package org.switchyard.security.karaf.provider;

import java.security.Principal;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.Set;
import javax.security.auth.Subject;
import org.apache.karaf.jaas.boot.ProxyLoginModule;
import org.switchyard.ServiceSecurity;
import org.switchyard.security.context.SecurityContext;
import org.switchyard.security.principal.GroupPrincipal;
import org.switchyard.security.provider.DefaultSecurityProvider;

/* loaded from: input_file:org/switchyard/security/karaf/provider/KarafSecurityProvider.class */
public class KarafSecurityProvider extends DefaultSecurityProvider {
    public void populate(ServiceSecurity serviceSecurity, SecurityContext securityContext) {
        super.populate(serviceSecurity, securityContext);
    }

    public void clear(ServiceSecurity serviceSecurity, SecurityContext securityContext) {
        super.clear(serviceSecurity, securityContext);
    }

    public boolean checkRolesAllowed(ServiceSecurity serviceSecurity, SecurityContext securityContext) {
        Set rolesAllowed = serviceSecurity.getRolesAllowed();
        if (rolesAllowed.isEmpty()) {
            return true;
        }
        String securityDomain = serviceSecurity.getSecurityDomain();
        Iterator it = rolesAllowed.iterator();
        while (it.hasNext()) {
            if (isCallerInRole(securityContext, (String) it.next(), securityDomain)) {
                return true;
            }
        }
        return false;
    }

    public boolean isCallerInRole(SecurityContext securityContext, String str, String str2) {
        Subject subject = securityContext.getSubject(str2, false);
        if (subject == null) {
            return false;
        }
        Iterator<Principal> it = subject.getPrincipals().iterator();
        while (it.hasNext()) {
            GroupPrincipal groupPrincipal = (Principal) it.next();
            if (groupPrincipal instanceof org.apache.karaf.jaas.boot.principal.GroupPrincipal) {
                if (groupPrincipal.getName().equalsIgnoreCase(str)) {
                    return true;
                }
            } else if (groupPrincipal instanceof GroupPrincipal) {
                Enumeration members = groupPrincipal.members();
                while (members.hasMoreElements()) {
                    if (((Principal) members.nextElement()).getName().equals(str)) {
                        return true;
                    }
                }
            } else {
                continue;
            }
        }
        return false;
    }

    static {
        new ProxyLoginModule();
    }
}
