package org.springframework.boot.actuate.health;

import java.security.Principal;
import java.util.Iterator;
import java.util.Set;
import java.util.function.Supplier;
import org.springframework.boot.actuate.endpoint.SecurityContext;
import org.springframework.boot.actuate.endpoint.web.WebEndpointResponse;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.util.ClassUtils;
import org.springframework.util.CollectionUtils;

@Deprecated
/* loaded from: input_file:BOOT-INF/lib/spring-boot-actuator-2.2.13.RELEASE.jar:org/springframework/boot/actuate/health/HealthWebEndpointResponseMapper.class */
public class HealthWebEndpointResponseMapper {
    private final HealthStatusHttpMapper statusHttpMapper;
    private final ShowDetails showDetails;
    private final Set<String> authorizedRoles;

    public HealthWebEndpointResponseMapper(HealthStatusHttpMapper healthStatusHttpMapper, ShowDetails showDetails, Set<String> set) {
        this.statusHttpMapper = healthStatusHttpMapper;
        this.showDetails = showDetails;
        this.authorizedRoles = set;
    }

    public WebEndpointResponse<Health> mapDetails(Supplier<Health> supplier, SecurityContext securityContext) {
        Health health;
        return (!canSeeDetails(securityContext, this.showDetails) || (health = supplier.get()) == null) ? new WebEndpointResponse<>(404) : createWebEndpointResponse(health);
    }

    public WebEndpointResponse<Health> map(Health health, SecurityContext securityContext) {
        return map(health, securityContext, this.showDetails);
    }

    public WebEndpointResponse<Health> map(Health health, SecurityContext securityContext, ShowDetails showDetails) {
        if (!canSeeDetails(securityContext, showDetails)) {
            health = Health.status(health.getStatus()).build();
        }
        return createWebEndpointResponse(health);
    }

    private WebEndpointResponse<Health> createWebEndpointResponse(Health health) {
        return new WebEndpointResponse<>(health, Integer.valueOf(this.statusHttpMapper.mapStatus(health.getStatus())).intValue());
    }

    private boolean canSeeDetails(SecurityContext securityContext, ShowDetails showDetails) {
        return showDetails != ShowDetails.NEVER && (showDetails != ShowDetails.WHEN_AUTHORIZED || (securityContext.getPrincipal() != null && isUserInRole(securityContext)));
    }

    private boolean isUserInRole(SecurityContext securityContext) {
        if (CollectionUtils.isEmpty(this.authorizedRoles)) {
            return true;
        }
        Principal principal = securityContext.getPrincipal();
        boolean isSpringSecurityAuthentication = isSpringSecurityAuthentication(principal);
        for (String str : this.authorizedRoles) {
            if (securityContext.isUserInRole(str)) {
                return true;
            }
            if (isSpringSecurityAuthentication) {
                Iterator<? extends GrantedAuthority> it = ((Authentication) principal).getAuthorities().iterator();
                while (it.hasNext()) {
                    if (str.equals(it.next().getAuthority())) {
                        return true;
                    }
                }
            }
        }
        return false;
    }

    private boolean isSpringSecurityAuthentication(Principal principal) {
        return ClassUtils.isPresent("org.springframework.security.core.Authentication", null) && (principal instanceof Authentication);
    }
}
