package org.wildfly.naming.client.remote;

import java.net.URI;
import java.security.AccessController;
import java.security.GeneralSecurityException;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.Map;
import java.util.Properties;
import javax.naming.NamingException;
import javax.net.ssl.SSLContext;
import javax.security.auth.callback.CallbackHandler;
import org.jboss.naming.remote.client.InitialContextFactory;
import org.jboss.remoting3.Endpoint;
import org.jboss.remoting3.RemotingOptions;
import org.wildfly.common.expression.Expression;
import org.wildfly.naming.client.NamingProvider;
import org.wildfly.naming.client.NamingProviderFactory;
import org.wildfly.naming.client._private.Messages;
import org.wildfly.naming.client.util.EnvironmentUtils;
import org.wildfly.naming.client.util.FastHashtable;
import org.wildfly.security.auth.client.AuthenticationConfiguration;
import org.wildfly.security.auth.client.AuthenticationContext;
import org.wildfly.security.auth.client.AuthenticationContextConfigurationClient;
import org.wildfly.security.util.CodePointIterator;
import org.xnio.Option;
import org.xnio.OptionMap;
import org.xnio.Options;
import org.xnio.Property;
import org.xnio.Sequence;

/* loaded from: input_file:org/wildfly/naming/client/remote/RemoteNamingProviderFactory.class */
public final class RemoteNamingProviderFactory implements NamingProviderFactory {
    public static final String USE_SEPARATE_CONNECTION = "org.wildfly.naming.client.remote.use-separate-connection";
    private static final String CONNECT_OPTIONS_PREFIX = "jboss.naming.client.connect.options.";
    private static final String NAMING_CLIENT_PREFIX = "jboss.naming.client.";
    private static final OptionMap DEFAULT_CONNECTION_CREATION_OPTIONS = OptionMap.create(Options.SASL_POLICY_NOANONYMOUS, false);
    private static final AuthenticationContextConfigurationClient AUTH_CONFIGURATION_CLIENT = (AuthenticationContextConfigurationClient) AccessController.doPrivileged(AuthenticationContextConfigurationClient.ACTION);

    @Override // org.wildfly.naming.client.NamingProviderFactory
    public boolean supportsUriScheme(String str, FastHashtable<String, Object> fastHashtable) {
        Endpoint endpoint = getEndpoint(fastHashtable);
        return endpoint != null && endpoint.isValidUriScheme(str);
    }

    @Override // org.wildfly.naming.client.NamingProviderFactory
    public RemoteNamingProvider createProvider(FastHashtable<String, Object> fastHashtable, URI... uriArr) throws NamingException {
        ArrayList arrayList = new ArrayList(uriArr.length);
        ClassLoader secureGetContextClassLoader = secureGetContextClassLoader();
        Properties propertiesFromEnv = getPropertiesFromEnv(fastHashtable);
        Endpoint endpoint = getEndpoint(fastHashtable);
        String property = getProperty(propertiesFromEnv, InitialContextFactory.CALLBACK_HANDLER_KEY, null, true);
        String property2 = getProperty(propertiesFromEnv, "java.naming.security.principal", null, true);
        String property3 = getProperty(propertiesFromEnv, "java.naming.security.credentials", null, false);
        String property4 = getProperty(propertiesFromEnv, InitialContextFactory.PASSWORD_BASE64_KEY, null, false);
        String property5 = getProperty(propertiesFromEnv, InitialContextFactory.REALM_KEY, null, true);
        OptionMap mergeWithDefaultOptionMap = mergeWithDefaultOptionMap(DEFAULT_CONNECTION_CREATION_OPTIONS, getOptionMapFromProperties(propertiesFromEnv, CONNECT_OPTIONS_PREFIX, secureGetContextClassLoader));
        boolean booleanValueFromProperties = getBooleanValueFromProperties(propertiesFromEnv, USE_SEPARATE_CONNECTION, false);
        CallbackHandler callbackHandler = null;
        String str = null;
        if (property != null && (property2 != null || property3 != null)) {
            throw Messages.log.callbackHandlerAndUsernameAndPasswordSpecified();
        }
        if (property != null) {
            try {
                callbackHandler = (CallbackHandler) Class.forName(property, true, secureGetContextClassLoader).newInstance();
            } catch (ClassNotFoundException e) {
                throw Messages.log.failedToLoadCallbackHandlerClass(e, property);
            } catch (Exception e2) {
                throw Messages.log.failedToInstantiateCallbackHandlerInstance(e2, property);
            }
        } else if (property2 != null) {
            if (property3 != null && property4 != null) {
                throw Messages.log.plainTextAndBase64PasswordSpecified();
            }
            str = property4 != null ? CodePointIterator.ofString(property4).base64Decode().asUtf8String().drainToString() : property3;
        }
        if (callbackHandler != null || property2 != null) {
            mergeWithDefaultOptionMap = setQuietLocalAuth(mergeWithDefaultOptionMap, false);
        }
        AuthenticationContext captureCurrent = AuthenticationContext.captureCurrent();
        AuthenticationContextConfigurationClient authenticationContextConfigurationClient = AUTH_CONFIGURATION_CLIENT;
        for (URI uri : uriArr) {
            AuthenticationConfiguration authenticationConfiguration = authenticationContextConfigurationClient.getAuthenticationConfiguration(uri, captureCurrent, -1, "jndi", "jboss", booleanValueFromProperties ? null : "operate");
            try {
                SSLContext sSLContext = authenticationContextConfigurationClient.getSSLContext(uri, captureCurrent, "jndi", "jboss", "connect");
                AuthenticationConfiguration mergeOptionsIntoAuthenticationConfiguration = RemotingOptions.mergeOptionsIntoAuthenticationConfiguration(mergeWithDefaultOptionMap, authenticationConfiguration);
                if (callbackHandler != null) {
                    mergeOptionsIntoAuthenticationConfiguration = mergeOptionsIntoAuthenticationConfiguration.useCallbackHandler(callbackHandler);
                } else if (property2 != null) {
                    mergeOptionsIntoAuthenticationConfiguration = mergeOptionsIntoAuthenticationConfiguration.useName(property2).usePassword(str).useRealm(property5);
                }
                arrayList.add(new SingleRemoteNamingProvider(endpoint, uri, mergeOptionsIntoAuthenticationConfiguration, sSLContext, fastHashtable));
            } catch (GeneralSecurityException e3) {
                throw Messages.log.failedToConfigureSslContext(e3);
            }
        }
        return arrayList.size() == 1 ? (RemoteNamingProvider) arrayList.get(0) : new AggregateRemoteNamingProvider(arrayList);
    }

    private Endpoint getEndpoint(FastHashtable<String, Object> fastHashtable) {
        return fastHashtable.containsKey(InitialContextFactory.ENDPOINT) ? (Endpoint) fastHashtable.get(InitialContextFactory.ENDPOINT) : Endpoint.getCurrent();
    }

    private static Properties getPropertiesFromEnv(FastHashtable<String, Object> fastHashtable) {
        Properties properties = new Properties();
        for (Map.Entry<String, Object> entry : fastHashtable.entrySet()) {
            if (entry.getValue() instanceof String) {
                properties.setProperty(processPropertyName(entry.getKey()), (String) entry.getValue());
            }
        }
        return properties;
    }

    private static String getProperty(Properties properties, String str, String str2, boolean z) {
        String property = properties.getProperty(str);
        return property == null ? str2 : z ? Expression.compile(property, new Expression.Flag[]{Expression.Flag.LENIENT_SYNTAX}).evaluateWithPropertiesAndEnvironment(false) : property.trim();
    }

    private static boolean getBooleanValueFromProperties(Properties properties, String str, boolean z) {
        String property = getProperty(properties, str, null, true);
        return property == null ? z : Boolean.parseBoolean(property);
    }

    private static OptionMap getOptionMapFromProperties(Properties properties, String str, ClassLoader classLoader) {
        return OptionMap.builder().parseAll(properties, str, classLoader).getMap();
    }

    private static String processPropertyName(String str) {
        if (str.startsWith(EnvironmentUtils.EJB_REMOTE_CONNECTION_PREFIX)) {
            if (str.endsWith(EnvironmentUtils.EJB_CALLBACK_HANDLER_CLASS_KEY)) {
                str = InitialContextFactory.CALLBACK_HANDLER_KEY;
            } else if (str.endsWith(EnvironmentUtils.EJB_USERNAME_KEY)) {
                str = "java.naming.security.principal";
            } else if (str.endsWith(EnvironmentUtils.EJB_PASSWORD_KEY)) {
                str = "java.naming.security.credentials";
            } else if (str.endsWith(EnvironmentUtils.EJB_PASSWORD_BASE64_KEY)) {
                str = InitialContextFactory.PASSWORD_BASE64_KEY;
            } else if (str.contains(EnvironmentUtils.CONNECT_OPTIONS)) {
                str = NAMING_CLIENT_PREFIX + str.substring(str.indexOf(EnvironmentUtils.CONNECT_OPTIONS));
            }
        }
        return str;
    }

    private static OptionMap mergeWithDefaultOptionMap(OptionMap optionMap, OptionMap optionMap2) {
        OptionMap.Builder addAll = OptionMap.builder().addAll(optionMap2);
        Iterator it = optionMap.iterator();
        while (it.hasNext()) {
            Option option = (Option) it.next();
            if (!addAll.getMap().contains(option)) {
                addAll.set(option, optionMap.get(option));
            }
        }
        return addAll.getMap();
    }

    private static ClassLoader secureGetContextClassLoader() {
        return System.getSecurityManager() != null ? (ClassLoader) AccessController.doPrivileged(RemoteNamingProviderFactory::getContextClassLoader) : getContextClassLoader();
    }

    private static ClassLoader getContextClassLoader() {
        return Thread.currentThread().getContextClassLoader();
    }

    private static OptionMap setQuietLocalAuth(OptionMap optionMap, boolean z) {
        Sequence sequence = (Sequence) optionMap.get(Options.SASL_PROPERTIES);
        if (sequence == null) {
            OptionMap.Builder addAll = OptionMap.builder().addAll(optionMap);
            addAll.set(Options.SASL_PROPERTIES, Sequence.of(new Property[]{Property.of("wildfly.sasl.local-user.quiet-auth", Boolean.toString(z))}));
            return addAll.getMap();
        }
        Iterator it = sequence.iterator();
        while (it.hasNext()) {
            String key = ((Property) it.next()).getKey();
            if (key.equals("wildfly.sasl.local-user.quiet-auth") || key.equals("jboss.sasl.local-user.quiet-auth")) {
                return optionMap;
            }
        }
        sequence.add(Property.of("wildfly.sasl.local-user.quiet-auth", Boolean.toString(z)));
        return optionMap;
    }

    @Override // org.wildfly.naming.client.NamingProviderFactory
    public /* bridge */ /* synthetic */ NamingProvider createProvider(FastHashtable fastHashtable, URI[] uriArr) throws NamingException {
        return createProvider((FastHashtable<String, Object>) fastHashtable, uriArr);
    }
}
