package org.keycloak.models.map.authorization;

import java.util.Collections;
import java.util.EnumMap;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.stream.Collectors;
import org.jboss.logging.Logger;
import org.keycloak.authorization.AuthorizationProvider;
import org.keycloak.authorization.model.PermissionTicket;
import org.keycloak.authorization.model.Resource;
import org.keycloak.authorization.model.ResourceServer;
import org.keycloak.authorization.store.PermissionTicketStore;
import org.keycloak.authorization.store.ResourceStore;
import org.keycloak.common.util.StackUtil;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.ModelDuplicateException;
import org.keycloak.models.map.authorization.adapter.MapPermissionTicketAdapter;
import org.keycloak.models.map.authorization.entity.MapPermissionTicketEntity;
import org.keycloak.models.map.storage.MapKeycloakTransaction;
import org.keycloak.models.map.storage.MapStorage;
import org.keycloak.models.map.storage.ModelCriteriaBuilder;
import org.keycloak.models.map.storage.QueryParameters;
import org.keycloak.utils.StreamsUtil;

/* loaded from: input_file:org/keycloak/models/map/authorization/MapPermissionTicketStore.class */
public class MapPermissionTicketStore implements PermissionTicketStore {
    private static final Logger LOG = Logger.getLogger(MapPermissionTicketStore.class);
    private final AuthorizationProvider authorizationProvider;
    final MapKeycloakTransaction<MapPermissionTicketEntity, PermissionTicket> tx;
    private final MapStorage<MapPermissionTicketEntity, PermissionTicket> permissionTicketStore;

    /* renamed from: org.keycloak.models.map.authorization.MapPermissionTicketStore$1, reason: invalid class name */
    /* loaded from: input_file:org/keycloak/models/map/authorization/MapPermissionTicketStore$1.class */
    static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$org$keycloak$authorization$model$PermissionTicket$FilterOption = new int[PermissionTicket.FilterOption.values().length];

        static {
            try {
                $SwitchMap$org$keycloak$authorization$model$PermissionTicket$FilterOption[PermissionTicket.FilterOption.ID.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$org$keycloak$authorization$model$PermissionTicket$FilterOption[PermissionTicket.FilterOption.SCOPE_ID.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$org$keycloak$authorization$model$PermissionTicket$FilterOption[PermissionTicket.FilterOption.RESOURCE_ID.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$org$keycloak$authorization$model$PermissionTicket$FilterOption[PermissionTicket.FilterOption.OWNER.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
            try {
                $SwitchMap$org$keycloak$authorization$model$PermissionTicket$FilterOption[PermissionTicket.FilterOption.REQUESTER.ordinal()] = 5;
            } catch (NoSuchFieldError e5) {
            }
            try {
                $SwitchMap$org$keycloak$authorization$model$PermissionTicket$FilterOption[PermissionTicket.FilterOption.POLICY_ID.ordinal()] = 6;
            } catch (NoSuchFieldError e6) {
            }
            try {
                $SwitchMap$org$keycloak$authorization$model$PermissionTicket$FilterOption[PermissionTicket.FilterOption.SCOPE_IS_NULL.ordinal()] = 7;
            } catch (NoSuchFieldError e7) {
            }
            try {
                $SwitchMap$org$keycloak$authorization$model$PermissionTicket$FilterOption[PermissionTicket.FilterOption.GRANTED.ordinal()] = 8;
            } catch (NoSuchFieldError e8) {
            }
            try {
                $SwitchMap$org$keycloak$authorization$model$PermissionTicket$FilterOption[PermissionTicket.FilterOption.REQUESTER_IS_NULL.ordinal()] = 9;
            } catch (NoSuchFieldError e9) {
            }
            try {
                $SwitchMap$org$keycloak$authorization$model$PermissionTicket$FilterOption[PermissionTicket.FilterOption.POLICY_IS_NOT_NULL.ordinal()] = 10;
            } catch (NoSuchFieldError e10) {
            }
        }
    }

    public MapPermissionTicketStore(KeycloakSession keycloakSession, MapStorage<MapPermissionTicketEntity, PermissionTicket> mapStorage, AuthorizationProvider authorizationProvider) {
        this.authorizationProvider = authorizationProvider;
        this.permissionTicketStore = mapStorage;
        this.tx = mapStorage.createTransaction(keycloakSession);
        keycloakSession.getTransactionManager().enlist(this.tx);
    }

    private PermissionTicket entityToAdapter(MapPermissionTicketEntity mapPermissionTicketEntity) {
        if (mapPermissionTicketEntity == null) {
            return null;
        }
        return new MapPermissionTicketAdapter(mapPermissionTicketEntity, this.authorizationProvider.getStoreFactory());
    }

    private ModelCriteriaBuilder<PermissionTicket> forResourceServer(String str) {
        ModelCriteriaBuilder<PermissionTicket> createCriteriaBuilder = this.permissionTicketStore.createCriteriaBuilder();
        return str == null ? createCriteriaBuilder : createCriteriaBuilder.compare(PermissionTicket.SearchableFields.RESOURCE_SERVER_ID, ModelCriteriaBuilder.Operator.EQ, str);
    }

    public long count(Map<PermissionTicket.FilterOption, String> map, String str) {
        return this.tx.getCount(QueryParameters.withCriteria(forResourceServer(str).and((ModelCriteriaBuilder[]) map.entrySet().stream().map(this::filterEntryToModelCriteriaBuilder).toArray(i -> {
            return new ModelCriteriaBuilder[i];
        }))));
    }

    public PermissionTicket create(String str, String str2, String str3, ResourceServer resourceServer) {
        LOG.tracef("create(%s, %s, %s, %s)%s", new Object[]{str, str2, str3, resourceServer, StackUtil.getShortStackTrace()});
        String owner = this.authorizationProvider.getStoreFactory().getResourceStore().findById(str, resourceServer.getId()).getOwner();
        ModelCriteriaBuilder<PermissionTicket> compare = forResourceServer(resourceServer.getId()).compare(PermissionTicket.SearchableFields.OWNER, ModelCriteriaBuilder.Operator.EQ, owner).compare(PermissionTicket.SearchableFields.RESOURCE_ID, ModelCriteriaBuilder.Operator.EQ, str).compare(PermissionTicket.SearchableFields.REQUESTER, ModelCriteriaBuilder.Operator.EQ, str3);
        if (str2 != null) {
            compare = compare.compare(PermissionTicket.SearchableFields.SCOPE_ID, ModelCriteriaBuilder.Operator.EQ, str2);
        }
        if (this.tx.getCount(QueryParameters.withCriteria(compare)) > 0) {
            throw new ModelDuplicateException("Permission ticket for resource server: '" + resourceServer.getId() + ", Resource: " + str + ", owner: " + owner + ", scopeId: " + str2 + " already exists.");
        }
        MapPermissionTicketEntity mapPermissionTicketEntity = new MapPermissionTicketEntity(null);
        mapPermissionTicketEntity.setResourceId(str);
        mapPermissionTicketEntity.setRequester(str3);
        mapPermissionTicketEntity.setCreatedTimestamp(Long.valueOf(System.currentTimeMillis()));
        if (str2 != null) {
            mapPermissionTicketEntity.setScopeId(str2);
        }
        mapPermissionTicketEntity.setOwner(owner);
        mapPermissionTicketEntity.setResourceServerId(resourceServer.getId());
        return entityToAdapter(this.tx.create(mapPermissionTicketEntity));
    }

    public void delete(String str) {
        LOG.tracef("delete(%s)%s", str, StackUtil.getShortStackTrace());
        this.tx.delete(str);
    }

    public PermissionTicket findById(String str, String str2) {
        LOG.tracef("findById(%s, %s)%s", str, str2, StackUtil.getShortStackTrace());
        return (PermissionTicket) this.tx.read(QueryParameters.withCriteria(forResourceServer(str2).compare(PermissionTicket.SearchableFields.ID, ModelCriteriaBuilder.Operator.EQ, str))).findFirst().map(this::entityToAdapter).orElse(null);
    }

    public List<PermissionTicket> findByResourceServer(String str) {
        LOG.tracef("findByResourceServer(%s)%s", str, StackUtil.getShortStackTrace());
        return (List) this.tx.read(QueryParameters.withCriteria(forResourceServer(str))).map(this::entityToAdapter).collect(Collectors.toList());
    }

    public List<PermissionTicket> findByOwner(String str, String str2) {
        LOG.tracef("findByOwner(%s, %s)%s", str, str2, StackUtil.getShortStackTrace());
        return (List) this.tx.read(QueryParameters.withCriteria(forResourceServer(str2).compare(PermissionTicket.SearchableFields.OWNER, ModelCriteriaBuilder.Operator.EQ, str))).map(this::entityToAdapter).collect(Collectors.toList());
    }

    public List<PermissionTicket> findByResource(String str, String str2) {
        LOG.tracef("findByResource(%s, %s)%s", str, str2, StackUtil.getShortStackTrace());
        return (List) this.tx.read(QueryParameters.withCriteria(forResourceServer(str2).compare(PermissionTicket.SearchableFields.RESOURCE_ID, ModelCriteriaBuilder.Operator.EQ, str))).map(this::entityToAdapter).collect(Collectors.toList());
    }

    public List<PermissionTicket> findByScope(String str, String str2) {
        LOG.tracef("findByScope(%s, %s)%s", str, str2, StackUtil.getShortStackTrace());
        return (List) this.tx.read(QueryParameters.withCriteria(forResourceServer(str2).compare(PermissionTicket.SearchableFields.SCOPE_ID, ModelCriteriaBuilder.Operator.EQ, str))).map(this::entityToAdapter).collect(Collectors.toList());
    }

    public List<PermissionTicket> find(Map<PermissionTicket.FilterOption, String> map, String str, int i, int i2) {
        ModelCriteriaBuilder<PermissionTicket> forResourceServer = forResourceServer(str);
        if (map.containsKey(PermissionTicket.FilterOption.RESOURCE_NAME)) {
            String remove = map.remove(PermissionTicket.FilterOption.RESOURCE_NAME);
            EnumMap enumMap = new EnumMap(Resource.FilterOption.class);
            enumMap.put((EnumMap) Resource.FilterOption.EXACT_NAME, (Resource.FilterOption) new String[]{remove});
            List findByResourceServer = this.authorizationProvider.getStoreFactory().getResourceStore().findByResourceServer(enumMap, str, -1, -1);
            if (findByResourceServer == null || findByResourceServer.isEmpty()) {
                return Collections.emptyList();
            }
            forResourceServer = forResourceServer.compare(PermissionTicket.SearchableFields.RESOURCE_ID, ModelCriteriaBuilder.Operator.IN, findByResourceServer.stream().map((v0) -> {
                return v0.getId();
            }));
        }
        return (List) this.tx.read(QueryParameters.withCriteria(forResourceServer.and((ModelCriteriaBuilder[]) map.entrySet().stream().map(this::filterEntryToModelCriteriaBuilder).toArray(i3 -> {
            return new ModelCriteriaBuilder[i3];
        }))).pagination(Integer.valueOf(i), Integer.valueOf(i2), PermissionTicket.SearchableFields.ID)).map(this::entityToAdapter).collect(Collectors.toList());
    }

    private ModelCriteriaBuilder<PermissionTicket> filterEntryToModelCriteriaBuilder(Map.Entry<PermissionTicket.FilterOption, String> entry) {
        PermissionTicket.FilterOption key = entry.getKey();
        String value = entry.getValue();
        switch (AnonymousClass1.$SwitchMap$org$keycloak$authorization$model$PermissionTicket$FilterOption[key.ordinal()]) {
            case 1:
            case 2:
            case 3:
            case 4:
            case 5:
            case 6:
                return this.permissionTicketStore.createCriteriaBuilder().compare(key.getSearchableModelField(), ModelCriteriaBuilder.Operator.EQ, value);
            case 7:
            case 8:
            case 9:
                ModelCriteriaBuilder.Operator operator = ModelCriteriaBuilder.Operator.NOT_EXISTS;
                if (Boolean.parseBoolean(value)) {
                    operator = ModelCriteriaBuilder.Operator.EXISTS;
                }
                return this.permissionTicketStore.createCriteriaBuilder().compare(key.getSearchableModelField(), operator, new Object[0]);
            case 10:
                return this.permissionTicketStore.createCriteriaBuilder().compare(PermissionTicket.SearchableFields.REQUESTER, ModelCriteriaBuilder.Operator.NOT_EXISTS, new Object[0]);
            default:
                throw new IllegalArgumentException("Unsupported filter [" + key + "]");
        }
    }

    public List<PermissionTicket> findGranted(String str, String str2) {
        EnumMap enumMap = new EnumMap(PermissionTicket.FilterOption.class);
        enumMap.put((EnumMap) PermissionTicket.FilterOption.GRANTED, (PermissionTicket.FilterOption) Boolean.TRUE.toString());
        enumMap.put((EnumMap) PermissionTicket.FilterOption.REQUESTER, (PermissionTicket.FilterOption) str);
        return find(enumMap, str2, -1, -1);
    }

    public List<PermissionTicket> findGranted(String str, String str2, String str3) {
        EnumMap enumMap = new EnumMap(PermissionTicket.FilterOption.class);
        enumMap.put((EnumMap) PermissionTicket.FilterOption.RESOURCE_NAME, (PermissionTicket.FilterOption) str);
        enumMap.put((EnumMap) PermissionTicket.FilterOption.GRANTED, (PermissionTicket.FilterOption) Boolean.TRUE.toString());
        enumMap.put((EnumMap) PermissionTicket.FilterOption.REQUESTER, (PermissionTicket.FilterOption) str2);
        return find(enumMap, str3, -1, -1);
    }

    public List<Resource> findGrantedResources(String str, String str2, int i, int i2) {
        ModelCriteriaBuilder<PermissionTicket> compare = this.permissionTicketStore.createCriteriaBuilder().compare(PermissionTicket.SearchableFields.REQUESTER, ModelCriteriaBuilder.Operator.EQ, str).compare(PermissionTicket.SearchableFields.GRANTED_TIMESTAMP, ModelCriteriaBuilder.Operator.EXISTS, new Object[0]);
        ResourceStore resourceStore = this.authorizationProvider.getStoreFactory().getResourceStore();
        return (List) StreamsUtil.paginatedStream(this.tx.read(QueryParameters.withCriteria(compare).orderBy(PermissionTicket.SearchableFields.RESOURCE_ID, QueryParameters.Order.ASCENDING)).filter(StreamsUtil.distinctByKey((v0) -> {
            return v0.getResourceId();
        })).map(str2 != null ? mapPermissionTicketEntity -> {
            EnumMap enumMap = new EnumMap(Resource.FilterOption.class);
            enumMap.put((EnumMap) Resource.FilterOption.ID, (Resource.FilterOption) new String[]{mapPermissionTicketEntity.getResourceId()});
            enumMap.put((EnumMap) Resource.FilterOption.NAME, (Resource.FilterOption) new String[]{str2});
            List findByResourceServer = resourceStore.findByResourceServer(enumMap, mapPermissionTicketEntity.getResourceServerId(), -1, 1);
            if (findByResourceServer.isEmpty()) {
                return null;
            }
            return (Resource) findByResourceServer.get(0);
        } : mapPermissionTicketEntity2 -> {
            return resourceStore.findById(mapPermissionTicketEntity2.getResourceId(), mapPermissionTicketEntity2.getResourceServerId());
        }).filter((v0) -> {
            return Objects.nonNull(v0);
        }), Integer.valueOf(i), Integer.valueOf(i2)).collect(Collectors.toList());
    }

    public List<Resource> findGrantedOwnerResources(String str, int i, int i2) {
        return (List) StreamsUtil.paginatedStream(this.tx.read(QueryParameters.withCriteria(this.permissionTicketStore.createCriteriaBuilder().compare(PermissionTicket.SearchableFields.OWNER, ModelCriteriaBuilder.Operator.EQ, str)).orderBy(PermissionTicket.SearchableFields.RESOURCE_ID, QueryParameters.Order.ASCENDING)).filter(StreamsUtil.distinctByKey((v0) -> {
            return v0.getResourceId();
        })), Integer.valueOf(i), Integer.valueOf(i2)).map(mapPermissionTicketEntity -> {
            return this.authorizationProvider.getStoreFactory().getResourceStore().findById(mapPermissionTicketEntity.getResourceId(), mapPermissionTicketEntity.getResourceServerId());
        }).collect(Collectors.toList());
    }
}
