package org.jboss.security.authorization.modules.web;

import com.sun.xacml.Policy;
import com.sun.xacml.ctx.RequestCtx;
import java.security.Principal;
import java.util.Map;
import javax.security.jacc.PolicyContext;
import javax.servlet.http.HttpServletRequest;
import org.jboss.logging.Logger;
import org.jboss.security.AuthorizationManager;
import org.jboss.security.authorization.PolicyRegistration;
import org.jboss.security.authorization.Resource;
import org.jboss.security.authorization.ResourceKeys;
import org.jboss.security.authorization.modules.AuthorizationModuleDelegate;
import org.jboss.security.authorization.resources.WebResource;
import org.jboss.security.authorization.sunxacml.JBossXACMLUtil;

/* loaded from: input_file:org/jboss/security/authorization/modules/web/WebXACMLPolicyModuleDelegate.class */
public class WebXACMLPolicyModuleDelegate extends AuthorizationModuleDelegate {
    public WebXACMLPolicyModuleDelegate() {
        log = Logger.getLogger(getClass());
        this.trace = log.isTraceEnabled();
    }

    @Override // org.jboss.security.authorization.modules.AuthorizationModuleDelegate
    public int authorize(Resource resource) {
        if (!(resource instanceof WebResource)) {
            throw new IllegalArgumentException("resource is not a WebResource");
        }
        WebResource webResource = (WebResource) resource;
        Map<String, Object> map = resource.getMap();
        if (map == null) {
            throw new IllegalStateException("Map from the Resource is null");
        }
        if (map.size() == 0) {
            throw new IllegalStateException("Map from the Resource is size zero");
        }
        HttpServletRequest httpServletRequest = (HttpServletRequest) webResource.getServletRequest();
        AuthorizationManager authorizationManager = (AuthorizationManager) map.get(ResourceKeys.AUTHORIZATION_MANAGER);
        if (authorizationManager == null) {
            throw new IllegalStateException("Authorization Manager is null");
        }
        if (authorizationManager instanceof PolicyRegistration) {
            this.policyRegistration = (PolicyRegistration) authorizationManager;
        }
        Boolean checkBooleanValue = checkBooleanValue((Boolean) map.get(ResourceKeys.USERDATA_PERM_CHECK));
        Boolean checkBooleanValue2 = checkBooleanValue((Boolean) map.get(ResourceKeys.ROLEREF_PERM_CHECK));
        if (checkBooleanValue.booleanValue() || checkBooleanValue2.booleanValue()) {
            return 1;
        }
        if (httpServletRequest == null) {
            throw new IllegalStateException("Request is null");
        }
        return process(httpServletRequest, authorizationManager);
    }

    private Boolean checkBooleanValue(Boolean bool) {
        return bool == null ? Boolean.FALSE : bool;
    }

    private int process(HttpServletRequest httpServletRequest, AuthorizationManager authorizationManager) {
        int i;
        RequestCtx createXACMLRequest;
        String contextID;
        Policy policy;
        Principal userPrincipal = httpServletRequest.getUserPrincipal();
        if (userPrincipal == null) {
            throw new IllegalStateException("User Principal is null");
        }
        try {
            createXACMLRequest = new WebXACMLUtil().createXACMLRequest(httpServletRequest, authorizationManager, authorizationManager.getUserRoles(userPrincipal));
            contextID = PolicyContext.getContextID();
            policy = (Policy) this.policyRegistration.getPolicy(contextID, null);
        } catch (Exception e) {
            if (this.trace) {
                log.trace("Exception in processing:", e);
            }
            i = -1;
        }
        if (policy == null) {
            throw new IllegalStateException("Missing xacml policy for contextid:" + contextID);
        }
        i = JBossXACMLUtil.checkXACMLAuthorization(createXACMLRequest, policy);
        return i;
    }
}
