package org.wildfly.extension.elytron;

import java.util.HashMap;
import java.util.List;
import java.util.function.Function;
import java.util.function.Supplier;
import javax.net.ssl.SSLContext;
import org.jboss.as.controller.AttributeDefinition;
import org.jboss.as.controller.ObjectListAttributeDefinition;
import org.jboss.as.controller.ObjectTypeAttributeDefinition;
import org.jboss.as.controller.OperationContext;
import org.jboss.as.controller.OperationFailedException;
import org.jboss.as.controller.ResourceDefinition;
import org.jboss.as.controller.SimpleAttributeDefinition;
import org.jboss.as.controller.SimpleAttributeDefinitionBuilder;
import org.jboss.as.controller.SimpleMapAttributeDefinition;
import org.jboss.as.controller.StringListAttributeDefinition;
import org.jboss.as.controller.capability.RuntimeCapability;
import org.jboss.as.controller.registry.AttributeAccess;
import org.jboss.as.controller.security.CredentialReference;
import org.jboss.dmr.ModelNode;
import org.jboss.dmr.ModelType;
import org.jboss.msc.service.ServiceBuilder;
import org.jboss.msc.value.InjectedValue;
import org.wildfly.common.Assert;
import org.wildfly.common.function.ExceptionSupplier;
import org.wildfly.extension.elytron.TrivialService;
import org.wildfly.extension.elytron._private.ElytronSubsystemMessages;
import org.wildfly.extension.elytron.capabilities.CredentialSecurityFactory;
import org.wildfly.security.SecurityFactory;
import org.wildfly.security.auth.client.AuthenticationConfiguration;
import org.wildfly.security.auth.client.AuthenticationContext;
import org.wildfly.security.auth.client.MatchRule;
import org.wildfly.security.auth.server.SecurityDomain;
import org.wildfly.security.credential.PasswordCredential;
import org.wildfly.security.credential.source.CredentialSource;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:org/wildfly/extension/elytron/AuthenticationClientDefinitions.class */
public class AuthenticationClientDefinitions {
    static final SimpleAttributeDefinition CONFIGURATION_EXTENDS = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.EXTENDS, ModelType.STRING, true).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_RESOURCE_SERVICES}).setCapabilityReference("org.wildfly.security.authentication-configuration", Capabilities.AUTHENTICATION_CONFIGURATION_RUNTIME_CAPABILITY).build();
    static final SimpleAttributeDefinition ANONYMOUS = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.ANONYMOUS, ModelType.BOOLEAN, true).setAllowExpression(true).setDefaultValue(new ModelNode(false)).setAlternatives(new String[]{ElytronDescriptionConstants.AUTHENTICATION_NAME, ElytronDescriptionConstants.SECURITY_DOMAIN, ElytronDescriptionConstants.KERBEROS_SECURITY_FACTORY}).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_RESOURCE_SERVICES}).build();
    static final SimpleAttributeDefinition AUTHENTICATION_NAME = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.AUTHENTICATION_NAME, ModelType.STRING, true).setAllowExpression(true).setAlternatives(new String[]{ElytronDescriptionConstants.ANONYMOUS, ElytronDescriptionConstants.SECURITY_DOMAIN, ElytronDescriptionConstants.KERBEROS_SECURITY_FACTORY}).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_RESOURCE_SERVICES}).build();
    static final SimpleAttributeDefinition AUTHORIZATION_NAME = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.AUTHORIZATION_NAME, ModelType.STRING, true).setAllowExpression(true).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_RESOURCE_SERVICES}).build();
    static final SimpleAttributeDefinition HOST = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.HOST, ModelType.STRING, true).setAllowExpression(true).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_RESOURCE_SERVICES}).build();
    static final SimpleAttributeDefinition PROTOCOL = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.PROTOCOL, ModelType.STRING, true).setAllowExpression(true).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_RESOURCE_SERVICES}).build();
    static final SimpleAttributeDefinition PORT = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.PORT, ModelType.INT, true).setAllowExpression(true).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_RESOURCE_SERVICES}).build();
    static final SimpleAttributeDefinition REALM = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.REALM, ModelType.STRING, true).setAllowExpression(true).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_RESOURCE_SERVICES}).build();
    static final SimpleAttributeDefinition SECURITY_DOMAIN = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.SECURITY_DOMAIN, ModelType.STRING, true).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_RESOURCE_SERVICES}).setAlternatives(new String[]{ElytronDescriptionConstants.ANONYMOUS, ElytronDescriptionConstants.AUTHENTICATION_NAME, ElytronDescriptionConstants.KERBEROS_SECURITY_FACTORY}).setCapabilityReference("org.wildfly.security.security-domain", Capabilities.AUTHENTICATION_CONFIGURATION_RUNTIME_CAPABILITY).build();
    static final SimpleAttributeDefinition ALLOW_ALL_MECHANISMS = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.ALLOW_ALL_MECHANISMS, ModelType.BOOLEAN, true).setAllowExpression(true).setDefaultValue(new ModelNode(false)).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_RESOURCE_SERVICES}).setAlternatives(new String[]{ElytronDescriptionConstants.ALLOW_SASL_MECHANISMS}).build();
    static final StringListAttributeDefinition ALLOW_SASL_MECHANISMS = new StringListAttributeDefinition.Builder(ElytronDescriptionConstants.ALLOW_SASL_MECHANISMS).setMinSize(0).setRequired(false).setAllowExpression(true).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_RESOURCE_SERVICES}).setAlternatives(new String[]{ElytronDescriptionConstants.ALLOW_ALL_MECHANISMS}).build();
    static final StringListAttributeDefinition FORBID_SASL_MECHANISMS = new StringListAttributeDefinition.Builder(ElytronDescriptionConstants.FORBID_SASL_MECHANISMS).setMinSize(0).setRequired(false).setAllowExpression(true).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_RESOURCE_SERVICES}).build();
    static final SimpleMapAttributeDefinition MECHANISM_PROPERTIES = new SimpleMapAttributeDefinition.Builder(CommonAttributes.PROPERTIES).setName(ElytronDescriptionConstants.MECHANISM_PROPERTIES).setXmlName(ElytronDescriptionConstants.MECHANISM_PROPERTIES).build();
    static final ObjectTypeAttributeDefinition CREDENTIAL_REFERENCE = CredentialReference.getAttributeBuilder(true, true).build();
    static final SimpleAttributeDefinition KERBEROS_SECURITY_FACTORY = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.KERBEROS_SECURITY_FACTORY, ModelType.STRING, true).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_RESOURCE_SERVICES}).setAlternatives(new String[]{ElytronDescriptionConstants.ANONYMOUS, ElytronDescriptionConstants.AUTHENTICATION_NAME, ElytronDescriptionConstants.SECURITY_DOMAIN}).setCapabilityReference("org.wildfly.security.security-factory.credential", Capabilities.AUTHENTICATION_CONFIGURATION_RUNTIME_CAPABILITY).build();
    static final AttributeDefinition[] AUTHENTICATION_CONFIGURATION_SIMPLE_ATTRIBUTES = {CONFIGURATION_EXTENDS, ANONYMOUS, AUTHENTICATION_NAME, AUTHORIZATION_NAME, HOST, PROTOCOL, PORT, REALM, SECURITY_DOMAIN, ALLOW_ALL_MECHANISMS, ALLOW_SASL_MECHANISMS, FORBID_SASL_MECHANISMS, KERBEROS_SECURITY_FACTORY};
    static final AttributeDefinition[] AUTHENTICATION_CONFIGURATION_ALL_ATTRIBUTES = {CONFIGURATION_EXTENDS, ANONYMOUS, AUTHENTICATION_NAME, AUTHORIZATION_NAME, HOST, PROTOCOL, PORT, REALM, SECURITY_DOMAIN, ALLOW_ALL_MECHANISMS, ALLOW_SASL_MECHANISMS, FORBID_SASL_MECHANISMS, KERBEROS_SECURITY_FACTORY, MECHANISM_PROPERTIES, CREDENTIAL_REFERENCE};
    static final SimpleAttributeDefinition MATCH_USER = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.MATCH_USER, ModelType.STRING, true).setAllowExpression(true).setAlternatives(new String[]{ElytronDescriptionConstants.MATCH_NO_USER}).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_RESOURCE_SERVICES}).build();
    static final SimpleAttributeDefinition MATCH_NO_USER = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.MATCH_NO_USER, ModelType.BOOLEAN, true).setAllowExpression(true).setDefaultValue(new ModelNode(false)).setAlternatives(new String[]{ElytronDescriptionConstants.MATCH_USER}).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_RESOURCE_SERVICES}).build();
    static final SimpleAttributeDefinition MATCH_URN = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.MATCH_URN, ModelType.STRING, true).setAllowExpression(true).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_RESOURCE_SERVICES}).build();
    static final SimpleAttributeDefinition MATCH_LOCAL_SECURITY_DOMAIN = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.MATCH_LOCAL_SECURITY_DOMAIN, ModelType.STRING, true).setAllowExpression(true).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_RESOURCE_SERVICES}).build();
    static final SimpleAttributeDefinition MATCH_PURPOSE = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.MATCH_PURPOSE, ModelType.STRING, true).setAllowExpression(true).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_RESOURCE_SERVICES}).build();
    static final SimpleAttributeDefinition MATCH_PROTOCOL = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.MATCH_PROTOCOL, ModelType.STRING, true).setAllowExpression(true).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_RESOURCE_SERVICES}).build();
    static final SimpleAttributeDefinition MATCH_ABSTRACT_TYPE = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.MATCH_ABSTRACT_TYPE, ModelType.STRING, true).setAllowExpression(true).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_RESOURCE_SERVICES}).build();
    static final SimpleAttributeDefinition MATCH_ABSTRACT_TYPE_AUTHORITY = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.MATCH_ABSTRACT_TYPE_AUTHORITY, ModelType.STRING, true).setAllowExpression(true).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_RESOURCE_SERVICES}).build();
    static final SimpleAttributeDefinition MATCH_HOST = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.MATCH_HOST, ModelType.STRING, true).setAllowExpression(true).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_RESOURCE_SERVICES}).build();
    static final SimpleAttributeDefinition MATCH_PATH = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.MATCH_PATH, ModelType.STRING, true).setAllowExpression(true).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_RESOURCE_SERVICES}).build();
    static final SimpleAttributeDefinition MATCH_PORT = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.MATCH_PORT, ModelType.INT, true).setAllowExpression(true).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_RESOURCE_SERVICES}).build();
    static final SimpleAttributeDefinition CONTEXT_EXTENDS = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.EXTENDS, ModelType.STRING, true).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_RESOURCE_SERVICES}).setCapabilityReference("org.wildfly.security.authentication-context", Capabilities.AUTHENTICATION_CONTEXT_RUNTIME_CAPABILITY).build();
    static final SimpleAttributeDefinition AUTHENTICATION_CONFIGURATION = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.AUTHENTICATION_CONFIGURATION, ModelType.STRING, true).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_RESOURCE_SERVICES}).setCapabilityReference("org.wildfly.security.authentication-configuration", Capabilities.AUTHENTICATION_CONTEXT_RUNTIME_CAPABILITY).build();
    static final SimpleAttributeDefinition SSL_CONTEXT = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.SSL_CONTEXT, ModelType.STRING, true).setFlags(new AttributeAccess.Flag[]{AttributeAccess.Flag.RESTART_RESOURCE_SERVICES}).setCapabilityReference("org.wildfly.security.ssl-context", Capabilities.AUTHENTICATION_CONTEXT_RUNTIME_CAPABILITY).build();
    static final ObjectTypeAttributeDefinition MATCH_RULE = new ObjectTypeAttributeDefinition.Builder(ElytronDescriptionConstants.MATCH_RULE, new AttributeDefinition[]{MATCH_ABSTRACT_TYPE, MATCH_ABSTRACT_TYPE_AUTHORITY, MATCH_HOST, MATCH_LOCAL_SECURITY_DOMAIN, MATCH_NO_USER, MATCH_PATH, MATCH_PORT, MATCH_PROTOCOL, MATCH_PURPOSE, MATCH_URN, MATCH_USER, AUTHENTICATION_CONFIGURATION, SSL_CONTEXT}).build();
    static final ObjectListAttributeDefinition MATCH_RULES = new ObjectListAttributeDefinition.Builder(ElytronDescriptionConstants.MATCH_RULES, MATCH_RULE).setAllowNull(true).build();

    /* loaded from: input_file:org/wildfly/extension/elytron/AuthenticationClientDefinitions$OneTimeSupplier.class */
    static final class OneTimeSupplier<T> implements Supplier<T> {
        private final Supplier<T> supplier;
        private T value;

        OneTimeSupplier(Supplier<T> supplier) {
            Assert.checkNotNullParam("supplier", supplier);
            this.supplier = supplier;
        }

        @Override // java.util.function.Supplier
        public T get() {
            if (this.value == null) {
                this.value = this.supplier.get();
            }
            return this.value;
        }
    }

    AuthenticationClientDefinitions() {
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static ResourceDefinition getAuthenticationClientDefinition() {
        return new TrivialResourceDefinition(ElytronDescriptionConstants.AUTHENTICATION_CONFIGURATION, new TrivialAddHandler<AuthenticationConfiguration>(AuthenticationConfiguration.class, AUTHENTICATION_CONFIGURATION_ALL_ATTRIBUTES, Capabilities.AUTHENTICATION_CONFIGURATION_RUNTIME_CAPABILITY) { // from class: org.wildfly.extension.elytron.AuthenticationClientDefinitions.1
            @Override // org.wildfly.extension.elytron.TrivialAddHandler
            protected TrivialService.ValueSupplier<AuthenticationConfiguration> getValueSupplier(ServiceBuilder<AuthenticationConfiguration> serviceBuilder, OperationContext operationContext, ModelNode modelNode) throws OperationFailedException {
                Supplier supplier;
                String asStringIfDefined = ElytronExtension.asStringIfDefined(operationContext, AuthenticationClientDefinitions.CONFIGURATION_EXTENDS, modelNode);
                if (asStringIfDefined != null) {
                    InjectedValue injectedValue = new InjectedValue();
                    serviceBuilder.addDependency(operationContext.getCapabilityServiceName(RuntimeCapability.buildDynamicCapabilityName("org.wildfly.security.authentication-configuration", asStringIfDefined), AuthenticationConfiguration.class), AuthenticationConfiguration.class, injectedValue);
                    injectedValue.getClass();
                    supplier = injectedValue::getValue;
                } else {
                    supplier = () -> {
                        return AuthenticationConfiguration.EMPTY;
                    };
                }
                Supplier supplier2 = supplier;
                Function function = authenticationConfiguration -> {
                    return (AuthenticationConfiguration) supplier2.get();
                };
                Function andThen = AuthenticationClientDefinitions.ANONYMOUS.resolveModelAttribute(operationContext, modelNode).asBoolean() ? function.andThen(authenticationConfiguration2 -> {
                    return authenticationConfiguration2.useAnonymous();
                }) : function;
                String asStringIfDefined2 = ElytronExtension.asStringIfDefined(operationContext, AuthenticationClientDefinitions.AUTHENTICATION_NAME, modelNode);
                Function andThen2 = asStringIfDefined2 != null ? andThen.andThen(authenticationConfiguration3 -> {
                    return authenticationConfiguration3.useName(asStringIfDefined2);
                }) : andThen;
                String asStringIfDefined3 = ElytronExtension.asStringIfDefined(operationContext, AuthenticationClientDefinitions.AUTHORIZATION_NAME, modelNode);
                Function andThen3 = asStringIfDefined3 != null ? andThen2.andThen(authenticationConfiguration4 -> {
                    return authenticationConfiguration4.useAuthorizationName(asStringIfDefined3);
                }) : andThen2;
                String asStringIfDefined4 = ElytronExtension.asStringIfDefined(operationContext, AuthenticationClientDefinitions.HOST, modelNode);
                Function andThen4 = asStringIfDefined4 != null ? andThen3.andThen(authenticationConfiguration5 -> {
                    return authenticationConfiguration5.useHost(asStringIfDefined4);
                }) : andThen3;
                String asStringIfDefined5 = ElytronExtension.asStringIfDefined(operationContext, AuthenticationClientDefinitions.PROTOCOL, modelNode);
                Function andThen5 = asStringIfDefined5 != null ? andThen4.andThen(authenticationConfiguration6 -> {
                    return authenticationConfiguration6.useProtocol(asStringIfDefined5);
                }) : andThen4;
                int asIntIfDefined = ElytronExtension.asIntIfDefined(operationContext, AuthenticationClientDefinitions.PORT, modelNode);
                Function andThen6 = asIntIfDefined > 0 ? andThen5.andThen(authenticationConfiguration7 -> {
                    return authenticationConfiguration7.usePort(asIntIfDefined);
                }) : andThen5;
                String asStringIfDefined6 = ElytronExtension.asStringIfDefined(operationContext, AuthenticationClientDefinitions.REALM, modelNode);
                Function andThen7 = asStringIfDefined6 != null ? andThen6.andThen(authenticationConfiguration8 -> {
                    return authenticationConfiguration8.useRealm(asStringIfDefined6);
                }) : andThen6;
                String asStringIfDefined7 = ElytronExtension.asStringIfDefined(operationContext, AuthenticationClientDefinitions.SECURITY_DOMAIN, modelNode);
                if (asStringIfDefined7 != null) {
                    InjectedValue injectedValue2 = new InjectedValue();
                    serviceBuilder.addDependency(operationContext.getCapabilityServiceName("org.wildfly.security.security-domain", asStringIfDefined7, SecurityDomain.class), SecurityDomain.class, injectedValue2);
                    andThen7 = andThen7.andThen(authenticationConfiguration9 -> {
                        return authenticationConfiguration9.useForwardedIdentity((SecurityDomain) injectedValue2.getValue());
                    });
                }
                Function andThen8 = AuthenticationClientDefinitions.ALLOW_ALL_MECHANISMS.resolveModelAttribute(operationContext, modelNode).asBoolean() ? andThen7.andThen(authenticationConfiguration10 -> {
                    return authenticationConfiguration10.allowAllSaslMechanisms();
                }) : andThen7;
                List unwrap = AuthenticationClientDefinitions.ALLOW_SASL_MECHANISMS.unwrap(operationContext, modelNode);
                Function andThen9 = unwrap.size() > 0 ? andThen8.andThen(authenticationConfiguration11 -> {
                    return authenticationConfiguration11.allowSaslMechanisms((String[]) unwrap.toArray(new String[unwrap.size()]));
                }) : andThen8;
                List unwrap2 = AuthenticationClientDefinitions.FORBID_SASL_MECHANISMS.unwrap(operationContext, modelNode);
                Function andThen10 = unwrap2.size() > 0 ? andThen9.andThen(authenticationConfiguration12 -> {
                    return authenticationConfiguration12.forbidSaslMechanisms((String[]) unwrap2.toArray(new String[unwrap2.size()]));
                }) : andThen9;
                String asStringIfDefined8 = ElytronExtension.asStringIfDefined(operationContext, AuthenticationClientDefinitions.KERBEROS_SECURITY_FACTORY, modelNode);
                if (asStringIfDefined8 != null) {
                    InjectedValue injectedValue3 = new InjectedValue();
                    serviceBuilder.addDependency(operationContext.getCapabilityServiceName("org.wildfly.security.security-factory.credential", asStringIfDefined8, CredentialSecurityFactory.class), CredentialSecurityFactory.class, injectedValue3);
                    andThen10 = andThen10.andThen(authenticationConfiguration13 -> {
                        return authenticationConfiguration13.useKerberosSecurityFactory((SecurityFactory) injectedValue3.getValue());
                    });
                }
                ModelNode resolveModelAttribute = AuthenticationClientDefinitions.MECHANISM_PROPERTIES.resolveModelAttribute(operationContext, modelNode);
                if (resolveModelAttribute.isDefined()) {
                    HashMap hashMap = new HashMap();
                    resolveModelAttribute.keys().forEach(str -> {
                    });
                    andThen10 = andThen10.andThen(authenticationConfiguration14 -> {
                        return authenticationConfiguration14.useMechanismProperties(hashMap);
                    });
                }
                if (AuthenticationClientDefinitions.CREDENTIAL_REFERENCE.resolveModelAttribute(operationContext, modelNode).isDefined()) {
                    InjectedValue injectedValue4 = new InjectedValue();
                    injectedValue4.inject(CredentialReference.getCredentialSourceSupplier(operationContext, AuthenticationClientDefinitions.CREDENTIAL_REFERENCE, modelNode, serviceBuilder));
                    andThen10 = andThen10.andThen(authenticationConfiguration15 -> {
                        try {
                            CredentialSource credentialSource = (CredentialSource) ((ExceptionSupplier) injectedValue4.getValue()).get();
                            if (credentialSource != null) {
                                return authenticationConfiguration15.usePassword(credentialSource.getCredential(PasswordCredential.class).getPassword());
                            }
                            throw ElytronSubsystemMessages.ROOT_LOGGER.credentialCannotBeResolved();
                        } catch (Exception e) {
                            throw new IllegalStateException(e);
                        }
                    });
                }
                Function function2 = andThen10;
                return () -> {
                    return (AuthenticationConfiguration) function2.apply(null);
                };
            }
        }, AUTHENTICATION_CONFIGURATION_ALL_ATTRIBUTES, Capabilities.AUTHENTICATION_CONFIGURATION_RUNTIME_CAPABILITY);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static ResourceDefinition getAuthenticationContextDefinition() {
        AttributeDefinition[] attributeDefinitionArr = {CONTEXT_EXTENDS, MATCH_RULES};
        return new TrivialResourceDefinition(ElytronDescriptionConstants.AUTHENTICATION_CONTEXT, new TrivialAddHandler<AuthenticationContext>(AuthenticationContext.class, attributeDefinitionArr, Capabilities.AUTHENTICATION_CONTEXT_RUNTIME_CAPABILITY) { // from class: org.wildfly.extension.elytron.AuthenticationClientDefinitions.2
            @Override // org.wildfly.extension.elytron.TrivialAddHandler
            protected TrivialService.ValueSupplier<AuthenticationContext> getValueSupplier(ServiceBuilder<AuthenticationContext> serviceBuilder, OperationContext operationContext, ModelNode modelNode) throws OperationFailedException {
                Supplier supplier;
                String asStringIfDefined = ElytronExtension.asStringIfDefined(operationContext, AuthenticationClientDefinitions.CONTEXT_EXTENDS, modelNode);
                if (asStringIfDefined != null) {
                    InjectedValue injectedValue = new InjectedValue();
                    serviceBuilder.addDependency(operationContext.getCapabilityServiceName(RuntimeCapability.buildDynamicCapabilityName("org.wildfly.security.authentication-context", asStringIfDefined), AuthenticationContext.class), AuthenticationContext.class, injectedValue);
                    injectedValue.getClass();
                    supplier = injectedValue::getValue;
                } else {
                    supplier = AuthenticationContext::empty;
                }
                Function identity = Function.identity();
                if (modelNode.hasDefined(ElytronDescriptionConstants.MATCH_RULES)) {
                    for (ModelNode modelNode2 : modelNode.require(ElytronDescriptionConstants.MATCH_RULES).asList()) {
                        String asStringIfDefined2 = ElytronExtension.asStringIfDefined(operationContext, AuthenticationClientDefinitions.AUTHENTICATION_CONFIGURATION, modelNode2);
                        String asStringIfDefined3 = ElytronExtension.asStringIfDefined(operationContext, AuthenticationClientDefinitions.SSL_CONTEXT, modelNode2);
                        if (asStringIfDefined2 != null || asStringIfDefined3 != null) {
                            Function function = matchRule -> {
                                return MatchRule.ALL;
                            };
                            String asStringIfDefined4 = ElytronExtension.asStringIfDefined(operationContext, AuthenticationClientDefinitions.MATCH_ABSTRACT_TYPE, modelNode2);
                            String asStringIfDefined5 = ElytronExtension.asStringIfDefined(operationContext, AuthenticationClientDefinitions.MATCH_ABSTRACT_TYPE_AUTHORITY, modelNode2);
                            Function andThen = (asStringIfDefined4 == null && asStringIfDefined5 == null) ? function : function.andThen(matchRule2 -> {
                                return matchRule2.matchAbstractType(asStringIfDefined4, asStringIfDefined5);
                            });
                            ModelNode resolveModelAttribute = AuthenticationClientDefinitions.MATCH_HOST.resolveModelAttribute(operationContext, modelNode2);
                            Function andThen2 = resolveModelAttribute.isDefined() ? andThen.andThen(matchRule3 -> {
                                return matchRule3.matchHost(resolveModelAttribute.asString());
                            }) : andThen;
                            ModelNode resolveModelAttribute2 = AuthenticationClientDefinitions.MATCH_LOCAL_SECURITY_DOMAIN.resolveModelAttribute(operationContext, modelNode2);
                            Function andThen3 = resolveModelAttribute2.isDefined() ? andThen2.andThen(matchRule4 -> {
                                return matchRule4.matchLocalSecurityDomain(resolveModelAttribute2.asString());
                            }) : andThen2;
                            Function andThen4 = AuthenticationClientDefinitions.MATCH_NO_USER.resolveModelAttribute(operationContext, modelNode2).asBoolean() ? andThen3.andThen(matchRule5 -> {
                                return matchRule5.matchNoUser();
                            }) : andThen3;
                            ModelNode resolveModelAttribute3 = AuthenticationClientDefinitions.MATCH_PATH.resolveModelAttribute(operationContext, modelNode2);
                            Function andThen5 = resolveModelAttribute3.isDefined() ? andThen4.andThen(matchRule6 -> {
                                return matchRule6.matchPath(resolveModelAttribute3.asString());
                            }) : andThen4;
                            ModelNode resolveModelAttribute4 = AuthenticationClientDefinitions.MATCH_PORT.resolveModelAttribute(operationContext, modelNode2);
                            Function andThen6 = resolveModelAttribute4.isDefined() ? andThen5.andThen(matchRule7 -> {
                                return matchRule7.matchPort(resolveModelAttribute4.asInt());
                            }) : andThen5;
                            ModelNode resolveModelAttribute5 = AuthenticationClientDefinitions.MATCH_PROTOCOL.resolveModelAttribute(operationContext, modelNode2);
                            Function andThen7 = resolveModelAttribute5.isDefined() ? andThen6.andThen(matchRule8 -> {
                                return matchRule8.matchProtocol(resolveModelAttribute5.asString());
                            }) : andThen6;
                            ModelNode resolveModelAttribute6 = AuthenticationClientDefinitions.MATCH_PURPOSE.resolveModelAttribute(operationContext, modelNode2);
                            Function andThen8 = resolveModelAttribute6.isDefined() ? andThen7.andThen(matchRule9 -> {
                                return matchRule9.matchPurpose(resolveModelAttribute6.asString());
                            }) : andThen7;
                            ModelNode resolveModelAttribute7 = AuthenticationClientDefinitions.MATCH_URN.resolveModelAttribute(operationContext, modelNode2);
                            Function andThen9 = resolveModelAttribute7.isDefined() ? andThen8.andThen(matchRule10 -> {
                                return matchRule10.matchUrnName(resolveModelAttribute7.asString());
                            }) : andThen8;
                            ModelNode resolveModelAttribute8 = AuthenticationClientDefinitions.MATCH_USER.resolveModelAttribute(operationContext, modelNode2);
                            Function andThen10 = resolveModelAttribute8.isDefined() ? andThen9.andThen(matchRule11 -> {
                                return matchRule11.matchUser(resolveModelAttribute8.asString());
                            }) : andThen9;
                            OneTimeSupplier oneTimeSupplier = new OneTimeSupplier(() -> {
                                return (MatchRule) andThen10.apply(null);
                            });
                            if (asStringIfDefined2 != null) {
                                InjectedValue injectedValue2 = new InjectedValue();
                                serviceBuilder.addDependency(operationContext.getCapabilityServiceName(RuntimeCapability.buildDynamicCapabilityName("org.wildfly.security.authentication-configuration", asStringIfDefined2), AuthenticationConfiguration.class), AuthenticationConfiguration.class, injectedValue2);
                                identity = identity.andThen(authenticationContext -> {
                                    return authenticationContext.with((MatchRule) oneTimeSupplier.get(), (AuthenticationConfiguration) injectedValue2.getValue());
                                });
                            }
                            if (asStringIfDefined3 != null) {
                                InjectedValue injectedValue3 = new InjectedValue();
                                serviceBuilder.addDependency(operationContext.getCapabilityServiceName(RuntimeCapability.buildDynamicCapabilityName("org.wildfly.security.ssl-context", asStringIfDefined3), SSLContext.class), SSLContext.class, injectedValue3);
                                identity = identity.andThen(authenticationContext2 -> {
                                    MatchRule matchRule12 = (MatchRule) oneTimeSupplier.get();
                                    injectedValue3.getClass();
                                    return authenticationContext2.withSsl(matchRule12, injectedValue3::getValue);
                                });
                            }
                        }
                    }
                }
                Function function2 = identity;
                Supplier supplier2 = supplier;
                return () -> {
                    return (AuthenticationContext) function2.apply(supplier2.get());
                };
            }
        }, attributeDefinitionArr, Capabilities.AUTHENTICATION_CONTEXT_RUNTIME_CAPABILITY);
    }
}
