package org.jboss.security.authorization.modules.web;

import java.util.Map;
import javax.security.auth.Subject;
import javax.security.jacc.PolicyContext;
import javax.servlet.http.HttpServletRequest;
import org.jboss.logging.Logger;
import org.jboss.security.authorization.PolicyRegistration;
import org.jboss.security.authorization.Resource;
import org.jboss.security.authorization.ResourceKeys;
import org.jboss.security.authorization.modules.AuthorizationModuleDelegate;
import org.jboss.security.authorization.resources.WebResource;
import org.jboss.security.identity.RoleGroup;
import org.jboss.security.xacml.interfaces.RequestContext;

/* loaded from: input_file:jboss-eap/api-jars/picketbox-4.0.7.Final.jar:org/jboss/security/authorization/modules/web/WebXACMLPolicyModuleDelegate.class */
public class WebXACMLPolicyModuleDelegate extends AuthorizationModuleDelegate {
    private String policyContextID = null;

    public WebXACMLPolicyModuleDelegate() {
        log = Logger.getLogger(getClass());
        this.trace = log.isTraceEnabled();
    }

    @Override // org.jboss.security.authorization.modules.AuthorizationModuleDelegate
    public int authorize(Resource resource, Subject subject, RoleGroup roleGroup) {
        if (!(resource instanceof WebResource)) {
            throw new IllegalArgumentException("PB00016: Wrong Type:resource is not a WebResource");
        }
        WebResource webResource = (WebResource) resource;
        Map<String, Object> map = resource.getMap();
        if (map == null) {
            throw new IllegalStateException("PB00015: Null Value:Map from the Resource is null");
        }
        if (map.size() == 0) {
            throw new IllegalStateException("PB00017: Mismatch in size:Map from the Resource is size zero");
        }
        HttpServletRequest httpServletRequest = (HttpServletRequest) webResource.getServletRequest();
        this.policyRegistration = (PolicyRegistration) map.get(ResourceKeys.POLICY_REGISTRATION);
        if (this.policyRegistration == null) {
            throw new IllegalStateException("PB00015: Null Value:PolicyRegistration passed is null");
        }
        this.policyContextID = webResource.getPolicyContextID();
        Boolean checkBooleanValue = checkBooleanValue((Boolean) map.get(ResourceKeys.USERDATA_PERM_CHECK));
        Boolean checkBooleanValue2 = checkBooleanValue((Boolean) map.get(ResourceKeys.ROLEREF_PERM_CHECK));
        if (checkBooleanValue.booleanValue() || checkBooleanValue2.booleanValue()) {
            return 1;
        }
        if (httpServletRequest == null) {
            throw new IllegalStateException("PB00015: Null Value:Request is null");
        }
        return process(httpServletRequest, roleGroup);
    }

    private Boolean checkBooleanValue(Boolean bool) {
        return bool == null ? Boolean.FALSE : bool;
    }

    private int process(HttpServletRequest httpServletRequest, RoleGroup roleGroup) {
        int i;
        if (httpServletRequest.getUserPrincipal() == null) {
            throw new IllegalStateException("PB00015: Null Value:User Principal is null");
        }
        WebXACMLUtil webXACMLUtil = new WebXACMLUtil();
        try {
            RequestContext createXACMLRequest = webXACMLUtil.createXACMLRequest(httpServletRequest, roleGroup);
            if (this.policyContextID == null) {
                this.policyContextID = PolicyContext.getContextID();
            }
            i = webXACMLUtil.getPDP(this.policyRegistration, this.policyContextID).evaluate(createXACMLRequest).getDecision() == 0 ? 1 : -1;
        } catch (Exception e) {
            if (this.trace) {
                log.trace("Exception in processing:", e);
            }
            i = -1;
        }
        return i;
    }
}
