package org.apache.cxf.systest.ws.saml;

import java.util.Iterator;
import java.util.List;
import org.apache.cxf.message.Message;
import org.apache.cxf.rt.security.xacml.AbstractXACMLAuthorizingInterceptor;
import org.opensaml.Configuration;
import org.opensaml.xacml.XACMLObjectBuilder;
import org.opensaml.xacml.ctx.AttributeType;
import org.opensaml.xacml.ctx.AttributeValueType;
import org.opensaml.xacml.ctx.DecisionType;
import org.opensaml.xacml.ctx.RequestType;
import org.opensaml.xacml.ctx.ResponseType;
import org.opensaml.xacml.ctx.ResultType;
import org.opensaml.xacml.ctx.StatusCodeType;
import org.opensaml.xacml.ctx.StatusType;
import org.opensaml.xacml.ctx.SubjectType;
import org.opensaml.xml.XMLObjectBuilderFactory;

/* loaded from: input_file:org/apache/cxf/systest/ws/saml/XACMLAuthorizingInterceptor.class */
public class XACMLAuthorizingInterceptor extends AbstractXACMLAuthorizingInterceptor {
    public ResponseType performRequest(RequestType requestType, Message message) throws Exception {
        XMLObjectBuilderFactory builderFactory = Configuration.getBuilderFactory();
        XACMLObjectBuilder builder = builderFactory.getBuilder(ResponseType.DEFAULT_ELEMENT_NAME);
        XACMLObjectBuilder builder2 = builderFactory.getBuilder(ResultType.DEFAULT_ELEMENT_NAME);
        XACMLObjectBuilder builder3 = builderFactory.getBuilder(DecisionType.DEFAULT_ELEMENT_NAME);
        XACMLObjectBuilder builder4 = builderFactory.getBuilder(StatusType.DEFAULT_ELEMENT_NAME);
        XACMLObjectBuilder builder5 = builderFactory.getBuilder(StatusCodeType.DEFAULT_ELEMENT_NAME);
        DecisionType buildObject = builder3.buildObject();
        if ("manager".equals(getSubjectRole(requestType))) {
            buildObject.setDecision(DecisionType.DECISION.Permit);
        } else {
            buildObject.setDecision(DecisionType.DECISION.Deny);
        }
        ResultType buildObject2 = builder2.buildObject();
        buildObject2.setDecision(buildObject);
        StatusType buildObject3 = builder4.buildObject();
        StatusCodeType buildObject4 = builder5.buildObject();
        buildObject4.setValue("urn:oasis:names:tc:xacml:1.0:status:ok");
        buildObject3.setStatusCode(buildObject4);
        buildObject2.setStatus(buildObject3);
        ResponseType buildObject5 = builder.buildObject();
        buildObject5.setResult(buildObject2);
        return buildObject5;
    }

    private String getSubjectRole(RequestType requestType) {
        List subjects = requestType.getSubjects();
        if (subjects == null) {
            return null;
        }
        Iterator it = subjects.iterator();
        while (it.hasNext()) {
            List<AttributeType> attributes = ((SubjectType) it.next()).getAttributes();
            if (attributes != null) {
                for (AttributeType attributeType : attributes) {
                    if ("urn:oasis:names:tc:xacml:2.0:subject:role".equals(attributeType.getAttributeID())) {
                        return ((AttributeValueType) attributeType.getAttributeValues().get(0)).getValue();
                    }
                }
            }
        }
        return null;
    }
}
