package org.eclipse.jetty.security;

import java.io.Serializable;
import java.util.Set;
import org.eclipse.jetty.server.Authentication;
import org.eclipse.jetty.server.Handler;
import org.eclipse.jetty.server.UserIdentity;
import org.eclipse.jetty.util.security.Constraint;

/* loaded from: input_file:BOOT-INF/lib/jetty-security-9.4.8.v20171121.jar:org/eclipse/jetty/security/AbstractUserAuthentication.class */
public abstract class AbstractUserAuthentication implements Authentication.User, Serializable {
    private static final long serialVersionUID = -6290411814232723403L;
    protected String _method;
    protected transient UserIdentity _userIdentity;

    public AbstractUserAuthentication(String str, UserIdentity userIdentity) {
        this._method = str;
        this._userIdentity = userIdentity;
    }

    @Override // org.eclipse.jetty.server.Authentication.User
    public String getAuthMethod() {
        return this._method;
    }

    @Override // org.eclipse.jetty.server.Authentication.User
    public UserIdentity getUserIdentity() {
        return this._userIdentity;
    }

    @Override // org.eclipse.jetty.server.Authentication.User
    public boolean isUserInRole(UserIdentity.Scope scope, String str) {
        String str2 = null;
        if (scope != null && scope.getRoleRefMap() != null) {
            str2 = scope.getRoleRefMap().get(str);
        }
        if (str2 == null) {
            str2 = str;
        }
        if (!Constraint.ANY_AUTH.equals(str2.trim()) || declaredRolesContains(Constraint.ANY_AUTH)) {
            return this._userIdentity.isUserInRole(str, scope);
        }
        return true;
    }

    public boolean declaredRolesContains(String str) {
        Set<String> roles;
        Handler currentSecurityHandler = SecurityHandler.getCurrentSecurityHandler();
        return currentSecurityHandler != null && (currentSecurityHandler instanceof ConstraintAware) && (roles = ((ConstraintAware) currentSecurityHandler).getRoles()) != null && roles.contains(str);
    }
}
