package org.keycloak.federation.ldap.mappers;

import java.util.Set;
import org.jboss.logging.Logger;
import org.keycloak.federation.ldap.LDAPFederationProvider;
import org.keycloak.federation.ldap.idm.model.LDAPObject;
import org.keycloak.federation.ldap.idm.query.internal.LDAPQuery;
import org.keycloak.models.ClientModel;
import org.keycloak.models.ModelException;
import org.keycloak.models.RealmModel;
import org.keycloak.models.RoleModel;
import org.keycloak.models.UserFederationMapperModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.utils.KeycloakModelUtils;
import org.keycloak.models.utils.UserModelDelegate;

/* loaded from: input_file:wildfly-10.1.0.Final/modules/system/add-ons/keycloak/org/keycloak/keycloak-ldap-federation/main/keycloak-ldap-federation-2.1.0.Final.jar:org/keycloak/federation/ldap/mappers/HardcodedLDAPRoleMapper.class */
public class HardcodedLDAPRoleMapper extends AbstractLDAPFederationMapper {
    private static final Logger logger = Logger.getLogger((Class<?>) HardcodedLDAPRoleMapper.class);
    public static final String ROLE = "role";

    public HardcodedLDAPRoleMapper(UserFederationMapperModel userFederationMapperModel, LDAPFederationProvider lDAPFederationProvider, RealmModel realmModel) {
        super(userFederationMapperModel, lDAPFederationProvider, realmModel);
    }

    @Override // org.keycloak.federation.ldap.mappers.AbstractLDAPFederationMapper
    public void beforeLDAPQuery(LDAPQuery lDAPQuery) {
    }

    @Override // org.keycloak.federation.ldap.mappers.AbstractLDAPFederationMapper
    public UserModel proxy(LDAPObject lDAPObject, UserModel userModel) {
        return new UserModelDelegate(userModel) { // from class: org.keycloak.federation.ldap.mappers.HardcodedLDAPRoleMapper.1
            @Override // org.keycloak.models.utils.UserModelDelegate, org.keycloak.models.RoleMapperModel
            public Set<RoleModel> getRealmRoleMappings() {
                Set<RoleModel> realmRoleMappings = super.getRealmRoleMappings();
                RoleModel role = HardcodedLDAPRoleMapper.this.getRole();
                if (role != null && role.getContainer().equals(HardcodedLDAPRoleMapper.this.realm)) {
                    realmRoleMappings.add(role);
                }
                return realmRoleMappings;
            }

            @Override // org.keycloak.models.utils.UserModelDelegate, org.keycloak.models.RoleMapperModel
            public Set<RoleModel> getClientRoleMappings(ClientModel clientModel) {
                Set<RoleModel> clientRoleMappings = super.getClientRoleMappings(clientModel);
                RoleModel role = HardcodedLDAPRoleMapper.this.getRole();
                if (role != null && role.getContainer().equals(clientModel)) {
                    clientRoleMappings.add(role);
                }
                return clientRoleMappings;
            }

            @Override // org.keycloak.models.utils.UserModelDelegate, org.keycloak.models.RoleMapperModel
            public boolean hasRole(RoleModel roleModel) {
                return super.hasRole(roleModel) || roleModel.equals(HardcodedLDAPRoleMapper.this.getRole());
            }

            @Override // org.keycloak.models.utils.UserModelDelegate, org.keycloak.models.RoleMapperModel
            public Set<RoleModel> getRoleMappings() {
                Set<RoleModel> roleMappings = super.getRoleMappings();
                RoleModel role = HardcodedLDAPRoleMapper.this.getRole();
                if (role != null) {
                    roleMappings.add(role);
                }
                return roleMappings;
            }

            @Override // org.keycloak.models.utils.UserModelDelegate, org.keycloak.models.RoleMapperModel
            public void deleteRoleMapping(RoleModel roleModel) {
                if (roleModel.equals(HardcodedLDAPRoleMapper.this.getRole())) {
                    throw new ModelException("Not possible to delete role. It's hardcoded by LDAP mapper");
                }
                super.deleteRoleMapping(roleModel);
            }
        };
    }

    @Override // org.keycloak.federation.ldap.mappers.AbstractLDAPFederationMapper
    public void onRegisterUserToLDAP(LDAPObject lDAPObject, UserModel userModel) {
    }

    @Override // org.keycloak.federation.ldap.mappers.AbstractLDAPFederationMapper
    public void onImportUserFromLDAP(LDAPObject lDAPObject, UserModel userModel, boolean z) {
    }

    /* JADX INFO: Access modifiers changed from: private */
    public RoleModel getRole() {
        RoleModel roleFromString = KeycloakModelUtils.getRoleFromString(this.realm, this.mapperModel.getConfig().get("role"));
        if (roleFromString == null) {
            logger.warnf("Hardcoded role '%s' configured in mapper '%s' is not available anymore", new Object[0]);
        }
        return roleFromString;
    }
}
