package org.wildfly.extension.elytron;

import java.net.MalformedURLException;
import java.net.URL;
import org.jboss.as.controller.AbstractAddStepHandler;
import org.jboss.as.controller.AbstractWriteAttributeHandler;
import org.jboss.as.controller.AttributeDefinition;
import org.jboss.as.controller.OperationContext;
import org.jboss.as.controller.OperationFailedException;
import org.jboss.as.controller.OperationStepHandler;
import org.jboss.as.controller.PathElement;
import org.jboss.as.controller.SimpleAttributeDefinition;
import org.jboss.as.controller.SimpleAttributeDefinitionBuilder;
import org.jboss.as.controller.SimpleResourceDefinition;
import org.jboss.as.controller.operations.validation.StringLengthValidator;
import org.jboss.as.controller.registry.ManagementResourceRegistration;
import org.jboss.as.controller.registry.OperationEntry;
import org.jboss.dmr.ModelNode;
import org.jboss.dmr.ModelType;
import org.jboss.msc.service.Service;
import org.jboss.msc.service.ServiceBuilder;
import org.jboss.msc.service.ServiceController;
import org.jboss.msc.service.ServiceRegistry;
import org.wildfly.extension.elytron.TrivialService;
import org.wildfly.extension.elytron._private.ElytronSubsystemMessages;
import org.wildfly.security.x500.cert.acme.CertificateAuthority;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:wildfly.zip:modules/system/layers/base/org/wildfly/extension/elytron/main/wildfly-elytron-integration-15.0.1.Final.jar:org/wildfly/extension/elytron/CertificateAuthorityDefinition.class */
public class CertificateAuthorityDefinition extends SimpleResourceDefinition {
    static final SimpleAttributeDefinition URL = new SimpleAttributeDefinitionBuilder("url", ModelType.STRING, false).setValidator(new URLValidator(false)).setAllowExpression(true).setRestartAllServices().build();
    static final SimpleAttributeDefinition STAGING_URL = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.STAGING_URL, ModelType.STRING, true).setValidator(new URLValidator(false)).setAllowExpression(true).setRestartAllServices().build();
    private static final AttributeDefinition[] ATTRIBUTES = {URL, STAGING_URL};
    private static final AbstractAddStepHandler ADD = new CertificateAuthorityAddHandler();
    private static final OperationStepHandler REMOVE = new TrivialCapabilityServiceRemoveHandler(ADD, Capabilities.CERTIFICATE_AUTHORITY_RUNTIME_CAPABILITY);
    private static final AbstractWriteAttributeHandler WRITE = new ElytronReloadRequiredWriteAttributeHandler(ATTRIBUTES);

    /* loaded from: input_file:wildfly.zip:modules/system/layers/base/org/wildfly/extension/elytron/main/wildfly-elytron-integration-15.0.1.Final.jar:org/wildfly/extension/elytron/CertificateAuthorityDefinition$CertificateAuthorityAddHandler.class */
    private static class CertificateAuthorityAddHandler extends BaseAddHandler {
        private CertificateAuthorityAddHandler() {
            super(Capabilities.CERTIFICATE_AUTHORITY_RUNTIME_CAPABILITY, CertificateAuthorityDefinition.ATTRIBUTES);
        }

        /* JADX INFO: Access modifiers changed from: protected */
        @Override // org.jboss.as.controller.AbstractAddStepHandler
        public void performRuntime(OperationContext operationContext, ModelNode modelNode, ModelNode modelNode2) throws OperationFailedException {
            if (operationContext.getCurrentAddressValue().equalsIgnoreCase(CertificateAuthority.LETS_ENCRYPT.getName())) {
                throw ElytronSubsystemMessages.ROOT_LOGGER.letsEncryptNameNotAllowed();
            }
            ElytronDefinition.commonRequirements(installService(operationContext, modelNode2)).setInitialMode(ServiceController.Mode.ACTIVE).install();
        }

        ServiceBuilder<CertificateAuthority> installService(OperationContext operationContext, ModelNode modelNode) {
            return operationContext.getServiceTarget().addService(Capabilities.CERTIFICATE_AUTHORITY_RUNTIME_CAPABILITY.getCapabilityServiceName(operationContext.getCurrentAddressValue()), new TrivialService(getValueSupplier(operationContext, modelNode)));
        }

        protected TrivialService.ValueSupplier<CertificateAuthority> getValueSupplier(OperationContext operationContext, ModelNode modelNode) {
            return () -> {
                return new CertificateAuthority(operationContext.getCurrentAddress().getLastElement().getValue(), modelNode.get("url").asString(), modelNode.get(ElytronDescriptionConstants.STAGING_URL).asStringOrNull());
            };
        }
    }

    /* loaded from: input_file:wildfly.zip:modules/system/layers/base/org/wildfly/extension/elytron/main/wildfly-elytron-integration-15.0.1.Final.jar:org/wildfly/extension/elytron/CertificateAuthorityDefinition$URLValidator.class */
    private static class URLValidator extends StringLengthValidator {
        private URLValidator(boolean z) {
            super(1, z, false);
        }

        @Override // org.jboss.as.controller.operations.validation.StringLengthValidator, org.jboss.as.controller.operations.validation.ModelTypeValidator, org.jboss.as.controller.operations.validation.ParameterValidator
        public void validateParameter(String str, ModelNode modelNode) throws OperationFailedException {
            super.validateParameter(str, modelNode);
            String asString = modelNode.asString();
            try {
                new URL(asString);
            } catch (MalformedURLException e) {
                throw ElytronSubsystemMessages.ROOT_LOGGER.invalidURL(asString, e);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public CertificateAuthorityDefinition() {
        super(new SimpleResourceDefinition.Parameters(PathElement.pathElement("certificate-authority"), ElytronExtension.getResourceDescriptionResolver("certificate-authority")).setAddHandler(ADD).setRemoveHandler(REMOVE).setAddRestartLevel(OperationEntry.Flag.RESTART_RESOURCE_SERVICES).setRemoveRestartLevel(OperationEntry.Flag.RESTART_RESOURCE_SERVICES).setCapabilities(Capabilities.CERTIFICATE_AUTHORITY_RUNTIME_CAPABILITY));
    }

    @Override // org.jboss.as.controller.SimpleResourceDefinition, org.jboss.as.controller.ResourceDefinition
    public void registerAttributes(ManagementResourceRegistration managementResourceRegistration) {
        for (AttributeDefinition attributeDefinition : ATTRIBUTES) {
            managementResourceRegistration.registerReadWriteAttribute(attributeDefinition, null, WRITE);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Service<CertificateAuthority> getCertificateAuthorityService(ServiceRegistry serviceRegistry, String str) {
        return ElytronExtension.getRequiredService(serviceRegistry, Capabilities.CERTIFICATE_AUTHORITY_RUNTIME_CAPABILITY.fromBaseCapability(str).getCapabilityServiceName(), CertificateAuthority.class).getService();
    }
}
