package org.jboss.security.authorization.modules.web;

import com.sun.xacml.Indenter;
import com.sun.xacml.attr.AnyURIAttribute;
import com.sun.xacml.attr.DateTimeAttribute;
import com.sun.xacml.attr.StringAttribute;
import com.sun.xacml.attr.TimeAttribute;
import com.sun.xacml.ctx.Attribute;
import com.sun.xacml.ctx.RequestCtx;
import com.sun.xacml.ctx.Subject;
import java.io.ByteArrayOutputStream;
import java.net.URI;
import java.security.Principal;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import javax.servlet.http.HttpServletRequest;
import org.jboss.logging.Logger;
import org.jboss.security.AuthorizationManager;
import org.jboss.security.SimplePrincipal;
import org.jboss.security.authorization.XACMLConstants;

/* loaded from: input_file:org/jboss/security/authorization/modules/web/WebXACMLUtil.class */
public class WebXACMLUtil {
    private static Logger log = Logger.getLogger(WebXACMLUtil.class);
    private boolean trace = log.isTraceEnabled();

    public RequestCtx createXACMLRequest(HttpServletRequest httpServletRequest, AuthorizationManager authorizationManager, Set<Principal> set) throws Exception {
        if (httpServletRequest == null) {
            throw new IllegalArgumentException("Http Request is null");
        }
        if (authorizationManager == null) {
            throw new IllegalArgumentException("Authorization Manager is null");
        }
        String str = "GET".equals(httpServletRequest.getMethod()) ? "read" : "write";
        Attribute attribute = new Attribute(new URI(XACMLConstants.SUBJECT_IDENTIFIER), (String) null, (DateTimeAttribute) null, new StringAttribute(httpServletRequest.getUserPrincipal().getName()));
        HashSet hashSet = new HashSet();
        hashSet.add(attribute);
        hashSet.addAll(getXACMLRoleSet(set));
        HashSet hashSet2 = new HashSet();
        hashSet2.add(new Subject(hashSet));
        Attribute attribute2 = new Attribute(new URI(XACMLConstants.RESOURCE_IDENTIFIER), (String) null, (DateTimeAttribute) null, new AnyURIAttribute(new URI(httpServletRequest.getRequestURI())));
        HashSet hashSet3 = new HashSet();
        hashSet3.add(attribute2);
        HashSet hashSet4 = new HashSet();
        hashSet4.add(new Attribute(new URI(XACMLConstants.ACTION_IDENTIFIER), (String) null, (DateTimeAttribute) null, new StringAttribute(str)));
        Enumeration parameterNames = httpServletRequest.getParameterNames();
        while (parameterNames.hasMoreElements()) {
            String str2 = (String) parameterNames.nextElement();
            hashSet4.add(new Attribute(new URI(XACMLConstants.JBOSS_RESOURCE_PARAM_IDENTIFIER + str2), (String) null, (DateTimeAttribute) null, new StringAttribute(httpServletRequest.getParameter(str2))));
        }
        HashSet hashSet5 = new HashSet();
        hashSet5.add(new Attribute(new URI(XACMLConstants.CURRENT_TIME_IDENTIFIER), (String) null, (DateTimeAttribute) null, new TimeAttribute()));
        RequestCtx requestCtx = new RequestCtx(hashSet2, hashSet3, hashSet4, hashSet5);
        if (this.trace) {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            requestCtx.encode(byteArrayOutputStream, new Indenter());
            log.trace("XACML Request:" + byteArrayOutputStream.toString());
            byteArrayOutputStream.close();
        }
        return requestCtx;
    }

    private Set<Attribute> getXACMLRoleSet(Set<Principal> set) throws Exception {
        URI uri = new URI(XACMLConstants.SUBJECT_ROLE_IDENTIFIER);
        HashSet hashSet = new HashSet();
        Iterator<Principal> it = set != null ? set.iterator() : null;
        while (it != null && it.hasNext()) {
            Principal next = it.next();
            if (next instanceof SimplePrincipal) {
                hashSet.add(new Attribute(uri, (String) null, (DateTimeAttribute) null, new StringAttribute(((SimplePrincipal) next).getName())));
            }
        }
        return hashSet;
    }
}
