package org.keycloak.adapters.saml.elytron;

import java.security.Principal;
import java.security.spec.AlgorithmParameterSpec;
import java.util.HashMap;
import org.keycloak.adapters.saml.SamlPrincipal;
import org.wildfly.security.auth.SupportLevel;
import org.wildfly.security.auth.server.RealmIdentity;
import org.wildfly.security.auth.server.RealmUnavailableException;
import org.wildfly.security.auth.server.SecurityRealm;
import org.wildfly.security.authz.AuthorizationIdentity;
import org.wildfly.security.authz.MapAttributes;
import org.wildfly.security.credential.Credential;
import org.wildfly.security.evidence.BearerTokenEvidence;
import org.wildfly.security.evidence.Evidence;

/* loaded from: input_file:org/keycloak/adapters/saml/elytron/KeycloakSecurityRealm.class */
public class KeycloakSecurityRealm implements SecurityRealm {
    public RealmIdentity getRealmIdentity(Principal principal) throws RealmUnavailableException {
        return principal instanceof SamlPrincipal ? createRealmIdentity((SamlPrincipal) principal) : RealmIdentity.NON_EXISTENT;
    }

    private RealmIdentity createRealmIdentity(final SamlPrincipal samlPrincipal) {
        return new RealmIdentity() { // from class: org.keycloak.adapters.saml.elytron.KeycloakSecurityRealm.1
            public Principal getRealmIdentityPrincipal() {
                return samlPrincipal;
            }

            public SupportLevel getCredentialAcquireSupport(Class<? extends Credential> cls, String str, AlgorithmParameterSpec algorithmParameterSpec) throws RealmUnavailableException {
                return SupportLevel.UNSUPPORTED;
            }

            public <C extends Credential> C getCredential(Class<C> cls) throws RealmUnavailableException {
                return null;
            }

            public SupportLevel getEvidenceVerifySupport(Class<? extends Evidence> cls, String str) throws RealmUnavailableException {
                return KeycloakSecurityRealm.this.isBearerTokenEvidence(cls) ? SupportLevel.SUPPORTED : SupportLevel.UNSUPPORTED;
            }

            public boolean verifyEvidence(Evidence evidence) throws RealmUnavailableException {
                return samlPrincipal != null;
            }

            public boolean exists() throws RealmUnavailableException {
                return samlPrincipal != null;
            }

            public AuthorizationIdentity getAuthorizationIdentity() throws RealmUnavailableException {
                return AuthorizationIdentity.basicIdentity(new MapAttributes(new HashMap(samlPrincipal.getAttributes())));
            }
        };
    }

    public SupportLevel getCredentialAcquireSupport(Class<? extends Credential> cls, String str, AlgorithmParameterSpec algorithmParameterSpec) throws RealmUnavailableException {
        return SupportLevel.UNSUPPORTED;
    }

    public SupportLevel getEvidenceVerifySupport(Class<? extends Evidence> cls, String str) throws RealmUnavailableException {
        return isBearerTokenEvidence(cls) ? SupportLevel.POSSIBLY_SUPPORTED : SupportLevel.UNSUPPORTED;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public boolean isBearerTokenEvidence(Class<?> cls) {
        return cls != null && cls.equals(BearerTokenEvidence.class);
    }
}
