package juzu.plugin.shiro.impl;

import java.util.List;
import juzu.Response;
import juzu.impl.common.JSON;
import juzu.impl.request.ContextualParameter;
import juzu.impl.request.Request;
import juzu.impl.request.Stage;
import juzu.plugin.shiro.impl.common.ShiroTools;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authz.AuthorizationException;
import org.apache.shiro.authz.annotation.Logical;

/* loaded from: input_file:juzu/plugin/shiro/impl/ShiroAuthorizor.class */
public class ShiroAuthorizor {

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: juzu.plugin.shiro.impl.ShiroAuthorizor$1, reason: invalid class name */
    /* loaded from: input_file:juzu/plugin/shiro/impl/ShiroAuthorizor$1.class */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$org$apache$shiro$authz$annotation$Logical = new int[Logical.values().length];

        static {
            try {
                $SwitchMap$org$apache$shiro$authz$annotation$Logical[Logical.AND.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$org$apache$shiro$authz$annotation$Logical[Logical.OR.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
        }
    }

    public Response isAuthorized(Stage.Handler handler, JSON json) {
        Request request = handler.getRequest();
        if (verify(request, json)) {
            return null;
        }
        for (ContextualParameter contextualParameter : request.getHandler().getParameters()) {
            if ((contextualParameter instanceof ContextualParameter) && AuthorizationException.class.isAssignableFrom(contextualParameter.getType())) {
                request.getContextualArguments().put(contextualParameter, new AuthorizationException("Access denied " + request.getHandler() + " with config " + json));
                return handler.invoke();
            }
        }
        return new Response.Error(new AuthorizationException("Access denied " + request.getHandler() + " with config " + json));
    }

    private boolean hasRequire(Request request, JSON json) {
        Object obj = json.get("require");
        return "guest".equals(obj) ? SecurityUtils.getSubject().getPrincipal() == null : "authenticate".equals(obj) ? SecurityUtils.getSubject().isAuthenticated() : "user".equals(obj) && SecurityUtils.getSubject().getPrincipal() != null;
    }

    private boolean hasRoles(Request request, JSON json) {
        if (!SecurityUtils.getSubject().isAuthenticated()) {
            return false;
        }
        JSON json2 = json.getJSON("roles");
        Logical valueOf = Logical.valueOf(json2.getString("logical"));
        List list = (List) json2.get("value");
        if (list.size() == 1) {
            return ShiroTools.hasRole((String) list.get(0));
        }
        if (list.size() <= 1) {
            return false;
        }
        switch (AnonymousClass1.$SwitchMap$org$apache$shiro$authz$annotation$Logical[valueOf.ordinal()]) {
            case 1:
                return SecurityUtils.getSubject().hasAllRoles(list);
            case 2:
                return ShiroTools.hasRole((String[]) list.toArray(new String[list.size()]));
            default:
                return false;
        }
    }

    private boolean hasPermissions(Request request, JSON json) {
        if (!SecurityUtils.getSubject().isAuthenticated()) {
            return false;
        }
        JSON json2 = json.getJSON("permissions");
        Logical valueOf = Logical.valueOf(json2.getString("logical"));
        List list = (List) json2.get("value");
        if (list.size() == 1) {
            return ShiroTools.isPermitted((String) list.get(0));
        }
        if (list.size() <= 1) {
            return false;
        }
        switch (AnonymousClass1.$SwitchMap$org$apache$shiro$authz$annotation$Logical[valueOf.ordinal()]) {
            case 1:
                return SecurityUtils.getSubject().isPermittedAll((String[]) list.toArray(new String[list.size()]));
            case 2:
                return ShiroTools.isPermitted((String[]) list.toArray(new String[list.size()]));
            default:
                return false;
        }
    }

    private boolean verify(Request request, JSON json) {
        if (json.get("require") != null) {
            return hasRequire(request, json);
        }
        if (json.get("roles") != null && json.get("permissions") != null) {
            return hasRoles(request, json) && hasPermissions(request, json);
        }
        if (json.get("permissions") != null && json.get("roles") == null) {
            return hasPermissions(request, json);
        }
        if (json.get("roles") == null || json.get("permissions") != null) {
            return true;
        }
        return hasRoles(request, json);
    }
}
