package org.jboss.as.domain.management.security;

import java.security.KeyStore;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import org.jboss.as.controller.OperationContext;
import org.jboss.as.controller.OperationFailedException;
import org.jboss.as.controller.OperationStepHandler;
import org.jboss.as.controller.PathAddress;
import org.jboss.as.controller.ServiceVerificationHandler;
import org.jboss.as.controller.registry.Resource;
import org.jboss.as.domain.management.CallbackHandlerFactory;
import org.jboss.as.domain.management.connections.ConnectionManager;
import org.jboss.as.domain.management.connections.ldap.LdapConnectionManagerService;
import org.jboss.dmr.ModelNode;
import org.jboss.dmr.Property;
import org.jboss.msc.service.ServiceBuilder;
import org.jboss.msc.service.ServiceController;
import org.jboss.msc.service.ServiceName;
import org.jboss.msc.service.ServiceTarget;

/* loaded from: input_file:org/jboss/as/domain/management/security/SecurityRealmAddHandler.class */
public class SecurityRealmAddHandler implements OperationStepHandler {
    public static final SecurityRealmAddHandler INSTANCE = new SecurityRealmAddHandler();
    public static final String OPERATION_NAME = "add";

    /* loaded from: input_file:org/jboss/as/domain/management/security/SecurityRealmAddHandler$ServiceInstallStepHandler.class */
    private static class ServiceInstallStepHandler implements OperationStepHandler {
        private static final ServiceInstallStepHandler INSTANCE = new ServiceInstallStepHandler();

        private ServiceInstallStepHandler() {
        }

        public void execute(OperationContext operationContext, ModelNode modelNode) throws OperationFailedException {
            final ArrayList arrayList = new ArrayList();
            SecurityRealmAddHandler.INSTANCE.installServices(operationContext, ManagementUtil.getSecurityRealmName(modelNode), Resource.Tools.readModel(operationContext.readResource(PathAddress.EMPTY_ADDRESS)), new ServiceVerificationHandler(), arrayList);
            operationContext.completeStep(new OperationContext.RollbackHandler() { // from class: org.jboss.as.domain.management.security.SecurityRealmAddHandler.ServiceInstallStepHandler.1
                public void handleRollback(OperationContext operationContext2, ModelNode modelNode2) {
                    Iterator it = arrayList.iterator();
                    while (it.hasNext()) {
                        operationContext2.removeService((ServiceController) it.next());
                    }
                }
            });
        }
    }

    public void execute(OperationContext operationContext, ModelNode modelNode) throws OperationFailedException {
        operationContext.createResource(PathAddress.EMPTY_ADDRESS);
        operationContext.addStep(AuthenticationValidatingHandler.createOperation(modelNode), AuthenticationValidatingHandler.INSTANCE, OperationContext.Stage.MODEL);
        operationContext.addStep(new OperationStepHandler() { // from class: org.jboss.as.domain.management.security.SecurityRealmAddHandler.1
            public void execute(OperationContext operationContext2, ModelNode modelNode2) throws OperationFailedException {
                operationContext2.addStep(ServiceInstallStepHandler.INSTANCE, OperationContext.Stage.RUNTIME);
                operationContext2.completeStep(OperationContext.RollbackHandler.NOOP_ROLLBACK_HANDLER);
            }
        }, OperationContext.Stage.RUNTIME);
        operationContext.completeStep(OperationContext.RollbackHandler.NOOP_ROLLBACK_HANDLER);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void installServices(OperationContext operationContext, String str, ModelNode modelNode, ServiceVerificationHandler serviceVerificationHandler, List<ServiceController<?>> list) throws OperationFailedException {
        ModelNode modelNode2 = modelNode.hasDefined("authentication") ? modelNode.get("authentication") : null;
        ModelNode modelNode3 = modelNode.hasDefined("server-identity") ? modelNode.get("server-identity") : null;
        ServiceTarget serviceTarget = operationContext.getServiceTarget();
        SecurityRealmService securityRealmService = new SecurityRealmService(str);
        ServiceName append = SecurityRealmService.BASE_SERVICE_NAME.append(new String[]{str});
        ServiceBuilder addService = serviceTarget.addService(append, securityRealmService);
        ServiceName serviceName = null;
        ModelNode modelNode4 = null;
        if (modelNode2 != null) {
            if (modelNode2.hasDefined(FileKeystoreService.TRUSTSTORE_SUFFIX)) {
                modelNode4 = modelNode2.require(FileKeystoreService.TRUSTSTORE_SUFFIX);
            }
            if (modelNode2.hasDefined(UserLdapCallbackHandler.SERVICE_SUFFIX)) {
                serviceName = addLdapService(modelNode2.require(UserLdapCallbackHandler.SERVICE_SUFFIX), append, serviceTarget, list);
            } else if (modelNode2.hasDefined(PropertiesCallbackHandler.SERVICE_SUFFIX)) {
                serviceName = addPropertiesService(modelNode2.require(PropertiesCallbackHandler.SERVICE_SUFFIX), append, str, serviceTarget, list);
            } else if (modelNode2.hasDefined(UserDomainCallbackHandler.SERVICE_SUFFIX)) {
                serviceName = addUsersService(operationContext, modelNode2.require(UserDomainCallbackHandler.SERVICE_SUFFIX), append, str, serviceTarget, list);
            }
        }
        if (serviceName != null) {
            addService.addDependency(serviceName, DomainCallbackHandler.class, securityRealmService.getCallbackHandlerInjector());
        }
        if (modelNode3 != null) {
            if (modelNode3.hasDefined(SSLIdentityService.SERVICE_SUFFIX)) {
                addService.addDependency(addSSLService(operationContext, modelNode3.require(SSLIdentityService.SERVICE_SUFFIX), modelNode4, append, serviceTarget, list), SSLIdentityService.class, securityRealmService.getSSLIdentityInjector());
            }
            if (modelNode3.hasDefined(SecretIdentityService.SERVICE_SUFFIX)) {
                addService.addDependency(addSecretService(modelNode3.require(SecretIdentityService.SERVICE_SUFFIX), append, serviceTarget, list), CallbackHandlerFactory.class, securityRealmService.getSecretCallbackFactory());
            }
        }
        addService.setInitialMode(ServiceController.Mode.ON_DEMAND);
        ServiceController<?> install = addService.install();
        if (list != null) {
            list.add(install);
        }
    }

    private ServiceName addLdapService(ModelNode modelNode, ServiceName serviceName, ServiceTarget serviceTarget, List<ServiceController<?>> list) {
        ServiceName append = serviceName.append(new String[]{UserLdapCallbackHandler.SERVICE_SUFFIX});
        UserLdapCallbackHandler userLdapCallbackHandler = new UserLdapCallbackHandler(modelNode);
        ServiceBuilder addService = serviceTarget.addService(append, userLdapCallbackHandler);
        addService.addDependency(LdapConnectionManagerService.BASE_SERVICE_NAME.append(new String[]{modelNode.require("connection").asString()}), ConnectionManager.class, userLdapCallbackHandler.getConnectionManagerInjector());
        list.add(addService.setInitialMode(ServiceController.Mode.ON_DEMAND).install());
        return append;
    }

    private ServiceName addPropertiesService(ModelNode modelNode, ServiceName serviceName, String str, ServiceTarget serviceTarget, List<ServiceController<?>> list) {
        ServiceName append = serviceName.append(new String[]{PropertiesCallbackHandler.SERVICE_SUFFIX});
        PropertiesCallbackHandler propertiesCallbackHandler = new PropertiesCallbackHandler(str, modelNode);
        ServiceBuilder addService = serviceTarget.addService(append, propertiesCallbackHandler);
        if (modelNode.hasDefined("relative-to")) {
            addService.addDependency(pathName(modelNode.get("relative-to").asString()), String.class, propertiesCallbackHandler.getRelativeToInjector());
        }
        list.add(addService.setInitialMode(ServiceController.Mode.ON_DEMAND).install());
        return append;
    }

    private ServiceName addSSLService(OperationContext operationContext, ModelNode modelNode, ModelNode modelNode2, ServiceName serviceName, ServiceTarget serviceTarget, List<ServiceController<?>> list) throws OperationFailedException {
        ServiceName append = serviceName.append(new String[]{SSLIdentityService.SERVICE_SUFFIX});
        ServiceName serviceName2 = null;
        char[] cArr = null;
        if (modelNode.hasDefined(FileKeystoreService.KEYSTORE_SUFFIX)) {
            serviceName2 = serviceName.append(new String[]{FileKeystoreService.KEYSTORE_SUFFIX});
            cArr = addFileKeystoreService(operationContext, modelNode.require(FileKeystoreService.KEYSTORE_SUFFIX), serviceName2, serviceTarget, list);
        }
        ServiceName serviceName3 = null;
        if (modelNode2 != null) {
            serviceName3 = serviceName.append(new String[]{FileKeystoreService.TRUSTSTORE_SUFFIX});
            addFileKeystoreService(operationContext, modelNode2, serviceName3, serviceTarget, list);
        }
        SSLIdentityService sSLIdentityService = new SSLIdentityService(modelNode, cArr);
        ServiceBuilder addService = serviceTarget.addService(append, sSLIdentityService);
        if (serviceName2 != null) {
            addService.addDependency(serviceName2, KeyStore.class, sSLIdentityService.getKeyStoreInjector());
        }
        if (serviceName3 != null) {
            addService.addDependency(serviceName3, KeyStore.class, sSLIdentityService.getTrustStoreInjector());
        }
        list.add(addService.setInitialMode(ServiceController.Mode.ON_DEMAND).install());
        return append;
    }

    private char[] addFileKeystoreService(OperationContext operationContext, ModelNode modelNode, ServiceName serviceName, ServiceTarget serviceTarget, List<ServiceController<?>> list) throws OperationFailedException {
        char[] unmaskPassword = unmaskPassword(operationContext, modelNode.require("password"));
        FileKeystoreService fileKeystoreService = new FileKeystoreService(modelNode.require("path").asString(), unmaskPassword);
        ServiceBuilder addService = serviceTarget.addService(serviceName, fileKeystoreService);
        if (modelNode.hasDefined("relative-to")) {
            addService.addDependency(pathName(modelNode.require("relative-to").asString()), String.class, fileKeystoreService.getRelativeToInjector());
        }
        list.add(addService.setInitialMode(ServiceController.Mode.ON_DEMAND).install());
        return unmaskPassword;
    }

    private ServiceName addSecretService(ModelNode modelNode, ServiceName serviceName, ServiceTarget serviceTarget, List<ServiceController<?>> list) {
        ServiceName append = serviceName.append(new String[]{SecretIdentityService.SERVICE_SUFFIX});
        serviceTarget.addService(append, new SecretIdentityService(modelNode.require("value").asString())).setInitialMode(ServiceController.Mode.ON_DEMAND).install();
        return append;
    }

    private ServiceName addUsersService(OperationContext operationContext, ModelNode modelNode, ServiceName serviceName, String str, ServiceTarget serviceTarget, List<ServiceController<?>> list) throws OperationFailedException {
        ServiceName append = serviceName.append(new String[]{UserDomainCallbackHandler.SERVICE_SUFFIX});
        list.add(serviceTarget.addService(append, new UserDomainCallbackHandler(str, unmaskUsersPasswords(operationContext, modelNode))).setInitialMode(ServiceController.Mode.ON_DEMAND).install());
        return append;
    }

    private static ServiceName pathName(String str) {
        return ServiceName.JBOSS.append(new String[]{"server", "path", str});
    }

    private char[] unmaskPassword(OperationContext operationContext, ModelNode modelNode) throws OperationFailedException {
        return operationContext.resolveExpressions(modelNode).asString().toCharArray();
    }

    private ModelNode unmaskUsersPasswords(OperationContext operationContext, ModelNode modelNode) throws OperationFailedException {
        ModelNode clone = modelNode.clone();
        Iterator it = clone.get("user").asPropertyList().iterator();
        while (it.hasNext()) {
            ModelNode value = ((Property) it.next()).getValue();
            if (value.hasDefined("password")) {
                value.set("password", operationContext.resolveExpressions(value.get("password")).asString());
            }
        }
        return clone;
    }
}
