package org.wildfly.test.security.common.elytron;

import java.io.IOException;
import java.util.LinkedList;
import org.jboss.as.arquillian.container.ManagementClient;
import org.jboss.as.controller.PathAddress;
import org.jboss.as.controller.PathElement;
import org.jboss.as.controller.client.ModelControllerClient;
import org.jboss.as.controller.operations.common.Util;
import org.jboss.as.test.integration.security.common.AbstractSecurityDomainSetup;
import org.jboss.as.test.shared.ServerReload;
import org.jboss.dmr.ModelNode;

/* loaded from: input_file:org/wildfly/test/security/common/elytron/EjbElytronDomainSetup.class */
public class EjbElytronDomainSetup extends AbstractSecurityDomainSetup {
    private static final String DEFAULT_SECURITY_DOMAIN_NAME = "ejb3-tests";
    private PathAddress realmAddress;
    private PathAddress domainAddress;
    private PathAddress saslAuthenticationAddress;
    private PathAddress remotingConnectorAddress;
    private PathAddress ejbDomainAddress;
    private PathAddress ejbRemoteAddress;
    private PathAddress httpAuthenticationAddress;
    private PathAddress undertowDomainAddress;
    private final String usersFile;
    private final String groupsFile;
    private final String securityDomainName;

    public EjbElytronDomainSetup(String str, String str2) {
        this(str, str2, DEFAULT_SECURITY_DOMAIN_NAME);
    }

    public EjbElytronDomainSetup(String str, String str2, String str3) {
        this.ejbRemoteAddress = PathAddress.pathAddress(new PathElement[0]).append("subsystem", "ejb3").append("service", "remote");
        this.usersFile = str;
        this.groupsFile = str2;
        this.securityDomainName = str3;
    }

    @Override // org.jboss.as.test.integration.security.common.AbstractSecurityDomainSetup
    protected String getSecurityDomainName() {
        return this.securityDomainName;
    }

    protected String getSecurityRealmName() {
        return getSecurityDomainName() + "-ejb3-UsersRoles";
    }

    protected String getUndertowDomainName() {
        return getSecurityDomainName();
    }

    protected String getEjbDomainName() {
        return getSecurityDomainName();
    }

    protected String getSaslAuthenticationName() {
        return getSecurityDomainName();
    }

    protected String getRemotingConnectorName() {
        return "http-remoting-connector";
    }

    protected String getHttpAuthenticationName() {
        return getSecurityDomainName();
    }

    protected String getUsersFile() {
        return this.usersFile;
    }

    protected String getGroupsFile() {
        return this.groupsFile;
    }

    protected boolean isUsersFilePlain() {
        return true;
    }

    public void setup(ManagementClient managementClient, String str) throws Exception {
        this.realmAddress = PathAddress.pathAddress(new PathElement[0]).append("subsystem", "elytron").append("properties-realm", getSecurityRealmName());
        this.domainAddress = PathAddress.pathAddress(new PathElement[0]).append("subsystem", "elytron").append("security-domain", getSecurityDomainName());
        this.saslAuthenticationAddress = PathAddress.pathAddress(new PathElement[0]).append("subsystem", "elytron").append("sasl-authentication-factory", getSaslAuthenticationName());
        this.remotingConnectorAddress = PathAddress.pathAddress(new PathElement[0]).append("subsystem", "remoting").append("http-connector", getRemotingConnectorName());
        this.ejbDomainAddress = PathAddress.pathAddress(new PathElement[0]).append("subsystem", "ejb3").append("application-security-domain", getEjbDomainName());
        this.httpAuthenticationAddress = PathAddress.pathAddress(new PathElement[0]).append("subsystem", "elytron").append("http-authentication-factory", getHttpAuthenticationName());
        this.undertowDomainAddress = PathAddress.pathAddress(new PathElement[0]).append("subsystem", "undertow").append("application-security-domain", getUndertowDomainName());
        ModelNode modelNode = new ModelNode();
        modelNode.get("operation").set("composite");
        modelNode.get("address").setEmptyList();
        ModelNode modelNode2 = modelNode.get("steps");
        ModelNode createAddOperation = Util.createAddOperation(this.realmAddress);
        createAddOperation.get("users-properties").get("path").set(getUsersFile());
        createAddOperation.get("users-properties").get("plain-text").set(isUsersFilePlain());
        createAddOperation.get("groups-properties").get("path").set(getGroupsFile());
        modelNode2.add(createAddOperation);
        ModelNode createAddOperation2 = Util.createAddOperation(this.domainAddress);
        createAddOperation2.get("permission-mapper").set("default-permission-mapper");
        createAddOperation2.get("default-realm").set(getSecurityRealmName());
        createAddOperation2.get("realms").get(0).get("realm").set(getSecurityRealmName());
        createAddOperation2.get("realms").get(0).get("role-decoder").set("groups-to-roles");
        createAddOperation2.get("realms").get(1).get("realm").set("local");
        modelNode2.add(createAddOperation2);
        ModelNode createAddOperation3 = Util.createAddOperation(this.saslAuthenticationAddress);
        createAddOperation3.get("sasl-server-factory").set("configured");
        createAddOperation3.get("security-domain").set(getSecurityDomainName());
        createAddOperation3.get("mechanism-configurations").get(0).get("mechanism-name").set("JBOSS-LOCAL-USER");
        createAddOperation3.get("mechanism-configurations").get(0).get("realm-mapper").set("local");
        createAddOperation3.get("mechanism-configurations").get(1).get("mechanism-name").set("DIGEST-MD5");
        createAddOperation3.get("mechanism-configurations").get(1).get("mechanism-realm-configurations").get(0).get("realm-name").set(getSecurityRealmName());
        modelNode2.add(createAddOperation3);
        modelNode2.add(Util.getWriteAttributeOperation(this.remotingConnectorAddress, "sasl-authentication-factory", getSaslAuthenticationName()));
        ModelNode createAddOperation4 = Util.createAddOperation(this.ejbDomainAddress);
        createAddOperation4.get("security-domain").set(getSecurityDomainName());
        modelNode2.add(createAddOperation4);
        ModelNode createAddOperation5 = Util.createAddOperation(this.httpAuthenticationAddress);
        createAddOperation5.get("security-domain").set(getSecurityDomainName());
        createAddOperation5.get("http-server-mechanism-factory").set("global");
        createAddOperation5.get("mechanism-configurations").get(0).get("mechanism-name").set("BASIC");
        createAddOperation5.get("mechanism-configurations").get(0).get("mechanism-realm-configurations").get(0).get("realm-name").set("TestingRealm");
        modelNode2.add(createAddOperation5);
        ModelNode createAddOperation6 = Util.createAddOperation(this.undertowDomainAddress);
        createAddOperation6.get("http-authentication-factory").set(getHttpAuthenticationName());
        modelNode2.add(createAddOperation6);
        applyUpdate(managementClient.getControllerClient(), modelNode, false);
        ServerReload.reloadIfRequired(managementClient.getControllerClient());
    }

    @Override // org.jboss.as.test.integration.security.common.AbstractSecurityDomainSetup
    public void tearDown(ManagementClient managementClient, String str) {
        try {
            applyUpdate(managementClient.getControllerClient(), Util.getWriteAttributeOperation(this.remotingConnectorAddress, "sasl-authentication-factory", "application-sasl-authentication"), false);
            try {
                ServerReload.reloadIfRequired(managementClient.getControllerClient());
                new LinkedList();
                applyRemoveAllowReload(managementClient.getControllerClient(), this.undertowDomainAddress, false);
                applyRemoveAllowReload(managementClient.getControllerClient(), this.httpAuthenticationAddress, false);
                applyRemoveAllowReload(managementClient.getControllerClient(), this.ejbDomainAddress, false);
                try {
                    ServerReload.executeReloadAndWaitForCompletion(managementClient.getControllerClient());
                    applyRemoveAllowReload(managementClient.getControllerClient(), this.saslAuthenticationAddress, false);
                    applyRemoveAllowReload(managementClient.getControllerClient(), this.domainAddress, false);
                    applyRemoveAllowReload(managementClient.getControllerClient(), this.realmAddress, false);
                } catch (Exception e) {
                    throw new RuntimeException(e);
                }
            } catch (Exception e2) {
                throw new RuntimeException(e2);
            }
        } catch (Exception e3) {
            throw new RuntimeException(e3);
        }
    }

    private static void applyRemoveAllowReload(ModelControllerClient modelControllerClient, PathAddress pathAddress, boolean z) {
        ModelNode createRemoveOperation = Util.createRemoveOperation(pathAddress);
        createRemoveOperation.get(new String[]{"operation-headers", "allow-resource-service-restart"}).set(true);
        try {
            applyUpdate(modelControllerClient, createRemoveOperation, z);
        } catch (IOException e) {
            throw new RuntimeException(e);
        }
    }
}
