package org.uberfire.security.server.authz.cdi;

import java.lang.annotation.Annotation;
import java.lang.reflect.Method;
import java.util.ArrayList;
import java.util.Collection;
import java.util.List;
import javax.enterprise.context.SessionScoped;
import javax.inject.Inject;
import javax.interceptor.AroundInvoke;
import javax.interceptor.InvocationContext;
import org.uberfire.security.Subject;
import org.uberfire.security.annotations.RolesType;
import org.uberfire.security.annotations.SecurityTrait;
import org.uberfire.security.authz.AuthorizationException;
import org.uberfire.security.authz.AuthorizationManager;
import org.uberfire.security.authz.RuntimeResource;
import org.uberfire.security.server.cdi.AppResourcesAuthz;

/* loaded from: input_file:WEB-INF/lib/uberfire-security-server-0.4.0.Beta2.jar:org/uberfire/security/server/authz/cdi/AbstractSecurityInterceptor.class */
public abstract class AbstractSecurityInterceptor {

    @Inject
    @AppResourcesAuthz
    private AuthorizationManager authzManager;

    @Inject
    @SessionScoped
    private Subject subject;

    @AroundInvoke
    public Object interceptInvoke(InvocationContext invocationContext) throws Exception {
        final Method method = invocationContext.getMethod();
        if (this.authzManager.authorize(new RuntimeResource() { // from class: org.uberfire.security.server.authz.cdi.AbstractSecurityInterceptor.1
            List<String> roles = null;
            List<String> traits = null;

            @Override // org.uberfire.security.authz.RuntimeResource
            public String getSignatureId() {
                return method.toString();
            }

            @Override // org.uberfire.security.authz.RuntimeResource
            public Collection<String> getRoles() {
                if (this.roles == null) {
                    build();
                }
                return this.roles;
            }

            @Override // org.uberfire.security.authz.RuntimeResource
            public Collection<String> getTraits() {
                if (this.traits == null) {
                    build();
                }
                return this.traits;
            }

            private synchronized void build() {
                this.roles = new ArrayList();
                this.traits = new ArrayList();
                ArrayList<Annotation[]> arrayList = new ArrayList(2);
                arrayList.add(method.getAnnotations());
                arrayList.add(method.getDeclaringClass().getAnnotations());
                for (Annotation[] annotationArr : arrayList) {
                    for (Annotation annotation : annotationArr) {
                        if (annotation.annotationType().getAnnotation(RolesType.class) != null) {
                            Method[] declaredMethods = annotation.getClass().getDeclaredMethods();
                            int length = declaredMethods.length;
                            int i = 0;
                            while (true) {
                                if (i < length) {
                                    Method method2 = declaredMethods[i];
                                    if (method2.getName().intern().equals("value")) {
                                        try {
                                            if (method2.getReturnType().isArray()) {
                                                for (Object obj : (Object[]) method2.invoke(annotation, new Object[0])) {
                                                    this.roles.add(obj.toString());
                                                }
                                            } else {
                                                this.roles.add(method2.invoke(annotation, new Object[0]).toString());
                                            }
                                        } catch (Exception e) {
                                        }
                                    } else {
                                        i++;
                                    }
                                }
                            }
                        } else if (annotation.annotationType().getAnnotation(SecurityTrait.class) != null) {
                            this.traits.add(annotation.annotationType().getName());
                        }
                    }
                }
            }
        }, this.subject)) {
            return invocationContext.proceed();
        }
        throw new AuthorizationException("Invalid credentials.");
    }
}
