package org.uberfire.security.server;

import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.ServiceLoader;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.uberfire.commons.validation.PortablePreconditions;
import org.uberfire.commons.validation.Preconditions;
import org.uberfire.java.nio.fs.jgit.JGitFileSystemProvider;
import org.uberfire.security.ResourceManager;
import org.uberfire.security.SecurityContext;
import org.uberfire.security.SecurityManager;
import org.uberfire.security.Subject;
import org.uberfire.security.auth.AuthenticatedStorageProvider;
import org.uberfire.security.auth.AuthenticationException;
import org.uberfire.security.auth.AuthenticationManager;
import org.uberfire.security.auth.AuthenticationProvider;
import org.uberfire.security.auth.AuthenticationScheme;
import org.uberfire.security.auth.AuthenticationSource;
import org.uberfire.security.auth.RoleProvider;
import org.uberfire.security.auth.SubjectPropertiesProvider;
import org.uberfire.security.authz.AuthorizationManager;
import org.uberfire.security.authz.ResourceDecisionManager;
import org.uberfire.security.authz.RoleDecisionManager;
import org.uberfire.security.authz.VotingStrategy;
import org.uberfire.security.impl.authz.DefaultAuthorizationManager;
import org.uberfire.security.impl.authz.DefaultRoleDecisionManager;
import org.uberfire.security.server.auth.DefaultAuthenticationProvider;
import org.uberfire.security.server.auth.HttpAuthenticationManager;
import org.uberfire.security.server.auth.RememberMeCookieAuthProvider;
import org.uberfire.security.server.authz.URLAccessDecisionManager;

/* loaded from: input_file:WEB-INF/lib/uberfire-security-server-0.3.0.Final.jar:org/uberfire/security/server/HttpSecurityManagerImpl.class */
public class HttpSecurityManagerImpl implements SecurityManager {
    private AuthenticationManager authManager;
    private List<AuthorizationManager> authzManagers;

    /* loaded from: input_file:WEB-INF/lib/uberfire-security-server-0.3.0.Final.jar:org/uberfire/security/server/HttpSecurityManagerImpl$HttpSecurityManagerBuilder.class */
    public static class HttpSecurityManagerBuilder {
        private AuthenticationManager authManager = null;
        private RoleDecisionManager roleDecisionManager = null;
        private VotingStrategy votingStrategy = null;
        private ResourceManager resourceManager = null;
        private String forceURL = null;
        private List<AuthorizationManager> authzManagers = new ArrayList();
        private List<AuthenticationScheme> authSchemes = new ArrayList();
        private List<AuthenticationProvider> authProviders = new ArrayList();
        private List<RoleProvider> roleProviders = new ArrayList();
        private List<SubjectPropertiesProvider> subjectPropertiesProviders = new ArrayList();
        private List<AuthenticatedStorageProvider> authStorageProviders = new ArrayList();
        private List<ResourceDecisionManager> accessDecisionManagers = new ArrayList();

        /* JADX INFO: Access modifiers changed from: package-private */
        public HttpSecurityManagerImpl build(Map<String, String> map) {
            if (this.authProviders != null && !this.authProviders.isEmpty()) {
                Iterator<AuthenticationProvider> it = this.authProviders.iterator();
                while (it.hasNext()) {
                    it.next().initialize(map);
                }
            }
            return new HttpSecurityManagerImpl(this.authManager, this.authSchemes, this.forceURL, this.authProviders, this.roleProviders, this.subjectPropertiesProviders, this.authStorageProviders, this.authzManagers, this.resourceManager, this.accessDecisionManagers, this.votingStrategy, this.roleDecisionManager);
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public HttpSecurityManagerBuilder addAuthScheme(AuthenticationScheme authenticationScheme) {
            if (authenticationScheme != null) {
                this.authSchemes.add(authenticationScheme);
            }
            return this;
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public HttpSecurityManagerBuilder addAuthManager(AuthenticationManager authenticationManager) {
            this.authManager = authenticationManager;
            return this;
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public HttpSecurityManagerBuilder addAuthProvider(AuthenticationProvider authenticationProvider) {
            if (authenticationProvider != null) {
                this.authProviders.add(authenticationProvider);
            }
            return this;
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public HttpSecurityManagerBuilder addResourceManager(ResourceManager resourceManager) {
            this.resourceManager = resourceManager;
            return this;
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public HttpSecurityManagerBuilder addAccessDecisionManager(ResourceDecisionManager resourceDecisionManager) {
            if (resourceDecisionManager != null) {
                this.accessDecisionManagers.add(resourceDecisionManager);
            }
            return this;
        }

        public HttpSecurityManagerBuilder addRoleProvider(RoleProvider roleProvider) {
            if (roleProvider != null) {
                this.roleProviders.add(roleProvider);
            }
            return this;
        }

        public HttpSecurityManagerBuilder addSubjectPropertiesProvider(SubjectPropertiesProvider subjectPropertiesProvider) {
            if (subjectPropertiesProvider != null) {
                this.subjectPropertiesProviders.add(subjectPropertiesProvider);
            }
            return this;
        }

        public HttpSecurityManagerBuilder addAuthenticatedStorageProvider(AuthenticatedStorageProvider authenticatedStorageProvider) {
            if (authenticatedStorageProvider != null) {
                this.authStorageProviders.add(authenticatedStorageProvider);
            }
            return this;
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public HttpSecurityManagerBuilder addAuthzManager(AuthorizationManager authorizationManager) {
            if (authorizationManager != null) {
                this.authzManagers.add(authorizationManager);
            }
            return this;
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public HttpSecurityManagerBuilder addVotingStrategy(VotingStrategy votingStrategy) {
            this.votingStrategy = votingStrategy;
            return this;
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public HttpSecurityManagerBuilder loadAvailableAuthenticationSources() {
            ServiceLoader load = ServiceLoader.load(AuthenticationSource.class);
            if (load != null) {
                Iterator it = load.iterator();
                while (it.hasNext()) {
                    AuthenticationSource authenticationSource = (AuthenticationSource) it.next();
                    this.authProviders.add(new DefaultAuthenticationProvider(authenticationSource));
                    if (authenticationSource instanceof RoleProvider) {
                        this.roleProviders.add((RoleProvider) authenticationSource);
                    }
                }
            }
            this.authProviders.add(new RememberMeCookieAuthProvider());
            return this;
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public HttpSecurityManagerBuilder addRoleDecisionManager(RoleDecisionManager roleDecisionManager) {
            this.roleDecisionManager = roleDecisionManager;
            return this;
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public HttpSecurityManagerBuilder addForceURL(String str) {
            this.forceURL = str;
            return this;
        }
    }

    private HttpSecurityManagerImpl(AuthenticationManager authenticationManager, List<AuthenticationScheme> list, String str, List<AuthenticationProvider> list2, List<RoleProvider> list3, List<SubjectPropertiesProvider> list4, List<AuthenticatedStorageProvider> list5, List<AuthorizationManager> list6, ResourceManager resourceManager, Collection<ResourceDecisionManager> collection, VotingStrategy votingStrategy, RoleDecisionManager roleDecisionManager) {
        this.authzManagers = new ArrayList();
        if (authenticationManager == null) {
            this.authManager = new HttpAuthenticationManager(list, str, list2, list3, list4, list5, resourceManager);
        } else {
            this.authManager = authenticationManager;
            try {
                this.authManager.getClass().getMethod("addSchemes", Collection.class).invoke(this.authManager, list);
            } catch (Exception e) {
            }
            try {
                this.authManager.getClass().getMethod("addRoleProviders", Collection.class).invoke(this.authManager, list3);
            } catch (Exception e2) {
            }
            try {
                this.authManager.getClass().getMethod("addSubjectPropertiesProviders", Collection.class).invoke(this.authManager, list4);
            } catch (Exception e3) {
            }
            try {
                this.authManager.getClass().getMethod("addStorageProviders", Collection.class).invoke(this.authManager, list5);
            } catch (Exception e4) {
            }
            try {
                this.authManager.getClass().getMethod("setResourceManager", ResourceManager.class).invoke(this.authManager, resourceManager);
            } catch (Exception e5) {
            }
            if (list2 != null && list2.size() > 0) {
                try {
                    this.authManager.getClass().getMethod("addProviders", Collection.class).invoke(this.authManager, list2);
                } catch (Exception e6) {
                }
            }
            try {
                this.authManager.getClass().getMethod(JGitFileSystemProvider.INIT, new Class[0]).invoke(this.authManager, new Object[0]);
            } catch (Exception e7) {
            }
        }
        RoleDecisionManager defaultRoleDecisionManager = roleDecisionManager != null ? roleDecisionManager : new DefaultRoleDecisionManager();
        if (collection == null || collection.isEmpty()) {
            URLResourceManager uRLResourceManager = resourceManager instanceof URLResourceManager ? (URLResourceManager) resourceManager : null;
            if (uRLResourceManager == null) {
                throw new IllegalStateException("Can't find URLResourceManager.");
            }
            collection.add(new URLAccessDecisionManager(uRLResourceManager));
        }
        if (list6 == null || list6.isEmpty()) {
            this.authzManagers.add(new DefaultAuthorizationManager(collection, resourceManager, votingStrategy, defaultRoleDecisionManager));
            return;
        }
        for (AuthorizationManager authorizationManager : list6) {
            try {
                authorizationManager.getClass().getMethod("addDecisionManagers", Collection.class).invoke(authorizationManager, collection);
            } catch (Exception e8) {
            }
            try {
                authorizationManager.getClass().getMethod("setResourceManager", ResourceManager.class).invoke(authorizationManager, resourceManager);
            } catch (Exception e9) {
            }
            try {
                authorizationManager.getClass().getMethod("setVotingStrategy", VotingStrategy.class).invoke(authorizationManager, votingStrategy);
            } catch (Exception e10) {
            }
            try {
                authorizationManager.getClass().getMethod(JGitFileSystemProvider.INIT, new Class[0]).invoke(authorizationManager, new Object[0]);
            } catch (Exception e11) {
            }
            this.authzManagers.add(authorizationManager);
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v30, types: [java.util.List] */
    @Override // org.uberfire.security.SecurityManager
    public SecurityContext newSecurityContext(Object... objArr) {
        PortablePreconditions.checkNotEmpty("params", objArr);
        PortablePreconditions.checkCondition("at least two params should be provided", objArr.length >= 2);
        HttpServletRequest httpServletRequest = null;
        HttpServletResponse httpServletResponse = null;
        ArrayList emptyList = objArr.length == 2 ? Collections.emptyList() : new ArrayList(objArr.length - 2);
        for (Object obj : objArr) {
            if (obj instanceof HttpServletRequest) {
                httpServletRequest = (HttpServletRequest) obj;
            } else if (obj instanceof HttpServletResponse) {
                httpServletResponse = (HttpServletResponse) obj;
            } else {
                emptyList.add(obj);
            }
        }
        PortablePreconditions.checkNotNull("param.http.request", httpServletRequest);
        PortablePreconditions.checkNotNull("param.http.response", httpServletResponse);
        return new HttpSecurityContext(httpServletRequest, httpServletResponse, emptyList.toArray(new Object[emptyList.size()]));
    }

    @Override // org.uberfire.security.SecurityManager
    public void logout(SecurityContext securityContext) {
        this.authManager.logout(securityContext);
    }

    @Override // org.uberfire.security.SecurityManager
    public Subject authenticate(SecurityContext securityContext) throws AuthenticationException {
        HttpSecurityContext httpSecurityContext = (HttpSecurityContext) Preconditions.checkInstanceOf("context", securityContext, HttpSecurityContext.class);
        try {
            Subject authenticate = this.authManager.authenticate(httpSecurityContext);
            httpSecurityContext.setCurrentSubject(authenticate);
            return authenticate;
        } catch (Exception e) {
            throw new AuthenticationException("Validation fails.", e);
        }
    }

    @Override // org.uberfire.security.SecurityManager
    public boolean authorize(SecurityContext securityContext) {
        HttpSecurityContext httpSecurityContext = (HttpSecurityContext) Preconditions.checkInstanceOf("context", securityContext, HttpSecurityContext.class);
        for (AuthorizationManager authorizationManager : this.authzManagers) {
            if (authorizationManager.supports(httpSecurityContext.getResource())) {
                return authorizationManager.authorize(httpSecurityContext.getResource(), httpSecurityContext.getCurrentSubject());
            }
        }
        return false;
    }

    @Override // org.uberfire.security.SecurityManager
    public void dispose() {
    }

    @Override // org.uberfire.security.SecurityManager
    public void start() {
    }

    public static HttpSecurityManagerBuilder newBuilder() {
        return new HttpSecurityManagerBuilder();
    }
}
