package org.jboss.security.authorization.modules.web;

import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.net.URI;
import java.security.Principal;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import org.jboss.as.cli.Util;
import org.jboss.security.PicketBoxLogger;
import org.jboss.security.PicketBoxMessages;
import org.jboss.security.authorization.XACMLConstants;
import org.jboss.security.authorization.util.JBossXACMLUtil;
import org.jboss.security.identity.Role;
import org.jboss.security.identity.RoleGroup;
import org.jboss.security.xacml.core.model.context.ActionType;
import org.jboss.security.xacml.core.model.context.EnvironmentType;
import org.jboss.security.xacml.core.model.context.RequestType;
import org.jboss.security.xacml.core.model.context.ResourceType;
import org.jboss.security.xacml.core.model.context.SubjectType;
import org.jboss.security.xacml.factories.RequestAttributeFactory;
import org.jboss.security.xacml.factories.RequestResponseContextFactory;
import org.jboss.security.xacml.interfaces.RequestContext;

/* loaded from: input_file:org/jboss/security/authorization/modules/web/WebXACMLUtil.class */
public class WebXACMLUtil extends JBossXACMLUtil {
    public RequestContext createXACMLRequest(HttpServletRequest httpServletRequest, RoleGroup roleGroup) throws Exception {
        if (httpServletRequest == null) {
            throw PicketBoxMessages.MESSAGES.invalidNullArgument("request");
        }
        if (roleGroup == null) {
            throw PicketBoxMessages.MESSAGES.invalidNullArgument("callerRoles");
        }
        String str = "GET".equals(httpServletRequest.getMethod()) ? Util.READ : Util.WRITE;
        Principal userPrincipal = httpServletRequest.getUserPrincipal();
        RequestContext createRequestCtx = RequestResponseContextFactory.createRequestCtx();
        SubjectType subjectType = new SubjectType();
        subjectType.getAttribute().add(RequestAttributeFactory.createStringAttributeType(XACMLConstants.SUBJECT_IDENTIFIER, "jboss.org", userPrincipal.getName()));
        List<Role> roles = roleGroup.getRoles();
        if (roles != null) {
            Iterator<Role> it = roles.iterator();
            while (it.hasNext()) {
                subjectType.getAttribute().add(RequestAttributeFactory.createStringAttributeType(XACMLConstants.SUBJECT_ROLE_IDENTIFIER, "jboss.org", it.next().getRoleName()));
            }
        }
        ResourceType resourceType = new ResourceType();
        resourceType.getAttribute().add(RequestAttributeFactory.createAnyURIAttributeType(XACMLConstants.RESOURCE_IDENTIFIER, (String) null, new URI(httpServletRequest.getRequestURI())));
        ActionType actionType = new ActionType();
        actionType.getAttribute().add(RequestAttributeFactory.createStringAttributeType(XACMLConstants.ACTION_IDENTIFIER, "jboss.org", str));
        Enumeration parameterNames = httpServletRequest.getParameterNames();
        while (parameterNames.hasMoreElements()) {
            String str2 = (String) parameterNames.nextElement();
            actionType.getAttribute().add(RequestAttributeFactory.createStringAttributeType(new URI(XACMLConstants.JBOSS_RESOURCE_PARAM_IDENTIFIER + str2).toASCIIString(), "jboss.org", httpServletRequest.getParameter(str2)));
        }
        EnvironmentType environmentType = new EnvironmentType();
        environmentType.getAttribute().add(RequestAttributeFactory.createDateTimeAttributeType(XACMLConstants.CURRENT_TIME_IDENTIFIER, (String) null));
        RequestType requestType = new RequestType();
        requestType.getSubject().add(subjectType);
        requestType.getResource().add(resourceType);
        requestType.setAction(actionType);
        requestType.setEnvironment(environmentType);
        createRequestCtx.setRequest(requestType);
        if (PicketBoxLogger.LOGGER.isDebugEnabled()) {
            ByteArrayOutputStream byteArrayOutputStream = null;
            try {
                byteArrayOutputStream = new ByteArrayOutputStream();
                createRequestCtx.marshall(byteArrayOutputStream);
                PicketBoxLogger.LOGGER.debug(new String(byteArrayOutputStream.toByteArray()));
                safeClose(byteArrayOutputStream);
            } catch (IOException e) {
                safeClose(byteArrayOutputStream);
            } catch (Throwable th) {
                safeClose(byteArrayOutputStream);
                throw th;
            }
        }
        return createRequestCtx;
    }

    private void safeClose(OutputStream outputStream) {
        if (outputStream != null) {
            try {
                outputStream.close();
            } catch (Exception e) {
            }
        }
    }
}
