package weblogic.entitlement.rules;

import java.security.Principal;
import javax.security.auth.Subject;
import weblogic.entitlement.util.IdentityDomainUtil;
import weblogic.security.principal.IdentityDomainPrincipal;
import weblogic.security.principal.WLSPrincipal;
import weblogic.security.service.ContextHandler;
import weblogic.security.spi.Resource;
import weblogic.security.spi.WLSGroup;

/* loaded from: input_file:weblogic/entitlement/rules/IDDGroup.class */
public final class IDDGroup extends IDDGroupPredicate {
    public IDDGroup() {
        super("IDDGroupPredicateName", "IDDGroupPredicateDescription");
    }

    @Override // weblogic.security.providers.authorization.Predicate
    public boolean evaluate(Subject subject, Resource resource, ContextHandler contextHandler) {
        return isIDDGroup(subject, getGroup(), getIdd());
    }

    public boolean isIDDGroup(Subject subject, String str, String str2) {
        for (Principal principal : subject.getPrincipals()) {
            if ((principal instanceof WLSPrincipal) && (principal instanceof WLSGroup) && principal.getName().equals(str) && IdentityDomainUtil.isMatch(((IdentityDomainPrincipal) principal).getIdentityDomain(), str2)) {
                return true;
            }
        }
        return false;
    }
}
