package org.wildfly.test.security.servlets;

import java.io.IOException;
import java.io.PrintWriter;
import java.security.Permission;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.jboss.as.test.integration.security.common.Utils;
import org.wildfly.security.auth.server.SecurityDomain;
import org.wildfly.security.auth.server.SecurityIdentity;
import org.wildfly.security.evidence.PasswordGuessEvidence;

@WebServlet({CheckIdentityPermissionServlet.SERVLET_PATH})
/* loaded from: input_file:org/wildfly/test/security/servlets/CheckIdentityPermissionServlet.class */
public class CheckIdentityPermissionServlet extends HttpServlet {
    private static final long serialVersionUID = 1;
    public static final String SERVLET_PATH = "/checkIdentityPermission";
    public static final String PARAM_USER = "user";
    public static final String PARAM_PASSWORD = "password";
    public static final String PARAM_CLASS = "class";
    public static final String PARAM_TARGET = "target";
    public static final String PARAM_ACTION = "action";

    protected void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        doGet(httpServletRequest, httpServletResponse);
    }

    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        SecurityIdentity currentSecurityIdentity;
        httpServletResponse.setContentType("text/plain");
        httpServletResponse.setCharacterEncoding(Utils.UTF_8);
        String parameter = httpServletRequest.getParameter(PARAM_USER);
        if (parameter != null) {
            try {
                currentSecurityIdentity = SecurityDomain.getCurrent().authenticate(parameter, new PasswordGuessEvidence(httpServletRequest.getParameter(PARAM_PASSWORD).toCharArray()));
            } catch (Exception e) {
                e.printStackTrace();
                httpServletResponse.sendError(403, e.getMessage());
                return;
            }
        } else {
            currentSecurityIdentity = SecurityDomain.getCurrent().getCurrentSecurityIdentity();
        }
        String parameter2 = httpServletRequest.getParameter(PARAM_CLASS);
        if (parameter2 == null) {
            httpServletResponse.sendError(400, "Parameter class has to be provided");
            return;
        }
        String parameter3 = httpServletRequest.getParameter(PARAM_TARGET);
        String parameter4 = httpServletRequest.getParameter(PARAM_ACTION);
        try {
            Permission permission = parameter3 == null ? (Permission) Class.forName(parameter2).newInstance() : parameter4 == null ? (Permission) Class.forName(parameter2).getConstructor(String.class).newInstance(parameter3) : (Permission) Class.forName(parameter2).getConstructor(String.class, String.class).newInstance(parameter3, parameter4);
            PrintWriter writer = httpServletResponse.getWriter();
            writer.print(currentSecurityIdentity.implies(permission));
            writer.close();
        } catch (Exception e2) {
            throw new ServletException("Unable to create permission instance", e2);
        }
    }
}
