package org.keycloak.federation.ldap.mappers.membership;

import java.util.Collections;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Set;
import org.keycloak.federation.ldap.LDAPUtils;
import org.keycloak.federation.ldap.idm.model.LDAPDn;
import org.keycloak.federation.ldap.idm.model.LDAPObject;
import org.keycloak.federation.ldap.idm.query.Condition;
import org.keycloak.federation.ldap.idm.query.internal.LDAPQuery;
import org.keycloak.federation.ldap.idm.query.internal.LDAPQueryConditionsBuilder;
import org.keycloak.models.LDAPConstants;

/* loaded from: input_file:wildfly-10.1.0.Final/modules/system/add-ons/keycloak/org/keycloak/keycloak-ldap-federation/main/keycloak-ldap-federation-2.1.0.Final.jar:org/keycloak/federation/ldap/mappers/membership/UserRolesRetrieveStrategy.class */
public interface UserRolesRetrieveStrategy {

    /* loaded from: input_file:wildfly-10.1.0.Final/modules/system/add-ons/keycloak/org/keycloak/keycloak-ldap-federation/main/keycloak-ldap-federation-2.1.0.Final.jar:org/keycloak/federation/ldap/mappers/membership/UserRolesRetrieveStrategy$GetRolesFromUserMemberOfAttribute.class */
    public static class GetRolesFromUserMemberOfAttribute implements UserRolesRetrieveStrategy {
        @Override // org.keycloak.federation.ldap.mappers.membership.UserRolesRetrieveStrategy
        public List<LDAPObject> getLDAPRoleMappings(CommonLDAPGroupMapper commonLDAPGroupMapper, LDAPObject lDAPObject) {
            Set<String> attributeAsSet = lDAPObject.getAttributeAsSet("memberOf");
            if (attributeAsSet == null) {
                return Collections.emptyList();
            }
            LinkedList linkedList = new LinkedList();
            LDAPDn fromString = LDAPDn.fromString(commonLDAPGroupMapper.getConfig().getLDAPGroupsDn());
            Iterator<String> it = attributeAsSet.iterator();
            while (it.hasNext()) {
                LDAPDn fromString2 = LDAPDn.fromString(it.next());
                if (fromString2.isDescendantOf(fromString)) {
                    LDAPObject lDAPObject2 = new LDAPObject();
                    lDAPObject2.setDn(fromString2);
                    String firstRdnAttrName = fromString2.getFirstRdnAttrName();
                    if (firstRdnAttrName.equalsIgnoreCase(commonLDAPGroupMapper.getConfig().getLDAPGroupNameLdapAttribute())) {
                        lDAPObject2.setRdnAttributeName(firstRdnAttrName);
                        lDAPObject2.setSingleAttribute(firstRdnAttrName, fromString2.getFirstRdnAttrValue());
                        linkedList.add(lDAPObject2);
                    }
                }
            }
            return linkedList;
        }

        @Override // org.keycloak.federation.ldap.mappers.membership.UserRolesRetrieveStrategy
        public void beforeUserLDAPQuery(LDAPQuery lDAPQuery) {
            lDAPQuery.addReturningLdapAttribute("memberOf");
            lDAPQuery.addReturningReadOnlyLdapAttribute("memberOf");
        }
    }

    /* loaded from: input_file:wildfly-10.1.0.Final/modules/system/add-ons/keycloak/org/keycloak/keycloak-ldap-federation/main/keycloak-ldap-federation-2.1.0.Final.jar:org/keycloak/federation/ldap/mappers/membership/UserRolesRetrieveStrategy$LoadRolesByMember.class */
    public static class LoadRolesByMember implements UserRolesRetrieveStrategy {
        @Override // org.keycloak.federation.ldap.mappers.membership.UserRolesRetrieveStrategy
        public List<LDAPObject> getLDAPRoleMappings(CommonLDAPGroupMapper commonLDAPGroupMapper, LDAPObject lDAPObject) {
            LDAPQuery createLDAPGroupQuery = commonLDAPGroupMapper.createLDAPGroupQuery();
            createLDAPGroupQuery.addWhereCondition(getMembershipCondition(commonLDAPGroupMapper.getConfig().getMembershipLdapAttribute(), LDAPUtils.getMemberValueOfChildObject(lDAPObject, commonLDAPGroupMapper.getConfig().getMembershipTypeLdapAttribute())));
            return createLDAPGroupQuery.getResultList();
        }

        @Override // org.keycloak.federation.ldap.mappers.membership.UserRolesRetrieveStrategy
        public void beforeUserLDAPQuery(LDAPQuery lDAPQuery) {
        }

        protected Condition getMembershipCondition(String str, String str2) {
            return new LDAPQueryConditionsBuilder().equal(str, str2);
        }
    }

    /* loaded from: input_file:wildfly-10.1.0.Final/modules/system/add-ons/keycloak/org/keycloak/keycloak-ldap-federation/main/keycloak-ldap-federation-2.1.0.Final.jar:org/keycloak/federation/ldap/mappers/membership/UserRolesRetrieveStrategy$LoadRolesByMemberRecursively.class */
    public static class LoadRolesByMemberRecursively extends LoadRolesByMember {
        @Override // org.keycloak.federation.ldap.mappers.membership.UserRolesRetrieveStrategy.LoadRolesByMember
        protected Condition getMembershipCondition(String str, String str2) {
            return new LDAPQueryConditionsBuilder().equal(str + LDAPConstants.LDAP_MATCHING_RULE_IN_CHAIN, str2);
        }
    }

    List<LDAPObject> getLDAPRoleMappings(CommonLDAPGroupMapper commonLDAPGroupMapper, LDAPObject lDAPObject);

    void beforeUserLDAPQuery(LDAPQuery lDAPQuery);
}
