package org.apache.cxf.interceptor.security;

import java.security.Principal;
import java.security.acl.Group;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.Set;
import javax.security.auth.Subject;
import org.apache.cxf.security.LoginSecurityContext;

/* loaded from: input_file:WEB-INF/lib/cxf-rt-core-2.6.2.jar:org/apache/cxf/interceptor/security/DefaultSecurityContext.class */
public class DefaultSecurityContext implements LoginSecurityContext {
    private Principal p;
    private Subject subject;

    public DefaultSecurityContext(Subject subject) {
        this.p = findPrincipal(subject);
        this.subject = subject;
    }

    public DefaultSecurityContext(Principal principal, Subject subject) {
        this.p = principal;
        this.subject = subject;
    }

    private static Principal findPrincipal(Subject subject) {
        if (subject == null) {
            return null;
        }
        for (Principal principal : subject.getPrincipals()) {
            if (!(principal instanceof Group)) {
                return principal;
            }
        }
        return null;
    }

    @Override // org.apache.cxf.security.SecurityContext
    public Principal getUserPrincipal() {
        return this.p;
    }

    @Override // org.apache.cxf.security.SecurityContext
    public boolean isUserInRole(String str) {
        if (this.subject == null) {
            return false;
        }
        for (Principal principal : this.subject.getPrincipals()) {
            if ((principal instanceof Group) && checkGroup((Group) principal, str)) {
                return true;
            }
            if (this.p != principal && str.equals(principal.getName())) {
                return true;
            }
        }
        return false;
    }

    protected boolean checkGroup(Group group, String str) {
        if (group.getName().equals(str)) {
            return true;
        }
        Enumeration<? extends Principal> members = group.members();
        while (members.hasMoreElements()) {
            Principal nextElement = members.nextElement();
            if (nextElement.getName().equals(str)) {
                return true;
            }
            if ((nextElement instanceof Group) && checkGroup((Group) nextElement, str)) {
                return true;
            }
        }
        return false;
    }

    @Override // org.apache.cxf.security.LoginSecurityContext
    public Subject getSubject() {
        return this.subject;
    }

    @Override // org.apache.cxf.security.LoginSecurityContext
    public Set<Principal> getUserRoles() {
        HashSet hashSet = new HashSet();
        if (this.subject != null) {
            for (Principal principal : this.subject.getPrincipals()) {
                if (principal != this.p) {
                    hashSet.add(principal);
                }
            }
        }
        return hashSet;
    }
}
