package org.jboss.as.ejb3.security;

import java.lang.reflect.Method;
import java.util.Set;
import org.jboss.as.ee.component.Component;
import org.jboss.as.ee.component.ComponentView;
import org.jboss.as.ejb3.EjbMessages;
import org.jboss.as.ejb3.component.EJBComponent;
import org.jboss.as.security.service.SimpleSecurityManager;
import org.jboss.invocation.Interceptor;
import org.jboss.invocation.InterceptorContext;

/* loaded from: input_file:org/jboss/as/ejb3/security/AuthorizationInterceptor.class */
public class AuthorizationInterceptor implements Interceptor {
    private final EJBMethodSecurityAttribute ejbMethodSecurityMetaData;
    private final String viewClassName;
    private final Method viewMethod;

    public AuthorizationInterceptor(EJBMethodSecurityAttribute eJBMethodSecurityAttribute, String str, Method method) {
        if (eJBMethodSecurityAttribute == null) {
            throw EjbMessages.MESSAGES.ejbMethodSecurityMetaDataIsNull();
        }
        if (str == null || str.trim().isEmpty()) {
            throw EjbMessages.MESSAGES.viewClassNameIsNull();
        }
        if (method == null) {
            throw EjbMessages.MESSAGES.viewMethodIsNull();
        }
        this.ejbMethodSecurityMetaData = eJBMethodSecurityAttribute;
        this.viewClassName = str;
        this.viewMethod = method;
    }

    public Object processInvocation(InterceptorContext interceptorContext) throws Exception {
        Component component = (Component) interceptorContext.getPrivateData(Component.class);
        if (!(component instanceof EJBComponent)) {
            throw EjbMessages.MESSAGES.unexpectedComponent(component, EJBComponent.class);
        }
        Method method = interceptorContext.getMethod();
        String name = ((ComponentView) interceptorContext.getPrivateData(ComponentView.class)).getViewClass().getName();
        if (!this.viewClassName.equals(name) || !this.viewMethod.equals(method)) {
            throw EjbMessages.MESSAGES.failProcessInvocation(getClass().getName(), method, name, this.viewMethod, this.viewClassName);
        }
        EJBComponent eJBComponent = (EJBComponent) component;
        if (this.ejbMethodSecurityMetaData.isDenyAll()) {
            throw EjbMessages.MESSAGES.invocationOfMethodNotAllowed(method, eJBComponent.getComponentName());
        }
        if (!this.ejbMethodSecurityMetaData.isPermitAll()) {
            Set<String> rolesAllowed = this.ejbMethodSecurityMetaData.getRolesAllowed();
            if (!rolesAllowed.isEmpty()) {
                SimpleSecurityManager securityManager = eJBComponent.getSecurityManager();
                EJBSecurityMetaData securityMetaData = eJBComponent.getSecurityMetaData();
                if (!securityManager.isCallerInRole(securityMetaData.getSecurityRoles(), securityMetaData.getSecurityRoleLinks(), (String[]) rolesAllowed.toArray(new String[rolesAllowed.size()]))) {
                    throw EjbMessages.MESSAGES.invocationOfMethodNotAllowed(method, eJBComponent.getComponentName());
                }
            }
        }
        return interceptorContext.proceed();
    }
}
