package org.jboss.ejb.client.legacy;

import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.security.auth.callback.CallbackHandler;
import org.jboss.as.server.deployment.jbossallxml.JBossAllXMLParsingProcessor;
import org.jboss.ejb._private.Logs;
import org.jboss.ejb.client.legacy.JBossEJBProperties;
import org.wildfly.clustering.ejb.BeanManagerFactoryServiceConfiguratorConfiguration;
import org.wildfly.common.function.ExceptionSupplier;
import org.wildfly.security.auth.client.AuthenticationConfiguration;
import org.wildfly.security.auth.client.AuthenticationContext;
import org.wildfly.security.auth.client.LegacyConfiguration;
import org.wildfly.security.auth.client.MatchRule;
import org.wildfly.security.sasl.SaslMechanismSelector;
import org.wildfly.security.sasl.localuser.LocalUserClient;
import org.xnio.Option;
import org.xnio.OptionMap;
import org.xnio.Options;
import org.xnio.Property;
import org.xnio.Sequence;
import org.xnio.sasl.SaslUtils;

/* loaded from: input_file:wildfly.zip:modules/system/layers/base/org/jboss/ejb-client/main/jboss-ejb-client-4.0.39.Final.jar:org/jboss/ejb/client/legacy/ElytronLegacyConfiguration.class */
public final class ElytronLegacyConfiguration implements LegacyConfiguration {
    private static final boolean QUIET_AUTH = SecurityUtils.getBoolean(LocalUserClient.LEGACY_QUIET_AUTH);
    private static final String[] NO_STRINGS = new String[0];

    @Override // org.wildfly.security.auth.client.LegacyConfiguration
    public AuthenticationContext getConfiguredAuthenticationContext() {
        AuthenticationContext empty = AuthenticationContext.empty();
        JBossEJBProperties current = JBossEJBProperties.getCurrent();
        if (current == null) {
            return empty;
        }
        Logs.MAIN.legacyEJBPropertiesSecurityConfigurationInUse();
        for (JBossEJBProperties.ConnectionConfiguration connectionConfiguration : current.getConnectionList()) {
            MatchRule matchAbstractType = MatchRule.ALL.matchAbstractType(BeanManagerFactoryServiceConfiguratorConfiguration.DEFAULT_CONTAINER_NAME, JBossAllXMLParsingProcessor.JBOSS);
            AuthenticationConfiguration authenticationConfiguration = AuthenticationConfiguration.EMPTY;
            String host = connectionConfiguration.getHost();
            if (host != null) {
                MatchRule matchHost = matchAbstractType.matchHost(host);
                int port = connectionConfiguration.getPort();
                if (port != -1) {
                    matchHost = matchHost.matchPort(port);
                }
                empty = empty.with(matchHost, configureCommon(current, connectionConfiguration, authenticationConfiguration));
            }
        }
        for (Map.Entry<String, JBossEJBProperties.ClusterConfiguration> entry : current.getClusterConfigurations().entrySet()) {
            String key = entry.getKey();
            JBossEJBProperties.ClusterConfiguration value = entry.getValue();
            MatchRule matchAbstractType2 = MatchRule.ALL.matchAbstractType(BeanManagerFactoryServiceConfiguratorConfiguration.DEFAULT_CONTAINER_NAME, JBossAllXMLParsingProcessor.JBOSS);
            AuthenticationConfiguration authenticationConfiguration2 = AuthenticationConfiguration.EMPTY;
            empty = empty.with(matchAbstractType2.matchProtocol("cluster").matchUrnName(key), configureCommon(current, value, authenticationConfiguration2));
            List<JBossEJBProperties.ClusterNodeConfiguration> nodeConfigurations = value.getNodeConfigurations();
            if (nodeConfigurations != null) {
                for (JBossEJBProperties.ClusterNodeConfiguration clusterNodeConfiguration : nodeConfigurations) {
                    MatchRule matchAbstractType3 = MatchRule.ALL.matchAbstractType(BeanManagerFactoryServiceConfiguratorConfiguration.DEFAULT_CONTAINER_NAME, JBossAllXMLParsingProcessor.JBOSS);
                    AuthenticationConfiguration authenticationConfiguration3 = AuthenticationConfiguration.EMPTY;
                    empty = empty.with(matchAbstractType3.matchProtocol("node").matchUrnName(clusterNodeConfiguration.getNodeName()), configureCommon(current, clusterNodeConfiguration, authenticationConfiguration3));
                }
            }
        }
        return empty;
    }

    private static AuthenticationConfiguration configureCommon(JBossEJBProperties jBossEJBProperties, JBossEJBProperties.CommonSubconfiguration commonSubconfiguration, AuthenticationConfiguration authenticationConfiguration) {
        JBossEJBProperties.AuthenticationConfiguration authenticationConfiguration2 = commonSubconfiguration.getAuthenticationConfiguration();
        String userName = authenticationConfiguration2 == null ? null : authenticationConfiguration2.getUserName();
        if (userName != null) {
            authenticationConfiguration = authenticationConfiguration.useName(userName);
        }
        String mechanismRealm = authenticationConfiguration2 == null ? null : authenticationConfiguration2.getMechanismRealm();
        if (mechanismRealm != null) {
            authenticationConfiguration = authenticationConfiguration.useRealm(mechanismRealm);
        }
        ExceptionSupplier<CallbackHandler, ReflectiveOperationException> callbackHandlerSupplier = authenticationConfiguration2 == null ? null : authenticationConfiguration2.getCallbackHandlerSupplier();
        if (callbackHandlerSupplier != null) {
            try {
                authenticationConfiguration = authenticationConfiguration.useCallbackHandler(callbackHandlerSupplier.get());
            } catch (ReflectiveOperationException e) {
                throw Logs.MAIN.cannotInstantiateCallbackHandler(jBossEJBProperties.getDefaultCallbackHandlerClassName(), e);
            }
        }
        String password = authenticationConfiguration2 == null ? null : authenticationConfiguration2.getPassword();
        if (password != null) {
            authenticationConfiguration = authenticationConfiguration.usePassword(password);
        }
        OptionMap quietLocalAuth = setQuietLocalAuth(commonSubconfiguration.getConnectionOptions(), QUIET_AUTH);
        Map<String, ?> createPropertyMap = SaslUtils.createPropertyMap(quietLocalAuth, false);
        if (!createPropertyMap.isEmpty()) {
            authenticationConfiguration = authenticationConfiguration.useMechanismProperties(createPropertyMap);
        }
        if (quietLocalAuth.contains(Options.SASL_DISALLOWED_MECHANISMS)) {
            authenticationConfiguration = authenticationConfiguration.setSaslMechanismSelector(SaslMechanismSelector.DEFAULT.forbidMechanisms((String[]) ((Sequence) quietLocalAuth.get(Options.SASL_DISALLOWED_MECHANISMS)).toArray(NO_STRINGS)));
        } else if (quietLocalAuth.contains(Options.SASL_MECHANISMS)) {
            authenticationConfiguration = authenticationConfiguration.setSaslMechanismSelector(SaslMechanismSelector.DEFAULT.addMechanisms((String[]) ((Sequence) quietLocalAuth.get(Options.SASL_MECHANISMS)).toArray(NO_STRINGS)));
        }
        return authenticationConfiguration.useProvidersFromClassLoader(ElytronLegacyConfiguration.class.getClassLoader());
    }

    private static OptionMap setQuietLocalAuth(OptionMap optionMap, boolean z) {
        Sequence sequence = (Sequence) optionMap.get(Options.SASL_PROPERTIES);
        if (sequence == null) {
            OptionMap.Builder addAll = OptionMap.builder().addAll(optionMap);
            addAll.set((Option<Option<Sequence<Property>>>) Options.SASL_PROPERTIES, (Option<Sequence<Property>>) Sequence.of((Object[]) new Property[]{Property.of(LocalUserClient.QUIET_AUTH, Boolean.toString(z))}));
            return addAll.getMap();
        }
        Iterator it = sequence.iterator();
        while (it.hasNext()) {
            String key = ((Property) it.next()).getKey();
            if (key.equals(LocalUserClient.QUIET_AUTH) || key.equals(LocalUserClient.LEGACY_QUIET_AUTH)) {
                return optionMap;
            }
        }
        sequence.add(Property.of(LocalUserClient.QUIET_AUTH, Boolean.toString(z)));
        return optionMap;
    }
}
