package ws.ament.hammock.security.impl;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.stream.Collectors;
import javax.annotation.Priority;
import javax.annotation.security.DenyAll;
import javax.annotation.security.RolesAllowed;
import javax.inject.Inject;
import javax.interceptor.AroundInvoke;
import javax.interceptor.Interceptor;
import javax.interceptor.InvocationContext;
import ws.ament.hammock.security.api.HasAllRoles;
import ws.ament.hammock.security.api.Identity;
import ws.ament.hammock.security.api.LoggedIn;
import ws.ament.hammock.security.api.MissingRolesException;
import ws.ament.hammock.security.api.NotLoggedInException;
import ws.ament.hammock.security.api.Secured;
import ws.ament.hammock.security.internal.AnnotationUtil;

@Priority(2100)
@Secured
@Interceptor
/* loaded from: input_file:ws/ament/hammock/security/impl/SecurityInterceptor.class */
public class SecurityInterceptor {

    @Inject
    private Identity identity;

    @AroundInvoke
    public Object verifyLoggedIn(InvocationContext invocationContext) throws Exception {
        checkLoggedIn(invocationContext);
        checkRoles(invocationContext);
        return invocationContext.proceed();
    }

    private void checkLoggedIn(InvocationContext invocationContext) {
        LoggedIn loggedIn = (LoggedIn) AnnotationUtil.getAnnotation(invocationContext, LoggedIn.class);
        DenyAll annotation = AnnotationUtil.getAnnotation(invocationContext, DenyAll.class);
        if ((loggedIn != null || annotation != null) && !this.identity.isLoggedIn()) {
            throw new NotLoggedInException(this.identity + " Not logged in");
        }
    }

    private void checkRoles(InvocationContext invocationContext) {
        HasAllRoles hasAllRoles = (HasAllRoles) AnnotationUtil.getAnnotation(invocationContext, HasAllRoles.class);
        RolesAllowed annotation = AnnotationUtil.getAnnotation(invocationContext, RolesAllowed.class);
        ArrayList arrayList = new ArrayList();
        if (hasAllRoles != null) {
            arrayList.addAll(Arrays.asList(hasAllRoles.value()));
        }
        if (annotation != null) {
            arrayList.addAll(Arrays.asList(annotation.value()));
        }
        if (arrayList.isEmpty()) {
            return;
        }
        String str = (String) arrayList.stream().filter(this::notHasRole).collect(Collectors.joining(", "));
        if (!str.isEmpty()) {
            throw new MissingRolesException("Missing Roles: " + str);
        }
    }

    private boolean notHasRole(String str) {
        return !this.identity.hasRole(str);
    }
}
