package org.jboss.as.connector.security;

import java.security.AccessController;
import javax.security.auth.callback.CallbackHandler;
import org.jboss.as.connector.logging.ConnectorLogger;
import org.jboss.as.controller.capability.RuntimeCapability;
import org.jboss.as.server.CurrentServiceContainer;
import org.jboss.jca.core.spi.security.Callback;
import org.jboss.jca.core.spi.security.SecurityContext;
import org.jboss.jca.core.spi.security.SecurityIntegration;
import org.jboss.msc.service.ServiceContainer;
import org.wildfly.security.auth.server.SecurityDomain;
import org.wildfly.security.manager.WildFlySecurityManager;

/* loaded from: input_file:BOOT-INF/lib/wildfly-connector-26.0.1.Final.jar:org/jboss/as/connector/security/ElytronSecurityIntegration.class */
public class ElytronSecurityIntegration implements SecurityIntegration {
    static final String SECURITY_IDENTITY_ROLE = "ejb";
    private static final String SECURITY_DOMAIN_CAPABILITY = "org.wildfly.security.security-domain";
    private static final RuntimeCapability<Void> SECURITY_DOMAIN_RUNTIME_CAPABILITY;
    private final ThreadLocal<SecurityContext> securityContext = new ThreadLocal<>();
    static final /* synthetic */ boolean $assertionsDisabled;

    public SecurityContext createSecurityContext(String str) throws Exception {
        return new ElytronSecurityContext();
    }

    public SecurityContext getSecurityContext() {
        return this.securityContext.get();
    }

    public void setSecurityContext(SecurityContext securityContext) {
        this.securityContext.set(securityContext);
    }

    public CallbackHandler createCallbackHandler() {
        throw ConnectorLogger.ROOT_LOGGER.unsupportedCreateCallbackHandlerMethod();
    }

    public CallbackHandler createCallbackHandler(Callback callback) {
        if (!$assertionsDisabled && callback == null) {
            throw new AssertionError();
        }
        String domain = callback.getDomain();
        if (domain != null) {
            return new ElytronCallbackHandler((SecurityDomain) currentServiceContainer().getRequiredService(SECURITY_DOMAIN_RUNTIME_CAPABILITY.getCapabilityServiceName(new String[]{domain})).getValue(), callback);
        }
        throw ConnectorLogger.ROOT_LOGGER.invalidCallbackSecurityDomain();
    }

    private ServiceContainer currentServiceContainer() {
        return WildFlySecurityManager.isChecking() ? (ServiceContainer) AccessController.doPrivileged(CurrentServiceContainer.GET_ACTION) : CurrentServiceContainer.getServiceContainer();
    }

    static {
        $assertionsDisabled = !ElytronSecurityIntegration.class.desiredAssertionStatus();
        SECURITY_DOMAIN_RUNTIME_CAPABILITY = RuntimeCapability.Builder.of("org.wildfly.security.security-domain", true, SecurityDomain.class).build();
    }
}
