package io.quarkus.spring.security.runtime.interceptor.check;

import io.quarkus.arc.Arc;
import io.quarkus.security.ForbiddenException;
import io.quarkus.security.UnauthorizedException;
import io.quarkus.security.identity.SecurityIdentity;
import io.quarkus.security.spi.runtime.MethodDescription;
import io.quarkus.security.spi.runtime.SecurityCheck;
import io.quarkus.spring.security.runtime.interceptor.accessor.StringPropertyAccessor;
import java.lang.annotation.Annotation;
import java.lang.reflect.Method;

/* loaded from: input_file:io/quarkus/spring/security/runtime/interceptor/check/PrincipalNameFromParameterObjectSecurityCheck.class */
public class PrincipalNameFromParameterObjectSecurityCheck implements SecurityCheck {
    private final int index;
    private final Class<?> expectedParameterClass;
    private final Class<? extends StringPropertyAccessor> stringPropertyAccessorClass;
    private final String propertyName;
    private final CheckType checkType;

    /* loaded from: input_file:io/quarkus/spring/security/runtime/interceptor/check/PrincipalNameFromParameterObjectSecurityCheck$CheckType.class */
    public enum CheckType {
        EQ,
        NEQ
    }

    private PrincipalNameFromParameterObjectSecurityCheck(int i, String str, String str2, String str3, CheckType checkType) throws ClassNotFoundException {
        this.index = i;
        this.expectedParameterClass = Class.forName(str, false, Thread.currentThread().getContextClassLoader());
        this.stringPropertyAccessorClass = Class.forName(str2, false, Thread.currentThread().getContextClassLoader());
        this.propertyName = str3;
        this.checkType = checkType;
    }

    public static PrincipalNameFromParameterObjectSecurityCheck of(int i, String str, String str2, String str3, CheckType checkType) {
        try {
            return new PrincipalNameFromParameterObjectSecurityCheck(i, str, str2, str3, checkType);
        } catch (ClassNotFoundException e) {
            throw new RuntimeException(e);
        }
    }

    public void apply(SecurityIdentity securityIdentity, Method method, Object[] objArr) {
        doApply(securityIdentity, objArr, method.getDeclaringClass().getName(), method.getName());
    }

    public void apply(SecurityIdentity securityIdentity, MethodDescription methodDescription, Object[] objArr) {
        doApply(securityIdentity, objArr, methodDescription.getClassName(), methodDescription.getMethodName());
    }

    private void doApply(SecurityIdentity securityIdentity, Object[] objArr, String str, String str2) {
        if (this.index > objArr.length - 1) {
            throw genericNotApplicableException(str, str2);
        }
        Object obj = objArr[this.index];
        if (!this.expectedParameterClass.equals(obj.getClass())) {
            throw genericNotApplicableException(str, str2);
        }
        String stringValue = getStringValue(obj);
        if (securityIdentity.isAnonymous()) {
            throw new UnauthorizedException();
        }
        String name = securityIdentity.getPrincipal().getName();
        if (this.checkType == CheckType.EQ) {
            if (!name.equals(stringValue)) {
                throw new ForbiddenException();
            }
        } else if (this.checkType == CheckType.NEQ && name.equals(stringValue)) {
            throw new ForbiddenException();
        }
    }

    private String getStringValue(Object obj) {
        return ((StringPropertyAccessor) Arc.container().instance(this.stringPropertyAccessorClass, new Annotation[0]).get()).access(obj, this.propertyName);
    }

    private IllegalStateException genericNotApplicableException(String str, String str2) {
        return new IllegalStateException("PrincipalNameFromParameterObjectSecurityCheck with index " + this.index + " cannot be applied to '" + str + "#" + str2 + "'");
    }
}
