package org.wildfly.extension.elytron;

import java.security.NoSuchAlgorithmException;
import java.security.spec.InvalidKeySpecException;
import java.util.List;
import java.util.Locale;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import org.jboss.as.controller.AbstractWriteAttributeHandler;
import org.jboss.as.controller.AttributeDefinition;
import org.jboss.as.controller.OperationContext;
import org.jboss.as.controller.OperationFailedException;
import org.jboss.as.controller.OperationStepHandler;
import org.jboss.as.controller.PathAddress;
import org.jboss.as.controller.PathElement;
import org.jboss.as.controller.SimpleAttributeDefinition;
import org.jboss.as.controller.SimpleAttributeDefinitionBuilder;
import org.jboss.as.controller.SimpleOperationDefinition;
import org.jboss.as.controller.SimpleOperationDefinitionBuilder;
import org.jboss.as.controller.SimpleResourceDefinition;
import org.jboss.as.controller.descriptions.StandardResourceDescriptionResolver;
import org.jboss.as.controller.registry.ManagementResourceRegistration;
import org.jboss.as.controller.registry.OperationEntry;
import org.jboss.as.controller.registry.Resource;
import org.jboss.dmr.ModelNode;
import org.jboss.dmr.ModelType;
import org.jboss.msc.service.ServiceNotFoundException;
import org.wildfly.extension.elytron.CredentialStoreResourceDefinition;
import org.wildfly.extension.elytron._private.ElytronSubsystemMessages;
import org.wildfly.security.credential.PasswordCredential;
import org.wildfly.security.credential.store.CredentialStore;
import org.wildfly.security.credential.store.CredentialStoreException;
import org.wildfly.security.credential.store.UnsupportedCredentialTypeException;
import org.wildfly.security.password.PasswordFactory;
import org.wildfly.security.password.spec.ClearPasswordSpec;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:org/wildfly/extension/elytron/CredentialStoreAliasDefinition.class */
public class CredentialStoreAliasDefinition extends SimpleResourceDefinition {
    private static final Class<?>[] SUPPORTED_CREDENTIAL_TYPES = {PasswordCredential.class};
    static final SimpleAttributeDefinition ENTRY_TYPE;
    static final StandardResourceDescriptionResolver RESOURCE_DESCRIPTION_RESOLVER;
    static final SimpleAttributeDefinition SECRET_VALUE;
    private static final AttributeDefinition[] CONFIG_ATTRIBUTES;
    private static final SimpleOperationDefinition ADD_DEFINITION;
    private static final AddHandler ADD_HANDLER;

    /* loaded from: input_file:org/wildfly/extension/elytron/CredentialStoreAliasDefinition$AddHandler.class */
    private static class AddHandler extends BaseAddHandler {
        AddHandler() {
            super(CredentialStoreAliasDefinition.CONFIG_ATTRIBUTES);
        }

        protected void performRuntime(OperationContext operationContext, ModelNode modelNode, Resource resource) throws OperationFailedException {
            String currentAddressValue = operationContext.getCurrentAddressValue();
            String asStringIfDefined = ElytronExtension.asStringIfDefined(operationContext, CredentialStoreAliasDefinition.SECRET_VALUE, resource.getModel());
            String asStringIfDefined2 = ElytronExtension.asStringIfDefined(operationContext, CredentialStoreAliasDefinition.ENTRY_TYPE, resource.getModel());
            CredentialStore credentialStore = CredentialStoreAliasDefinition.getCredentialStore(modelNode, operationContext);
            if (asStringIfDefined2 != null) {
                try {
                    if (!asStringIfDefined2.equals(PasswordCredential.class.getCanonicalName())) {
                        throw ElytronSubsystemMessages.ROOT_LOGGER.credentialStoreEntryTypeNotSupported(CredentialStoreResourceDefinition.credentialStoreName(modelNode), asStringIfDefined2);
                    }
                } catch (CredentialStoreException e) {
                    throw ElytronSubsystemMessages.ROOT_LOGGER.unableToCompleteOperation(e, e.getLocalizedMessage());
                }
            }
            if (credentialStore.exists(currentAddressValue, PasswordCredential.class)) {
                throw ElytronSubsystemMessages.ROOT_LOGGER.credentialAlreadyExists(currentAddressValue, PasswordCredential.class.getName());
            }
            CredentialStoreAliasDefinition.storeSecret(credentialStore, currentAddressValue, asStringIfDefined);
        }

        public void execute(OperationContext operationContext, ModelNode modelNode) throws OperationFailedException {
            if (!CredentialStoreResourceDefinition.CASE_SENSITIVE.resolveModelAttribute(operationContext, operationContext.readResourceFromRoot(operationContext.getCurrentAddress().getParent(), false).getModel()).asBoolean()) {
                String currentAddressValue = operationContext.getCurrentAddressValue();
                if (!currentAddressValue.equals(currentAddressValue.toLowerCase(Locale.ROOT))) {
                    throw ElytronSubsystemMessages.ROOT_LOGGER.invalidAliasName(currentAddressValue, operationContext.getCurrentAddress().getParent().getLastElement().getValue());
                }
            }
            super.execute(operationContext, modelNode);
        }
    }

    /* loaded from: input_file:org/wildfly/extension/elytron/CredentialStoreAliasDefinition$RemoveHandler.class */
    private static class RemoveHandler extends CredentialStoreResourceDefinition.CredentialStoreRuntimeOnlyHandler {
        RemoveHandler() {
            super(true, true);
        }

        @Override // org.wildfly.extension.elytron.CredentialStoreResourceDefinition.CredentialStoreRuntimeOnlyHandler
        protected void performRuntime(ModelNode modelNode, OperationContext operationContext, ModelNode modelNode2, CredentialStoreService credentialStoreService) throws OperationFailedException {
            try {
                CredentialStore m16getValue = credentialStoreService.m16getValue();
                m16getValue.remove(operationContext.getCurrentAddressValue(), PasswordCredential.class);
                m16getValue.flush();
            } catch (CredentialStoreException e) {
                throw new OperationFailedException(e);
            }
        }
    }

    /* loaded from: input_file:org/wildfly/extension/elytron/CredentialStoreAliasDefinition$WriteSecretAttributeHandler.class */
    private static class WriteSecretAttributeHandler extends ElytronWriteAttributeHandler<String> {
        WriteSecretAttributeHandler() {
            super(CredentialStoreAliasDefinition.SECRET_VALUE);
        }

        protected boolean applyUpdateToRuntime(OperationContext operationContext, ModelNode modelNode, String str, ModelNode modelNode2, ModelNode modelNode3, AbstractWriteAttributeHandler.HandbackHolder<String> handbackHolder) throws OperationFailedException {
            String currentAddressValue = operationContext.getCurrentAddressValue();
            Resource readResource = operationContext.readResource(PathAddress.EMPTY_ADDRESS);
            String asString = modelNode2.asString();
            String asStringIfDefined = ElytronExtension.asStringIfDefined(operationContext, CredentialStoreAliasDefinition.ENTRY_TYPE, readResource.getModel());
            CredentialStore credentialStore = CredentialStoreAliasDefinition.getCredentialStore(modelNode, operationContext);
            if (asStringIfDefined != null) {
                try {
                    if (!ElytronDescriptionConstants.CLEAR.equals(asStringIfDefined)) {
                        throw ElytronSubsystemMessages.ROOT_LOGGER.credentialStoreEntryTypeNotSupported(CredentialStoreResourceDefinition.credentialStoreName(modelNode), asStringIfDefined);
                    }
                } catch (CredentialStoreException e) {
                    throw ElytronSubsystemMessages.ROOT_LOGGER.unableToCompleteOperation(e, e.getLocalizedMessage());
                }
            }
            CredentialStoreAliasDefinition.storeSecret(credentialStore, currentAddressValue, asString);
            return false;
        }

        /* JADX INFO: Access modifiers changed from: protected */
        /* JADX WARN: Code restructure failed: missing block: B:14:0x003d, code lost:
        
            if (org.wildfly.extension.elytron.ElytronDescriptionConstants.CLEAR.equals(r0) != false) goto L7;
         */
        /*
            Code decompiled incorrectly, please refer to instructions dump.
            To view partially-correct add '--show-bad-code' argument
        */
        public void revertUpdateToRuntime(org.jboss.as.controller.OperationContext r6, org.jboss.dmr.ModelNode r7, java.lang.String r8, org.jboss.dmr.ModelNode r9, org.jboss.dmr.ModelNode r10, java.lang.String r11) throws org.jboss.as.controller.OperationFailedException {
            /*
                r5 = this;
                r0 = r6
                java.lang.String r0 = r0.getCurrentAddressValue()
                r12 = r0
                r0 = r6
                org.jboss.as.controller.PathAddress r1 = org.jboss.as.controller.PathAddress.EMPTY_ADDRESS
                org.jboss.as.controller.registry.Resource r0 = r0.readResource(r1)
                r13 = r0
                r0 = r9
                java.lang.String r0 = r0.asString()
                r14 = r0
                r0 = r6
                org.jboss.as.controller.SimpleAttributeDefinition r1 = org.wildfly.extension.elytron.CredentialStoreAliasDefinition.ENTRY_TYPE
                r2 = r13
                org.jboss.dmr.ModelNode r2 = r2.getModel()
                java.lang.String r0 = org.wildfly.extension.elytron.ElytronExtension.asStringIfDefined(r0, r1, r2)
                r15 = r0
                r0 = r7
                r1 = r6
                org.wildfly.security.credential.store.CredentialStore r0 = org.wildfly.extension.elytron.CredentialStoreAliasDefinition.access$100(r0, r1)
                r16 = r0
                r0 = r15
                if (r0 == 0) goto L40
                java.lang.String r0 = "clear"
                r1 = r15
                boolean r0 = r0.equals(r1)     // Catch: org.wildfly.security.credential.store.CredentialStoreException -> L4c
                if (r0 == 0) goto L49
            L40:
                r0 = r16
                r1 = r12
                r2 = r14
                org.wildfly.extension.elytron.CredentialStoreAliasDefinition.access$200(r0, r1, r2)     // Catch: org.wildfly.security.credential.store.CredentialStoreException -> L4c
            L49:
                goto L67
            L4c:
                r17 = move-exception
                org.wildfly.extension.elytron._private.ElytronSubsystemMessages r0 = org.wildfly.extension.elytron._private.ElytronSubsystemMessages.ROOT_LOGGER
                org.wildfly.extension.elytron._private.ElytronSubsystemMessages r1 = org.wildfly.extension.elytron._private.ElytronSubsystemMessages.ROOT_LOGGER
                r2 = r17
                r3 = r17
                java.lang.String r3 = r3.getLocalizedMessage()
                org.jboss.as.controller.OperationFailedException r1 = r1.unableToCompleteOperation(r2, r3)
                r2 = r17
                r0.error(r1, r2)
            L67:
                return
            */
            throw new UnsupportedOperationException("Method not decompiled: org.wildfly.extension.elytron.CredentialStoreAliasDefinition.WriteSecretAttributeHandler.revertUpdateToRuntime(org.jboss.as.controller.OperationContext, org.jboss.dmr.ModelNode, java.lang.String, org.jboss.dmr.ModelNode, org.jboss.dmr.ModelNode, java.lang.String):void");
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public CredentialStoreAliasDefinition() {
        super(new SimpleResourceDefinition.Parameters(PathElement.pathElement(ElytronDescriptionConstants.ALIAS), RESOURCE_DESCRIPTION_RESOLVER).setRemoveHandler(new RemoveHandler()).setAddRestartLevel(OperationEntry.Flag.RESTART_NONE).setRemoveRestartLevel(OperationEntry.Flag.RESTART_NONE).setRuntime());
    }

    public void registerOperations(ManagementResourceRegistration managementResourceRegistration) {
        super.registerOperations(managementResourceRegistration);
        managementResourceRegistration.registerOperationHandler(ADD_DEFINITION, ADD_HANDLER);
    }

    public void registerAttributes(ManagementResourceRegistration managementResourceRegistration) {
        managementResourceRegistration.registerReadWriteAttribute(SECRET_VALUE, (OperationStepHandler) null, new WriteSecretAttributeHandler());
        managementResourceRegistration.registerReadOnlyAttribute(ENTRY_TYPE, (OperationStepHandler) null);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static CredentialStore getCredentialStore(ModelNode modelNode, OperationContext operationContext) throws IllegalArgumentException, IllegalStateException, ServiceNotFoundException, UnsupportedOperationException {
        return ((CredentialStoreService) operationContext.getServiceRegistry(false).getRequiredService(CredentialStoreResourceDefinition.CREDENTIAL_STORE_UTIL.serviceName(modelNode)).getService()).m16getValue();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static void storeSecret(CredentialStore credentialStore, String str, String str2) throws CredentialStoreException {
        credentialStore.store(str, createCredentialFromPassword(str2 != null ? str2.toCharArray() : new char[0]));
        credentialStore.flush();
    }

    static PasswordCredential createCredentialFromPassword(char[] cArr) throws UnsupportedCredentialTypeException {
        try {
            return new PasswordCredential(PasswordFactory.getInstance(ElytronDescriptionConstants.CLEAR).generatePassword(new ClearPasswordSpec(cArr)));
        } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
            throw new UnsupportedCredentialTypeException(e);
        }
    }

    static {
        List list = (List) Stream.of((Object[]) SUPPORTED_CREDENTIAL_TYPES).map((v0) -> {
            return v0.getCanonicalName();
        }).collect(Collectors.toList());
        ENTRY_TYPE = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.ENTRY_TYPE, ModelType.STRING, true).setStorageRuntime().setAllowedValues((String[]) list.toArray(new String[list.size()])).build();
        RESOURCE_DESCRIPTION_RESOLVER = ElytronExtension.getResourceDescriptionResolver(ElytronDescriptionConstants.CREDENTIAL_STORE, ElytronDescriptionConstants.ALIAS);
        SECRET_VALUE = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.SECRET_VALUE, ModelType.STRING, true).setStorageRuntime().setMinSize(0).build();
        CONFIG_ATTRIBUTES = new AttributeDefinition[]{SECRET_VALUE, ENTRY_TYPE};
        ADD_DEFINITION = new SimpleOperationDefinitionBuilder("add", RESOURCE_DESCRIPTION_RESOLVER).setParameters(new AttributeDefinition[]{SECRET_VALUE, ENTRY_TYPE}).build();
        ADD_HANDLER = new AddHandler();
    }
}
