package org.keycloak.connections.jpa;

import com.fasterxml.jackson.core.type.TypeReference;
import io.quarkus.runtime.Quarkus;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.lang.annotation.Annotation;
import java.sql.Connection;
import java.sql.DatabaseMetaData;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.StringTokenizer;
import javax.enterprise.inject.Instance;
import javax.enterprise.inject.spi.CDI;
import javax.persistence.EntityManager;
import javax.persistence.EntityManagerFactory;
import javax.persistence.SynchronizationType;
import javax.transaction.SystemException;
import javax.transaction.Transaction;
import org.hibernate.internal.SessionFactoryImpl;
import org.jboss.logging.Logger;
import org.keycloak.Config;
import org.keycloak.ServerStartupError;
import org.keycloak.common.Version;
import org.keycloak.configuration.MicroProfileConfigProvider;
import org.keycloak.connections.jpa.updater.JpaUpdaterProvider;
import org.keycloak.connections.liquibase.QuarkusJpaUpdaterProvider;
import org.keycloak.exportimport.ExportImportManager;
import org.keycloak.migration.MigrationModelManager;
import org.keycloak.migration.ModelVersion;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.KeycloakSessionFactory;
import org.keycloak.models.ModelDuplicateException;
import org.keycloak.models.RealmModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.UserProvider;
import org.keycloak.models.dblock.DBLockManager;
import org.keycloak.models.dblock.DBLockProvider;
import org.keycloak.models.utils.KeycloakModelUtils;
import org.keycloak.models.utils.RepresentationToModel;
import org.keycloak.provider.ServerInfoAwareProviderFactory;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.representations.idm.UserRepresentation;
import org.keycloak.services.ServicesLogger;
import org.keycloak.services.managers.ApplianceBootstrap;
import org.keycloak.services.managers.RealmManager;
import org.keycloak.transaction.JtaTransactionManagerLookup;
import org.keycloak.util.JsonSerialization;

/* loaded from: input_file:org/keycloak/connections/jpa/QuarkusJpaConnectionProviderFactory.class */
public final class QuarkusJpaConnectionProviderFactory implements JpaConnectionProviderFactory, ServerInfoAwareProviderFactory {
    private static final Logger logger = Logger.getLogger(QuarkusJpaConnectionProviderFactory.class);
    private static final String SQL_GET_LATEST_VERSION = "SELECT VERSION FROM %sMIGRATION_MODEL";
    private EntityManagerFactory emf;
    private Config.Scope config;
    private Map<String, String> operationalInfo;
    private KeycloakSessionFactory factory;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/keycloak/connections/jpa/QuarkusJpaConnectionProviderFactory$MigrationStrategy.class */
    public enum MigrationStrategy {
        UPDATE,
        VALIDATE,
        MANUAL
    }

    /* renamed from: create, reason: merged with bridge method [inline-methods] */
    public JpaConnectionProvider m10create(KeycloakSession keycloakSession) {
        logger.trace("Create QuarkusJpaConnectionProvider");
        return new DefaultJpaConnectionProvider(createEntityManager(keycloakSession));
    }

    public void close() {
        if (this.emf != null) {
            this.emf.close();
        }
    }

    public String getId() {
        return MicroProfileConfigProvider.NS_QUARKUS;
    }

    public void init(Config.Scope scope) {
        this.config = scope;
    }

    public void postInit(KeycloakSessionFactory keycloakSessionFactory) {
        this.factory = keycloakSessionFactory;
        Instance select = CDI.current().select(EntityManagerFactory.class, new Annotation[0]);
        if (!select.isResolvable()) {
            throw new RuntimeException("Failed to resolve " + EntityManagerFactory.class + " from Quarkus runtime");
        }
        this.emf = (EntityManagerFactory) select.get();
        KeycloakSession create = keycloakSessionFactory.create();
        try {
            try {
                Connection connection = getConnection();
                Throwable th = null;
                try {
                    try {
                        createOperationalInfo(connection);
                        boolean createOrUpdateSchema = createOrUpdateSchema(getSchema(), connection, create);
                        if (connection != null) {
                            if (0 != 0) {
                                try {
                                    connection.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            } else {
                                connection.close();
                            }
                        }
                        if (createOrUpdateSchema) {
                            KeycloakModelUtils.runJobInTransaction(keycloakSessionFactory, this::initSchemaOrExport);
                        }
                    } catch (Throwable th3) {
                        th = th3;
                        throw th3;
                    }
                } catch (Throwable th4) {
                    if (connection != null) {
                        if (th != null) {
                            try {
                                connection.close();
                            } catch (Throwable th5) {
                                th.addSuppressed(th5);
                            }
                        } else {
                            connection.close();
                        }
                    }
                    throw th4;
                }
            } finally {
                create.close();
            }
        } catch (SQLException e) {
            throw new RuntimeException("Failed to update database.", e);
        }
    }

    public Connection getConnection() {
        try {
            return ((SessionFactoryImpl) SessionFactoryImpl.class.cast(this.emf)).getJdbcServices().getBootstrapJdbcConnectionAccess().obtainConnection();
        } catch (SQLException e) {
            throw new RuntimeException("Failed to obtain JDBC connection", e);
        }
    }

    public String getSchema() {
        return this.config.get("schema");
    }

    public Map<String, String> getOperationalInfo() {
        return this.operationalInfo;
    }

    public int order() {
        return 100;
    }

    private MigrationStrategy getMigrationStrategy() {
        String str = this.config.get("migrationStrategy");
        if (str == null) {
            str = this.config.get("databaseSchema");
        }
        return str != null ? MigrationStrategy.valueOf(str.toUpperCase()) : MigrationStrategy.UPDATE;
    }

    private void initSchemaOrExport(KeycloakSession keycloakSession) {
        ExportImportManager exportImportManager = new ExportImportManager(keycloakSession);
        if ((Config.getProvider("realm") == null || "jpa".equals(Config.getProvider("realm"))) && ((Config.getProvider("client") == null || "jpa".equals(Config.getProvider("client"))) && (Config.getProvider("clientScope") == null || "jpa".equals(Config.getProvider("clientScope"))))) {
            logger.debug("Calling migrateModel");
            migrateModel(keycloakSession);
        }
        DBLockManager dBLockManager = new DBLockManager(keycloakSession);
        dBLockManager.checkForcedUnlock();
        DBLockProvider dBLock = dBLockManager.getDBLock();
        dBLock.waitForLock(DBLockProvider.Namespace.KEYCLOAK_BOOT);
        try {
            createMasterRealm(exportImportManager);
            dBLock.releaseLock();
            if (exportImportManager.isRunExport()) {
                exportImportManager.runExport();
                Quarkus.asyncExit();
            }
        } catch (Throwable th) {
            dBLock.releaseLock();
            throw th;
        }
    }

    private ExportImportManager createMasterRealm(ExportImportManager exportImportManager) {
        logger.debug("bootstrap");
        KeycloakSession create = this.factory.create();
        try {
            try {
                create.getTransactionManager().begin();
                JtaTransactionManagerLookup providerFactory = this.factory.getProviderFactory(JtaTransactionManagerLookup.class);
                if (providerFactory != null && providerFactory.getTransactionManager() != null) {
                    try {
                        Transaction transaction = providerFactory.getTransactionManager().getTransaction();
                        logger.debugv("bootstrap current transaction? {0}", Boolean.valueOf(transaction != null));
                        if (transaction != null) {
                            logger.debugv("bootstrap current transaction status? {0}", Integer.valueOf(transaction.getStatus()));
                        }
                    } catch (SystemException e) {
                        throw new RuntimeException((Throwable) e);
                    }
                }
                ApplianceBootstrap applianceBootstrap = new ApplianceBootstrap(create);
                boolean isNewInstall = applianceBootstrap.isNewInstall();
                if (exportImportManager.isRunImport() && exportImportManager.isImportMasterIncluded()) {
                    isNewInstall = false;
                }
                if (isNewInstall) {
                    applianceBootstrap.createMasterRealm();
                }
                create.getTransactionManager().commit();
                create.close();
                if (exportImportManager.isRunImport()) {
                    exportImportManager.runImport();
                    Quarkus.asyncExit();
                } else {
                    importRealms();
                }
                importAddUser();
                return exportImportManager;
            } catch (RuntimeException e2) {
                if (create.getTransactionManager().isActive()) {
                    create.getTransactionManager().rollback();
                }
                throw e2;
            }
        } catch (Throwable th) {
            create.close();
            throw th;
        }
    }

    private void migrateModel(KeycloakSession keycloakSession) {
        try {
            MigrationModelManager.migrate(keycloakSession);
        } catch (Exception e) {
            throw e;
        }
    }

    private void importRealms() {
        String property = System.getProperty("keycloak.import");
        if (property != null) {
            StringTokenizer stringTokenizer = new StringTokenizer(property, ",");
            while (stringTokenizer.hasMoreTokens()) {
                String trim = stringTokenizer.nextToken().trim();
                try {
                    importRealm((RealmRepresentation) JsonSerialization.readValue(new FileInputStream(trim), RealmRepresentation.class), "file " + trim);
                } catch (Exception e) {
                    throw new RuntimeException(e);
                }
            }
        }
    }

    private void importRealm(RealmRepresentation realmRepresentation, String str) {
        KeycloakSession create = this.factory.create();
        boolean z = false;
        try {
            create.getTransactionManager().begin();
            try {
                RealmManager realmManager = new RealmManager(create);
                if (realmRepresentation.getId() != null && realmManager.getRealm(realmRepresentation.getId()) != null) {
                    ServicesLogger.LOGGER.realmExists(realmRepresentation.getRealm(), str);
                    z = true;
                }
                if (realmManager.getRealmByName(realmRepresentation.getRealm()) != null) {
                    ServicesLogger.LOGGER.realmExists(realmRepresentation.getRealm(), str);
                    z = true;
                }
                if (!z) {
                    ServicesLogger.LOGGER.importedRealm(realmManager.importRealm(realmRepresentation).getName(), str);
                }
                create.getTransactionManager().commit();
            } catch (Throwable th) {
                create.getTransactionManager().rollback();
                if (!z) {
                    ServicesLogger.LOGGER.unableToImportRealm(th, realmRepresentation.getRealm(), str);
                }
            }
        } finally {
            create.close();
        }
    }

    private void importAddUser() {
        String property = System.getProperty("jboss.server.config.dir");
        if (property != null) {
            File file = new File(property + File.separator + "keycloak-add-user.json");
            if (file.isFile()) {
                ServicesLogger.LOGGER.imprtingUsersFrom(file);
                try {
                    for (RealmRepresentation realmRepresentation : (List) JsonSerialization.readValue(new FileInputStream(file), new TypeReference<List<RealmRepresentation>>() { // from class: org.keycloak.connections.jpa.QuarkusJpaConnectionProviderFactory.1
                    })) {
                        for (UserRepresentation userRepresentation : realmRepresentation.getUsers()) {
                            KeycloakSession create = this.factory.create();
                            try {
                                try {
                                    create.getTransactionManager().begin();
                                    RealmModel realmByName = create.realms().getRealmByName(realmRepresentation.getRealm());
                                    if (realmByName == null) {
                                        ServicesLogger.LOGGER.addUserFailedRealmNotFound(userRepresentation.getUsername(), realmRepresentation.getRealm());
                                    }
                                    UserProvider users = create.users();
                                    if (users.getUserByUsername(realmByName, userRepresentation.getUsername()) != null) {
                                        ServicesLogger.LOGGER.notCreatingExistingUser(userRepresentation.getUsername());
                                    } else {
                                        UserModel addUser = users.addUser(realmByName, userRepresentation.getUsername());
                                        addUser.setEnabled(userRepresentation.isEnabled().booleanValue());
                                        RepresentationToModel.createCredentials(userRepresentation, create, realmByName, addUser, false);
                                        RepresentationToModel.createRoleMappings(userRepresentation, addUser, realmByName);
                                        ServicesLogger.LOGGER.addUserSuccess(userRepresentation.getUsername(), realmRepresentation.getRealm());
                                    }
                                    create.getTransactionManager().commit();
                                    create.close();
                                } catch (ModelDuplicateException e) {
                                    create.getTransactionManager().rollback();
                                    ServicesLogger.LOGGER.addUserFailedUserExists(userRepresentation.getUsername(), realmRepresentation.getRealm());
                                    create.close();
                                } catch (Throwable th) {
                                    create.getTransactionManager().rollback();
                                    ServicesLogger.LOGGER.addUserFailed(th, userRepresentation.getUsername(), realmRepresentation.getRealm());
                                    create.close();
                                }
                            } catch (Throwable th2) {
                                create.close();
                                throw th2;
                            }
                        }
                    }
                    if (file.delete()) {
                        return;
                    }
                    ServicesLogger.LOGGER.failedToDeleteFile(file.getAbsolutePath());
                } catch (IOException e2) {
                    ServicesLogger.LOGGER.failedToLoadUsers(e2);
                }
            }
        }
    }

    private String getSchema(String str) {
        return str == null ? "" : str + ".";
    }

    private File getDatabaseUpdateFile() {
        return new File(this.config.get("migrationExport", "keycloak-database-update.sql"));
    }

    private void createOperationalInfo(Connection connection) {
        try {
            this.operationalInfo = new LinkedHashMap();
            DatabaseMetaData metaData = connection.getMetaData();
            this.operationalInfo.put("databaseUrl", metaData.getURL());
            this.operationalInfo.put("databaseUser", metaData.getUserName());
            this.operationalInfo.put("databaseProduct", metaData.getDatabaseProductName() + " " + metaData.getDatabaseProductVersion());
            this.operationalInfo.put("databaseDriver", metaData.getDriverName() + " " + metaData.getDriverVersion());
            logger.debugf("Database info: %s", this.operationalInfo.toString());
        } catch (SQLException e) {
            logger.warn("Unable to prepare operational info due database exception: " + e.getMessage());
        }
    }

    /* JADX WARN: Finally extract failed */
    private boolean createOrUpdateSchema(String str, Connection connection, KeycloakSession keycloakSession) {
        MigrationStrategy migrationStrategy = getMigrationStrategy();
        boolean booleanValue = this.config.getBoolean("initializeEmpty", true).booleanValue();
        File databaseUpdateFile = getDatabaseUpdateFile();
        String str2 = null;
        try {
            Statement createStatement = connection.createStatement();
            Throwable th = null;
            try {
                ResultSet executeQuery = createStatement.executeQuery(String.format(SQL_GET_LATEST_VERSION, getSchema(str)));
                Throwable th2 = null;
                try {
                    if (executeQuery.next()) {
                        str2 = executeQuery.getString(1);
                    }
                    if (executeQuery != null) {
                        if (0 != 0) {
                            try {
                                executeQuery.close();
                            } catch (Throwable th3) {
                                th2.addSuppressed(th3);
                            }
                        } else {
                            executeQuery.close();
                        }
                    }
                    if (createStatement != null) {
                        if (0 != 0) {
                            try {
                                createStatement.close();
                            } catch (Throwable th4) {
                                th.addSuppressed(th4);
                            }
                        } else {
                            createStatement.close();
                        }
                    }
                } catch (Throwable th5) {
                    if (executeQuery != null) {
                        if (0 != 0) {
                            try {
                                executeQuery.close();
                            } catch (Throwable th6) {
                                th2.addSuppressed(th6);
                            }
                        } else {
                            executeQuery.close();
                        }
                    }
                    throw th5;
                }
            } catch (Throwable th7) {
                if (createStatement != null) {
                    if (0 != 0) {
                        try {
                            createStatement.close();
                        } catch (Throwable th8) {
                            th.addSuppressed(th8);
                        }
                    } else {
                        createStatement.close();
                    }
                }
                throw th7;
            }
        } catch (SQLException e) {
        }
        JpaUpdaterProvider jpaUpdaterProvider = (JpaUpdaterProvider) keycloakSession.getProvider(JpaUpdaterProvider.class);
        boolean z = str2 == null || !str2.equals(new ModelVersion(Version.VERSION_KEYCLOAK).toString());
        keycloakSession.setAttribute(QuarkusJpaUpdaterProvider.VERIFY_AND_RUN_MASTER_CHANGELOG, Boolean.valueOf(z));
        JpaUpdaterProvider.Status validate = jpaUpdaterProvider.validate(connection, str);
        if (validate == JpaUpdaterProvider.Status.VALID) {
            logger.debug("Database is up-to-date");
        } else if (validate != JpaUpdaterProvider.Status.EMPTY) {
            switch (migrationStrategy) {
                case UPDATE:
                    update(connection, str, keycloakSession, jpaUpdaterProvider);
                    break;
                case MANUAL:
                    export(connection, str, databaseUpdateFile, keycloakSession, jpaUpdaterProvider);
                    throw new ServerStartupError("Database not up-to-date, please migrate database with " + databaseUpdateFile.getAbsolutePath(), false);
                case VALIDATE:
                    throw new ServerStartupError("Database not up-to-date, please enable database migration", false);
            }
        } else if (booleanValue) {
            update(connection, str, keycloakSession, jpaUpdaterProvider);
        } else {
            switch (migrationStrategy) {
                case UPDATE:
                    update(connection, str, keycloakSession, jpaUpdaterProvider);
                    break;
                case MANUAL:
                    export(connection, str, databaseUpdateFile, keycloakSession, jpaUpdaterProvider);
                    throw new ServerStartupError("Database not initialized, please initialize database with " + databaseUpdateFile.getAbsolutePath(), false);
                case VALIDATE:
                    throw new ServerStartupError("Database not initialized, please enable database initialization", false);
            }
        }
        return z;
    }

    private void update(Connection connection, String str, KeycloakSession keycloakSession, JpaUpdaterProvider jpaUpdaterProvider) {
        DBLockProvider dBLock = new DBLockManager(keycloakSession).getDBLock();
        dBLock.waitForLock(DBLockProvider.Namespace.DATABASE);
        try {
            jpaUpdaterProvider.update(connection, str);
            dBLock.releaseLock();
        } catch (Throwable th) {
            dBLock.releaseLock();
            throw th;
        }
    }

    private void export(Connection connection, String str, File file, KeycloakSession keycloakSession, JpaUpdaterProvider jpaUpdaterProvider) {
        DBLockProvider dBLock = new DBLockManager(keycloakSession).getDBLock();
        dBLock.waitForLock(DBLockProvider.Namespace.DATABASE);
        try {
            jpaUpdaterProvider.export(connection, str, file);
            dBLock.releaseLock();
        } catch (Throwable th) {
            dBLock.releaseLock();
            throw th;
        }
    }

    private EntityManager createEntityManager(KeycloakSession keycloakSession) {
        return PersistenceExceptionConverter.create(keycloakSession, this.emf.createEntityManager(SynchronizationType.SYNCHRONIZED));
    }
}
