package org.jboss.as.remoting;

import java.net.URI;
import java.net.URISyntaxException;
import java.security.AccessController;
import java.security.GeneralSecurityException;
import java.util.function.Consumer;
import java.util.function.Supplier;
import javax.net.ssl.SSLContext;
import org.jboss.as.domain.management.CallbackHandlerFactory;
import org.jboss.as.domain.management.SecurityRealm;
import org.jboss.as.network.NetworkUtils;
import org.jboss.as.network.OutboundSocketBinding;
import org.jboss.as.remoting.logging.RemotingLogger;
import org.jboss.msc.service.Service;
import org.jboss.msc.service.ServiceName;
import org.jboss.msc.service.StartContext;
import org.jboss.msc.service.StartException;
import org.jboss.msc.service.StopContext;
import org.jboss.remoting3.RemotingOptions;
import org.wildfly.security.auth.client.AuthenticationConfiguration;
import org.wildfly.security.auth.client.AuthenticationContext;
import org.wildfly.security.auth.client.AuthenticationContextConfigurationClient;
import org.wildfly.security.sasl.SaslMechanismSelector;
import org.xnio.OptionMap;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:wildfly.zip:modules/system/layers/base/org/jboss/as/remoting/main/wildfly-remoting-15.0.1.Final.jar:org/jboss/as/remoting/RemoteOutboundConnectionService.class */
public final class RemoteOutboundConnectionService extends AbstractOutboundConnectionService implements Service<RemoteOutboundConnectionService> {
    private static final String JBOSS_LOCAL_USER = "JBOSS-LOCAL-USER";
    private final Consumer<RemoteOutboundConnectionService> serviceConsumer;
    private final Supplier<OutboundSocketBinding> outboundSocketBindingSupplier;
    private final Supplier<SecurityRealm> securityRealmSupplier;
    private final Supplier<AuthenticationContext> authenticationContextSupplier;
    private final OptionMap connectionCreationOptions;
    private final String username;
    private final String protocol;
    private volatile URI destination;
    private volatile SSLContext sslContext;
    private volatile Supplier<AuthenticationConfiguration> authenticationConfiguration;
    static final ServiceName REMOTE_OUTBOUND_CONNECTION_BASE_SERVICE_NAME = RemotingServices.SUBSYSTEM_ENDPOINT.append(CommonAttributes.REMOTE_OUTBOUND_CONNECTION);
    private static final AuthenticationContextConfigurationClient AUTH_CONFIGURATION_CLIENT = (AuthenticationContextConfigurationClient) AccessController.doPrivileged(AuthenticationContextConfigurationClient.ACTION);

    /* JADX INFO: Access modifiers changed from: package-private */
    public RemoteOutboundConnectionService(Consumer<RemoteOutboundConnectionService> consumer, Supplier<OutboundSocketBinding> supplier, Supplier<SecurityRealm> supplier2, Supplier<AuthenticationContext> supplier3, OptionMap optionMap, String str, String str2) {
        this.serviceConsumer = consumer;
        this.outboundSocketBindingSupplier = supplier;
        this.securityRealmSupplier = supplier2;
        this.authenticationContextSupplier = supplier3;
        this.connectionCreationOptions = optionMap;
        this.username = str;
        this.protocol = str2;
    }

    @Override // org.jboss.msc.service.Service, org.jboss.msc.Service
    public void start(StartContext startContext) throws StartException {
        SSLContext sSLContext;
        OutboundSocketBinding outboundSocketBinding = this.outboundSocketBindingSupplier.get();
        String formatPossibleIpv6Address = NetworkUtils.formatPossibleIpv6Address(outboundSocketBinding.getUnresolvedDestinationAddress());
        int destinationPort = outboundSocketBinding.getDestinationPort();
        String str = this.username;
        try {
            URI uri = new URI(this.protocol, str, formatPossibleIpv6Address, destinationPort, null, null, null);
            AuthenticationContext authenticationContext = this.authenticationContextSupplier != null ? this.authenticationContextSupplier.get() : null;
            if (authenticationContext != null) {
                AuthenticationConfiguration authenticationConfiguration = AUTH_CONFIGURATION_CLIENT.getAuthenticationConfiguration(uri, authenticationContext, -1, null, null);
                try {
                    sSLContext = AUTH_CONFIGURATION_CLIENT.getSSLContext(uri, authenticationContext);
                    String realProtocol = AUTH_CONFIGURATION_CLIENT.getRealProtocol(authenticationConfiguration);
                    try {
                        uri = new URI(realProtocol == null ? Protocol.REMOTE_HTTP.toString() : realProtocol, str, formatPossibleIpv6Address, destinationPort, null, null, null);
                        this.authenticationConfiguration = () -> {
                            return AUTH_CONFIGURATION_CLIENT.getAuthenticationConfiguration(uri, authenticationContext);
                        };
                    } catch (URISyntaxException e) {
                        throw new StartException(e);
                    }
                } catch (GeneralSecurityException e2) {
                    throw RemotingLogger.ROOT_LOGGER.failedToObtainSSLContext(e2);
                }
            } else {
                SecurityRealm securityRealm = this.securityRealmSupplier != null ? this.securityRealmSupplier.get() : null;
                AuthenticationConfiguration empty = AuthenticationConfiguration.empty();
                if (securityRealm != null) {
                    if (str != null) {
                        empty = empty.useName(str).setSaslMechanismSelector(SaslMechanismSelector.DEFAULT.forbidMechanism("JBOSS-LOCAL-USER"));
                        CallbackHandlerFactory secretCallbackHandlerFactory = securityRealm.getSecretCallbackHandlerFactory();
                        if (secretCallbackHandlerFactory != null) {
                            empty = empty.useCallbackHandler(secretCallbackHandlerFactory.getCallbackHandler(str));
                        }
                    }
                    sSLContext = securityRealm.getSSLContext();
                } else {
                    sSLContext = null;
                }
                AuthenticationConfiguration authenticationConfiguration2 = empty;
                this.authenticationConfiguration = () -> {
                    return authenticationConfiguration2;
                };
            }
            this.destination = uri;
            this.sslContext = sSLContext;
            this.serviceConsumer.accept(this);
        } catch (URISyntaxException e3) {
            throw new StartException(e3);
        }
    }

    @Override // org.jboss.msc.service.Service, org.jboss.msc.Service
    public void stop(StopContext stopContext) {
        this.serviceConsumer.accept(null);
        this.authenticationConfiguration = null;
        this.destination = null;
        this.sslContext = null;
    }

    @Override // org.jboss.as.network.OutboundConnection
    public AuthenticationConfiguration getAuthenticationConfiguration() {
        AuthenticationConfiguration authenticationConfiguration = this.authenticationConfiguration.get();
        OptionMap optionMap = this.connectionCreationOptions;
        return optionMap != null ? RemotingOptions.mergeOptionsIntoAuthenticationConfiguration(optionMap, authenticationConfiguration) : authenticationConfiguration;
    }

    @Override // org.jboss.as.network.OutboundConnection
    public SSLContext getSSLContext() {
        return this.sslContext;
    }

    @Override // org.jboss.as.network.OutboundConnection
    public URI getDestinationUri() {
        return this.destination;
    }

    @Override // org.jboss.msc.value.Value
    public RemoteOutboundConnectionService getValue() throws IllegalStateException, IllegalArgumentException {
        return this;
    }
}
