package org.ow2.easybeans.security.propagation.context;

import java.io.Serializable;
import java.security.Principal;
import java.security.acl.Group;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import javax.security.auth.Subject;
import org.ow2.easybeans.security.api.EZBSecurityContext;
import org.ow2.easybeans.security.struct.JGroup;
import org.ow2.easybeans.security.struct.JPrincipal;
import org.ow2.util.log.Log;
import org.ow2.util.log.LogFactory;

/* loaded from: input_file:WEB-INF/lib/easybeans-security-1.1.0-RC2.jar:org/ow2/easybeans/security/propagation/context/SecurityContext.class */
public final class SecurityContext implements EZBSecurityContext, Serializable {
    private static final long serialVersionUID = 6612085599241360430L;
    private static final String ANONYMOUS_USER = "EasyBeans/Anonymous";
    private static final String ANONYMOUS_ROLE = "anonymous";
    private Subject subject;
    private Subject callerInRunAsModeSubject;
    private static Log logger = LogFactory.getLog(SecurityContext.class);
    public static final Subject ANONYMOUS_SUBJECT = buildAnonymousSubject();

    public SecurityContext() {
        this.subject = ANONYMOUS_SUBJECT;
        this.callerInRunAsModeSubject = null;
    }

    public SecurityContext(Subject subject) {
        this.subject = ANONYMOUS_SUBJECT;
        this.callerInRunAsModeSubject = null;
        this.subject = subject;
    }

    @Override // org.ow2.easybeans.security.api.EZBSecurityContext
    public Subject enterRunAs(Subject subject) {
        this.callerInRunAsModeSubject = this.subject;
        this.subject = subject;
        return this.callerInRunAsModeSubject;
    }

    @Override // org.ow2.easybeans.security.api.EZBSecurityContext
    public void endsRunAs(Subject subject) {
        this.subject = subject;
        this.callerInRunAsModeSubject = null;
    }

    @Override // org.ow2.easybeans.security.api.EZBSecurityContext
    public Principal getCallerPrincipal(boolean z) {
        for (Principal principal : ((!z || this.callerInRunAsModeSubject == null) ? this.subject : this.callerInRunAsModeSubject).getPrincipals(Principal.class)) {
            if (!(principal instanceof Group)) {
                return principal;
            }
        }
        logger.error("No principal found in the current subject. Authentication should have failed when populating subject", new Object[0]);
        throw new IllegalStateException("No principal found in the current subject. Authentication should have failed when populating subject");
    }

    public List<? extends Principal> getCallerRolesList(boolean z) {
        for (Principal principal : ((!z || this.callerInRunAsModeSubject == null) ? this.subject : this.callerInRunAsModeSubject).getPrincipals(Principal.class)) {
            if (principal instanceof Group) {
                return Collections.list(((Group) principal).members());
            }
        }
        logger.error("No role found in the current subject. Authentication should have failed when populating subject", new Object[0]);
        throw new IllegalStateException("No role found in the current subject. Authentication should have failed when populating subject");
    }

    @Override // org.ow2.easybeans.security.api.EZBSecurityContext
    public Principal[] getCallerRoles(boolean z) {
        List<? extends Principal> callerRolesList = getCallerRolesList(z);
        return (Principal[]) callerRolesList.toArray(new Principal[callerRolesList.size()]);
    }

    private static Subject buildAnonymousSubject() {
        return buildSubject(ANONYMOUS_USER, new String[]{ANONYMOUS_ROLE});
    }

    public static Subject buildSubject(String str, String[] strArr) {
        ArrayList arrayList = new ArrayList();
        if (strArr != null) {
            for (String str2 : strArr) {
                arrayList.add(str2);
            }
        }
        return buildSubject(str, arrayList);
    }

    public static Subject buildSubject(String str, List<String> list) {
        Subject subject = new Subject();
        subject.getPrincipals().add(new JPrincipal(str));
        JGroup jGroup = new JGroup("roles");
        if (list != null) {
            Iterator<String> it = list.iterator();
            while (it.hasNext()) {
                jGroup.addMember(new JPrincipal(it.next()));
            }
        }
        subject.getPrincipals().add(jGroup);
        return subject;
    }
}
