package org.apache.myfaces.extensions.cdi.jsf.impl.util;

import java.lang.annotation.Annotation;
import java.util.Iterator;
import java.util.Set;
import javax.enterprise.inject.Typed;
import javax.faces.context.FacesContext;
import org.apache.myfaces.extensions.cdi.core.api.config.view.DefaultErrorView;
import org.apache.myfaces.extensions.cdi.core.api.config.view.ViewConfig;
import org.apache.myfaces.extensions.cdi.core.api.security.AccessDeniedException;
import org.apache.myfaces.extensions.cdi.core.api.security.SecurityViolation;
import org.apache.myfaces.extensions.cdi.core.api.security.SecurityViolationHandler;
import org.apache.myfaces.extensions.cdi.core.api.tools.DefaultAnnotation;
import org.apache.myfaces.extensions.cdi.core.impl.util.CodiUtils;
import org.apache.myfaces.extensions.cdi.jsf.api.Jsf;
import org.apache.myfaces.extensions.cdi.jsf.api.config.view.ViewConfigDescriptor;
import org.apache.myfaces.extensions.cdi.jsf.impl.config.view.ViewConfigCache;
import org.apache.myfaces.extensions.cdi.message.api.MessageContext;
import org.apache.myfaces.extensions.cdi.message.api.payload.MessagePayload;
import org.apache.myfaces.extensions.cdi.message.api.payload.MessageSeverity;

@Typed
/* loaded from: input_file:org/apache/myfaces/extensions/cdi/jsf/impl/util/SecurityUtils.class */
public abstract class SecurityUtils {
    private static final Jsf JSF_QUALIFIER = DefaultAnnotation.of(Jsf.class);

    private SecurityUtils() {
    }

    public static Class<? extends ViewConfig> handleSecurityViolationWithoutNavigation(RuntimeException runtimeException) {
        return tryToHandleSecurityViolation(runtimeException, false);
    }

    public static void tryToHandleSecurityViolation(RuntimeException runtimeException) {
        tryToHandleSecurityViolation(runtimeException, true);
    }

    private static Class<? extends ViewConfig> tryToHandleSecurityViolation(RuntimeException runtimeException, boolean z) {
        ViewConfigDescriptor defaultErrorViewConfigDescriptor;
        AccessDeniedException extractException = extractException(runtimeException);
        if (extractException == null) {
            throw runtimeException;
        }
        Class<? extends ViewConfig> cls = null;
        Class<? extends ViewConfig> errorView = extractException.getErrorView();
        if (errorView != null && !DefaultErrorView.class.getName().equals(errorView.getName())) {
            cls = errorView;
        }
        if (cls == null && (defaultErrorViewConfigDescriptor = ViewConfigCache.getDefaultErrorViewConfigDescriptor()) != null) {
            cls = defaultErrorViewConfigDescriptor.getViewConfig();
        }
        if (cls == null) {
            throw extractException;
        }
        processApplicationSecurityException(extractException, cls, z);
        return cls;
    }

    private static AccessDeniedException extractException(Throwable th) {
        if (th == null) {
            return null;
        }
        return th instanceof AccessDeniedException ? (AccessDeniedException) th : extractException(th.getCause());
    }

    private static void processApplicationSecurityException(AccessDeniedException accessDeniedException, Class<? extends ViewConfig> cls, boolean z) {
        FacesContext currentInstance = FacesContext.getCurrentInstance();
        SecurityViolationHandler securityViolationHandler = (SecurityViolationHandler) CodiUtils.getContextualReferenceByClass(SecurityViolationHandler.class, true, new Annotation[0]);
        if (securityViolationHandler != null) {
            securityViolationHandler.processSecurityViolations(accessDeniedException.getViolations());
        } else {
            addViolationsAsMessage(accessDeniedException.getViolations());
        }
        if (z) {
            currentInstance.getApplication().getNavigationHandler().handleNavigation(currentInstance, (String) null, cls.getName());
        }
    }

    private static void addViolationsAsMessage(Set<SecurityViolation> set) {
        MessageContext messageContext = (MessageContext) CodiUtils.getContextualReferenceByClass(MessageContext.class, true, new Annotation[]{JSF_QUALIFIER});
        if (messageContext == null) {
            return;
        }
        Iterator<SecurityViolation> it = set.iterator();
        while (it.hasNext()) {
            messageContext.message().text(it.next().getReason()).payload(new MessagePayload[]{MessageSeverity.ERROR}).add();
        }
    }
}
