package org.pac4j.core.authorization.checker;

import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.pac4j.core.authorization.authorizer.Authorizer;
import org.pac4j.core.authorization.authorizer.CsrfAuthorizer;
import org.pac4j.core.authorization.authorizer.DefaultAuthorizers;
import org.pac4j.core.authorization.authorizer.IsAnonymousAuthorizer;
import org.pac4j.core.authorization.authorizer.IsAuthenticatedAuthorizer;
import org.pac4j.core.authorization.authorizer.IsFullyAuthenticatedAuthorizer;
import org.pac4j.core.authorization.authorizer.IsRememberedAuthorizer;
import org.pac4j.core.client.Client;
import org.pac4j.core.client.IndirectClient;
import org.pac4j.core.context.WebContext;
import org.pac4j.core.credentials.Credentials;
import org.pac4j.core.profile.UserProfile;
import org.pac4j.core.util.CommonHelper;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:BOOT-INF/lib/pac4j-core-4.1.0.jar:org/pac4j/core/authorization/checker/DefaultAuthorizationChecker.class */
public class DefaultAuthorizationChecker implements AuthorizationChecker {
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) DefaultAuthorizationChecker.class);
    static final CsrfAuthorizer CSRF_AUTHORIZER = new CsrfAuthorizer();
    static final IsAnonymousAuthorizer IS_ANONYMOUS_AUTHORIZER = new IsAnonymousAuthorizer();
    static final IsAuthenticatedAuthorizer IS_AUTHENTICATED_AUTHORIZER = new IsAuthenticatedAuthorizer();
    static final IsFullyAuthenticatedAuthorizer IS_FULLY_AUTHENTICATED_AUTHORIZER = new IsFullyAuthenticatedAuthorizer();
    static final IsRememberedAuthorizer IS_REMEMBERED_AUTHORIZER = new IsRememberedAuthorizer();

    @Override // org.pac4j.core.authorization.checker.AuthorizationChecker
    public boolean isAuthorized(WebContext webContext, List<UserProfile> list, String str, Map<String, Authorizer> map, List<Client<? extends Credentials>> list2) {
        ArrayList arrayList = new ArrayList();
        String str2 = str;
        if (CommonHelper.isBlank(str2)) {
            str2 = computeDefaultAuthorizers(list2);
        }
        for (String str3 : str2.split(",")) {
            String trim = str3.trim();
            if (DefaultAuthorizers.CSRF_CHECK.equalsIgnoreCase(trim)) {
                arrayList.add(CSRF_AUTHORIZER);
            } else if (DefaultAuthorizers.IS_ANONYMOUS.equalsIgnoreCase(trim)) {
                arrayList.add(IS_ANONYMOUS_AUTHORIZER);
            } else if (DefaultAuthorizers.IS_AUTHENTICATED.equalsIgnoreCase(trim)) {
                arrayList.add(IS_AUTHENTICATED_AUTHORIZER);
            } else if (DefaultAuthorizers.IS_FULLY_AUTHENTICATED.equalsIgnoreCase(trim)) {
                arrayList.add(IS_FULLY_AUTHENTICATED_AUTHORIZER);
            } else if (DefaultAuthorizers.IS_REMEMBERED.equalsIgnoreCase(trim)) {
                arrayList.add(IS_REMEMBERED_AUTHORIZER);
            } else if (!"none".equalsIgnoreCase(trim)) {
                CommonHelper.assertNotNull("authorizersMap", map);
                Authorizer authorizer = null;
                Iterator<Map.Entry<String, Authorizer>> it = map.entrySet().iterator();
                while (true) {
                    if (!it.hasNext()) {
                        break;
                    }
                    Map.Entry<String, Authorizer> next = it.next();
                    if (CommonHelper.areEqualsIgnoreCaseAndTrim(next.getKey(), trim)) {
                        authorizer = next.getValue();
                        break;
                    }
                }
                CommonHelper.assertNotNull("authorizersMap['" + trim + "']", authorizer);
                arrayList.add(authorizer);
            }
        }
        return isAuthorized(webContext, list, arrayList);
    }

    protected String computeDefaultAuthorizers(List<Client<? extends Credentials>> list) {
        Iterator<Client<? extends Credentials>> it = list.iterator();
        while (it.hasNext()) {
            if (it.next() instanceof IndirectClient) {
                return DefaultAuthorizers.CSRF_CHECK;
            }
        }
        return "none";
    }

    protected boolean isAuthorized(WebContext webContext, List<UserProfile> list, List<Authorizer> list2) {
        CommonHelper.assertTrue(CommonHelper.isNotEmpty(list), "profiles must not be null or empty");
        if (!CommonHelper.isNotEmpty(list2)) {
            return true;
        }
        for (Authorizer authorizer : list2) {
            boolean isAuthorized = authorizer.isAuthorized(webContext, list);
            LOGGER.debug("Checking authorizer: {} -> {}", authorizer, Boolean.valueOf(isAuthorized));
            if (!isAuthorized) {
                return false;
            }
        }
        return true;
    }
}
