package org.wildfly.security.auth.server;

import java.security.Permission;
import java.security.Principal;
import java.security.PrivilegedAction;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.time.Instant;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import java.util.function.BiConsumer;
import java.util.function.BiFunction;
import java.util.function.BiPredicate;
import java.util.function.ObjIntConsumer;
import java.util.function.Supplier;
import org.jboss.as.security.Constants;
import org.wildfly.common.Assert;
import org.wildfly.common.function.ExceptionBiConsumer;
import org.wildfly.common.function.ExceptionBiFunction;
import org.wildfly.common.function.ExceptionBiPredicate;
import org.wildfly.common.function.ExceptionObjIntConsumer;
import org.wildfly.security.ParametricPrivilegedAction;
import org.wildfly.security.ParametricPrivilegedExceptionAction;
import org.wildfly.security._private.ElytronMessages;
import org.wildfly.security.auth.permission.ChangeRoleMapperPermission;
import org.wildfly.security.auth.principal.AnonymousPrincipal;
import org.wildfly.security.auth.principal.NamePrincipal;
import org.wildfly.security.auth.server.event.SecurityPermissionCheckFailedEvent;
import org.wildfly.security.auth.server.event.SecurityPermissionCheckSuccessfulEvent;
import org.wildfly.security.authz.Attributes;
import org.wildfly.security.authz.AuthorizationIdentity;
import org.wildfly.security.authz.PermissionMappable;
import org.wildfly.security.authz.RoleMapper;
import org.wildfly.security.authz.Roles;
import org.wildfly.security.credential.Credential;
import org.wildfly.security.permission.ElytronPermission;
import org.wildfly.security.permission.PermissionVerifier;

/* loaded from: input_file:org/wildfly/security/auth/server/SecurityIdentity.class */
public final class SecurityIdentity implements PermissionVerifier, PermissionMappable, Supplier<SecurityIdentity>, Scoped {
    private static final Permission SET_RUN_AS_PERMISSION = ElytronPermission.forName("setRunAsPrincipal");
    private static final Permission PRIVATE_CREDENTIALS_PERMISSION = ElytronPermission.forName("getPrivateCredentials");
    private static final SecurityIdentity[] NO_IDENTITIES = new SecurityIdentity[0];
    private final SecurityDomain securityDomain;
    private final Principal principal;
    private final AuthorizationIdentity authorizationIdentity;
    private final RealmInfo realmInfo;
    private final Map<String, RoleMapper> roleMappers;
    private final Instant creationTime;
    private final PermissionVerifier verifier;
    private final IdentityCredentials publicCredentials;
    private final IdentityCredentials privateCredentials;
    private final Supplier<SecurityIdentity[]> withSuppliedIdentities;
    private final SecurityIdentity[] withIdentities;

    /* JADX INFO: Access modifiers changed from: package-private */
    public SecurityIdentity(SecurityDomain securityDomain, Principal principal, RealmInfo realmInfo, AuthorizationIdentity authorizationIdentity, Map<String, RoleMapper> map, IdentityCredentials identityCredentials, IdentityCredentials identityCredentials2) {
        this.securityDomain = securityDomain;
        this.principal = principal;
        this.realmInfo = realmInfo;
        this.authorizationIdentity = authorizationIdentity;
        this.roleMappers = map;
        this.creationTime = Instant.now();
        this.verifier = securityDomain.mapPermissions(this);
        this.publicCredentials = identityCredentials;
        this.privateCredentials = identityCredentials2;
        this.withSuppliedIdentities = null;
        this.withIdentities = null;
    }

    SecurityIdentity(SecurityIdentity securityIdentity, Map<String, RoleMapper> map) {
        this.securityDomain = securityIdentity.securityDomain;
        this.principal = securityIdentity.principal;
        this.realmInfo = securityIdentity.realmInfo;
        this.authorizationIdentity = securityIdentity.authorizationIdentity;
        this.roleMappers = map;
        this.creationTime = securityIdentity.creationTime;
        this.verifier = securityIdentity.verifier;
        this.publicCredentials = securityIdentity.publicCredentials;
        this.privateCredentials = securityIdentity.privateCredentials;
        this.withSuppliedIdentities = securityIdentity.withSuppliedIdentities;
        this.withIdentities = securityIdentity.withIdentities;
    }

    SecurityIdentity(SecurityIdentity securityIdentity, PermissionVerifier permissionVerifier) {
        this.securityDomain = securityIdentity.securityDomain;
        this.principal = securityIdentity.principal;
        this.realmInfo = securityIdentity.realmInfo;
        this.authorizationIdentity = securityIdentity.authorizationIdentity;
        this.roleMappers = securityIdentity.roleMappers;
        this.creationTime = securityIdentity.creationTime;
        this.verifier = permissionVerifier;
        this.publicCredentials = securityIdentity.publicCredentials;
        this.privateCredentials = securityIdentity.privateCredentials;
        this.withSuppliedIdentities = securityIdentity.withSuppliedIdentities;
        this.withIdentities = securityIdentity.withIdentities;
    }

    SecurityIdentity(SecurityIdentity securityIdentity, Credential credential, boolean z) {
        this.securityDomain = securityIdentity.securityDomain;
        this.principal = securityIdentity.principal;
        this.realmInfo = securityIdentity.realmInfo;
        this.authorizationIdentity = securityIdentity.authorizationIdentity;
        this.roleMappers = securityIdentity.roleMappers;
        this.creationTime = securityIdentity.creationTime;
        this.verifier = securityIdentity.verifier;
        this.publicCredentials = z ? securityIdentity.publicCredentials : securityIdentity.publicCredentials.withCredential(credential);
        this.privateCredentials = z ? securityIdentity.privateCredentials.withCredential(credential) : securityIdentity.privateCredentials;
        this.withSuppliedIdentities = securityIdentity.withSuppliedIdentities;
        this.withIdentities = securityIdentity.withIdentities;
    }

    SecurityIdentity(SecurityIdentity securityIdentity, IdentityCredentials identityCredentials, boolean z) {
        this.securityDomain = securityIdentity.securityDomain;
        this.principal = securityIdentity.principal;
        this.realmInfo = securityIdentity.realmInfo;
        this.authorizationIdentity = securityIdentity.authorizationIdentity;
        this.roleMappers = securityIdentity.roleMappers;
        this.creationTime = securityIdentity.creationTime;
        this.verifier = securityIdentity.verifier;
        this.publicCredentials = z ? securityIdentity.publicCredentials : securityIdentity.publicCredentials.with(identityCredentials);
        this.privateCredentials = z ? securityIdentity.privateCredentials.with(identityCredentials) : securityIdentity.privateCredentials;
        this.withSuppliedIdentities = securityIdentity.withSuppliedIdentities;
        this.withIdentities = securityIdentity.withIdentities;
    }

    SecurityIdentity(SecurityIdentity securityIdentity, Supplier<SecurityIdentity[]> supplier) {
        this.securityDomain = securityIdentity.securityDomain;
        this.principal = securityIdentity.principal;
        this.realmInfo = securityIdentity.realmInfo;
        this.authorizationIdentity = securityIdentity.authorizationIdentity;
        this.roleMappers = securityIdentity.roleMappers;
        this.creationTime = securityIdentity.creationTime;
        this.verifier = securityIdentity.verifier;
        this.publicCredentials = securityIdentity.publicCredentials;
        this.privateCredentials = securityIdentity.privateCredentials;
        this.withSuppliedIdentities = supplier;
        this.withIdentities = null;
    }

    SecurityIdentity(SecurityIdentity securityIdentity, SecurityIdentity[] securityIdentityArr) {
        this.securityDomain = securityIdentity.securityDomain;
        this.principal = securityIdentity.principal;
        this.realmInfo = securityIdentity.realmInfo;
        this.authorizationIdentity = securityIdentity.authorizationIdentity;
        this.roleMappers = securityIdentity.roleMappers;
        this.creationTime = securityIdentity.creationTime;
        this.verifier = securityIdentity.verifier;
        this.publicCredentials = securityIdentity.publicCredentials;
        this.privateCredentials = securityIdentity.privateCredentials;
        this.withSuppliedIdentities = null;
        this.withIdentities = securityIdentityArr;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SecurityDomain getSecurityDomain() {
        return this.securityDomain;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public RealmInfo getRealmInfo() {
        return this.realmInfo;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public AuthorizationIdentity getAuthorizationIdentity() {
        return this.authorizationIdentity;
    }

    private Supplier<SecurityIdentity>[] establishIdentities() {
        SecurityIdentity[] securityIdentityArr = this.withIdentities != null ? this.withIdentities : this.withSuppliedIdentities != null ? this.withSuppliedIdentities.get() : NO_IDENTITIES;
        if (securityIdentityArr.length == 0) {
            return NO_IDENTITIES;
        }
        Supplier<SecurityIdentity>[] supplierArr = new Supplier[securityIdentityArr.length];
        for (int i = 0; i < securityIdentityArr.length; i++) {
            SecurityIdentity securityIdentity = securityIdentityArr[i];
            supplierArr[i] = securityIdentity.get().getSecurityDomain().getAndSetCurrentSecurityIdentity(securityIdentity);
        }
        return supplierArr;
    }

    private void restoreIdentities(Supplier<SecurityIdentity>[] supplierArr) {
        for (Supplier<SecurityIdentity> supplier : supplierArr) {
            supplier.get().securityDomain.setCurrentSecurityIdentity(supplier);
        }
    }

    @Deprecated
    public <T> T runAs(PrivilegedAction<T> privilegedAction) {
        if (privilegedAction == null) {
            return null;
        }
        return (T) runAs((SecurityIdentity) privilegedAction, (ParametricPrivilegedAction<T, SecurityIdentity>) (v0) -> {
            return v0.run();
        });
    }

    @Deprecated
    public <T> T runAs(PrivilegedExceptionAction<T> privilegedExceptionAction) throws PrivilegedActionException {
        if (privilegedExceptionAction == null) {
            return null;
        }
        return (T) runAs((SecurityIdentity) privilegedExceptionAction, (ParametricPrivilegedExceptionAction<T, SecurityIdentity>) (v0) -> {
            return v0.run();
        });
    }

    @Deprecated
    public <T, P> T runAs(P p, ParametricPrivilegedAction<T, P> parametricPrivilegedAction) {
        if (parametricPrivilegedAction == null) {
            return null;
        }
        Supplier<SecurityIdentity>[] establishIdentities = establishIdentities();
        Supplier<SecurityIdentity> andSetCurrentSecurityIdentity = this.securityDomain.getAndSetCurrentSecurityIdentity(this);
        try {
            T run = parametricPrivilegedAction.run(p);
            this.securityDomain.setCurrentSecurityIdentity(andSetCurrentSecurityIdentity);
            restoreIdentities(establishIdentities);
            return run;
        } catch (Throwable th) {
            this.securityDomain.setCurrentSecurityIdentity(andSetCurrentSecurityIdentity);
            restoreIdentities(establishIdentities);
            throw th;
        }
    }

    @Deprecated
    public <T, P> T runAs(P p, ParametricPrivilegedExceptionAction<T, P> parametricPrivilegedExceptionAction) throws PrivilegedActionException {
        if (parametricPrivilegedExceptionAction == null) {
            return null;
        }
        Supplier<SecurityIdentity>[] establishIdentities = establishIdentities();
        Supplier<SecurityIdentity> andSetCurrentSecurityIdentity = this.securityDomain.getAndSetCurrentSecurityIdentity(this);
        try {
            try {
                try {
                    T run = parametricPrivilegedExceptionAction.run(p);
                    this.securityDomain.setCurrentSecurityIdentity(andSetCurrentSecurityIdentity);
                    restoreIdentities(establishIdentities);
                    return run;
                } catch (RuntimeException | PrivilegedActionException e) {
                    throw e;
                }
            } catch (Exception e2) {
                throw new PrivilegedActionException(e2);
            }
        } catch (Throwable th) {
            this.securityDomain.setCurrentSecurityIdentity(andSetCurrentSecurityIdentity);
            restoreIdentities(establishIdentities);
            throw th;
        }
    }

    @Override // org.wildfly.security.auth.server.Scoped
    public <T, U, R> R runAsFunction(BiFunction<T, U, R> biFunction, T t, U u) {
        if (biFunction == null) {
            return null;
        }
        Supplier<SecurityIdentity>[] establishIdentities = establishIdentities();
        Supplier<SecurityIdentity> andSetCurrentSecurityIdentity = this.securityDomain.getAndSetCurrentSecurityIdentity(this);
        try {
            R apply = biFunction.apply(t, u);
            this.securityDomain.setCurrentSecurityIdentity(andSetCurrentSecurityIdentity);
            restoreIdentities(establishIdentities);
            return apply;
        } catch (Throwable th) {
            this.securityDomain.setCurrentSecurityIdentity(andSetCurrentSecurityIdentity);
            restoreIdentities(establishIdentities);
            throw th;
        }
    }

    @Override // org.wildfly.security.auth.server.Scoped
    public <T, U> void runAsConsumer(BiConsumer<T, U> biConsumer, T t, U u) {
        if (biConsumer == null) {
            return;
        }
        Supplier<SecurityIdentity>[] establishIdentities = establishIdentities();
        Supplier<SecurityIdentity> andSetCurrentSecurityIdentity = this.securityDomain.getAndSetCurrentSecurityIdentity(this);
        try {
            biConsumer.accept(t, u);
            this.securityDomain.setCurrentSecurityIdentity(andSetCurrentSecurityIdentity);
            restoreIdentities(establishIdentities);
        } catch (Throwable th) {
            this.securityDomain.setCurrentSecurityIdentity(andSetCurrentSecurityIdentity);
            restoreIdentities(establishIdentities);
            throw th;
        }
    }

    @Override // org.wildfly.security.auth.server.Scoped
    public <T> void runAsObjIntConsumer(ObjIntConsumer<T> objIntConsumer, T t, int i) {
        if (objIntConsumer == null) {
            return;
        }
        Supplier<SecurityIdentity>[] establishIdentities = establishIdentities();
        Supplier<SecurityIdentity> andSetCurrentSecurityIdentity = this.securityDomain.getAndSetCurrentSecurityIdentity(this);
        try {
            objIntConsumer.accept(t, i);
            this.securityDomain.setCurrentSecurityIdentity(andSetCurrentSecurityIdentity);
            restoreIdentities(establishIdentities);
        } catch (Throwable th) {
            this.securityDomain.setCurrentSecurityIdentity(andSetCurrentSecurityIdentity);
            restoreIdentities(establishIdentities);
            throw th;
        }
    }

    @Override // org.wildfly.security.auth.server.Scoped
    public <T, U, R, E extends Exception> R runAsFunctionEx(ExceptionBiFunction<T, U, R, E> exceptionBiFunction, T t, U u) throws Exception {
        if (exceptionBiFunction == null) {
            return null;
        }
        Supplier<SecurityIdentity>[] establishIdentities = establishIdentities();
        Supplier<SecurityIdentity> andSetCurrentSecurityIdentity = this.securityDomain.getAndSetCurrentSecurityIdentity(this);
        try {
            R apply = exceptionBiFunction.apply(t, u);
            this.securityDomain.setCurrentSecurityIdentity(andSetCurrentSecurityIdentity);
            restoreIdentities(establishIdentities);
            return apply;
        } catch (Throwable th) {
            this.securityDomain.setCurrentSecurityIdentity(andSetCurrentSecurityIdentity);
            restoreIdentities(establishIdentities);
            throw th;
        }
    }

    @Override // org.wildfly.security.auth.server.Scoped
    public <T, U, E extends Exception> void runAsConsumerEx(ExceptionBiConsumer<T, U, E> exceptionBiConsumer, T t, U u) throws Exception {
        if (exceptionBiConsumer == null) {
            return;
        }
        Supplier<SecurityIdentity>[] establishIdentities = establishIdentities();
        Supplier<SecurityIdentity> andSetCurrentSecurityIdentity = this.securityDomain.getAndSetCurrentSecurityIdentity(this);
        try {
            exceptionBiConsumer.accept(t, u);
            this.securityDomain.setCurrentSecurityIdentity(andSetCurrentSecurityIdentity);
            restoreIdentities(establishIdentities);
        } catch (Throwable th) {
            this.securityDomain.setCurrentSecurityIdentity(andSetCurrentSecurityIdentity);
            restoreIdentities(establishIdentities);
            throw th;
        }
    }

    @Override // org.wildfly.security.auth.server.Scoped
    public <T, E extends Exception> void runAsObjIntConsumerEx(ExceptionObjIntConsumer<T, E> exceptionObjIntConsumer, T t, int i) throws Exception {
        if (exceptionObjIntConsumer == null) {
            return;
        }
        Supplier<SecurityIdentity>[] establishIdentities = establishIdentities();
        Supplier<SecurityIdentity> andSetCurrentSecurityIdentity = this.securityDomain.getAndSetCurrentSecurityIdentity(this);
        try {
            exceptionObjIntConsumer.accept(t, i);
            this.securityDomain.setCurrentSecurityIdentity(andSetCurrentSecurityIdentity);
            restoreIdentities(establishIdentities);
        } catch (Throwable th) {
            this.securityDomain.setCurrentSecurityIdentity(andSetCurrentSecurityIdentity);
            restoreIdentities(establishIdentities);
            throw th;
        }
    }

    @Override // org.wildfly.security.auth.server.Scoped
    public <T, U> boolean runAsBiPredicate(BiPredicate<T, U> biPredicate, T t, U u) {
        if (biPredicate == null) {
            return false;
        }
        Supplier<SecurityIdentity>[] establishIdentities = establishIdentities();
        Supplier<SecurityIdentity> andSetCurrentSecurityIdentity = this.securityDomain.getAndSetCurrentSecurityIdentity(this);
        try {
            boolean test = biPredicate.test(t, u);
            this.securityDomain.setCurrentSecurityIdentity(andSetCurrentSecurityIdentity);
            restoreIdentities(establishIdentities);
            return test;
        } catch (Throwable th) {
            this.securityDomain.setCurrentSecurityIdentity(andSetCurrentSecurityIdentity);
            restoreIdentities(establishIdentities);
            throw th;
        }
    }

    @Override // org.wildfly.security.auth.server.Scoped
    public <T, U, E extends Exception> boolean runAsExBiPredicate(ExceptionBiPredicate<T, U, E> exceptionBiPredicate, T t, U u) throws Exception {
        if (exceptionBiPredicate == null) {
            return false;
        }
        Supplier<SecurityIdentity>[] establishIdentities = establishIdentities();
        Supplier<SecurityIdentity> andSetCurrentSecurityIdentity = this.securityDomain.getAndSetCurrentSecurityIdentity(this);
        try {
            boolean test = exceptionBiPredicate.test(t, u);
            this.securityDomain.setCurrentSecurityIdentity(andSetCurrentSecurityIdentity);
            restoreIdentities(establishIdentities);
            return test;
        } catch (Throwable th) {
            this.securityDomain.setCurrentSecurityIdentity(andSetCurrentSecurityIdentity);
            restoreIdentities(establishIdentities);
            throw th;
        }
    }

    /* JADX WARN: Finally extract failed */
    public static <T> T runAsAll(PrivilegedExceptionAction<T> privilegedExceptionAction, SecurityIdentity... securityIdentityArr) throws PrivilegedActionException {
        if (privilegedExceptionAction == null) {
            return null;
        }
        int length = securityIdentityArr.length;
        Supplier<SecurityIdentity>[] supplierArr = new Supplier[length];
        for (int i = 0; i < length; i++) {
            try {
                SecurityIdentity securityIdentity = securityIdentityArr[i];
                supplierArr[i] = securityIdentity.get().getSecurityDomain().getAndSetCurrentSecurityIdentity(securityIdentity);
            } catch (Throwable th) {
                for (int i2 = 0; i2 < length; i2++) {
                    Supplier<SecurityIdentity> supplier = supplierArr[i2];
                    supplier.get().getSecurityDomain().setCurrentSecurityIdentity(supplier);
                }
                throw th;
            }
        }
        try {
            try {
                T run = privilegedExceptionAction.run();
                for (int i3 = 0; i3 < length; i3++) {
                    Supplier<SecurityIdentity> supplier2 = supplierArr[i3];
                    supplier2.get().getSecurityDomain().setCurrentSecurityIdentity(supplier2);
                }
                return run;
            } catch (Exception e) {
                throw new PrivilegedActionException(e);
            }
        } catch (RuntimeException | PrivilegedActionException e2) {
            throw e2;
        }
    }

    public Roles getRoles() {
        return this.securityDomain.mapRoles(this);
    }

    public Roles getRoles(String str) {
        return getRoles(str, false);
    }

    public SecurityIdentity withSecurityIdentitySupplier(Supplier<SecurityIdentity[]> supplier) {
        Assert.checkNotNullParam("securityIdentities", supplier);
        return this.withSuppliedIdentities == supplier ? this : new SecurityIdentity(this, supplier);
    }

    public SecurityIdentity withSecurityIdentity(SecurityIdentity securityIdentity) {
        Assert.checkNotNullParam("securityIdentity", securityIdentity);
        if (securityIdentity == this) {
            return this;
        }
        if (this.securityDomain == securityIdentity.securityDomain) {
            throw ElytronMessages.log.cantWithSameSecurityDomainDomain();
        }
        int length = this.withIdentities == null ? 0 : this.withIdentities.length;
        ArrayList arrayList = new ArrayList(length + 1);
        if (length != 0) {
            for (SecurityIdentity securityIdentity2 : this.withIdentities) {
                if (securityIdentity2 == securityIdentity) {
                    return this;
                }
                if (securityIdentity2.securityDomain != securityIdentity.securityDomain) {
                    arrayList.add(securityIdentity2);
                }
            }
        }
        arrayList.add(securityIdentity);
        return new SecurityIdentity(this, (SecurityIdentity[]) arrayList.toArray(new SecurityIdentity[0]));
    }

    public Roles getRoles(String str, boolean z) {
        RoleMapper roleMapper = this.roleMappers.get(str);
        return roleMapper == null ? z ? getRoles() : Roles.NONE : roleMapper.mapRoles(this.securityDomain.mapRoles(this));
    }

    public SecurityIdentity withRoleMapper(String str, RoleMapper roleMapper) {
        Map singletonMap;
        Assert.checkNotNullParam("category", str);
        Assert.checkNotNullParam("roleMapper", roleMapper);
        Map<String, RoleMapper> map = this.roleMappers;
        if (map.get(str) == roleMapper) {
            return this;
        }
        SecurityManager securityManager = System.getSecurityManager();
        if (securityManager != null) {
            securityManager.checkPermission(new ChangeRoleMapperPermission(str));
        }
        if (map.isEmpty() || (map.size() == 1 && map.keySet().iterator().next().equals(str))) {
            singletonMap = Collections.singletonMap(str, roleMapper);
        } else {
            singletonMap = new HashMap(map);
            singletonMap.put(str, roleMapper);
        }
        return new SecurityIdentity(this, (Map<String, RoleMapper>) singletonMap);
    }

    public SecurityIdentity createRunAsIdentity(String str) throws SecurityException {
        return createRunAsIdentity(str, true);
    }

    public SecurityIdentity createRunAsIdentity(String str, boolean z) throws SecurityException {
        Assert.checkNotNullParam("name", str);
        return createRunAsIdentity(new NamePrincipal(str), z);
    }

    public SecurityIdentity createRunAsIdentity(Principal principal, boolean z) throws SecurityException {
        Assert.checkNotNullParam(Constants.PRINCIPAL_ARGUMENT, principal);
        SecurityManager securityManager = System.getSecurityManager();
        if (securityManager != null) {
            securityManager.checkPermission(SET_RUN_AS_PERMISSION);
        }
        try {
            ServerAuthenticationContext createNewAuthenticationContext = this.securityDomain.createNewAuthenticationContext(this, MechanismConfigurationSelector.constantSelector(MechanismConfiguration.EMPTY));
            Throwable th = null;
            try {
                if (!createNewAuthenticationContext.importIdentity(this) || !createNewAuthenticationContext.authorize(principal, z)) {
                    throw ElytronMessages.log.runAsAuthorizationFailed(this.principal, principal, null);
                }
                SecurityIdentity authorizedIdentity = createNewAuthenticationContext.getAuthorizedIdentity();
                if (createNewAuthenticationContext != null) {
                    if (0 != 0) {
                        try {
                            createNewAuthenticationContext.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        createNewAuthenticationContext.close();
                    }
                }
                return authorizedIdentity;
            } finally {
            }
        } catch (RealmUnavailableException e) {
            throw ElytronMessages.log.runAsAuthorizationFailed(this.principal, principal, e);
        }
    }

    public SecurityIdentity createRunAsAnonymous() throws SecurityException {
        return createRunAsAnonymous(true);
    }

    public SecurityIdentity createRunAsAnonymous(boolean z) throws SecurityException {
        SecurityManager securityManager = System.getSecurityManager();
        if (securityManager != null) {
            securityManager.checkPermission(SET_RUN_AS_PERMISSION);
        }
        ServerAuthenticationContext createNewAuthenticationContext = this.securityDomain.createNewAuthenticationContext(this, MechanismConfigurationSelector.constantSelector(MechanismConfiguration.EMPTY));
        Throwable th = null;
        try {
            if (!createNewAuthenticationContext.authorizeAnonymous(z)) {
                throw ElytronMessages.log.runAsAuthorizationFailed(this.principal, AnonymousPrincipal.getInstance(), null);
            }
            SecurityIdentity authorizedIdentity = createNewAuthenticationContext.getAuthorizedIdentity();
            if (createNewAuthenticationContext != null) {
                if (0 != 0) {
                    try {
                        createNewAuthenticationContext.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                } else {
                    createNewAuthenticationContext.close();
                }
            }
            return authorizedIdentity;
        } catch (Throwable th3) {
            if (createNewAuthenticationContext != null) {
                if (0 != 0) {
                    try {
                        createNewAuthenticationContext.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    createNewAuthenticationContext.close();
                }
            }
            throw th3;
        }
    }

    public SecurityIdentity intersectWith(PermissionVerifier permissionVerifier) {
        Assert.checkNotNullParam("verifier", permissionVerifier);
        return new SecurityIdentity(this, this.verifier.and(permissionVerifier));
    }

    @Override // org.wildfly.security.permission.PermissionVerifier
    public boolean implies(Permission permission) {
        boolean implies = this.verifier.implies(permission);
        SecurityDomain.safeHandleSecurityEvent(this.securityDomain, implies ? new SecurityPermissionCheckSuccessfulEvent(this, permission) : new SecurityPermissionCheckFailedEvent(this, permission));
        return implies;
    }

    @Override // org.wildfly.security.authz.PermissionMappable
    public Attributes getAttributes() {
        return this.authorizationIdentity.getAttributes().asReadOnly();
    }

    @Override // org.wildfly.security.authz.PermissionMappable
    public Principal getPrincipal() {
        return this.principal;
    }

    @Override // org.wildfly.security.authz.PermissionMappable
    public Instant getCreationTime() {
        return this.creationTime;
    }

    @Override // org.wildfly.security.authz.PermissionMappable
    public IdentityCredentials getPublicCredentials() {
        return this.publicCredentials;
    }

    public boolean isAnonymous() {
        return this.principal instanceof AnonymousPrincipal;
    }

    public SecurityIdentity withPublicCredential(Credential credential) {
        Assert.checkNotNullParam("credential", credential);
        return new SecurityIdentity(this, credential, false);
    }

    public SecurityIdentity withPublicCredentials(IdentityCredentials identityCredentials) {
        Assert.checkNotNullParam("credentials", identityCredentials);
        return identityCredentials == IdentityCredentials.NONE ? this : new SecurityIdentity(this, identityCredentials, false);
    }

    public SecurityIdentity withPrivateCredential(Credential credential) {
        Assert.checkNotNullParam("credential", credential);
        return new SecurityIdentity(this, credential, true);
    }

    public SecurityIdentity withPrivateCredentials(IdentityCredentials identityCredentials) {
        Assert.checkNotNullParam("credentials", identityCredentials);
        return identityCredentials == IdentityCredentials.NONE ? this : new SecurityIdentity(this, identityCredentials, true);
    }

    public IdentityCredentials getPrivateCredentials() {
        SecurityManager securityManager = System.getSecurityManager();
        if (securityManager != null) {
            securityManager.checkPermission(PRIVATE_CREDENTIALS_PERMISSION);
        }
        return getPrivateCredentialsPrivate();
    }

    /* JADX WARN: Can't rename method to resolve collision */
    @Override // java.util.function.Supplier
    public SecurityIdentity get() {
        return this;
    }

    public FlexibleIdentityAssociation createFlexibleAssociation() {
        return new FlexibleIdentityAssociation(this.securityDomain, this);
    }

    IdentityCredentials getPrivateCredentialsPrivate() {
        return this.privateCredentials;
    }

    public String toString() {
        return "SecurityIdentity{principal=" + this.principal + ", securityDomain=" + this.securityDomain + ", authorizationIdentity=" + this.authorizationIdentity + ", realmInfo=" + this.realmInfo + ", creationTime=" + this.creationTime + '}';
    }
}
