package step.core.deployment;

import java.io.IOException;
import javax.annotation.PostConstruct;
import javax.annotation.Priority;
import javax.inject.Inject;
import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.container.ContainerRequestFilter;
import javax.ws.rs.core.Response;
import javax.ws.rs.ext.Provider;
import org.glassfish.jersey.server.ExtendedUriInfo;
import step.core.GlobalContext;
import step.core.access.AccessManager;
import step.core.access.AuthenticationManager;

@Provider
@Priority(1000)
/* loaded from: input_file:step/core/deployment/SecurityFilter.class */
public class SecurityFilter extends AbstractServices implements ContainerRequestFilter {

    @Inject
    private ExtendedUriInfo extendendUriInfo;
    private AuthenticationManager authenticationManager;
    private AccessManager accessManager;

    @Override // step.core.deployment.AbstractServices
    @PostConstruct
    public void init() throws Exception {
        super.init();
        GlobalContext context = getContext();
        this.accessManager = (AccessManager) context.get(AccessManager.class);
        this.authenticationManager = (AuthenticationManager) context.get(AuthenticationManager.class);
    }

    public void filter(ContainerRequestContext containerRequestContext) throws IOException {
        Session retrieveOrInitializeSession = retrieveOrInitializeSession();
        this.authenticationManager.authenticateDefaultUserIfAuthenticationIsDisabled(retrieveOrInitializeSession);
        Secured secured = (Secured) this.extendendUriInfo.getMatchedResourceMethod().getInvocable().getHandlingMethod().getAnnotation(Secured.class);
        if (secured != null) {
            if (!retrieveOrInitializeSession.isAuthenticated()) {
                containerRequestContext.abortWith(Response.status(Response.Status.UNAUTHORIZED).build());
                return;
            }
            String right = secured.right();
            if (right.length() <= 0 || this.accessManager.checkRightInContext(retrieveOrInitializeSession, right)) {
                return;
            }
            containerRequestContext.abortWith(Response.status(Response.Status.FORBIDDEN).build());
        }
    }

    protected Session retrieveOrInitializeSession() {
        Session session = getSession();
        if (session == null) {
            session = new Session();
            setSession(session);
        }
        return session;
    }
}
