package org.mule.module.shiro;

import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;
import org.apache.shiro.authz.Permission;
import org.apache.shiro.authz.UnauthorizedException;
import org.apache.shiro.authz.permission.WildcardPermission;
import org.apache.shiro.subject.support.DelegatingSubject;
import org.mule.api.MuleEvent;
import org.mule.api.lifecycle.InitialisationException;
import org.mule.api.security.Authentication;
import org.mule.api.security.CryptoFailureException;
import org.mule.api.security.EncryptionStrategyNotFoundException;
import org.mule.api.security.NotPermittedException;
import org.mule.api.security.SecurityException;
import org.mule.api.security.SecurityProviderNotFoundException;
import org.mule.api.security.UnknownAuthenticationTypeException;
import org.mule.security.AbstractSecurityFilter;

/* loaded from: input_file:org/mule/module/shiro/AuthorizationFilter.class */
public class AuthorizationFilter extends AbstractSecurityFilter {
    private Collection<String> permissions;
    private Collection<String> roles;

    public void doFilter(MuleEvent muleEvent) throws SecurityException, UnknownAuthenticationTypeException, CryptoFailureException, SecurityProviderNotFoundException, EncryptionStrategyNotFoundException, InitialisationException {
        Authentication authentication = muleEvent.getSession().getSecurityContext().getAuthentication();
        if (!(authentication instanceof ShiroAuthenticationResult)) {
            throw new UnknownAuthenticationTypeException(authentication);
        }
        ShiroAuthenticationResult shiroAuthenticationResult = (ShiroAuthenticationResult) authentication;
        try {
            Collection<Permission> permissions = getPermissions(muleEvent);
            if (permissions != null) {
                shiroAuthenticationResult.getSubject().checkPermissions(permissions);
            }
            Collection<String> roles = getRoles(muleEvent);
            if (roles != null) {
                DelegatingSubject subject = shiroAuthenticationResult.getSubject();
                subject.getSecurityManager().checkRoles(subject.getPrincipals(), (String[]) roles.toArray(new String[0]));
            }
        } catch (UnauthorizedException e) {
            throw new NotPermittedException(muleEvent, muleEvent.getSession().getSecurityContext(), this);
        }
    }

    protected Collection<Permission> getPermissions(MuleEvent muleEvent) {
        ArrayList arrayList = new ArrayList();
        if (this.permissions != null) {
            Iterator<String> it = this.permissions.iterator();
            while (it.hasNext()) {
                arrayList.add(new WildcardPermission(it.next()));
            }
        }
        return arrayList;
    }

    protected Collection<String> getRoles(MuleEvent muleEvent) {
        return this.roles;
    }

    public Collection<String> getPermissions() {
        return this.permissions;
    }

    public void setRoles(Collection<String> collection) {
        this.roles = collection;
    }

    public void setPermissions(Collection<String> collection) {
        this.permissions = collection;
    }
}
