package io.quarkus.elytron.security.runtime;

import io.quarkus.runtime.RuntimeValue;
import io.quarkus.runtime.annotations.Recorder;
import java.io.IOException;
import java.io.InputStream;
import java.io.UncheckedIOException;
import java.net.URL;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.LinkOption;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.security.Provider;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Map;
import java.util.function.Supplier;
import org.jboss.logging.Logger;
import org.wildfly.common.iteration.ByteIterator;
import org.wildfly.security.WildFlyElytronProvider;
import org.wildfly.security.auth.realm.LegacyPropertiesSecurityRealm;
import org.wildfly.security.auth.realm.SimpleMapBackedSecurityRealm;
import org.wildfly.security.auth.realm.SimpleRealmEntry;
import org.wildfly.security.auth.server.NameRewriter;
import org.wildfly.security.auth.server.SecurityRealm;
import org.wildfly.security.authz.MapAttributes;
import org.wildfly.security.credential.PasswordCredential;
import org.wildfly.security.password.PasswordFactory;
import org.wildfly.security.password.WildFlyElytronPasswordProvider;
import org.wildfly.security.password.interfaces.ClearPassword;
import org.wildfly.security.password.spec.DigestPasswordSpec;

@Recorder
/* loaded from: input_file:io/quarkus/elytron/security/runtime/ElytronPropertiesFileRecorder.class */
public class ElytronPropertiesFileRecorder {
    static final Logger log = Logger.getLogger(ElytronPropertiesFileRecorder.class);

    public Runnable loadRealm(final RuntimeValue<SecurityRealm> runtimeValue, final PropertiesRealmConfig propertiesRealmConfig) throws Exception {
        return new Runnable() { // from class: io.quarkus.elytron.security.runtime.ElytronPropertiesFileRecorder.1
            /* JADX WARN: Finally extract failed */
            @Override // java.lang.Runnable
            public void run() {
                try {
                    ElytronPropertiesFileRecorder.log.debugf("loadRealm, config=%s", propertiesRealmConfig);
                    LegacyPropertiesSecurityRealm legacyPropertiesSecurityRealm = (SecurityRealm) runtimeValue.getValue();
                    if (legacyPropertiesSecurityRealm instanceof LegacyPropertiesSecurityRealm) {
                        ElytronPropertiesFileRecorder.log.debugf("Trying to loader users: /%s", propertiesRealmConfig.users);
                        Path path = Paths.get(propertiesRealmConfig.users, new String[0]);
                        URL url = Files.exists(path, new LinkOption[0]) ? path.toUri().toURL() : Thread.currentThread().getContextClassLoader().getResource(propertiesRealmConfig.users);
                        ElytronPropertiesFileRecorder.log.debugf("users: %s", url);
                        ElytronPropertiesFileRecorder.log.debugf("Trying to loader roles: %s", propertiesRealmConfig.roles);
                        Path path2 = Paths.get(propertiesRealmConfig.roles, new String[0]);
                        URL url2 = Files.exists(path2, new LinkOption[0]) ? path2.toUri().toURL() : Thread.currentThread().getContextClassLoader().getResource(propertiesRealmConfig.roles);
                        ElytronPropertiesFileRecorder.log.debugf("roles: %s", url2);
                        if (url == null && url2 == null) {
                            throw new IllegalStateException(String.format("No PropertiesRealmConfig users/roles settings found. Configure the quarkus.security.file.%s properties", propertiesRealmConfig.help()));
                        }
                        LegacyPropertiesSecurityRealm legacyPropertiesSecurityRealm2 = legacyPropertiesSecurityRealm;
                        InputStream openStream = url.openStream();
                        Throwable th = null;
                        try {
                            InputStream openStream2 = url2.openStream();
                            Throwable th2 = null;
                            try {
                                try {
                                    legacyPropertiesSecurityRealm2.load(openStream, openStream2);
                                    if (openStream2 != null) {
                                        if (0 != 0) {
                                            try {
                                                openStream2.close();
                                            } catch (Throwable th3) {
                                                th2.addSuppressed(th3);
                                            }
                                        } else {
                                            openStream2.close();
                                        }
                                    }
                                    if (openStream != null) {
                                        if (0 != 0) {
                                            try {
                                                openStream.close();
                                            } catch (Throwable th4) {
                                                th.addSuppressed(th4);
                                            }
                                        } else {
                                            openStream.close();
                                        }
                                    }
                                } finally {
                                }
                            } catch (Throwable th5) {
                                if (openStream2 != null) {
                                    if (th2 != null) {
                                        try {
                                            openStream2.close();
                                        } catch (Throwable th6) {
                                            th2.addSuppressed(th6);
                                        }
                                    } else {
                                        openStream2.close();
                                    }
                                }
                                throw th5;
                            }
                        } catch (Throwable th7) {
                            if (openStream != null) {
                                if (0 != 0) {
                                    try {
                                        openStream.close();
                                    } catch (Throwable th8) {
                                        th.addSuppressed(th8);
                                    }
                                } else {
                                    openStream.close();
                                }
                            }
                            throw th7;
                        }
                    }
                } catch (IOException e) {
                    throw new UncheckedIOException(e);
                }
            }
        };
    }

    public Runnable loadRealm(final RuntimeValue<SecurityRealm> runtimeValue, final MPRealmConfig mPRealmConfig) throws Exception {
        return new Runnable() { // from class: io.quarkus.elytron.security.runtime.ElytronPropertiesFileRecorder.2
            @Override // java.lang.Runnable
            public void run() {
                ClearPassword generatePassword;
                ElytronPropertiesFileRecorder.log.debugf("loadRealm, config=%s", mPRealmConfig);
                SimpleMapBackedSecurityRealm simpleMapBackedSecurityRealm = (SecurityRealm) runtimeValue.getValue();
                if (simpleMapBackedSecurityRealm instanceof SimpleMapBackedSecurityRealm) {
                    SimpleMapBackedSecurityRealm simpleMapBackedSecurityRealm2 = simpleMapBackedSecurityRealm;
                    HashMap hashMap = new HashMap();
                    Map<String, String> users = mPRealmConfig.getUsers();
                    ElytronPropertiesFileRecorder.log.debugf("UserInfoMap: %s%n", users);
                    Map<String, String> roles = mPRealmConfig.getRoles();
                    ElytronPropertiesFileRecorder.log.debugf("RoleInfoMap: %s%n", roles);
                    for (Map.Entry<String, String> entry : users.entrySet()) {
                        String key = entry.getKey();
                        if (mPRealmConfig.plainText) {
                            generatePassword = ClearPassword.createRaw("clear", entry.getValue().toCharArray());
                        } else {
                            try {
                                generatePassword = PasswordFactory.getInstance("digest-md5", new WildFlyElytronPasswordProvider()).generatePassword(new DigestPasswordSpec(key, mPRealmConfig.realmName, ByteIterator.ofBytes(entry.getValue().getBytes(StandardCharsets.UTF_8)).asUtf8String().hexDecode().drain()));
                            } catch (Exception e) {
                                throw new RuntimeException("Unable to register password for user:" + key + " make sure it is a valid hex encoded MD5 hash", e);
                            }
                        }
                        PasswordCredential passwordCredential = new PasswordCredential(generatePassword);
                        ArrayList arrayList = new ArrayList();
                        arrayList.add(passwordCredential);
                        String[] split = roles.get(key).split(",");
                        MapAttributes mapAttributes = new MapAttributes();
                        for (String str : split) {
                            mapAttributes.addLast("groups", str);
                        }
                        hashMap.put(key, new SimpleRealmEntry(arrayList, mapAttributes));
                        ElytronPropertiesFileRecorder.log.debugf("Added user(%s), roles=%s%n", key, mapAttributes.get("groups"));
                    }
                    simpleMapBackedSecurityRealm2.setIdentityMap(hashMap);
                }
            }
        };
    }

    public RuntimeValue<SecurityRealm> createRealm(PropertiesRealmConfig propertiesRealmConfig) throws Exception {
        log.debugf("createRealm, config=%s", propertiesRealmConfig);
        return new RuntimeValue<>(LegacyPropertiesSecurityRealm.builder().setDefaultRealm(propertiesRealmConfig.realmName).setProviders(new Supplier<Provider[]>() { // from class: io.quarkus.elytron.security.runtime.ElytronPropertiesFileRecorder.3
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.util.function.Supplier
            public Provider[] get() {
                return new Provider[]{new WildFlyElytronProvider()};
            }
        }).setPlainText(propertiesRealmConfig.plainText).build());
    }

    public RuntimeValue<SecurityRealm> createRealm(MPRealmConfig mPRealmConfig) {
        log.debugf("createRealm, config=%s", mPRealmConfig);
        return new RuntimeValue<>(new SimpleMapBackedSecurityRealm(NameRewriter.IDENTITY_REWRITER, new Supplier<Provider[]>() { // from class: io.quarkus.elytron.security.runtime.ElytronPropertiesFileRecorder.4
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.util.function.Supplier
            public Provider[] get() {
                return new Provider[]{new WildFlyElytronProvider()};
            }
        }));
    }
}
