package org.acme.security;

import java.security.AccessControlException;
import java.security.AccessController;
import java.security.AllPermission;
import java.security.Permission;
import java.security.PrivilegedAction;
import java.security.ProtectionDomain;
import java.util.LinkedList;
import java.util.List;
import org.glassfish.hk2.api.ActiveDescriptor;
import org.glassfish.hk2.api.Injectee;
import org.glassfish.hk2.api.Operation;
import org.glassfish.hk2.api.ValidationInformation;
import org.glassfish.hk2.api.Validator;

/* loaded from: input_file:org/acme/security/ValidatorImpl.class */
public class ValidatorImpl implements Validator {
    private static final boolean VERBOSE = Boolean.parseBoolean(System.getProperty("org.jvnet.hk2.examples.securitylockdown.debug", "false"));
    private static final String ACCESS_IN_PACKAGE = "accessClassInPackage.";

    /* renamed from: org.acme.security.ValidatorImpl$2, reason: invalid class name */
    /* loaded from: input_file:org/acme/security/ValidatorImpl$2.class */
    static /* synthetic */ class AnonymousClass2 {
        static final /* synthetic */ int[] $SwitchMap$org$glassfish$hk2$api$Operation = new int[Operation.values().length];

        static {
            try {
                $SwitchMap$org$glassfish$hk2$api$Operation[Operation.BIND.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$org$glassfish$hk2$api$Operation[Operation.UNBIND.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$org$glassfish$hk2$api$Operation[Operation.LOOKUP.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
        }
    }

    private boolean validateBindAndUnbind() {
        return checkPerm(new AllPermission());
    }

    private boolean validateLookupAPI(ActiveDescriptor<?> activeDescriptor) {
        for (Permission permission : getLookupPermissions(activeDescriptor)) {
            if (!checkPerm(permission)) {
                if (!VERBOSE) {
                    return false;
                }
                System.out.println("candidate " + activeDescriptor + " LOOKUP FAILED the security check for permission " + permission);
                return false;
            }
        }
        return true;
    }

    private boolean validateInjection(ActiveDescriptor<?> activeDescriptor, Injectee injectee) {
        List<Permission> lookupPermissions = getLookupPermissions(activeDescriptor);
        final Class injecteeClass = injectee.getInjecteeClass();
        ProtectionDomain protectionDomain = (ProtectionDomain) AccessController.doPrivileged(new PrivilegedAction<ProtectionDomain>() { // from class: org.acme.security.ValidatorImpl.1
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedAction
            public ProtectionDomain run() {
                return injecteeClass.getProtectionDomain();
            }
        });
        for (Permission permission : lookupPermissions) {
            if (!protectionDomain.implies(permission)) {
                if (!VERBOSE) {
                    return false;
                }
                System.out.println("candidate " + activeDescriptor + " injectee " + injectee + " LOOKUP FAILED the security check for " + permission);
                return false;
            }
        }
        return true;
    }

    private boolean validateLookup(ActiveDescriptor<?> activeDescriptor, Injectee injectee) {
        return injectee == null ? validateLookupAPI(activeDescriptor) : validateInjection(activeDescriptor, injectee);
    }

    public boolean validate(ValidationInformation validationInformation) {
        switch (AnonymousClass2.$SwitchMap$org$glassfish$hk2$api$Operation[validationInformation.getOperation().ordinal()]) {
            case 1:
            case 2:
                return validateBindAndUnbind();
            case 3:
                return validateLookup(validationInformation.getCandidate(), validationInformation.getInjectee());
            default:
                return false;
        }
    }

    private static Permission getLookupPermission(String str) {
        return new RuntimePermission("accessClassInPackage." + str);
    }

    private static List<Permission> getLookupPermissions(ActiveDescriptor<?> activeDescriptor) {
        LinkedList linkedList = new LinkedList();
        for (String str : activeDescriptor.getAdvertisedContracts()) {
            linkedList.add(getLookupPermission(str.substring(0, str.lastIndexOf(46))));
        }
        return linkedList;
    }

    private static boolean checkPerm(Permission permission) {
        try {
            AccessController.checkPermission(permission);
            return true;
        } catch (AccessControlException e) {
            return false;
        }
    }
}
