package org.jboss.as.controller.access.rbac;

import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedHashSet;
import java.util.Locale;
import java.util.Map;
import java.util.Set;
import org.jboss.as.controller.access.Authorizer;
import org.jboss.as.controller.access.AuthorizerConfiguration;
import org.jboss.as.controller.access.Caller;
import org.jboss.as.controller.access.Environment;
import org.jboss.as.controller.access.permission.ManagementPermissionAuthorizer;

/* loaded from: input_file:WEB-INF/lib/wildfly-controller-7.0.0.Final.jar:org/jboss/as/controller/access/rbac/StandardRBACAuthorizer.class */
public final class StandardRBACAuthorizer extends ManagementPermissionAuthorizer {
    private static final Set<String> STANDARD_ROLES;
    public static final Authorizer.AuthorizerDescription AUTHORIZER_DESCRIPTION;
    private final AuthorizerConfiguration configuration;
    private final DefaultPermissionFactory permissionFactory;
    private final RoleMapper roleMapper;
    private final Map<String, String> mappedToOfficialForm;

    public static StandardRBACAuthorizer create(AuthorizerConfiguration authorizerConfiguration, RoleMapper roleMapper) {
        RunAsRoleMapper runAsRoleMapper = new RunAsRoleMapper(roleMapper);
        return new StandardRBACAuthorizer(authorizerConfiguration, new DefaultPermissionFactory(runAsRoleMapper, authorizerConfiguration), runAsRoleMapper);
    }

    private StandardRBACAuthorizer(AuthorizerConfiguration authorizerConfiguration, DefaultPermissionFactory defaultPermissionFactory, RoleMapper roleMapper) {
        super(defaultPermissionFactory);
        this.mappedToOfficialForm = Collections.synchronizedMap(new HashMap());
        this.configuration = authorizerConfiguration;
        this.permissionFactory = defaultPermissionFactory;
        authorizerConfiguration.registerScopedRoleListener(defaultPermissionFactory);
        this.roleMapper = roleMapper;
        for (StandardRole standardRole : StandardRole.values()) {
            this.mappedToOfficialForm.put(standardRole.toString(), standardRole.getFormalName());
        }
    }

    @Override // org.jboss.as.controller.access.permission.ManagementPermissionAuthorizer, org.jboss.as.controller.access.Authorizer
    public Set<String> getCallerRoles(Caller caller, Environment environment, Set<String> set) {
        Set<String> mapRoles = this.roleMapper.mapRoles(caller, environment, set);
        if (mapRoles == null) {
            return null;
        }
        if (mapRoles.isEmpty()) {
            return mapRoles;
        }
        HashSet hashSet = new HashSet();
        Iterator<String> it = mapRoles.iterator();
        while (it.hasNext()) {
            hashSet.add(getOfficialRoleForm(it.next()));
        }
        return hashSet;
    }

    private String getOfficialRoleForm(String str) {
        String str2 = this.mappedToOfficialForm.get(str);
        if (str2 == null) {
            Iterator<String> it = this.configuration.getScopedRoles().keySet().iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                String next = it.next();
                if (str.equalsIgnoreCase(next)) {
                    str2 = next;
                    break;
                }
            }
            if (str2 == null) {
                try {
                    str2 = StandardRole.valueOf(str.toUpperCase(Locale.ENGLISH)).getFormalName();
                } catch (Exception e) {
                }
            }
            if (str2 != null) {
                this.mappedToOfficialForm.put(str, str2);
            } else {
                str2 = str;
            }
        }
        return str2;
    }

    @Override // org.jboss.as.controller.access.permission.ManagementPermissionAuthorizer, org.jboss.as.controller.access.Authorizer
    public Authorizer.AuthorizerDescription getDescription() {
        return AUTHORIZER_DESCRIPTION;
    }

    public void shutdown() {
        this.configuration.unregisterScopedRoleListener(this.permissionFactory);
    }

    static {
        LinkedHashSet linkedHashSet = new LinkedHashSet();
        for (StandardRole standardRole : StandardRole.values()) {
            linkedHashSet.add(standardRole.getFormalName());
        }
        STANDARD_ROLES = linkedHashSet;
        AUTHORIZER_DESCRIPTION = new Authorizer.AuthorizerDescription() { // from class: org.jboss.as.controller.access.rbac.StandardRBACAuthorizer.1
            @Override // org.jboss.as.controller.access.Authorizer.AuthorizerDescription
            public boolean isRoleBased() {
                return true;
            }

            @Override // org.jboss.as.controller.access.Authorizer.AuthorizerDescription
            public Set<String> getStandardRoles() {
                return StandardRBACAuthorizer.STANDARD_ROLES;
            }
        };
    }
}
