package org.apache.deltaspike.security.impl.extension;

import java.lang.annotation.Annotation;
import java.lang.reflect.Method;
import java.util.HashSet;
import java.util.Iterator;
import javax.enterprise.event.Observes;
import javax.enterprise.inject.spi.AfterBeanDiscovery;
import javax.enterprise.inject.spi.AnnotatedMethod;
import javax.enterprise.inject.spi.AnnotatedParameter;
import javax.enterprise.inject.spi.AnnotatedType;
import javax.enterprise.inject.spi.BeanManager;
import javax.enterprise.inject.spi.BeforeBeanDiscovery;
import javax.enterprise.inject.spi.Extension;
import javax.enterprise.inject.spi.ProcessAnnotatedType;
import org.apache.deltaspike.core.spi.activation.Deactivatable;
import org.apache.deltaspike.core.util.ClassDeactivationUtils;
import org.apache.deltaspike.core.util.ParentExtensionStorage;
import org.apache.deltaspike.core.util.metadata.builder.AnnotatedTypeBuilder;
import org.apache.deltaspike.security.api.authorization.Secures;
import org.apache.deltaspike.security.api.authorization.SecurityDefinitionException;
import org.apache.deltaspike.security.impl.util.SecurityUtils;
import org.hibernate.validator.internal.engine.PathImpl;

/* loaded from: input_file:WEB-INF/lib/deltaspike-security-module-impl-1.7.1.jar:org/apache/deltaspike/security/impl/extension/SecurityExtension.class */
public class SecurityExtension implements Extension, Deactivatable {
    private static final SecurityInterceptorBinding INTERCEPTOR_BINDING = new SecurityInterceptorBindingLiteral();
    private SecurityMetaDataStorage securityMetaDataStorage;
    private Boolean isActivated = null;

    protected void init(@Observes BeforeBeanDiscovery beforeBeanDiscovery) {
        this.isActivated = Boolean.valueOf(ClassDeactivationUtils.isActivated(getClass()));
        this.securityMetaDataStorage = new SecurityMetaDataStorage();
        ParentExtensionStorage.addExtension(this);
    }

    public SecurityMetaDataStorage getMetaDataStorage() {
        return this.securityMetaDataStorage;
    }

    public <X> void processAnnotatedType(@Observes ProcessAnnotatedType<X> processAnnotatedType) {
        if (this.isActivated.booleanValue()) {
            AnnotatedTypeBuilder<X> annotatedTypeBuilder = null;
            AnnotatedType<?> annotatedType = processAnnotatedType.getAnnotatedType();
            boolean z = false;
            Iterator<Annotation> it = annotatedType.getAnnotations().iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                if (SecurityUtils.isMetaAnnotatedWithSecurityBindingType(it.next())) {
                    annotatedTypeBuilder = new AnnotatedTypeBuilder().readFromType(annotatedType);
                    annotatedTypeBuilder.addToClass(INTERCEPTOR_BINDING);
                    getMetaDataStorage().addSecuredType(annotatedType);
                    z = true;
                    break;
                }
            }
            if (!z) {
                for (AnnotatedMethod<? super Object> annotatedMethod : annotatedType.getMethods()) {
                    if (annotatedMethod.isAnnotationPresent(Secures.class)) {
                        registerAuthorizer(annotatedMethod);
                    } else {
                        Iterator<Annotation> it2 = annotatedMethod.getAnnotations().iterator();
                        while (true) {
                            if (!it2.hasNext()) {
                                break;
                            }
                            if (SecurityUtils.isMetaAnnotatedWithSecurityBindingType(it2.next())) {
                                if (annotatedTypeBuilder == null) {
                                    annotatedTypeBuilder = new AnnotatedTypeBuilder().readFromType(annotatedType);
                                }
                                annotatedTypeBuilder.addToMethod(annotatedMethod, INTERCEPTOR_BINDING);
                                getMetaDataStorage().addSecuredMethod(annotatedMethod);
                            }
                        }
                    }
                }
            }
            if (annotatedTypeBuilder != null) {
                processAnnotatedType.setAnnotatedType(annotatedTypeBuilder.create());
            }
        }
    }

    public void validateBindings(@Observes AfterBeanDiscovery afterBeanDiscovery, BeanManager beanManager) {
        if (this.isActivated.booleanValue()) {
            SecurityMetaDataStorage metaDataStorage = getMetaDataStorage();
            SecurityExtension securityExtension = (SecurityExtension) ParentExtensionStorage.getParentExtension(this);
            if (securityExtension != null) {
                Iterator<Authorizer> it = securityExtension.getMetaDataStorage().getAuthorizers().iterator();
                while (it.hasNext()) {
                    metaDataStorage.addAuthorizer(it.next());
                }
            }
            metaDataStorage.registerSecuredMethods();
            for (AnnotatedMethod<?> annotatedMethod : metaDataStorage.getSecuredMethods()) {
                Class<?> javaClass = annotatedMethod.getDeclaringType().getJavaClass();
                Method javaMember = annotatedMethod.getJavaMember();
                for (Annotation annotation : SecurityUtils.getSecurityBindingTypes(javaClass, javaMember)) {
                    boolean z = false;
                    HashSet hashSet = new HashSet();
                    for (AnnotatedParameter<?> annotatedParameter : annotatedMethod.getParameters()) {
                        HashSet hashSet2 = null;
                        for (Annotation annotation2 : annotatedParameter.getAnnotations()) {
                            if (SecurityUtils.isMetaAnnotatedWithSecurityParameterBinding(annotation2)) {
                                if (hashSet2 == null) {
                                    hashSet2 = new HashSet();
                                }
                                hashSet2.add(annotation2);
                            }
                        }
                        if (hashSet2 != null) {
                            hashSet.add(new AuthorizationParameter(annotatedParameter.getBaseType(), hashSet2));
                        }
                    }
                    Iterator<Authorizer> it2 = metaDataStorage.getAuthorizers().iterator();
                    while (true) {
                        if (it2.hasNext()) {
                            if (it2.next().matchesBindings(annotation, hashSet, javaMember.getReturnType())) {
                                z = true;
                                break;
                            }
                        } else {
                            break;
                        }
                    }
                    if (!z) {
                        afterBeanDiscovery.addDefinitionError(new SecurityDefinitionException("Secured type " + annotatedMethod.getDeclaringType().getJavaClass().getName() + " has no matching authorizer method for security binding @" + annotation.annotationType().getName()));
                    }
                }
                Iterator<Annotation> it3 = annotatedMethod.getAnnotations().iterator();
                while (true) {
                    if (it3.hasNext()) {
                        if (SecurityUtils.isMetaAnnotatedWithSecurityBindingType(it3.next())) {
                            metaDataStorage.registerSecuredMethod(javaClass, javaMember);
                            break;
                        }
                    } else {
                        break;
                    }
                }
            }
            metaDataStorage.resetSecuredMethods();
        }
    }

    private void registerAuthorizer(AnnotatedMethod<?> annotatedMethod) {
        if (!annotatedMethod.getJavaMember().getReturnType().equals(Boolean.class) && !annotatedMethod.getJavaMember().getReturnType().equals(Boolean.TYPE)) {
            throw new SecurityDefinitionException("Invalid authorizer method [" + annotatedMethod.getJavaMember().getDeclaringClass().getName() + PathImpl.PROPERTY_PATH_SEPARATOR + annotatedMethod.getJavaMember().getName() + "] - does not return a boolean.");
        }
        Annotation annotation = null;
        for (Annotation annotation2 : annotatedMethod.getAnnotations()) {
            if (SecurityUtils.isMetaAnnotatedWithSecurityBindingType(annotation2)) {
                if (annotation != null) {
                    throw new SecurityDefinitionException("Invalid authorizer method [" + annotatedMethod.getJavaMember().getDeclaringClass().getName() + PathImpl.PROPERTY_PATH_SEPARATOR + annotatedMethod.getJavaMember().getName() + "] - declares multiple security binding types");
                }
                annotation = annotation2;
            }
        }
        getMetaDataStorage().addAuthorizer(new Authorizer(annotation, annotatedMethod));
    }
}
