package org.keycloak.offlineconfig;

import org.jboss.logging.Logger;
import org.keycloak.Config;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.KeycloakSessionFactory;
import org.keycloak.models.RealmModel;
import org.keycloak.models.RealmProvider;
import org.keycloak.models.UserFederationManager;
import org.keycloak.models.UserModel;
import org.keycloak.services.managers.ApplianceBootstrap;

/* loaded from: input_file:org/keycloak/offlineconfig/AdminRecovery.class */
public class AdminRecovery {
    private static final Logger log = Logger.getLogger(AdminRecovery.class);
    public static final String RECOVER_ADMIN_ACCOUNT = "keycloak.recover-admin";
    public static final String TEMP_ADMIN_PASSWORD = "keycloak.temp-admin-password";

    private AdminRecovery() {
    }

    public static void recover(KeycloakSessionFactory keycloakSessionFactory) {
        if (needRecovery()) {
            KeycloakSession create = keycloakSessionFactory.create();
            create.getTransaction().begin();
            try {
                doRecover(create, getTempAdminPassword());
                create.getTransaction().commit();
                log.info("*******************************");
                log.info("Recovered Master Admin account.");
                log.info("*******************************");
            } finally {
                create.close();
                System.clearProperty(RECOVER_ADMIN_ACCOUNT);
                System.clearProperty(TEMP_ADMIN_PASSWORD);
            }
        }
    }

    private static boolean needRecovery() {
        return Boolean.parseBoolean(System.getProperty(RECOVER_ADMIN_ACCOUNT, "false"));
    }

    private static String getTempAdminPassword() {
        String property = System.getProperty(TEMP_ADMIN_PASSWORD);
        if (property == null || property.isEmpty()) {
            throw new OfflineConfigException("Must provide temporary admin password to recover admin account.");
        }
        return property;
    }

    private static void doRecover(KeycloakSession keycloakSession, String str) {
        RealmProvider realms = keycloakSession.realms();
        UserFederationManager users = keycloakSession.users();
        RealmModel realmByName = realms.getRealmByName(Config.getAdminRealm());
        UserModel userByUsername = users.getUserByUsername("admin", realmByName);
        if (userByUsername == null) {
            userByUsername = users.addUser(realmByName, "admin");
        }
        ApplianceBootstrap.setupAdminUser(keycloakSession, realmByName, userByUsername, str);
    }
}
