package org.wildfly.security.auth.client;

import java.io.IOException;
import java.security.AccessControlContext;
import java.security.AccessController;
import java.security.Principal;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import org.wildfly.security.auth.callback.CredentialCallback;
import org.wildfly.security.auth.client.AuthenticationConfiguration;
import org.wildfly.security.auth.server.IdentityCredentials;
import org.wildfly.security.auth.server.SecurityDomain;
import org.wildfly.security.auth.server.SecurityIdentity;
import org.wildfly.security.credential.Credential;
import org.wildfly.security.credential.PasswordCredential;
import org.wildfly.security.password.interfaces.ClearPassword;
import org.wildfly.security.sasl.util.SaslMechanismInformation;

/* loaded from: input_file:org/wildfly/security/auth/client/SetForwardAuthenticationConfiguration.class */
class SetForwardAuthenticationConfiguration extends AuthenticationConfiguration implements AuthenticationConfiguration.UserSetting, AuthenticationConfiguration.CredentialSetting {
    private final SecurityDomain sourceDomain;
    private final AccessControlContext context;

    /* JADX INFO: Access modifiers changed from: package-private */
    public SetForwardAuthenticationConfiguration(AuthenticationConfiguration authenticationConfiguration, SecurityDomain securityDomain, AccessControlContext accessControlContext) {
        super(authenticationConfiguration.without(AuthenticationConfiguration.UserSetting.class, AuthenticationConfiguration.CredentialSetting.class));
        this.sourceDomain = securityDomain;
        this.context = accessControlContext;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // org.wildfly.security.auth.client.AuthenticationConfiguration
    public void handleCallback(Callback[] callbackArr, int i) throws UnsupportedCallbackException, IOException {
        ClearPassword clearPassword;
        Callback callback = callbackArr[i];
        SecurityIdentity currentSecurityIdentity = this.sourceDomain.getCurrentSecurityIdentity();
        if (currentSecurityIdentity.isAnonymous()) {
            return;
        }
        if (callback instanceof NameCallback) {
            ((NameCallback) callback).setName(doRewriteUser(currentSecurityIdentity.getPrincipal().getName()));
            return;
        }
        if (callback instanceof CredentialCallback) {
            CredentialCallback credentialCallback = (CredentialCallback) callback;
            Credential credential = getPrivateCredentials(currentSecurityIdentity, this.context).getCredential(credentialCallback.getCredentialType(), credentialCallback.getAlgorithm(), credentialCallback.getParameterSpec());
            if (credential != null) {
                credentialCallback.setCredential(credential);
                return;
            }
            return;
        }
        if (!(callback instanceof PasswordCallback)) {
            super.handleCallback(callbackArr, i);
            return;
        }
        PasswordCredential passwordCredential = (PasswordCredential) getPrivateCredentials(currentSecurityIdentity, this.context).getCredential(PasswordCredential.class, ClearPassword.ALGORITHM_CLEAR);
        if (passwordCredential == null || (clearPassword = (ClearPassword) passwordCredential.getPassword(ClearPassword.class)) == null) {
            return;
        }
        ((PasswordCallback) callback).setPassword(clearPassword.getPassword());
    }

    private IdentityCredentials getPrivateCredentials(SecurityIdentity securityIdentity, AccessControlContext accessControlContext) {
        securityIdentity.getClass();
        return (IdentityCredentials) AccessController.doPrivileged(securityIdentity::getPrivateCredentials, accessControlContext);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // org.wildfly.security.auth.client.AuthenticationConfiguration
    public boolean filterOneSaslMechanism(String str) {
        return this.sourceDomain.getCurrentSecurityIdentity().isAnonymous() ? SaslMechanismInformation.Names.ANONYMOUS.equals(str) : super.filterOneSaslMechanism(str);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // org.wildfly.security.auth.client.AuthenticationConfiguration
    public Principal getPrincipal() {
        return this.sourceDomain.getCurrentSecurityIdentity().getPrincipal();
    }

    @Override // org.wildfly.security.auth.client.AuthenticationConfiguration
    AuthenticationConfiguration reparent(AuthenticationConfiguration authenticationConfiguration) {
        return new SetForwardAuthenticationConfiguration(authenticationConfiguration, this.sourceDomain, this.context);
    }

    @Override // org.wildfly.security.auth.client.AuthenticationConfiguration
    StringBuilder asString(StringBuilder sb) {
        return parentAsString(sb).append("ForwardAuthentication,");
    }
}
