package org.wildfly.naming.client;

import java.net.URI;
import java.net.URISyntaxException;
import java.security.AccessController;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.ConcurrentMap;
import java.util.function.Supplier;
import javax.naming.ConfigurationException;
import javax.naming.NamingException;
import javax.security.auth.callback.CallbackHandler;
import org.guvnor.ala.openshift.config.OpenShiftParameters;
import org.jboss.as.naming.subsystem.NamingSubsystemModel;
import org.jboss.naming.remote.client.InitialContextFactory;
import org.jboss.remoting3.RemotingOptions;
import org.wildfly.common.Assert;
import org.wildfly.common.expression.Expression;
import org.wildfly.naming.client._private.Messages;
import org.wildfly.naming.client.util.EnvironmentUtils;
import org.wildfly.naming.client.util.NetworkUtils;
import org.wildfly.security.auth.client.AuthenticationConfiguration;
import org.wildfly.security.auth.client.AuthenticationContext;
import org.wildfly.security.auth.client.MatchRule;
import org.wildfly.security.auth.server.IdentityCredentials;
import org.wildfly.security.sasl.localuser.LocalUserClient;
import org.wildfly.security.util.CodePointIterator;
import org.xnio.Option;
import org.xnio.OptionMap;
import org.xnio.Options;
import org.xnio.Property;
import org.xnio.Sequence;

/* loaded from: input_file:m2repo/org/wildfly/wildfly-naming-client/1.0.7.Final/wildfly-naming-client-1.0.7.Final.jar:org/wildfly/naming/client/ProviderEnvironment.class */
public final class ProviderEnvironment {
    private static final long BACKOFF_MASK = 32767;
    public static final long TIME_MASK = -32768;
    private final List<URI> providerUris;
    private final ConcurrentHashMap<URI, Long> blackList = new ConcurrentHashMap<>(0);
    private final Supplier<AuthenticationContext> authenticationContextSupplier;
    static final Supplier<AuthenticationContext> DEFAULT_AUTH_CTXT_SUPPLIER = new Supplier<AuthenticationContext>() { // from class: org.wildfly.naming.client.ProviderEnvironment.1
        /* JADX WARN: Can't rename method to resolve collision */
        @Override // java.util.function.Supplier
        public AuthenticationContext get() {
            return AuthenticationContext.captureCurrent();
        }
    };

    /* loaded from: input_file:m2repo/org/wildfly/wildfly-naming-client/1.0.7.Final/wildfly-naming-client-1.0.7.Final.jar:org/wildfly/naming/client/ProviderEnvironment$Builder.class */
    public static final class Builder {
        private final List<URI> providerUris = new ArrayList();
        private final Set<URI> encounteredUris = new HashSet();
        private Supplier<AuthenticationContext> authenticationContextSupplier = ProviderEnvironment.DEFAULT_AUTH_CTXT_SUPPLIER;
        private static final String REMOTE_CONNECTION_PREFIX = "remote.connection.";
        private static final int REMOTE_CONNECTION_PREFIX_LEN = "remote.connection.".length();
        private static final String CONNECT_OPTIONS_PREFIX = "jboss.naming.client.connect.options.";

        public Builder addProviderUri(URI uri) {
            Assert.checkNotNullParam("uri", uri);
            if (!this.encounteredUris.add(uri)) {
                Messages.log.ignoringDuplicateDestination(uri);
            }
            this.providerUris.add(uri);
            return this;
        }

        public Builder addProviderUris(Collection<URI> collection) {
            Assert.checkNotNullParam("uris", collection);
            for (URI uri : collection) {
                Assert.checkNotNullParam("uri", uri);
                this.providerUris.add(uri);
            }
            return this;
        }

        public Builder setAuthenticationContextSupplier(Supplier<AuthenticationContext> supplier) {
            Assert.checkNotNullParam("authenticationContextSupplier", supplier);
            this.authenticationContextSupplier = supplier;
            return this;
        }

        List<URI> getProviderUris() {
            return this.providerUris;
        }

        Supplier<AuthenticationContext> getAuthenticationContextSupplier() {
            return this.authenticationContextSupplier;
        }

        public Builder populateFromEnvironment(Map<String, ?> map) throws NamingException {
            Assert.checkNotNullParam(NamingSubsystemModel.ENVIRONMENT, map);
            ClassLoader secureGetContextClassLoader = secureGetContextClassLoader();
            String envString = getEnvString(map, "java.naming.security.principal", null, true);
            boolean populateProviderUris = populateProviderUris(map);
            String envString2 = getEnvString(map, "java.naming.security.protocol", null, true);
            String envString3 = getEnvString(map, EnvironmentUtils.EJB_REMOTE_CONNECTION_PROVIDER_PREFIX + Options.SSL_ENABLED, null, true);
            boolean parseBoolean = envString3 != null ? Boolean.parseBoolean(envString3) : envString2 != null && "ssl".equalsIgnoreCase(envString2.trim());
            String envString4 = getEnvString(map, InitialContextFactory.CALLBACK_HANDLER_KEY, null, true);
            IdentityCredentials securityCredentials = EnvironmentUtils.getSecurityCredentials(map);
            String envString5 = getEnvString(map, InitialContextFactory.PASSWORD_BASE64_KEY, null, false);
            String envString6 = getEnvString(map, InitialContextFactory.REALM_KEY, null, true);
            if (envString4 != null && (envString != null || securityCredentials != null || envString5 != null)) {
                throw Messages.log.callbackHandlerAndUsernameAndPasswordSpecified();
            }
            boolean z = (securityCredentials == null && envString5 == null && envString4 == null && envString6 == null && envString == null) ? false : true;
            CallbackHandler callbackHandler = null;
            if (envString4 != null) {
                try {
                    callbackHandler = (CallbackHandler) Class.forName(envString4, true, secureGetContextClassLoader).newInstance();
                } catch (ClassNotFoundException e) {
                    throw Messages.log.failedToLoadCallbackHandlerClass(e, envString4);
                } catch (Exception e2) {
                    throw Messages.log.failedToInstantiateCallbackHandlerInstance(e2, envString4);
                }
            }
            OptionMap optionMap = getOptionMap(map, CONNECT_OPTIONS_PREFIX, Builder.class.getClassLoader());
            if (callbackHandler != null || envString != null) {
                optionMap = setQuietLocalAuth(optionMap, false);
            }
            AuthenticationConfiguration mergeOptionsIntoAuthenticationConfiguration = RemotingOptions.mergeOptionsIntoAuthenticationConfiguration(optionMap, AuthenticationConfiguration.empty());
            if (envString != null) {
                mergeOptionsIntoAuthenticationConfiguration = mergeOptionsIntoAuthenticationConfiguration.useName(envString);
            }
            if (callbackHandler != null) {
                mergeOptionsIntoAuthenticationConfiguration = mergeOptionsIntoAuthenticationConfiguration.useCallbackHandler(callbackHandler);
            }
            if (securityCredentials != null) {
                mergeOptionsIntoAuthenticationConfiguration = mergeOptionsIntoAuthenticationConfiguration.useCredentials(securityCredentials);
            } else if (envString5 != null) {
                mergeOptionsIntoAuthenticationConfiguration = mergeOptionsIntoAuthenticationConfiguration.usePassword(CodePointIterator.ofString(envString5).base64Decode().asUtf8String().drainToString());
            }
            if (envString6 != null) {
                mergeOptionsIntoAuthenticationConfiguration = mergeOptionsIntoAuthenticationConfiguration.useRealm(envString6);
            }
            HashSet hashSet = null;
            Iterator<String> it = map.keySet().iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                String connectionNameOf = connectionNameOf(it.next());
                if (connectionNameOf != null) {
                    if (populateProviderUris) {
                        Messages.log.ignoringLegacyProperties();
                        break;
                    }
                    Messages.log.deprecatedProperties();
                    if (hashSet == null) {
                        hashSet = new HashSet();
                    }
                    hashSet.add(connectionNameOf);
                }
            }
            HashMap hashMap = null;
            if (!populateProviderUris && hashSet != null) {
                Iterator it2 = hashSet.iterator();
                while (it2.hasNext()) {
                    String str = "remote.connection." + ((String) it2.next()) + ".";
                    String envString7 = getEnvString(map, str + "username", null, true);
                    String formatPossibleIpv6Address = NetworkUtils.formatPossibleIpv6Address(getEnvString(map, str + "host", null, true));
                    String envString8 = getEnvString(map, str + "password", null, true);
                    String envString9 = getEnvString(map, str + EnvironmentUtils.EJB_PASSWORD_BASE64_KEY, null, true);
                    String envString10 = getEnvString(map, str + EnvironmentUtils.EJB_CALLBACK_HANDLER_CLASS_KEY, null, true);
                    boolean parseBoolean2 = Boolean.parseBoolean(getEnvString(map, str + EnvironmentUtils.CONNECT_OPTIONS + Options.SSL_ENABLED, Boolean.toString(parseBoolean), true));
                    String envString11 = getEnvString(map, str + "protocol", parseBoolean2 ? "remote+https" : "remote+http", true);
                    int envInt = getEnvInt(map, str + "port", parseBoolean2 ? 443 : 80, true);
                    if (envString10 != null && (envString7 != null || envString8 != null || envString9 != null)) {
                        throw Messages.log.callbackHandlerAndUsernameAndPasswordSpecified();
                    }
                    CallbackHandler callbackHandler2 = null;
                    if (envString10 != null) {
                        try {
                            callbackHandler2 = (CallbackHandler) Class.forName(envString10, true, secureGetContextClassLoader).newInstance();
                        } catch (ClassNotFoundException e3) {
                            throw Messages.log.failedToLoadCallbackHandlerClass(e3, envString10);
                        } catch (Exception e4) {
                            throw Messages.log.failedToInstantiateCallbackHandlerInstance(e4, envString10);
                        }
                    }
                    OptionMap optionMap2 = getOptionMap(map, str + EnvironmentUtils.CONNECT_OPTIONS, Builder.class.getClassLoader());
                    if (callbackHandler2 != null || envString7 != null) {
                        optionMap2 = setQuietLocalAuth(optionMap2, false);
                    }
                    if (formatPossibleIpv6Address != null) {
                        try {
                            URI uri = new URI(envString11, null, formatPossibleIpv6Address, envInt, null, null, null);
                            if (envString8 != null || envString9 != null || callbackHandler2 != null || envString7 != null) {
                                if (hashMap == null) {
                                    hashMap = new HashMap();
                                }
                                AuthenticationConfiguration mergeOptionsIntoAuthenticationConfiguration2 = RemotingOptions.mergeOptionsIntoAuthenticationConfiguration(optionMap2, AuthenticationConfiguration.empty());
                                if (envString7 != null) {
                                    mergeOptionsIntoAuthenticationConfiguration2 = mergeOptionsIntoAuthenticationConfiguration2.useName(envString7);
                                }
                                if (callbackHandler2 != null) {
                                    mergeOptionsIntoAuthenticationConfiguration2 = mergeOptionsIntoAuthenticationConfiguration2.useCallbackHandler(callbackHandler2);
                                }
                                if (envString8 != null) {
                                    mergeOptionsIntoAuthenticationConfiguration2 = mergeOptionsIntoAuthenticationConfiguration2.usePassword(envString8);
                                } else if (envString9 != null) {
                                    mergeOptionsIntoAuthenticationConfiguration2 = mergeOptionsIntoAuthenticationConfiguration2.usePassword(CodePointIterator.ofString(envString9).base64Decode().asUtf8String().drainToString());
                                }
                                hashMap.putIfAbsent(uri, mergeOptionsIntoAuthenticationConfiguration2);
                            }
                            addProviderUri(uri);
                        } catch (URISyntaxException e5) {
                            throw Messages.log.invalidProviderGenerated(e5);
                        }
                    }
                }
            }
            AuthenticationContext empty = AuthenticationContext.empty();
            if (hashMap != null) {
                for (Map.Entry entry : hashMap.entrySet()) {
                    empty = empty.with(ruleFromLocation((URI) entry.getKey()), (AuthenticationConfiguration) entry.getValue());
                }
            }
            if (z) {
                empty = empty.with(MatchRule.ALL, mergeOptionsIntoAuthenticationConfiguration);
            }
            if (z || hashMap != null) {
                setAuthenticationContextSupplier(new FixedAuthenticationContextSupplier(empty, !z));
            }
            return this;
        }

        private OptionMap getOptionMap(Map<String, ?> map, String str, ClassLoader classLoader) {
            OptionMap.Builder builder = OptionMap.builder();
            builder.set(Options.SASL_POLICY_NOANONYMOUS, false);
            for (String str2 : map.keySet()) {
                if (str2.startsWith(str)) {
                    Option<?> fromString = Option.fromString(str2.substring(str.length()), classLoader);
                    Object obj = map.get(str2);
                    if (obj != null) {
                        builder.parse(fromString, obj.toString(), classLoader);
                    }
                }
            }
            return builder.getMap();
        }

        private static MatchRule ruleFromLocation(URI uri) {
            String schemeSpecificPart;
            MatchRule matchRule = MatchRule.ALL;
            String scheme = uri.getScheme();
            if (scheme != null) {
                matchRule = matchRule.matchProtocol(scheme);
            }
            String host = uri.getHost();
            if (host != null) {
                matchRule = matchRule.matchHost(host);
            }
            int port = uri.getPort();
            if (port != -1) {
                matchRule = matchRule.matchPort(port);
            }
            String path = uri.getPath();
            if (path != null && !path.isEmpty()) {
                matchRule = matchRule.matchPath(path);
            }
            if (path == null && port == -1 && host == null && (schemeSpecificPart = uri.getSchemeSpecificPart()) != null) {
                matchRule = matchRule.matchUrnName(schemeSpecificPart);
            }
            return matchRule;
        }

        private static String connectionNameOf(String str) {
            if (!str.startsWith("remote.connection.")) {
                return null;
            }
            int indexOf = str.indexOf(46, REMOTE_CONNECTION_PREFIX_LEN);
            String trim = (indexOf == -1 ? str.substring(REMOTE_CONNECTION_PREFIX_LEN) : str.substring(REMOTE_CONNECTION_PREFIX_LEN, indexOf)).trim();
            if (trim.isEmpty()) {
                return null;
            }
            return trim;
        }

        private boolean populateProviderUris(Map<String, ?> map) throws ConfigurationException {
            Object obj = map.get("java.naming.provider.url");
            if (obj == null) {
                return false;
            }
            String evaluateWithPropertiesAndEnvironment = Expression.compile(obj.toString(), Expression.Flag.LENIENT_SYNTAX).evaluateWithPropertiesAndEnvironment(false);
            if (evaluateWithPropertiesAndEnvironment.isEmpty()) {
                return false;
            }
            for (String str : evaluateWithPropertiesAndEnvironment.split(OpenShiftParameters.DEFAULT_PARAM_DELIMITER)) {
                try {
                    addProviderUri(new URI(str.trim()));
                } catch (URISyntaxException e) {
                    throw Messages.log.invalidProviderUri(e, str);
                }
            }
            return true;
        }

        public ProviderEnvironment build() {
            return new ProviderEnvironment(this);
        }

        private static String getEnvString(Map<String, ?> map, String str, String str2, boolean z) {
            Object obj = map.get(str);
            if (obj == null) {
                return str2;
            }
            String obj2 = obj.toString();
            return z ? Expression.compile(obj2, Expression.Flag.LENIENT_SYNTAX).evaluateWithPropertiesAndEnvironment(false) : obj2.trim();
        }

        private static int getEnvInt(Map<String, ?> map, String str, int i, boolean z) throws ConfigurationException {
            Object obj = map.get(str);
            if (obj == null) {
                return i;
            }
            if (obj instanceof Number) {
                return ((Number) obj).intValue();
            }
            String obj2 = obj.toString();
            String evaluateWithPropertiesAndEnvironment = z ? Expression.compile(obj2, Expression.Flag.LENIENT_SYNTAX).evaluateWithPropertiesAndEnvironment(false) : obj2.trim();
            try {
                return Integer.parseInt(evaluateWithPropertiesAndEnvironment);
            } catch (NumberFormatException e) {
                throw Messages.log.invalidNumericProperty(e, str, evaluateWithPropertiesAndEnvironment);
            }
        }

        private static OptionMap setQuietLocalAuth(OptionMap optionMap, boolean z) {
            Sequence sequence = (Sequence) optionMap.get(Options.SASL_PROPERTIES);
            if (sequence == null) {
                OptionMap.Builder addAll = OptionMap.builder().addAll(optionMap);
                addAll.set((Option<Option<Sequence<Property>>>) Options.SASL_PROPERTIES, (Option<Sequence<Property>>) Sequence.of((Object[]) new Property[]{Property.of(LocalUserClient.QUIET_AUTH, Boolean.toString(z))}));
                return addAll.getMap();
            }
            Iterator it = sequence.iterator();
            while (it.hasNext()) {
                String key = ((Property) it.next()).getKey();
                if (key.equals(LocalUserClient.QUIET_AUTH) || key.equals(LocalUserClient.LEGACY_QUIET_AUTH)) {
                    return optionMap;
                }
            }
            sequence.add(Property.of(LocalUserClient.QUIET_AUTH, Boolean.toString(z)));
            return optionMap;
        }

        private static ClassLoader secureGetContextClassLoader() {
            return System.getSecurityManager() != null ? (ClassLoader) AccessController.doPrivileged(Builder::getContextClassLoader) : getContextClassLoader();
        }

        private static ClassLoader getContextClassLoader() {
            return Thread.currentThread().getContextClassLoader();
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:m2repo/org/wildfly/wildfly-naming-client/1.0.7.Final/wildfly-naming-client-1.0.7.Final.jar:org/wildfly/naming/client/ProviderEnvironment$FixedAuthenticationContextSupplier.class */
    public static final class FixedAuthenticationContextSupplier implements Supplier<AuthenticationContext> {
        private final AuthenticationContext context;
        private final boolean inherit;

        FixedAuthenticationContextSupplier(AuthenticationContext authenticationContext, boolean z) {
            this.context = authenticationContext;
            this.inherit = z;
        }

        /* JADX WARN: Can't rename method to resolve collision */
        @Override // java.util.function.Supplier
        public AuthenticationContext get() {
            return this.inherit ? this.context.with(AuthenticationContext.captureCurrent()) : this.context;
        }
    }

    ProviderEnvironment(Builder builder) {
        List<URI> providerUris = builder.getProviderUris();
        this.providerUris = providerUris.isEmpty() ? Collections.emptyList() : providerUris.size() == 1 ? Collections.singletonList(providerUris.get(0)) : Collections.unmodifiableList(new ArrayList(providerUris));
        this.authenticationContextSupplier = builder.getAuthenticationContextSupplier();
    }

    public List<URI> getProviderUris() {
        return this.providerUris;
    }

    public ConcurrentMap<URI, Long> getBlackList() {
        return this.blackList;
    }

    public void updateBlacklist(URI uri) {
        long currentTimeMillis;
        Long l;
        int i;
        do {
            currentTimeMillis = System.currentTimeMillis();
            l = this.blackList.get(uri);
            if (l == null) {
                l = this.blackList.putIfAbsent(uri, Long.valueOf((((currentTimeMillis >>> 15) + 3) << 15) | 2));
                if (l == null) {
                    return;
                }
            }
            int longValue = (int) ((l.longValue() & BACKOFF_MASK) << 1);
            i = ((long) longValue) > BACKOFF_MASK ? longValue >> 1 : longValue;
        } while (!this.blackList.replace(uri, l, Long.valueOf(((((currentTimeMillis >>> 15) + i) + 1) << 15) | i)));
    }

    public void dropFromBlacklist(URI uri) {
        this.blackList.remove(uri);
    }

    public Supplier<AuthenticationContext> getAuthenticationContextSupplier() {
        return this.authenticationContextSupplier;
    }
}
