package org.openremote.container.security.keycloak;

import org.keycloak.representations.AccessToken;
import org.openremote.container.security.AuthContext;

/* loaded from: input_file:org/openremote/container/security/keycloak/AccessTokenAuthContext.class */
public class AccessTokenAuthContext implements AuthContext {
    protected final String authenticatedRealm;
    protected final AccessToken accessToken;

    public AccessTokenAuthContext(String str, AccessToken accessToken) {
        this.authenticatedRealm = str;
        this.accessToken = accessToken;
    }

    @Override // org.openremote.container.security.AuthContext
    public String getAuthenticatedRealmName() {
        return this.authenticatedRealm;
    }

    @Override // org.openremote.container.security.AuthContext
    public String getUsername() {
        return this.accessToken.getPreferredUsername();
    }

    @Override // org.openremote.container.security.AuthContext
    public String getUserId() {
        return this.accessToken.getSubject();
    }

    @Override // org.openremote.container.security.AuthContext
    public String getClientId() {
        return this.accessToken.getIssuedFor();
    }

    @Override // org.openremote.container.security.AuthContext
    public boolean hasRealmRole(String str) {
        return this.accessToken.getRealmAccess() != null && this.accessToken.getRealmAccess().isUserInRole(str);
    }

    @Override // org.openremote.container.security.AuthContext
    public boolean hasResourceRole(String str, String str2) {
        return this.accessToken.getResourceAccess().containsKey(str2) && ((AccessToken.Access) this.accessToken.getResourceAccess().get(str2)).isUserInRole(str);
    }
}
