package org.jboss.as.server.controller.git;

import java.io.File;
import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
import java.nio.file.Files;
import java.nio.file.LinkOption;
import java.nio.file.Path;
import java.security.AccessController;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.util.Arrays;
import java.util.Collections;
import java.util.List;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.UnsupportedCallbackException;
import org.eclipse.jgit.annotations.NonNull;
import org.eclipse.jgit.errors.TransportException;
import org.eclipse.jgit.errors.UnsupportedCredentialItem;
import org.eclipse.jgit.internal.transport.sshd.CachingKeyPairProvider;
import org.eclipse.jgit.transport.CredentialItem;
import org.eclipse.jgit.transport.CredentialsProvider;
import org.eclipse.jgit.transport.URIish;
import org.eclipse.jgit.transport.sshd.IdentityPasswordProvider;
import org.eclipse.jgit.transport.sshd.KeyPasswordProvider;
import org.eclipse.jgit.transport.sshd.SshdSession;
import org.eclipse.jgit.transport.sshd.SshdSessionFactory;
import org.eclipse.jgit.util.FS;
import org.jboss.as.server.logging.ServerLogger;
import org.wildfly.client.config.ConfigXMLParseException;
import org.wildfly.security.auth.callback.CredentialCallback;
import org.wildfly.security.auth.client.AuthenticationConfiguration;
import org.wildfly.security.auth.client.AuthenticationContext;
import org.wildfly.security.auth.client.AuthenticationContextConfigurationClient;
import org.wildfly.security.auth.client.ElytronXmlParser;
import org.wildfly.security.credential.KeyPairCredential;
import org.wildfly.security.credential.PasswordCredential;
import org.wildfly.security.credential.SSHCredential;
import org.wildfly.security.password.interfaces.ClearPassword;

/* loaded from: input_file:org/jboss/as/server/controller/git/ElytronClientSshdSessionFactory.class */
class ElytronClientSshdSessionFactory extends SshdSessionFactory {
    private static AuthenticationContextConfigurationClient CLIENT = (AuthenticationContextConfigurationClient) AccessController.doPrivileged(AuthenticationContextConfigurationClient.ACTION);
    private final AuthenticationContext context;
    private final Map<Tuple, Iterable<KeyPair>> defaultKeys;
    private String[] defaultIdentities;
    private KeyPair keyPair;
    private URI uri;
    private String knownHostsFile;

    /* loaded from: input_file:org/jboss/as/server/controller/git/ElytronClientSshdSessionFactory$Tuple.class */
    private static final class Tuple {
        private final Object[] objects;

        public Tuple(Object[] objArr) {
            this.objects = objArr;
        }

        public boolean equals(Object obj) {
            if (obj == this) {
                return true;
            }
            if (obj == null || obj.getClass() != Tuple.class) {
                return false;
            }
            return Arrays.equals(this.objects, ((Tuple) obj).objects);
        }

        public int hashCode() {
            return Arrays.hashCode(this.objects);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public ElytronClientSshdSessionFactory(URI uri) throws ConfigXMLParseException, GeneralSecurityException {
        if (uri != null) {
            this.context = (AuthenticationContext) ElytronXmlParser.parseAuthenticationClientConfiguration(uri).create();
        } else {
            this.context = null;
        }
        this.defaultKeys = new ConcurrentHashMap();
        setSshDirectory(SSHCredential.DEFAULT_SSH_DIRECTORY);
        this.defaultIdentities = SSHCredential.DEFAULT_PRIVATE_KEYS;
        this.keyPair = null;
        this.knownHostsFile = SSHCredential.DEFAULT_KNOWN_HOSTS;
    }

    @NonNull
    protected List<Path> getDefaultIdentities(@NonNull File file) {
        return (List) Stream.of((Object[]) this.defaultIdentities).map(str -> {
            return file.toPath().resolve(str);
        }).filter(path -> {
            return Files.exists(path, new LinkOption[0]);
        }).collect(Collectors.toList());
    }

    /* renamed from: getSession, reason: merged with bridge method [inline-methods] */
    public SshdSession m30getSession(URIish uRIish, CredentialsProvider credentialsProvider, FS fs, int i) throws TransportException {
        if (this.context == null) {
            return super.getSession(uRIish, credentialsProvider, fs, i);
        }
        try {
            this.uri = urIishToUri(uRIish);
            AuthenticationConfiguration authenticationConfiguration = CLIENT.getAuthenticationConfiguration(this.uri, this.context);
            Callback credentialCallback = new CredentialCallback(SSHCredential.class, (String) null);
            Callback credentialCallback2 = new CredentialCallback(KeyPairCredential.class, (String) null);
            CLIENT.getCallbackHandler(authenticationConfiguration).handle(new Callback[]{credentialCallback, credentialCallback2});
            if (credentialCallback.getCredential() != null) {
                SSHCredential castAs = credentialCallback.getCredential().castAs(SSHCredential.class);
                setSshDirectory(castAs.getSshDirectory());
                this.defaultIdentities = castAs.getPrivateKeyIdentities();
                this.knownHostsFile = castAs.getKnownHostsFile();
            }
            if (credentialCallback2.getCredential() != null) {
                this.keyPair = credentialCallback2.getCredential().castAs(KeyPairCredential.class).getKeyPair();
            }
            return super.getSession(uRIish, credentialsProvider, fs, i);
        } catch (IOException | URISyntaxException | UnsupportedCallbackException e) {
            throw ServerLogger.ROOT_LOGGER.failedToLoadSSHCredentials(e, e.getMessage());
        }
    }

    protected KeyPasswordProvider createKeyPasswordProvider(CredentialsProvider credentialsProvider) {
        if (this.context == null) {
            return super.createKeyPasswordProvider(credentialsProvider);
        }
        final URI uri = this.uri;
        return new IdentityPasswordProvider(new CredentialsProvider() { // from class: org.jboss.as.server.controller.git.ElytronClientSshdSessionFactory.1
            public boolean isInteractive() {
                return false;
            }

            public boolean supports(CredentialItem... credentialItemArr) {
                for (CredentialItem credentialItem : credentialItemArr) {
                    if (!(credentialItem instanceof CredentialItem.Password)) {
                        return false;
                    }
                }
                return true;
            }

            public boolean get(URIish uRIish, CredentialItem... credentialItemArr) throws UnsupportedCredentialItem {
                try {
                    AuthenticationConfiguration authenticationConfiguration = ElytronClientSshdSessionFactory.CLIENT.getAuthenticationConfiguration(uri, ElytronClientSshdSessionFactory.this.context);
                    for (CredentialItem credentialItem : credentialItemArr) {
                        if (credentialItem instanceof CredentialItem.Password) {
                            Callback credentialCallback = new CredentialCallback(SSHCredential.class, (String) null);
                            ElytronClientSshdSessionFactory.CLIENT.getCallbackHandler(authenticationConfiguration).handle(new Callback[]{credentialCallback});
                            if (credentialCallback != null && credentialCallback.getCredential() != null) {
                                ((CredentialItem.Password) credentialItem).setValue((char[]) credentialCallback.getCredential().castAs(SSHCredential.class).getPassphrase().castAndApply(PasswordCredential.class, passwordCredential -> {
                                    return (char[]) passwordCredential.getPassword().castAndApply(ClearPassword.class, (v0) -> {
                                        return v0.getPassword();
                                    });
                                }));
                            }
                        }
                    }
                    return true;
                } catch (IOException | UnsupportedCallbackException e) {
                    throw new UnsupportedCredentialItem(uRIish, e.getMessage());
                }
            }
        });
    }

    @NonNull
    protected List<Path> getDefaultKnownHostsFiles(@NonNull File file) {
        return Collections.singletonList(file.toPath().resolve(this.knownHostsFile));
    }

    @NonNull
    protected Iterable<KeyPair> getDefaultKeys(@NonNull File file) {
        if (this.keyPair != null) {
            return Collections.singletonList(this.keyPair);
        }
        List<Path> defaultIdentities = getDefaultIdentities(file);
        return this.defaultKeys.computeIfAbsent(new Tuple(defaultIdentities.toArray(new Path[0])), tuple -> {
            return new CachingKeyPairProvider(defaultIdentities, getKeyCache());
        });
    }

    private URI urIishToUri(URIish uRIish) throws URISyntaxException {
        String user = uRIish.getUser();
        return new URI("ssh", user, uRIish.getHost(), uRIish.getPort(), user.equals("git") ? "/" + uRIish.getPath() : uRIish.getPath(), null, null);
    }
}
