package com.sun.enterprise.deployment.annotation.handlers;

import com.sun.enterprise.deployment.EjbDescriptor;
import com.sun.enterprise.deployment.MethodDescriptor;
import com.sun.enterprise.deployment.MethodPermission;
import com.sun.enterprise.deployment.annotation.context.EjbContext;
import com.sun.enterprise.deployment.annotation.context.WebBundleContext;
import com.sun.enterprise.deployment.annotation.context.WebComponentContext;
import com.sun.enterprise.deployment.util.TypeUtil;
import jakarta.annotation.security.DenyAll;
import jakarta.annotation.security.PermitAll;
import jakarta.annotation.security.RolesAllowed;
import java.lang.annotation.Annotation;
import java.lang.annotation.ElementType;
import java.lang.reflect.AnnotatedElement;
import java.lang.reflect.Method;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.logging.Level;
import org.glassfish.apf.AnnotationInfo;
import org.glassfish.apf.AnnotationProcessorException;
import org.glassfish.apf.HandlerProcessingResult;

/* loaded from: input_file:MICRO-INF/runtime/dol.jar:com/sun/enterprise/deployment/annotation/handlers/AbstractAuthAnnotationHandler.class */
abstract class AbstractAuthAnnotationHandler extends AbstractCommonAttributeHandler implements PostProcessor<EjbContext> {
    protected abstract void processEjbMethodSecurity(Annotation annotation, MethodDescriptor methodDescriptor, EjbDescriptor ejbDescriptor);

    @Override // com.sun.enterprise.deployment.annotation.handlers.AbstractCommonAttributeHandler
    protected HandlerProcessingResult processAnnotation(AnnotationInfo annotationInfo, EjbContext[] ejbContextArr) throws AnnotationProcessorException {
        if (!validateAccessControlAnnotations(annotationInfo)) {
            return getDefaultFailedResult();
        }
        Annotation annotation = annotationInfo.getAnnotation();
        for (EjbContext ejbContext : ejbContextArr) {
            EjbDescriptor descriptor = ejbContext.getDescriptor();
            if (ElementType.TYPE.equals(annotationInfo.getElementType())) {
                ejbContext.addPostProcessInfo(annotationInfo, this);
            } else {
                Method method = (Method) annotationInfo.getAnnotatedElement();
                for (MethodDescriptor methodDescriptor : descriptor.getSecurityBusinessMethodDescriptors()) {
                    if (!hasMethodPermissionsFromDD(methodDescriptor, descriptor) && TypeUtil.sameMethodSignature(methodDescriptor.getMethod(descriptor), method)) {
                        processEjbMethodSecurity(annotation, methodDescriptor, descriptor);
                    }
                }
            }
        }
        return getDefaultProcessedResult();
    }

    @Override // com.sun.enterprise.deployment.annotation.handlers.AbstractCommonAttributeHandler
    protected HandlerProcessingResult processAnnotation(AnnotationInfo annotationInfo, WebComponentContext[] webComponentContextArr) throws AnnotationProcessorException {
        return getInvalidAnnotatedElementHandlerResult(webComponentContextArr[0], annotationInfo);
    }

    @Override // com.sun.enterprise.deployment.annotation.handlers.AbstractCommonAttributeHandler
    protected HandlerProcessingResult processAnnotation(AnnotationInfo annotationInfo, WebBundleContext webBundleContext) throws AnnotationProcessorException {
        return getInvalidAnnotatedElementHandlerResult(webBundleContext, annotationInfo);
    }

    @Override // com.sun.enterprise.deployment.annotation.handlers.PostProcessor
    public void postProcessAnnotation(AnnotationInfo annotationInfo, EjbContext ejbContext) throws AnnotationProcessorException {
        EjbDescriptor descriptor = ejbContext.getDescriptor();
        Annotation annotation = annotationInfo.getAnnotation();
        if (!ejbContext.isInherited() && (descriptor.getMethodPermissionsFromDD() == null || descriptor.getMethodPermissionsFromDD().size() == 0)) {
            Iterator<MethodDescriptor> it = getMethodAllDescriptors(descriptor).iterator();
            while (it.hasNext()) {
                processEjbMethodSecurity(annotation, it.next(), descriptor);
            }
            return;
        }
        Class cls = (Class) annotationInfo.getAnnotatedElement();
        for (MethodDescriptor methodDescriptor : descriptor.getSecurityBusinessMethodDescriptors()) {
            if (cls.equals(ejbContext.getDeclaringClass(methodDescriptor)) && !hasMethodPermissionsFromDD(methodDescriptor, descriptor)) {
                processEjbMethodSecurity(annotation, methodDescriptor, descriptor);
            }
        }
    }

    @Override // com.sun.enterprise.deployment.annotation.handlers.AbstractCommonAttributeHandler
    protected boolean supportTypeInheritance() {
        return true;
    }

    protected Class<? extends Annotation>[] relatedAnnotationTypes() {
        return new Class[0];
    }

    private Set<MethodDescriptor> getMethodAllDescriptors(EjbDescriptor ejbDescriptor) {
        HashSet hashSet = new HashSet();
        if (ejbDescriptor.isRemoteInterfacesSupported() || ejbDescriptor.isRemoteBusinessInterfacesSupported()) {
            hashSet.add(new MethodDescriptor("*", "", "Remote"));
            if (ejbDescriptor.isRemoteInterfacesSupported()) {
                hashSet.add(new MethodDescriptor("*", "", MethodDescriptor.EJB_HOME));
            }
        }
        if (ejbDescriptor.isLocalInterfacesSupported() || ejbDescriptor.isLocalBusinessInterfacesSupported()) {
            hashSet.add(new MethodDescriptor("*", "", "Local"));
            if (ejbDescriptor.isLocalInterfacesSupported()) {
                hashSet.add(new MethodDescriptor("*", "", MethodDescriptor.EJB_LOCALHOME));
            }
        }
        if (ejbDescriptor.isLocalBean()) {
            hashSet.add(new MethodDescriptor("*", "", "Local"));
        }
        if (ejbDescriptor.hasWebServiceEndpointInterface()) {
            hashSet.add(new MethodDescriptor("*", "", MethodDescriptor.EJB_WEB_SERVICE));
        }
        return hashSet;
    }

    private boolean hasMethodPermissionsFromDD(MethodDescriptor methodDescriptor, EjbDescriptor ejbDescriptor) {
        Map<MethodPermission, List<MethodDescriptor>> methodPermissionsFromDD = ejbDescriptor.getMethodPermissionsFromDD();
        if (methodPermissionsFromDD == null) {
            return false;
        }
        Set<MethodDescriptor> methodDescriptors = ejbDescriptor.getMethodDescriptors();
        Iterator<List<MethodDescriptor>> it = methodPermissionsFromDD.values().iterator();
        while (it.hasNext()) {
            Iterator<MethodDescriptor> it2 = it.next().iterator();
            while (it2.hasNext()) {
                Iterator it3 = it2.next().doStyleConversion(ejbDescriptor, methodDescriptors).iterator();
                while (it3.hasNext()) {
                    if (methodDescriptor.equals((MethodDescriptor) it3.next())) {
                        return true;
                    }
                }
            }
        }
        return false;
    }

    private boolean validateAccessControlAnnotations(AnnotationInfo annotationInfo) throws AnnotationProcessorException {
        boolean z = true;
        AnnotatedElement annotatedElement = annotationInfo.getAnnotatedElement();
        int i = 0 + (annotatedElement.isAnnotationPresent(RolesAllowed.class) ? 1 : 0);
        if (annotatedElement.isAnnotationPresent(DenyAll.class)) {
            i++;
        }
        if (i < 2 && annotatedElement.isAnnotationPresent(PermitAll.class)) {
            i++;
        }
        if (i > 1) {
            log(Level.SEVERE, annotationInfo, localStrings.getLocalString("enterprise.deployment.annotation.handlers.morethanoneauthannotation", "One cannot have more than one of @RolesAllowed, @PermitAll, @DenyAll in the same AnnotatedElement."));
            z = false;
        }
        return z;
    }
}
