package org.jboss.security.authorization.modules.ejb;

import com.sun.xacml.Policy;
import com.sun.xacml.ctx.RequestCtx;
import java.lang.reflect.Method;
import java.security.Principal;
import java.util.Map;
import javax.security.jacc.PolicyContext;
import org.jboss.logging.Logger;
import org.jboss.security.AuthorizationManager;
import org.jboss.security.authorization.PolicyRegistration;
import org.jboss.security.authorization.Resource;
import org.jboss.security.authorization.modules.AuthorizationModuleDelegate;
import org.jboss.security.authorization.resources.EJBResource;
import org.jboss.security.authorization.sunxacml.JBossXACMLUtil;

/* loaded from: input_file:org/jboss/security/authorization/modules/ejb/EJBXACMLPolicyModuleDelegate.class */
public class EJBXACMLPolicyModuleDelegate extends AuthorizationModuleDelegate {
    private String ejbName = null;
    private Method ejbMethod = null;
    private Principal principal = null;

    public EJBXACMLPolicyModuleDelegate() {
        log = Logger.getLogger(getClass());
        this.trace = log.isTraceEnabled();
    }

    @Override // org.jboss.security.authorization.modules.AuthorizationModuleDelegate
    public int authorize(Resource resource) {
        if (!(resource instanceof EJBResource)) {
            throw new IllegalArgumentException("resource is not an EJBResource");
        }
        EJBResource eJBResource = (EJBResource) resource;
        Map map = resource.getMap();
        if (map == null) {
            throw new IllegalStateException("Map from the Resource is null");
        }
        PolicyRegistration policyRegistration = (AuthorizationManager) map.get("authorizationManager");
        if (policyRegistration == null) {
            throw new IllegalStateException("Authorization Manager is null");
        }
        if (policyRegistration instanceof PolicyRegistration) {
            this.policyRegistration = policyRegistration;
        }
        this.ejbName = eJBResource.getEjbName();
        this.ejbMethod = eJBResource.getEjbMethod();
        this.principal = eJBResource.getPrincipal();
        if (checkBooleanValue((Boolean) map.get("roleRefPermissionCheck")).booleanValue()) {
            throw new IllegalStateException("SECURIY-50:Role Ref checks not implemented");
        }
        return process(policyRegistration);
    }

    private int process(AuthorizationManager authorizationManager) {
        int i;
        RequestCtx createXACMLRequest;
        String contextID;
        try {
            createXACMLRequest = new EJBXACMLUtil().createXACMLRequest(this.ejbName, this.ejbMethod.getName(), this.principal, authorizationManager.getUserRoles(this.principal));
            contextID = PolicyContext.getContextID();
        } catch (Exception e) {
            if (this.trace) {
                log.trace("Exception in processing:", e);
            }
            i = -1;
        }
        if (contextID == null) {
            throw new IllegalStateException("Context ID is null");
        }
        Policy policy = (Policy) this.policyRegistration.getPolicy(contextID, (Map) null);
        if (policy != null) {
            i = JBossXACMLUtil.checkXACMLAuthorization(createXACMLRequest, policy);
            return i;
        }
        if (this.trace) {
            log.trace("Policy obtained is null for contextID:" + contextID);
        }
        throw new IllegalStateException("Missing xacml policy for contextid:" + contextID);
    }

    private Boolean checkBooleanValue(Boolean bool) {
        return bool == null ? Boolean.FALSE : bool;
    }
}
