package org.keycloak.partialimport;

import jakarta.ws.rs.core.Response;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Set;
import org.keycloak.models.ClientModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.models.RoleModel;
import org.keycloak.representations.idm.ClientRepresentation;
import org.keycloak.representations.idm.PartialImportRepresentation;
import org.keycloak.representations.idm.RoleRepresentation;
import org.keycloak.services.ErrorResponse;
import org.keycloak.services.util.DPoPUtil;
import org.keycloak.userprofile.DeclarativeUserProfileProviderFactory;

/* loaded from: input_file:org/keycloak/partialimport/ClientRolesPartialImport.class */
public class ClientRolesPartialImport {
    private final Map<String, Set<RoleRepresentation>> toOverwrite = new HashMap();
    private final Map<String, Set<RoleRepresentation>> toSkip = new HashMap();

    /* renamed from: org.keycloak.partialimport.ClientRolesPartialImport$1, reason: invalid class name */
    /* loaded from: input_file:org/keycloak/partialimport/ClientRolesPartialImport$1.class */
    static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$org$keycloak$representations$idm$PartialImportRepresentation$Policy = new int[PartialImportRepresentation.Policy.values().length];

        static {
            try {
                $SwitchMap$org$keycloak$representations$idm$PartialImportRepresentation$Policy[PartialImportRepresentation.Policy.SKIP.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$org$keycloak$representations$idm$PartialImportRepresentation$Policy[PartialImportRepresentation.Policy.OVERWRITE.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
        }
    }

    public Map<String, Set<RoleRepresentation>> getToOverwrite() {
        return this.toOverwrite;
    }

    public Map<String, Set<RoleRepresentation>> getToSkip() {
        return this.toSkip;
    }

    public Map<String, List<RoleRepresentation>> getRepList(PartialImportRepresentation partialImportRepresentation) {
        if (partialImportRepresentation.getRoles() == null) {
            return null;
        }
        return partialImportRepresentation.getRoles().getClient();
    }

    public String getName(RoleRepresentation roleRepresentation) {
        if (roleRepresentation.getName() == null) {
            throw new IllegalStateException("Client role to import does not have a name");
        }
        return roleRepresentation.getName();
    }

    public String getCombinedName(String str, RoleRepresentation roleRepresentation) {
        return str + "-->" + getName(roleRepresentation);
    }

    public boolean exists(RealmModel realmModel, KeycloakSession keycloakSession, String str, RoleRepresentation roleRepresentation) {
        ClientModel clientByClientId = realmModel.getClientByClientId(str);
        if (clientByClientId == null) {
            return false;
        }
        return clientByClientId.getRolesStream().anyMatch(roleModel -> {
            return Objects.equals(getName(roleRepresentation), roleModel.getName());
        });
    }

    private boolean clientExists(PartialImportRepresentation partialImportRepresentation, RealmModel realmModel, String str) {
        if (realmModel.getClientByClientId(str) != null) {
            return true;
        }
        if (partialImportRepresentation.getClients() == null) {
            return false;
        }
        Iterator it = partialImportRepresentation.getClients().iterator();
        while (it.hasNext()) {
            if (str.equals(((ClientRepresentation) it.next()).getClientId())) {
                return true;
            }
        }
        return false;
    }

    public String existsMessage(String str, RoleRepresentation roleRepresentation) {
        return "Client role '" + getName(roleRepresentation) + "' for client '" + str + "' already exists.";
    }

    public ResourceType getResourceType() {
        return ResourceType.CLIENT_ROLE;
    }

    public void deleteRole(RealmModel realmModel, String str, RoleRepresentation roleRepresentation) {
        RoleModel role;
        ClientModel clientByClientId = realmModel.getClientByClientId(str);
        if (clientByClientId == null || (role = clientByClientId.getRole(getName(roleRepresentation))) == null) {
            return;
        }
        clientByClientId.removeRole(role);
    }

    public void prepare(PartialImportRepresentation partialImportRepresentation, RealmModel realmModel, KeycloakSession keycloakSession) throws ErrorResponseException {
        Map<String, List<RoleRepresentation>> repList = getRepList(partialImportRepresentation);
        if (repList == null || repList.isEmpty()) {
            return;
        }
        for (String str : repList.keySet()) {
            if (!clientExists(partialImportRepresentation, realmModel, str)) {
                throw noClientFound(str);
            }
            this.toOverwrite.put(str, new HashSet());
            this.toSkip.put(str, new HashSet());
            for (RoleRepresentation roleRepresentation : repList.get(str)) {
                if (exists(realmModel, keycloakSession, str, roleRepresentation)) {
                    switch (AnonymousClass1.$SwitchMap$org$keycloak$representations$idm$PartialImportRepresentation$Policy[partialImportRepresentation.getPolicy().ordinal()]) {
                        case DeclarativeUserProfileProviderFactory.PROVIDER_PRIORITY /* 1 */:
                            this.toSkip.get(str).add(roleRepresentation);
                            break;
                        case DPoPUtil.DEFAULT_ALLOWED_CLOCK_SKEW /* 2 */:
                            this.toOverwrite.get(str).add(roleRepresentation);
                            break;
                        default:
                            throw exists(existsMessage(str, roleRepresentation));
                    }
                }
            }
        }
    }

    protected ErrorResponseException exists(String str) {
        throw ErrorResponse.exists(str);
    }

    protected ErrorResponseException noClientFound(String str) {
        throw ErrorResponse.error("Can not import client roles for nonexistent client named " + str, Response.Status.PRECONDITION_FAILED);
    }

    public PartialImportResult overwritten(String str, String str2, RoleRepresentation roleRepresentation) {
        return PartialImportResult.overwritten(getResourceType(), getCombinedName(str, roleRepresentation), str2, roleRepresentation);
    }

    public PartialImportResult skipped(String str, String str2, RoleRepresentation roleRepresentation) {
        return PartialImportResult.skipped(getResourceType(), getCombinedName(str, roleRepresentation), str2, roleRepresentation);
    }

    public PartialImportResult added(String str, String str2, RoleRepresentation roleRepresentation) {
        return PartialImportResult.added(getResourceType(), getCombinedName(str, roleRepresentation), str2, roleRepresentation);
    }

    public String getModelId(RealmModel realmModel, String str) {
        return realmModel.getClientByClientId(str).getId();
    }
}
