package org.jboss.resteasy.core;

import javax.annotation.security.DenyAll;
import javax.annotation.security.PermitAll;
import javax.annotation.security.RolesAllowed;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.SecurityContext;
import org.jboss.resteasy.core.interception.ResourceMethodContext;
import org.jboss.resteasy.core.interception.ResourceMethodInterceptor;
import org.jboss.resteasy.spi.ApplicationException;
import org.jboss.resteasy.spi.Failure;
import org.jboss.resteasy.spi.ResteasyProviderFactory;

/* loaded from: input_file:jbpm-4.0/lib/gwt-console-server.war:WEB-INF/lib/resteasy-jaxrs-1.0.2.GA.jar:org/jboss/resteasy/core/ResourceMethodSecurityInterceptor.class */
public class ResourceMethodSecurityInterceptor implements ResourceMethodInterceptor {
    protected String[] rolesAllowed;
    protected boolean denyAll;

    @Override // org.jboss.resteasy.core.interception.ResourceMethodInterceptor
    public boolean accepted(ResourceMethod resourceMethod) {
        RolesAllowed rolesAllowed = (RolesAllowed) resourceMethod.getResourceClass().getAnnotation(RolesAllowed.class);
        RolesAllowed rolesAllowed2 = (RolesAllowed) resourceMethod.getMethod().getAnnotation(RolesAllowed.class);
        if (rolesAllowed2 != null) {
            rolesAllowed = rolesAllowed2;
        }
        if (rolesAllowed != null) {
            this.rolesAllowed = rolesAllowed.value();
        }
        this.denyAll = !(!resourceMethod.getResourceClass().isAnnotationPresent(DenyAll.class) || resourceMethod.getMethod().isAnnotationPresent(RolesAllowed.class) || resourceMethod.getMethod().isAnnotationPresent(PermitAll.class)) || resourceMethod.getMethod().isAnnotationPresent(DenyAll.class);
        return this.rolesAllowed != null || this.denyAll;
    }

    @Override // org.jboss.resteasy.core.interception.ResourceMethodInterceptor
    public Response invoke(ResourceMethodContext resourceMethodContext) throws Failure, ApplicationException, WebApplicationException {
        SecurityContext securityContext;
        if (this.denyAll) {
            throw new Failure(401);
        }
        if (this.rolesAllowed == null || (securityContext = (SecurityContext) ResteasyProviderFactory.getContextData(SecurityContext.class)) == null) {
            return resourceMethodContext.proceed();
        }
        for (String str : this.rolesAllowed) {
            if (securityContext.isUserInRole(str)) {
                return resourceMethodContext.proceed();
            }
        }
        throw new Failure(401);
    }
}
