package org.activebpel.rt.axis.bpel.handlers;

import java.text.MessageFormat;
import java.util.StringTokenizer;
import org.activebpel.rt.axis.bpel.AeMessages;
import org.activebpel.rt.bpel.server.engine.AeEngineFactory;
import org.activebpel.rt.util.AeUtil;
import org.apache.axis.AxisFault;
import org.apache.axis.MessageContext;
import org.apache.axis.handlers.BasicHandler;
import org.apache.axis.security.AuthenticatedUser;
import org.apache.axis.security.SecurityProvider;
import org.apache.axis.utils.Messages;

/* loaded from: input_file:org/activebpel/rt/axis/bpel/handlers/AeSimpleAuthorizationHandler.class */
public class AeSimpleAuthorizationHandler extends BasicHandler {
    @Override // org.apache.axis.Handler
    public void invoke(MessageContext messageContext) throws AxisFault {
        String allowedRoles = getAllowedRoles(messageContext);
        if (AeUtil.notNullOrEmpty(allowedRoles)) {
            AuthenticatedUser authenticatedUser = (AuthenticatedUser) messageContext.getProperty(MessageContext.AUTHUSER);
            if (authenticatedUser == null) {
                if (AeEngineFactory.getEngineConfig().isAllowedRolesEnforced()) {
                    throw new SecurityException(AeMessages.format("AeSimpleAuthorizationHandler.ERROR_1", messageContext.getService().getName()));
                }
                return;
            }
            SecurityProvider securityProvider = getSecurityProvider(messageContext);
            StringTokenizer stringTokenizer = new StringTokenizer(allowedRoles, ",");
            while (stringTokenizer.hasMoreTokens()) {
                if (securityProvider.userMatches(authenticatedUser, stringTokenizer.nextToken())) {
                    return;
                }
            }
            throw new SecurityException(MessageFormat.format("AeSimpleAuthorizationHandler.ERROR_0", authenticatedUser.getName(), messageContext.getService().getName()));
        }
    }

    protected String getAllowedRoles(MessageContext messageContext) throws AxisFault {
        if (messageContext.getService() == null) {
            throw new AxisFault(Messages.getMessage("needService00"));
        }
        return (String) messageContext.getService().getOption("allowedRoles");
    }

    protected SecurityProvider getSecurityProvider(MessageContext messageContext) throws AxisFault {
        SecurityProvider securityProvider = (SecurityProvider) messageContext.getProperty(MessageContext.SECURITY_PROVIDER);
        if (securityProvider == null) {
            throw new AxisFault(Messages.getMessage("noSecurity00"));
        }
        return securityProvider;
    }
}
