package weblogic.wsee.security;

import java.lang.reflect.Method;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import java.util.logging.Level;
import java.util.logging.Logger;
import weblogic.security.acl.internal.AuthenticatedSubject;
import weblogic.security.service.AuthorizationManager;
import weblogic.security.service.ContextHandler;
import weblogic.security.service.WebServiceResource;
import weblogic.wsee.handler.DirectInvokeData;
import weblogic.wsee.handler.DirectInvokeHandler;
import weblogic.wsee.message.WlMessageContext;
import weblogic.wsee.util.ServerSecurityHelper;

/* loaded from: input_file:weblogic/wsee/security/DirectInvokeAuthorizer.class */
public class DirectInvokeAuthorizer implements Authorizer {
    private static final Logger LOGGER = Logger.getLogger(DirectInvokeAuthorizer.class.getName());
    private final ResourceMap resourceMap = new ResourceMap();
    private AuthorizationManager am;
    private AuthorizationContext authContext;

    /* JADX INFO: Access modifiers changed from: protected */
    /* loaded from: input_file:weblogic/wsee/security/DirectInvokeAuthorizer$ResourceMap.class */
    public static class ResourceMap {
        private Map resourceMap;

        protected ResourceMap() {
            this.resourceMap = null;
            this.resourceMap = Collections.synchronizedMap(new HashMap());
        }

        protected WebServiceResource get(Method method) {
            return (WebServiceResource) this.resourceMap.get(method);
        }

        protected WebServiceResource put(Method method, WebServiceResource webServiceResource) {
            this.resourceMap.put(method, webServiceResource);
            return webServiceResource;
        }
    }

    public DirectInvokeAuthorizer(AuthorizationContext authorizationContext) {
        this.authContext = authorizationContext;
        this.am = ServerSecurityHelper.getAuthManager(this.authContext.getSecurityRealm());
    }

    public boolean isAccessAllowed(WlMessageContext wlMessageContext) {
        AuthenticatedSubject currentSubject = ServerSecurityHelper.getCurrentSubject();
        Object property = wlMessageContext.getProperty(DirectInvokeHandler.DIRECT_INVOKE_DATA_PROP);
        if (property == null || !(property instanceof DirectInvokeData)) {
            return false;
        }
        Method method = ((DirectInvokeData) property).getRequest().getMethod();
        WebServiceResource resource = getResource(method, wlMessageContext.getDispatcher().getWsdlPort().getName().getLocalPart());
        if (LOGGER.isLoggable(Level.FINE)) {
            LOGGER.log(Level.FINE, "DirectInvokeAuthorizer got operation " + method.getName() + " and user " + currentSubject + ", using resource " + resource);
        }
        boolean isAccessAllowed = this.am.isAccessAllowed(currentSubject, resource, (ContextHandler) null);
        if (LOGGER.isLoggable(Level.FINE)) {
            if (isAccessAllowed) {
                LOGGER.log(Level.FINE, "Access granted for subject " + currentSubject + " to resource " + resource);
            } else {
                LOGGER.log(Level.FINE, "Access denied for subject " + currentSubject + " to resource " + resource);
            }
        }
        return isAccessAllowed;
    }

    public WebServiceResource getResource(Method method, String str) {
        WebServiceResource lookupResource = lookupResource(method);
        if (lookupResource == null) {
            lookupResource = createResource(this.authContext, str, method);
            cacheResource(method, lookupResource);
        }
        return lookupResource;
    }

    private WebServiceResource lookupResource(Method method) {
        return this.resourceMap.get(method);
    }

    private WebServiceResource cacheResource(Method method, WebServiceResource webServiceResource) {
        this.resourceMap.put(method, webServiceResource);
        return webServiceResource;
    }

    private static WebServiceResource createResource(AuthorizationContext authorizationContext, String str, Method method) {
        String name = method.getName();
        ArrayList arrayList = new ArrayList();
        for (Class<?> cls : method.getParameterTypes()) {
            arrayList.add(cls.getCanonicalName());
        }
        String[] strArr = new String[arrayList.size()];
        arrayList.toArray(strArr);
        if (LOGGER.isLoggable(Level.FINE)) {
            LOGGER.log(Level.FINE, "** Args to WebServiceResource");
            LOGGER.log(Level.FINE, "**   methodName = " + name);
            LOGGER.log(Level.FINE, "**   methodParams = ");
            for (String str2 : strArr) {
                LOGGER.log(Level.FINE, str2);
            }
        }
        return new WebServiceResource(authorizationContext.getApplicationName(), authorizationContext.getContextPath(), str, name, strArr);
    }

    String getSecurityRealm() {
        return this.authContext.getSecurityRealm();
    }
}
