration.registerSubModel(new DomainDefinition());
        managementResourceRegistration.registerSubModel(new AggregateRealmDefinition());
        managementResourceRegistration.registerSubModel(new CustomComponentDefinition(SecurityRealm.class, Function.identity(), ElytronDescriptionConstants.CUSTOM_REALM, Capabilities.SECURITY_REALM_RUNTIME_CAPABILITY));
        managementResourceRegistration.registerSubModel(ModifiableRealmDecorator.wrap(new CustomComponentDefinition(ModifiableSecurityRealm.class, Function.identity(), ElytronDescriptionConstants.CUSTOM_MODIFIABLE_REALM, Capabilities.MODIFIABLE_SECURITY_REALM_RUNTIME_CAPABILITY, Capabilities.SECURITY_REALM_RUNTIME_CAPABILITY)));
        managementResourceRegistration.registerSubModel(RealmDefinitions.getIdentityRealmDefinition());
        managementResourceRegistration.registerSubModel(new JdbcRealmDefinition());
        managementResourceRegistration.registerSubModel(new KeyStoreRealmDefinition());
        managementResourceRegistration.registerSubModel(PropertiesRealmDefinition.create(isServerOrHostController));
        managementResourceRegistration.registerSubModel(new TokenRealmDefinition());
        managementResourceRegistration.registerSubModel(ModifiableRealmDecorator.wrap(new LdapRealmDefinition()));
        managementResourceRegistration.registerSubModel(ModifiableRealmDecorator.wrap(new FileSystemRealmDefinition()));
        managementResourceRegistration.registerSubModel(new CachingRealmDefinition());
        managementResourceRegistration.registerSubModel(new CustomComponentDefinition(CredentialSecurityFactory.class, Function.identity(), ElytronDescriptionConstants.CUSTOM_CREDENTIAL_SECURITY_FACTORY, Capabilities.SECURITY_FACTORY_CREDENTIAL_RUNTIME_CAPABILITY));
        managementResourceRegistration.registerSubModel(KerberosSecurityFactoryDefinition.getKerberosSecurityFactoryDefinition());
        managementResourceRegistration.registerSubModel(new CustomComponentDefinition(PermissionMapper.class, Function.identity(), ElytronDescriptionConstants.CUSTOM_PERMISSION_MAPPER, Capabilities.PERMISSION_MAPPER_RUNTIME_CAPABILITY));
        managementResourceRegistration.registerSubModel(PermissionMapperDefinitions.getLogicalPermissionMapper());
        managementResourceRegistration.registerSubModel(PermissionMapperDefinitions.getSimplePermissionMapper());
        managementResourceRegistration.registerSubModel(PermissionMapperDefinitions.getConstantPermissionMapper());
        managementResourceRegistration.registerSubModel(PermissionSetDefinition.getPermissionSet());
        managementResourceRegistration.registerSubModel(PrincipalDecoderDefinitions.getAggregatePrincipalDecoderDefinition());
        managementResourceRegistration.registerSubModel(PrincipalDecoderDefinitions.getConcatenatingPrincipalDecoder());
        managementResourceRegistration.registerSubModel(PrincipalDecoderDefinitions.getConstantPrincipalDecoder());
        managementResourceRegistration.registerSubModel(new CustomComponentDefinition(PrincipalDecoder.class, Function.identity(), ElytronDescriptionConstants.CUSTOM_PRINCIPAL_DECODER, Capabilities.PRINCIPAL_DECODER_RUNTIME_CAPABILITY));
        managementResourceRegistration.registerSubModel(PrincipalDecoderDefinitions.getX500AttributePrincipalDecoder());
        managementResourceRegistration.registerSubModel(PrincipalTransformerDefinitions.getAggregatePrincipalTransformerDefinition());
        managementResourceRegistration.registerSubModel(PrincipalTransformerDefinitions.getChainedPrincipalTransformerDefinition());
        managementResourceRegistration.registerSubModel(PrincipalTransformerDefinitions.getConstantPrincipalTransformerDefinition());
        managementResourceRegistration.registerSubModel(new CustomComponentDefinition(PrincipalTransformer.class, Function.identity(), ElytronDescriptionConstants.CUSTOM_PRINCIPAL_TRANSFORMER, Capabilities.PRINCIPAL_TRANSFORMER_RUNTIME_CAPABILITY));
        managementResourceRegistration.registerSubModel(PrincipalTransformerDefinitions.getRegexPrincipalTransformerDefinition());
        managementResourceRegistration.registerSubModel(PrincipalTransformerDefinitions.getRegexValidatingPrincipalTransformerDefinition());
        managementResourceRegistration.registerSubModel(RealmMapperDefinitions.getConstantRealmMapper());
        managementResourceRegistration.registerSubModel(new CustomComponentDefinition(RealmMapper.class, Function.identity(), ElytronDescriptionConstants.CUSTOM_REALM_MAPPER, Capabilities.REALM_MAPPER_RUNTIME_CAPABILITY));
        managementResourceRegistration.registerSubModel(RealmMapperDefinitions.getMappedRegexRealmMapper());
        managementResourceRegistration.registerSubModel(RealmMapperDefinitions.getSimpleRegexRealmMapperDefinition());
        managementResourceRegistration.registerSubModel(new CustomComponentDefinition(RoleDecoder.class, Function.identity(), ElytronDescriptionConstants.CUSTOM_ROLE_DECODER, Capabilities.ROLE_DECODER_RUNTIME_CAPABILITY));
        managementResourceRegistration.registerSubModel(RoleDecoderDefinitions.getSimpleRoleDecoderDefinition());
        managementResourceRegistration.registerSubModel(RoleMapperDefinitions.getAddSuffixRoleMapperDefinition());
        managementResourceRegistration.registerSubModel(RoleMapperDefinitions.getAddPrefixRoleMapperDefinition());
        managementResourceRegistration.registerSubModel(RoleMapperDefinitions.getAggregateRoleMapperDefinition());
        managementResourceRegistration.registerSubModel(RoleMapperDefinitions.getConstantRoleMapperDefinition());
        managementResourceRegistration.registerSubModel(new CustomComponentDefinition(RoleMapper.class, Function.identity(), ElytronDescriptionConstants.CUSTOM_ROLE_MAPPER, Capabilities.ROLE_MAPPER_RUNTIME_CAPABILITY));
        managementResourceRegistration.registerSubModel(RoleMapperDefinitions.getLogicalRoleMapperDefinition());
        managementResourceRegistration.registerSubModel(RoleMapperDefinitions.getMappedRoleMapperDefinition());
        managementResourceRegistration.registerSubModel(EvidenceDecoderDefinitions.getX500SubjectEvidenceDecoderDefinition());
        managementResourceRegistration.registerSubModel(EvidenceDecoderDefinitions.getX509SubjectAltNameEvidenceDecoderDefinition());
        managementResourceRegistration.registerSubModel(new CustomComponentDefinition(EvidenceDecoder.class, Function.identity(), ElytronDescriptionConstants.CUSTOM_EVIDENCE_DECODER, Capabilities.EVIDENCE_DECODER_RUNTIME_CAPABILITY));
        managementResourceRegistration.registerSubModel(EvidenceDecoderDefinitions.getAggregateEvidenceDecoderDefinition());
        managementResourceRegistration.registerSubModel(HttpServerDefinitions.getAggregateHttpServerFactoryDefinition());
        managementResourceRegistration.registerSubModel(HttpServerDefinitions.getConfigurableHttpServerMechanismFactoryDefinition());
        managementResourceRegistration.registerSubModel(HttpServerDefinitions.getProviderHttpServerMechanismFactoryDefinition());
        managementResourceRegistration.registerSubModel(HttpServerDefinitions.getServiceLoaderServerMechanismFactoryDefinition());
        managementResourceRegistration.registerSubModel(JaspiDefinition.getJaspiServletConfigurationDefinition());
        managementResourceRegistration.registerSubModel(SaslServerDefinitions.getAggregateSaslServerFactoryDefinition());
        managementResourceRegistration.registerSubModel(SaslServerDefinitions.getConfigurableSaslServerFactoryDefinition());
        managementResourceRegistration.registerSubModel(SaslServerDefinitions.getMechanismProviderFilteringSaslServerFactory());
        managementResourceRegistration.registerSubModel(SaslServerDefinitions.getProviderSaslServerFactoryDefinition());
        managementResourceRegistration.registerSubModel(SaslServerDefinitions.getServiceLoaderSaslServerFactoryDefinition());
        managementResourceRegistration.registerSubModel(AdvancedModifiableKeyStoreDecorator.wrap(new KeyStoreDefinition()));
        managementResourceRegistration.registerSubModel(ModifiableKeyStoreDecorator.wrap(new LdapKeyStoreDefinition()));
        managementResourceRegistration.registerSubModel(ModifiableKeyStoreDecorator.wrap(new FilteringKeyStoreDefinition()));
        managementResourceRegistration.registerSubModel(SSLDefinitions.getKeyManagerDefinition());
        managementResourceRegistration.registerSubModel(SSLDefinitions.getTrustManagerDefinition());
        managementResourceRegistration.registerSubModel(SSLDefinitions.getServerSSLContextDefinition(isServerOrHostController));
        managementResourceRegistration.registerSubModel(SSLDefinitions.getClientSSLContextDefinition(isServerOrHostController));
        managementResourceRegistration.registerSubModel(SSLDefinitions.getServerSNISSLContextDefinition());
        managementResourceRegistration.registerSubModel(new CertificateAuthorityDefinition());
        managementResourceRegistration.registerSubModel(new CertificateAuthorityAccountDefinition());
        managementResourceRegistration.registerSubModel(new CredentialStoreResourceDefinition());
        managementResourceRegistration.registerSubModel(new DirContextDefinition());
        managementResourceRegistration.registerSubModel(AuthenticationClientDefinitions.getAuthenticationClientDefinition());
        managementResourceRegistration.registerSubModel(AuthenticationClientDefinitions.getAuthenticationContextDefinition());
        managementResourceRegistration.registerSubModel(PolicyDefinitions.getPolicy());
    }

    public void registerAttributes(ManagementResourceRegistration managementResourceRegistration) {
        ReloadRequiredWriteAttributeHandler reloadRequiredWriteAttributeHandler = new ReloadRequiredWriteAttributeHandler(new AttributeDefinition[]{INITIAL_PROVIDERS, FINAL_PROVIDERS, DISALLOWED_PROVIDERS, REGISTER_JASPI_FACTORY});
        managementResourceRegistration.registerReadWriteAttribute(INITIAL_PROVIDERS, (OperationStepHandler) null, reloadRequiredWriteAttributeHandler);
        managementResourceRegistration.registerReadWriteAttribute(FINAL_PROVIDERS, (OperationStepHandler) null, reloadRequiredWriteAttributeHandler);
        managementResourceRegistration.registerReadWriteAttribute(DISALLOWED_PROVIDERS, (OperationStepHandler) null, reloadRequiredWriteAttributeHandler);
        managementResourceRegistration.registerReadWriteAttribute(DEFAULT_AUTHENTICATION_CONTEXT, (OperationStepHandler) null, new ElytronWriteAttributeHandler<Void>(DEFAULT_AUTHENTICATION_CONTEXT) { // from class: org.wildfly.extension.elytron.ElytronDefinition.1
            protected boolean applyUpdateToRuntime(OperationContext operationContext, ModelNode modelNode, String str, ModelNode modelNode2, ModelNode modelNode3, AbstractWriteAttributeHandler.HandbackHolder<Void> handbackHolder) throws OperationFailedException {
                ElytronDefinition.AUTHENITCATION_CONTEXT_PROCESSOR.setDefaultAuthenticationContext(modelNode2.isDefined() ? modelNode2.asString() : null);
                return !operationContext.isBooting();
            }

            /* JADX INFO: Access modifiers changed from: protected */
            public void revertUpdateToRuntime(OperationContext operationContext, ModelNode modelNode, String str, ModelNode modelNode2, ModelNode modelNode3, Void r9) throws OperationFailedException {
                ElytronDefinition.AUTHENITCATION_CONTEXT_PROCESSOR.setDefaultAuthenticationContext(modelNode2.isDefined() ? modelNode2.asString() : null);
            }
        });
        managementResourceRegistration.registerReadWriteAttribute(SECURITY_PROPERTIES, (OperationStepHandler) null, new SecurityPropertiesWriteHandler(SECURITY_PROPERTIES));
        managementResourceRegistration.registerReadWriteAttribute(REGISTER_JASPI_FACTORY, (OperationStepHandler) null, reloadRequiredWriteAttributeHandler);
        managementResourceRegistration.registerReadWriteAttribute(DEFAULT_SSL_CONTEXT, (OperationStepHandler) null, new ElytronWriteAttributeHandler<Void>(DEFAULT_SSL_CONTEXT) { // from class: org.wildfly.extension.elytron.ElytronDefinition.2
            protected boolean applyUpdateToRuntime(OperationContext operationContext, ModelNode modelNode, String str, ModelNode modelNode2, ModelNode modelNode3, AbstractWriteAttributeHandler.HandbackHolder<Void> handbackHolder) throws OperationFailedException {
                if (modelNode2.isDefined() || !modelNode3.isDefined()) {
                    return true;
                }
                operationContext.restartRequired();
                return false;
            }

            /* JADX INFO: Access modifiers changed from: protected */
            public void revertUpdateToRuntime(OperationContext operationContext, ModelNode modelNode, String str, ModelNode modelNode2, ModelNode modelNode3, Void r7) throws OperationFailedException {
            }
        });
    }

    public void registerAdditionalRuntimePackages(ManagementResourceRegistration managementResourceRegistration) {
        managementResourceRegistration.registerAdditionalRuntimePackages(new RuntimePackageDependency[]{RuntimePackageDependency.required("org.wildfly.security.elytron")});
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Deprecated
    public static <T> ServiceBuilder<T> commonDependencies(ServiceBuilder<T> serviceBuilder) {
        return commonDependencies(serviceBuilder, true, true);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Deprecated
    public static <T> ServiceBuilder<T> commonDependencies(ServiceBuilder<T> serviceBuilder, boolean z, boolean z2) {
        if (z) {
            serviceBuilder.requires(SecurityPropertyService.SERVICE_NAME);
        }
        if (z2) {
            serviceBuilder.requires(ProviderRegistrationService.SERVICE_NAME);
        }
        return serviceBuilder;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static <T> ServiceBuilder<T> commonRequirements(ServiceBuilder<T> serviceBuilder) {
        return commonRequirements(serviceBuilder, true, true);
    }

    static <T> ServiceBuilder<T> commonRequirements(ServiceBuilder<T> serviceBuilder, boolean z, boolean z2) {
        if (z) {
            serviceBuilder.requires(SecurityPropertyService.SERVICE_NAME);
        }
        if (z2) {
            serviceBuilder.requires(ProviderRegistrationService.SERVICE_NAME);
        }
        return serviceBuilder;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static void installService(ServiceName serviceName, Service<?> service, ServiceTarget serviceTarget) {
        serviceTarget.addService(serviceName, service).setInitialMode(ServiceController.Mode.ACTIVE).install();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static void registerAuthConfigFactory(AuthConfigFactory authConfigFactory) {
        SecurityActions.doPrivileged(() -> {
            AuthConfigFactory.setFactory(authConfigFactory);
            return null;
        });
    }

    private static AuthConfigFactory getAuthConfigFactory() {
        ClassLoader contextClassLoader = Thread.currentThread().getContextClassLoader();
        try {
            try {
                Thread.currentThread().setContextClassLoader(ElytronDefinition.class.getClassLoader());
                AuthConfigFactory factory = AuthConfigFactory.getFactory();
                Thread.currentThread().setContextClassLoader(contextClassLoader);
                return factory;
            } catch (Exception e) {
                ElytronSubsystemMessages.ROOT_LOGGER.trace("Unable to load default AuthConfigFactory.", e);
                Thread.currentThread().setContextClassLoader(contextClassLoader);
                return null;
            }
        } catch (Throwable th) {
            Thread.currentThread().setContextClassLoader(contextClassLoader);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static SecurityPropertyService uninstallSecurityPropertyService(OperationContext operationContext) {
        ServiceController service = operationContext.getServiceRegistry(true).getService(SecurityPropertyService.SERVICE_NAME);
        if (service == null) {
            return null;
        }
        Service service2 = service.getService();
        operationContext.removeService(service);
        if (service2 == null || !(service2 instanceof SecurityPropertyService)) {
            return null;
        }
        return (SecurityPropertyService) service2;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static /* synthetic */ AuthConfigFactory access$700() {
        return getAuthConfigFactory();
    }
}
