package org.clazzes.gwt.sec.server;

import java.lang.reflect.Method;
import java.security.Principal;
import org.aopalliance.intercept.MethodInvocation;
import org.clazzes.gwt.osgi.AbstractHttpMethodInterceptor;
import org.clazzes.gwt.sec.shared.CheckedRemoteService;
import org.clazzes.gwt.sec.shared.LoginRequiredException;
import org.clazzes.util.http.sec.HttpLoginService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/clazzes/gwt/sec/server/HttpLoginInterceptor.class */
public class HttpLoginInterceptor extends AbstractHttpMethodInterceptor {
    private static final Logger log = LoggerFactory.getLogger(HttpLoginInterceptor.class);
    private static final Method checkLoginMethod;
    private HttpLoginService loginService;
    private HttpContextProvider contextProvider;

    public Object invoke(MethodInvocation methodInvocation) throws Throwable {
        Principal checkLogin = this.loginService.checkLogin(getThreadLocalRequest());
        if (checkLogin == null) {
            String loginUrl = this.loginService.getLoginUrl();
            log.warn("Try to execute operation [" + methodInvocation.getMethod() + "] without login, throwing LoginRequiredException with login URL [" + loginUrl + "].");
            throw new LoginRequiredException(loginUrl);
        }
        if (methodInvocation.getMethod() == checkLoginMethod) {
            return checkLogin.getName();
        }
        String str = null;
        if (this.contextProvider != null) {
            str = this.contextProvider.getContextUrl(methodInvocation);
        }
        if (str != null) {
            if (!this.loginService.checkPermission(getThreadLocalRequest(), str)) {
                String str2 = "Permission denied on context [" + str + "] to user [" + checkLogin + "].";
                log.error(str2);
                throw new SecurityException(str2);
            }
            if (log.isDebugEnabled()) {
                log.debug("User [" + checkLogin + "] executes operation [" + methodInvocation.getMethod() + "] in context [" + str + "].");
            }
        } else if (log.isDebugEnabled()) {
            log.debug("User [" + checkLogin + "] executes operation [" + methodInvocation.getMethod() + "].");
        }
        return methodInvocation.proceed();
    }

    public HttpLoginService getLoginService() {
        return this.loginService;
    }

    public void setLoginService(HttpLoginService httpLoginService) {
        this.loginService = httpLoginService;
    }

    public HttpContextProvider getContextProvider() {
        return this.contextProvider;
    }

    public void setContextProvider(HttpContextProvider httpContextProvider) {
        this.contextProvider = httpContextProvider;
    }

    static {
        try {
            checkLoginMethod = CheckedRemoteService.class.getMethod("checkLogin", new Class[0]);
        } catch (NoSuchMethodException e) {
            throw new RuntimeException("Cannot find method org.clazzes.gwt.sec.shared.CheckedRemoteService.checkLogin()", e);
        }
    }
}
