package org.infinispan.server.configuration.security;

import java.security.KeyStore;
import java.security.spec.AlgorithmParameterSpec;
import java.util.HashMap;
import java.util.Properties;
import java.util.function.Supplier;
import org.infinispan.commons.CacheConfigurationException;
import org.infinispan.commons.configuration.attributes.AttributeDefinition;
import org.infinispan.commons.configuration.attributes.AttributeSet;
import org.infinispan.commons.configuration.attributes.ConfigurationElement;
import org.infinispan.configuration.parsing.ParseUtils;
import org.infinispan.server.Server;
import org.infinispan.server.configuration.Attribute;
import org.infinispan.server.configuration.Element;
import org.infinispan.server.security.ElytronPasswordProviderSupplier;
import org.wildfly.security.auth.server.IdentityCredentials;
import org.wildfly.security.credential.Credential;
import org.wildfly.security.credential.PasswordCredential;
import org.wildfly.security.credential.store.CredentialStore;
import org.wildfly.security.credential.store.CredentialStoreException;
import org.wildfly.security.credential.store.CredentialStoreSpi;
import org.wildfly.security.credential.store.impl.KeyStoreCredentialStore;
import org.wildfly.security.password.interfaces.ClearPassword;

/* loaded from: input_file:org/infinispan/server/configuration/security/CredentialStoreConfiguration.class */
public class CredentialStoreConfiguration extends ConfigurationElement<CredentialStoresConfiguration> {
    public static final AttributeDefinition<String> NAME = AttributeDefinition.builder(Attribute.NAME, (Object) null, String.class).build();
    public static final AttributeDefinition<String> PATH = AttributeDefinition.builder(Attribute.PATH, (Object) null, String.class).build();
    public static final AttributeDefinition<String> RELATIVE_TO = AttributeDefinition.builder(Attribute.RELATIVE_TO, Server.INFINISPAN_SERVER_CONFIG_PATH, String.class).autoPersist(false).build();
    public static final AttributeDefinition<String> TYPE = AttributeDefinition.builder(Attribute.TYPE, "pkcs12", String.class).build();
    static final AttributeDefinition<Supplier<char[]>> CREDENTIAL = AttributeDefinition.builder(Attribute.CREDENTIAL, (Object) null, Supplier.class).serializer((configurationWriter, str, supplier) -> {
        configurationWriter.writeStartElement(Element.CLEAR_TEXT_CREDENTIAL);
        if (configurationWriter.clearTextSecrets()) {
            configurationWriter.writeAttribute(Attribute.CLEAR_TEXT, new String((char[]) supplier.get()));
        } else {
            configurationWriter.writeAttribute(Attribute.CLEAR_TEXT, "***");
        }
        configurationWriter.writeEndElement();
    }).build();
    private CredentialStoreSpi credentialStore;

    /* JADX INFO: Access modifiers changed from: package-private */
    public static AttributeSet attributeDefinitionSet() {
        KeyStore.getDefaultType();
        return new AttributeSet(CredentialStoreConfiguration.class, new AttributeDefinition[]{NAME, PATH, RELATIVE_TO, TYPE, CREDENTIAL});
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public CredentialStoreConfiguration(AttributeSet attributeSet) {
        super(Element.CREDENTIAL_STORE, attributeSet, new ConfigurationElement[0]);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void init(Properties properties) {
        if (this.credentialStore == null) {
            if (this.attributes.attribute(PATH).isNull()) {
                throw new IllegalStateException("file has to be specified");
            }
            String resolvePath = ParseUtils.resolvePath((String) this.attributes.attribute(PATH).get(), properties.getProperty((String) this.attributes.attribute(RELATIVE_TO).get()));
            this.credentialStore = new KeyStoreCredentialStore();
            HashMap hashMap = new HashMap();
            hashMap.put("location", resolvePath);
            hashMap.put("create", "false");
            hashMap.put("keyStoreType", (String) this.attributes.attribute(TYPE).get());
            try {
                this.credentialStore.initialize(hashMap, new CredentialStore.CredentialSourceProtectionParameter(IdentityCredentials.NONE.withCredential(new PasswordCredential(ClearPassword.createRaw("clear", (char[]) ((Supplier) this.attributes.attribute(CREDENTIAL).get()).get())))), ElytronPasswordProviderSupplier.PROVIDERS);
            } catch (CredentialStoreException e) {
                if (!e.getMessage().startsWith("ELY09518")) {
                    throw new CacheConfigurationException(e);
                }
            }
        }
    }

    public <C extends Credential> C getCredential(String str, Class<C> cls) {
        if (str == null) {
            try {
                if (this.credentialStore.getAliases().size() != 1) {
                    throw Server.log.unspecifiedCredentialAlias();
                }
                str = (String) this.credentialStore.getAliases().iterator().next();
            } catch (CredentialStoreException e) {
                throw new CacheConfigurationException(e);
            }
        }
        return (C) this.credentialStore.retrieve(str, cls, (String) null, (AlgorithmParameterSpec) null, (CredentialStore.ProtectionParameter) null);
    }
}
