package cronapi.rest.security;

import cronapi.RestClient;
import cronapi.i18n.Messages;
import java.lang.annotation.Annotation;
import java.lang.reflect.Method;
import java.util.Iterator;
import org.apache.commons.lang3.StringUtils;
import org.springframework.security.core.GrantedAuthority;

/* loaded from: input_file:cronapi/rest/security/BlocklySecurity.class */
public class BlocklySecurity {
    public static void checkSecurity(Class cls, String str) throws Exception {
        Method method;
        if (cls != null) {
            String str2 = null;
            for (Annotation annotation : cls.getAnnotations()) {
                if (annotation.annotationType().getName().equals("cronapi.rest.security.CronappSecurity") && (method = annotation.annotationType().getMethod(str.toLowerCase(), new Class[0])) != null) {
                    str2 = (String) method.invoke(annotation, new Object[0]);
                }
            }
            if (str2 == null || str2.isEmpty()) {
                str2 = "Authenticated";
            }
            if (!isAuthorized(str2.trim().split(";"))) {
                throw new RuntimeException(Messages.getString("notAllowed"));
            }
        }
    }

    public static String getRequestMethodSecurity(CronappSecurity cronappSecurity, String str) {
        String str2 = null;
        if (StringUtils.equals("GET", str)) {
            str2 = cronappSecurity.get();
        } else if (StringUtils.equals("POST", str)) {
            str2 = cronappSecurity.post();
        } else if (StringUtils.equals("PUT", str)) {
            str2 = cronappSecurity.put();
        } else if (StringUtils.equals("DELETE", str)) {
            str2 = cronappSecurity.delete();
        } else if (StringUtils.equals("FILTER", str)) {
            str2 = cronappSecurity.filter();
        } else if (StringUtils.equals("EXECUTE", str)) {
            str2 = cronappSecurity.execute();
        }
        return (String) StringUtils.firstNonBlank(new String[]{str2, "Authenticated"});
    }

    public static boolean isAuthorized(String[] strArr) {
        boolean z = false;
        for (String str : strArr) {
            if (str.equalsIgnoreCase("authenticated")) {
                z = RestClient.getRestClient().getUser() != null;
                if (z) {
                    break;
                }
            }
            if (str.equalsIgnoreCase("permitAll") || str.equalsIgnoreCase("public")) {
                z = true;
                break;
            }
            Iterator<GrantedAuthority> it = RestClient.getRestClient().getAuthorities().iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                if (str.equalsIgnoreCase(it.next().getAuthority())) {
                    z = true;
                    break;
                }
            }
        }
        return z;
    }
}
