package org.jboss.as.ejb3.security;

import java.lang.reflect.Method;
import java.util.Set;
import javax.ejb.EJBAccessException;
import org.jboss.as.ee.component.Component;
import org.jboss.as.ee.component.ComponentViewInstance;
import org.jboss.as.ejb3.component.EJBComponent;
import org.jboss.invocation.Interceptor;
import org.jboss.invocation.InterceptorContext;
import org.jboss.logging.Logger;

/* loaded from: input_file:org/jboss/as/ejb3/security/AuthorizationInterceptor.class */
public class AuthorizationInterceptor implements Interceptor {
    private static final Logger logger = Logger.getLogger(AuthorizationInterceptor.class);
    private final EJBMethodSecurityMetaData ejbMethodSecurityMetaData;
    private final String viewClassName;
    private final Method viewMethod;

    public AuthorizationInterceptor(EJBMethodSecurityMetaData eJBMethodSecurityMetaData, String str, Method method) {
        if (eJBMethodSecurityMetaData == null) {
            throw new IllegalArgumentException("EJB method security metadata cannot be null");
        }
        if (str == null || str.trim().isEmpty()) {
            throw new IllegalArgumentException("View classname cannot be null or empty");
        }
        if (method == null) {
            throw new IllegalArgumentException("View method cannot be null");
        }
        this.ejbMethodSecurityMetaData = eJBMethodSecurityMetaData;
        this.viewClassName = str;
        this.viewMethod = method;
    }

    public Object processInvocation(InterceptorContext interceptorContext) throws Exception {
        EJBComponent eJBComponent = (Component) interceptorContext.getPrivateData(Component.class);
        if (!(eJBComponent instanceof EJBComponent)) {
            throw new IllegalStateException("Unexpected component type: " + eJBComponent.getClass() + " expected: " + EJBComponent.class);
        }
        Method method = interceptorContext.getMethod();
        String name = ((ComponentViewInstance) interceptorContext.getPrivateData(ComponentViewInstance.class)).getViewClass().getName();
        if (!this.viewClassName.equals(name) || !this.viewMethod.equals(method)) {
            throw new IllegalStateException(getClass().getName() + " cannot handle method " + method + " of view class " + name + ".Expected view method to be " + this.viewMethod + " on view class " + this.viewClassName);
        }
        EJBComponent eJBComponent2 = eJBComponent;
        if (this.ejbMethodSecurityMetaData.isAccessDenied()) {
            throw new EJBAccessException("Invocation on method: " + method + " of bean: " + eJBComponent2.getComponentName() + " is not allowed");
        }
        if (!this.ejbMethodSecurityMetaData.isPermitAll()) {
            Set<String> rolesAllowed = this.ejbMethodSecurityMetaData.getRolesAllowed();
            if (!rolesAllowed.isEmpty() && !eJBComponent2.getSecurityManager().isCallerInRole((String[]) rolesAllowed.toArray(new String[rolesAllowed.size()]))) {
                throw new EJBAccessException("Invocation on method: " + method + " of bean: " + eJBComponent2.getComponentName() + " is not allowed");
            }
        }
        return interceptorContext.proceed();
    }
}
