package org.primeframework.mvc.security;

import com.google.inject.Inject;
import java.util.Iterator;
import javax.servlet.http.HttpServletRequest;
import org.primeframework.jwt.domain.JWT;
import org.primeframework.mvc.PrimeException;
import org.primeframework.mvc.action.ActionInvocation;
import org.primeframework.mvc.action.ActionInvocationStore;
import org.primeframework.mvc.action.JWTMethodConfiguration;
import org.primeframework.mvc.action.config.ActionConfiguration;
import org.primeframework.mvc.parameter.el.ExpressionException;
import org.primeframework.mvc.servlet.HTTPMethod;
import org.primeframework.mvc.util.ReflectionUtils;

/* loaded from: input_file:org/primeframework/mvc/security/JWTSecurityScheme.class */
public class JWTSecurityScheme implements SecurityScheme {
    protected final ActionInvocationStore actionInvocationStore;
    protected final JWTConstraintsValidator constraintsValidator;
    protected final HttpServletRequest request;
    private JWTSecurityContext jwtSecurityContext;

    @Inject
    public JWTSecurityScheme(ActionInvocationStore actionInvocationStore, JWTConstraintsValidator jWTConstraintsValidator, JWTSecurityContext jWTSecurityContext, HttpServletRequest httpServletRequest) {
        this.actionInvocationStore = actionInvocationStore;
        this.constraintsValidator = jWTConstraintsValidator;
        this.jwtSecurityContext = jWTSecurityContext;
        this.request = httpServletRequest;
    }

    @Override // org.primeframework.mvc.security.SecurityScheme
    public void handle(String[] strArr) {
        ActionInvocation current = this.actionInvocationStore.getCurrent();
        JWT jwt = this.jwtSecurityContext.getJWT();
        if (!this.constraintsValidator.validate(jwt, strArr)) {
            throw new UnauthorizedException();
        }
        ActionConfiguration actionConfiguration = current.configuration;
        HTTPMethod valueOf = HTTPMethod.valueOf(this.request.getMethod().toUpperCase());
        if (actionConfiguration.jwtAuthorizationMethods.containsKey(valueOf)) {
            Iterator<JWTMethodConfiguration> it = actionConfiguration.jwtAuthorizationMethods.get(valueOf).iterator();
            while (it.hasNext()) {
                try {
                    if (!((Boolean) ReflectionUtils.invoke(it.next().method, current.action, jwt)).booleanValue()) {
                        throw new UnauthorizedException();
                    }
                } catch (ExpressionException e) {
                    throw new PrimeException("Unable to invoke @JWTAuthorizeMethod on the class [" + actionConfiguration.actionClass + "]", e);
                }
            }
        }
    }
}
