package org.wildfly.security.auth.realm;

import java.io.BufferedOutputStream;
import java.io.File;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.nio.charset.StandardCharsets;
import java.nio.file.DirectoryStream;
import java.nio.file.FileAlreadyExistsException;
import java.nio.file.Files;
import java.nio.file.LinkOption;
import java.nio.file.NoSuchFileException;
import java.nio.file.Path;
import java.nio.file.StandardOpenOption;
import java.security.AccessController;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.security.PrivilegedActionException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.text.Normalizer;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import java.util.NoSuchElementException;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.ThreadLocalRandom;
import java.util.function.Consumer;
import javax.xml.stream.XMLInputFactory;
import javax.xml.stream.XMLOutputFactory;
import javax.xml.stream.XMLStreamException;
import javax.xml.stream.XMLStreamReader;
import javax.xml.stream.XMLStreamWriter;
import org.apache.log4j.spi.Configurator;
import org.apache.xalan.templates.Constants;
import org.jboss.errai.codegen.shade.org.eclipse.jdt.internal.core.ClasspathEntry;
import org.wildfly.common.Assert;
import org.wildfly.common.bytes.ByteStringBuilder;
import org.wildfly.common.codec.Base32Alphabet;
import org.wildfly.common.codec.Base64Alphabet;
import org.wildfly.common.iteration.ByteIterator;
import org.wildfly.common.iteration.CodePointIterator;
import org.wildfly.security.auth.SupportLevel;
import org.wildfly.security.auth.principal.NamePrincipal;
import org.wildfly.security.auth.realm.IdentitySharedExclusiveLock;
import org.wildfly.security.auth.server.ModifiableRealmIdentity;
import org.wildfly.security.auth.server.ModifiableRealmIdentityIterator;
import org.wildfly.security.auth.server.ModifiableSecurityRealm;
import org.wildfly.security.auth.server.NameRewriter;
import org.wildfly.security.auth.server.RealmIdentity;
import org.wildfly.security.auth.server.RealmUnavailableException;
import org.wildfly.security.authz.Attributes;
import org.wildfly.security.authz.AuthorizationIdentity;
import org.wildfly.security.authz.MapAttributes;
import org.wildfly.security.credential.Credential;
import org.wildfly.security.credential.PasswordCredential;
import org.wildfly.security.credential.PublicKeyCredential;
import org.wildfly.security.credential.X509CertificateChainPublicCredential;
import org.wildfly.security.evidence.Evidence;
import org.wildfly.security.password.Password;
import org.wildfly.security.password.PasswordFactory;
import org.wildfly.security.password.interfaces.OneTimePassword;
import org.wildfly.security.password.spec.BasicPasswordSpecEncoding;
import org.wildfly.security.password.spec.OneTimePasswordSpec;
import org.wildfly.security.password.spec.PasswordSpec;
import org.wildfly.security.password.util.ModularCrypt;
import org.wildfly.security.permission.ElytronPermission;
import org.wildfly.security.x500.cert.acme.Acme;

/* JADX WARN: Classes with same name are omitted:
  input_file:WEB-INF/lib/wildfly-elytron-1.10.4.Final.jar:org/wildfly/security/auth/realm/FileSystemSecurityRealm.class
 */
/* loaded from: input_file:WEB-INF/lib/wildfly-elytron-realm-1.10.4.Final.jar:org/wildfly/security/auth/realm/FileSystemSecurityRealm.class */
public final class FileSystemSecurityRealm implements ModifiableSecurityRealm, CacheableSecurityRealm {
    static final String ELYTRON_1_0 = "urn:elytron:1.0";
    static final String ELYTRON_1_0_1 = "urn:elytron:1.0.1";
    static final ElytronPermission CREATE_SECURITY_REALM;
    private final Path root;
    private final NameRewriter nameRewriter;
    private final int levels;
    private final boolean encoded;
    private final ConcurrentHashMap<String, IdentitySharedExclusiveLock> realmIdentityLocks;
    static final /* synthetic */ boolean $assertionsDisabled;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* JADX WARN: Classes with same name are omitted:
      input_file:WEB-INF/lib/wildfly-elytron-1.10.4.Final.jar:org/wildfly/security/auth/realm/FileSystemSecurityRealm$AutoCloseableXMLStreamReaderHolder.class
     */
    /* loaded from: input_file:WEB-INF/lib/wildfly-elytron-realm-1.10.4.Final.jar:org/wildfly/security/auth/realm/FileSystemSecurityRealm$AutoCloseableXMLStreamReaderHolder.class */
    public static class AutoCloseableXMLStreamReaderHolder implements AutoCloseable {
        private final XMLStreamReader xmlStreamReader;

        AutoCloseableXMLStreamReaderHolder(XMLStreamReader xMLStreamReader) {
            this.xmlStreamReader = xMLStreamReader;
        }

        @Override // java.lang.AutoCloseable
        public void close() throws XMLStreamException {
            this.xmlStreamReader.close();
        }

        public XMLStreamReader getXmlStreamReader() {
            return this.xmlStreamReader;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* JADX WARN: Classes with same name are omitted:
      input_file:WEB-INF/lib/wildfly-elytron-1.10.4.Final.jar:org/wildfly/security/auth/realm/FileSystemSecurityRealm$AutoCloseableXMLStreamWriterHolder.class
     */
    /* loaded from: input_file:WEB-INF/lib/wildfly-elytron-realm-1.10.4.Final.jar:org/wildfly/security/auth/realm/FileSystemSecurityRealm$AutoCloseableXMLStreamWriterHolder.class */
    public static class AutoCloseableXMLStreamWriterHolder implements AutoCloseable {
        private final XMLStreamWriter xmlStreamWriter;

        AutoCloseableXMLStreamWriterHolder(XMLStreamWriter xMLStreamWriter) {
            this.xmlStreamWriter = xMLStreamWriter;
        }

        @Override // java.lang.AutoCloseable
        public void close() throws XMLStreamException {
            this.xmlStreamWriter.close();
        }

        public XMLStreamWriter getXmlStreamWriter() {
            return this.xmlStreamWriter;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* JADX WARN: Classes with same name are omitted:
      input_file:WEB-INF/lib/wildfly-elytron-1.10.4.Final.jar:org/wildfly/security/auth/realm/FileSystemSecurityRealm$CredentialParseFunction.class
     */
    @FunctionalInterface
    /* loaded from: input_file:WEB-INF/lib/wildfly-elytron-realm-1.10.4.Final.jar:org/wildfly/security/auth/realm/FileSystemSecurityRealm$CredentialParseFunction.class */
    public interface CredentialParseFunction {
        void parseCredential(String str, String str2, String str3) throws RealmUnavailableException, XMLStreamException;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* JADX WARN: Classes with same name are omitted:
      input_file:WEB-INF/lib/wildfly-elytron-1.10.4.Final.jar:org/wildfly/security/auth/realm/FileSystemSecurityRealm$Identity.class
     */
    /* loaded from: input_file:WEB-INF/lib/wildfly-elytron-realm-1.10.4.Final.jar:org/wildfly/security/auth/realm/FileSystemSecurityRealm$Identity.class */
    public static class Identity implements ModifiableRealmIdentity {
        private static final String BASE64_FORMAT = "base64";
        private static final String MCF_FORMAT = "crypt";
        private static final String X509_FORMAT = "X.509";
        private final String name;
        private final Path path;
        private IdentitySharedExclusiveLock.IdentityLock lock;

        Identity(String str, Path path, IdentitySharedExclusiveLock.IdentityLock identityLock) {
            this.name = str;
            this.path = path;
            this.lock = identityLock;
        }

        @Override // org.wildfly.security.auth.server.RealmIdentity
        public Principal getRealmIdentityPrincipal() {
            return new NamePrincipal(this.name);
        }

        @Override // org.wildfly.security.auth.server.RealmIdentity
        public SupportLevel getCredentialAcquireSupport(Class<? extends Credential> cls, String str, AlgorithmParameterSpec algorithmParameterSpec) throws RealmUnavailableException {
            Assert.checkNotNullParam("credentialType", cls);
            Iterator<Credential> it = loadCredentials().iterator();
            while (it.hasNext()) {
                if (it.next().matches(cls, str, algorithmParameterSpec)) {
                    return SupportLevel.SUPPORTED;
                }
            }
            return SupportLevel.UNSUPPORTED;
        }

        @Override // org.wildfly.security.auth.server.RealmIdentity
        public <C extends Credential> C getCredential(Class<C> cls) throws RealmUnavailableException {
            return (C) getCredential(cls, null);
        }

        @Override // org.wildfly.security.auth.server.RealmIdentity
        public <C extends Credential> C getCredential(Class<C> cls, String str) throws RealmUnavailableException {
            return (C) getCredential(cls, str, null);
        }

        @Override // org.wildfly.security.auth.server.RealmIdentity
        public <C extends Credential> C getCredential(Class<C> cls, String str, AlgorithmParameterSpec algorithmParameterSpec) throws RealmUnavailableException {
            Assert.checkNotNullParam("credentialType", cls);
            for (Credential credential : loadCredentials()) {
                if (credential.matches(cls, str, algorithmParameterSpec)) {
                    return cls.cast(credential.mo11581clone());
                }
            }
            return null;
        }

        @Override // org.wildfly.security.auth.server.RealmIdentity
        public SupportLevel getEvidenceVerifySupport(Class<? extends Evidence> cls, String str) throws RealmUnavailableException {
            Assert.checkNotNullParam("evidenceType", cls);
            List<Credential> loadCredentials = loadCredentials();
            Iterator<Credential> it = loadCredentials.iterator();
            while (it.hasNext()) {
                if (it.next().canVerify(cls, str)) {
                    ElytronMessages.log.tracef("FileSystemSecurityRealm - evidence verification SUPPORTED: type = [%s]  algorithm = [%s]  credentials = [%d]", cls, str, Integer.valueOf(loadCredentials.size()));
                    return SupportLevel.SUPPORTED;
                }
            }
            ElytronMessages.log.tracef("FileSystemSecurityRealm - evidence verification UNSUPPORTED: type = [%s]  algorithm = [%s]  credentials = [%d]", cls, str, Integer.valueOf(loadCredentials.size()));
            return SupportLevel.UNSUPPORTED;
        }

        @Override // org.wildfly.security.auth.server.RealmIdentity
        public boolean verifyEvidence(Evidence evidence) throws RealmUnavailableException {
            Assert.checkNotNullParam("evidence", evidence);
            if (ElytronMessages.log.isTraceEnabled()) {
                LoadedIdentity loadIdentity = loadIdentity(false, true);
                ElytronMessages.log.tracef("Trying to authenticate identity %s using FileSystemSecurityRealm", loadIdentity != null ? loadIdentity.getName() : Configurator.NULL);
            }
            List<Credential> loadCredentials = loadCredentials();
            ElytronMessages.log.tracef("FileSystemSecurityRealm - verification evidence [%s] against [%d] credentials...", evidence, Integer.valueOf(loadCredentials.size()));
            for (Credential credential : loadCredentials) {
                if (credential.canVerify(evidence)) {
                    boolean verify = credential.verify(evidence);
                    ElytronMessages.log.tracef("FileSystemSecurityRealm - verification against credential [%s] = %b", credential, Boolean.valueOf(verify));
                    return verify;
                }
            }
            ElytronMessages.log.tracef("FileSystemSecurityRealm - no credential able to verify evidence [%s]", evidence);
            return false;
        }

        private List<Credential> loadCredentials() throws RealmUnavailableException {
            LoadedIdentity loadIdentity = loadIdentity(false, true);
            return loadIdentity == null ? Collections.emptyList() : loadIdentity.getCredentials();
        }

        @Override // org.wildfly.security.auth.server.RealmIdentity
        public boolean exists() throws RealmUnavailableException {
            return System.getSecurityManager() == null ? Files.exists(this.path, new LinkOption[0]) : ((Boolean) AccessController.doPrivileged(() -> {
                return Boolean.valueOf(Files.exists(this.path, new LinkOption[0]));
            })).booleanValue();
        }

        @Override // org.wildfly.security.auth.server.ModifiableRealmIdentity
        public void delete() throws RealmUnavailableException {
            if (System.getSecurityManager() == null) {
                deletePrivileged();
                return;
            }
            try {
                AccessController.doPrivileged(this::deletePrivileged);
            } catch (PrivilegedActionException e) {
                if (!(e.getException() instanceof RealmUnavailableException)) {
                    throw new RuntimeException(e.getException());
                }
                throw ((RealmUnavailableException) e.getException());
            }
        }

        private Void deletePrivileged() throws RealmUnavailableException {
            try {
                Files.delete(this.path);
                return null;
            } catch (NoSuchFileException e) {
                throw ElytronMessages.log.fileSystemRealmNotFound(this.name);
            } catch (IOException e2) {
                throw ElytronMessages.log.fileSystemRealmDeleteFailed(this.name, e2);
            }
        }

        private String tempSuffix() {
            ThreadLocalRandom current = ThreadLocalRandom.current();
            char[] cArr = new char[12];
            for (int i = 0; i < cArr.length; i++) {
                int nextInt = current.nextInt(36);
                if (nextInt < 26) {
                    cArr[i] = (char) (65 + nextInt);
                } else {
                    cArr[i] = (char) ((48 + nextInt) - 26);
                }
            }
            return new String(cArr);
        }

        private Path tempPath() {
            Path parent = this.path.getParent();
            File file = parent.toFile();
            if (!file.exists()) {
                file.mkdirs();
            }
            return parent.resolve(this.path.getFileName().toString() + '.' + tempSuffix());
        }

        @Override // org.wildfly.security.auth.server.ModifiableRealmIdentity
        public void create() throws RealmUnavailableException {
            if (System.getSecurityManager() == null) {
                createPrivileged();
                return;
            }
            try {
                AccessController.doPrivileged(this::createPrivileged);
            } catch (PrivilegedActionException e) {
                if (!(e.getException() instanceof RealmUnavailableException)) {
                    throw new RuntimeException(e.getException());
                }
                throw ((RealmUnavailableException) e.getException());
            }
        }

        private Void createPrivileged() throws RealmUnavailableException {
            while (true) {
                Path tempPath = tempPath();
                XMLOutputFactory newFactory = XMLOutputFactory.newFactory();
                try {
                    BufferedOutputStream bufferedOutputStream = new BufferedOutputStream(Files.newOutputStream(tempPath, StandardOpenOption.WRITE, StandardOpenOption.CREATE_NEW, StandardOpenOption.DSYNC));
                    try {
                        try {
                            AutoCloseableXMLStreamWriterHolder autoCloseableXMLStreamWriterHolder = new AutoCloseableXMLStreamWriterHolder(newFactory.createXMLStreamWriter(bufferedOutputStream));
                            try {
                                XMLStreamWriter xmlStreamWriter = autoCloseableXMLStreamWriterHolder.getXmlStreamWriter();
                                xmlStreamWriter.writeStartDocument();
                                xmlStreamWriter.writeCharacters("\n");
                                xmlStreamWriter.writeStartElement("identity");
                                xmlStreamWriter.writeDefaultNamespace(FileSystemSecurityRealm.ELYTRON_1_0);
                                xmlStreamWriter.writeEndElement();
                                xmlStreamWriter.writeEndDocument();
                                autoCloseableXMLStreamWriterHolder.close();
                                bufferedOutputStream.close();
                                try {
                                    Files.createLink(this.path, tempPath);
                                    try {
                                        Files.delete(tempPath);
                                        return null;
                                    } catch (IOException e) {
                                        return null;
                                    }
                                } catch (FileAlreadyExistsException e2) {
                                    try {
                                        Files.delete(tempPath);
                                    } catch (IOException e3) {
                                        e2.addSuppressed(e3);
                                    }
                                    throw ElytronMessages.log.fileSystemRealmAlreadyExists(this.name, e2);
                                } catch (IOException e4) {
                                    throw ElytronMessages.log.fileSystemRealmFailedToWrite(tempPath, this.name, e4);
                                }
                            } catch (Throwable th) {
                                try {
                                    autoCloseableXMLStreamWriterHolder.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                                throw th;
                            }
                        } catch (Throwable th3) {
                            try {
                                bufferedOutputStream.close();
                            } catch (Throwable th4) {
                                th3.addSuppressed(th4);
                            }
                            throw th3;
                        }
                    } catch (XMLStreamException e5) {
                        throw ElytronMessages.log.fileSystemRealmFailedToWrite(tempPath, this.name, e5);
                    }
                } catch (FileAlreadyExistsException e6) {
                } catch (IOException e7) {
                    throw ElytronMessages.log.fileSystemRealmFailedToOpen(tempPath, this.name, e7);
                }
            }
        }

        @Override // org.wildfly.security.auth.server.ModifiableRealmIdentity
        public void setCredentials(Collection<? extends Credential> collection) throws RealmUnavailableException {
            Assert.checkNotNullParam("credential", collection);
            LoadedIdentity loadIdentity = loadIdentity(false, false);
            if (loadIdentity == null) {
                throw ElytronMessages.log.fileSystemRealmNotFound(this.name);
            }
            replaceIdentity(new LoadedIdentity(this.name, new ArrayList(collection), loadIdentity.getAttributes()));
        }

        @Override // org.wildfly.security.auth.server.ModifiableRealmIdentity
        public void setAttributes(Attributes attributes) throws RealmUnavailableException {
            Assert.checkNotNullParam(ClasspathEntry.TAG_ATTRIBUTES, attributes);
            LoadedIdentity loadIdentity = loadIdentity(false, true);
            if (loadIdentity == null) {
                throw ElytronMessages.log.fileSystemRealmNotFound(this.name);
            }
            replaceIdentity(new LoadedIdentity(this.name, loadIdentity.getCredentials(), attributes));
        }

        @Override // org.wildfly.security.auth.server.RealmIdentity
        public Attributes getAttributes() throws RealmUnavailableException {
            LoadedIdentity loadIdentity = loadIdentity(true, false);
            if (loadIdentity == null) {
                throw ElytronMessages.log.fileSystemRealmNotFound(this.name);
            }
            return loadIdentity.getAttributes().asReadOnly();
        }

        private void replaceIdentity(LoadedIdentity loadedIdentity) throws RealmUnavailableException {
            if (System.getSecurityManager() == null) {
                replaceIdentityPrivileged(loadedIdentity);
                return;
            }
            try {
                AccessController.doPrivileged(() -> {
                    return replaceIdentityPrivileged(loadedIdentity);
                });
            } catch (PrivilegedActionException e) {
                if (!(e.getException() instanceof RealmUnavailableException)) {
                    throw new RuntimeException(e.getException());
                }
                throw ((RealmUnavailableException) e.getException());
            }
        }

        /* JADX WARN: Type inference failed for: r12v3, types: [java.io.OutputStream, java.nio.file.FileAlreadyExistsException] */
        private Void replaceIdentityPrivileged(LoadedIdentity loadedIdentity) throws RealmUnavailableException {
            while (true) {
                Path tempPath = tempPath();
                try {
                    XMLOutputFactory newFactory = XMLOutputFactory.newFactory();
                    try {
                        try {
                            BufferedOutputStream bufferedOutputStream = new BufferedOutputStream(Files.newOutputStream(tempPath, StandardOpenOption.WRITE, StandardOpenOption.CREATE_NEW, StandardOpenOption.DSYNC));
                            try {
                                AutoCloseableXMLStreamWriterHolder autoCloseableXMLStreamWriterHolder = new AutoCloseableXMLStreamWriterHolder(newFactory.createXMLStreamWriter(bufferedOutputStream));
                                try {
                                    writeIdentity(autoCloseableXMLStreamWriterHolder.getXmlStreamWriter(), loadedIdentity);
                                    autoCloseableXMLStreamWriterHolder.close();
                                    bufferedOutputStream.close();
                                    try {
                                        Files.delete(this.path);
                                        try {
                                            Files.createLink(this.path, tempPath);
                                            try {
                                                Files.delete(tempPath);
                                                return null;
                                            } catch (IOException e) {
                                                return null;
                                            }
                                        } catch (FileAlreadyExistsException e2) {
                                            try {
                                                Files.deleteIfExists(tempPath);
                                            } catch (IOException e3) {
                                                e2.addSuppressed(e3);
                                            }
                                            throw ElytronMessages.log.fileSystemRealmAlreadyExists(this.name, e2);
                                        } catch (IOException e4) {
                                            throw ElytronMessages.log.fileSystemRealmFailedToWrite(tempPath, this.name, e4);
                                        }
                                    } catch (IOException e5) {
                                        throw ElytronMessages.log.fileSystemUpdatedFailed(this.path.toAbsolutePath().toString(), e5);
                                    }
                                } catch (Throwable th) {
                                    try {
                                        autoCloseableXMLStreamWriterHolder.close();
                                    } catch (Throwable th2) {
                                        th.addSuppressed(th2);
                                    }
                                    throw th;
                                }
                            } catch (XMLStreamException | NoSuchAlgorithmException | CertificateEncodingException | InvalidKeySpecException e6) {
                                throw ElytronMessages.log.fileSystemRealmFailedToWrite(tempPath, this.name, e6);
                            }
                        } catch (Throwable th3) {
                            try {
                                e.close();
                            } catch (Throwable th4) {
                                th3.addSuppressed(th4);
                            }
                            throw th3;
                        }
                    } catch (FileAlreadyExistsException e7) {
                    } catch (IOException e8) {
                        try {
                            Files.deleteIfExists(tempPath);
                        } catch (IOException e9) {
                            e8.addSuppressed(e9);
                        }
                        throw ElytronMessages.log.fileSystemRealmFailedToOpen(tempPath, this.name, e8);
                    }
                } catch (Throwable th5) {
                    try {
                        Files.delete(tempPath);
                    } catch (IOException e10) {
                        th5.addSuppressed(e10);
                    }
                    throw th5;
                }
            }
        }

        private void writeIdentity(XMLStreamWriter xMLStreamWriter, LoadedIdentity loadedIdentity) throws XMLStreamException, InvalidKeySpecException, NoSuchAlgorithmException, CertificateEncodingException {
            String str;
            String encodeAsString;
            xMLStreamWriter.writeStartDocument();
            xMLStreamWriter.writeCharacters("\n");
            xMLStreamWriter.writeStartElement("identity");
            xMLStreamWriter.writeDefaultNamespace(FileSystemSecurityRealm.ELYTRON_1_0);
            if (loadedIdentity.getCredentials().size() > 0) {
                xMLStreamWriter.writeCharacters("\n    ");
                xMLStreamWriter.writeStartElement("credentials");
                for (Credential credential : loadedIdentity.getCredentials()) {
                    xMLStreamWriter.writeCharacters("\n        ");
                    if (credential instanceof PasswordCredential) {
                        Password password = ((PasswordCredential) credential).getPassword();
                        if (password instanceof OneTimePassword) {
                            OneTimePassword oneTimePassword = (OneTimePassword) password;
                            xMLStreamWriter.writeStartElement("otp");
                            xMLStreamWriter.writeAttribute("algorithm", oneTimePassword.getAlgorithm());
                            xMLStreamWriter.writeAttribute("hash", ByteIterator.ofBytes(oneTimePassword.getHash()).base64Encode().drainToString());
                            xMLStreamWriter.writeAttribute("seed", ByteIterator.ofBytes(oneTimePassword.getSeed().getBytes(StandardCharsets.US_ASCII)).base64Encode().drainToString());
                            xMLStreamWriter.writeAttribute("sequence", Integer.toString(oneTimePassword.getSequenceNumber()));
                            xMLStreamWriter.writeEndElement();
                        } else {
                            xMLStreamWriter.writeStartElement("password");
                            String algorithm = password.getAlgorithm();
                            byte[] encode = BasicPasswordSpecEncoding.encode(password);
                            if (encode != null) {
                                str = "base64";
                                encodeAsString = ByteIterator.ofBytes(encode).base64Encode().drainToString();
                            } else {
                                str = MCF_FORMAT;
                                encodeAsString = ModularCrypt.encodeAsString(password);
                            }
                            xMLStreamWriter.writeAttribute("algorithm", algorithm);
                            xMLStreamWriter.writeAttribute(Constants.ATTRNAME_FORMAT, str);
                            xMLStreamWriter.writeCharacters(encodeAsString);
                            xMLStreamWriter.writeEndElement();
                        }
                    }
                }
                xMLStreamWriter.writeCharacters("\n    ");
                xMLStreamWriter.writeEndElement();
            }
            Iterator<Attributes.Entry> it = loadedIdentity.getAttributes().entries().iterator();
            if (it.hasNext()) {
                xMLStreamWriter.writeCharacters("\n    ");
                xMLStreamWriter.writeStartElement(ClasspathEntry.TAG_ATTRIBUTES);
                do {
                    Attributes.Entry next = it.next();
                    for (String str2 : next) {
                        xMLStreamWriter.writeCharacters("\n        ");
                        xMLStreamWriter.writeStartElement("attribute");
                        xMLStreamWriter.writeAttribute("name", next.getKey());
                        xMLStreamWriter.writeAttribute("value", str2);
                        xMLStreamWriter.writeEndElement();
                    }
                } while (it.hasNext());
                xMLStreamWriter.writeCharacters("\n    ");
                xMLStreamWriter.writeEndElement();
            }
            xMLStreamWriter.writeEndElement();
            xMLStreamWriter.writeEndDocument();
        }

        @Override // org.wildfly.security.auth.server.RealmIdentity
        public void dispose() {
            IdentitySharedExclusiveLock.IdentityLock identityLock = this.lock;
            this.lock = null;
            if (identityLock != null) {
                identityLock.release();
            }
        }

        @Override // org.wildfly.security.auth.server.RealmIdentity
        public AuthorizationIdentity getAuthorizationIdentity() throws RealmUnavailableException {
            LoadedIdentity loadIdentity = loadIdentity(true, false);
            return loadIdentity == null ? AuthorizationIdentity.EMPTY : AuthorizationIdentity.basicIdentity(loadIdentity.getAttributes());
        }

        private LoadedIdentity loadIdentity(boolean z, boolean z2) throws RealmUnavailableException {
            if (System.getSecurityManager() == null) {
                return loadIdentityPrivileged(z, z2);
            }
            try {
                return (LoadedIdentity) AccessController.doPrivileged(() -> {
                    return loadIdentityPrivileged(z, z2);
                });
            } catch (PrivilegedActionException e) {
                if (e.getException() instanceof RealmUnavailableException) {
                    throw ((RealmUnavailableException) e.getException());
                }
                throw new RuntimeException(e.getException());
            }
        }

        private LoadedIdentity loadIdentityPrivileged(boolean z, boolean z2) throws RealmUnavailableException {
            try {
                try {
                    InputStream newInputStream = Files.newInputStream(this.path, StandardOpenOption.READ);
                    try {
                        XMLInputFactory newFactory = XMLInputFactory.newFactory();
                        newFactory.setProperty("javax.xml.stream.isValidating", Boolean.FALSE);
                        newFactory.setProperty("javax.xml.stream.supportDTD", Boolean.FALSE);
                        newFactory.setProperty("javax.xml.stream.isSupportingExternalEntities", Boolean.FALSE);
                        newFactory.setProperty("javax.xml.stream.isCoalescing", Boolean.TRUE);
                        try {
                            AutoCloseableXMLStreamReaderHolder autoCloseableXMLStreamReaderHolder = new AutoCloseableXMLStreamReaderHolder(newFactory.createXMLStreamReader(newInputStream, "UTF-8"));
                            try {
                                LoadedIdentity parseIdentity = parseIdentity(autoCloseableXMLStreamReaderHolder.getXmlStreamReader(), z, z2);
                                autoCloseableXMLStreamReaderHolder.close();
                                if (newInputStream != null) {
                                    newInputStream.close();
                                }
                                return parseIdentity;
                            } catch (Throwable th) {
                                try {
                                    autoCloseableXMLStreamReaderHolder.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                                throw th;
                            }
                        } catch (XMLStreamException e) {
                            throw ElytronMessages.log.fileSystemRealmFailedToRead(this.path, this.name, e);
                        }
                    } catch (Throwable th3) {
                        if (newInputStream != null) {
                            try {
                                newInputStream.close();
                            } catch (Throwable th4) {
                                th3.addSuppressed(th4);
                            }
                        }
                        throw th3;
                    }
                } catch (IOException e2) {
                    throw ElytronMessages.log.fileSystemRealmFailedToOpen(this.path, this.name, e2);
                }
            } catch (FileNotFoundException | NoSuchFileException e3) {
                return null;
            }
        }

        private LoadedIdentity parseIdentity(XMLStreamReader xMLStreamReader, boolean z, boolean z2) throws RealmUnavailableException, XMLStreamException {
            if (xMLStreamReader.nextTag() == 1 && validNamespace(xMLStreamReader.getNamespaceURI()) && "identity".equals(xMLStreamReader.getLocalName())) {
                return parseIdentityContents(xMLStreamReader, z, z2);
            }
            throw ElytronMessages.log.fileSystemRealmInvalidContent(this.path, xMLStreamReader.getLocation().getLineNumber(), this.name);
        }

        private LoadedIdentity parseIdentityContents(XMLStreamReader xMLStreamReader, boolean z, boolean z2) throws RealmUnavailableException, XMLStreamException {
            if (xMLStreamReader.getAttributeCount() > 0) {
                throw ElytronMessages.log.fileSystemRealmInvalidContent(this.path, xMLStreamReader.getLocation().getLineNumber(), this.name);
            }
            List<Credential> emptyList = Collections.emptyList();
            Attributes attributes = Attributes.EMPTY;
            boolean z3 = false;
            boolean z4 = false;
            while (!xMLStreamReader.isEndElement()) {
                if (!validNamespace(xMLStreamReader.getNamespaceURI())) {
                    throw ElytronMessages.log.fileSystemRealmInvalidContent(this.path, xMLStreamReader.getLocation().getLineNumber(), this.name);
                }
                if (!z3 && "credentials".equals(xMLStreamReader.getLocalName())) {
                    z3 = true;
                    if (z) {
                        consumeContent(xMLStreamReader);
                    } else {
                        emptyList = parseCredentials(xMLStreamReader);
                    }
                } else if (!z4 && ClasspathEntry.TAG_ATTRIBUTES.equals(xMLStreamReader.getLocalName())) {
                    z4 = true;
                    if (z2) {
                        consumeContent(xMLStreamReader);
                    } else {
                        attributes = parseAttributes(xMLStreamReader);
                    }
                }
                xMLStreamReader.nextTag();
            }
            if (attributes == Attributes.EMPTY && !z2) {
                attributes = new MapAttributes();
            }
            return new LoadedIdentity(this.name, emptyList, attributes);
        }

        private List<Credential> parseCredentials(XMLStreamReader xMLStreamReader) throws RealmUnavailableException, XMLStreamException {
            if (xMLStreamReader.getAttributeCount() > 0) {
                throw ElytronMessages.log.fileSystemRealmInvalidContent(this.path, xMLStreamReader.getLocation().getLineNumber(), this.name);
            }
            if (xMLStreamReader.nextTag() == 2) {
                return Collections.emptyList();
            }
            ArrayList arrayList = new ArrayList();
            while (validNamespace(xMLStreamReader.getNamespaceURI())) {
                if ("password".equals(xMLStreamReader.getLocalName())) {
                    parsePassword(arrayList, xMLStreamReader);
                } else if ("public-key".equals(xMLStreamReader.getLocalName())) {
                    parsePublicKey(arrayList, xMLStreamReader);
                } else if (Acme.CERTIFICATE.equals(xMLStreamReader.getLocalName())) {
                    parseCertificate(arrayList, xMLStreamReader);
                } else {
                    if (!"otp".equals(xMLStreamReader.getLocalName())) {
                        throw ElytronMessages.log.fileSystemRealmInvalidContent(this.path, xMLStreamReader.getLocation().getLineNumber(), this.name);
                    }
                    parseOtp(arrayList, xMLStreamReader);
                }
                if (xMLStreamReader.nextTag() == 2) {
                    return arrayList;
                }
            }
            throw ElytronMessages.log.fileSystemRealmInvalidContent(this.path, xMLStreamReader.getLocation().getLineNumber(), this.name);
        }

        private void parseCredential(XMLStreamReader xMLStreamReader, CredentialParseFunction credentialParseFunction) throws RealmUnavailableException, XMLStreamException {
            int attributeCount = xMLStreamReader.getAttributeCount();
            String str = null;
            String str2 = null;
            String str3 = null;
            for (int i = 0; i < attributeCount; i++) {
                String attributeNamespace = xMLStreamReader.getAttributeNamespace(i);
                if (attributeNamespace != null && !attributeNamespace.equals("")) {
                    throw ElytronMessages.log.fileSystemRealmInvalidContent(this.path, xMLStreamReader.getLocation().getLineNumber(), str);
                }
                String attributeLocalName = xMLStreamReader.getAttributeLocalName(i);
                if ("name".equals(attributeLocalName)) {
                    str = xMLStreamReader.getAttributeValue(i);
                } else if ("algorithm".equals(attributeLocalName)) {
                    str2 = xMLStreamReader.getAttributeValue(i);
                } else {
                    if (!Constants.ATTRNAME_FORMAT.equals(attributeLocalName)) {
                        throw ElytronMessages.log.fileSystemRealmInvalidContent(this.path, xMLStreamReader.getLocation().getLineNumber(), str);
                    }
                    str3 = xMLStreamReader.getAttributeValue(i);
                }
            }
            credentialParseFunction.parseCredential(str2, str3, xMLStreamReader.getElementText().trim());
        }

        private void parseCertificate(List<Credential> list, XMLStreamReader xMLStreamReader) throws RealmUnavailableException, XMLStreamException {
            parseCredential(xMLStreamReader, (str, str2, str3) -> {
                if (str == null) {
                    str = X509_FORMAT;
                }
                if (str2 == null) {
                    str2 = X509_FORMAT;
                }
                try {
                    list.add(new X509CertificateChainPublicCredential((X509Certificate) CertificateFactory.getInstance(str).generateCertificate(CodePointIterator.ofString(str3).base64Decode().asInputStream())));
                } catch (ClassCastException | CertificateException e) {
                    throw ElytronMessages.log.fileSystemRealmCertificateReadError(str2, this.path, xMLStreamReader.getLocation().getLineNumber(), this.name);
                }
            });
        }

        private void parsePublicKey(List<Credential> list, XMLStreamReader xMLStreamReader) throws RealmUnavailableException, XMLStreamException {
            parseCredential(xMLStreamReader, (str, str2, str3) -> {
                if (str == null) {
                    throw ElytronMessages.log.fileSystemRealmMissingAttribute("algorithm", this.path, xMLStreamReader.getLocation().getLineNumber(), this.name);
                }
                if (str2 == null) {
                    str2 = X509_FORMAT;
                } else if (!X509_FORMAT.equals(str2)) {
                    throw ElytronMessages.log.fileSystemRealmUnsupportedKeyFormat(str2, this.path, xMLStreamReader.getLocation().getLineNumber(), this.name);
                }
                try {
                    list.add(new PublicKeyCredential(KeyFactory.getInstance(str).generatePublic(new PKCS8EncodedKeySpec(CodePointIterator.ofString(str3).base64Decode().drain()))));
                } catch (NoSuchAlgorithmException e) {
                    throw ElytronMessages.log.fileSystemRealmUnsupportedKeyAlgorithm(str2, this.path, xMLStreamReader.getLocation().getLineNumber(), this.name, e);
                } catch (InvalidKeySpecException e2) {
                    throw ElytronMessages.log.fileSystemRealmUnsupportedKeyFormat(str2, this.path, xMLStreamReader.getLocation().getLineNumber(), this.name);
                }
            });
        }

        private void parsePassword(List<Credential> list, XMLStreamReader xMLStreamReader) throws XMLStreamException, RealmUnavailableException {
            parseCredential(xMLStreamReader, (str, str2, str3) -> {
                try {
                    if ("base64".equals(str2)) {
                        if (str == null) {
                            throw ElytronMessages.log.fileSystemRealmMissingAttribute("algorithm", this.path, xMLStreamReader.getLocation().getLineNumber(), this.name);
                        }
                        byte[] drain = CodePointIterator.ofChars(str3.toCharArray()).base64Decode().drain();
                        PasswordFactory passwordFactory = PasswordFactory.getInstance(str);
                        PasswordSpec decode = BasicPasswordSpecEncoding.decode(drain);
                        if (decode == null) {
                            throw ElytronMessages.log.fileSystemRealmInvalidPasswordAlgorithm(str, this.path, xMLStreamReader.getLocation().getLineNumber(), this.name);
                        }
                        list.add(new PasswordCredential(passwordFactory.generatePassword(decode)));
                    } else {
                        if (!MCF_FORMAT.equals(str2)) {
                            throw ElytronMessages.log.fileSystemRealmInvalidPasswordFormat(str2, this.path, xMLStreamReader.getLocation().getLineNumber(), this.name);
                        }
                        list.add(new PasswordCredential(ModularCrypt.decode(str3)));
                    }
                } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
                    throw ElytronMessages.log.fileSystemRealmInvalidContent(this.path, xMLStreamReader.getLocation().getLineNumber(), this.name);
                }
            });
        }

        private void parseOtp(List<Credential> list, XMLStreamReader xMLStreamReader) throws XMLStreamException, RealmUnavailableException {
            String str = null;
            String str2 = null;
            byte[] bArr = null;
            String str3 = null;
            int i = 0;
            int attributeCount = xMLStreamReader.getAttributeCount();
            for (int i2 = 0; i2 < attributeCount; i2++) {
                String attributeNamespace = xMLStreamReader.getAttributeNamespace(i2);
                if (attributeNamespace != null && !attributeNamespace.equals("")) {
                    throw ElytronMessages.log.fileSystemRealmInvalidContent(this.path, xMLStreamReader.getLocation().getLineNumber(), str);
                }
                String attributeLocalName = xMLStreamReader.getAttributeLocalName(i2);
                if ("name".equals(attributeLocalName)) {
                    str = xMLStreamReader.getAttributeValue(i2);
                } else if ("algorithm".equals(attributeLocalName)) {
                    str2 = xMLStreamReader.getAttributeValue(i2);
                } else if ("hash".equals(attributeLocalName)) {
                    bArr = CodePointIterator.ofString(xMLStreamReader.getAttributeValue(i2)).base64Decode(Base64Alphabet.STANDARD, false).drain();
                } else if ("seed".equals(attributeLocalName)) {
                    str3 = new String(CodePointIterator.ofString(xMLStreamReader.getAttributeValue(i2)).base64Decode(Base64Alphabet.STANDARD, false).drain(), StandardCharsets.US_ASCII);
                } else {
                    if (!"sequence".equals(attributeLocalName)) {
                        throw ElytronMessages.log.fileSystemRealmInvalidContent(this.path, xMLStreamReader.getLocation().getLineNumber(), str);
                    }
                    i = Integer.parseInt(xMLStreamReader.getAttributeValue(i2));
                }
            }
            if (xMLStreamReader.nextTag() != 2) {
                throw ElytronMessages.log.fileSystemRealmInvalidContent(this.path, xMLStreamReader.getLocation().getLineNumber(), str);
            }
            try {
                if (str2 == null) {
                    throw ElytronMessages.log.fileSystemRealmMissingAttribute("algorithm", this.path, xMLStreamReader.getLocation().getLineNumber(), str);
                }
                list.add(new PasswordCredential(PasswordFactory.getInstance(str2).generatePassword(new OneTimePasswordSpec(bArr, str3, i))));
            } catch (NoSuchAlgorithmException e) {
                throw ElytronMessages.log.fileSystemRealmInvalidOtpAlgorithm(str2, this.path, xMLStreamReader.getLocation().getLineNumber(), str, e);
            } catch (InvalidKeySpecException e2) {
                throw ElytronMessages.log.fileSystemRealmInvalidOtpDefinition(this.path, xMLStreamReader.getLocation().getLineNumber(), str, e2);
            }
        }

        private Attributes parseAttributes(XMLStreamReader xMLStreamReader) throws RealmUnavailableException, XMLStreamException {
            if (xMLStreamReader.getAttributeCount() > 0) {
                throw ElytronMessages.log.fileSystemRealmInvalidContent(this.path, xMLStreamReader.getLocation().getLineNumber(), this.name);
            }
            if (xMLStreamReader.nextTag() == 2) {
                return Attributes.EMPTY;
            }
            MapAttributes mapAttributes = new MapAttributes();
            while (validNamespace(xMLStreamReader.getNamespaceURI())) {
                if (!"attribute".equals(xMLStreamReader.getLocalName())) {
                    throw ElytronMessages.log.fileSystemRealmInvalidContent(this.path, xMLStreamReader.getLocation().getLineNumber(), this.name);
                }
                parseAttribute(xMLStreamReader, mapAttributes);
                if (xMLStreamReader.nextTag() != 1) {
                    return mapAttributes;
                }
            }
            throw ElytronMessages.log.fileSystemRealmInvalidContent(this.path, xMLStreamReader.getLocation().getLineNumber(), this.name);
        }

        private void parseAttribute(XMLStreamReader xMLStreamReader, Attributes attributes) throws XMLStreamException, RealmUnavailableException {
            String str = null;
            String str2 = null;
            int attributeCount = xMLStreamReader.getAttributeCount();
            for (int i = 0; i < attributeCount; i++) {
                String attributeNamespace = xMLStreamReader.getAttributeNamespace(i);
                if (attributeNamespace != null && !attributeNamespace.equals("")) {
                    throw ElytronMessages.log.fileSystemRealmInvalidContent(this.path, xMLStreamReader.getLocation().getLineNumber(), this.name);
                }
                if ("name".equals(xMLStreamReader.getAttributeLocalName(i))) {
                    str = xMLStreamReader.getAttributeValue(i);
                } else {
                    if (!"value".equals(xMLStreamReader.getAttributeLocalName(i))) {
                        throw ElytronMessages.log.fileSystemRealmInvalidContent(this.path, xMLStreamReader.getLocation().getLineNumber(), this.name);
                    }
                    str2 = xMLStreamReader.getAttributeValue(i);
                }
            }
            if (str == null) {
                throw ElytronMessages.log.fileSystemRealmMissingAttribute("name", this.path, xMLStreamReader.getLocation().getLineNumber(), this.name);
            }
            if (str2 == null) {
                throw ElytronMessages.log.fileSystemRealmMissingAttribute("value", this.path, xMLStreamReader.getLocation().getLineNumber(), this.name);
            }
            attributes.addLast(str, str2);
            if (xMLStreamReader.nextTag() != 2) {
                throw ElytronMessages.log.fileSystemRealmInvalidContent(this.path, xMLStreamReader.getLocation().getLineNumber(), this.name);
            }
        }

        private void consumeContent(XMLStreamReader xMLStreamReader) throws XMLStreamException {
            while (xMLStreamReader.hasNext()) {
                switch (xMLStreamReader.next()) {
                    case 1:
                        consumeContent(xMLStreamReader);
                        break;
                    case 2:
                        return;
                }
            }
        }

        private boolean validNamespace(String str) {
            return FileSystemSecurityRealm.ELYTRON_1_0.equals(str) || FileSystemSecurityRealm.ELYTRON_1_0_1.equals(str);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* JADX WARN: Classes with same name are omitted:
      input_file:WEB-INF/lib/wildfly-elytron-1.10.4.Final.jar:org/wildfly/security/auth/realm/FileSystemSecurityRealm$LoadedIdentity.class
     */
    /* loaded from: input_file:WEB-INF/lib/wildfly-elytron-realm-1.10.4.Final.jar:org/wildfly/security/auth/realm/FileSystemSecurityRealm$LoadedIdentity.class */
    public static final class LoadedIdentity {
        private final String name;
        private final List<Credential> credentials;
        private final Attributes attributes;

        LoadedIdentity(String str, List<Credential> list, Attributes attributes) {
            this.name = str;
            this.credentials = list;
            this.attributes = attributes;
        }

        public String getName() {
            return this.name;
        }

        public Attributes getAttributes() {
            return this.attributes;
        }

        List<Credential> getCredentials() {
            return this.credentials;
        }
    }

    public FileSystemSecurityRealm(Path path, NameRewriter nameRewriter, int i, boolean z) {
        this.realmIdentityLocks = new ConcurrentHashMap<>();
        SecurityManager securityManager = System.getSecurityManager();
        if (securityManager != null) {
            securityManager.checkPermission(CREATE_SECURITY_REALM);
        }
        this.root = path;
        this.nameRewriter = nameRewriter;
        this.levels = i;
        this.encoded = z;
    }

    public FileSystemSecurityRealm(Path path, NameRewriter nameRewriter, int i) {
        this(path, nameRewriter, i, true);
    }

    public FileSystemSecurityRealm(Path path, int i) {
        this(path, NameRewriter.IDENTITY_REWRITER, i, true);
    }

    public FileSystemSecurityRealm(Path path) {
        this(path, NameRewriter.IDENTITY_REWRITER, 2, true);
    }

    private Path pathFor(String str) {
        if (!$assertionsDisabled && str.codePointCount(0, str.length()) <= 0) {
            throw new AssertionError();
        }
        String str2 = str;
        if (this.encoded) {
            str2 = Normalizer.normalize(str, Normalizer.Form.NFKC).toLowerCase(Locale.ROOT).replaceAll("[^a-z0-9]", "_");
        }
        Path path = this.root;
        int i = 0;
        for (int i2 = 0; i2 < this.levels; i2++) {
            int offsetByCodePoints = str2.offsetByCodePoints(i, 1);
            path = path.resolve(str2.substring(i, offsetByCodePoints));
            i = offsetByCodePoints;
            if (i == str2.length()) {
                break;
            }
        }
        if (this.encoded) {
            str = str2 + "-" + ByteIterator.ofBytes(new ByteStringBuilder().append(str).toArray()).base32Encode(Base32Alphabet.STANDARD, false).drainToString();
        }
        return path.resolve(str + ".xml");
    }

    /* JADX INFO: Access modifiers changed from: private */
    public String nameFor(Path path) {
        String path2 = path.toString();
        String substring = path2.substring(0, path2.length() - 4);
        if (this.encoded) {
            CodePointIterator ofString = CodePointIterator.ofString(substring);
            ofString.delimitedBy(45).skipAll();
            ofString.next();
            substring = ofString.base32Decode(Base32Alphabet.STANDARD, false).asUtf8String().drainToString();
        }
        return substring;
    }

    @Override // org.wildfly.security.auth.server.SecurityRealm
    public RealmIdentity getRealmIdentity(Principal principal) {
        return principal instanceof NamePrincipal ? getRealmIdentity(principal.getName(), false) : RealmIdentity.NON_EXISTENT;
    }

    @Override // org.wildfly.security.auth.server.ModifiableSecurityRealm
    public ModifiableRealmIdentity getRealmIdentityForUpdate(Principal principal) {
        return principal instanceof NamePrincipal ? getRealmIdentity(principal.getName(), true) : ModifiableRealmIdentity.NON_EXISTENT;
    }

    @Override // org.wildfly.security.auth.realm.CacheableSecurityRealm
    public void registerIdentityChangeListener(Consumer<Principal> consumer) {
    }

    private ModifiableRealmIdentity getRealmIdentity(String str, boolean z) {
        String rewriteName = this.nameRewriter.rewriteName(str);
        if (rewriteName == null) {
            throw ElytronMessages.log.invalidName();
        }
        IdentitySharedExclusiveLock realmIdentityLockForName = getRealmIdentityLockForName(rewriteName);
        return new Identity(rewriteName, pathFor(rewriteName), z ? realmIdentityLockForName.lockExclusive() : realmIdentityLockForName.lockShared());
    }

    @Override // org.wildfly.security.auth.server.ModifiableSecurityRealm
    public ModifiableRealmIdentityIterator getRealmIdentityIterator() throws RealmUnavailableException {
        return subIterator(this.root, this.levels);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public ModifiableRealmIdentityIterator subIterator(Path path, final int i) {
        if (i == 0) {
            try {
                final DirectoryStream<Path> newDirectoryStream = Files.newDirectoryStream(path, "*.xml");
                final Iterator<Path> it = newDirectoryStream.iterator();
                return new ModifiableRealmIdentityIterator() { // from class: org.wildfly.security.auth.realm.FileSystemSecurityRealm.1
                    @Override // java.util.Iterator
                    public boolean hasNext() {
                        if (!it.hasNext()) {
                            try {
                                close();
                            } catch (IOException e) {
                                ElytronMessages.log.debug("Unable to close the stream", e);
                            }
                        }
                        return it.hasNext();
                    }

                    /* JADX WARN: Can't rename method to resolve collision */
                    @Override // java.util.Iterator
                    public ModifiableRealmIdentity next() {
                        return FileSystemSecurityRealm.this.getRealmIdentityForUpdate(new NamePrincipal(FileSystemSecurityRealm.this.nameFor(((Path) it.next()).getFileName())));
                    }

                    @Override // org.wildfly.security.auth.server.ModifiableRealmIdentityIterator, java.lang.AutoCloseable
                    public void close() throws RealmUnavailableException {
                        try {
                            newDirectoryStream.close();
                        } catch (IOException e) {
                            ElytronMessages.log.debug("Unable to close the stream", e);
                        }
                    }
                };
            } catch (IOException e) {
                ElytronMessages.log.debug("Unable to open directory", e);
                return ModifiableRealmIdentityIterator.emptyIterator();
            }
        }
        try {
            final DirectoryStream<Path> newDirectoryStream2 = Files.newDirectoryStream(path, (DirectoryStream.Filter<? super Path>) path2 -> {
                String path2 = path2.getFileName().toString();
                return path2.length() == 1 && !path2.equals(".") && Files.isDirectory(path2, new LinkOption[0]);
            });
            final Iterator<Path> it2 = newDirectoryStream2.iterator();
            return new ModifiableRealmIdentityIterator() { // from class: org.wildfly.security.auth.realm.FileSystemSecurityRealm.2
                private ModifiableRealmIdentityIterator subIterator;

                @Override // java.util.Iterator
                public boolean hasNext() {
                    while (true) {
                        if (this.subIterator == null) {
                            if (!it2.hasNext()) {
                                try {
                                    close();
                                    return false;
                                } catch (IOException e2) {
                                    ElytronMessages.log.debug("Unable to close the stream", e2);
                                    return false;
                                }
                            }
                            this.subIterator = FileSystemSecurityRealm.this.subIterator((Path) it2.next(), i - 1);
                        } else {
                            if (this.subIterator.hasNext()) {
                                return true;
                            }
                            this.subIterator = null;
                        }
                    }
                }

                /* JADX WARN: Can't rename method to resolve collision */
                @Override // java.util.Iterator
                public ModifiableRealmIdentity next() {
                    if (hasNext()) {
                        return this.subIterator.next();
                    }
                    throw new NoSuchElementException();
                }

                @Override // org.wildfly.security.auth.server.ModifiableRealmIdentityIterator, java.lang.AutoCloseable
                public void close() throws RealmUnavailableException {
                    try {
                        if (this.subIterator != null) {
                            this.subIterator.close();
                        }
                    } finally {
                        try {
                            newDirectoryStream2.close();
                        } catch (IOException e2) {
                            ElytronMessages.log.debug("Unable to close the stream", e2);
                        }
                    }
                }
            };
        } catch (IOException e2) {
            ElytronMessages.log.debug("Unable to open directory", e2);
            return ModifiableRealmIdentityIterator.emptyIterator();
        }
    }

    @Override // org.wildfly.security.auth.server.SecurityRealm
    public SupportLevel getCredentialAcquireSupport(Class<? extends Credential> cls, String str, AlgorithmParameterSpec algorithmParameterSpec) throws RealmUnavailableException {
        return SupportLevel.POSSIBLY_SUPPORTED;
    }

    @Override // org.wildfly.security.auth.server.SecurityRealm
    public SupportLevel getEvidenceVerifySupport(Class<? extends Evidence> cls, String str) throws RealmUnavailableException {
        return SupportLevel.POSSIBLY_SUPPORTED;
    }

    private IdentitySharedExclusiveLock getRealmIdentityLockForName(String str) {
        IdentitySharedExclusiveLock identitySharedExclusiveLock = this.realmIdentityLocks.get(str);
        if (identitySharedExclusiveLock == null) {
            IdentitySharedExclusiveLock identitySharedExclusiveLock2 = new IdentitySharedExclusiveLock();
            identitySharedExclusiveLock = this.realmIdentityLocks.putIfAbsent(str, identitySharedExclusiveLock2);
            if (identitySharedExclusiveLock == null) {
                identitySharedExclusiveLock = identitySharedExclusiveLock2;
            }
        }
        return identitySharedExclusiveLock;
    }

    static {
        $assertionsDisabled = !FileSystemSecurityRealm.class.desiredAssertionStatus();
        CREATE_SECURITY_REALM = ElytronPermission.forName("createSecurityRealm");
    }
}
