package com.sun.jersey.api.container.filter;

import com.sun.jersey.api.model.AbstractMethod;
import com.sun.jersey.spi.container.ContainerRequest;
import com.sun.jersey.spi.container.ContainerRequestFilter;
import com.sun.jersey.spi.container.ContainerResponseFilter;
import com.sun.jersey.spi.container.ResourceFilter;
import com.sun.jersey.spi.container.ResourceFilterFactory;
import java.util.Collections;
import java.util.List;
import javax.annotation.security.DenyAll;
import javax.annotation.security.PermitAll;
import javax.annotation.security.RolesAllowed;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.SecurityContext;

/* loaded from: input_file:WEB-INF/lib/jersey-server-1.17.jar:com/sun/jersey/api/container/filter/RolesAllowedResourceFilterFactory.class */
public class RolesAllowedResourceFilterFactory implements ResourceFilterFactory {

    @Context
    private SecurityContext sc;

    /* loaded from: input_file:WEB-INF/lib/jersey-server-1.17.jar:com/sun/jersey/api/container/filter/RolesAllowedResourceFilterFactory$Filter.class */
    private class Filter implements ResourceFilter, ContainerRequestFilter {
        private final boolean denyAll;
        private final String[] rolesAllowed;

        protected Filter() {
            this.denyAll = true;
            this.rolesAllowed = null;
        }

        protected Filter(String[] strArr) {
            this.denyAll = false;
            this.rolesAllowed = strArr != null ? strArr : new String[0];
        }

        @Override // com.sun.jersey.spi.container.ResourceFilter
        public ContainerRequestFilter getRequestFilter() {
            return this;
        }

        @Override // com.sun.jersey.spi.container.ResourceFilter
        public ContainerResponseFilter getResponseFilter() {
            return null;
        }

        @Override // com.sun.jersey.spi.container.ContainerRequestFilter
        public ContainerRequest filter(ContainerRequest containerRequest) {
            if (!this.denyAll) {
                for (String str : this.rolesAllowed) {
                    if (RolesAllowedResourceFilterFactory.this.sc.isUserInRole(str)) {
                        return containerRequest;
                    }
                }
            }
            throw new WebApplicationException(Response.Status.FORBIDDEN);
        }
    }

    @Override // com.sun.jersey.spi.container.ResourceFilterFactory
    public List<ResourceFilter> create(AbstractMethod abstractMethod) {
        RolesAllowed rolesAllowed;
        if (abstractMethod.isAnnotationPresent(DenyAll.class)) {
            return Collections.singletonList(new Filter());
        }
        RolesAllowed rolesAllowed2 = (RolesAllowed) abstractMethod.getAnnotation(RolesAllowed.class);
        if (rolesAllowed2 != null) {
            return Collections.singletonList(new Filter(rolesAllowed2.value()));
        }
        if (abstractMethod.isAnnotationPresent(PermitAll.class) || (rolesAllowed = (RolesAllowed) abstractMethod.getResource().getAnnotation(RolesAllowed.class)) == null) {
            return null;
        }
        return Collections.singletonList(new Filter(rolesAllowed.value()));
    }
}
