package net.sourceforge.stripes.security.controller;

import com.google.common.base.Splitter;
import com.google.common.base.Strings;
import com.google.common.collect.ImmutableSet;
import java.lang.reflect.Method;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import net.sourceforge.stripes.action.ActionBean;
import net.sourceforge.stripes.action.ActionBeanContext;
import net.sourceforge.stripes.action.Resolution;
import net.sourceforge.stripes.config.Configuration;
import net.sourceforge.stripes.controller.ActionResolver;
import net.sourceforge.stripes.controller.ExecutionContext;
import net.sourceforge.stripes.controller.Interceptor;
import net.sourceforge.stripes.controller.Intercepts;
import net.sourceforge.stripes.controller.LifecycleStage;
import net.sourceforge.stripes.exception.StripesServletException;
import net.sourceforge.stripes.security.action.Secure;
import net.sourceforge.stripes.security.exception.StripesAuthorizationException;
import net.sourceforge.stripes.util.Log;
import pl.topteam.utils.stripes.tag.SecureTag;

@Intercepts({LifecycleStage.HandlerResolution})
/* loaded from: input_file:net/sourceforge/stripes/security/controller/SecurityInterceptor.class */
public class SecurityInterceptor implements Interceptor {
    private static Log log = Log.getInstance(SecurityInterceptor.class);

    public Resolution intercept(ExecutionContext executionContext) throws Exception {
        Method defaultHandler;
        Configuration configuration = StripesSecurityFilter.getConfiguration();
        StripesSecurityManager securityManager = StripesSecurityFilter.getSecurityManager();
        Resolution unauthorizedResolution = StripesSecurityFilter.getUnauthorizedResolution();
        ActionBeanContext actionBeanContext = executionContext.getActionBeanContext();
        ActionResolver actionResolver = configuration.getActionResolver();
        Class<?> actionBeanType = actionResolver.getActionBeanType(getRequestedPath(actionBeanContext.getRequest()));
        if (actionBeanType != null) {
            try {
                Secure secureAnnotationFromClass = secureAnnotationFromClass(actionBeanType);
                if (secureAnnotationFromClass != null) {
                    authenticateUser(secureAnnotationFromClass, securityManager, actionBeanContext);
                }
                String eventName = actionResolver.getEventName(actionBeanType, actionBeanContext);
                actionBeanContext.setEventName(eventName);
                if (eventName != null) {
                    defaultHandler = actionResolver.getHandler(actionBeanType, eventName);
                } else {
                    defaultHandler = actionResolver.getDefaultHandler(actionBeanType);
                    if (defaultHandler != null) {
                        actionBeanContext.setEventName(actionResolver.getHandledEvent(defaultHandler));
                    }
                }
                if (defaultHandler == null) {
                    throw new StripesServletException("No handler method found for request with  ActionBean [" + actionBeanType.getName() + "] and eventName [ " + eventName + "]");
                }
                log.debug(new Object[]{"Checking the method " + defaultHandler.getName()});
                Secure secure = (Secure) defaultHandler.getAnnotation(Secure.class);
                if (secure != null) {
                    authenticateUser(secure, securityManager, actionBeanContext);
                }
            } catch (StripesAuthorizationException e) {
                if (unauthorizedResolution != null) {
                    return unauthorizedResolution;
                }
                throw e;
            }
        }
        return executionContext.proceed();
    }

    private void authenticateUser(Secure secure, StripesSecurityManager stripesSecurityManager, ActionBeanContext actionBeanContext) throws ServletException {
        if (Strings.isNullOrEmpty(secure.roles())) {
            throw new StripesAuthorizationException();
        }
        if (Strings.isNullOrEmpty(secure.roles())) {
            return;
        }
        log.info(new Object[]{"Checking requires any Roles[" + secure.roles() + "]"});
        if (!stripesSecurityManager.isUserInRole(ImmutableSet.copyOf(Splitter.on(SecureTag.ROLE_DELIMETER).trimResults().splitToList(secure.roles())), actionBeanContext)) {
            throw new StripesAuthorizationException();
        }
    }

    private String getRequestedPath(HttpServletRequest httpServletRequest) {
        String servletPath = httpServletRequest.getServletPath();
        String pathInfo = httpServletRequest.getPathInfo();
        return (servletPath == null ? "" : servletPath) + (pathInfo == null ? "" : pathInfo);
    }

    private Secure secureAnnotationFromClass(Class<?> cls) {
        log.debug(new Object[]{"Checking the class " + cls.getSimpleName()});
        Secure secure = (Secure) cls.getAnnotation(Secure.class);
        if (secure != null) {
            return secure;
        }
        log.debug(new Object[]{"Checking the parent class " + cls.getSuperclass().getSimpleName()});
        Class<? super Object> superclass = cls.getSuperclass();
        if (ActionBean.class.isAssignableFrom(superclass)) {
            return secureAnnotationFromClass(superclass);
        }
        return null;
    }
}
