package org.keycloak.authorization;

import java.util.Map;
import java.util.function.Consumer;
import org.keycloak.authorization.Decision;
import org.keycloak.authorization.model.Policy;
import org.keycloak.authorization.model.Resource;
import org.keycloak.authorization.model.ResourceServer;
import org.keycloak.authorization.permission.ResourcePermission;
import org.keycloak.authorization.policy.evaluation.DefaultPolicyEvaluator;
import org.keycloak.authorization.policy.evaluation.EvaluationContext;
import org.keycloak.authorization.store.PolicyStore;
import org.keycloak.authorization.store.ResourceStore;
import org.keycloak.authorization.store.StoreFactory;

/* loaded from: input_file:org/keycloak/authorization/FGAPPolicyEvaluator.class */
public class FGAPPolicyEvaluator extends DefaultPolicyEvaluator {
    private final Map<String, ? extends ResourceTypePolicyEvaluator> resourceTypePolicyEvaluators = Map.of(AdminPermissionsSchema.USERS_RESOURCE_TYPE, new UserResourceTypePolicyEvaluator());

    @Override // org.keycloak.authorization.policy.evaluation.DefaultPolicyEvaluator, org.keycloak.authorization.policy.evaluation.PolicyEvaluator
    public void evaluate(ResourcePermission resourcePermission, AuthorizationProvider authorizationProvider, EvaluationContext evaluationContext, Decision decision, Map<Policy, Map<Object, Decision.Effect>> map) {
        super.evaluate(resourcePermission, authorizationProvider, evaluationContext, new FGAPDecision(decision), map);
    }

    @Override // org.keycloak.authorization.policy.evaluation.DefaultPolicyEvaluator
    protected void evaluateResourcePolicies(ResourcePermission resourcePermission, AuthorizationProvider authorizationProvider, Consumer<Policy> consumer) {
        ResourceTypePolicyEvaluator resourceTypePolicyEvaluator;
        super.evaluateResourcePolicies(resourcePermission, authorizationProvider, consumer);
        String resourceType = resourcePermission.getResourceType();
        if (resourceType == null || (resourceTypePolicyEvaluator = this.resourceTypePolicyEvaluators.get(resourceType)) == null) {
            return;
        }
        resourceTypePolicyEvaluator.evaluate(resourcePermission, authorizationProvider, consumer);
    }

    @Override // org.keycloak.authorization.policy.evaluation.DefaultPolicyEvaluator
    protected void evaluateResourceTypePolicies(ResourcePermission resourcePermission, AuthorizationProvider authorizationProvider, Consumer<Policy> consumer) {
        String resourceType = resourcePermission.getResourceType();
        Resource resource = resourcePermission.getResource();
        if (resourceType == null || resource.getName().equals(resourcePermission.getResourceType())) {
            return;
        }
        StoreFactory storeFactory = authorizationProvider.getStoreFactory();
        ResourceStore resourceStore = storeFactory.getResourceStore();
        PolicyStore policyStore = storeFactory.getPolicyStore();
        ResourceServer resourceServer = resourcePermission.getResourceServer();
        policyStore.findByResource(resourceServer, resourceStore.findByName(resourceServer, resourceType), consumer);
    }

    @Override // org.keycloak.authorization.policy.evaluation.DefaultPolicyEvaluator
    protected void evaluateScopePolicies(ResourcePermission resourcePermission, AuthorizationProvider authorizationProvider, Consumer<Policy> consumer) {
    }
}
