package io.jans.oxtrust.auth.uma.annotations;

import io.jans.service.el.ExpressionEvaluator;
import io.jans.service.security.InterceptSecure;
import io.jans.service.security.Secure;
import io.jans.service.security.SecureVariable;
import io.jans.service.security.SecurityEvaluationException;
import io.jans.service.security.SecurityExtension;
import jakarta.annotation.Priority;
import jakarta.inject.Inject;
import jakarta.interceptor.AroundInvoke;
import jakarta.interceptor.Interceptor;
import jakarta.interceptor.InvocationContext;
import jakarta.servlet.http.HttpServletResponse;
import jakarta.ws.rs.core.Response;
import java.lang.annotation.Annotation;
import java.util.HashMap;
import java.util.Map;
import org.slf4j.Logger;

@Priority(4000)
@Deprecated
@UmaSecure
@Interceptor
/* loaded from: input_file:io/jans/oxtrust/auth/uma/annotations/UmaSecureInterceptor.class */
public class UmaSecureInterceptor {

    @Inject
    private Logger log;

    @Inject
    private SecurityExtension securityExtension;

    @Inject
    private ExpressionEvaluator expressionEvaluator;

    @AroundInvoke
    public Object invoke(InvocationContext invocationContext) throws Exception {
        HttpServletResponse httpServletResponse = null;
        Object[] parameters = invocationContext.getParameters();
        this.log.trace("REST method call security check. " + invocationContext.getMethod().getName() + "()");
        for (Object obj : parameters) {
            if (obj instanceof HttpServletResponse) {
                httpServletResponse = (HttpServletResponse) obj;
            }
        }
        InterceptSecure interceptSecure = this.securityExtension.getInterceptSecure(invocationContext.getMethod());
        Secure[] value = interceptSecure == null ? new Secure[0] : interceptSecure.value();
        Map<String, Object> computeParameterValues = computeParameterValues(invocationContext);
        for (Secure secure : value) {
            Boolean bool = (Boolean) this.expressionEvaluator.evaluateValueExpression(secure.value(), Boolean.class, computeParameterValues);
            if (bool == null || !bool.booleanValue()) {
                this.log.debug("Method: '{}' constrain '{}' evaluation is null or false!", invocationContext.getMethod(), secure);
                throw new SecurityEvaluationException();
            }
        }
        try {
            return invocationContext.proceed();
        } catch (Exception e) {
            this.log.error("Error calling ctx.proceed in UmaSecureInterceptor");
            if (httpServletResponse != null) {
                try {
                    httpServletResponse.sendError(500, "INTERNAL SERVER ERROR");
                    return null;
                } catch (Exception e2) {
                    return null;
                }
            }
            if (Response.class.isAssignableFrom(invocationContext.getMethod().getReturnType())) {
                return Response.serverError().entity("INTERNAL SERVER ERROR").build();
            }
            return null;
        }
    }

    private Map<String, Object> computeParameterValues(InvocationContext invocationContext) {
        Annotation[][] parameterAnnotations = invocationContext.getMethod().getParameterAnnotations();
        HashMap hashMap = new HashMap();
        for (int i = 0; i < parameterAnnotations.length; i++) {
            for (Annotation annotation : parameterAnnotations[i]) {
                if (SecureVariable.class.isAssignableFrom(annotation.annotationType())) {
                    hashMap.put(((SecureVariable) annotation).value(), invocationContext.getParameters()[i]);
                }
            }
        }
        return hashMap;
    }
}
