package org.apache.deltaspike.security.impl.extension;

import java.lang.annotation.Annotation;
import java.util.Set;
import javax.enterprise.context.Dependent;
import javax.enterprise.inject.spi.BeanManager;
import javax.inject.Inject;
import javax.interceptor.InvocationContext;
import org.apache.deltaspike.core.api.exception.control.event.ExceptionToCatchEvent;
import org.apache.deltaspike.core.util.ProxyUtils;
import org.apache.deltaspike.security.api.authorization.AccessDeniedException;
import org.apache.deltaspike.security.impl.authorization.SkipInternalProcessingException;
import org.apache.deltaspike.security.spi.authorization.SecurityStrategy;

@Dependent
/* loaded from: input_file:WEB-INF/lib/deltaspike-security-module-impl-1.9.5.jar:org/apache/deltaspike/security/impl/extension/DefaultSecurityStrategy.class */
public class DefaultSecurityStrategy implements SecurityStrategy {
    private static final long serialVersionUID = 7992336651801599079L;

    @Inject
    private BeanManager beanManager;

    @Inject
    private SecurityExtension securityExtension;

    @Override // org.apache.deltaspike.core.spi.InterceptorStrategy
    public Object execute(InvocationContext invocationContext) throws Exception {
        Set<Authorizer> authorizers = this.securityExtension.getMetaDataStorage().getAuthorizers(ProxyUtils.getUnproxiedClass(invocationContext.getTarget().getClass()), invocationContext.getMethod());
        invokeBeforeMethodInvocationAuthorizers(invocationContext, authorizers);
        Object proceed = invocationContext.proceed();
        invokeAfterMethodInvocationAuthorizers(invocationContext, authorizers, proceed);
        return proceed;
    }

    protected void invokeBeforeMethodInvocationAuthorizers(InvocationContext invocationContext, Set<Authorizer> set) throws IllegalAccessException {
        try {
            for (Authorizer authorizer : set) {
                if (authorizer.isBeforeMethodInvocationAuthorizer()) {
                    authorizer.authorize(invocationContext, null, this.beanManager);
                }
            }
        } catch (AccessDeniedException e) {
            RuntimeException handleAccessDeniedException = handleAccessDeniedException(e);
            if (handleAccessDeniedException != null) {
                throw handleAccessDeniedException;
            }
        } catch (SkipInternalProcessingException e2) {
            throw e2.getAccessDeniedException();
        }
    }

    protected void invokeAfterMethodInvocationAuthorizers(InvocationContext invocationContext, Set<Authorizer> set, Object obj) throws IllegalAccessException {
        try {
            for (Authorizer authorizer : set) {
                if (authorizer.isAfterMethodInvocationAuthorizer()) {
                    authorizer.authorize(invocationContext, obj, this.beanManager);
                }
            }
        } catch (AccessDeniedException e) {
            RuntimeException handleAccessDeniedException = handleAccessDeniedException(e);
            if (handleAccessDeniedException != null) {
                throw handleAccessDeniedException;
            }
        }
    }

    protected RuntimeException handleAccessDeniedException(AccessDeniedException accessDeniedException) {
        this.beanManager.fireEvent(new ExceptionToCatchEvent(accessDeniedException), new Annotation[0]);
        return accessDeniedException;
    }
}
