package org.demoiselle.jee.security.interceptor;

import java.io.Serializable;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import javax.annotation.Priority;
import javax.inject.Inject;
import javax.interceptor.AroundInvoke;
import javax.interceptor.Interceptor;
import javax.interceptor.InvocationContext;
import javax.ws.rs.core.Response;
import org.demoiselle.jee.core.api.security.SecurityContext;
import org.demoiselle.jee.security.annotation.Authenticated;
import org.demoiselle.jee.security.annotation.RequiredRole;
import org.demoiselle.jee.security.exception.DemoiselleSecurityException;
import org.demoiselle.jee.security.message.DemoiselleSecurityMessages;

@RequiredRole({""})
@Priority(2000)
@Interceptor
/* loaded from: input_file:org/demoiselle/jee/security/interceptor/RequiredRoleInterceptor.class */
public class RequiredRoleInterceptor implements Serializable {
    private static final long serialVersionUID = 1;

    @Inject
    private SecurityContext securityContext;

    @Inject
    private DemoiselleSecurityMessages bundle;

    @AroundInvoke
    public Object manage(InvocationContext invocationContext) throws Exception {
        Authenticated authenticated = (Authenticated) invocationContext.getMethod().getAnnotation(Authenticated.class);
        List<String> roles = getRoles(invocationContext);
        ArrayList arrayList = new ArrayList();
        if (authenticated != null && !authenticated.enable()) {
            return invocationContext.proceed();
        }
        if (!this.securityContext.isLoggedIn()) {
            throw new DemoiselleSecurityException(this.bundle.userNotAuthenticated(), Response.Status.UNAUTHORIZED.getStatusCode());
        }
        roles.stream().filter(str -> {
            return this.securityContext.hasRole(str);
        }).forEach(str2 -> {
            arrayList.add(str2);
        });
        if (arrayList.isEmpty()) {
            throw new DemoiselleSecurityException(this.bundle.doesNotHaveRole(roles.toString()), Response.Status.FORBIDDEN.getStatusCode());
        }
        return invocationContext.proceed();
    }

    private List<String> getRoles(InvocationContext invocationContext) {
        String[] strArr = new String[0];
        return Arrays.asList(invocationContext.getMethod().getAnnotation(RequiredRole.class) == null ? ((RequiredRole) invocationContext.getTarget().getClass().getAnnotation(RequiredRole.class)).value() : ((RequiredRole) invocationContext.getMethod().getAnnotation(RequiredRole.class)).value());
    }
}
