package org.pipservices4.http.auth;

import jakarta.ws.rs.container.ContainerRequestContext;
import jakarta.ws.rs.core.Response;
import java.util.Iterator;
import java.util.List;
import org.glassfish.jersey.process.Inflector;
import org.pipservices4.commons.errors.UnauthorizedException;
import org.pipservices4.http.controllers.AuthorizeFunction;
import org.pipservices4.http.controllers.HttpResponseSender;

/* JADX WARN: Classes with same name are omitted:
  input_file:lib/pip-services4-http-0.0.4-jar-with-dependencies.jar:org/pipservices4/http/auth/RoleAuthorizer.class
  input_file:lib/pip-services4-http-0.0.4.jar:org/pipservices4/http/auth/RoleAuthorizer.class
 */
/* loaded from: input_file:obj/src/org/pipservices4/http/auth/RoleAuthorizer.class */
public class RoleAuthorizer {
    public AuthorizeFunction<ContainerRequestContext, Inflector<ContainerRequestContext, Response>, Response> userInRoles(List<String> list) {
        return (containerRequestContext, inflector) -> {
            if (containerRequestContext.getSecurityContext().getUserPrincipal() == null) {
                return HttpResponseSender.sendError(new UnauthorizedException(null, "NOT_SIGNED", "User must be signed in to perform this operation").withStatus(401));
            }
            boolean z = false;
            Iterator it = list.iterator();
            while (it.hasNext()) {
                z = z || containerRequestContext.getSecurityContext().isUserInRole((String) it.next());
            }
            return !z ? HttpResponseSender.sendError(new UnauthorizedException(null, "NOT_IN_ROLE", "User must be " + String.join(" or ", list) + " to perform this operation").withDetails("roles", list).withStatus(403)) : (Response) inflector.apply(containerRequestContext);
        };
    }

    public AuthorizeFunction<ContainerRequestContext, Inflector<ContainerRequestContext, Response>, Response> userInRole(String str) {
        return userInRoles(List.of(str));
    }

    public AuthorizeFunction<ContainerRequestContext, Inflector<ContainerRequestContext, Response>, Response> admin() {
        return userInRole("admin");
    }
}
