package org.keycloak.models.jpa;

import java.util.ArrayList;
import java.util.Collections;
import java.util.Comparator;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.persistence.EntityManager;
import javax.persistence.Query;
import javax.persistence.TypedQuery;
import org.keycloak.common.util.MultivaluedHashMap;
import org.keycloak.common.util.Time;
import org.keycloak.hash.PasswordHashManager;
import org.keycloak.models.ClientModel;
import org.keycloak.models.GroupModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.OTPPolicy;
import org.keycloak.models.PasswordPolicy;
import org.keycloak.models.RealmModel;
import org.keycloak.models.RoleContainerModel;
import org.keycloak.models.RoleModel;
import org.keycloak.models.UserCredentialModel;
import org.keycloak.models.UserCredentialValueModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.jpa.entities.CredentialEntity;
import org.keycloak.models.jpa.entities.UserAttributeEntity;
import org.keycloak.models.jpa.entities.UserEntity;
import org.keycloak.models.jpa.entities.UserGroupMembershipEntity;
import org.keycloak.models.jpa.entities.UserRequiredActionEntity;
import org.keycloak.models.jpa.entities.UserRoleMappingEntity;
import org.keycloak.models.utils.KeycloakModelUtils;

/* loaded from: input_file:wildfly-10.1.0.Final/modules/system/add-ons/keycloak/org/keycloak/keycloak-model-jpa/main/keycloak-model-jpa-2.1.0.Final.jar:org/keycloak/models/jpa/UserAdapter.class */
public class UserAdapter implements UserModel, JpaModel<UserEntity> {
    protected UserEntity user;
    protected EntityManager em;
    protected RealmModel realm;
    private final KeycloakSession session;

    public UserAdapter(KeycloakSession keycloakSession, RealmModel realmModel, EntityManager entityManager, UserEntity userEntity) {
        this.em = entityManager;
        this.user = userEntity;
        this.realm = realmModel;
        this.session = keycloakSession;
    }

    /* JADX WARN: Can't rename method to resolve collision */
    @Override // org.keycloak.models.jpa.JpaModel
    public UserEntity getEntity() {
        return this.user;
    }

    @Override // org.keycloak.models.UserModel
    public String getId() {
        return this.user.getId();
    }

    @Override // org.keycloak.models.UserModel
    public String getUsername() {
        return this.user.getUsername();
    }

    @Override // org.keycloak.models.UserModel
    public void setUsername(String str) {
        this.user.setUsername(KeycloakModelUtils.toLowerCaseSafe(str));
    }

    @Override // org.keycloak.models.UserModel
    public Long getCreatedTimestamp() {
        return this.user.getCreatedTimestamp();
    }

    @Override // org.keycloak.models.UserModel
    public void setCreatedTimestamp(Long l) {
        this.user.setCreatedTimestamp(l);
    }

    @Override // org.keycloak.models.UserModel
    public boolean isEnabled() {
        return this.user.isEnabled();
    }

    @Override // org.keycloak.models.UserModel
    public boolean isOtpEnabled() {
        return this.user.isTotp();
    }

    @Override // org.keycloak.models.UserModel
    public void setEnabled(boolean z) {
        this.user.setEnabled(z);
    }

    @Override // org.keycloak.models.UserModel
    public void setSingleAttribute(String str, String str2) {
        boolean z = false;
        ArrayList<UserAttributeEntity> arrayList = new ArrayList();
        for (UserAttributeEntity userAttributeEntity : this.user.getAttributes()) {
            if (userAttributeEntity.getName().equals(str)) {
                if (z) {
                    arrayList.add(userAttributeEntity);
                } else {
                    userAttributeEntity.setValue(str2);
                    z = true;
                }
            }
        }
        for (UserAttributeEntity userAttributeEntity2 : arrayList) {
            this.em.remove(userAttributeEntity2);
            this.user.getAttributes().remove(userAttributeEntity2);
        }
        if (z) {
            return;
        }
        persistAttributeValue(str, str2);
    }

    @Override // org.keycloak.models.UserModel
    public void setAttribute(String str, List<String> list) {
        removeAttribute(str);
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            persistAttributeValue(str, it.next());
        }
    }

    private void persistAttributeValue(String str, String str2) {
        UserAttributeEntity userAttributeEntity = new UserAttributeEntity();
        userAttributeEntity.setId(KeycloakModelUtils.generateId());
        userAttributeEntity.setName(str);
        userAttributeEntity.setValue(str2);
        userAttributeEntity.setUser(this.user);
        this.em.persist(userAttributeEntity);
        this.user.getAttributes().add(userAttributeEntity);
    }

    @Override // org.keycloak.models.UserModel
    public void removeAttribute(String str) {
        Query createNamedQuery = this.em.createNamedQuery("deleteUserAttributesByNameAndUser");
        createNamedQuery.setParameter("name", str);
        createNamedQuery.setParameter("userId", this.user.getId());
        createNamedQuery.executeUpdate();
    }

    @Override // org.keycloak.models.UserModel
    public String getFirstAttribute(String str) {
        for (UserAttributeEntity userAttributeEntity : this.user.getAttributes()) {
            if (userAttributeEntity.getName().equals(str)) {
                return userAttributeEntity.getValue();
            }
        }
        return null;
    }

    @Override // org.keycloak.models.UserModel
    public List<String> getAttribute(String str) {
        ArrayList arrayList = new ArrayList();
        for (UserAttributeEntity userAttributeEntity : this.user.getAttributes()) {
            if (userAttributeEntity.getName().equals(str)) {
                arrayList.add(userAttributeEntity.getValue());
            }
        }
        return arrayList;
    }

    @Override // org.keycloak.models.UserModel
    public Map<String, List<String>> getAttributes() {
        MultivaluedHashMap multivaluedHashMap = new MultivaluedHashMap();
        for (UserAttributeEntity userAttributeEntity : this.user.getAttributes()) {
            multivaluedHashMap.add(userAttributeEntity.getName(), userAttributeEntity.getValue());
        }
        return multivaluedHashMap;
    }

    @Override // org.keycloak.models.UserModel
    public Set<String> getRequiredActions() {
        HashSet hashSet = new HashSet();
        Iterator<UserRequiredActionEntity> it = this.user.getRequiredActions().iterator();
        while (it.hasNext()) {
            hashSet.add(it.next().getAction());
        }
        return hashSet;
    }

    @Override // org.keycloak.models.UserModel
    public void addRequiredAction(UserModel.RequiredAction requiredAction) {
        addRequiredAction(requiredAction.name());
    }

    @Override // org.keycloak.models.UserModel
    public void addRequiredAction(String str) {
        Iterator<UserRequiredActionEntity> it = this.user.getRequiredActions().iterator();
        while (it.hasNext()) {
            if (it.next().getAction().equals(str)) {
                return;
            }
        }
        UserRequiredActionEntity userRequiredActionEntity = new UserRequiredActionEntity();
        userRequiredActionEntity.setAction(str);
        userRequiredActionEntity.setUser(this.user);
        this.em.persist(userRequiredActionEntity);
        this.user.getRequiredActions().add(userRequiredActionEntity);
    }

    @Override // org.keycloak.models.UserModel
    public void removeRequiredAction(UserModel.RequiredAction requiredAction) {
        removeRequiredAction(requiredAction.name());
    }

    @Override // org.keycloak.models.UserModel
    public void removeRequiredAction(String str) {
        Iterator<UserRequiredActionEntity> it = this.user.getRequiredActions().iterator();
        while (it.hasNext()) {
            UserRequiredActionEntity next = it.next();
            if (next.getAction().equals(str)) {
                it.remove();
                this.em.remove(next);
            }
        }
    }

    @Override // org.keycloak.models.UserModel
    public String getFirstName() {
        return this.user.getFirstName();
    }

    @Override // org.keycloak.models.UserModel
    public void setFirstName(String str) {
        this.user.setFirstName(str);
    }

    @Override // org.keycloak.models.UserModel
    public String getLastName() {
        return this.user.getLastName();
    }

    @Override // org.keycloak.models.UserModel
    public void setLastName(String str) {
        this.user.setLastName(str);
    }

    @Override // org.keycloak.models.UserModel
    public String getEmail() {
        return this.user.getEmail();
    }

    @Override // org.keycloak.models.UserModel
    public void setEmail(String str) {
        this.user.setEmail(KeycloakModelUtils.toLowerCaseSafe(str));
    }

    @Override // org.keycloak.models.UserModel
    public boolean isEmailVerified() {
        return this.user.isEmailVerified();
    }

    @Override // org.keycloak.models.UserModel
    public void setEmailVerified(boolean z) {
        this.user.setEmailVerified(z);
    }

    @Override // org.keycloak.models.UserModel
    public void setOtpEnabled(boolean z) {
        this.user.setTotp(z);
    }

    @Override // org.keycloak.models.UserModel
    public void updateCredential(UserCredentialModel userCredentialModel) {
        if (userCredentialModel.getType().equals("password")) {
            updatePasswordCredential(userCredentialModel);
        } else if (UserCredentialModel.isOtp(userCredentialModel.getType())) {
            updateOtpCredential(userCredentialModel);
        } else {
            CredentialEntity credentialEntity = getCredentialEntity(this.user, userCredentialModel.getType());
            if (credentialEntity == null) {
                CredentialEntity credentials = setCredentials(this.user, userCredentialModel);
                credentials.setValue(userCredentialModel.getValue());
                this.em.persist(credentials);
                this.user.getCredentials().add(credentials);
            } else {
                credentialEntity.setValue(userCredentialModel.getValue());
            }
        }
        this.em.flush();
    }

    private void updateOtpCredential(UserCredentialModel userCredentialModel) {
        CredentialEntity credentialEntity = getCredentialEntity(this.user, userCredentialModel.getType());
        if (credentialEntity != null) {
            OTPPolicy oTPPolicy = this.realm.getOTPPolicy();
            credentialEntity.setDigits(oTPPolicy.getDigits());
            credentialEntity.setCounter(oTPPolicy.getInitialCounter());
            credentialEntity.setAlgorithm(oTPPolicy.getAlgorithm());
            credentialEntity.setValue(userCredentialModel.getValue());
            credentialEntity.setPeriod(oTPPolicy.getPeriod());
            return;
        }
        CredentialEntity credentials = setCredentials(this.user, userCredentialModel);
        credentials.setValue(userCredentialModel.getValue());
        OTPPolicy oTPPolicy2 = this.realm.getOTPPolicy();
        credentials.setAlgorithm(oTPPolicy2.getAlgorithm());
        credentials.setDigits(oTPPolicy2.getDigits());
        credentials.setCounter(oTPPolicy2.getInitialCounter());
        credentials.setPeriod(oTPPolicy2.getPeriod());
        this.em.persist(credentials);
        this.user.getCredentials().add(credentials);
    }

    private void updatePasswordCredential(UserCredentialModel userCredentialModel) {
        CredentialEntity credentialEntity = getCredentialEntity(this.user, userCredentialModel.getType());
        if (credentialEntity == null) {
            CredentialEntity credentials = setCredentials(this.user, userCredentialModel);
            setValue(credentials, userCredentialModel);
            this.em.persist(credentials);
            this.user.getCredentials().add(credentials);
            return;
        }
        int i = -1;
        PasswordPolicy passwordPolicy = this.realm.getPasswordPolicy();
        if (passwordPolicy != null) {
            i = passwordPolicy.getExpiredPasswords();
        }
        if (i == -1) {
            List<CredentialEntity> credentialEntities = getCredentialEntities(this.user, UserCredentialModel.PASSWORD_HISTORY);
            if (credentialEntities != null && credentialEntities.size() > 0) {
                this.user.getCredentials().removeAll(credentialEntities);
            }
            setValue(credentialEntity, userCredentialModel);
            return;
        }
        this.user.getCredentials().remove(credentialEntity);
        credentialEntity.setType(UserCredentialModel.PASSWORD_HISTORY);
        this.user.getCredentials().add(credentialEntity);
        List<CredentialEntity> credentialEntities2 = getCredentialEntities(this.user, UserCredentialModel.PASSWORD_HISTORY);
        if (credentialEntities2.size() > i - 1) {
            this.user.getCredentials().removeAll(credentialEntities2.subList(i - 1, credentialEntities2.size()));
        }
        CredentialEntity credentials2 = setCredentials(this.user, userCredentialModel);
        setValue(credentials2, userCredentialModel);
        this.em.persist(credentials2);
        this.user.getCredentials().add(credentials2);
    }

    private CredentialEntity setCredentials(UserEntity userEntity, UserCredentialModel userCredentialModel) {
        CredentialEntity credentialEntity = new CredentialEntity();
        credentialEntity.setId(KeycloakModelUtils.generateId());
        credentialEntity.setType(userCredentialModel.getType());
        credentialEntity.setDevice(userCredentialModel.getDevice());
        credentialEntity.setUser(userEntity);
        return credentialEntity;
    }

    private void setValue(CredentialEntity credentialEntity, UserCredentialModel userCredentialModel) {
        UserCredentialValueModel encode = PasswordHashManager.encode(this.session, this.realm, userCredentialModel.getValue());
        credentialEntity.setCreatedDate(Long.valueOf(Time.toMillis(Time.currentTime())));
        credentialEntity.setAlgorithm(encode.getAlgorithm());
        credentialEntity.setValue(encode.getValue());
        credentialEntity.setSalt(encode.getSalt());
        credentialEntity.setHashIterations(encode.getHashIterations());
    }

    private CredentialEntity getCredentialEntity(UserEntity userEntity, String str) {
        for (CredentialEntity credentialEntity : userEntity.getCredentials()) {
            if (credentialEntity.getType().equals(str)) {
                return credentialEntity;
            }
        }
        return null;
    }

    private List<CredentialEntity> getCredentialEntities(UserEntity userEntity, String str) {
        ArrayList arrayList = new ArrayList();
        for (CredentialEntity credentialEntity : userEntity.getCredentials()) {
            if (credentialEntity.getType().equals(str)) {
                arrayList.add(credentialEntity);
            }
        }
        Collections.sort(arrayList, new Comparator<CredentialEntity>() { // from class: org.keycloak.models.jpa.UserAdapter.1
            @Override // java.util.Comparator
            public int compare(CredentialEntity credentialEntity2, CredentialEntity credentialEntity3) {
                if (credentialEntity2.getCreatedDate().longValue() > credentialEntity3.getCreatedDate().longValue()) {
                    return -1;
                }
                return credentialEntity2.getCreatedDate().longValue() < credentialEntity3.getCreatedDate().longValue() ? 1 : 0;
            }
        });
        return arrayList;
    }

    @Override // org.keycloak.models.UserModel
    public List<UserCredentialValueModel> getCredentialsDirectly() {
        ArrayList<CredentialEntity> arrayList = new ArrayList(this.user.getCredentials());
        ArrayList arrayList2 = new ArrayList();
        for (CredentialEntity credentialEntity : arrayList) {
            UserCredentialValueModel userCredentialValueModel = new UserCredentialValueModel();
            userCredentialValueModel.setType(credentialEntity.getType());
            userCredentialValueModel.setDevice(credentialEntity.getDevice());
            userCredentialValueModel.setValue(credentialEntity.getValue());
            userCredentialValueModel.setCreatedDate(credentialEntity.getCreatedDate());
            userCredentialValueModel.setSalt(credentialEntity.getSalt());
            userCredentialValueModel.setHashIterations(credentialEntity.getHashIterations());
            userCredentialValueModel.setCounter(credentialEntity.getCounter());
            userCredentialValueModel.setAlgorithm(credentialEntity.getAlgorithm());
            userCredentialValueModel.setDigits(credentialEntity.getDigits());
            userCredentialValueModel.setPeriod(credentialEntity.getPeriod());
            arrayList2.add(userCredentialValueModel);
        }
        return arrayList2;
    }

    @Override // org.keycloak.models.UserModel
    public void updateCredentialDirectly(UserCredentialValueModel userCredentialValueModel) {
        CredentialEntity credentialEntity = getCredentialEntity(this.user, userCredentialValueModel.getType());
        if (credentialEntity == null) {
            credentialEntity = new CredentialEntity();
            credentialEntity.setId(KeycloakModelUtils.generateId());
            credentialEntity.setType(userCredentialValueModel.getType());
            credentialEntity.setCreatedDate(userCredentialValueModel.getCreatedDate());
            credentialEntity.setUser(this.user);
            this.em.persist(credentialEntity);
            this.user.getCredentials().add(credentialEntity);
        }
        credentialEntity.setValue(userCredentialValueModel.getValue());
        credentialEntity.setSalt(userCredentialValueModel.getSalt());
        credentialEntity.setDevice(userCredentialValueModel.getDevice());
        credentialEntity.setHashIterations(userCredentialValueModel.getHashIterations());
        credentialEntity.setCounter(userCredentialValueModel.getCounter());
        credentialEntity.setAlgorithm(userCredentialValueModel.getAlgorithm());
        credentialEntity.setDigits(userCredentialValueModel.getDigits());
        credentialEntity.setPeriod(userCredentialValueModel.getPeriod());
        this.em.flush();
    }

    @Override // org.keycloak.models.UserModel
    public Set<GroupModel> getGroups() {
        TypedQuery createNamedQuery = this.em.createNamedQuery("userGroupIds", String.class);
        createNamedQuery.setParameter("user", (Object) getEntity());
        List resultList = createNamedQuery.getResultList();
        HashSet hashSet = new HashSet();
        Iterator it = resultList.iterator();
        while (it.hasNext()) {
            GroupModel groupById = this.realm.getGroupById((String) it.next());
            if (groupById != null) {
                hashSet.add(groupById);
            }
        }
        return hashSet;
    }

    @Override // org.keycloak.models.UserModel
    public void joinGroup(GroupModel groupModel) {
        if (isMemberOf(groupModel)) {
            return;
        }
        joinGroupImpl(groupModel);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void joinGroupImpl(GroupModel groupModel) {
        UserGroupMembershipEntity userGroupMembershipEntity = new UserGroupMembershipEntity();
        userGroupMembershipEntity.setUser(getEntity());
        userGroupMembershipEntity.setGroupId(groupModel.getId());
        this.em.persist(userGroupMembershipEntity);
        this.em.flush();
        this.em.detach(userGroupMembershipEntity);
    }

    @Override // org.keycloak.models.UserModel
    public void leaveGroup(GroupModel groupModel) {
        if (this.user == null || groupModel == null) {
            return;
        }
        List<UserGroupMembershipEntity> resultList = getUserGroupMappingQuery(groupModel).getResultList();
        if (resultList.size() == 0) {
            return;
        }
        Iterator<UserGroupMembershipEntity> it = resultList.iterator();
        while (it.hasNext()) {
            this.em.remove(it.next());
        }
        this.em.flush();
    }

    @Override // org.keycloak.models.UserModel
    public boolean isMemberOf(GroupModel groupModel) {
        return KeycloakModelUtils.isMember(getGroups(), groupModel);
    }

    protected TypedQuery<UserGroupMembershipEntity> getUserGroupMappingQuery(GroupModel groupModel) {
        TypedQuery<UserGroupMembershipEntity> createNamedQuery = this.em.createNamedQuery("userMemberOf", UserGroupMembershipEntity.class);
        createNamedQuery.setParameter("user", (Object) getEntity());
        createNamedQuery.setParameter("groupId", (Object) groupModel.getId());
        return createNamedQuery;
    }

    @Override // org.keycloak.models.RoleMapperModel
    public boolean hasRole(RoleModel roleModel) {
        return KeycloakModelUtils.hasRole(getRoleMappings(), roleModel);
    }

    protected TypedQuery<UserRoleMappingEntity> getUserRoleMappingEntityTypedQuery(RoleModel roleModel) {
        TypedQuery<UserRoleMappingEntity> createNamedQuery = this.em.createNamedQuery("userHasRole", UserRoleMappingEntity.class);
        createNamedQuery.setParameter("user", (Object) getEntity());
        createNamedQuery.setParameter("roleId", (Object) roleModel.getId());
        return createNamedQuery;
    }

    @Override // org.keycloak.models.RoleMapperModel
    public void grantRole(RoleModel roleModel) {
        if (hasRole(roleModel)) {
            return;
        }
        grantRoleImpl(roleModel);
    }

    public void grantRoleImpl(RoleModel roleModel) {
        UserRoleMappingEntity userRoleMappingEntity = new UserRoleMappingEntity();
        userRoleMappingEntity.setUser(getEntity());
        userRoleMappingEntity.setRoleId(roleModel.getId());
        this.em.persist(userRoleMappingEntity);
        this.em.flush();
        this.em.detach(userRoleMappingEntity);
    }

    @Override // org.keycloak.models.RoleMapperModel
    public Set<RoleModel> getRealmRoleMappings() {
        Set<RoleModel> roleMappings = getRoleMappings();
        HashSet hashSet = new HashSet();
        for (RoleModel roleModel : roleMappings) {
            if (roleModel.getContainer() instanceof RealmModel) {
                hashSet.add(roleModel);
            }
        }
        return hashSet;
    }

    @Override // org.keycloak.models.RoleMapperModel
    public Set<RoleModel> getRoleMappings() {
        TypedQuery createNamedQuery = this.em.createNamedQuery("userRoleMappingIds", String.class);
        createNamedQuery.setParameter("user", (Object) getEntity());
        List resultList = createNamedQuery.getResultList();
        HashSet hashSet = new HashSet();
        Iterator it = resultList.iterator();
        while (it.hasNext()) {
            RoleModel roleById = this.realm.getRoleById((String) it.next());
            if (roleById != null) {
                hashSet.add(roleById);
            }
        }
        return hashSet;
    }

    @Override // org.keycloak.models.RoleMapperModel
    public void deleteRoleMapping(RoleModel roleModel) {
        if (this.user == null || roleModel == null) {
            return;
        }
        List<UserRoleMappingEntity> resultList = getUserRoleMappingEntityTypedQuery(roleModel).getResultList();
        if (resultList.size() == 0) {
            return;
        }
        Iterator<UserRoleMappingEntity> it = resultList.iterator();
        while (it.hasNext()) {
            this.em.remove(it.next());
        }
        this.em.flush();
    }

    @Override // org.keycloak.models.RoleMapperModel
    public Set<RoleModel> getClientRoleMappings(ClientModel clientModel) {
        Set<RoleModel> roleMappings = getRoleMappings();
        HashSet hashSet = new HashSet();
        for (RoleModel roleModel : roleMappings) {
            RoleContainerModel container = roleModel.getContainer();
            if ((container instanceof ClientModel) && ((ClientModel) container).getId().equals(clientModel.getId())) {
                hashSet.add(roleModel);
            }
        }
        return hashSet;
    }

    @Override // org.keycloak.models.UserModel
    public String getFederationLink() {
        return this.user.getFederationLink();
    }

    @Override // org.keycloak.models.UserModel
    public void setFederationLink(String str) {
        this.user.setFederationLink(str);
    }

    @Override // org.keycloak.models.UserModel
    public String getServiceAccountClientLink() {
        return this.user.getServiceAccountClientLink();
    }

    @Override // org.keycloak.models.UserModel
    public void setServiceAccountClientLink(String str) {
        this.user.setServiceAccountClientLink(str);
    }

    public boolean equals(Object obj) {
        if (this == obj) {
            return true;
        }
        if (obj == null || !(obj instanceof UserModel)) {
            return false;
        }
        return ((UserModel) obj).getId().equals(getId());
    }

    public int hashCode() {
        return getId().hashCode();
    }
}
