package com.sun.identity.entitlement;

import com.sun.identity.shared.debug.Debug;
import java.util.Collections;
import java.util.Map;
import java.util.Set;
import javax.security.auth.Subject;
import org.forgerock.openam.sdk.org.apache.commons.lang.StringUtils;
import org.forgerock.openam.sdk.org.forgerock.json.JsonValue;
import org.forgerock.openam.sdk.org.json.JSONException;
import org.forgerock.openam.sdk.org.json.JSONObject;

/* loaded from: input_file:WEB-INF/lib/openam-clientsdk-15.0.3.jar:com/sun/identity/entitlement/JwtClaimSubject.class */
public class JwtClaimSubject implements EntitlementSubject {
    private static final String CLAIM_FIELD = "claimName";
    private static final String VALUE_FIELD = "claimValue";
    private String claimName;
    private String claimValue;
    private static final Debug DEBUG = Debug.getInstance("amEntitlements");
    private static final Map<String, Set<String>> NO_ADVICE = Collections.emptyMap();

    @Override // com.sun.identity.entitlement.EntitlementSubject
    public void setState(String str) {
        try {
            JSONObject jSONObject = new JSONObject(str);
            this.claimName = jSONObject.getString(CLAIM_FIELD);
            this.claimValue = jSONObject.getString(VALUE_FIELD);
        } catch (JSONException e) {
            throw new RuntimeException(e);
        }
    }

    @Override // com.sun.identity.entitlement.EntitlementSubject
    public String getState() {
        try {
            JSONObject jSONObject = new JSONObject();
            jSONObject.put(CLAIM_FIELD, this.claimName);
            jSONObject.put(VALUE_FIELD, this.claimValue);
            return jSONObject.toString(2);
        } catch (JSONException e) {
            throw new RuntimeException(e);
        }
    }

    @Override // com.sun.identity.entitlement.EntitlementSubject
    public Map<String, Set<String>> getSearchIndexAttributes() {
        return Collections.singletonMap(SubjectAttributesCollector.NAMESPACE_IDENTITY, Collections.singleton("all"));
    }

    @Override // com.sun.identity.entitlement.EntitlementSubject
    public Set<String> getRequiredAttributeNames() {
        return Collections.emptySet();
    }

    @Override // com.sun.identity.entitlement.EntitlementSubject
    public SubjectDecision evaluate(String str, SubjectAttributesManager subjectAttributesManager, Subject subject, String str2, Map<String, Set<String>> map) throws EntitlementException {
        Set principals = subject.getPrincipals(JwtPrincipal.class);
        if (!principals.isEmpty()) {
            return new SubjectDecision(claimMatches(((JwtPrincipal) principals.iterator().next()).getClaim(this.claimName), this.claimValue), NO_ADVICE);
        }
        DEBUG.message("No JWT principal in subject");
        return new SubjectDecision(false, NO_ADVICE);
    }

    public boolean claimMatches(JsonValue jsonValue, String str) {
        if (jsonValue.isNull()) {
            return false;
        }
        if (jsonValue.isString()) {
            return StringUtils.equals(jsonValue.asString(), str);
        }
        if (jsonValue.isCollection()) {
            return jsonValue.asCollection(String.class).contains(str);
        }
        throw new IllegalArgumentException("Claim [" + jsonValue + "] is an unsupported type");
    }

    @Override // com.sun.identity.entitlement.EntitlementSubject
    public boolean isIdentity() {
        return true;
    }

    public void setClaimName(String str) {
        this.claimName = str;
    }

    public String getClaimName() {
        return this.claimName;
    }

    public void setClaimValue(String str) {
        this.claimValue = str;
    }

    public String getClaimValue() {
        return this.claimValue;
    }

    public boolean equals(Object obj) {
        if (this == obj) {
            return true;
        }
        if (obj == null || getClass() != obj.getClass()) {
            return false;
        }
        JwtClaimSubject jwtClaimSubject = (JwtClaimSubject) obj;
        return StringUtils.equals(this.claimName, jwtClaimSubject.claimName) && StringUtils.equals(this.claimValue, jwtClaimSubject.claimValue);
    }

    public int hashCode() {
        return (31 * (this.claimName != null ? this.claimName.hashCode() : 0)) + (this.claimValue != null ? this.claimValue.hashCode() : 0);
    }

    public String toString() {
        return "JwtClaimSubject{ claimName='" + this.claimName + "', claimValue='" + this.claimValue + "' }";
    }
}
