package org.apache.cxf.interceptor.security;

import java.security.Principal;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import javax.security.auth.Subject;
import org.apache.cxf.security.LoginSecurityContext;

/* loaded from: input_file:WEB-INF/lib/cxf-core-3.2.5-jbossorg-1.jar:org/apache/cxf/interceptor/security/RolePrefixSecurityContextImpl.class */
public class RolePrefixSecurityContextImpl implements LoginSecurityContext {
    private Principal p;
    private Set<Principal> roles;
    private Subject theSubject;

    public RolePrefixSecurityContextImpl(Subject subject, String str) {
        this(subject, str, JAASLoginInterceptor.ROLE_CLASSIFIER_PREFIX);
    }

    public RolePrefixSecurityContextImpl(Subject subject, String str, String str2) {
        this.p = findPrincipal(subject, str, str2);
        this.roles = findRoles(subject, str, str2);
        this.theSubject = subject;
    }

    @Override // org.apache.cxf.security.SecurityContext
    public Principal getUserPrincipal() {
        return this.p;
    }

    @Override // org.apache.cxf.security.SecurityContext
    public boolean isUserInRole(String str) {
        Iterator<Principal> it = this.roles.iterator();
        while (it.hasNext()) {
            if (it.next().getName().equals(str)) {
                return true;
            }
        }
        return false;
    }

    private static Principal findPrincipal(Subject subject, String str, String str2) {
        for (Principal principal : subject.getPrincipals()) {
            if (!isRole(principal, str, str2)) {
                return principal;
            }
        }
        return null;
    }

    private static Set<Principal> findRoles(Subject subject, String str, String str2) {
        HashSet hashSet = new HashSet();
        for (Principal principal : subject.getPrincipals()) {
            if (isRole(principal, str, str2)) {
                hashSet.add(principal);
            }
        }
        return Collections.unmodifiableSet(hashSet);
    }

    private static boolean isRole(Principal principal, String str, String str2) {
        return JAASLoginInterceptor.ROLE_CLASSIFIER_PREFIX.equals(str2) ? principal.getName().startsWith(str) : principal.getClass().getName().endsWith(str);
    }

    @Override // org.apache.cxf.security.LoginSecurityContext
    public Subject getSubject() {
        return this.theSubject;
    }

    @Override // org.apache.cxf.security.LoginSecurityContext
    public Set<Principal> getUserRoles() {
        return this.roles;
    }
}
