package org.keycloak.authorization.policy.provider.user;

import java.util.Iterator;
import java.util.function.BiFunction;
import org.jboss.logging.Logger;
import org.keycloak.authorization.AuthorizationProvider;
import org.keycloak.authorization.model.Policy;
import org.keycloak.authorization.policy.evaluation.Evaluation;
import org.keycloak.authorization.policy.evaluation.EvaluationContext;
import org.keycloak.authorization.policy.provider.PolicyProvider;
import org.keycloak.representations.idm.authorization.UserPolicyRepresentation;

/* loaded from: input_file:org/keycloak/authorization/policy/provider/user/UserPolicyProvider.class */
public class UserPolicyProvider implements PolicyProvider {
    private static final Logger logger = Logger.getLogger(UserPolicyProvider.class);
    private final BiFunction<Policy, AuthorizationProvider, UserPolicyRepresentation> representationFunction;

    public UserPolicyProvider(BiFunction<Policy, AuthorizationProvider, UserPolicyRepresentation> biFunction) {
        this.representationFunction = biFunction;
    }

    public void evaluate(Evaluation evaluation) {
        EvaluationContext context = evaluation.getContext();
        UserPolicyRepresentation apply = this.representationFunction.apply(evaluation.getPolicy(), evaluation.getAuthorizationProvider());
        Iterator it = apply.getUsers().iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            } else if (context.getIdentity().getId().equals((String) it.next())) {
                evaluation.grant();
                break;
            }
        }
        logger.debugv("User policy {} evaluated to status {} on identity {} with accepted users: {}", new Object[]{evaluation.getPolicy().getName(), evaluation.getEffect(), evaluation.getContext().getIdentity().getId(), apply.getUsers()});
    }

    public void close() {
    }
}
