package weblogic.entitlement.rules;

import java.security.Principal;
import javax.security.auth.Subject;
import weblogic.entitlement.util.IdentityDomainUtil;
import weblogic.security.principal.IdentityDomainPrincipal;
import weblogic.security.principal.WLSPrincipal;
import weblogic.security.service.ContextHandler;
import weblogic.security.spi.Resource;
import weblogic.security.spi.WLSGroup;

/* loaded from: input_file:weblogic/entitlement/rules/OwnerIDDGroup.class */
public final class OwnerIDDGroup extends OwnerIDDGroupPredicate {
    public OwnerIDDGroup() {
        super("OwnerIDDGroupPredicateName", "OwnerIDDGroupPredicateDescription");
    }

    @Override // weblogic.security.providers.authorization.Predicate
    public boolean evaluate(Subject subject, Resource resource, ContextHandler contextHandler) {
        return isOwnerIDDGroup(subject, getGroup(), contextHandler);
    }

    public boolean isOwnerIDDGroup(Subject subject, String str, ContextHandler contextHandler) {
        for (Principal principal : subject.getPrincipals()) {
            if ((principal instanceof WLSPrincipal) && (principal instanceof WLSGroup) && principal.getName().equals(str) && IdentityDomainUtil.isMatch(((IdentityDomainPrincipal) principal).getIdentityDomain(), IdentityDomainUtil.fetchOwnerIDD(contextHandler))) {
                return true;
            }
        }
        return false;
    }
}
