package org.glassfish.security.services.commands;

import com.sun.enterprise.config.serverbeans.Domain;
import jakarta.inject.Inject;
import java.beans.PropertyVetoException;
import java.util.Properties;
import org.glassfish.api.ActionReport;
import org.glassfish.api.Param;
import org.glassfish.api.admin.AccessRequired;
import org.glassfish.api.admin.AdminCommand;
import org.glassfish.api.admin.AdminCommandContext;
import org.glassfish.api.admin.AdminCommandSecurity;
import org.glassfish.api.admin.ExecuteOn;
import org.glassfish.api.admin.RuntimeType;
import org.glassfish.config.support.CommandTarget;
import org.glassfish.config.support.TargetType;
import org.glassfish.hk2.api.PerLookup;
import org.glassfish.security.services.config.AuthenticationService;
import org.glassfish.security.services.config.SecurityConfiguration;
import org.glassfish.security.services.config.SecurityConfigurations;
import org.jvnet.hk2.annotations.Service;
import org.jvnet.hk2.config.ConfigSupport;
import org.jvnet.hk2.config.SingleConfigCode;
import org.jvnet.hk2.config.TransactionFailure;

@Service(name = "_create-security-service")
@TargetType({CommandTarget.DAS})
@PerLookup
@ExecuteOn({RuntimeType.DAS})
/* loaded from: input_file:org/glassfish/security/services/commands/CreateSecurityService.class */
public class CreateSecurityService implements AdminCommand, AdminCommandSecurity.Preauthorization {
    private static final String AUTHENTICATION = "authentication";

    @Param(optional = false)
    private String serviceType;

    @Param(defaultValue = "false", optional = true)
    private Boolean enableDefault;

    @Param(optional = true, separator = ':')
    private Properties configuration;

    @Param(primary = true)
    private String serviceName;

    @Inject
    private Domain domain;
    private Class<? extends SecurityConfiguration> clazzServiceType;
    private ServiceConfigHandler<? extends SecurityConfiguration> serviceConfigHandler;

    @AccessRequired.To({"create"})
    private SecurityConfigurations secConfigs;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/glassfish/security/services/commands/CreateSecurityService$AuthenticationConfigHandler.class */
    public class AuthenticationConfigHandler extends ServiceConfigHandler<AuthenticationService> {
        private AuthenticationConfigHandler() {
            super();
        }

        /* JADX WARN: Can't rename method to resolve collision */
        @Override // org.glassfish.security.services.commands.CreateSecurityService.ServiceConfigHandler
        public AuthenticationService setupConfiguration(ActionReport actionReport, SecurityConfiguration securityConfiguration) {
            try {
                return (AuthenticationService) ConfigSupport.apply(new SingleConfigCode<AuthenticationService>() { // from class: org.glassfish.security.services.commands.CreateSecurityService.AuthenticationConfigHandler.1
                    public Object run(AuthenticationService authenticationService) throws PropertyVetoException, TransactionFailure {
                        authenticationService.setUsePasswordCredential(Boolean.valueOf(CreateSecurityService.this.configuration.getProperty("use-password-credential")).booleanValue());
                        return authenticationService;
                    }
                }, (AuthenticationService) securityConfiguration);
            } catch (TransactionFailure e) {
                actionReport.setMessage("Unable to configure authentication service: " + e.getMessage());
                actionReport.setActionExitCode(ActionReport.ExitCode.FAILURE);
                actionReport.setFailureCause(e);
                return null;
            }
        }
    }

    /* loaded from: input_file:org/glassfish/security/services/commands/CreateSecurityService$ServiceConfigHandler.class */
    private abstract class ServiceConfigHandler<T extends SecurityConfiguration> {
        private ServiceConfigHandler() {
        }

        abstract T setupConfiguration(ActionReport actionReport, SecurityConfiguration securityConfiguration);
    }

    public boolean preAuthorization(AdminCommandContext adminCommandContext) {
        this.secConfigs = getSecurityConfigurations(adminCommandContext.getActionReport());
        return this.secConfigs != null;
    }

    public void execute(AdminCommandContext adminCommandContext) {
        ActionReport actionReport = adminCommandContext.getActionReport();
        if (!AUTHENTICATION.equalsIgnoreCase(this.serviceType)) {
            actionReport.setMessage("Invalid security service type specified: " + this.serviceType);
            actionReport.setActionExitCode(ActionReport.ExitCode.FAILURE);
            return;
        }
        this.clazzServiceType = AuthenticationService.class;
        this.serviceConfigHandler = new AuthenticationConfigHandler();
        try {
            SecurityConfiguration securityConfiguration = (SecurityConfiguration) ConfigSupport.apply(new SingleConfigCode<SecurityConfigurations>() { // from class: org.glassfish.security.services.commands.CreateSecurityService.1
                public Object run(SecurityConfigurations securityConfigurations) throws PropertyVetoException, TransactionFailure {
                    SecurityConfiguration securityConfiguration2 = (SecurityConfiguration) securityConfigurations.createChild(CreateSecurityService.this.clazzServiceType);
                    securityConfiguration2.setName(CreateSecurityService.this.serviceName);
                    securityConfiguration2.setDefault(CreateSecurityService.this.enableDefault.booleanValue());
                    securityConfigurations.getSecurityServices().add(securityConfiguration2);
                    return securityConfiguration2;
                }
            }, this.secConfigs);
            if (securityConfiguration == null || this.configuration == null || this.configuration.isEmpty()) {
                return;
            }
            this.serviceConfigHandler.setupConfiguration(actionReport, securityConfiguration);
        } catch (TransactionFailure e) {
            actionReport.setMessage("Unable to create security service: " + e.getMessage());
            actionReport.setActionExitCode(ActionReport.ExitCode.FAILURE);
            actionReport.setFailureCause(e);
        }
    }

    private SecurityConfigurations getSecurityConfigurations(ActionReport actionReport) {
        SecurityConfigurations securityConfigurations = (SecurityConfigurations) this.domain.getExtensionByType(SecurityConfigurations.class);
        if (securityConfigurations == null) {
            try {
                securityConfigurations = (SecurityConfigurations) ConfigSupport.apply(new SingleConfigCode<Domain>() { // from class: org.glassfish.security.services.commands.CreateSecurityService.2
                    public Object run(Domain domain) throws PropertyVetoException, TransactionFailure {
                        SecurityConfigurations securityConfigurations2 = (SecurityConfigurations) domain.createChild(SecurityConfigurations.class);
                        domain.getExtensions().add(securityConfigurations2);
                        return securityConfigurations2;
                    }
                }, this.domain);
            } catch (TransactionFailure e) {
                actionReport.setMessage("Unable to create security configurations: " + e.getMessage());
                actionReport.setActionExitCode(ActionReport.ExitCode.FAILURE);
                actionReport.setFailureCause(e);
            }
        }
        return securityConfigurations;
    }
}
