package org.dspace.app.rest.security;

import jakarta.servlet.FilterChain;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.util.List;
import org.springframework.core.GenericTypeResolver;
import org.springframework.expression.EvaluationContext;
import org.springframework.expression.Expression;
import org.springframework.security.access.expression.ExpressionUtils;
import org.springframework.security.access.expression.SecurityExpressionHandler;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.FilterInvocation;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:org/dspace/app/rest/security/WebSecurityExpressionEvaluator.class */
public class WebSecurityExpressionEvaluator {
    private static final FilterChain EMPTY_CHAIN = (servletRequest, servletResponse) -> {
        throw new UnsupportedOperationException();
    };
    private final List<SecurityExpressionHandler> securityExpressionHandlers;

    public WebSecurityExpressionEvaluator(List<SecurityExpressionHandler> list) {
        this.securityExpressionHandlers = list;
    }

    public boolean evaluate(String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str2) {
        SecurityExpressionHandler filterSecurityHandler = getFilterSecurityHandler();
        Expression parseExpression = filterSecurityHandler.getExpressionParser().parseExpression(str);
        EvaluationContext createEvaluationContext = createEvaluationContext(filterSecurityHandler, httpServletRequest, httpServletResponse);
        createEvaluationContext.setVariable("id", str2);
        return ExpressionUtils.evaluateAsBoolean(parseExpression, createEvaluationContext);
    }

    private EvaluationContext createEvaluationContext(SecurityExpressionHandler securityExpressionHandler, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        return securityExpressionHandler.createEvaluationContext(SecurityContextHolder.getContext().getAuthentication(), new FilterInvocation(httpServletRequest, httpServletResponse, EMPTY_CHAIN));
    }

    private SecurityExpressionHandler getFilterSecurityHandler() {
        return this.securityExpressionHandlers.stream().filter(securityExpressionHandler -> {
            return FilterInvocation.class.equals(GenericTypeResolver.resolveTypeArgument(securityExpressionHandler.getClass(), SecurityExpressionHandler.class));
        }).findAny().orElseThrow(() -> {
            return new IllegalStateException("No filter invocation security expression handler has been found! Handlers: " + this.securityExpressionHandlers.size());
        });
    }
}
