package org.eclipse.jetty.security;

import java.security.Principal;
import javax.security.auth.Subject;
import org.eclipse.jetty.security.IdentityService;
import org.eclipse.jetty.security.internal.DefaultUserIdentity;
import org.eclipse.jetty.security.internal.RoleRunAsToken;

/* loaded from: input_file:BOOT-INF/lib/jetty-security-12.0.22.jar:org/eclipse/jetty/security/DefaultIdentityService.class */
public class DefaultIdentityService implements IdentityService {
    private static final ThreadLocal<String> runAsRole = new ThreadLocal<>();
    private static final IdentityService.Association NOOP = () -> {
    };
    private static final IdentityService.Association CLEAR_RUN_AS = () -> {
        runAsRole.set(null);
    };

    public static boolean isRoleAssociated(String str) {
        return str != null && str.equals(runAsRole.get());
    }

    @Override // org.eclipse.jetty.security.IdentityService
    public IdentityService.Association associate(UserIdentity userIdentity, IdentityService.RunAsToken runAsToken) {
        if (!(runAsToken instanceof RoleRunAsToken)) {
            return NOOP;
        }
        String str = runAsRole.get();
        runAsRole.set(((RoleRunAsToken) runAsToken).getRunAsRole());
        return str == null ? CLEAR_RUN_AS : () -> {
            runAsRole.set(str);
        };
    }

    @Override // org.eclipse.jetty.security.IdentityService
    public void onLogout(UserIdentity userIdentity) {
        runAsRole.set(null);
    }

    @Override // org.eclipse.jetty.security.IdentityService
    public IdentityService.RunAsToken newRunAsToken(String str) {
        return new RoleRunAsToken(str);
    }

    @Override // org.eclipse.jetty.security.IdentityService
    public UserIdentity getSystemUserIdentity() {
        return null;
    }

    @Override // org.eclipse.jetty.security.IdentityService
    public UserIdentity newUserIdentity(Subject subject, Principal principal, String[] strArr) {
        return new DefaultUserIdentity(subject, principal, strArr);
    }
}
