package org.picketbox.http;

import java.util.Iterator;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.picketbox.core.AbstractPicketBoxManager;
import org.picketbox.core.UserContext;
import org.picketbox.core.authorization.Resource;
import org.picketbox.core.config.PicketBoxConfiguration;
import org.picketbox.http.authorization.resource.WebResource;
import org.picketbox.http.config.PicketBoxHTTPConfiguration;
import org.picketbox.http.resource.ProtectedResource;
import org.picketbox.http.resource.ProtectedResourceManager;

/* loaded from: input_file:org/picketbox/http/PicketBoxHTTPManager.class */
public final class PicketBoxHTTPManager extends AbstractPicketBoxManager {
    private ProtectedResourceManager protectedResourceManager;

    public PicketBoxHTTPManager(PicketBoxHTTPConfiguration picketBoxHTTPConfiguration) {
        super(picketBoxHTTPConfiguration);
    }

    protected boolean doPreAuthentication(UserContext userContext) {
        if (this.protectedResourceManager == null) {
            return true;
        }
        HTTPUserContext hTTPUserContext = (HTTPUserContext) userContext;
        return this.protectedResourceManager.getProtectedResource(createWebResource(hTTPUserContext.getRequest(), hTTPUserContext.getResponse())).requiresAuthentication();
    }

    public boolean authorize(UserContext userContext, Resource resource) {
        if (this.protectedResourceManager == null || userContext == null) {
            return true;
        }
        ProtectedResource protectedResource = this.protectedResourceManager.getProtectedResource(resource);
        if (!protectedResource.requiresAuthorization() || !userContext.isAuthenticated()) {
            return true;
        }
        if (protectedResource.isAllowed(userContext)) {
            return super.authorize(userContext, resource);
        }
        return false;
    }

    private WebResource createWebResource(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        WebResource webResource = new WebResource();
        webResource.setContext(httpServletRequest.getServletContext());
        webResource.setRequest(httpServletRequest);
        webResource.setResponse(httpServletResponse);
        return webResource;
    }

    protected void doConfigure(PicketBoxConfiguration picketBoxConfiguration) {
        PicketBoxHTTPConfiguration picketBoxHTTPConfiguration = (PicketBoxHTTPConfiguration) picketBoxConfiguration;
        this.protectedResourceManager = picketBoxHTTPConfiguration.getProtectedResource().getManager();
        Iterator<ProtectedResource> it = picketBoxHTTPConfiguration.getProtectedResource().getResources().iterator();
        while (it.hasNext()) {
            this.protectedResourceManager.addProtectedResource(it.next());
        }
        this.protectedResourceManager.start();
        setSessionManager(new HTTPSessionManager(this));
    }

    public UserContext getUserContext(HttpServletRequest httpServletRequest) {
        HttpSession session = httpServletRequest.getSession(false);
        if (session == null) {
            return null;
        }
        return (UserContext) session.getAttribute(getUserAttributeName());
    }

    private String getUserAttributeName() {
        String sessionAttributeName = getHTTPConfiguration().m15getSessionManager().getSessionAttributeName();
        if (sessionAttributeName == null) {
            sessionAttributeName = PicketBoxConstants.SUBJECT;
        }
        return sessionAttributeName;
    }

    private PicketBoxHTTPConfiguration getHTTPConfiguration() {
        return (PicketBoxHTTPConfiguration) getConfiguration();
    }

    public boolean requiresAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        return this.protectedResourceManager != null && this.protectedResourceManager.getProtectedResource(createWebResource(httpServletRequest, httpServletResponse)).requiresAuthentication();
    }
}
