package org.wildfly.extension.picketlink.federation.model.idp;

import java.util.Iterator;
import java.util.List;
import org.jboss.as.controller.AttributeDefinition;
import org.jboss.as.controller.OperationContext;
import org.jboss.as.controller.OperationFailedException;
import org.jboss.as.controller.PathAddress;
import org.jboss.as.controller.ServiceVerificationHandler;
import org.jboss.as.controller.registry.Resource;
import org.jboss.as.security.service.SecurityDomainService;
import org.jboss.dmr.ModelNode;
import org.jboss.dmr.Property;
import org.jboss.msc.service.ServiceBuilder;
import org.jboss.msc.service.ServiceController;
import org.picketlink.identity.federation.bindings.wildfly.idp.UndertowAttributeManager;
import org.picketlink.identity.federation.bindings.wildfly.idp.UndertowRoleGenerator;
import org.wildfly.extension.picketlink.common.model.ModelElement;
import org.wildfly.extension.picketlink.federation.config.IDPConfiguration;
import org.wildfly.extension.picketlink.federation.model.AbstractEntityProviderAddHandler;
import org.wildfly.extension.picketlink.federation.service.FederationService;
import org.wildfly.extension.picketlink.federation.service.IdentityProviderService;
import org.wildfly.extension.picketlink.logging.PicketLinkLogger;

/* loaded from: input_file:org/wildfly/extension/picketlink/federation/model/idp/IdentityProviderAddHandler.class */
public class IdentityProviderAddHandler extends AbstractEntityProviderAddHandler {
    static final IdentityProviderAddHandler INSTANCE = new IdentityProviderAddHandler();

    private IdentityProviderAddHandler() {
    }

    protected void populateModel(ModelNode modelNode, ModelNode modelNode2) throws OperationFailedException {
        for (AttributeDefinition attributeDefinition : IdentityProviderResourceDefinition.ATTRIBUTE_DEFINITIONS) {
            attributeDefinition.validateAndSet(modelNode, modelNode2);
        }
    }

    public void execute(OperationContext operationContext, ModelNode modelNode) throws OperationFailedException {
        operationContext.addStep(new IdentityProviderValidationStepHandler(), OperationContext.Stage.MODEL);
        super.execute(operationContext, modelNode);
    }

    protected void performRuntime(OperationContext operationContext, ModelNode modelNode, ModelNode modelNode2, ServiceVerificationHandler serviceVerificationHandler, List<ServiceController<?>> list) throws OperationFailedException {
        launchServices(operationContext, Resource.Tools.readModel(operationContext.readResource(PathAddress.EMPTY_ADDRESS)), serviceVerificationHandler, list, PathAddress.pathAddress(modelNode.get("address")), false);
    }

    protected void rollbackRuntime(OperationContext operationContext, ModelNode modelNode, Resource resource) {
        try {
            IdentityProviderRemoveHandler.INSTANCE.performRuntime(operationContext, modelNode, resource.getModel());
        } catch (OperationFailedException e) {
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void launchServices(OperationContext operationContext, ModelNode modelNode, ServiceVerificationHandler serviceVerificationHandler, List<ServiceController<?>> list, PathAddress pathAddress, boolean z) throws OperationFailedException {
        String value = pathAddress.getLastElement().getValue();
        IdentityProviderService identityProviderService = new IdentityProviderService(toIDPConfig(operationContext, modelNode, value));
        ServiceBuilder addService = operationContext.getServiceTarget().addService(IdentityProviderService.createServiceName(value), identityProviderService);
        addService.addDependency(FederationService.createServiceName(pathAddress.subAddress(0, pathAddress.size() - 1).getLastElement().getValue()), FederationService.class, identityProviderService.getFederationService());
        configureHandler(operationContext, modelNode, identityProviderService);
        IDPConfiguration configuration = identityProviderService.getConfiguration();
        if (!configuration.isExternal()) {
            addService.addDependency(SecurityDomainService.SERVICE_NAME.append(new String[]{configuration.getSecurityDomain()}));
        }
        if (serviceVerificationHandler != null) {
            addService.addListener(serviceVerificationHandler);
        }
        ServiceController<?> install = addService.install();
        if (list != null) {
            list.add(install);
        }
        if (z) {
            restartTrustDomains(value, modelNode, operationContext);
        }
    }

    static IDPConfiguration toIDPConfig(OperationContext operationContext, ModelNode modelNode, String str) throws OperationFailedException {
        String name;
        String name2;
        IDPConfiguration iDPConfiguration = new IDPConfiguration(str);
        iDPConfiguration.setExternal(IdentityProviderResourceDefinition.EXTERNAL.resolveModelAttribute(operationContext, modelNode).asBoolean());
        iDPConfiguration.setIdentityURL(IdentityProviderResourceDefinition.URL.resolveModelAttribute(operationContext, modelNode).asString());
        if (!iDPConfiguration.isExternal()) {
            ModelNode resolveModelAttribute = IdentityProviderResourceDefinition.SECURITY_DOMAIN.resolveModelAttribute(operationContext, modelNode);
            if (!resolveModelAttribute.isDefined()) {
                throw PicketLinkLogger.ROOT_LOGGER.requiredAttribute(ModelElement.COMMON_SECURITY_DOMAIN.getName(), str);
            }
            iDPConfiguration.setSecurityDomain(resolveModelAttribute.asString());
            iDPConfiguration.setSupportsSignature(IdentityProviderResourceDefinition.SUPPORT_SIGNATURES.resolveModelAttribute(operationContext, modelNode).asBoolean());
            iDPConfiguration.setSupportMetadata(IdentityProviderResourceDefinition.SUPPORT_METADATA.resolveModelAttribute(operationContext, modelNode).asBoolean());
            iDPConfiguration.setEncrypt(Boolean.valueOf(IdentityProviderResourceDefinition.ENCRYPT.resolveModelAttribute(operationContext, modelNode).asBoolean()));
            iDPConfiguration.setSSLClientAuthentication(IdentityProviderResourceDefinition.SSL_AUTHENTICATION.resolveModelAttribute(operationContext, modelNode).asBoolean());
            iDPConfiguration.setStrictPostBinding(IdentityProviderResourceDefinition.STRICT_POST_BINDING.resolveModelAttribute(operationContext, modelNode).asBoolean());
            ModelNode modelNode2 = modelNode.get(ModelElement.IDENTITY_PROVIDER_ROLE_GENERATOR.getName());
            if (modelNode2.isDefined()) {
                ModelNode value = modelNode2.asProperty().getValue();
                ModelNode resolveModelAttribute2 = RoleGeneratorResourceDefinition.CLASS_NAME.resolveModelAttribute(operationContext, value);
                ModelNode resolveModelAttribute3 = RoleGeneratorResourceDefinition.CODE.resolveModelAttribute(operationContext, value);
                if (resolveModelAttribute2.isDefined()) {
                    name = resolveModelAttribute2.asString();
                } else {
                    if (!resolveModelAttribute3.isDefined()) {
                        throw PicketLinkLogger.ROOT_LOGGER.typeNotProvided(ModelElement.IDENTITY_PROVIDER_ROLE_GENERATOR.getName());
                    }
                    name = RoleGeneratorTypeEnum.forType(resolveModelAttribute3.asString());
                }
            } else {
                name = UndertowRoleGenerator.class.getName();
            }
            iDPConfiguration.setRoleGenerator(name);
            ModelNode modelNode3 = modelNode.get(ModelElement.IDENTITY_PROVIDER_ATTRIBUTE_MANAGER.getName());
            if (modelNode3.isDefined()) {
                ModelNode value2 = modelNode3.asProperty().getValue();
                ModelNode resolveModelAttribute4 = AttributeManagerResourceDefinition.CLASS_NAME.resolveModelAttribute(operationContext, value2);
                ModelNode resolveModelAttribute5 = AttributeManagerResourceDefinition.CODE.resolveModelAttribute(operationContext, value2);
                if (resolveModelAttribute4.isDefined()) {
                    name2 = resolveModelAttribute4.asString();
                } else {
                    if (!resolveModelAttribute5.isDefined()) {
                        throw PicketLinkLogger.ROOT_LOGGER.typeNotProvided(ModelElement.IDENTITY_PROVIDER_ATTRIBUTE_MANAGER.getName());
                    }
                    name2 = AttributeManagerTypeEnum.forType(resolveModelAttribute5.asString());
                }
            } else {
                name2 = UndertowAttributeManager.class.getName();
            }
            iDPConfiguration.setAttributeManager(name2);
        }
        return iDPConfiguration;
    }

    private static void restartTrustDomains(String str, ModelNode modelNode, OperationContext operationContext) {
        if (modelNode.hasDefined(ModelElement.IDENTITY_PROVIDER_TRUST_DOMAIN.getName())) {
            Iterator it = modelNode.get(ModelElement.IDENTITY_PROVIDER_TRUST_DOMAIN.getName()).asPropertyList().iterator();
            while (it.hasNext()) {
                TrustDomainAddHandler.restartServices(operationContext, str, ((Property) it.next()).getName());
            }
        }
    }
}
