package org.infinispan.server.security;

import java.util.concurrent.CompletionStage;
import javax.security.auth.Subject;
import org.infinispan.server.configuration.ServerConfiguration;
import org.infinispan.server.resp.Authenticator;
import org.infinispan.server.resp.configuration.RespServerConfiguration;
import org.infinispan.util.concurrent.BlockingManager;
import org.wildfly.security.auth.server.RealmUnavailableException;
import org.wildfly.security.auth.server.SecurityDomain;
import org.wildfly.security.auth.server.SecurityIdentity;
import org.wildfly.security.evidence.PasswordGuessEvidence;

/* loaded from: input_file:org/infinispan/server/security/ElytronRESPAuthenticator.class */
public class ElytronRESPAuthenticator implements Authenticator {
    private final String name;
    private SecurityDomain securityDomain;
    private BlockingManager blockingManager;

    public ElytronRESPAuthenticator(String str) {
        this.name = str;
    }

    public static void init(RespServerConfiguration respServerConfiguration, ServerConfiguration serverConfiguration, BlockingManager blockingManager) {
        ElytronRESPAuthenticator elytronRESPAuthenticator = (ElytronRESPAuthenticator) respServerConfiguration.authentication().authenticator();
        if (elytronRESPAuthenticator != null) {
            elytronRESPAuthenticator.init(serverConfiguration, blockingManager);
        }
    }

    private void init(ServerConfiguration serverConfiguration, BlockingManager blockingManager) {
        this.securityDomain = serverConfiguration.security().realms().getRealm(this.name).serverSecurityRealm().getSecurityDomain();
        this.blockingManager = blockingManager;
    }

    public CompletionStage<Subject> authenticate(String str, char[] cArr) {
        return this.blockingManager.supplyBlocking(() -> {
            try {
                SecurityIdentity authenticate = this.securityDomain.authenticate(str, new PasswordGuessEvidence(cArr));
                Subject subject = new Subject();
                subject.getPrincipals().add(authenticate.getPrincipal());
                authenticate.getRoles().forEach(str2 -> {
                    subject.getPrincipals().add(new RolePrincipal(str2));
                });
                return subject;
            } catch (RealmUnavailableException e) {
                throw new RuntimeException((Throwable) e);
            }
        }, "resp-auth");
    }
}
