package org.activebpel.rt.bpel.server.security;

import java.security.Principal;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import javax.security.auth.Subject;
import javax.xml.namespace.QName;
import org.activebpel.rt.bpel.AeBusinessProcessException;
import org.activebpel.rt.bpel.def.AePartnerLinkDef;
import org.activebpel.rt.bpel.impl.IAeProcessPlan;
import org.activebpel.rt.bpel.server.AeMessages;
import org.activebpel.rt.bpel.server.IAeProcessDeployment;
import org.activebpel.rt.bpel.server.engine.AeEngineFactory;
import org.activebpel.rt.util.AeUtil;
import org.activebpel.wsio.receive.IAeMessageContext;

/* loaded from: input_file:org/activebpel/rt/bpel/server/security/AePrincipalAuthProvider.class */
public class AePrincipalAuthProvider implements IAeAuthorizationProvider {
    public AePrincipalAuthProvider(Map map) {
    }

    @Override // org.activebpel.rt.bpel.server.security.IAeAuthorizationProvider
    public boolean authorize(Subject subject, IAeMessageContext iAeMessageContext) throws AeSecurityException {
        if (AeUtil.isNullOrEmpty(iAeMessageContext.getProcessName())) {
            throw new AeSecurityException(AeMessages.getString("AePrincipalAuthProvider.0"));
        }
        try {
            IAeProcessDeployment deploymentPlan = getDeploymentPlan(iAeMessageContext.getProcessName());
            return authorize(subject, deploymentPlan.getServiceInfo(getPartnerLinkDef(deploymentPlan, iAeMessageContext).getLocationPath()).getAllowedRoles());
        } catch (AeBusinessProcessException e) {
            throw new AeSecurityException(e.getLocalizedMessage(), e);
        }
    }

    @Override // org.activebpel.rt.bpel.server.security.IAeAuthorizationProvider
    public boolean authorize(Subject subject, Set set) throws AeSecurityException {
        if (AeUtil.isNullOrEmpty(set) || !AeEngineFactory.getEngineConfig().isAllowedRolesEnforced()) {
            return true;
        }
        if (subject == null) {
            return false;
        }
        Iterator it = set.iterator();
        while (it.hasNext()) {
            if (isSubjectInRole(subject, (String) it.next())) {
                return true;
            }
        }
        return false;
    }

    protected boolean isSubjectInRole(Subject subject, String str) {
        for (Principal principal : subject.getPrincipals()) {
            if (principal instanceof IAePrincipal) {
                return ((IAePrincipal) principal).isUserInRole(str);
            }
            if (str.equals(principal.getName())) {
                return true;
            }
        }
        return false;
    }

    protected AePartnerLinkDef getPartnerLinkDef(IAeProcessPlan iAeProcessPlan, IAeMessageContext iAeMessageContext) {
        return iAeProcessPlan.getProcessDef().findPartnerLink(iAeMessageContext.getPartnerLink());
    }

    protected IAeProcessDeployment getDeploymentPlan(QName qName) throws AeBusinessProcessException {
        return AeEngineFactory.getDeploymentProvider().findCurrentDeployment(qName);
    }
}
