package io.ballerina.messaging.broker.auth.authorization;

import io.ballerina.messaging.broker.auth.AuthException;
import io.ballerina.messaging.broker.auth.AuthNotFoundException;
import io.ballerina.messaging.broker.auth.AuthServerException;
import io.ballerina.messaging.broker.auth.UsernamePrincipal;
import io.ballerina.messaging.broker.auth.authorization.enums.ResourceAction;
import io.ballerina.messaging.broker.auth.authorization.enums.ResourceAuthScope;
import io.ballerina.messaging.broker.auth.authorization.enums.ResourceType;
import io.ballerina.messaging.broker.common.ResourceNotFoundException;
import javax.security.auth.Subject;

/* loaded from: input_file:io/ballerina/messaging/broker/auth/authorization/AuthorizationHandler.class */
public class AuthorizationHandler {
    private Authorizer authorizer;

    public AuthorizationHandler(Authorizer authorizer) {
        this.authorizer = authorizer;
    }

    public void handle(ResourceAuthScope resourceAuthScope, ResourceType resourceType, String str, ResourceAction resourceAction, Subject subject) throws AuthException, AuthNotFoundException {
        try {
            if (this.authorizer.authorize(resourceAuthScope.toString(), getUserFromSubject(subject)) || this.authorizer.authorize(resourceType.toString(), str, resourceAction.toString(), getUserFromSubject(subject))) {
            } else {
                throw new AuthException("Unauthorized action on : " + resourceType.toString() + " resourceName: " + str + " action: " + resourceAction.toString());
            }
        } catch (AuthServerException e) {
            throw new AuthException("Error occurred while authorizing on : " + resourceType.toString() + " resourceName: " + str + " action: " + resourceAction.toString(), e);
        }
    }

    public void handle(ResourceType resourceType, String str, ResourceAction resourceAction, Subject subject) throws AuthException, AuthNotFoundException {
        try {
            if (this.authorizer.authorize(resourceType.toString(), str, resourceAction.toString(), getUserFromSubject(subject))) {
            } else {
                throw new AuthException("Unauthorized action on : " + resourceType.toString() + " resourceName: " + str + " action: " + resourceAction.toString());
            }
        } catch (AuthServerException e) {
            throw new AuthException("Error occurred while authorizing on : " + resourceType.toString() + " resourceName: " + str + " action: " + resourceAction.toString(), e);
        }
    }

    public void handle(ResourceAuthScope resourceAuthScope, Subject subject) throws AuthException {
        try {
            if (this.authorizer.authorize(resourceAuthScope.toString(), getUserFromSubject(subject))) {
            } else {
                throw new AuthException("Unauthorized action on auth scope key : " + resourceAuthScope.toString());
            }
        } catch (AuthNotFoundException | AuthServerException e) {
            throw new AuthException("Error occurred while authorizing auth scope key : " + resourceAuthScope.toString(), e);
        }
    }

    public void createAuthResource(ResourceType resourceType, String str, boolean z, Subject subject) throws AuthException {
        try {
            this.authorizer.addProtectedResource(resourceType.toString(), str, z, getUserFromSubject(subject));
        } catch (AuthServerException e) {
            throw new AuthException("Error while creating " + resourceType + " with name : " + str, e);
        }
    }

    public void deleteAuthResource(ResourceType resourceType, String str) throws AuthException, ResourceNotFoundException {
        try {
            this.authorizer.deleteProtectedResource(resourceType.toString(), str);
        } catch (AuthNotFoundException e) {
            throw new ResourceNotFoundException("Error occurred while authorizing due to resource name : " + str + " not found.");
        } catch (AuthServerException e2) {
            throw new AuthException("Error while deleting " + resourceType + " with name : " + str, e2);
        }
    }

    private String getUserFromSubject(Subject subject) {
        return ((UsernamePrincipal) subject.getPrincipals().iterator().next()).getName();
    }
}
