package in.priva.olympus.authz.interceptor;

import com.google.common.base.Preconditions;
import in.priva.olympus.authz.annotations.RequiresPermissions;
import in.priva.olympus.authz.domain.model.Permission;
import in.priva.olympus.authz.domain.model.PermissionFactory;
import in.priva.olympus.authz.domain.model.PermissionType;
import in.priva.olympus.authz.domain.model.Subject;
import in.priva.olympus.authz.domain.model.SubjectManager;
import in.priva.olympus.authz.domain.model.exception.SubjectNotFoundException;
import in.priva.olympus.authz.infrastructure.services.AuthorizationService;
import java.util.Arrays;
import java.util.Set;
import java.util.stream.Collectors;
import org.aopalliance.intercept.MethodInterceptor;
import org.aopalliance.intercept.MethodInvocation;

/* loaded from: input_file:in/priva/olympus/authz/interceptor/AuthorizationInterceptor.class */
public final class AuthorizationInterceptor implements MethodInterceptor {
    private final PermissionFactory permissionFactory;
    private final AuthorizationService authorizationService;

    public AuthorizationInterceptor(PermissionFactory permissionFactory, AuthorizationService authorizationService) {
        this.permissionFactory = (PermissionFactory) Preconditions.checkNotNull(permissionFactory);
        this.authorizationService = (AuthorizationService) Preconditions.checkNotNull(authorizationService);
    }

    public Object invoke(MethodInvocation methodInvocation) throws Throwable {
        if (!methodInvocation.getMethod().isAnnotationPresent(RequiresPermissions.class)) {
            return methodInvocation.proceed();
        }
        RequiresPermissions requiresPermissions = (RequiresPermissions) methodInvocation.getMethod().getAnnotation(RequiresPermissions.class);
        Set<Permission> extractRequiredPermissions = extractRequiredPermissions(requiresPermissions);
        Subject subject = SubjectManager.get();
        if (subject == null) {
            throw new SubjectNotFoundException();
        }
        this.authorizationService.authorize(subject, extractRequiredPermissions, requiresPermissions.logical());
        return methodInvocation.proceed();
    }

    private Set<Permission> extractRequiredPermissions(RequiresPermissions requiresPermissions) {
        PermissionType type = requiresPermissions.type();
        return (Set) Arrays.stream(requiresPermissions.value()).map(str -> {
            return this.permissionFactory.getPermission(type, str);
        }).collect(Collectors.toSet());
    }
}
