package de.otto.hmac.authorization;

import java.util.Arrays;
import java.util.HashSet;
import javax.servlet.http.HttpServletRequest;
import org.aspectj.lang.JoinPoint;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Before;

@Aspect
/* loaded from: input_file:de/otto/hmac/authorization/RolesAuthorizationAspect.class */
public class RolesAuthorizationAspect {
    private final AuthorizationService authorizationService;
    private final HttpServletRequest request;

    public RolesAuthorizationAspect(AuthorizationService authorizationService, HttpServletRequest httpServletRequest) {
        this.authorizationService = authorizationService;
        this.request = httpServletRequest;
    }

    @Before("@annotation(allowedForRoles)")
    public void assertAuthorized(JoinPoint joinPoint, AllowedForRoles allowedForRoles) {
        this.authorizationService.authorize(getUsername(this.request), new HashSet(Arrays.asList(allowedForRoles.value())));
    }

    private static String getUsername(HttpServletRequest httpServletRequest) {
        Object attribute = httpServletRequest.getAttribute("authenticated-username");
        if (attribute != null) {
            return attribute.toString();
        }
        return null;
    }
}
