package io.undertow.servlet.handlers.security;

import io.undertow.server.HttpHandler;
import io.undertow.server.HttpServerExchange;
import io.undertow.servlet.api.AuthorizationManager;
import io.undertow.servlet.handlers.ServletRequestContext;
import javax.servlet.DispatcherType;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:BOOT-INF/lib/undertow-servlet-1.4.18.SP7-redhat-1.jar:io/undertow/servlet/handlers/security/ServletSecurityRoleHandler.class */
public class ServletSecurityRoleHandler implements HttpHandler {
    private final HttpHandler next;
    private final AuthorizationManager authorizationManager;

    public ServletSecurityRoleHandler(HttpHandler httpHandler, AuthorizationManager authorizationManager) {
        this.next = httpHandler;
        this.authorizationManager = authorizationManager;
    }

    @Override // io.undertow.server.HttpHandler
    public void handleRequest(HttpServerExchange httpServerExchange) throws Exception {
        ServletRequestContext servletRequestContext = (ServletRequestContext) httpServerExchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY);
        if (servletRequestContext.getServletRequest().getDispatcherType() == DispatcherType.REQUEST) {
            if (!this.authorizationManager.canAccessResource(servletRequestContext.getRequiredConstrains(), httpServerExchange.getSecurityContext().getAuthenticatedAccount(), servletRequestContext.getCurrentServlet().getManagedServlet().getServletInfo(), servletRequestContext.getOriginalRequest(), servletRequestContext.getDeployment())) {
                ((HttpServletResponse) servletRequestContext.getServletResponse()).sendError(403);
                return;
            }
        }
        this.next.handleRequest(httpServerExchange);
    }
}
