package net.e6tech.elements.web.cxf;

import java.lang.annotation.Annotation;
import java.lang.reflect.Method;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import net.e6tech.elements.common.logging.Logger;
import org.apache.cxf.common.util.ClassHelper;

/* loaded from: input_file:net/e6tech/elements/web/cxf/SecurityAnnotationEngine.class */
public class SecurityAnnotationEngine {
    private static final String ROLES_ALLOWED_CLASS_NAME = "javax.annotation.security.RolesAllowed";
    private static final String PERMIT_ALL_CLASS_NAME = "javax.annotation.security.PermitAll";
    private static final String DENY_ALL_CLASS_NAME = "javax.annotation.security.DenyAll";
    private static final String ROLE_KEY_PERMIT_ALL = "PERMITALL";
    private static final String ROLE_KEY_DENY_ALL = "DENYALL";
    private Map<String, Map<String, String>> scannedClassMap = new HashMap();
    private static Logger logger = Logger.getLogger();
    private static final Set<String> SKIP_METHODS = new HashSet();

    public void register(Object obj) {
        Class<?> realClass = ClassHelper.getRealClass(obj);
        if (this.scannedClassMap.containsKey(realClass.getName())) {
            return;
        }
        HashMap hashMap = new HashMap();
        scanForPermitAll(realClass, hashMap);
        scanForDenyAll(realClass, hashMap);
        scanForRolesAllowed(realClass, hashMap);
        if (hashMap.isEmpty()) {
            logger.warn("The roles map is empty, the service object is not protected: " + realClass.getName());
        }
        this.scannedClassMap.put(realClass.getName(), hashMap);
    }

    public boolean hasAccess(Object obj, Method method, Object[] objArr, String str) {
        return hasAccess(obj, method, objArr, Arrays.asList(str));
    }

    public boolean hasAccess(Object obj, Method method, Object[] objArr, List<String> list) {
        String lookupRole = lookupRole(obj, method, objArr);
        if (lookupRole == null) {
            logger.warn("no security map entry found: class:" + obj.getClass().getName() + " method:" + createMethodSig(method));
            return true;
        }
        if (lookupRole.equals(ROLE_KEY_DENY_ALL)) {
            return false;
        }
        if (lookupRole.equals(ROLE_KEY_PERMIT_ALL)) {
            return true;
        }
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            if (lookupRole.contains(it.next())) {
                return true;
            }
        }
        return false;
    }

    public String lookupRole(Object obj, Method method, Object[] objArr) {
        Class realClass = ClassHelper.getRealClass(obj);
        String createMethodSig = createMethodSig(method);
        logger.debug("lookupRole: class:" + realClass.getName() + " method:" + createMethodSig);
        Map<String, String> map = this.scannedClassMap.get(realClass.getName());
        if (map == null) {
            return null;
        }
        String str = map.get(createMethodSig);
        logger.debug("==> cls:" + realClass + " m:" + createMethodSig + " roles:" + str);
        return str;
    }

    public void logMethodMap() {
        ArrayList<String> arrayList = new ArrayList(this.scannedClassMap.keySet());
        Collections.sort(arrayList);
        for (String str : arrayList) {
            logger.debug("registered class: " + str);
            Map<String, String> map = this.scannedClassMap.get(str);
            for (String str2 : new ArrayList(map.keySet())) {
                logger.debug("  method: " + str2 + " roles: " + map.get(str2));
            }
        }
    }

    private void scanForPermitAll(Class<?> cls, Map<String, String> map) {
        if (cls == null || cls == Object.class) {
            return;
        }
        boolean isAnnotationPresent = isAnnotationPresent(cls.getAnnotations(), PERMIT_ALL_CLASS_NAME);
        for (Method method : cls.getMethods()) {
            if (!SKIP_METHODS.contains(method.getName())) {
                boolean isAnnotationPresent2 = isAnnotationPresent(method.getAnnotations(), PERMIT_ALL_CLASS_NAME);
                if (isAnnotationPresent || isAnnotationPresent2) {
                    map.put(createMethodSig(method), ROLE_KEY_PERMIT_ALL);
                }
            }
        }
        if (isAnnotationPresent) {
            return;
        }
        scanForPermitAll(cls.getSuperclass(), map);
    }

    private void scanForDenyAll(Class<?> cls, Map<String, String> map) {
        if (cls == null || cls == Object.class) {
            return;
        }
        boolean isAnnotationPresent = isAnnotationPresent(cls.getAnnotations(), DENY_ALL_CLASS_NAME);
        for (Method method : cls.getMethods()) {
            if (!SKIP_METHODS.contains(method.getName())) {
                boolean isAnnotationPresent2 = isAnnotationPresent(method.getAnnotations(), DENY_ALL_CLASS_NAME);
                if (isAnnotationPresent || isAnnotationPresent2) {
                    map.put(createMethodSig(method), ROLE_KEY_DENY_ALL);
                }
            }
        }
        if (isAnnotationPresent) {
            return;
        }
        scanForDenyAll(cls.getSuperclass(), map);
    }

    private boolean isAnnotationPresent(Annotation[] annotationArr, String str) {
        for (Annotation annotation : annotationArr) {
            if (annotation.annotationType().getName().equals(str)) {
                return true;
            }
        }
        return false;
    }

    private void scanForRolesAllowed(Class<?> cls, Map<String, String> map) {
        if (cls == null || cls == Object.class) {
            return;
        }
        String roles = getRoles(cls.getAnnotations(), ROLES_ALLOWED_CLASS_NAME);
        for (Method method : cls.getMethods()) {
            if (!SKIP_METHODS.contains(method.getName())) {
                String roles2 = getRoles(method.getAnnotations(), ROLES_ALLOWED_CLASS_NAME);
                String str = roles2 != null ? roles2 : roles;
                if (str != null) {
                    map.put(method.getName(), str);
                    map.put(createMethodSig(method), str);
                }
            }
        }
        if (map.isEmpty()) {
            scanForRolesAllowed(cls.getSuperclass(), map);
        }
    }

    private String getRoles(Annotation[] annotationArr, String str) {
        for (Annotation annotation : annotationArr) {
            if (annotation.annotationType().getName().equals(str)) {
                try {
                    String[] strArr = (String[]) annotation.annotationType().getMethod("value", new Class[0]).invoke(annotation, new Object[0]);
                    StringBuilder sb = new StringBuilder();
                    for (int i = 0; i < strArr.length; i++) {
                        sb.append(strArr[i]);
                        if (i + 1 < strArr.length) {
                            sb.append(" ");
                        }
                    }
                    return sb.toString();
                } catch (Exception e) {
                    return null;
                }
            }
        }
        return null;
    }

    private String createMethodSig(Method method) {
        StringBuilder sb = new StringBuilder(method.getReturnType().getName());
        sb.append(' ').append(method.getName()).append('(');
        boolean z = true;
        for (Class<?> cls : method.getParameterTypes()) {
            if (!z) {
                sb.append(", ");
                z = false;
            }
            sb.append(cls.getName());
        }
        sb.append(')');
        return sb.toString();
    }

    static {
        SKIP_METHODS.addAll(Arrays.asList("wait", "notify", "notifyAll", "equals", "toString", "hashCode"));
    }
}
