package org.keycloak.protocol.oidc.mappers;

import java.util.ArrayList;
import java.util.List;
import org.keycloak.models.ClientSessionModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.ProtocolMapperModel;
import org.keycloak.models.UserSessionModel;
import org.keycloak.models.utils.KeycloakModelUtils;
import org.keycloak.protocol.ProtocolMapperUtils;
import org.keycloak.provider.ProviderConfigProperty;
import org.keycloak.representations.AccessToken;
import org.keycloak.representations.IDToken;

/* loaded from: input_file:wildfly-10.1.0.Final/modules/system/add-ons/keycloak/org/keycloak/keycloak-services/main/keycloak-services-2.1.0.Final.jar:org/keycloak/protocol/oidc/mappers/UserAttributeMapper.class */
public class UserAttributeMapper extends AbstractOIDCProtocolMapper implements OIDCAccessTokenMapper, OIDCIDTokenMapper, UserInfoTokenMapper {
    private static final List<ProviderConfigProperty> configProperties = new ArrayList();
    public static final String PROVIDER_ID = "oidc-usermodel-attribute-mapper";

    @Override // org.keycloak.provider.ConfiguredProvider
    public List<ProviderConfigProperty> getConfigProperties() {
        return configProperties;
    }

    @Override // org.keycloak.provider.ProviderFactory
    public String getId() {
        return PROVIDER_ID;
    }

    @Override // org.keycloak.protocol.ProtocolMapper
    public String getDisplayType() {
        return "User Attribute";
    }

    @Override // org.keycloak.protocol.ProtocolMapper
    public String getDisplayCategory() {
        return AbstractOIDCProtocolMapper.TOKEN_MAPPER_CATEGORY;
    }

    @Override // org.keycloak.provider.ConfiguredProvider
    public String getHelpText() {
        return "Map a custom user attribute to a token claim.";
    }

    @Override // org.keycloak.protocol.oidc.mappers.OIDCAccessTokenMapper
    public AccessToken transformAccessToken(AccessToken accessToken, ProtocolMapperModel protocolMapperModel, KeycloakSession keycloakSession, UserSessionModel userSessionModel, ClientSessionModel clientSessionModel) {
        if (!OIDCAttributeMapperHelper.includeInAccessToken(protocolMapperModel)) {
            return accessToken;
        }
        setClaim(accessToken, protocolMapperModel, userSessionModel);
        return accessToken;
    }

    protected void setClaim(IDToken iDToken, ProtocolMapperModel protocolMapperModel, UserSessionModel userSessionModel) {
        List<String> resolveAttribute = KeycloakModelUtils.resolveAttribute(userSessionModel.getUser(), protocolMapperModel.getConfig().get("user.attribute"));
        if (resolveAttribute == null) {
            return;
        }
        OIDCAttributeMapperHelper.mapClaim(iDToken, protocolMapperModel, resolveAttribute);
    }

    @Override // org.keycloak.protocol.oidc.mappers.OIDCIDTokenMapper
    public IDToken transformIDToken(IDToken iDToken, ProtocolMapperModel protocolMapperModel, KeycloakSession keycloakSession, UserSessionModel userSessionModel, ClientSessionModel clientSessionModel) {
        if (!OIDCAttributeMapperHelper.includeInIDToken(protocolMapperModel)) {
            return iDToken;
        }
        setClaim(iDToken, protocolMapperModel, userSessionModel);
        return iDToken;
    }

    @Override // org.keycloak.protocol.oidc.mappers.UserInfoTokenMapper
    public AccessToken transformUserInfoToken(AccessToken accessToken, ProtocolMapperModel protocolMapperModel, KeycloakSession keycloakSession, UserSessionModel userSessionModel, ClientSessionModel clientSessionModel) {
        if (!OIDCAttributeMapperHelper.includeInUserInfo(protocolMapperModel)) {
            return accessToken;
        }
        setClaim(accessToken, protocolMapperModel, userSessionModel);
        return accessToken;
    }

    public static ProtocolMapperModel createClaimMapper(String str, String str2, String str3, String str4, boolean z, String str5, boolean z2, boolean z3, boolean z4) {
        ProtocolMapperModel createClaimMapper = OIDCAttributeMapperHelper.createClaimMapper(str, str2, str3, str4, z, str5, z2, z3, PROVIDER_ID);
        if (z4) {
            createClaimMapper.getConfig().put(ProtocolMapperUtils.MULTIVALUED, "true");
        }
        return createClaimMapper;
    }

    static {
        ProviderConfigProperty providerConfigProperty = new ProviderConfigProperty();
        providerConfigProperty.setName("user.attribute");
        providerConfigProperty.setLabel(ProtocolMapperUtils.USER_MODEL_ATTRIBUTE_LABEL);
        providerConfigProperty.setHelpText(ProtocolMapperUtils.USER_MODEL_ATTRIBUTE_HELP_TEXT);
        providerConfigProperty.setType("String");
        configProperties.add(providerConfigProperty);
        OIDCAttributeMapperHelper.addAttributeConfig(configProperties);
        ProviderConfigProperty providerConfigProperty2 = new ProviderConfigProperty();
        providerConfigProperty2.setName(ProtocolMapperUtils.MULTIVALUED);
        providerConfigProperty2.setLabel(ProtocolMapperUtils.MULTIVALUED_LABEL);
        providerConfigProperty2.setHelpText(ProtocolMapperUtils.MULTIVALUED_HELP_TEXT);
        providerConfigProperty2.setType("boolean");
        configProperties.add(providerConfigProperty2);
    }
}
