package org.apache.cxf.interceptor.security;

import java.lang.reflect.Method;
import java.security.Principal;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.Set;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.security.auth.Subject;
import org.apache.cxf.common.logging.LogUtils;
import org.apache.cxf.common.security.GroupPrincipal;
import org.apache.cxf.common.util.ReflectionUtil;
import org.apache.cxf.security.LoginSecurityContext;

/* loaded from: input_file:WEB-INF/lib/cxf-core-3.3.6.jar:org/apache/cxf/interceptor/security/DefaultSecurityContext.class */
public class DefaultSecurityContext implements LoginSecurityContext {
    private static final Logger LOG = LogUtils.getL7dLogger(DefaultSecurityContext.class);
    private static Class<?> javaGroup;
    private static Class<?> karafGroup;
    private Principal p;
    private Subject subject;

    public DefaultSecurityContext(Subject subject) {
        this.p = findPrincipal(null, subject);
        this.subject = subject;
    }

    public DefaultSecurityContext(String str, Subject subject) {
        this.p = findPrincipal(str, subject);
        this.subject = subject;
    }

    public DefaultSecurityContext(Principal principal, Subject subject) {
        this.p = principal;
        this.subject = subject;
        if (principal == null) {
            this.p = findPrincipal(null, subject);
        }
    }

    private static Principal findPrincipal(String str, Subject subject) {
        if (subject == null) {
            return null;
        }
        for (Principal principal : subject.getPrincipals()) {
            if (!isGroupPrincipal(principal) && (str == null || principal.getName().equals(str))) {
                return principal;
            }
        }
        if (str == null) {
            return null;
        }
        for (Principal principal2 : subject.getPrincipals()) {
            if (!isGroupPrincipal(principal2)) {
                return principal2;
            }
        }
        return null;
    }

    @Override // org.apache.cxf.security.SecurityContext
    public Principal getUserPrincipal() {
        return this.p;
    }

    @Override // org.apache.cxf.security.SecurityContext
    public boolean isUserInRole(String str) {
        if (this.subject == null) {
            return false;
        }
        for (Principal principal : this.subject.getPrincipals()) {
            if (isGroupPrincipal(principal) && checkGroup(principal, str)) {
                return true;
            }
            if (this.p != principal && str.equals(principal.getName())) {
                return true;
            }
        }
        return false;
    }

    protected boolean checkGroup(Principal principal, String str) {
        if (principal.getName().equals(str)) {
            return true;
        }
        try {
            Method method = ReflectionUtil.getMethod(principal.getClass(), "members", new Class[0]);
            method.setAccessible(true);
            Enumeration enumeration = (Enumeration) method.invoke(principal, new Object[0]);
            while (enumeration.hasMoreElements()) {
                Principal principal2 = (Principal) enumeration.nextElement();
                if (principal2.getName().equals(str)) {
                    return true;
                }
                if (isGroupPrincipal(principal2) && checkGroup((GroupPrincipal) principal2, str)) {
                    return true;
                }
            }
            return false;
        } catch (Exception e) {
            if (!LOG.isLoggable(Level.FINE)) {
                return false;
            }
            LOG.fine("Unable to invoke memebers in " + principal.getName() + ":" + e.getMessage());
            return false;
        }
    }

    @Override // org.apache.cxf.security.LoginSecurityContext
    public Subject getSubject() {
        return this.subject;
    }

    @Override // org.apache.cxf.security.LoginSecurityContext
    public Set<Principal> getUserRoles() {
        HashSet hashSet = new HashSet();
        if (this.subject != null) {
            for (Principal principal : this.subject.getPrincipals()) {
                if (principal != this.p) {
                    hashSet.add(principal);
                }
            }
        }
        return hashSet;
    }

    /* JADX WARN: Code restructure failed: missing block: B:12:0x001d, code lost:
    
        if (org.apache.cxf.interceptor.security.DefaultSecurityContext.karafGroup.isInstance(r3) != false) goto L10;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private static boolean instanceOfGroup(java.lang.Object r3) {
        /*
            java.lang.Class<?> r0 = org.apache.cxf.interceptor.security.DefaultSecurityContext.javaGroup     // Catch: java.lang.Exception -> L26
            if (r0 == 0) goto L10
            java.lang.Class<?> r0 = org.apache.cxf.interceptor.security.DefaultSecurityContext.javaGroup     // Catch: java.lang.Exception -> L26
            r1 = r3
            boolean r0 = r0.isInstance(r1)     // Catch: java.lang.Exception -> L26
            if (r0 != 0) goto L20
        L10:
            java.lang.Class<?> r0 = org.apache.cxf.interceptor.security.DefaultSecurityContext.karafGroup     // Catch: java.lang.Exception -> L26
            if (r0 == 0) goto L24
            java.lang.Class<?> r0 = org.apache.cxf.interceptor.security.DefaultSecurityContext.karafGroup     // Catch: java.lang.Exception -> L26
            r1 = r3
            boolean r0 = r0.isInstance(r1)     // Catch: java.lang.Exception -> L26
            if (r0 == 0) goto L24
        L20:
            r0 = 1
            goto L25
        L24:
            r0 = 0
        L25:
            return r0
        L26:
            r4 = move-exception
            r0 = 0
            return r0
        */
        throw new UnsupportedOperationException("Method not decompiled: org.apache.cxf.interceptor.security.DefaultSecurityContext.instanceOfGroup(java.lang.Object):boolean");
    }

    public static boolean isGroupPrincipal(Principal principal) {
        return (principal instanceof GroupPrincipal) || instanceOfGroup(principal);
    }

    static {
        try {
            javaGroup = Class.forName("java.security.acl.Group");
        } catch (Exception e) {
            javaGroup = null;
        }
        try {
            karafGroup = Class.forName("org.apache.karaf.jaas.boot.principal.Group");
        } catch (Exception e2) {
            karafGroup = null;
        }
    }
}
