package org.wildfly.extension.elytron;

import java.nio.file.Path;
import java.nio.file.Paths;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Provider;
import java.util.HashMap;
import java.util.Map;
import org.jboss.as.controller.services.path.PathEntry;
import org.jboss.as.controller.services.path.PathManager;
import org.jboss.msc.inject.Injector;
import org.jboss.msc.service.Service;
import org.jboss.msc.service.StartContext;
import org.jboss.msc.service.StartException;
import org.jboss.msc.service.StopContext;
import org.jboss.msc.value.InjectedValue;
import org.wildfly.common.function.ExceptionSupplier;
import org.wildfly.extension.elytron._private.ElytronSubsystemMessages;
import org.wildfly.security.auth.server.IdentityCredentials;
import org.wildfly.security.credential.Credential;
import org.wildfly.security.credential.PasswordCredential;
import org.wildfly.security.credential.source.CredentialSource;
import org.wildfly.security.credential.store.CredentialStore;
import org.wildfly.security.credential.store.CredentialStoreException;
import org.wildfly.security.credential.store.impl.KeyStoreCredentialStore;

/* loaded from: input_file:org/wildfly/extension/elytron/CredentialStoreService.class */
class CredentialStoreService implements Service<CredentialStore> {
    private static final String CS_LOCATION_ATTRIBUTE = "location";
    private static final String CS_KEY_STORE_TYPE_ATTRIBUTE = "keyStoreType";
    private CredentialStore credentialStore;
    private final String type;
    private final String provider;
    private final String providerLoaderName;
    private final String otherProvidersLoaderName;
    private final String relativeTo;
    private final String location;
    private final String name;
    private final Map<String, String> credentialStoreAttributes;
    private final InjectedValue<PathManager> pathManager = new InjectedValue<>();
    private final InjectedValue<Provider[]> providers = new InjectedValue<>();
    private final InjectedValue<Provider[]> otherProviders = new InjectedValue<>();
    private final InjectedValue<CredentialStore> injectedCredentialStore = new InjectedValue<>();
    private final InjectedValue<ExceptionSupplier<CredentialSource, Exception>> credentialSourceSupplier = new InjectedValue<>();
    private PathManager.Callback.Handle callbackHandle;

    private CredentialStoreService(String str, Map<String, String> map, String str2, String str3, String str4, String str5, String str6, String str7) throws CredentialStoreException {
        this.name = str;
        this.type = str2 != null ? str2 : KeyStoreCredentialStore.KEY_STORE_CREDENTIAL_STORE;
        this.provider = str3;
        this.relativeTo = str4;
        this.credentialStoreAttributes = map;
        this.location = str5;
        this.providerLoaderName = str6;
        this.otherProvidersLoaderName = str7;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static CredentialStoreService createCredentialStoreService(String str, String str2, boolean z, boolean z2, Map<String, String> map, String str3, String str4, String str5, String str6, String str7) throws CredentialStoreException {
        HashMap hashMap = new HashMap();
        if (map != null) {
            hashMap.putAll(map);
        }
        hashMap.put(ElytronDescriptionConstants.MODIFIABLE, Boolean.toString(z));
        hashMap.put(ElytronDescriptionConstants.CREATE, Boolean.toString(z2));
        if (str3 == null || str3.equals(KeyStoreCredentialStore.KEY_STORE_CREDENTIAL_STORE)) {
            hashMap.putIfAbsent(CS_KEY_STORE_TYPE_ATTRIBUTE, "JCEKS");
        }
        return new CredentialStoreService(str, hashMap, str3, str4, str5, str2 != null ? str2 : str, str6, str7);
    }

    public void start(StartContext startContext) throws StartException {
        Path resolveLocation = resolveLocation();
        try {
            this.credentialStoreAttributes.put("location", resolveLocation.toAbsolutePath().toString());
            this.credentialStore = getCredentialStoreInstance();
            this.credentialStore.initialize(this.credentialStoreAttributes, resolveCredentialStoreProtectionParameter(), (Provider[]) this.otherProviders.getOptionalValue());
            if (this.credentialStoreAttributes.get(ElytronDescriptionConstants.CREATE).equals("true") && !resolveLocation.toFile().exists()) {
                this.credentialStore.flush();
            }
        } catch (Exception e) {
            throw ElytronSubsystemMessages.ROOT_LOGGER.unableToStartService(e);
        }
    }

    public void stop(StopContext stopContext) {
        if (this.callbackHandle != null) {
            this.callbackHandle.remove();
        }
    }

    /* renamed from: getValue, reason: merged with bridge method [inline-methods] */
    public CredentialStore m14getValue() {
        return this.credentialStore;
    }

    private Path resolveLocation() {
        if (this.relativeTo == null) {
            return Paths.get(this.location, new String[0]);
        }
        PathManager pathManager = (PathManager) this.pathManager.getValue();
        String resolveRelativePathEntry = pathManager.resolveRelativePathEntry("", this.relativeTo);
        this.callbackHandle = pathManager.registerCallback(this.relativeTo, new PathManager.Callback() { // from class: org.wildfly.extension.elytron.CredentialStoreService.1
            public void pathModelEvent(PathManager.PathEventContext pathEventContext, String str) {
                if (pathEventContext.isResourceServiceRestartAllowed()) {
                    return;
                }
                pathEventContext.reloadRequired();
            }

            public void pathEvent(PathManager.Event event, PathEntry pathEntry) {
            }
        }, new PathManager.Event[]{PathManager.Event.REMOVED, PathManager.Event.UPDATED});
        return Paths.get(resolveRelativePathEntry, this.location);
    }

    private CredentialStore getCredentialStoreInstance() throws CredentialStoreException, NoSuchAlgorithmException, NoSuchProviderException {
        if (this.provider != null) {
            return CredentialStore.getInstance(this.type, this.provider);
        }
        Provider[] providerArr = (Provider[]) this.providers.getOptionalValue();
        if (providerArr == null) {
            return CredentialStore.getInstance(this.type);
        }
        for (Provider provider : providerArr) {
            try {
                return CredentialStore.getInstance(this.type, provider);
            } catch (NoSuchAlgorithmException e) {
            }
        }
        throw ElytronSubsystemMessages.ROOT_LOGGER.providerLoaderCannotSupplyProvider(this.providerLoaderName, this.type);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Injector<Provider[]> getProvidersInjector() {
        return this.providers;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Injector<Provider[]> getOtherProvidersInjector() {
        return this.otherProviders;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Injector<PathManager> getPathManagerInjector() {
        return this.pathManager;
    }

    public String getName() {
        return this.name;
    }

    public String getType() {
        return this.type;
    }

    public String getProvider() {
        return this.provider;
    }

    Injector<CredentialStore> getCredentialStoreInjector() {
        return this.injectedCredentialStore;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Injector<ExceptionSupplier<CredentialSource, Exception>> getCredentialSourceSupplierInjector() {
        return this.credentialSourceSupplier;
    }

    private CredentialStore.CredentialSourceProtectionParameter resolveCredentialStoreProtectionParameter() throws Exception {
        ExceptionSupplier exceptionSupplier = (ExceptionSupplier) this.credentialSourceSupplier.getValue();
        CredentialSource credentialSource = exceptionSupplier != null ? (CredentialSource) exceptionSupplier.get() : null;
        if (credentialSource != null) {
            return credentialToCredentialSourceProtectionParameter(credentialSource.getCredential(PasswordCredential.class));
        }
        throw ElytronSubsystemMessages.ROOT_LOGGER.credentialStoreProtectionParameterCannotBeResolved(this.name);
    }

    private CredentialStore.CredentialSourceProtectionParameter credentialToCredentialSourceProtectionParameter(Credential credential) {
        return new CredentialStore.CredentialSourceProtectionParameter(IdentityCredentials.NONE.withCredential(credential));
    }
}
