package org.jboss.as.domain.management.security;

import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import org.jboss.as.controller.AttributeDefinition;
import org.jboss.as.controller.ModelVersion;
import org.jboss.as.controller.OperationContext;
import org.jboss.as.controller.OperationFailedException;
import org.jboss.as.controller.OperationStepHandler;
import org.jboss.as.controller.PathAddress;
import org.jboss.as.controller.PathElement;
import org.jboss.as.controller.ResourceDefinition;
import org.jboss.as.controller.SimpleAttributeDefinition;
import org.jboss.as.controller.SimpleAttributeDefinitionBuilder;
import org.jboss.as.controller.SimpleOperationDefinition;
import org.jboss.as.controller.SimpleOperationDefinitionBuilder;
import org.jboss.as.controller.SimpleResourceDefinition;
import org.jboss.as.controller.client.helpers.MeasurementUnit;
import org.jboss.as.controller.descriptions.common.ControllerResolver;
import org.jboss.as.controller.operations.common.Util;
import org.jboss.as.controller.registry.AttributeAccess;
import org.jboss.as.controller.registry.ManagementResourceRegistration;
import org.jboss.as.controller.registry.OperationEntry;
import org.jboss.as.domain.management.ModelDescriptionConstants;
import org.jboss.as.domain.management.logging.DomainManagementLogger;
import org.jboss.as.domain.management.security.LdapSearcherCache;
import org.jboss.dmr.ModelNode;
import org.jboss.dmr.ModelType;

/* loaded from: input_file:org/jboss/as/domain/management/security/LdapCacheResourceDefinition.class */
public class LdapCacheResourceDefinition extends SimpleResourceDefinition {
    private static final CacheDefinitionValidatingHandler VALIDATION_INSTANCE = new CacheDefinitionValidatingHandler();
    public static final SimpleAttributeDefinition EVICTION_TIME = new SimpleAttributeDefinitionBuilder(ModelDescriptionConstants.EVICTION_TIME, ModelType.INT, true).setAllowExpression(true).setDefaultValue(new ModelNode().set(900)).setFlags(AttributeAccess.Flag.RESTART_RESOURCE_SERVICES).setMeasurementUnit(MeasurementUnit.SECONDS).build();
    public static final SimpleAttributeDefinition CACHE_FAILURES = new SimpleAttributeDefinitionBuilder(ModelDescriptionConstants.CACHE_FAILURES, ModelType.BOOLEAN, true).setAllowExpression(true).setDefaultValue(new ModelNode().set(false)).setFlags(AttributeAccess.Flag.RESTART_RESOURCE_SERVICES).build();
    public static final SimpleAttributeDefinition MAX_CACHE_SIZE = new SimpleAttributeDefinitionBuilder(ModelDescriptionConstants.MAX_CACHE_SIZE, ModelType.INT, true).setAllowExpression(true).setDefaultValue(new ModelNode().set(0)).setFlags(AttributeAccess.Flag.RESTART_RESOURCE_SERVICES).build();
    public static final SimpleAttributeDefinition CACHE_SIZE = new SimpleAttributeDefinitionBuilder(ModelDescriptionConstants.CACHE_SIZE, ModelType.INT).setStorageRuntime().setRuntimeServiceNotRequired().setMeasurementUnit(MeasurementUnit.SECONDS).build();
    public static final SimpleAttributeDefinition NAME = new SimpleAttributeDefinition("name", ModelType.STRING, true);
    public static final SimpleAttributeDefinition NAME_REQUIRED = new SimpleAttributeDefinition("name", ModelType.STRING, false);
    public static final SimpleAttributeDefinition DISTINGUISHED_NAME = new SimpleAttributeDefinition(ModelDescriptionConstants.DISTINGUISHED_NAME, ModelType.STRING, true);
    public static final SimpleOperationDefinition FLUSH_CACHE_NAME_ONLY = new SimpleOperationDefinitionBuilder(ModelDescriptionConstants.FLUSH_CACHE, ControllerResolver.getResolver("core.management.security-realm.ldap.cache")).setEntryType(OperationEntry.EntryType.PUBLIC).addParameter(NAME).setRuntimeOnly().build();
    public static final SimpleOperationDefinition FLUSH_CACHE_FULL = new SimpleOperationDefinitionBuilder(ModelDescriptionConstants.FLUSH_CACHE, ControllerResolver.getResolver("core.management.security-realm.ldap.cache")).setEntryType(OperationEntry.EntryType.PUBLIC).addParameter(NAME).addParameter(DISTINGUISHED_NAME).setRuntimeOnly().build();
    public static final SimpleOperationDefinition CONTAINS_NAME_ONLY = new SimpleOperationDefinitionBuilder(ModelDescriptionConstants.CONTAINS, ControllerResolver.getResolver("core.management.security-realm.ldap.cache")).setEntryType(OperationEntry.EntryType.PUBLIC).addParameter(NAME_REQUIRED).setRuntimeOnly().setReplyValueType(ModelType.BOOLEAN).build();
    public static final SimpleOperationDefinition CONTAINS_FULL = new SimpleOperationDefinitionBuilder(ModelDescriptionConstants.CONTAINS, ControllerResolver.getResolver("core.management.security-realm.ldap.cache")).setEntryType(OperationEntry.EntryType.PUBLIC).addParameter(NAME).addParameter(DISTINGUISHED_NAME).setRuntimeOnly().setReplyValueType(ModelType.BOOLEAN).build();
    private static final OperationStepHandler NAME_ONLY_HANDLER = new NameOnlyOpHandler();
    private static final OperationStepHandler FULL_HANDLER = new FullOpHandler();
    private final SimpleAttributeDefinition[] configurationAttributes;
    private final SimpleAttributeDefinition[] runtimeAttributes;
    private final SimpleOperationDefinition[] runtimeOperations;
    private final OperationStepHandler runtimeStepHandler;

    /* loaded from: input_file:org/jboss/as/domain/management/security/LdapCacheResourceDefinition$BaseRuntimeOpHandler.class */
    private static abstract class BaseRuntimeOpHandler<K> implements OperationStepHandler {
        private static final Set<String> VALID_OPS;

        private BaseRuntimeOpHandler() {
        }

        @Override // org.jboss.as.controller.OperationStepHandler
        public void execute(OperationContext operationContext, ModelNode modelNode) throws OperationFailedException {
            final String asString = modelNode.get("operation").asString();
            if (VALID_OPS.contains(asString)) {
                operationContext.addStep(new OperationStepHandler() { // from class: org.jboss.as.domain.management.security.LdapCacheResourceDefinition.BaseRuntimeOpHandler.1
                    @Override // org.jboss.as.controller.OperationStepHandler
                    public void execute(OperationContext operationContext2, ModelNode modelNode2) throws OperationFailedException {
                        if ("read-attribute".equals(asString)) {
                            BaseRuntimeOpHandler.this.readAttribute(operationContext2, modelNode2);
                        } else if (ModelDescriptionConstants.FLUSH_CACHE.equals(asString)) {
                            BaseRuntimeOpHandler.this.flushCache(operationContext2, modelNode2);
                        } else if (ModelDescriptionConstants.CONTAINS.equals(asString)) {
                            BaseRuntimeOpHandler.this.contains(operationContext2, modelNode2);
                        }
                    }
                }, OperationContext.Stage.RUNTIME);
            }
        }

        public abstract void flushCache(OperationContext operationContext, ModelNode modelNode) throws OperationFailedException;

        public abstract void contains(OperationContext operationContext, ModelNode modelNode) throws OperationFailedException;

        public void readAttribute(OperationContext operationContext, ModelNode modelNode) throws OperationFailedException {
            if (ModelDescriptionConstants.CACHE_SIZE.equals(modelNode.get("name").asString())) {
                operationContext.getResult().set(lookupService(operationContext, modelNode).getCurrentSize());
            }
        }

        protected LdapSearcherCache<?, K> lookupService(OperationContext operationContext, ModelNode modelNode) throws OperationFailedException {
            String str = null;
            boolean z = false;
            boolean z2 = false;
            Iterator<PathElement> iterator2 = PathAddress.pathAddress(modelNode.get("address")).iterator2();
            while (iterator2.hasNext()) {
                PathElement next = iterator2.next();
                String key = next.getKey();
                if ("security-realm".equals(key)) {
                    str = next.getValue();
                } else if ("authentication".equals(key)) {
                    z = true;
                    z2 = true;
                } else if ("authorization".equals(key)) {
                    z = false;
                } else if (org.jboss.as.controller.descriptions.ModelDescriptionConstants.USERNAME_TO_DN.equals(key)) {
                    z2 = true;
                } else if (org.jboss.as.controller.descriptions.ModelDescriptionConstants.GROUP_SEARCH.equals(key)) {
                    z2 = false;
                }
            }
            try {
                return (LdapSearcherCache) operationContext.getServiceRegistry(true).getRequiredService(LdapSearcherCache.ServiceUtil.createServiceName(z, z2, str)).awaitValue();
            } catch (InterruptedException e) {
                throw new OperationFailedException(e);
            }
        }

        static {
            HashSet hashSet = new HashSet(3);
            hashSet.add("read-attribute");
            hashSet.add(ModelDescriptionConstants.FLUSH_CACHE);
            hashSet.add(ModelDescriptionConstants.CONTAINS);
            VALID_OPS = Collections.unmodifiableSet(hashSet);
        }
    }

    /* loaded from: input_file:org/jboss/as/domain/management/security/LdapCacheResourceDefinition$CacheChildAddHandler.class */
    static class CacheChildAddHandler extends SecurityRealmChildAddHandler {
        public CacheChildAddHandler(AttributeDefinition[] attributeDefinitionArr) {
            super(false, false, attributeDefinitionArr);
        }

        /* JADX INFO: Access modifiers changed from: protected */
        @Override // org.jboss.as.domain.management.security.SecurityRealmChildAddHandler, org.jboss.as.controller.RestartParentResourceHandlerBase
        public void updateModel(OperationContext operationContext, ModelNode modelNode) throws OperationFailedException {
            super.updateModel(operationContext, modelNode);
            operationContext.addStep(LdapCacheResourceDefinition.createOperation(modelNode), LdapCacheResourceDefinition.VALIDATION_INSTANCE, OperationContext.Stage.MODEL);
        }
    }

    /* loaded from: input_file:org/jboss/as/domain/management/security/LdapCacheResourceDefinition$CacheDefinitionValidatingHandler.class */
    private static class CacheDefinitionValidatingHandler implements OperationStepHandler {
        private CacheDefinitionValidatingHandler() {
        }

        @Override // org.jboss.as.controller.OperationStepHandler
        public void execute(OperationContext operationContext, ModelNode modelNode) throws OperationFailedException {
            if (operationContext.readResource(PathAddress.EMPTY_ADDRESS).getChildrenNames("cache").size() > 1) {
                throw DomainManagementLogger.ROOT_LOGGER.multipleCacheConfigurationsDefined(ManagementUtil.getSecurityRealmName(modelNode));
            }
        }
    }

    /* loaded from: input_file:org/jboss/as/domain/management/security/LdapCacheResourceDefinition$CacheFor.class */
    public enum CacheFor {
        AuthUser,
        AuthzUser,
        AuthzGroup
    }

    /* loaded from: input_file:org/jboss/as/domain/management/security/LdapCacheResourceDefinition$FullOpHandler.class */
    private static class FullOpHandler extends BaseRuntimeOpHandler<LdapEntry> {
        private FullOpHandler() {
            super();
        }

        @Override // org.jboss.as.domain.management.security.LdapCacheResourceDefinition.BaseRuntimeOpHandler
        public void flushCache(OperationContext operationContext, ModelNode modelNode) throws OperationFailedException {
            LdapSearcherCache<?, LdapEntry> lookupService = lookupService(operationContext, modelNode);
            String str = null;
            String str2 = null;
            if (modelNode.hasDefined("name")) {
                str = modelNode.require("name").asString();
            }
            if (modelNode.hasDefined(ModelDescriptionConstants.DISTINGUISHED_NAME)) {
                str2 = modelNode.require(ModelDescriptionConstants.DISTINGUISHED_NAME).asString();
            }
            if (str == null && str2 == null) {
                lookupService.clearAll();
            } else if (str == null || str2 == null) {
                lookupService.clear(new LdapEntryPredicate(str, str2));
            } else {
                lookupService.clear((LdapSearcherCache<?, LdapEntry>) new LdapEntry(str, str2));
            }
        }

        @Override // org.jboss.as.domain.management.security.LdapCacheResourceDefinition.BaseRuntimeOpHandler
        public void contains(OperationContext operationContext, ModelNode modelNode) throws OperationFailedException {
            LdapSearcherCache<?, LdapEntry> lookupService = lookupService(operationContext, modelNode);
            String str = null;
            String str2 = null;
            if (modelNode.hasDefined("name")) {
                str = modelNode.require("name").asString();
            }
            if (modelNode.hasDefined(ModelDescriptionConstants.DISTINGUISHED_NAME)) {
                str2 = modelNode.require(ModelDescriptionConstants.DISTINGUISHED_NAME).asString();
            }
            if (str == null && str2 == null) {
                operationContext.getResult().set(false);
            } else if (str == null || str2 == null) {
                operationContext.getResult().set(lookupService.count(new LdapEntryPredicate(str, str2)) > 0);
            } else {
                operationContext.getResult().set(lookupService.contains(new LdapEntry(str, str2)));
            }
        }
    }

    /* loaded from: input_file:org/jboss/as/domain/management/security/LdapCacheResourceDefinition$LdapEntryPredicate.class */
    private static class LdapEntryPredicate implements LdapSearcherCache.Predicate<LdapEntry> {
        private final String name;
        private final String distinguishedName;

        private LdapEntryPredicate(String str, String str2) {
            this.name = str;
            this.distinguishedName = str2;
        }

        @Override // org.jboss.as.domain.management.security.LdapSearcherCache.Predicate
        public boolean matches(LdapEntry ldapEntry) {
            if (this.name == null || this.name.equals(ldapEntry.getSimpleName())) {
                return this.distinguishedName == null || this.distinguishedName.equals(ldapEntry.getDistinguishedName());
            }
            return false;
        }
    }

    /* loaded from: input_file:org/jboss/as/domain/management/security/LdapCacheResourceDefinition$NameOnlyOpHandler.class */
    private static class NameOnlyOpHandler extends BaseRuntimeOpHandler<String> {
        private NameOnlyOpHandler() {
            super();
        }

        @Override // org.jboss.as.domain.management.security.LdapCacheResourceDefinition.BaseRuntimeOpHandler
        public void flushCache(OperationContext operationContext, ModelNode modelNode) throws OperationFailedException {
            LdapSearcherCache<?, String> lookupService = lookupService(operationContext, modelNode);
            if (modelNode.hasDefined("name")) {
                lookupService.clear((LdapSearcherCache<?, String>) modelNode.require("name").asString());
            } else {
                lookupService.clearAll();
            }
        }

        @Override // org.jboss.as.domain.management.security.LdapCacheResourceDefinition.BaseRuntimeOpHandler
        public void contains(OperationContext operationContext, ModelNode modelNode) throws OperationFailedException {
            operationContext.getResult().set(lookupService(operationContext, modelNode).contains(modelNode.require("name").asString()));
        }
    }

    private LdapCacheResourceDefinition(PathElement pathElement, SimpleAttributeDefinition[] simpleAttributeDefinitionArr, SimpleAttributeDefinition[] simpleAttributeDefinitionArr2, SimpleOperationDefinition[] simpleOperationDefinitionArr, OperationStepHandler operationStepHandler) {
        super(new SimpleResourceDefinition.Parameters(pathElement, ControllerResolver.getDeprecatedResolver("core.management.security-realm", "core.management.security-realm.ldap.cache")).setAddHandler(new CacheChildAddHandler(simpleAttributeDefinitionArr)).setRemoveHandler(new SecurityRealmChildRemoveHandler(false)).setAddRestartLevel(OperationEntry.Flag.RESTART_ALL_SERVICES).setRemoveRestartLevel(OperationEntry.Flag.RESTART_ALL_SERVICES).setDeprecatedSince(ModelVersion.create(1, 7)));
        this.configurationAttributes = simpleAttributeDefinitionArr;
        this.runtimeAttributes = simpleAttributeDefinitionArr2;
        this.runtimeOperations = simpleOperationDefinitionArr;
        this.runtimeStepHandler = operationStepHandler;
    }

    private static ResourceDefinition create(PathElement pathElement, CacheFor cacheFor) {
        SimpleOperationDefinition[] simpleOperationDefinitionArr;
        OperationStepHandler operationStepHandler;
        SimpleAttributeDefinition[] simpleAttributeDefinitionArr = {EVICTION_TIME, CACHE_FAILURES, MAX_CACHE_SIZE};
        SimpleAttributeDefinition[] simpleAttributeDefinitionArr2 = {CACHE_SIZE};
        switch (cacheFor) {
            case AuthUser:
                simpleOperationDefinitionArr = new SimpleOperationDefinition[]{FLUSH_CACHE_NAME_ONLY, CONTAINS_NAME_ONLY};
                operationStepHandler = NAME_ONLY_HANDLER;
                break;
            default:
                simpleOperationDefinitionArr = new SimpleOperationDefinition[]{FLUSH_CACHE_FULL, CONTAINS_FULL};
                operationStepHandler = FULL_HANDLER;
                break;
        }
        return new LdapCacheResourceDefinition(pathElement, simpleAttributeDefinitionArr, simpleAttributeDefinitionArr2, simpleOperationDefinitionArr, operationStepHandler);
    }

    public static ResourceDefinition createByAccessTime(CacheFor cacheFor) {
        return create(PathElement.pathElement("cache", ModelDescriptionConstants.BY_ACCESS_TIME), cacheFor);
    }

    public static ResourceDefinition createBySearchTime(CacheFor cacheFor) {
        return create(PathElement.pathElement("cache", ModelDescriptionConstants.BY_SEARCH_TIME), cacheFor);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static ModelNode createOperation(ModelNode modelNode) {
        PathAddress pathAddress = PathAddress.pathAddress(modelNode.require("address"));
        return Util.getEmptyOperation("validate-cache", pathAddress.subAddress(0, pathAddress.size() - 1).toModelNode());
    }

    @Override // org.jboss.as.controller.SimpleResourceDefinition, org.jboss.as.controller.ResourceDefinition
    public void registerAttributes(ManagementResourceRegistration managementResourceRegistration) {
        super.registerAttributes(managementResourceRegistration);
        SecurityRealmChildWriteAttributeHandler securityRealmChildWriteAttributeHandler = new SecurityRealmChildWriteAttributeHandler(this.configurationAttributes);
        for (SimpleAttributeDefinition simpleAttributeDefinition : this.configurationAttributes) {
            managementResourceRegistration.registerReadWriteAttribute(simpleAttributeDefinition, null, securityRealmChildWriteAttributeHandler);
        }
        for (SimpleAttributeDefinition simpleAttributeDefinition2 : this.runtimeAttributes) {
            managementResourceRegistration.registerReadOnlyAttribute(simpleAttributeDefinition2, this.runtimeStepHandler);
        }
    }

    @Override // org.jboss.as.controller.SimpleResourceDefinition, org.jboss.as.controller.ResourceDefinition
    public void registerOperations(ManagementResourceRegistration managementResourceRegistration) {
        super.registerOperations(managementResourceRegistration);
        for (SimpleOperationDefinition simpleOperationDefinition : this.runtimeOperations) {
            managementResourceRegistration.registerOperationHandler(simpleOperationDefinition, this.runtimeStepHandler);
        }
    }
}
