package org.camunda.bpm.webapp.impl.security.filter;

import java.util.Map;
import org.camunda.bpm.cockpit.Cockpit;
import org.camunda.bpm.webapp.impl.security.auth.Authentication;
import org.camunda.bpm.webapp.impl.security.auth.Authentications;
import org.camunda.bpm.webapp.impl.security.auth.UserAuthentication;

/* JADX WARN: Classes with same name are omitted:
  input_file:BOOT-INF/lib/camunda-webapp-3.1.0-SP.5-classes.jar:org/camunda/bpm/webapp/impl/security/filter/ApplicationRequestAuthorizer.class
 */
/* loaded from: input_file:BOOT-INF/lib/camunda-webapp-7.10.0-classes.jar:org/camunda/bpm/webapp/impl/security/filter/ApplicationRequestAuthorizer.class */
public class ApplicationRequestAuthorizer implements RequestAuthorizer {
    @Override // org.camunda.bpm.webapp.impl.security.filter.RequestAuthorizer
    public Authorization authorize(Map<String, String> map) {
        Authentications current = Authentications.getCurrent();
        if (current == null) {
            return grantAnnonymous();
        }
        String str = map.get("engine");
        String str2 = map.get("app");
        Authentication authenticationForProcessEngine = current.getAuthenticationForProcessEngine(str);
        if (authenticationForProcessEngine != null && Cockpit.getProcessEngine(str) != null) {
            if (!(authenticationForProcessEngine instanceof UserAuthentication)) {
                return Authorization.denied(Authentication.ANONYMOUS);
            }
            UserAuthentication userAuthentication = (UserAuthentication) authenticationForProcessEngine;
            return userAuthentication.isAuthorizedForApp(str2) ? Authorization.granted(userAuthentication).forApplication(str2) : Authorization.denied(userAuthentication).forApplication(str2);
        }
        return grantAnnonymous();
    }

    private Authorization grantAnnonymous() {
        return Authorization.granted(Authentication.ANONYMOUS);
    }
}
