package org.switchyard.security;

import java.security.Principal;
import java.security.acl.Group;
import java.util.Collections;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;
import javax.security.auth.Subject;
import org.switchyard.Exchange;
import org.switchyard.security.credential.Credential;

/* loaded from: input_file:WEB-INF/lib/switchyard-security-1.0.0.Alpha1.jar:org/switchyard/security/SecurityContext.class */
public final class SecurityContext {
    private static final String FORMAT = SecurityContext.class.getSimpleName() + "[credentials=%s, securityDomainsToSubjects=%s]";
    private final Set<Credential> _credentials = Collections.synchronizedSet(new HashSet());
    private final Map<String, Subject> _securityDomainsToSubjects = Collections.synchronizedMap(new HashMap());

    public Set<Credential> getCredentials() {
        return this._credentials;
    }

    public <T extends Credential> Set<T> getCredentials(Class<T> cls) {
        HashSet hashSet = new HashSet();
        for (Credential credential : getCredentials()) {
            if (credential != null && cls.isAssignableFrom(credential.getClass())) {
                hashSet.add(cls.cast(credential));
            }
        }
        return hashSet;
    }

    public synchronized void clearCredentials() {
        synchronized (this._credentials) {
            this._credentials.clear();
        }
    }

    public synchronized Subject getSubject(String str) {
        Subject subject = this._securityDomainsToSubjects.get(str);
        if (subject == null) {
            subject = new Subject();
            this._securityDomainsToSubjects.put(str, subject);
        }
        return subject;
    }

    public synchronized void clearSubject(String str) {
        synchronized (this._securityDomainsToSubjects) {
            this._securityDomainsToSubjects.remove(str);
        }
    }

    public boolean isCallerInRole(String str, String str2) {
        for (Principal principal : getSubject(str2).getPrincipals()) {
            if (principal instanceof Group) {
                Group group = (Group) principal;
                if (group.getName().equalsIgnoreCase(org.switchyard.security.principal.Group.ROLES)) {
                    Enumeration<? extends Principal> members = group.members();
                    while (members.hasMoreElements()) {
                        if (members.nextElement().getName().equals(str)) {
                            return true;
                        }
                    }
                } else {
                    continue;
                }
            }
        }
        return false;
    }

    public String toString() {
        return String.format(FORMAT, this._credentials, this._securityDomainsToSubjects);
    }

    public static SecurityContext get(Exchange exchange) {
        if (exchange instanceof SecurityExchange) {
            return ((SecurityExchange) exchange).getSecurityContext();
        }
        throw new IllegalArgumentException("Exchange [" + exchange + "] is not an instance of " + SecurityExchange.class.getName());
    }
}
