package net.e6tech.elements.web.cxf;

import java.lang.annotation.Annotation;
import java.lang.reflect.Method;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import net.e6tech.elements.common.logging.Logger;
import org.apache.cxf.common.util.ClassHelper;

/* loaded from: input_file:net/e6tech/elements/web/cxf/SecurityAnnotationEngine.class */
public class SecurityAnnotationEngine {
    private static final String ROLES_ALLOWED_CLASS_NAME = "javax.annotation.security.RolesAllowed";
    private static final String PERMIT_ALL_CLASS_NAME = "javax.annotation.security.PermitAll";
    private static final String DENY_ALL_CLASS_NAME = "javax.annotation.security.DenyAll";
    private static final String ROLE_KEY_PERMIT_ALL = "PERMITALL";
    private static final String ROLE_KEY_DENY_ALL = "DENYALL";
    private Map<String, Map<MethodSignature, Set<String>>> scannedClassMap = new HashMap();
    private static Logger logger = Logger.getLogger();
    private static final Set<String> SKIP_METHODS = new HashSet();

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:net/e6tech/elements/web/cxf/SecurityAnnotationEngine$MethodSignature.class */
    public static class MethodSignature {
        private String name;
        private Class returnType;
        private Class<?>[] parameterTypes;
        private String signature;

        MethodSignature(Method method) {
            this.name = method.getName();
            this.returnType = method.getReturnType();
            this.parameterTypes = method.getParameterTypes();
        }

        public boolean equals(Object obj) {
            if (!(obj instanceof MethodSignature)) {
                return false;
            }
            MethodSignature methodSignature = (MethodSignature) obj;
            if (this.name.equals(methodSignature.name) && this.returnType.equals(methodSignature.returnType)) {
                return equalParamTypes(this.parameterTypes, methodSignature.parameterTypes);
            }
            return false;
        }

        public int hashCode() {
            return this.name.hashCode() ^ this.returnType.hashCode();
        }

        boolean equalParamTypes(Class<?>[] clsArr, Class<?>[] clsArr2) {
            if (clsArr.length != clsArr2.length) {
                return false;
            }
            for (int i = 0; i < clsArr.length; i++) {
                if (clsArr[i] != clsArr2[i]) {
                    return false;
                }
            }
            return true;
        }

        public String toString() {
            if (this.signature == null) {
                StringBuilder sb = new StringBuilder(this.returnType.getName());
                sb.append(' ').append(this.name).append('(');
                boolean z = true;
                for (Class<?> cls : this.parameterTypes) {
                    if (z) {
                        z = false;
                    } else {
                        sb.append(", ");
                    }
                    sb.append(cls.getName());
                }
                sb.append(')');
                this.signature = sb.toString();
            }
            return this.signature;
        }
    }

    public void register(Object obj) {
        Class<?> realClass = ClassHelper.getRealClass(obj);
        if (this.scannedClassMap.containsKey(realClass.getName())) {
            return;
        }
        HashMap hashMap = new HashMap();
        scanForPermitAll(realClass, hashMap);
        scanForDenyAll(realClass, hashMap);
        scanForRolesAllowed(realClass, hashMap);
        if (hashMap.isEmpty()) {
            logger.warn("The roles map is empty, the service object is not protected: " + realClass.getName());
        }
        this.scannedClassMap.put(realClass.getName(), hashMap);
    }

    public boolean hasAccess(Object obj, Method method, Object[] objArr, String str) {
        return str == null ? hasAccess(obj, method, objArr, Collections.emptyList()) : hasAccess(obj, method, objArr, Arrays.asList(str));
    }

    public boolean hasAccess(Object obj, Method method, Object[] objArr, List<String> list) {
        Set<String> lookupRole = lookupRole(obj, method, objArr);
        if (lookupRole == null) {
            if (!logger.isWarnEnabled()) {
                return true;
            }
            logger.warn("no security map entry found: class: {} method:{}", obj.getClass().getName(), createMethodSig(method));
            return true;
        }
        if (lookupRole.contains(ROLE_KEY_DENY_ALL)) {
            return false;
        }
        if (lookupRole.contains(ROLE_KEY_PERMIT_ALL)) {
            return true;
        }
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            if (lookupRole.contains(it.next())) {
                return true;
            }
        }
        return false;
    }

    public Set<String> lookupRole(Object obj, Method method, Object[] objArr) {
        Class realClass = ClassHelper.getRealClass(obj);
        MethodSignature createMethodSig = createMethodSig(method);
        logger.trace("lookupRole: class: {} method:{}", realClass.getName(), createMethodSig);
        Map<MethodSignature, Set<String>> map = this.scannedClassMap.get(realClass.getName());
        if (map == null) {
            return Collections.emptySet();
        }
        Set<String> set = map.get(createMethodSig);
        logger.trace("==> cls:{} m:{} roles:{}", new Object[]{realClass, createMethodSig, set});
        return set;
    }

    public void logMethodMap() {
        if (logger.isTraceEnabled()) {
            ArrayList<String> arrayList = new ArrayList(this.scannedClassMap.keySet());
            Collections.sort(arrayList);
            for (String str : arrayList) {
                logger.trace("registered class: {}", str);
                Map<MethodSignature, Set<String>> map = this.scannedClassMap.get(str);
                for (MethodSignature methodSignature : new ArrayList(map.keySet())) {
                    logger.trace("  method:{} roles:{}", methodSignature, map.get(methodSignature));
                }
            }
        }
    }

    private void scanForPermitAll(Class<?> cls, Map<MethodSignature, Set<String>> map) {
        if (cls == null || cls == Object.class) {
            return;
        }
        boolean isAnnotationPresent = isAnnotationPresent(cls.getAnnotations(), PERMIT_ALL_CLASS_NAME);
        for (Method method : cls.getMethods()) {
            if (!SKIP_METHODS.contains(method.getName())) {
                boolean isAnnotationPresent2 = isAnnotationPresent(method.getAnnotations(), PERMIT_ALL_CLASS_NAME);
                if (isAnnotationPresent || isAnnotationPresent2) {
                    HashSet hashSet = new HashSet();
                    hashSet.add(ROLE_KEY_PERMIT_ALL);
                    map.put(createMethodSig(method), hashSet);
                }
            }
        }
        if (isAnnotationPresent) {
            return;
        }
        scanForPermitAll(cls.getSuperclass(), map);
    }

    private void scanForDenyAll(Class<?> cls, Map<MethodSignature, Set<String>> map) {
        if (cls == null || cls == Object.class) {
            return;
        }
        boolean isAnnotationPresent = isAnnotationPresent(cls.getAnnotations(), DENY_ALL_CLASS_NAME);
        for (Method method : cls.getMethods()) {
            if (!SKIP_METHODS.contains(method.getName())) {
                boolean isAnnotationPresent2 = isAnnotationPresent(method.getAnnotations(), DENY_ALL_CLASS_NAME);
                if (isAnnotationPresent || isAnnotationPresent2) {
                    HashSet hashSet = new HashSet();
                    hashSet.add(ROLE_KEY_DENY_ALL);
                    map.put(createMethodSig(method), hashSet);
                }
            }
        }
        if (isAnnotationPresent) {
            return;
        }
        scanForDenyAll(cls.getSuperclass(), map);
    }

    private boolean isAnnotationPresent(Annotation[] annotationArr, String str) {
        for (Annotation annotation : annotationArr) {
            if (annotation.annotationType().getName().equals(str)) {
                return true;
            }
        }
        return false;
    }

    private void scanForRolesAllowed(Class<?> cls, Map<MethodSignature, Set<String>> map) {
        if (cls == null || cls == Object.class) {
            return;
        }
        Set<String> roles = getRoles(cls.getAnnotations(), ROLES_ALLOWED_CLASS_NAME);
        for (Method method : cls.getMethods()) {
            if (!SKIP_METHODS.contains(method.getName())) {
                Set<String> roles2 = getRoles(method.getAnnotations(), ROLES_ALLOWED_CLASS_NAME);
                Set<String> set = !roles2.isEmpty() ? roles2 : roles;
                if (!set.isEmpty()) {
                    map.put(createMethodSig(method), set);
                }
            }
        }
        if (map.isEmpty()) {
            scanForRolesAllowed(cls.getSuperclass(), map);
        }
    }

    /* JADX WARN: Code restructure failed: missing block: B:10:0x005d, code lost:
    
        if (r14 >= r0.length) goto L28;
     */
    /* JADX WARN: Code restructure failed: missing block: B:11:0x0060, code lost:
    
        r0.append(r0[r14]);
     */
    /* JADX WARN: Code restructure failed: missing block: B:12:0x0072, code lost:
    
        if ((r14 + 1) >= r0.length) goto L30;
     */
    /* JADX WARN: Code restructure failed: missing block: B:13:0x0075, code lost:
    
        r0.append(" ");
     */
    /* JADX WARN: Code restructure failed: missing block: B:15:0x007d, code lost:
    
        r14 = r14 + 1;
     */
    /* JADX WARN: Code restructure failed: missing block: B:18:0x0083, code lost:
    
        r0 = new java.util.HashSet();
        r0 = r0.length;
        r17 = 0;
     */
    /* JADX WARN: Code restructure failed: missing block: B:20:0x009c, code lost:
    
        if (r17 >= r0) goto L31;
     */
    /* JADX WARN: Code restructure failed: missing block: B:21:0x009f, code lost:
    
        r0.add(r0[r17]);
        r17 = r17 + 1;
     */
    /* JADX WARN: Code restructure failed: missing block: B:26:0x00b8, code lost:
    
        return r0;
     */
    /* JADX WARN: Code restructure failed: missing block: B:8:0x0027, code lost:
    
        r0 = (java.lang.String[]) r0.annotationType().getMethod("value", new java.lang.Class[0]).invoke(r0, new java.lang.Object[0]);
        r0 = new java.lang.StringBuilder();
        r14 = 0;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private java.util.Set<java.lang.String> getRoles(java.lang.annotation.Annotation[] r5, java.lang.String r6) {
        /*
            r4 = this;
            r0 = r5
            r7 = r0
            r0 = r7
            int r0 = r0.length
            r8 = r0
            r0 = 0
            r9 = r0
        L9:
            r0 = r9
            r1 = r8
            if (r0 >= r1) goto Lc9
            r0 = r7
            r1 = r9
            r0 = r0[r1]
            r10 = r0
            r0 = r10
            java.lang.Class r0 = r0.annotationType()
            java.lang.String r0 = r0.getName()
            r1 = r6
            boolean r0 = r0.equals(r1)
            if (r0 == 0) goto Lc3
            r0 = r10
            java.lang.Class r0 = r0.annotationType()     // Catch: java.lang.Exception -> Lb9
            java.lang.String r1 = "value"
            r2 = 0
            java.lang.Class[] r2 = new java.lang.Class[r2]     // Catch: java.lang.Exception -> Lb9
            java.lang.reflect.Method r0 = r0.getMethod(r1, r2)     // Catch: java.lang.Exception -> Lb9
            r11 = r0
            r0 = r11
            r1 = r10
            r2 = 0
            java.lang.Object[] r2 = new java.lang.Object[r2]     // Catch: java.lang.Exception -> Lb9
            java.lang.Object r0 = r0.invoke(r1, r2)     // Catch: java.lang.Exception -> Lb9
            java.lang.String[] r0 = (java.lang.String[]) r0     // Catch: java.lang.Exception -> Lb9
            java.lang.String[] r0 = (java.lang.String[]) r0     // Catch: java.lang.Exception -> Lb9
            r12 = r0
            java.lang.StringBuilder r0 = new java.lang.StringBuilder     // Catch: java.lang.Exception -> Lb9
            r1 = r0
            r1.<init>()     // Catch: java.lang.Exception -> Lb9
            r13 = r0
            r0 = 0
            r14 = r0
        L58:
            r0 = r14
            r1 = r12
            int r1 = r1.length     // Catch: java.lang.Exception -> Lb9
            if (r0 >= r1) goto L83
            r0 = r13
            r1 = r12
            r2 = r14
            r1 = r1[r2]     // Catch: java.lang.Exception -> Lb9
            java.lang.StringBuilder r0 = r0.append(r1)     // Catch: java.lang.Exception -> Lb9
            r0 = r14
            r1 = 1
            int r0 = r0 + r1
            r1 = r12
            int r1 = r1.length     // Catch: java.lang.Exception -> Lb9
            if (r0 >= r1) goto L7d
            r0 = r13
            java.lang.String r1 = " "
            java.lang.StringBuilder r0 = r0.append(r1)     // Catch: java.lang.Exception -> Lb9
        L7d:
            int r14 = r14 + 1
            goto L58
        L83:
            java.util.HashSet r0 = new java.util.HashSet     // Catch: java.lang.Exception -> Lb9
            r1 = r0
            r1.<init>()     // Catch: java.lang.Exception -> Lb9
            r14 = r0
            r0 = r12
            r15 = r0
            r0 = r15
            int r0 = r0.length     // Catch: java.lang.Exception -> Lb9
            r16 = r0
            r0 = 0
            r17 = r0
        L98:
            r0 = r17
            r1 = r16
            if (r0 >= r1) goto Lb6
            r0 = r15
            r1 = r17
            r0 = r0[r1]     // Catch: java.lang.Exception -> Lb9
            r18 = r0
            r0 = r14
            r1 = r18
            boolean r0 = r0.add(r1)     // Catch: java.lang.Exception -> Lb9
            int r17 = r17 + 1
            goto L98
        Lb6:
            r0 = r14
            return r0
        Lb9:
            r11 = move-exception
            r0 = r11
            net.e6tech.elements.common.logging.Logger.suppress(r0)
            goto Lc9
        Lc3:
            int r9 = r9 + 1
            goto L9
        Lc9:
            java.util.Set r0 = java.util.Collections.emptySet()
            return r0
        */
        throw new UnsupportedOperationException("Method not decompiled: net.e6tech.elements.web.cxf.SecurityAnnotationEngine.getRoles(java.lang.annotation.Annotation[], java.lang.String):java.util.Set");
    }

    private MethodSignature createMethodSig(Method method) {
        return new MethodSignature(method);
    }

    static {
        SKIP_METHODS.addAll(Arrays.asList("wait", "notify", "notifyAll", "equals", "toString", "hashCode"));
    }
}
