package org.wildfly.security.auth.server;

import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.security.spec.InvalidKeySpecException;
import java.util.Collection;
import java.util.Iterator;
import java.util.concurrent.atomic.AtomicReference;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.sasl.AuthorizeCallback;
import javax.security.sasl.RealmCallback;
import org.wildfly.common.Assert;
import org.wildfly.security.SecurityFactory;
import org.wildfly.security._private.ElytronMessages;
import org.wildfly.security.auth.callback.AnonymousAuthorizationCallback;
import org.wildfly.security.auth.callback.AuthenticationCompleteCallback;
import org.wildfly.security.auth.callback.AvailableRealmsCallback;
import org.wildfly.security.auth.callback.CallbackUtil;
import org.wildfly.security.auth.callback.CredentialCallback;
import org.wildfly.security.auth.callback.EvidenceVerifyCallback;
import org.wildfly.security.auth.callback.FastUnsupportedCallbackException;
import org.wildfly.security.auth.callback.PeerPrincipalCallback;
import org.wildfly.security.auth.callback.SecurityIdentityCallback;
import org.wildfly.security.auth.callback.ServerCredentialCallback;
import org.wildfly.security.auth.callback.SocketAddressCallback;
import org.wildfly.security.auth.permission.LoginPermission;
import org.wildfly.security.auth.principal.NamePrincipal;
import org.wildfly.security.auth.server.event.RealmFailedAuthenticationEvent;
import org.wildfly.security.auth.server.event.RealmIdentityFailedAuthorizationEvent;
import org.wildfly.security.auth.server.event.RealmIdentitySuccessfulAuthorizationEvent;
import org.wildfly.security.auth.server.event.RealmSuccessfulAuthenticationEvent;
import org.wildfly.security.authz.AuthorizationIdentity;
import org.wildfly.security.credential.Credential;
import org.wildfly.security.credential.PasswordCredential;
import org.wildfly.security.evidence.Evidence;
import org.wildfly.security.password.PasswordFactory;
import org.wildfly.security.password.TwoWayPassword;
import org.wildfly.security.password.spec.ClearPasswordSpec;

/* loaded from: input_file:org/wildfly/security/auth/server/ServerAuthenticationContext.class */
public final class ServerAuthenticationContext {
    private final SecurityDomain domain;
    private final AtomicReference<State> stateRef = new AtomicReference<>(INITIAL);
    private final MechanismConfiguration mechanismConfiguration;
    private static final int INITIAL_ID = 0;
    private static final int FAILED_ID = 1;
    private static final int REALM_ID = 2;
    private static final int ASSIGNED_ID = 3;
    private static final int AUTHORIZED_ID = 4;
    private static final int COMPLETE_ID = 5;
    private static final SimpleState INITIAL;
    private static final SimpleState FAILED;
    static final /* synthetic */ boolean $assertionsDisabled;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/wildfly/security/auth/server/ServerAuthenticationContext$AuthorizedState.class */
    public static final class AuthorizedState extends State {
        private final SecurityIdentity securityIdentity;
        private final Principal authenticationPrincipal;
        private final RealmInfo realmInfo;
        private final RealmIdentity realmIdentity;
        private final MechanismRealmConfiguration mechanismRealmConfiguration;

        AuthorizedState(SecurityIdentity securityIdentity, Principal principal, RealmInfo realmInfo, RealmIdentity realmIdentity, MechanismRealmConfiguration mechanismRealmConfiguration) {
            this.securityIdentity = securityIdentity;
            this.authenticationPrincipal = principal;
            this.realmInfo = realmInfo;
            this.realmIdentity = realmIdentity;
            this.mechanismRealmConfiguration = mechanismRealmConfiguration;
        }

        @Override // org.wildfly.security.auth.server.ServerAuthenticationContext.State
        int getId() {
            return 4;
        }

        @Override // org.wildfly.security.auth.server.ServerAuthenticationContext.State
        MechanismRealmConfiguration getMechanismRealmConfiguration() {
            return this.mechanismRealmConfiguration;
        }

        @Override // org.wildfly.security.auth.server.ServerAuthenticationContext.State
        SecurityIdentity getAuthorizedIdentity() {
            return this.securityIdentity;
        }

        @Override // org.wildfly.security.auth.server.ServerAuthenticationContext.State
        Principal getAuthenticationPrincipal() {
            return this.authenticationPrincipal;
        }

        @Override // org.wildfly.security.auth.server.ServerAuthenticationContext.State
        SupportLevel getCredentialAcquireSupport(Class<? extends Credential> cls, String str) throws RealmUnavailableException {
            return this.realmIdentity.getCredentialAcquireSupport(cls, str);
        }

        @Override // org.wildfly.security.auth.server.ServerAuthenticationContext.State
        SupportLevel getEvidenceVerifySupport(Class<? extends Evidence> cls, String str) throws RealmUnavailableException {
            return this.realmIdentity.getEvidenceVerifySupport(cls, str);
        }

        @Override // org.wildfly.security.auth.server.ServerAuthenticationContext.State
        <C extends Credential> C getCredential(Class<C> cls, String str) throws RealmUnavailableException {
            return (C) this.realmIdentity.getCredential(cls, str);
        }

        @Override // org.wildfly.security.auth.server.ServerAuthenticationContext.State
        boolean verifyEvidence(Evidence evidence) throws RealmUnavailableException {
            return this.realmIdentity.verifyEvidence(evidence);
        }

        @Override // org.wildfly.security.auth.server.ServerAuthenticationContext.State
        RealmInfo getRealmInfo() {
            return this.realmInfo;
        }

        @Override // org.wildfly.security.auth.server.ServerAuthenticationContext.State
        RealmIdentity getRealmIdentity() {
            return this.realmIdentity;
        }

        @Override // org.wildfly.security.auth.server.ServerAuthenticationContext.State
        boolean isDone() {
            return false;
        }

        @Override // org.wildfly.security.auth.server.ServerAuthenticationContext.State
        boolean isStarted() {
            return true;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/wildfly/security/auth/server/ServerAuthenticationContext$CompleteState.class */
    public static final class CompleteState extends State {
        private final SecurityIdentity identity;

        public CompleteState(SecurityIdentity securityIdentity) {
            this.identity = securityIdentity;
        }

        @Override // org.wildfly.security.auth.server.ServerAuthenticationContext.State
        int getId() {
            return 5;
        }

        @Override // org.wildfly.security.auth.server.ServerAuthenticationContext.State
        SecurityIdentity getAuthorizedIdentity() {
            return this.identity;
        }

        @Override // org.wildfly.security.auth.server.ServerAuthenticationContext.State
        boolean isDone() {
            return true;
        }

        @Override // org.wildfly.security.auth.server.ServerAuthenticationContext.State
        boolean isStarted() {
            return true;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/wildfly/security/auth/server/ServerAuthenticationContext$NameAssignedState.class */
    public static final class NameAssignedState extends State {
        private final Principal authenticationPrincipal;
        private final RealmInfo realmInfo;
        private final RealmIdentity realmIdentity;
        private final MechanismRealmConfiguration mechanismRealmConfiguration;

        NameAssignedState(Principal principal, RealmInfo realmInfo, RealmIdentity realmIdentity, MechanismRealmConfiguration mechanismRealmConfiguration) {
            this.authenticationPrincipal = principal;
            this.realmInfo = realmInfo;
            this.realmIdentity = realmIdentity;
            this.mechanismRealmConfiguration = mechanismRealmConfiguration;
        }

        @Override // org.wildfly.security.auth.server.ServerAuthenticationContext.State
        int getId() {
            return 3;
        }

        @Override // org.wildfly.security.auth.server.ServerAuthenticationContext.State
        MechanismRealmConfiguration getMechanismRealmConfiguration() {
            return this.mechanismRealmConfiguration;
        }

        @Override // org.wildfly.security.auth.server.ServerAuthenticationContext.State
        Principal getAuthenticationPrincipal() {
            return this.authenticationPrincipal;
        }

        @Override // org.wildfly.security.auth.server.ServerAuthenticationContext.State
        SupportLevel getCredentialAcquireSupport(Class<? extends Credential> cls, String str) throws RealmUnavailableException {
            return this.realmIdentity.getCredentialAcquireSupport(cls, str);
        }

        @Override // org.wildfly.security.auth.server.ServerAuthenticationContext.State
        SupportLevel getEvidenceVerifySupport(Class<? extends Evidence> cls, String str) throws RealmUnavailableException {
            return this.realmIdentity.getEvidenceVerifySupport(cls, str);
        }

        @Override // org.wildfly.security.auth.server.ServerAuthenticationContext.State
        <C extends Credential> C getCredential(Class<C> cls, String str) throws RealmUnavailableException {
            return (C) this.realmIdentity.getCredential(cls, str);
        }

        @Override // org.wildfly.security.auth.server.ServerAuthenticationContext.State
        boolean verifyEvidence(Evidence evidence) throws RealmUnavailableException {
            return this.realmIdentity.verifyEvidence(evidence);
        }

        @Override // org.wildfly.security.auth.server.ServerAuthenticationContext.State
        RealmInfo getRealmInfo() {
            return this.realmInfo;
        }

        @Override // org.wildfly.security.auth.server.ServerAuthenticationContext.State
        RealmIdentity getRealmIdentity() {
            return this.realmIdentity;
        }

        @Override // org.wildfly.security.auth.server.ServerAuthenticationContext.State
        boolean isDone() {
            return false;
        }

        @Override // org.wildfly.security.auth.server.ServerAuthenticationContext.State
        boolean isStarted() {
            return true;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/wildfly/security/auth/server/ServerAuthenticationContext$RealmAssignedState.class */
    public static final class RealmAssignedState extends State {
        private final MechanismRealmConfiguration mechanismRealmConfiguration;

        RealmAssignedState(MechanismRealmConfiguration mechanismRealmConfiguration) {
            this.mechanismRealmConfiguration = mechanismRealmConfiguration;
        }

        @Override // org.wildfly.security.auth.server.ServerAuthenticationContext.State
        int getId() {
            return 2;
        }

        @Override // org.wildfly.security.auth.server.ServerAuthenticationContext.State
        MechanismRealmConfiguration getMechanismRealmConfiguration() {
            return this.mechanismRealmConfiguration;
        }

        @Override // org.wildfly.security.auth.server.ServerAuthenticationContext.State
        boolean isDone() {
            return false;
        }

        @Override // org.wildfly.security.auth.server.ServerAuthenticationContext.State
        boolean isStarted() {
            return true;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/wildfly/security/auth/server/ServerAuthenticationContext$SimpleState.class */
    public static final class SimpleState extends State {
        private final int id;
        private final boolean done;
        private final boolean started;

        SimpleState(int i, boolean z, boolean z2) {
            this.id = i;
            this.done = z;
            this.started = z2;
        }

        @Override // org.wildfly.security.auth.server.ServerAuthenticationContext.State
        public int getId() {
            return this.id;
        }

        @Override // org.wildfly.security.auth.server.ServerAuthenticationContext.State
        boolean isDone() {
            return this.done;
        }

        @Override // org.wildfly.security.auth.server.ServerAuthenticationContext.State
        boolean isStarted() {
            return this.started;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/wildfly/security/auth/server/ServerAuthenticationContext$State.class */
    public static abstract class State {
        State() {
        }

        abstract int getId();

        MechanismRealmConfiguration getMechanismRealmConfiguration() {
            throw ElytronMessages.log.noAuthenticationInProgress();
        }

        SecurityIdentity getAuthorizedIdentity() {
            throw ElytronMessages.log.noAuthenticationInProgress();
        }

        Principal getAuthenticationPrincipal() {
            throw ElytronMessages.log.noAuthenticationInProgress();
        }

        SupportLevel getCredentialAcquireSupport(Class<? extends Credential> cls, String str) throws RealmUnavailableException {
            throw ElytronMessages.log.noAuthenticationInProgress();
        }

        SupportLevel getEvidenceVerifySupport(Class<? extends Evidence> cls, String str) throws RealmUnavailableException {
            throw ElytronMessages.log.noAuthenticationInProgress();
        }

        <C extends Credential> C getCredential(Class<C> cls, String str) throws RealmUnavailableException {
            throw ElytronMessages.log.noAuthenticationInProgress();
        }

        boolean verifyEvidence(Evidence evidence) throws RealmUnavailableException {
            throw ElytronMessages.log.noAuthenticationInProgress();
        }

        RealmInfo getRealmInfo() {
            throw ElytronMessages.log.noAuthenticationInProgress();
        }

        RealmIdentity getRealmIdentity() {
            throw ElytronMessages.log.noAuthenticationInProgress();
        }

        abstract boolean isDone();

        abstract boolean isStarted();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public ServerAuthenticationContext(SecurityDomain securityDomain, MechanismConfiguration mechanismConfiguration) {
        this.domain = securityDomain;
        this.mechanismConfiguration = mechanismConfiguration;
    }

    public SecurityIdentity getAuthorizedIdentity() throws IllegalStateException {
        return this.stateRef.get().getAuthorizedIdentity();
    }

    public void anonymous() throws IllegalStateException {
        State state = this.stateRef.get();
        if (state.getId() > 2) {
            throw ElytronMessages.log.alreadyComplete();
        }
        CompleteState completeState = new CompleteState(this.domain.getAnonymousSecurityIdentity());
        while (!this.stateRef.compareAndSet(state, completeState)) {
            state = this.stateRef.get();
            if (state.getId() > 2) {
                throw ElytronMessages.log.alreadyComplete();
            }
        }
    }

    public void setAuthenticationName(String str) throws IllegalArgumentException, RealmUnavailableException, IllegalStateException {
        MechanismRealmConfiguration mechanismRealmConfiguration;
        Assert.checkNotNullParam("name", str);
        AtomicReference<State> atomicReference = this.stateRef;
        State state = atomicReference.get();
        if (state.isDone()) {
            throw ElytronMessages.log.alreadyComplete();
        }
        SecurityDomain securityDomain = this.domain;
        MechanismConfiguration mechanismConfiguration = this.mechanismConfiguration;
        if (state.getId() != 0) {
            mechanismRealmConfiguration = state.getMechanismRealmConfiguration();
        } else {
            Iterator<String> it = mechanismConfiguration.getMechanismRealmNames().iterator();
            mechanismRealmConfiguration = it.hasNext() ? mechanismConfiguration.getMechanismRealmConfiguration(it.next()) : MechanismRealmConfiguration.NO_REALM;
        }
        String rewriteAll = rewriteAll(str, mechanismRealmConfiguration.getPreRealmRewriter(), mechanismConfiguration.getPreRealmRewriter(), securityDomain.getPreRealmRewriter());
        NamePrincipal namePrincipal = new NamePrincipal(rewriteAll);
        String rewriteAll2 = rewriteAll(rewriteAll, mechanismRealmConfiguration.getPostRealmRewriter(), mechanismConfiguration.getPostRealmRewriter(), securityDomain.getPostRealmRewriter());
        RealmInfo realmInfo = securityDomain.getRealmInfo(mapAll(rewriteAll2, mechanismRealmConfiguration.getRealmMapper(), mechanismConfiguration.getRealmMapper(), securityDomain.getRealmMapper(), securityDomain.getDefaultRealmName()));
        String rewriteAll3 = rewriteAll(rewriteAll2, mechanismRealmConfiguration.getFinalRewriter(), mechanismConfiguration.getFinalRewriter(), realmInfo.getNameRewriter());
        if (state.getId() == 3) {
            if (!state.getAuthenticationPrincipal().getName().equals(rewriteAll3) || state.getMechanismRealmConfiguration() != mechanismRealmConfiguration) {
                throw ElytronMessages.log.nameAlreadySet();
            }
            return;
        }
        RealmIdentity realmIdentity = realmInfo.getSecurityRealm().getRealmIdentity(rewriteAll3);
        try {
            NameAssignedState nameAssignedState = new NameAssignedState(namePrincipal, realmInfo, realmIdentity, mechanismRealmConfiguration);
            while (!atomicReference.compareAndSet(state, nameAssignedState)) {
                state = atomicReference.get();
                if (state.isDone()) {
                    throw ElytronMessages.log.alreadyComplete();
                }
                if (state.getId() == 3) {
                    if (!state.getAuthenticationPrincipal().equals(namePrincipal)) {
                        throw ElytronMessages.log.nameAlreadySet();
                    }
                    if (r0) {
                        return;
                    } else {
                        return;
                    }
                }
            }
            if (1 == 0) {
                realmIdentity.dispose();
            }
        } finally {
            if (0 == 0) {
                realmIdentity.dispose();
            }
        }
    }

    public void setAuthenticationPrincipal(Principal principal) throws IllegalArgumentException, RealmUnavailableException, IllegalStateException {
        Assert.checkNotNullParam("principal", principal);
        String name = this.domain.getPrincipalDecoder().getName(principal);
        if (name == null) {
            throw ElytronMessages.log.unrecognizedPrincipalType(principal);
        }
        setAuthenticationName(name);
    }

    public boolean isSameName(String str) throws IllegalArgumentException, RealmUnavailableException, IllegalStateException {
        MechanismRealmConfiguration mechanismRealmConfiguration;
        Assert.checkNotNullParam("name", str);
        SecurityDomain securityDomain = this.domain;
        MechanismConfiguration mechanismConfiguration = this.mechanismConfiguration;
        State state = this.stateRef.get();
        if (state.getId() != 0) {
            mechanismRealmConfiguration = state.getMechanismRealmConfiguration();
        } else {
            Iterator<String> it = mechanismConfiguration.getMechanismRealmNames().iterator();
            mechanismRealmConfiguration = it.hasNext() ? mechanismConfiguration.getMechanismRealmConfiguration(it.next()) : MechanismRealmConfiguration.NO_REALM;
        }
        String rewriteAll = rewriteAll(str, mechanismRealmConfiguration.getPreRealmRewriter(), mechanismConfiguration.getPreRealmRewriter(), securityDomain.getPreRealmRewriter());
        return state.getAuthenticationPrincipal().getName().equals(rewriteAll(rewriteAll(rewriteAll, mechanismRealmConfiguration.getPostRealmRewriter(), mechanismConfiguration.getPostRealmRewriter(), securityDomain.getPostRealmRewriter()), mechanismRealmConfiguration.getFinalRewriter(), mechanismConfiguration.getFinalRewriter(), securityDomain.getRealmInfo(mapAll(rewriteAll, mechanismRealmConfiguration.getRealmMapper(), mechanismConfiguration.getRealmMapper(), securityDomain.getRealmMapper(), securityDomain.getDefaultRealmName())).getNameRewriter()));
    }

    public boolean exists() throws RealmUnavailableException, IllegalStateException {
        return this.stateRef.get().getRealmIdentity().exists();
    }

    public boolean isSamePrincipal(Principal principal) throws IllegalArgumentException, RealmUnavailableException, IllegalStateException {
        Assert.checkNotNullParam("principal", principal);
        String name = this.domain.getPrincipalDecoder().getName(principal);
        return name != null && isSameName(name);
    }

    public void fail() throws IllegalStateException {
        State state;
        do {
            state = this.stateRef.get();
            if (state.isDone()) {
                throw ElytronMessages.log.alreadyComplete();
            }
            if (!state.isStarted()) {
                throw ElytronMessages.log.noAuthenticationInProgress();
            }
        } while (!this.stateRef.compareAndSet(state, FAILED));
        RealmIdentity realmIdentity = state.getRealmIdentity();
        SecurityRealm.safeHandleRealmEvent(state.getRealmInfo().getSecurityRealm(), new RealmFailedAuthenticationEvent(realmIdentity, null, null));
        if (state.getId() == 3) {
            realmIdentity.dispose();
        }
    }

    public boolean authorize() throws RealmUnavailableException, IllegalStateException {
        State state = this.stateRef.get();
        if (state.isDone()) {
            throw ElytronMessages.log.alreadyComplete();
        }
        if (state.getId() == 4) {
            return true;
        }
        if (state.getId() < 3) {
            throw ElytronMessages.log.noAuthenticationInProgress();
        }
        RealmIdentity realmIdentity = state.getRealmIdentity();
        if (!realmIdentity.exists()) {
            return false;
        }
        RealmInfo realmInfo = state.getRealmInfo();
        Principal authenticationPrincipal = state.getAuthenticationPrincipal();
        SecurityIdentity securityIdentity = new SecurityIdentity(this.domain, authenticationPrincipal, realmInfo, realmIdentity.getAuthorizationIdentity(), this.domain.getCategoryRoleMappers());
        if (!securityIdentity.getPermissions().implies(new LoginPermission())) {
            SecurityRealm.safeHandleRealmEvent(realmInfo.getSecurityRealm(), new RealmIdentityFailedAuthorizationEvent(securityIdentity.getAuthorizationIdentity(), securityIdentity.getPrincipal(), authenticationPrincipal));
            return false;
        }
        AuthorizedState authorizedState = new AuthorizedState(securityIdentity, authenticationPrincipal, realmInfo, realmIdentity, state.getMechanismRealmConfiguration());
        while (!this.stateRef.compareAndSet(state, authorizedState)) {
            state = this.stateRef.get();
            if (state.isDone()) {
                throw ElytronMessages.log.alreadyComplete();
            }
            if (state.getId() == 4) {
                return true;
            }
            if (state.getId() < 3) {
                throw ElytronMessages.log.noAuthenticationInProgress();
            }
            if (!$assertionsDisabled && state.getId() != 3) {
                throw new AssertionError();
            }
            if (!$assertionsDisabled && state.getRealmIdentity() != realmIdentity) {
                throw new AssertionError();
            }
        }
        SecurityRealm.safeHandleRealmEvent(realmInfo.getSecurityRealm(), new RealmIdentitySuccessfulAuthorizationEvent(securityIdentity.getAuthorizationIdentity(), securityIdentity.getPrincipal(), authenticationPrincipal));
        state.getRealmIdentity().dispose();
        return true;
    }

    /* JADX WARN: Code restructure failed: missing block: B:36:0x018c, code lost:
    
        r20 = true;
        r0.getRealmIdentity().dispose();
     */
    /* JADX WARN: Code restructure failed: missing block: B:37:0x019d, code lost:
    
        if (1 != 0) goto L48;
     */
    /* JADX WARN: Code restructure failed: missing block: B:38:0x01a0, code lost:
    
        r0.dispose();
     */
    /* JADX WARN: Code restructure failed: missing block: B:40:0x01a9, code lost:
    
        return true;
     */
    /* JADX WARN: Finally extract failed */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public boolean authorize(java.lang.String r9) throws java.lang.IllegalArgumentException, org.wildfly.security.auth.server.RealmUnavailableException, java.lang.IllegalStateException {
        /*
            Method dump skipped, instructions count: 461
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.wildfly.security.auth.server.ServerAuthenticationContext.authorize(java.lang.String):boolean");
    }

    public void succeed() throws IllegalStateException, RealmUnavailableException {
        State state = this.stateRef.get();
        if (state.isDone()) {
            throw ElytronMessages.log.alreadyComplete();
        }
        if (!state.isStarted()) {
            anonymous();
            return;
        }
        RealmInfo realmInfo = state.getRealmInfo();
        RealmIdentity realmIdentity = state.getRealmIdentity();
        AuthorizationIdentity authorizationIdentity = realmIdentity.getAuthorizationIdentity();
        CompleteState completeState = new CompleteState(new SecurityIdentity(this.domain, state.getAuthenticationPrincipal(), realmInfo, authorizationIdentity, this.domain.getCategoryRoleMappers()));
        while (!this.stateRef.compareAndSet(state, completeState)) {
            state = this.stateRef.get();
            if (state.isDone()) {
                throw ElytronMessages.log.alreadyComplete();
            }
            if (!state.isStarted()) {
                throw ElytronMessages.log.noAuthenticationInProgress();
            }
        }
        SecurityRealm.safeHandleRealmEvent(realmInfo.getSecurityRealm(), new RealmSuccessfulAuthenticationEvent(realmIdentity, authorizationIdentity, null, null));
        realmIdentity.dispose();
    }

    public boolean isDone() {
        return this.stateRef.get().isDone();
    }

    public Principal getAuthenticationPrincipal() throws RealmUnavailableException {
        return this.stateRef.get().getAuthenticationPrincipal();
    }

    public SupportLevel getCredentialAcquireSupport(Class<? extends Credential> cls, String str) throws RealmUnavailableException {
        return this.stateRef.get().getCredentialAcquireSupport(cls, str);
    }

    public SupportLevel getCredentialAcquireSupport(Class<? extends Credential> cls) throws RealmUnavailableException {
        return this.stateRef.get().getCredentialAcquireSupport(cls, null);
    }

    public SupportLevel getEvidenceVerifySupport(Class<? extends Evidence> cls, String str) throws RealmUnavailableException {
        Assert.checkNotNullParam("evidenceType", cls);
        return this.stateRef.get().getEvidenceVerifySupport(cls, str);
    }

    public SupportLevel getEvidenceVerifySupport(Class<? extends Evidence> cls) throws RealmUnavailableException {
        Assert.checkNotNullParam("evidenceType", cls);
        return this.stateRef.get().getEvidenceVerifySupport(cls, null);
    }

    public <C extends Credential> C getCredential(Class<C> cls, String str) throws RealmUnavailableException {
        return (C) this.stateRef.get().getCredential(cls, str);
    }

    public <C extends Credential> C getCredential(Class<C> cls) throws RealmUnavailableException {
        return (C) this.stateRef.get().getCredential(cls, null);
    }

    public boolean verifyEvidence(Evidence evidence) throws RealmUnavailableException {
        return this.stateRef.get().verifyEvidence(evidence);
    }

    /* JADX WARN: Failed to find 'out' block for switch in B:11:0x0045. Please report as an issue. */
    public void setMechanismRealmName(String str) throws IllegalStateException, IllegalArgumentException {
        State state;
        MechanismConfiguration mechanismConfiguration = this.mechanismConfiguration;
        if (mechanismConfiguration.getMechanismRealmNames().isEmpty()) {
            return;
        }
        MechanismRealmConfiguration mechanismRealmConfiguration = mechanismConfiguration.getMechanismRealmConfiguration(str);
        if (mechanismRealmConfiguration == null) {
            throw ElytronMessages.log.invalidMechRealmSelection(str);
        }
        AtomicReference<State> atomicReference = this.stateRef;
        RealmAssignedState realmAssignedState = new RealmAssignedState(mechanismRealmConfiguration);
        do {
            state = atomicReference.get();
            switch (state.getId()) {
                case 0:
                    break;
                case 1:
                case 5:
                    throw ElytronMessages.log.alreadyComplete();
                case 2:
                    if (mechanismRealmConfiguration == state.getMechanismRealmConfiguration()) {
                        return;
                    }
                    throw ElytronMessages.log.mechRealmAlreadySelected();
                case 3:
                case 4:
                    throw ElytronMessages.log.mechRealmAlreadySelected();
                default:
                    throw Assert.impossibleSwitchCase(state.getId());
            }
        } while (!atomicReference.compareAndSet(state, realmAssignedState));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public CallbackHandler createCallbackHandler() {
        return new CallbackHandler() { // from class: org.wildfly.security.auth.server.ServerAuthenticationContext.1
            @Override // javax.security.auth.callback.CallbackHandler
            public void handle(Callback[] callbackArr) throws IOException, UnsupportedCallbackException {
                handleOne(callbackArr, 0);
            }

            private void handleOne(Callback[] callbackArr, int i) throws IOException, UnsupportedCallbackException {
                Credential create;
                TwoWayPassword twoWayPassword;
                if (i == callbackArr.length) {
                    return;
                }
                Callback callback = callbackArr[i];
                if (callback instanceof AnonymousAuthorizationCallback) {
                    ServerAuthenticationContext.this.anonymous();
                    ((AnonymousAuthorizationCallback) callback).setAuthorized(true);
                    handleOne(callbackArr, i + 1);
                    return;
                }
                if (callback instanceof AuthorizeCallback) {
                    AuthorizeCallback authorizeCallback = (AuthorizeCallback) callback;
                    ServerAuthenticationContext.this.setAuthenticationName(authorizeCallback.getAuthenticationID());
                    authorizeCallback.setAuthorized(ServerAuthenticationContext.this.authorize(authorizeCallback.getAuthorizationID()));
                    handleOne(callbackArr, i + 1);
                    return;
                }
                if (callback instanceof NameCallback) {
                    try {
                        ServerAuthenticationContext.this.setAuthenticationName(((NameCallback) callback).getDefaultName());
                        handleOne(callbackArr, i + 1);
                        return;
                    } catch (Exception e) {
                        throw new IOException(e);
                    }
                }
                if (callback instanceof PeerPrincipalCallback) {
                    try {
                        ServerAuthenticationContext.this.setAuthenticationPrincipal(((PeerPrincipalCallback) callback).getPrincipal());
                        handleOne(callbackArr, i + 1);
                        return;
                    } catch (Exception e2) {
                        throw new IOException(e2);
                    }
                }
                if (callback instanceof PasswordCallback) {
                    PasswordCallback passwordCallback = (PasswordCallback) callback;
                    if (!ServerAuthenticationContext.this.getCredentialAcquireSupport(PasswordCredential.class).mayBeSupported()) {
                        throw new FastUnsupportedCallbackException(callback);
                    }
                    PasswordCredential passwordCredential = (PasswordCredential) ServerAuthenticationContext.this.getCredential(PasswordCredential.class);
                    if (passwordCredential == null || (twoWayPassword = (TwoWayPassword) passwordCredential.getPassword(TwoWayPassword.class)) == null) {
                        throw new FastUnsupportedCallbackException(callback);
                    }
                    try {
                        passwordCallback.setPassword(((ClearPasswordSpec) PasswordFactory.getInstance(twoWayPassword.getAlgorithm()).getKeySpec(twoWayPassword, ClearPasswordSpec.class)).getEncodedPassword());
                        handleOne(callbackArr, i + 1);
                        return;
                    } catch (NoSuchAlgorithmException | InvalidKeySpecException e3) {
                        throw new FastUnsupportedCallbackException(callback);
                    }
                }
                if (callback instanceof CredentialCallback) {
                    if (!((State) ServerAuthenticationContext.this.stateRef.get()).isStarted()) {
                        throw new FastUnsupportedCallbackException(callback);
                    }
                    CredentialCallback credentialCallback = (CredentialCallback) callback;
                    Credential credential = ServerAuthenticationContext.this.getCredential(credentialCallback.getCredentialType(), credentialCallback.getAlgorithm());
                    if (credential == null) {
                        throw new FastUnsupportedCallbackException(callback);
                    }
                    credentialCallback.setCredential(credential);
                    handleOne(callbackArr, i + 1);
                    return;
                }
                if (callback instanceof ServerCredentialCallback) {
                    ServerCredentialCallback serverCredentialCallback = (ServerCredentialCallback) callback;
                    Iterator<SecurityFactory<Credential>> it = ServerAuthenticationContext.this.mechanismConfiguration.getServerCredentialFactories().iterator();
                    while (it.hasNext()) {
                        try {
                            create = it.next().create();
                        } catch (GeneralSecurityException e4) {
                        }
                        if (serverCredentialCallback.isCredentialSupported(create)) {
                            serverCredentialCallback.setCredential(create);
                            handleOne(callbackArr, i + 1);
                            return;
                        }
                        continue;
                    }
                    throw new FastUnsupportedCallbackException(callback);
                }
                if (callback instanceof EvidenceVerifyCallback) {
                    EvidenceVerifyCallback evidenceVerifyCallback = (EvidenceVerifyCallback) callback;
                    evidenceVerifyCallback.setVerified(ServerAuthenticationContext.this.verifyEvidence(evidenceVerifyCallback.getEvidence()));
                    return;
                }
                if (callback instanceof AuthenticationCompleteCallback) {
                    if (!ServerAuthenticationContext.this.isDone()) {
                        if (((AuthenticationCompleteCallback) callback).succeeded()) {
                            ServerAuthenticationContext.this.succeed();
                        } else {
                            ServerAuthenticationContext.this.fail();
                        }
                    }
                    handleOne(callbackArr, i + 1);
                    return;
                }
                if (callback instanceof SocketAddressCallback) {
                    if (((SocketAddressCallback) callback).getKind() == SocketAddressCallback.Kind.PEER) {
                    }
                    handleOne(callbackArr, i + 1);
                    return;
                }
                if (callback instanceof SecurityIdentityCallback) {
                    ((SecurityIdentityCallback) callback).setSecurityIdentity(ServerAuthenticationContext.this.getAuthorizedIdentity());
                    handleOne(callbackArr, i + 1);
                    return;
                }
                if (callback instanceof AvailableRealmsCallback) {
                    Collection<String> mechanismRealmNames = ServerAuthenticationContext.this.mechanismConfiguration.getMechanismRealmNames();
                    if (!mechanismRealmNames.isEmpty()) {
                        ((AvailableRealmsCallback) callback).setRealmNames((String[]) mechanismRealmNames.toArray(new String[mechanismRealmNames.size()]));
                    }
                    handleOne(callbackArr, i + 1);
                    return;
                }
                if (!(callback instanceof RealmCallback)) {
                    CallbackUtil.unsupported(callback);
                    return;
                }
                RealmCallback realmCallback = (RealmCallback) callback;
                String text = realmCallback.getText();
                if (text == null) {
                    text = realmCallback.getDefaultText();
                }
                ServerAuthenticationContext.this.setMechanismRealmName(text);
                handleOne(callbackArr, i + 1);
            }
        };
    }

    private static String validatedRewrite(String str, NameRewriter nameRewriter) {
        String rewriteName = nameRewriter.rewriteName(str);
        if (rewriteName == null) {
            throw ElytronMessages.log.invalidName();
        }
        return rewriteName;
    }

    static String rewriteAll(String str, NameRewriter nameRewriter, NameRewriter nameRewriter2, NameRewriter nameRewriter3) {
        return nameRewriter != null ? validatedRewrite(str, nameRewriter) : nameRewriter2 != null ? validatedRewrite(str, nameRewriter2) : nameRewriter3 != null ? validatedRewrite(str, nameRewriter3) : str;
    }

    static String mapAll(String str, RealmMapper realmMapper, RealmMapper realmMapper2, RealmMapper realmMapper3, String str2) {
        return realmMapper != null ? mapRealmName(str, realmMapper, str2) : realmMapper2 != null ? mapRealmName(str, realmMapper2, str2) : realmMapper3 != null ? mapRealmName(str, realmMapper3, str2) : str2;
    }

    private static String mapRealmName(String str, RealmMapper realmMapper, String str2) {
        String realmMapping = realmMapper.getRealmMapping(str);
        return realmMapping != null ? realmMapping : str2;
    }

    static {
        $assertionsDisabled = !ServerAuthenticationContext.class.desiredAssertionStatus();
        INITIAL = new SimpleState(0, false, false);
        FAILED = new SimpleState(1, true, true);
    }
}
