package com.atlassian.plugins.rest.helloworld;

import com.atlassian.plugins.rest.common.security.AnonymousAllowed;
import com.atlassian.plugins.rest.common.security.AuthenticationContext;
import com.atlassian.sal.api.net.Request;
import com.atlassian.sal.api.net.RequestFactory;
import com.atlassian.sal.api.net.ResponseException;
import java.security.Principal;
import javax.ws.rs.GET;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.core.Context;

@Path("/helloworld")
/* loaded from: input_file:com/atlassian/plugins/rest/helloworld/HelloWorld.class */
public class HelloWorld {
    private final RequestFactory requestFactory;

    public HelloWorld(RequestFactory requestFactory) {
        this.requestFactory = requestFactory;
    }

    @GET
    @Produces({"text/plain"})
    @Path("/authenticated")
    public String getAuthenticatedMessage() {
        return "Hello Authenticated World";
    }

    @GET
    @Path("/callingself")
    @Produces({"text/plain"})
    @AnonymousAllowed
    public String getAnonymousMessageFromSelf() throws ResponseException {
        return this.requestFactory.createRequest(Request.MethodType.GET, System.getProperty("baseurl") + "/rest/refimpl/1/helloworld/anonymous").execute();
    }

    @GET
    @Path("/anonymous")
    @Produces({"text/plain"})
    @AnonymousAllowed
    public String getAnonymousMessage() {
        return "Hello Anonymous World";
    }

    @GET
    @Path("/admin")
    @Produces({"text/plain"})
    @AnonymousAllowed
    public String getMessageForAdmin(@Context AuthenticationContext authenticationContext) {
        checkIsUser(authenticationContext, "admin");
        return "Hello " + authenticationContext.getPrincipal();
    }

    private void checkIsUser(AuthenticationContext authenticationContext, String str) {
        Principal principal = authenticationContext.getPrincipal();
        if (principal == null || !principal.getName().equals(str)) {
            throw new SecurityException("You're not '" + str + "' I know who you really are'" + principal + "', you can't access this information");
        }
    }
}
