package gov.nih.nci.cagrid.gme.security;

import gov.nih.nci.cagrid.security.AuthorizationException;
import gov.nih.nci.cagrid.security.AuthorizationManager;
import java.security.Principal;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import javax.security.auth.Subject;
import javax.xml.namespace.QName;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: input_file:gov/nih/nci/cagrid/gme/security/GMEAuthorizationManager.class */
public class GMEAuthorizationManager implements AuthorizationManager {
    private static String GME_NS = "http://cagrid.nci.nih.gov/GME";
    private static List authorizationMethods = new ArrayList();
    private static Log LOG;
    static Class class$gov$nih$nci$cagrid$gme$security$GMEAuthorizationManager;

    private static void addAuthorizedOperation(String str, String str2) {
        authorizationMethods.add(new QName(str, str2));
    }

    @Override // gov.nih.nci.cagrid.security.AuthorizationManager
    public void authorize(Subject subject, QName qName, String str) throws AuthorizationException {
        if (LOG.isDebugEnabled()) {
            LOG.debug(new StringBuffer().append("Attempted call [").append(qName).append("] from [").append(subject).append("] on [").append(str).append("]").toString());
        }
        if (authorizationMethods.contains(qName)) {
            if (LOG.isInfoEnabled()) {
                LOG.info(new StringBuffer().append("Attempted call [").append(qName).append("] from [").append(subject).append("] on [").append(str).append("]").toString());
            }
            if (subject == null || subject.getPrincipals() == null || subject.getPrincipals().isEmpty()) {
                throw new AuthorizationException("Credential subject was null.  A valid Credential is required for modifying operations!");
            }
            Principal next = subject.getPrincipals().iterator().next();
            if (next.getName() == null || next.getName().trim().equals("")) {
                throw new AuthorizationException("Anonymous credentails not allowed for modifying operations!");
            }
            if (LOG.isInfoEnabled()) {
                LOG.info("Allowing call.");
            }
        }
    }

    @Override // gov.nih.nci.cagrid.security.AuthorizationManager
    public void authorize(Subject subject, Object obj) throws AuthorizationException {
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$gov$nih$nci$cagrid$gme$security$GMEAuthorizationManager == null) {
            cls = class$("gov.nih.nci.cagrid.gme.security.GMEAuthorizationManager");
            class$gov$nih$nci$cagrid$gme$security$GMEAuthorizationManager = cls;
        } else {
            cls = class$gov$nih$nci$cagrid$gme$security$GMEAuthorizationManager;
        }
        LOG = LogFactory.getLog(cls.getName());
        addAuthorizedOperation(GME_NS, "addNamespace");
        addAuthorizedOperation(GME_NS, "removeNamespace");
        addAuthorizedOperation(GME_NS, "addSubordinateNamespace");
        addAuthorizedOperation(GME_NS, "publishSchema");
        addAuthorizedOperation(GME_NS, "addPeer");
        addAuthorizedOperation(GME_NS, "removePeer");
        addAuthorizedOperation(GME_NS, "destroyService");
        if (LOG.isDebugEnabled()) {
            Iterator it = authorizationMethods.iterator();
            while (it.hasNext()) {
                LOG.debug(new StringBuffer().append("Protecting operation:").append((QName) it.next()).toString());
            }
        }
    }
}
