package org.jboss.resource.security;

import java.security.AccessController;
import java.security.Principal;
import java.security.PrivilegedAction;
import java.security.acl.Group;
import java.util.Iterator;
import java.util.Set;
import javax.resource.spi.ManagedConnectionFactory;
import javax.resource.spi.security.PasswordCredential;
import javax.security.auth.Subject;
import org.jboss.security.SecurityConstants;
import org.jboss.security.SimpleGroup;

/* loaded from: input_file:WEB-INF/lib/jbosssx-client.jar:org/jboss/resource/security/SubjectActions.class */
class SubjectActions {

    /* loaded from: input_file:WEB-INF/lib/jbosssx-client.jar:org/jboss/resource/security/SubjectActions$AddCredentialsAction.class */
    static class AddCredentialsAction implements PrivilegedAction {
        Subject subject;
        PasswordCredential cred;

        AddCredentialsAction(Subject subject, PasswordCredential passwordCredential) {
            this.subject = subject;
            this.cred = passwordCredential;
        }

        @Override // java.security.PrivilegedAction
        public Object run() {
            this.subject.getPrivateCredentials().add(this.cred);
            return null;
        }
    }

    /* loaded from: input_file:WEB-INF/lib/jbosssx-client.jar:org/jboss/resource/security/SubjectActions$AddPrincipalsAction.class */
    static class AddPrincipalsAction implements PrivilegedAction {
        Subject subject;
        Principal p;

        AddPrincipalsAction(Subject subject, Principal principal) {
            this.subject = subject;
            this.p = principal;
        }

        @Override // java.security.PrivilegedAction
        public Object run() {
            this.subject.getPrincipals().add(this.p);
            return null;
        }
    }

    /* loaded from: input_file:WEB-INF/lib/jbosssx-client.jar:org/jboss/resource/security/SubjectActions$AddRolesActions.class */
    interface AddRolesActions {
        public static final AddRolesActions PRIVILEGED = new AddRolesActions() { // from class: org.jboss.resource.security.SubjectActions.AddRolesActions.1
            @Override // org.jboss.resource.security.SubjectActions.AddRolesActions
            public void addRoles(final Subject subject, final Set set) {
                AccessController.doPrivileged(new PrivilegedAction() { // from class: org.jboss.resource.security.SubjectActions.AddRolesActions.1.1
                    @Override // java.security.PrivilegedAction
                    public Object run() {
                        SubjectActions.addSubjectRoles(subject, set);
                        return null;
                    }
                });
            }
        };
        public static final AddRolesActions NON_PRIVILEGED = new AddRolesActions() { // from class: org.jboss.resource.security.SubjectActions.AddRolesActions.2
            @Override // org.jboss.resource.security.SubjectActions.AddRolesActions
            public void addRoles(Subject subject, Set set) {
                SubjectActions.addSubjectRoles(subject, set);
            }
        };

        void addRoles(Subject subject, Set set);
    }

    /* loaded from: input_file:WEB-INF/lib/jbosssx-client.jar:org/jboss/resource/security/SubjectActions$RemoveCredentialsAction.class */
    static class RemoveCredentialsAction implements PrivilegedAction {
        Subject subject;
        ManagedConnectionFactory mcf;

        RemoveCredentialsAction(Subject subject, ManagedConnectionFactory managedConnectionFactory) {
            this.subject = subject;
            this.mcf = managedConnectionFactory;
        }

        @Override // java.security.PrivilegedAction
        public Object run() {
            Iterator<Object> it = this.subject.getPrivateCredentials().iterator();
            while (it.hasNext()) {
                Object next = it.next();
                if ((next instanceof PasswordCredential) && ((PasswordCredential) next).getManagedConnectionFactory() == this.mcf) {
                    it.remove();
                }
            }
            return null;
        }
    }

    SubjectActions() {
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void addCredentials(Subject subject, PasswordCredential passwordCredential) {
        AccessController.doPrivileged(new AddCredentialsAction(subject, passwordCredential));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void addPrincipals(Subject subject, Principal principal) {
        AccessController.doPrivileged(new AddPrincipalsAction(subject, principal));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void removeCredentials(Subject subject, ManagedConnectionFactory managedConnectionFactory) {
        AccessController.doPrivileged(new RemoveCredentialsAction(subject, managedConnectionFactory));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void addRoles(Subject subject, Set set) {
        if (System.getSecurityManager() != null) {
            AddRolesActions.PRIVILEGED.addRoles(subject, set);
        } else {
            AddRolesActions.NON_PRIVILEGED.addRoles(subject, set);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static Group addSubjectRoles(Subject subject, Set set) {
        Group group = null;
        for (Group group2 : subject.getPrincipals(Group.class)) {
            if (group2.getName().equals(SecurityConstants.ROLES_IDENTIFIER)) {
                group = group2;
            }
        }
        if (group == null) {
            group = new SimpleGroup(SecurityConstants.ROLES_IDENTIFIER);
            subject.getPrincipals().add(group);
        }
        Iterator it = set.iterator();
        while (it.hasNext()) {
            group.addMember((Principal) it.next());
        }
        return group;
    }
}
