package org.granite.seam.security;

import java.lang.reflect.Constructor;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.faces.application.FacesMessage;
import javax.security.auth.login.LoginException;
import org.granite.logging.Logger;
import org.granite.messaging.service.security.AbstractSecurityContext;
import org.granite.messaging.service.security.AbstractSecurityService;
import org.granite.messaging.service.security.SecurityServiceException;
import org.jboss.seam.contexts.Contexts;
import org.jboss.seam.faces.FacesMessages;
import org.jboss.seam.security.AuthorizationException;
import org.jboss.seam.security.Identity;
import org.jboss.seam.security.NotLoggedInException;

/* loaded from: input_file:org/granite/seam/security/SeamSecurityService.class */
public class SeamSecurityService extends AbstractSecurityService {
    private static final Logger log = Logger.getLogger(SeamSecurityService.class);

    public void configure(Map<String, String> map) {
    }

    public void login(Object obj) throws SecurityServiceException {
        String[] decodeBase64Credentials = decodeBase64Credentials(obj);
        Contexts.getSessionContext().set("org.granite.seam.login", Boolean.TRUE);
        Identity instance = Identity.instance();
        if (instance.isLoggedIn(false) && !decodeBase64Credentials[0].equals(instance.getUsername())) {
            try {
                Method declaredMethod = instance.getClass().getDeclaredMethod("unAuthenticate", new Class[0]);
                declaredMethod.setAccessible(true);
                declaredMethod.invoke(instance, new Object[0]);
            } catch (Exception e) {
                log.error(e, "Could not call unAuthenticate method on: %s", new Object[]{instance.getClass()});
            }
        }
        instance.setUsername(decodeBase64Credentials[0]);
        instance.setPassword(decodeBase64Credentials[1]);
        try {
            instance.authenticate();
        } catch (LoginException e2) {
            instance.login();
            throw SecurityServiceException.newInvalidCredentialsException("User authentication failed");
        }
    }

    public Object authorize(AbstractSecurityContext abstractSecurityContext) throws Exception {
        Throwable th;
        startAuthorization(abstractSecurityContext);
        if (abstractSecurityContext.getDestination().isSecured()) {
            Identity instance = Identity.instance();
            if (!instance.isLoggedIn()) {
                throw SecurityServiceException.newNotLoggedInException("User not logged in");
            }
            boolean z = true;
            Iterator it = abstractSecurityContext.getDestination().getRoles().iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                if (instance.hasRole((String) it.next())) {
                    z = false;
                    break;
                }
            }
            if (z) {
                throw SecurityServiceException.newAccessDeniedException("User not in required role");
            }
        }
        try {
            return endAuthorization(abstractSecurityContext);
        } catch (InvocationTargetException e) {
            Throwable th2 = e;
            while (true) {
                th = th2;
                if (th == null) {
                    throw e;
                }
                if (th instanceof NotLoggedInException) {
                    throw SecurityServiceException.newNotLoggedInException("User not logged in");
                }
                if ((th instanceof SecurityException) || (th instanceof AuthorizationException) || "javax.ejb.EJBAccessException".equals(th.getClass().getName())) {
                    break;
                }
                th2 = th.getCause();
            }
            throw SecurityServiceException.newAccessDeniedException(th.getMessage());
        }
    }

    public void logout() throws SecurityServiceException {
        Identity.instance().logout();
    }

    public void handleSecurityException(SecurityServiceException securityServiceException) {
        FacesMessages.afterPhase();
        FacesMessages.instance().beforeRenderResponse();
        List<FacesMessage> currentMessages = FacesMessages.instance().getCurrentMessages();
        try {
            Constructor<?> constructor = Thread.currentThread().getContextClassLoader().loadClass("org.granite.tide.TideMessage").getConstructor(String.class, String.class, String.class);
            ArrayList arrayList = new ArrayList(currentMessages.size());
            for (FacesMessage facesMessage : currentMessages) {
                Object obj = null;
                if (facesMessage.getSeverity() == FacesMessage.SEVERITY_INFO) {
                    obj = "INFO";
                } else if (facesMessage.getSeverity() == FacesMessage.SEVERITY_WARN) {
                    obj = "WARNING";
                } else if (facesMessage.getSeverity() == FacesMessage.SEVERITY_ERROR) {
                    obj = "ERROR";
                } else if (facesMessage.getSeverity() == FacesMessage.SEVERITY_FATAL) {
                    obj = "FATAL";
                }
                arrayList.add(constructor.newInstance(obj, facesMessage.getSummary(), facesMessage.getDetail()));
            }
            securityServiceException.getExtendedData().put("messages", arrayList);
        } catch (Throwable th) {
            securityServiceException.getExtendedData().put("messages", currentMessages);
        }
    }
}
