package io.inugami.core.security.commons.roles;

import io.inugami.api.loggers.Loggers;
import java.util.ArrayList;
import java.util.List;
import java.util.stream.Collectors;
import javax.enterprise.context.ApplicationScoped;
import javax.inject.Named;
import javax.ws.rs.ForbiddenException;
import org.apache.deltaspike.security.api.authorization.Secures;
import org.picketlink.Identity;
import org.picketlink.idm.IdentityManager;
import org.picketlink.idm.RelationshipManager;
import org.picketlink.idm.model.Account;
import org.picketlink.idm.model.Attribute;

@ApplicationScoped
@Named
/* loaded from: input_file:WEB-INF/lib/inugami_core_security_commons-3.3.5.jar:io/inugami/core/security/commons/roles/RolesAuthorizer.class */
public class RolesAuthorizer {
    public void assertUserConnected(Identity identity) {
        if (identity == null) {
            throw new SecurityException("identification is require!");
        }
        if (!identity.isLoggedIn()) {
            throw new SecurityException("identification is require!");
        }
    }

    public void assertIsAdmin(Identity identity) {
        assertUserConnected(identity);
        boolean z = false;
        try {
            z = doAdminCheck(identity, null, null);
        } catch (Exception e) {
            Loggers.DEBUG.debug(e.getMessage(), (Throwable) e);
        }
        if (!z) {
            throw new ForbiddenException("Forbidden access!");
        }
    }

    @Secures
    @Admin
    public boolean doAdminCheck(Identity identity, IdentityManager identityManager, RelationshipManager relationshipManager) throws Exception {
        return hasRole(identity.getAccount(), Admin.ROLE);
    }

    @Secures
    @UserConnected
    public boolean doUserCheck(Identity identity, IdentityManager identityManager, RelationshipManager relationshipManager) throws Exception {
        return hasRole(identity.getAccount(), "user");
    }

    private boolean hasRole(Account account, String str) {
        Attribute attribute = account.getAttribute("roles");
        return ((List) ((attribute == null || !(attribute.getValue() instanceof List)) ? new ArrayList() : (List) attribute.getValue()).stream().map((v0) -> {
            return v0.toLowerCase();
        }).collect(Collectors.toList())).contains(str);
    }
}
