package org.infinispan.server.security;

import java.security.Principal;
import java.util.Collection;
import java.util.List;
import java.util.Map;
import java.util.concurrent.ScheduledExecutorService;
import javax.security.sasl.SaslException;
import javax.security.sasl.SaslServer;
import javax.security.sasl.SaslServerFactory;
import org.infinispan.server.configuration.ServerConfiguration;
import org.infinispan.server.core.security.ServerAuthenticationProvider;
import org.infinispan.server.hotrod.configuration.HotRodServerConfiguration;
import org.wildfly.security.auth.server.MechanismConfiguration;
import org.wildfly.security.auth.server.MechanismConfigurationSelector;
import org.wildfly.security.auth.server.MechanismRealmConfiguration;
import org.wildfly.security.auth.server.sasl.SaslAuthenticationFactory;
import org.wildfly.security.sasl.util.AggregateSaslServerFactory;
import org.wildfly.security.sasl.util.FilterMechanismSaslServerFactory;
import org.wildfly.security.sasl.util.PropertiesSaslServerFactory;
import org.wildfly.security.sasl.util.ProtocolSaslServerFactory;
import org.wildfly.security.sasl.util.SaslFactories;
import org.wildfly.security.sasl.util.ServerNameSaslServerFactory;

/* loaded from: input_file:org/infinispan/server/security/ElytronSASLAuthenticationProvider.class */
public class ElytronSASLAuthenticationProvider implements ServerAuthenticationProvider {
    private final String name;
    private final String serverPrincipal;
    private final Collection<String> mechanisms;
    private SaslAuthenticationFactory saslAuthenticationFactory;

    public ElytronSASLAuthenticationProvider(String str, String str2, Collection<String> collection) {
        this.name = str;
        this.serverPrincipal = str2;
        this.mechanisms = collection;
    }

    public static void init(HotRodServerConfiguration hotRodServerConfiguration, ServerConfiguration serverConfiguration, ScheduledExecutorService scheduledExecutorService) {
        ElytronSASLAuthenticationProvider elytronSASLAuthenticationProvider = (ElytronSASLAuthenticationProvider) hotRodServerConfiguration.authentication().serverAuthenticationProvider();
        if (elytronSASLAuthenticationProvider != null) {
            elytronSASLAuthenticationProvider.init(serverConfiguration, scheduledExecutorService);
        }
    }

    public void init(ServerConfiguration serverConfiguration, ScheduledExecutorService scheduledExecutorService) {
        ServerSecurityRealm serverSecurityRealm = serverConfiguration.security().realms().getRealm(this.name).serverSecurityRealm();
        SaslAuthenticationFactory.Builder builder = SaslAuthenticationFactory.builder();
        builder.setFactory(new AggregateSaslServerFactory(new SaslServerFactory[]{new FilterMechanismSaslServerFactory(SaslFactories.getProviderSaslServerFactory(), true, this.mechanisms)}));
        builder.setSecurityDomain(serverSecurityRealm.getSecurityDomain());
        MechanismConfiguration.Builder builder2 = MechanismConfiguration.builder();
        serverSecurityRealm.applyServerCredentials(builder2, this.serverPrincipal);
        MechanismRealmConfiguration.Builder builder3 = MechanismRealmConfiguration.builder();
        builder3.setRealmName(this.name);
        builder2.addMechanismRealm(builder3.build());
        builder.setMechanismConfigurationSelector(MechanismConfigurationSelector.constantSelector(builder2.build()));
        builder.setScheduledExecutorService(scheduledExecutorService);
        this.saslAuthenticationFactory = builder.build();
    }

    public SaslServer createSaslServer(String str, List<Principal> list, String str2, String str3, Map<String, String> map) throws SaslException {
        SaslServer saslServer = (SaslServer) this.saslAuthenticationFactory.createMechanism(str, saslServerFactory -> {
            PropertiesSaslServerFactory protocolSaslServerFactory = new ProtocolSaslServerFactory(new ServerNameSaslServerFactory(saslServerFactory, str3), str2);
            return map != null ? new PropertiesSaslServerFactory(protocolSaslServerFactory, map) : protocolSaslServerFactory;
        });
        if (saslServer == null) {
            return null;
        }
        return new ElytronSubjectSaslServer(saslServer, list, null);
    }
}
