package org.keycloak.models.utils;

import java.io.IOException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.ListIterator;
import java.util.Map;
import java.util.Set;
import java.util.stream.Collectors;
import org.jboss.logging.Logger;
import org.keycloak.Config;
import org.keycloak.authorization.AuthorizationProvider;
import org.keycloak.authorization.AuthorizationProviderFactory;
import org.keycloak.authorization.model.PermissionTicket;
import org.keycloak.authorization.model.Policy;
import org.keycloak.authorization.model.Resource;
import org.keycloak.authorization.model.ResourceServer;
import org.keycloak.authorization.model.Scope;
import org.keycloak.authorization.policy.provider.PolicyProviderFactory;
import org.keycloak.authorization.store.PermissionTicketStore;
import org.keycloak.authorization.store.PolicyStore;
import org.keycloak.authorization.store.ResourceServerStore;
import org.keycloak.authorization.store.ResourceStore;
import org.keycloak.authorization.store.ScopeStore;
import org.keycloak.authorization.store.StoreFactory;
import org.keycloak.broker.provider.IdentityProvider;
import org.keycloak.broker.provider.IdentityProviderFactory;
import org.keycloak.broker.social.SocialIdentityProvider;
import org.keycloak.common.enums.SslRequired;
import org.keycloak.common.util.MultivaluedHashMap;
import org.keycloak.common.util.UriUtils;
import org.keycloak.component.ComponentModel;
import org.keycloak.credential.CredentialModel;
import org.keycloak.keys.KeyProvider;
import org.keycloak.migration.MigrationProvider;
import org.keycloak.migration.migrators.MigrateTo8_0_0;
import org.keycloak.migration.migrators.MigrationUtils;
import org.keycloak.models.AuthenticationExecutionModel;
import org.keycloak.models.AuthenticationFlowModel;
import org.keycloak.models.AuthenticatorConfigModel;
import org.keycloak.models.BrowserSecurityHeaders;
import org.keycloak.models.ClaimMask;
import org.keycloak.models.ClientModel;
import org.keycloak.models.ClientScopeModel;
import org.keycloak.models.Constants;
import org.keycloak.models.FederatedIdentityModel;
import org.keycloak.models.GroupModel;
import org.keycloak.models.IdentityProviderMapperModel;
import org.keycloak.models.IdentityProviderModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.LDAPConstants;
import org.keycloak.models.ModelException;
import org.keycloak.models.OTPPolicy;
import org.keycloak.models.PasswordPolicy;
import org.keycloak.models.ProtocolMapperModel;
import org.keycloak.models.RealmModel;
import org.keycloak.models.RequiredActionProviderModel;
import org.keycloak.models.RoleModel;
import org.keycloak.models.ScopeContainerModel;
import org.keycloak.models.UserConsentModel;
import org.keycloak.models.UserCredentialModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.UserProvider;
import org.keycloak.models.WebAuthnPolicy;
import org.keycloak.models.credential.dto.OTPCredentialData;
import org.keycloak.models.credential.dto.OTPSecretData;
import org.keycloak.models.credential.dto.PasswordCredentialData;
import org.keycloak.policy.PasswordPolicyNotMetException;
import org.keycloak.provider.ProviderConfigProperty;
import org.keycloak.representations.idm.ApplicationRepresentation;
import org.keycloak.representations.idm.AuthenticationExecutionExportRepresentation;
import org.keycloak.representations.idm.AuthenticationExecutionRepresentation;
import org.keycloak.representations.idm.AuthenticationFlowRepresentation;
import org.keycloak.representations.idm.AuthenticatorConfigRepresentation;
import org.keycloak.representations.idm.ClaimRepresentation;
import org.keycloak.representations.idm.ClientRepresentation;
import org.keycloak.representations.idm.ClientScopeRepresentation;
import org.keycloak.representations.idm.ClientTemplateRepresentation;
import org.keycloak.representations.idm.ComponentExportRepresentation;
import org.keycloak.representations.idm.ComponentRepresentation;
import org.keycloak.representations.idm.CredentialRepresentation;
import org.keycloak.representations.idm.FederatedIdentityRepresentation;
import org.keycloak.representations.idm.GroupRepresentation;
import org.keycloak.representations.idm.IdentityProviderMapperRepresentation;
import org.keycloak.representations.idm.IdentityProviderRepresentation;
import org.keycloak.representations.idm.OAuthClientRepresentation;
import org.keycloak.representations.idm.ProtocolMapperRepresentation;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.representations.idm.RequiredActionProviderRepresentation;
import org.keycloak.representations.idm.RoleRepresentation;
import org.keycloak.representations.idm.RolesRepresentation;
import org.keycloak.representations.idm.ScopeMappingRepresentation;
import org.keycloak.representations.idm.SocialLinkRepresentation;
import org.keycloak.representations.idm.UserConsentRepresentation;
import org.keycloak.representations.idm.UserFederationMapperRepresentation;
import org.keycloak.representations.idm.UserFederationProviderRepresentation;
import org.keycloak.representations.idm.UserRepresentation;
import org.keycloak.representations.idm.authorization.AbstractPolicyRepresentation;
import org.keycloak.representations.idm.authorization.DecisionStrategy;
import org.keycloak.representations.idm.authorization.PermissionTicketRepresentation;
import org.keycloak.representations.idm.authorization.PolicyEnforcementMode;
import org.keycloak.representations.idm.authorization.PolicyRepresentation;
import org.keycloak.representations.idm.authorization.ResourceOwnerRepresentation;
import org.keycloak.representations.idm.authorization.ResourceRepresentation;
import org.keycloak.representations.idm.authorization.ResourceServerRepresentation;
import org.keycloak.representations.idm.authorization.ScopeRepresentation;
import org.keycloak.storage.UserStorageProvider;
import org.keycloak.storage.UserStorageProviderModel;
import org.keycloak.storage.federated.UserFederatedStorageProvider;
import org.keycloak.util.JsonSerialization;
import org.keycloak.validation.ClientValidationUtil;

/* loaded from: input_file:org/keycloak/models/utils/RepresentationToModel.class */
public class RepresentationToModel {
    private static Logger logger = Logger.getLogger(RepresentationToModel.class);
    public static final String OIDC = "openid-connect";

    public static OTPPolicy toPolicy(RealmRepresentation realmRepresentation) {
        OTPPolicy oTPPolicy = new OTPPolicy();
        if (realmRepresentation.getOtpPolicyType() != null) {
            oTPPolicy.setType(realmRepresentation.getOtpPolicyType());
        }
        if (realmRepresentation.getOtpPolicyLookAheadWindow() != null) {
            oTPPolicy.setLookAheadWindow(realmRepresentation.getOtpPolicyLookAheadWindow().intValue());
        }
        if (realmRepresentation.getOtpPolicyInitialCounter() != null) {
            oTPPolicy.setInitialCounter(realmRepresentation.getOtpPolicyInitialCounter().intValue());
        }
        if (realmRepresentation.getOtpPolicyAlgorithm() != null) {
            oTPPolicy.setAlgorithm(realmRepresentation.getOtpPolicyAlgorithm());
        }
        if (realmRepresentation.getOtpPolicyDigits() != null) {
            oTPPolicy.setDigits(realmRepresentation.getOtpPolicyDigits().intValue());
        }
        if (realmRepresentation.getOtpPolicyPeriod() != null) {
            oTPPolicy.setPeriod(realmRepresentation.getOtpPolicyPeriod().intValue());
        }
        return oTPPolicy;
    }

    /* JADX WARN: Multi-variable type inference failed */
    public static void importRealm(KeycloakSession keycloakSession, RealmRepresentation realmRepresentation, RealmModel realmModel, boolean z) {
        convertDeprecatedSocialProviders(realmRepresentation);
        convertDeprecatedApplications(keycloakSession, realmRepresentation);
        convertDeprecatedClientTemplates(realmRepresentation);
        realmModel.setName(realmRepresentation.getRealm());
        if (realmRepresentation.getDisplayName() != null) {
            realmModel.setDisplayName(realmRepresentation.getDisplayName());
        }
        if (realmRepresentation.getDisplayNameHtml() != null) {
            realmModel.setDisplayNameHtml(realmRepresentation.getDisplayNameHtml());
        }
        if (realmRepresentation.isEnabled() != null) {
            realmModel.setEnabled(realmRepresentation.isEnabled().booleanValue());
        }
        if (realmRepresentation.isUserManagedAccessAllowed() != null) {
            realmModel.setUserManagedAccessAllowed(realmRepresentation.isUserManagedAccessAllowed().booleanValue());
        }
        if (realmRepresentation.isBruteForceProtected() != null) {
            realmModel.setBruteForceProtected(realmRepresentation.isBruteForceProtected().booleanValue());
        }
        if (realmRepresentation.isPermanentLockout() != null) {
            realmModel.setPermanentLockout(realmRepresentation.isPermanentLockout().booleanValue());
        }
        if (realmRepresentation.getMaxFailureWaitSeconds() != null) {
            realmModel.setMaxFailureWaitSeconds(realmRepresentation.getMaxFailureWaitSeconds().intValue());
        }
        if (realmRepresentation.getMinimumQuickLoginWaitSeconds() != null) {
            realmModel.setMinimumQuickLoginWaitSeconds(realmRepresentation.getMinimumQuickLoginWaitSeconds().intValue());
        }
        if (realmRepresentation.getWaitIncrementSeconds() != null) {
            realmModel.setWaitIncrementSeconds(realmRepresentation.getWaitIncrementSeconds().intValue());
        }
        if (realmRepresentation.getQuickLoginCheckMilliSeconds() != null) {
            realmModel.setQuickLoginCheckMilliSeconds(realmRepresentation.getQuickLoginCheckMilliSeconds().longValue());
        }
        if (realmRepresentation.getMaxDeltaTimeSeconds() != null) {
            realmModel.setMaxDeltaTimeSeconds(realmRepresentation.getMaxDeltaTimeSeconds().intValue());
        }
        if (realmRepresentation.getFailureFactor() != null) {
            realmModel.setFailureFactor(realmRepresentation.getFailureFactor().intValue());
        }
        if (realmRepresentation.isEventsEnabled() != null) {
            realmModel.setEventsEnabled(realmRepresentation.isEventsEnabled().booleanValue());
        }
        if (realmRepresentation.getEnabledEventTypes() != null) {
            realmModel.setEnabledEventTypes(new HashSet(realmRepresentation.getEnabledEventTypes()));
        }
        if (realmRepresentation.getEventsExpiration() != null) {
            realmModel.setEventsExpiration(realmRepresentation.getEventsExpiration().longValue());
        }
        if (realmRepresentation.getEventsListeners() != null) {
            realmModel.setEventsListeners(new HashSet(realmRepresentation.getEventsListeners()));
        }
        if (realmRepresentation.isAdminEventsEnabled() != null) {
            realmModel.setAdminEventsEnabled(realmRepresentation.isAdminEventsEnabled().booleanValue());
        }
        if (realmRepresentation.isAdminEventsDetailsEnabled() != null) {
            realmModel.setAdminEventsDetailsEnabled(realmRepresentation.isAdminEventsDetailsEnabled().booleanValue());
        }
        if (realmRepresentation.getNotBefore() != null) {
            realmModel.setNotBefore(realmRepresentation.getNotBefore().intValue());
        }
        if (realmRepresentation.getDefaultSignatureAlgorithm() != null) {
            realmModel.setDefaultSignatureAlgorithm(realmRepresentation.getDefaultSignatureAlgorithm());
        }
        if (realmRepresentation.getRevokeRefreshToken() != null) {
            realmModel.setRevokeRefreshToken(realmRepresentation.getRevokeRefreshToken().booleanValue());
        } else {
            realmModel.setRevokeRefreshToken(false);
        }
        if (realmRepresentation.getRefreshTokenMaxReuse() != null) {
            realmModel.setRefreshTokenMaxReuse(realmRepresentation.getRefreshTokenMaxReuse().intValue());
        } else {
            realmModel.setRefreshTokenMaxReuse(0);
        }
        if (realmRepresentation.getAccessTokenLifespan() != null) {
            realmModel.setAccessTokenLifespan(realmRepresentation.getAccessTokenLifespan().intValue());
        } else {
            realmModel.setAccessTokenLifespan(Constants.KC_ACTION_MAX_AGE);
        }
        if (realmRepresentation.getAccessTokenLifespanForImplicitFlow() != null) {
            realmModel.setAccessTokenLifespanForImplicitFlow(realmRepresentation.getAccessTokenLifespanForImplicitFlow().intValue());
        } else {
            realmModel.setAccessTokenLifespanForImplicitFlow(Constants.DEFAULT_ACCESS_TOKEN_LIFESPAN_FOR_IMPLICIT_FLOW_TIMEOUT);
        }
        if (realmRepresentation.getSsoSessionIdleTimeout() != null) {
            realmModel.setSsoSessionIdleTimeout(realmRepresentation.getSsoSessionIdleTimeout().intValue());
        } else {
            realmModel.setSsoSessionIdleTimeout(1800);
        }
        if (realmRepresentation.getSsoSessionMaxLifespan() != null) {
            realmModel.setSsoSessionMaxLifespan(realmRepresentation.getSsoSessionMaxLifespan().intValue());
        } else {
            realmModel.setSsoSessionMaxLifespan(36000);
        }
        if (realmRepresentation.getSsoSessionMaxLifespanRememberMe() != null) {
            realmModel.setSsoSessionMaxLifespanRememberMe(realmRepresentation.getSsoSessionMaxLifespanRememberMe().intValue());
        }
        if (realmRepresentation.getSsoSessionIdleTimeoutRememberMe() != null) {
            realmModel.setSsoSessionIdleTimeoutRememberMe(realmRepresentation.getSsoSessionIdleTimeoutRememberMe().intValue());
        }
        if (realmRepresentation.getOfflineSessionIdleTimeout() != null) {
            realmModel.setOfflineSessionIdleTimeout(realmRepresentation.getOfflineSessionIdleTimeout().intValue());
        } else {
            realmModel.setOfflineSessionIdleTimeout(Constants.DEFAULT_OFFLINE_SESSION_IDLE_TIMEOUT);
        }
        if (realmRepresentation.getOfflineSessionMaxLifespanEnabled() != null) {
            realmModel.setOfflineSessionMaxLifespanEnabled(realmRepresentation.getOfflineSessionMaxLifespanEnabled().booleanValue());
        } else {
            realmModel.setOfflineSessionMaxLifespanEnabled(false);
        }
        if (realmRepresentation.getOfflineSessionMaxLifespan() != null) {
            realmModel.setOfflineSessionMaxLifespan(realmRepresentation.getOfflineSessionMaxLifespan().intValue());
        } else {
            realmModel.setOfflineSessionMaxLifespan(Constants.DEFAULT_OFFLINE_SESSION_MAX_LIFESPAN);
        }
        if (realmRepresentation.getClientSessionIdleTimeout() != null) {
            realmModel.setClientSessionIdleTimeout(realmRepresentation.getClientSessionIdleTimeout().intValue());
        }
        if (realmRepresentation.getClientSessionMaxLifespan() != null) {
            realmModel.setClientSessionMaxLifespan(realmRepresentation.getClientSessionMaxLifespan().intValue());
        }
        if (realmRepresentation.getClientOfflineSessionIdleTimeout() != null) {
            realmModel.setClientOfflineSessionIdleTimeout(realmRepresentation.getClientOfflineSessionIdleTimeout().intValue());
        }
        if (realmRepresentation.getClientOfflineSessionMaxLifespan() != null) {
            realmModel.setClientOfflineSessionMaxLifespan(realmRepresentation.getClientOfflineSessionMaxLifespan().intValue());
        }
        if (realmRepresentation.getAccessCodeLifespan() != null) {
            realmModel.setAccessCodeLifespan(realmRepresentation.getAccessCodeLifespan().intValue());
        } else {
            realmModel.setAccessCodeLifespan(60);
        }
        if (realmRepresentation.getAccessCodeLifespanUserAction() != null) {
            realmModel.setAccessCodeLifespanUserAction(realmRepresentation.getAccessCodeLifespanUserAction().intValue());
        } else {
            realmModel.setAccessCodeLifespanUserAction(Constants.KC_ACTION_MAX_AGE);
        }
        if (realmRepresentation.getAccessCodeLifespanLogin() != null) {
            realmModel.setAccessCodeLifespanLogin(realmRepresentation.getAccessCodeLifespanLogin().intValue());
        } else {
            realmModel.setAccessCodeLifespanLogin(1800);
        }
        if (realmRepresentation.getActionTokenGeneratedByAdminLifespan() != null) {
            realmModel.setActionTokenGeneratedByAdminLifespan(realmRepresentation.getActionTokenGeneratedByAdminLifespan().intValue());
        } else {
            realmModel.setActionTokenGeneratedByAdminLifespan(43200);
        }
        if (realmRepresentation.getActionTokenGeneratedByUserLifespan() != null) {
            realmModel.setActionTokenGeneratedByUserLifespan(realmRepresentation.getActionTokenGeneratedByUserLifespan().intValue());
        } else {
            realmModel.setActionTokenGeneratedByUserLifespan(realmModel.getAccessCodeLifespanUserAction());
        }
        if (realmRepresentation.getSslRequired() != null) {
            realmModel.setSslRequired(SslRequired.valueOf(realmRepresentation.getSslRequired().toUpperCase()));
        }
        if (realmRepresentation.isRegistrationAllowed() != null) {
            realmModel.setRegistrationAllowed(realmRepresentation.isRegistrationAllowed().booleanValue());
        }
        if (realmRepresentation.isRegistrationEmailAsUsername() != null) {
            realmModel.setRegistrationEmailAsUsername(realmRepresentation.isRegistrationEmailAsUsername().booleanValue());
        }
        if (realmRepresentation.isRememberMe() != null) {
            realmModel.setRememberMe(realmRepresentation.isRememberMe().booleanValue());
        }
        if (realmRepresentation.isVerifyEmail() != null) {
            realmModel.setVerifyEmail(realmRepresentation.isVerifyEmail().booleanValue());
        }
        if (realmRepresentation.isLoginWithEmailAllowed() != null) {
            realmModel.setLoginWithEmailAllowed(realmRepresentation.isLoginWithEmailAllowed().booleanValue());
        }
        if (realmRepresentation.isDuplicateEmailsAllowed() != null) {
            realmModel.setDuplicateEmailsAllowed(realmRepresentation.isDuplicateEmailsAllowed().booleanValue());
        }
        if (realmRepresentation.isResetPasswordAllowed() != null) {
            realmModel.setResetPasswordAllowed(realmRepresentation.isResetPasswordAllowed().booleanValue());
        }
        if (realmRepresentation.isEditUsernameAllowed() != null) {
            realmModel.setEditUsernameAllowed(realmRepresentation.isEditUsernameAllowed().booleanValue());
        }
        if (realmRepresentation.getLoginTheme() != null) {
            realmModel.setLoginTheme(realmRepresentation.getLoginTheme());
        }
        if (realmRepresentation.getAccountTheme() != null) {
            realmModel.setAccountTheme(realmRepresentation.getAccountTheme());
        }
        if (realmRepresentation.getAdminTheme() != null) {
            realmModel.setAdminTheme(realmRepresentation.getAdminTheme());
        }
        if (realmRepresentation.getEmailTheme() != null) {
            realmModel.setEmailTheme(realmRepresentation.getEmailTheme());
        }
        if (realmRepresentation.getRequiredCredentials() != null) {
            Iterator it = realmRepresentation.getRequiredCredentials().iterator();
            while (it.hasNext()) {
                realmModel.addRequiredCredential((String) it.next());
            }
        } else {
            realmModel.addRequiredCredential("password");
        }
        if (realmRepresentation.getPasswordPolicy() != null) {
            realmModel.setPasswordPolicy(PasswordPolicy.parse(keycloakSession, realmRepresentation.getPasswordPolicy()));
        }
        if (realmRepresentation.getOtpPolicyType() != null) {
            realmModel.setOTPPolicy(toPolicy(realmRepresentation));
        } else {
            realmModel.setOTPPolicy(OTPPolicy.DEFAULT_POLICY);
        }
        realmModel.setWebAuthnPolicy(getWebAuthnPolicyTwoFactor(realmRepresentation));
        realmModel.setWebAuthnPolicyPasswordless(getWebAuthnPolicyPasswordless(realmRepresentation));
        Map<String, String> importAuthenticationFlows = importAuthenticationFlows(realmModel, realmRepresentation);
        if (realmRepresentation.getRequiredActions() != null) {
            Iterator it2 = realmRepresentation.getRequiredActions().iterator();
            while (it2.hasNext()) {
                RequiredActionProviderModel model = toModel((RequiredActionProviderRepresentation) it2.next());
                MigrationUtils.updateOTPRequiredAction(model);
                realmModel.addRequiredActionProvider(model);
            }
        } else {
            DefaultRequiredActions.addActions(realmModel);
        }
        importIdentityProviders(realmRepresentation, realmModel, keycloakSession);
        importIdentityProviderMappers(realmRepresentation, realmModel);
        Map hashMap = new HashMap();
        if (realmRepresentation.getClientScopes() != null) {
            hashMap = createClientScopes(keycloakSession, realmRepresentation.getClientScopes(), realmModel);
        }
        if (realmRepresentation.getDefaultDefaultClientScopes() != null) {
            for (Object obj : realmRepresentation.getDefaultDefaultClientScopes()) {
                ClientScopeModel clientScopeModel = (ClientScopeModel) hashMap.get(obj);
                if (clientScopeModel != null) {
                    realmModel.addDefaultClientScope(clientScopeModel, true);
                } else {
                    logger.warnf("Referenced client scope '%s' doesn't exists", obj);
                }
            }
        }
        if (realmRepresentation.getDefaultOptionalClientScopes() != null) {
            for (Object obj2 : realmRepresentation.getDefaultOptionalClientScopes()) {
                ClientScopeModel clientScopeModel2 = (ClientScopeModel) hashMap.get(obj2);
                if (clientScopeModel2 != null) {
                    realmModel.addDefaultClientScope(clientScopeModel2, false);
                } else {
                    logger.warnf("Referenced client scope '%s' doesn't exists", obj2);
                }
            }
        }
        if (realmRepresentation.getClients() != null) {
            createClients(keycloakSession, realmRepresentation, realmModel, importAuthenticationFlows);
        }
        importRoles(realmRepresentation.getRoles(), realmModel);
        if (realmRepresentation.getDefaultRoles() != null) {
            Iterator it3 = realmRepresentation.getDefaultRoles().iterator();
            while (it3.hasNext()) {
                realmModel.addDefaultRole(((String) it3.next()).trim());
            }
        }
        if (realmRepresentation.getClients() != null) {
            for (ClientRepresentation clientRepresentation : realmRepresentation.getClients()) {
                if (clientRepresentation.getDefaultRoles() != null) {
                    realmModel.getClientByClientId(clientRepresentation.getClientId()).updateDefaultRoles(clientRepresentation.getDefaultRoles());
                }
            }
        }
        if (realmRepresentation.getClientScopeMappings() != null) {
            for (Map.Entry entry : realmRepresentation.getClientScopeMappings().entrySet()) {
                ClientModel clientByClientId = realmModel.getClientByClientId((String) entry.getKey());
                if (clientByClientId == null) {
                    throw new RuntimeException("Unable to find client role mappings for client: " + ((String) entry.getKey()));
                }
                createClientScopeMappings(realmModel, clientByClientId, (List) entry.getValue());
            }
        }
        if (realmRepresentation.getScopeMappings() != null) {
            for (ScopeMappingRepresentation scopeMappingRepresentation : realmRepresentation.getScopeMappings()) {
                ScopeContainerModel scopeContainerHavingScope = getScopeContainerHavingScope(realmModel, scopeMappingRepresentation);
                for (String str : scopeMappingRepresentation.getRoles()) {
                    RoleModel role = realmModel.getRole(str.trim());
                    if (role == null) {
                        role = realmModel.addRole(str.trim());
                    }
                    scopeContainerHavingScope.addScopeMapping(role);
                }
            }
        }
        if (realmRepresentation.getSmtpServer() != null) {
            realmModel.setSmtpConfig(new HashMap(realmRepresentation.getSmtpServer()));
        }
        if (realmRepresentation.getBrowserSecurityHeaders() != null) {
            realmModel.setBrowserSecurityHeaders(realmRepresentation.getBrowserSecurityHeaders());
        } else {
            realmModel.setBrowserSecurityHeaders(BrowserSecurityHeaders.defaultHeaders);
        }
        if (realmRepresentation.getComponents() != null) {
            importComponents(realmModel, realmRepresentation.getComponents(), realmModel.getId());
        }
        importUserFederationProvidersAndMappers(keycloakSession, realmRepresentation, realmModel);
        if (realmRepresentation.getGroups() != null) {
            importGroups(realmModel, realmRepresentation);
            if (realmRepresentation.getDefaultGroups() != null) {
                for (String str2 : realmRepresentation.getDefaultGroups()) {
                    GroupModel findGroupByPath = KeycloakModelUtils.findGroupByPath(realmModel, str2);
                    if (findGroupByPath == null) {
                        throw new RuntimeException("default group in realm rep doesn't exist: " + str2);
                    }
                    realmModel.addDefaultGroup(findGroupByPath);
                }
            }
        }
        if (realmRepresentation.getUsers() != null) {
            Iterator it4 = realmRepresentation.getUsers().iterator();
            while (it4.hasNext()) {
                createUser(keycloakSession, realmModel, (UserRepresentation) it4.next());
            }
        }
        if (realmRepresentation.getFederatedUsers() != null) {
            Iterator it5 = realmRepresentation.getFederatedUsers().iterator();
            while (it5.hasNext()) {
                importFederatedUser(keycloakSession, realmModel, (UserRepresentation) it5.next());
            }
        }
        if (!z) {
            importRealmAuthorizationSettings(realmRepresentation, realmModel, keycloakSession);
        }
        if (realmRepresentation.isInternationalizationEnabled() != null) {
            realmModel.setInternationalizationEnabled(realmRepresentation.isInternationalizationEnabled().booleanValue());
        }
        if (realmRepresentation.getSupportedLocales() != null) {
            realmModel.setSupportedLocales(new HashSet(realmRepresentation.getSupportedLocales()));
        }
        if (realmRepresentation.getDefaultLocale() != null) {
            realmModel.setDefaultLocale(realmRepresentation.getDefaultLocale());
        }
        if (realmRepresentation.getAttributes() != null) {
            for (Map.Entry entry2 : realmRepresentation.getAttributes().entrySet()) {
                realmModel.setAttribute((String) entry2.getKey(), (String) entry2.getValue());
            }
        }
        if (realmModel.getComponents(realmModel.getId(), KeyProvider.class.getName()).isEmpty()) {
            if (realmRepresentation.getPrivateKey() != null) {
                DefaultKeyProviders.createProviders(realmModel, realmRepresentation.getPrivateKey(), realmRepresentation.getCertificate());
            } else {
                DefaultKeyProviders.createProviders(realmModel);
            }
        }
    }

    private static WebAuthnPolicy getWebAuthnPolicyTwoFactor(RealmRepresentation realmRepresentation) {
        WebAuthnPolicy webAuthnPolicy = new WebAuthnPolicy();
        String webAuthnPolicyRpEntityName = realmRepresentation.getWebAuthnPolicyRpEntityName();
        if (webAuthnPolicyRpEntityName == null || webAuthnPolicyRpEntityName.isEmpty()) {
            webAuthnPolicyRpEntityName = Constants.DEFAULT_WEBAUTHN_POLICY_RP_ENTITY_NAME;
        }
        webAuthnPolicy.setRpEntityName(webAuthnPolicyRpEntityName);
        List webAuthnPolicySignatureAlgorithms = realmRepresentation.getWebAuthnPolicySignatureAlgorithms();
        if (webAuthnPolicySignatureAlgorithms == null || webAuthnPolicySignatureAlgorithms.isEmpty()) {
            webAuthnPolicySignatureAlgorithms = Arrays.asList(Constants.DEFAULT_WEBAUTHN_POLICY_SIGNATURE_ALGORITHMS.split(LDAPConstants.COMMA));
        }
        webAuthnPolicy.setSignatureAlgorithm(webAuthnPolicySignatureAlgorithms);
        String webAuthnPolicyRpId = realmRepresentation.getWebAuthnPolicyRpId();
        if (webAuthnPolicyRpId == null || webAuthnPolicyRpId.isEmpty()) {
            webAuthnPolicyRpId = BrowserSecurityHeaders.CONTENT_SECURITY_POLICY_REPORT_ONLY_DEFAULT;
        }
        webAuthnPolicy.setRpId(webAuthnPolicyRpId);
        String webAuthnPolicyAttestationConveyancePreference = realmRepresentation.getWebAuthnPolicyAttestationConveyancePreference();
        if (webAuthnPolicyAttestationConveyancePreference == null || webAuthnPolicyAttestationConveyancePreference.isEmpty()) {
            webAuthnPolicyAttestationConveyancePreference = Constants.DEFAULT_WEBAUTHN_POLICY_NOT_SPECIFIED;
        }
        webAuthnPolicy.setAttestationConveyancePreference(webAuthnPolicyAttestationConveyancePreference);
        String webAuthnPolicyAuthenticatorAttachment = realmRepresentation.getWebAuthnPolicyAuthenticatorAttachment();
        if (webAuthnPolicyAuthenticatorAttachment == null || webAuthnPolicyAuthenticatorAttachment.isEmpty()) {
            webAuthnPolicyAuthenticatorAttachment = Constants.DEFAULT_WEBAUTHN_POLICY_NOT_SPECIFIED;
        }
        webAuthnPolicy.setAuthenticatorAttachment(webAuthnPolicyAuthenticatorAttachment);
        String webAuthnPolicyRequireResidentKey = realmRepresentation.getWebAuthnPolicyRequireResidentKey();
        if (webAuthnPolicyRequireResidentKey == null || webAuthnPolicyRequireResidentKey.isEmpty()) {
            webAuthnPolicyRequireResidentKey = Constants.DEFAULT_WEBAUTHN_POLICY_NOT_SPECIFIED;
        }
        webAuthnPolicy.setRequireResidentKey(webAuthnPolicyRequireResidentKey);
        String webAuthnPolicyUserVerificationRequirement = realmRepresentation.getWebAuthnPolicyUserVerificationRequirement();
        if (webAuthnPolicyUserVerificationRequirement == null || webAuthnPolicyUserVerificationRequirement.isEmpty()) {
            webAuthnPolicyUserVerificationRequirement = Constants.DEFAULT_WEBAUTHN_POLICY_NOT_SPECIFIED;
        }
        webAuthnPolicy.setUserVerificationRequirement(webAuthnPolicyUserVerificationRequirement);
        Integer webAuthnPolicyCreateTimeout = realmRepresentation.getWebAuthnPolicyCreateTimeout();
        if (webAuthnPolicyCreateTimeout != null) {
            webAuthnPolicy.setCreateTimeout(webAuthnPolicyCreateTimeout.intValue());
        } else {
            webAuthnPolicy.setCreateTimeout(0);
        }
        Boolean isWebAuthnPolicyAvoidSameAuthenticatorRegister = realmRepresentation.isWebAuthnPolicyAvoidSameAuthenticatorRegister();
        if (isWebAuthnPolicyAvoidSameAuthenticatorRegister != null) {
            webAuthnPolicy.setAvoidSameAuthenticatorRegister(isWebAuthnPolicyAvoidSameAuthenticatorRegister.booleanValue());
        }
        List webAuthnPolicyAcceptableAaguids = realmRepresentation.getWebAuthnPolicyAcceptableAaguids();
        if (webAuthnPolicyAcceptableAaguids != null) {
            webAuthnPolicy.setAcceptableAaguids(webAuthnPolicyAcceptableAaguids);
        }
        return webAuthnPolicy;
    }

    private static WebAuthnPolicy getWebAuthnPolicyPasswordless(RealmRepresentation realmRepresentation) {
        WebAuthnPolicy webAuthnPolicy = new WebAuthnPolicy();
        String webAuthnPolicyPasswordlessRpEntityName = realmRepresentation.getWebAuthnPolicyPasswordlessRpEntityName();
        if (webAuthnPolicyPasswordlessRpEntityName == null || webAuthnPolicyPasswordlessRpEntityName.isEmpty()) {
            webAuthnPolicyPasswordlessRpEntityName = Constants.DEFAULT_WEBAUTHN_POLICY_RP_ENTITY_NAME;
        }
        webAuthnPolicy.setRpEntityName(webAuthnPolicyPasswordlessRpEntityName);
        List webAuthnPolicyPasswordlessSignatureAlgorithms = realmRepresentation.getWebAuthnPolicyPasswordlessSignatureAlgorithms();
        if (webAuthnPolicyPasswordlessSignatureAlgorithms == null || webAuthnPolicyPasswordlessSignatureAlgorithms.isEmpty()) {
            webAuthnPolicyPasswordlessSignatureAlgorithms = Arrays.asList(Constants.DEFAULT_WEBAUTHN_POLICY_SIGNATURE_ALGORITHMS.split(LDAPConstants.COMMA));
        }
        webAuthnPolicy.setSignatureAlgorithm(webAuthnPolicyPasswordlessSignatureAlgorithms);
        String webAuthnPolicyPasswordlessRpId = realmRepresentation.getWebAuthnPolicyPasswordlessRpId();
        if (webAuthnPolicyPasswordlessRpId == null || webAuthnPolicyPasswordlessRpId.isEmpty()) {
            webAuthnPolicyPasswordlessRpId = BrowserSecurityHeaders.CONTENT_SECURITY_POLICY_REPORT_ONLY_DEFAULT;
        }
        webAuthnPolicy.setRpId(webAuthnPolicyPasswordlessRpId);
        String webAuthnPolicyPasswordlessAttestationConveyancePreference = realmRepresentation.getWebAuthnPolicyPasswordlessAttestationConveyancePreference();
        if (webAuthnPolicyPasswordlessAttestationConveyancePreference == null || webAuthnPolicyPasswordlessAttestationConveyancePreference.isEmpty()) {
            webAuthnPolicyPasswordlessAttestationConveyancePreference = Constants.DEFAULT_WEBAUTHN_POLICY_NOT_SPECIFIED;
        }
        webAuthnPolicy.setAttestationConveyancePreference(webAuthnPolicyPasswordlessAttestationConveyancePreference);
        String webAuthnPolicyPasswordlessAuthenticatorAttachment = realmRepresentation.getWebAuthnPolicyPasswordlessAuthenticatorAttachment();
        if (webAuthnPolicyPasswordlessAuthenticatorAttachment == null || webAuthnPolicyPasswordlessAuthenticatorAttachment.isEmpty()) {
            webAuthnPolicyPasswordlessAuthenticatorAttachment = Constants.DEFAULT_WEBAUTHN_POLICY_NOT_SPECIFIED;
        }
        webAuthnPolicy.setAuthenticatorAttachment(webAuthnPolicyPasswordlessAuthenticatorAttachment);
        String webAuthnPolicyPasswordlessRequireResidentKey = realmRepresentation.getWebAuthnPolicyPasswordlessRequireResidentKey();
        if (webAuthnPolicyPasswordlessRequireResidentKey == null || webAuthnPolicyPasswordlessRequireResidentKey.isEmpty()) {
            webAuthnPolicyPasswordlessRequireResidentKey = Constants.DEFAULT_WEBAUTHN_POLICY_NOT_SPECIFIED;
        }
        webAuthnPolicy.setRequireResidentKey(webAuthnPolicyPasswordlessRequireResidentKey);
        String webAuthnPolicyPasswordlessUserVerificationRequirement = realmRepresentation.getWebAuthnPolicyPasswordlessUserVerificationRequirement();
        if (webAuthnPolicyPasswordlessUserVerificationRequirement == null || webAuthnPolicyPasswordlessUserVerificationRequirement.isEmpty()) {
            webAuthnPolicyPasswordlessUserVerificationRequirement = Constants.DEFAULT_WEBAUTHN_POLICY_NOT_SPECIFIED;
        }
        webAuthnPolicy.setUserVerificationRequirement(webAuthnPolicyPasswordlessUserVerificationRequirement);
        Integer webAuthnPolicyPasswordlessCreateTimeout = realmRepresentation.getWebAuthnPolicyPasswordlessCreateTimeout();
        if (webAuthnPolicyPasswordlessCreateTimeout != null) {
            webAuthnPolicy.setCreateTimeout(webAuthnPolicyPasswordlessCreateTimeout.intValue());
        } else {
            webAuthnPolicy.setCreateTimeout(0);
        }
        Boolean isWebAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister = realmRepresentation.isWebAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister();
        if (isWebAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister != null) {
            webAuthnPolicy.setAvoidSameAuthenticatorRegister(isWebAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister.booleanValue());
        }
        List webAuthnPolicyPasswordlessAcceptableAaguids = realmRepresentation.getWebAuthnPolicyPasswordlessAcceptableAaguids();
        if (webAuthnPolicyPasswordlessAcceptableAaguids != null) {
            webAuthnPolicy.setAcceptableAaguids(webAuthnPolicyPasswordlessAcceptableAaguids);
        }
        return webAuthnPolicy;
    }

    public static void importUserFederationProvidersAndMappers(KeycloakSession keycloakSession, RealmRepresentation realmRepresentation, RealmModel realmModel) {
        HashSet hashSet = new HashSet();
        hashSet.add(LDAPConstants.LDAP_PROVIDER);
        hashSet.add("kerberos");
        HashMap hashMap = new HashMap();
        hashMap.put(LDAPConstants.LDAP_PROVIDER, "org.keycloak.storage.ldap.mappers.LDAPStorageMapper");
        HashMap hashMap2 = new HashMap();
        if (realmRepresentation.getUserFederationProviders() != null) {
            for (UserFederationProviderRepresentation userFederationProviderRepresentation : realmRepresentation.getUserFederationProviders()) {
                if (hashSet.contains(userFederationProviderRepresentation.getProviderName())) {
                    hashMap2.put(userFederationProviderRepresentation.getDisplayName(), realmModel.importComponentModel(convertFedProviderToComponent(realmModel.getId(), userFederationProviderRepresentation)));
                }
            }
        }
        HashSet hashSet2 = new HashSet(hashMap2.keySet());
        if (realmRepresentation.getUserFederationMappers() != null) {
            for (UserFederationMapperRepresentation userFederationMapperRepresentation : realmRepresentation.getUserFederationMappers()) {
                if (hashMap2.containsKey(userFederationMapperRepresentation.getFederationProviderDisplayName())) {
                    ComponentModel componentModel = (ComponentModel) hashMap2.get(userFederationMapperRepresentation.getFederationProviderDisplayName());
                    realmModel.importComponentModel(convertFedMapperToComponent(realmModel, componentModel, userFederationMapperRepresentation, (String) hashMap.get(componentModel.getProviderId())));
                    hashSet2.remove(userFederationMapperRepresentation.getFederationProviderDisplayName());
                }
            }
        }
        Iterator it = hashSet2.iterator();
        while (it.hasNext()) {
            ComponentUtil.notifyCreated(keycloakSession, realmModel, (ComponentModel) hashMap2.get((String) it.next()));
        }
    }

    protected static void importComponents(RealmModel realmModel, MultivaluedHashMap<String, ComponentExportRepresentation> multivaluedHashMap, String str) {
        for (Map.Entry entry : multivaluedHashMap.entrySet()) {
            String str2 = (String) entry.getKey();
            for (ComponentExportRepresentation componentExportRepresentation : (List) entry.getValue()) {
                ComponentModel componentModel = new ComponentModel();
                componentModel.setId(componentExportRepresentation.getId());
                componentModel.setName(componentExportRepresentation.getName());
                componentModel.setConfig(componentExportRepresentation.getConfig());
                componentModel.setProviderType(str2);
                componentModel.setProviderId(componentExportRepresentation.getProviderId());
                componentModel.setSubType(componentExportRepresentation.getSubType());
                componentModel.setParentId(str);
                ComponentModel importComponentModel = realmModel.importComponentModel(componentModel);
                if (componentExportRepresentation.getSubComponents() != null) {
                    importComponents(realmModel, componentExportRepresentation.getSubComponents(), importComponentModel.getId());
                }
            }
        }
    }

    public static void importRoles(RolesRepresentation rolesRepresentation, RealmModel realmModel) {
        if (rolesRepresentation == null) {
            return;
        }
        if (rolesRepresentation.getRealm() != null) {
            Iterator it = rolesRepresentation.getRealm().iterator();
            while (it.hasNext()) {
                createRole(realmModel, (RoleRepresentation) it.next());
            }
        }
        if (rolesRepresentation.getClient() != null) {
            for (Map.Entry entry : rolesRepresentation.getClient().entrySet()) {
                ClientModel clientByClientId = realmModel.getClientByClientId((String) entry.getKey());
                if (clientByClientId == null) {
                    throw new RuntimeException("App doesn't exist in role definitions: " + ((String) entry.getKey()));
                }
                for (RoleRepresentation roleRepresentation : (List) entry.getValue()) {
                    RoleModel addRole = roleRepresentation.getId() != null ? clientByClientId.addRole(roleRepresentation.getId(), roleRepresentation.getName()) : clientByClientId.addRole(roleRepresentation.getName());
                    addRole.setDescription(roleRepresentation.getDescription());
                    if (roleRepresentation.getAttributes() != null) {
                        roleRepresentation.getAttributes().forEach((str, list) -> {
                            addRole.setAttribute(str, list);
                        });
                    }
                }
            }
        }
        if (rolesRepresentation.getRealm() != null) {
            for (RoleRepresentation roleRepresentation2 : rolesRepresentation.getRealm()) {
                addComposites(realmModel.getRole(roleRepresentation2.getName()), roleRepresentation2, realmModel);
            }
        }
        if (rolesRepresentation.getClient() != null) {
            for (Map.Entry entry2 : rolesRepresentation.getClient().entrySet()) {
                ClientModel clientByClientId2 = realmModel.getClientByClientId((String) entry2.getKey());
                if (clientByClientId2 == null) {
                    throw new RuntimeException("App doesn't exist in role definitions: " + ((String) entry2.getKey()));
                }
                for (RoleRepresentation roleRepresentation3 : (List) entry2.getValue()) {
                    addComposites(clientByClientId2.getRole(roleRepresentation3.getName()), roleRepresentation3, realmModel);
                }
            }
        }
    }

    public static void importGroups(RealmModel realmModel, RealmRepresentation realmRepresentation) {
        List groups = realmRepresentation.getGroups();
        if (groups == null) {
            return;
        }
        Iterator it = groups.iterator();
        while (it.hasNext()) {
            importGroup(realmModel, null, (GroupRepresentation) it.next());
        }
    }

    public static void importGroup(RealmModel realmModel, GroupModel groupModel, GroupRepresentation groupRepresentation) {
        GroupModel createGroup = realmModel.createGroup(groupRepresentation.getId(), groupRepresentation.getName(), groupModel);
        if (groupRepresentation.getAttributes() != null) {
            for (Map.Entry entry : groupRepresentation.getAttributes().entrySet()) {
                createGroup.setAttribute((String) entry.getKey(), (List) entry.getValue());
            }
        }
        if (groupRepresentation.getRealmRoles() != null) {
            for (String str : groupRepresentation.getRealmRoles()) {
                RoleModel role = realmModel.getRole(str.trim());
                if (role == null) {
                    role = realmModel.addRole(str.trim());
                }
                createGroup.grantRole(role);
            }
        }
        if (groupRepresentation.getClientRoles() != null) {
            for (Map.Entry entry2 : groupRepresentation.getClientRoles().entrySet()) {
                ClientModel clientByClientId = realmModel.getClientByClientId((String) entry2.getKey());
                if (clientByClientId == null) {
                    throw new RuntimeException("Unable to find client role mappings for client: " + ((String) entry2.getKey()));
                }
                for (String str2 : (List) entry2.getValue()) {
                    RoleModel role2 = clientByClientId.getRole(str2.trim());
                    if (role2 == null) {
                        role2 = clientByClientId.addRole(str2.trim());
                    }
                    createGroup.grantRole(role2);
                }
            }
        }
        if (groupRepresentation.getSubGroups() != null) {
            Iterator it = groupRepresentation.getSubGroups().iterator();
            while (it.hasNext()) {
                importGroup(realmModel, createGroup, (GroupRepresentation) it.next());
            }
        }
    }

    public static Map<String, String> importAuthenticationFlows(RealmModel realmModel, RealmRepresentation realmRepresentation) {
        HashMap hashMap = new HashMap();
        if (realmRepresentation.getAuthenticationFlows() == null) {
            DefaultAuthenticationFlows.migrateFlows(realmModel);
        } else {
            for (AuthenticatorConfigRepresentation authenticatorConfigRepresentation : realmRepresentation.getAuthenticatorConfig()) {
                if (authenticatorConfigRepresentation.getAlias() == null) {
                    throw new IllegalStateException("Provided realm contains authenticator config with null alias. It should be resolved by adding alias to the authenticator config before exporting the realm.");
                }
                realmModel.addAuthenticatorConfig(toModel(authenticatorConfigRepresentation));
            }
            Iterator it = realmRepresentation.getAuthenticationFlows().iterator();
            while (it.hasNext()) {
                AuthenticationFlowModel model = toModel((AuthenticationFlowRepresentation) it.next());
                String id = model.getId();
                model.setId((String) null);
                hashMap.put(id, realmModel.addAuthenticationFlow(model).getId());
            }
            for (AuthenticationFlowRepresentation authenticationFlowRepresentation : realmRepresentation.getAuthenticationFlows()) {
                AuthenticationFlowModel flowByAlias = realmModel.getFlowByAlias(authenticationFlowRepresentation.getAlias());
                Iterator it2 = authenticationFlowRepresentation.getAuthenticationExecutions().iterator();
                while (it2.hasNext()) {
                    realmModel.addAuthenticatorExecution(toModel(realmModel, flowByAlias, (AuthenticationExecutionExportRepresentation) it2.next()));
                }
            }
        }
        if (realmRepresentation.getBrowserFlow() == null) {
            realmModel.setBrowserFlow(realmModel.getFlowByAlias(DefaultAuthenticationFlows.BROWSER_FLOW));
        } else {
            realmModel.setBrowserFlow(realmModel.getFlowByAlias(realmRepresentation.getBrowserFlow()));
        }
        if (realmRepresentation.getRegistrationFlow() == null) {
            realmModel.setRegistrationFlow(realmModel.getFlowByAlias(DefaultAuthenticationFlows.REGISTRATION_FLOW));
        } else {
            realmModel.setRegistrationFlow(realmModel.getFlowByAlias(realmRepresentation.getRegistrationFlow()));
        }
        if (realmRepresentation.getDirectGrantFlow() == null) {
            realmModel.setDirectGrantFlow(realmModel.getFlowByAlias(DefaultAuthenticationFlows.DIRECT_GRANT_FLOW));
        } else {
            realmModel.setDirectGrantFlow(realmModel.getFlowByAlias(realmRepresentation.getDirectGrantFlow()));
        }
        if (realmRepresentation.getResetCredentialsFlow() == null) {
            AuthenticationFlowModel flowByAlias2 = realmModel.getFlowByAlias(DefaultAuthenticationFlows.RESET_CREDENTIALS_FLOW);
            if (flowByAlias2 == null) {
                DefaultAuthenticationFlows.resetCredentialsFlow(realmModel);
            } else {
                realmModel.setResetCredentialsFlow(flowByAlias2);
            }
        } else {
            realmModel.setResetCredentialsFlow(realmModel.getFlowByAlias(realmRepresentation.getResetCredentialsFlow()));
        }
        if (realmRepresentation.getClientAuthenticationFlow() == null) {
            AuthenticationFlowModel flowByAlias3 = realmModel.getFlowByAlias(DefaultAuthenticationFlows.CLIENT_AUTHENTICATION_FLOW);
            if (flowByAlias3 == null) {
                DefaultAuthenticationFlows.clientAuthFlow(realmModel);
            } else {
                realmModel.setClientAuthenticationFlow(flowByAlias3);
            }
        } else {
            realmModel.setClientAuthenticationFlow(realmModel.getFlowByAlias(realmRepresentation.getClientAuthenticationFlow()));
        }
        if (realmModel.getFlowByAlias(DefaultAuthenticationFlows.FIRST_BROKER_LOGIN_FLOW) == null) {
            DefaultAuthenticationFlows.firstBrokerLoginFlow(realmModel, true);
        }
        String str = null;
        if (realmRepresentation.getIdentityProviders() != null) {
            Iterator it3 = realmRepresentation.getIdentityProviders().iterator();
            while (true) {
                if (!it3.hasNext()) {
                    break;
                }
                IdentityProviderRepresentation identityProviderRepresentation = (IdentityProviderRepresentation) it3.next();
                if (identityProviderRepresentation.isEnabled() && identityProviderRepresentation.isAuthenticateByDefault()) {
                    str = identityProviderRepresentation.getProviderId();
                    break;
                }
            }
        }
        if (realmRepresentation.getDockerAuthenticationFlow() == null) {
            AuthenticationFlowModel flowByAlias4 = realmModel.getFlowByAlias(DefaultAuthenticationFlows.DOCKER_AUTH);
            if (flowByAlias4 == null) {
                DefaultAuthenticationFlows.dockerAuthenticationFlow(realmModel);
            } else {
                realmModel.setDockerAuthenticationFlow(flowByAlias4);
            }
        } else {
            realmModel.setDockerAuthenticationFlow(realmModel.getFlowByAlias(realmRepresentation.getDockerAuthenticationFlow()));
        }
        DefaultAuthenticationFlows.addIdentityProviderAuthenticator(realmModel, str);
        return hashMap;
    }

    private static void convertDeprecatedSocialProviders(RealmRepresentation realmRepresentation) {
        if (realmRepresentation.isSocial() == null || !realmRepresentation.isSocial().booleanValue() || realmRepresentation.getSocialProviders() == null || realmRepresentation.getSocialProviders().isEmpty() || realmRepresentation.getIdentityProviders() != null) {
            return;
        }
        Boolean valueOf = Boolean.valueOf(realmRepresentation.isUpdateProfileOnInitialSocialLogin() != null && realmRepresentation.isUpdateProfileOnInitialSocialLogin().booleanValue());
        if (realmRepresentation.getSocialProviders() != null) {
            logger.warn("Using deprecated 'social' configuration in JSON representation. It will be removed in future versions");
            LinkedList linkedList = new LinkedList();
            for (String str : realmRepresentation.getSocialProviders().keySet()) {
                if (str.endsWith(".key")) {
                    String str2 = str.split("\\.")[0];
                    String str3 = (String) realmRepresentation.getSocialProviders().get(str);
                    String str4 = (String) realmRepresentation.getSocialProviders().get(str.replace(".key", ".secret"));
                    IdentityProviderRepresentation identityProviderRepresentation = new IdentityProviderRepresentation();
                    identityProviderRepresentation.setAlias(str2);
                    identityProviderRepresentation.setProviderId(str2);
                    identityProviderRepresentation.setEnabled(true);
                    identityProviderRepresentation.setLinkOnly(false);
                    identityProviderRepresentation.setUpdateProfileFirstLogin(valueOf.booleanValue());
                    HashMap hashMap = new HashMap();
                    hashMap.put("clientId", str3);
                    hashMap.put("clientSecret", str4);
                    identityProviderRepresentation.setConfig(hashMap);
                    linkedList.add(identityProviderRepresentation);
                }
            }
            realmRepresentation.setIdentityProviders(linkedList);
        }
    }

    private static void convertDeprecatedSocialProviders(UserRepresentation userRepresentation) {
        if (userRepresentation.getSocialLinks() != null && !userRepresentation.getSocialLinks().isEmpty() && userRepresentation.getFederatedIdentities() == null) {
            logger.warnf("Using deprecated 'socialLinks' configuration in JSON representation for user '%s'. It will be removed in future versions", userRepresentation.getUsername());
            LinkedList linkedList = new LinkedList();
            for (SocialLinkRepresentation socialLinkRepresentation : userRepresentation.getSocialLinks()) {
                FederatedIdentityRepresentation federatedIdentityRepresentation = new FederatedIdentityRepresentation();
                federatedIdentityRepresentation.setIdentityProvider(socialLinkRepresentation.getSocialProvider());
                federatedIdentityRepresentation.setUserId(socialLinkRepresentation.getSocialUserId());
                federatedIdentityRepresentation.setUserName(socialLinkRepresentation.getSocialUsername());
                linkedList.add(federatedIdentityRepresentation);
            }
            userRepresentation.setFederatedIdentities(linkedList);
        }
        userRepresentation.setSocialLinks((List) null);
    }

    private static void convertDeprecatedApplications(KeycloakSession keycloakSession, RealmRepresentation realmRepresentation) {
        if (realmRepresentation.getApplications() != null || realmRepresentation.getOauthClients() != null) {
            if (realmRepresentation.getClients() == null) {
                realmRepresentation.setClients(new LinkedList());
            }
            LinkedList<ApplicationRepresentation> linkedList = new LinkedList();
            if (realmRepresentation.getApplications() != null) {
                linkedList.addAll(realmRepresentation.getApplications());
            }
            if (realmRepresentation.getOauthClients() != null) {
                linkedList.addAll(realmRepresentation.getOauthClients());
            }
            for (ApplicationRepresentation applicationRepresentation : linkedList) {
                applicationRepresentation.setClientId(applicationRepresentation.getName());
                applicationRepresentation.setName((String) null);
                if (applicationRepresentation instanceof OAuthClientRepresentation) {
                    applicationRepresentation.setConsentRequired(true);
                    applicationRepresentation.setFullScopeAllowed(false);
                }
                if (applicationRepresentation.getProtocolMappers() == null && applicationRepresentation.getClaims() != null) {
                    applicationRepresentation.setProtocolMappers(((MigrationProvider) keycloakSession.getProvider(MigrationProvider.class)).getMappersForClaimMask(Long.valueOf(getClaimsMask(applicationRepresentation.getClaims()))));
                    applicationRepresentation.setClaims((ClaimRepresentation) null);
                }
                realmRepresentation.getClients().add(applicationRepresentation);
            }
        }
        if (realmRepresentation.getApplicationScopeMappings() != null && realmRepresentation.getClientScopeMappings() == null) {
            realmRepresentation.setClientScopeMappings(realmRepresentation.getApplicationScopeMappings());
        }
        if (realmRepresentation.getRoles() != null && realmRepresentation.getRoles().getApplication() != null && realmRepresentation.getRoles().getClient() == null) {
            realmRepresentation.getRoles().setClient(realmRepresentation.getRoles().getApplication());
        }
        if (realmRepresentation.getUsers() != null) {
            for (UserRepresentation userRepresentation : realmRepresentation.getUsers()) {
                if (userRepresentation.getApplicationRoles() != null && userRepresentation.getClientRoles() == null) {
                    userRepresentation.setClientRoles(userRepresentation.getApplicationRoles());
                }
            }
        }
        if (realmRepresentation.getRoles() != null && realmRepresentation.getRoles().getRealm() != null) {
            for (RoleRepresentation roleRepresentation : realmRepresentation.getRoles().getRealm()) {
                if (roleRepresentation.getComposites() != null && roleRepresentation.getComposites().getApplication() != null && roleRepresentation.getComposites().getClient() == null) {
                    roleRepresentation.getComposites().setClient(roleRepresentation.getComposites().getApplication());
                }
            }
        }
        if (realmRepresentation.getRoles() == null || realmRepresentation.getRoles().getClient() == null) {
            return;
        }
        Iterator it = realmRepresentation.getRoles().getClient().entrySet().iterator();
        while (it.hasNext()) {
            for (RoleRepresentation roleRepresentation2 : (List) ((Map.Entry) it.next()).getValue()) {
                if (roleRepresentation2.getComposites() != null && roleRepresentation2.getComposites().getApplication() != null && roleRepresentation2.getComposites().getClient() == null) {
                    roleRepresentation2.getComposites().setClient(roleRepresentation2.getComposites().getApplication());
                }
            }
        }
    }

    private static void convertDeprecatedClientTemplates(RealmRepresentation realmRepresentation) {
        if (realmRepresentation.getClientTemplates() != null) {
            logger.warnf("Using deprecated 'clientTemplates' configuration in JSON representation for realm '%s'. It will be removed in future versions", realmRepresentation.getRealm());
            LinkedList linkedList = new LinkedList();
            for (ClientTemplateRepresentation clientTemplateRepresentation : realmRepresentation.getClientTemplates()) {
                ClientScopeRepresentation clientScopeRepresentation = new ClientScopeRepresentation();
                clientScopeRepresentation.setId(clientTemplateRepresentation.getId());
                clientScopeRepresentation.setName(clientTemplateRepresentation.getName());
                clientScopeRepresentation.setProtocol(clientTemplateRepresentation.getProtocol());
                clientScopeRepresentation.setDescription(clientTemplateRepresentation.getDescription());
                clientScopeRepresentation.setAttributes(clientTemplateRepresentation.getAttributes());
                clientScopeRepresentation.setProtocolMappers(clientTemplateRepresentation.getProtocolMappers());
                linkedList.add(clientScopeRepresentation);
            }
            realmRepresentation.setClientScopes(linkedList);
        }
    }

    private static void convertDeprecatedCredentialsFormat(UserRepresentation userRepresentation) {
        if (userRepresentation.getCredentials() != null) {
            for (CredentialRepresentation credentialRepresentation : userRepresentation.getCredentials()) {
                try {
                    if ((credentialRepresentation.getCredentialData() == null || credentialRepresentation.getSecretData() == null) && credentialRepresentation.getValue() == null) {
                        logger.warnf("Using deprecated 'credentials' format in JSON representation for user '%s'. It will be removed in future versions", userRepresentation.getUsername());
                        if ("password".equals(credentialRepresentation.getType()) || "password-history".equals(credentialRepresentation.getType())) {
                            credentialRepresentation.setCredentialData(JsonSerialization.writeValueAsString(new PasswordCredentialData(credentialRepresentation.getHashIterations().intValue(), credentialRepresentation.getAlgorithm())));
                            credentialRepresentation.setSecretData("{\"value\":\"" + credentialRepresentation.getHashedSaltedValue() + "\",\"salt\":\"" + credentialRepresentation.getSalt() + "\"}");
                            credentialRepresentation.setPriority(10);
                        } else if ("totp".equals(credentialRepresentation.getType()) || "hotp".equals(credentialRepresentation.getType())) {
                            OTPCredentialData oTPCredentialData = new OTPCredentialData(credentialRepresentation.getType(), credentialRepresentation.getDigits().intValue(), credentialRepresentation.getCounter().intValue(), credentialRepresentation.getPeriod().intValue(), credentialRepresentation.getAlgorithm());
                            OTPSecretData oTPSecretData = new OTPSecretData(credentialRepresentation.getHashedSaltedValue());
                            credentialRepresentation.setCredentialData(JsonSerialization.writeValueAsString(oTPCredentialData));
                            credentialRepresentation.setSecretData(JsonSerialization.writeValueAsString(oTPSecretData));
                            credentialRepresentation.setPriority(20);
                            credentialRepresentation.setType("otp");
                        }
                    }
                } catch (IOException e) {
                    throw new RuntimeException(e);
                }
            }
        }
    }

    public static void renameRealm(RealmModel realmModel, String str) {
        if (str.equals(realmModel.getName())) {
            return;
        }
        String name = realmModel.getName();
        realmModel.getMasterAdminClient().setClientId(KeycloakModelUtils.getMasterRealmAdminApplicationClientId(str));
        realmModel.setName(str);
        ClientModel clientByClientId = realmModel.getClientByClientId(Constants.ADMIN_CONSOLE_CLIENT_ID);
        if (clientByClientId != null) {
            if (clientByClientId.getBaseUrl() != null) {
                clientByClientId.setBaseUrl(clientByClientId.getBaseUrl().replace("/admin/" + name + "/", "/admin/" + str + "/"));
            }
            HashSet hashSet = new HashSet();
            Iterator it = clientByClientId.getRedirectUris().iterator();
            while (it.hasNext()) {
                hashSet.add(replace((String) it.next(), "/admin/" + name + "/", "/admin/" + str + "/"));
            }
            clientByClientId.setRedirectUris(hashSet);
        }
        ClientModel clientByClientId2 = realmModel.getClientByClientId(Constants.ACCOUNT_MANAGEMENT_CLIENT_ID);
        if (clientByClientId2 != null) {
            if (clientByClientId2.getBaseUrl() != null) {
                clientByClientId2.setBaseUrl(clientByClientId2.getBaseUrl().replace("/realms/" + name + "/", "/realms/" + str + "/"));
            }
            HashSet hashSet2 = new HashSet();
            Iterator it2 = clientByClientId2.getRedirectUris().iterator();
            while (it2.hasNext()) {
                hashSet2.add(replace((String) it2.next(), "/realms/" + name + "/", "/realms/" + str + "/"));
            }
            clientByClientId2.setRedirectUris(hashSet2);
        }
    }

    private static String replace(String str, String str2, String str3) {
        if (str != null) {
            return str.replace(str2, str3);
        }
        return null;
    }

    public static void updateRealm(RealmRepresentation realmRepresentation, RealmModel realmModel, KeycloakSession keycloakSession) {
        if (realmRepresentation.getRealm() != null) {
            renameRealm(realmModel, realmRepresentation.getRealm());
        }
        if (realmRepresentation.getAttributes() != null) {
            HashSet hashSet = new HashSet(realmModel.getAttributes().keySet());
            hashSet.removeAll(realmRepresentation.getAttributes().keySet());
            for (Map.Entry entry : realmRepresentation.getAttributes().entrySet()) {
                realmModel.setAttribute((String) entry.getKey(), (String) entry.getValue());
            }
            Iterator it = hashSet.iterator();
            while (it.hasNext()) {
                realmModel.removeAttribute((String) it.next());
            }
        }
        if (realmRepresentation.getDisplayName() != null) {
            realmModel.setDisplayName(realmRepresentation.getDisplayName());
        }
        if (realmRepresentation.getDisplayNameHtml() != null) {
            realmModel.setDisplayNameHtml(realmRepresentation.getDisplayNameHtml());
        }
        if (realmRepresentation.isEnabled() != null) {
            realmModel.setEnabled(realmRepresentation.isEnabled().booleanValue());
        }
        if (realmRepresentation.isUserManagedAccessAllowed() != null) {
            realmModel.setUserManagedAccessAllowed(realmRepresentation.isUserManagedAccessAllowed().booleanValue());
        }
        if (realmRepresentation.isBruteForceProtected() != null) {
            realmModel.setBruteForceProtected(realmRepresentation.isBruteForceProtected().booleanValue());
        }
        if (realmRepresentation.isPermanentLockout() != null) {
            realmModel.setPermanentLockout(realmRepresentation.isPermanentLockout().booleanValue());
        }
        if (realmRepresentation.getMaxFailureWaitSeconds() != null) {
            realmModel.setMaxFailureWaitSeconds(realmRepresentation.getMaxFailureWaitSeconds().intValue());
        }
        if (realmRepresentation.getMinimumQuickLoginWaitSeconds() != null) {
            realmModel.setMinimumQuickLoginWaitSeconds(realmRepresentation.getMinimumQuickLoginWaitSeconds().intValue());
        }
        if (realmRepresentation.getWaitIncrementSeconds() != null) {
            realmModel.setWaitIncrementSeconds(realmRepresentation.getWaitIncrementSeconds().intValue());
        }
        if (realmRepresentation.getQuickLoginCheckMilliSeconds() != null) {
            realmModel.setQuickLoginCheckMilliSeconds(realmRepresentation.getQuickLoginCheckMilliSeconds().longValue());
        }
        if (realmRepresentation.getMaxDeltaTimeSeconds() != null) {
            realmModel.setMaxDeltaTimeSeconds(realmRepresentation.getMaxDeltaTimeSeconds().intValue());
        }
        if (realmRepresentation.getFailureFactor() != null) {
            realmModel.setFailureFactor(realmRepresentation.getFailureFactor().intValue());
        }
        if (realmRepresentation.isRegistrationAllowed() != null) {
            realmModel.setRegistrationAllowed(realmRepresentation.isRegistrationAllowed().booleanValue());
        }
        if (realmRepresentation.isRegistrationEmailAsUsername() != null) {
            realmModel.setRegistrationEmailAsUsername(realmRepresentation.isRegistrationEmailAsUsername().booleanValue());
        }
        if (realmRepresentation.isRememberMe() != null) {
            realmModel.setRememberMe(realmRepresentation.isRememberMe().booleanValue());
        }
        if (realmRepresentation.isVerifyEmail() != null) {
            realmModel.setVerifyEmail(realmRepresentation.isVerifyEmail().booleanValue());
        }
        if (realmRepresentation.isLoginWithEmailAllowed() != null) {
            realmModel.setLoginWithEmailAllowed(realmRepresentation.isLoginWithEmailAllowed().booleanValue());
        }
        if (realmRepresentation.isDuplicateEmailsAllowed() != null) {
            realmModel.setDuplicateEmailsAllowed(realmRepresentation.isDuplicateEmailsAllowed().booleanValue());
        }
        if (realmRepresentation.isResetPasswordAllowed() != null) {
            realmModel.setResetPasswordAllowed(realmRepresentation.isResetPasswordAllowed().booleanValue());
        }
        if (realmRepresentation.isEditUsernameAllowed() != null) {
            realmModel.setEditUsernameAllowed(realmRepresentation.isEditUsernameAllowed().booleanValue());
        }
        if (realmRepresentation.getSslRequired() != null) {
            realmModel.setSslRequired(SslRequired.valueOf(realmRepresentation.getSslRequired().toUpperCase()));
        }
        if (realmRepresentation.getAccessCodeLifespan() != null) {
            realmModel.setAccessCodeLifespan(realmRepresentation.getAccessCodeLifespan().intValue());
        }
        if (realmRepresentation.getAccessCodeLifespanUserAction() != null) {
            realmModel.setAccessCodeLifespanUserAction(realmRepresentation.getAccessCodeLifespanUserAction().intValue());
        }
        if (realmRepresentation.getAccessCodeLifespanLogin() != null) {
            realmModel.setAccessCodeLifespanLogin(realmRepresentation.getAccessCodeLifespanLogin().intValue());
        }
        if (realmRepresentation.getActionTokenGeneratedByAdminLifespan() != null) {
            realmModel.setActionTokenGeneratedByAdminLifespan(realmRepresentation.getActionTokenGeneratedByAdminLifespan().intValue());
        }
        if (realmRepresentation.getActionTokenGeneratedByUserLifespan() != null) {
            realmModel.setActionTokenGeneratedByUserLifespan(realmRepresentation.getActionTokenGeneratedByUserLifespan().intValue());
        }
        if (realmRepresentation.getNotBefore() != null) {
            realmModel.setNotBefore(realmRepresentation.getNotBefore().intValue());
        }
        if (realmRepresentation.getDefaultSignatureAlgorithm() != null) {
            realmModel.setDefaultSignatureAlgorithm(realmRepresentation.getDefaultSignatureAlgorithm());
        }
        if (realmRepresentation.getRevokeRefreshToken() != null) {
            realmModel.setRevokeRefreshToken(realmRepresentation.getRevokeRefreshToken().booleanValue());
        }
        if (realmRepresentation.getRefreshTokenMaxReuse() != null) {
            realmModel.setRefreshTokenMaxReuse(realmRepresentation.getRefreshTokenMaxReuse().intValue());
        }
        if (realmRepresentation.getAccessTokenLifespan() != null) {
            realmModel.setAccessTokenLifespan(realmRepresentation.getAccessTokenLifespan().intValue());
        }
        if (realmRepresentation.getAccessTokenLifespanForImplicitFlow() != null) {
            realmModel.setAccessTokenLifespanForImplicitFlow(realmRepresentation.getAccessTokenLifespanForImplicitFlow().intValue());
        }
        if (realmRepresentation.getSsoSessionIdleTimeout() != null) {
            realmModel.setSsoSessionIdleTimeout(realmRepresentation.getSsoSessionIdleTimeout().intValue());
        }
        if (realmRepresentation.getSsoSessionMaxLifespan() != null) {
            realmModel.setSsoSessionMaxLifespan(realmRepresentation.getSsoSessionMaxLifespan().intValue());
        }
        if (realmRepresentation.getSsoSessionIdleTimeoutRememberMe() != null) {
            realmModel.setSsoSessionIdleTimeoutRememberMe(realmRepresentation.getSsoSessionIdleTimeoutRememberMe().intValue());
        }
        if (realmRepresentation.getSsoSessionMaxLifespanRememberMe() != null) {
            realmModel.setSsoSessionMaxLifespanRememberMe(realmRepresentation.getSsoSessionMaxLifespanRememberMe().intValue());
        }
        if (realmRepresentation.getOfflineSessionIdleTimeout() != null) {
            realmModel.setOfflineSessionIdleTimeout(realmRepresentation.getOfflineSessionIdleTimeout().intValue());
        }
        if (realmRepresentation.getOfflineSessionMaxLifespanEnabled() != null) {
            realmModel.setOfflineSessionMaxLifespanEnabled(realmRepresentation.getOfflineSessionMaxLifespanEnabled().booleanValue());
        }
        if (realmRepresentation.getOfflineSessionMaxLifespan() != null) {
            realmModel.setOfflineSessionMaxLifespan(realmRepresentation.getOfflineSessionMaxLifespan().intValue());
        }
        if (realmRepresentation.getClientSessionIdleTimeout() != null) {
            realmModel.setClientSessionIdleTimeout(realmRepresentation.getClientSessionIdleTimeout().intValue());
        }
        if (realmRepresentation.getClientSessionMaxLifespan() != null) {
            realmModel.setClientSessionMaxLifespan(realmRepresentation.getClientSessionMaxLifespan().intValue());
        }
        if (realmRepresentation.getClientOfflineSessionIdleTimeout() != null) {
            realmModel.setClientOfflineSessionIdleTimeout(realmRepresentation.getClientOfflineSessionIdleTimeout().intValue());
        }
        if (realmRepresentation.getClientOfflineSessionMaxLifespan() != null) {
            realmModel.setClientOfflineSessionMaxLifespan(realmRepresentation.getClientOfflineSessionMaxLifespan().intValue());
        }
        if (realmRepresentation.getRequiredCredentials() != null) {
            realmModel.updateRequiredCredentials(realmRepresentation.getRequiredCredentials());
        }
        if (realmRepresentation.getLoginTheme() != null) {
            realmModel.setLoginTheme(realmRepresentation.getLoginTheme());
        }
        if (realmRepresentation.getAccountTheme() != null) {
            realmModel.setAccountTheme(realmRepresentation.getAccountTheme());
        }
        if (realmRepresentation.getAdminTheme() != null) {
            realmModel.setAdminTheme(realmRepresentation.getAdminTheme());
        }
        if (realmRepresentation.getEmailTheme() != null) {
            realmModel.setEmailTheme(realmRepresentation.getEmailTheme());
        }
        if (realmRepresentation.isEventsEnabled() != null) {
            realmModel.setEventsEnabled(realmRepresentation.isEventsEnabled().booleanValue());
        }
        if (realmRepresentation.getEventsExpiration() != null) {
            realmModel.setEventsExpiration(realmRepresentation.getEventsExpiration().longValue());
        }
        if (realmRepresentation.getEventsListeners() != null) {
            realmModel.setEventsListeners(new HashSet(realmRepresentation.getEventsListeners()));
        }
        if (realmRepresentation.getEnabledEventTypes() != null) {
            realmModel.setEnabledEventTypes(new HashSet(realmRepresentation.getEnabledEventTypes()));
        }
        if (realmRepresentation.isAdminEventsEnabled() != null) {
            realmModel.setAdminEventsEnabled(realmRepresentation.isAdminEventsEnabled().booleanValue());
        }
        if (realmRepresentation.isAdminEventsDetailsEnabled() != null) {
            realmModel.setAdminEventsDetailsEnabled(realmRepresentation.isAdminEventsDetailsEnabled().booleanValue());
        }
        if (realmRepresentation.getPasswordPolicy() != null) {
            realmModel.setPasswordPolicy(PasswordPolicy.parse(keycloakSession, realmRepresentation.getPasswordPolicy()));
        }
        if (realmRepresentation.getOtpPolicyType() != null) {
            realmModel.setOTPPolicy(toPolicy(realmRepresentation));
        }
        if (realmRepresentation.getDefaultRoles() != null) {
            realmModel.updateDefaultRoles((String[]) realmRepresentation.getDefaultRoles().toArray(new String[realmRepresentation.getDefaultRoles().size()]));
        }
        realmModel.setWebAuthnPolicy(getWebAuthnPolicyTwoFactor(realmRepresentation));
        realmModel.setWebAuthnPolicyPasswordless(getWebAuthnPolicyPasswordless(realmRepresentation));
        if (realmRepresentation.getSmtpServer() != null) {
            HashMap hashMap = new HashMap(realmRepresentation.getSmtpServer());
            if (realmRepresentation.getSmtpServer().containsKey("password") && "**********".equals(realmRepresentation.getSmtpServer().get("password"))) {
                hashMap.put("password", realmModel.getSmtpConfig() != null ? (String) realmModel.getSmtpConfig().get("password") : null);
            }
            realmModel.setSmtpConfig(hashMap);
        }
        if (realmRepresentation.getBrowserSecurityHeaders() != null) {
            realmModel.setBrowserSecurityHeaders(realmRepresentation.getBrowserSecurityHeaders());
        }
        if (realmRepresentation.isInternationalizationEnabled() != null) {
            realmModel.setInternationalizationEnabled(realmRepresentation.isInternationalizationEnabled().booleanValue());
        }
        if (realmRepresentation.getSupportedLocales() != null) {
            realmModel.setSupportedLocales(new HashSet(realmRepresentation.getSupportedLocales()));
        }
        if (realmRepresentation.getDefaultLocale() != null) {
            realmModel.setDefaultLocale(realmRepresentation.getDefaultLocale());
        }
        if (realmRepresentation.getBrowserFlow() != null) {
            realmModel.setBrowserFlow(realmModel.getFlowByAlias(realmRepresentation.getBrowserFlow()));
        }
        if (realmRepresentation.getRegistrationFlow() != null) {
            realmModel.setRegistrationFlow(realmModel.getFlowByAlias(realmRepresentation.getRegistrationFlow()));
        }
        if (realmRepresentation.getDirectGrantFlow() != null) {
            realmModel.setDirectGrantFlow(realmModel.getFlowByAlias(realmRepresentation.getDirectGrantFlow()));
        }
        if (realmRepresentation.getResetCredentialsFlow() != null) {
            realmModel.setResetCredentialsFlow(realmModel.getFlowByAlias(realmRepresentation.getResetCredentialsFlow()));
        }
        if (realmRepresentation.getClientAuthenticationFlow() != null) {
            realmModel.setClientAuthenticationFlow(realmModel.getFlowByAlias(realmRepresentation.getClientAuthenticationFlow()));
        }
        if (realmRepresentation.getDockerAuthenticationFlow() != null) {
            realmModel.setDockerAuthenticationFlow(realmModel.getFlowByAlias(realmRepresentation.getDockerAuthenticationFlow()));
        }
    }

    public static ComponentModel convertFedProviderToComponent(String str, UserFederationProviderRepresentation userFederationProviderRepresentation) {
        UserStorageProviderModel userStorageProviderModel = new UserStorageProviderModel();
        userStorageProviderModel.setId(userFederationProviderRepresentation.getId());
        userStorageProviderModel.setName(userFederationProviderRepresentation.getDisplayName());
        userStorageProviderModel.setParentId(str);
        userStorageProviderModel.setProviderId(userFederationProviderRepresentation.getProviderName());
        userStorageProviderModel.setProviderType(UserStorageProvider.class.getName());
        userStorageProviderModel.setFullSyncPeriod(userFederationProviderRepresentation.getFullSyncPeriod());
        userStorageProviderModel.setPriority(userFederationProviderRepresentation.getPriority());
        userStorageProviderModel.setChangedSyncPeriod(userFederationProviderRepresentation.getChangedSyncPeriod());
        userStorageProviderModel.setLastSync(userFederationProviderRepresentation.getLastSync());
        if (userFederationProviderRepresentation.getConfig() != null) {
            for (Map.Entry entry : userFederationProviderRepresentation.getConfig().entrySet()) {
                userStorageProviderModel.getConfig().putSingle(entry.getKey(), entry.getValue());
            }
        }
        return userStorageProviderModel;
    }

    public static ComponentModel convertFedMapperToComponent(RealmModel realmModel, ComponentModel componentModel, UserFederationMapperRepresentation userFederationMapperRepresentation, String str) {
        ComponentModel componentModel2 = new ComponentModel();
        componentModel2.setId(userFederationMapperRepresentation.getId());
        componentModel2.setName(userFederationMapperRepresentation.getName());
        componentModel2.setProviderId(userFederationMapperRepresentation.getFederationMapperType());
        componentModel2.setProviderType(str);
        componentModel2.setParentId(componentModel.getId());
        if (userFederationMapperRepresentation.getConfig() != null) {
            for (Map.Entry entry : userFederationMapperRepresentation.getConfig().entrySet()) {
                componentModel2.getConfig().putSingle(entry.getKey(), entry.getValue());
            }
        }
        return componentModel2;
    }

    public static void createRole(RealmModel realmModel, RoleRepresentation roleRepresentation) {
        RoleModel addRole = roleRepresentation.getId() != null ? realmModel.addRole(roleRepresentation.getId(), roleRepresentation.getName()) : realmModel.addRole(roleRepresentation.getName());
        if (roleRepresentation.getDescription() != null) {
            addRole.setDescription(roleRepresentation.getDescription());
        }
        if (roleRepresentation.getAttributes() != null) {
            for (Map.Entry entry : roleRepresentation.getAttributes().entrySet()) {
                addRole.setAttribute((String) entry.getKey(), (Collection) entry.getValue());
            }
        }
    }

    private static void addComposites(RoleModel roleModel, RoleRepresentation roleRepresentation, RealmModel realmModel) {
        if (roleRepresentation.getComposites() == null) {
            return;
        }
        if (roleRepresentation.getComposites().getRealm() != null) {
            for (String str : roleRepresentation.getComposites().getRealm()) {
                RoleModel role = realmModel.getRole(str);
                if (role == null) {
                    throw new RuntimeException("Unable to find composite realm role: " + str);
                }
                roleModel.addCompositeRole(role);
            }
        }
        if (roleRepresentation.getComposites().getClient() != null) {
            for (Map.Entry entry : roleRepresentation.getComposites().getClient().entrySet()) {
                ClientModel clientByClientId = realmModel.getClientByClientId((String) entry.getKey());
                if (clientByClientId == null) {
                    throw new RuntimeException("App doesn't exist in role definitions: " + roleRepresentation.getName());
                }
                for (String str2 : (List) entry.getValue()) {
                    RoleModel role2 = clientByClientId.getRole(str2);
                    if (role2 == null) {
                        throw new RuntimeException("Unable to find composite client role: " + str2);
                    }
                    roleModel.addCompositeRole(role2);
                }
            }
        }
    }

    private static Map<String, ClientModel> createClients(KeycloakSession keycloakSession, RealmRepresentation realmRepresentation, RealmModel realmModel, Map<String, String> map) {
        HashMap hashMap = new HashMap();
        Iterator it = realmRepresentation.getClients().iterator();
        while (it.hasNext()) {
            ClientModel createClient = createClient(keycloakSession, realmModel, (ClientRepresentation) it.next(), false, map);
            hashMap.put(createClient.getClientId(), createClient);
            ClientValidationUtil.validate(keycloakSession, createClient, false, clientValidationContext -> {
                throw new RuntimeException("Invalid client " + createClient.getClientId() + ": " + clientValidationContext.getError());
            });
        }
        return hashMap;
    }

    public static ClientModel createClient(KeycloakSession keycloakSession, RealmModel realmModel, ClientRepresentation clientRepresentation, boolean z) {
        return createClient(keycloakSession, realmModel, clientRepresentation, z, null);
    }

    private static ClientModel createClient(KeycloakSession keycloakSession, RealmModel realmModel, ClientRepresentation clientRepresentation, boolean z, Map<String, String> map) {
        logger.debugv("Create client: {0}", clientRepresentation.getClientId());
        ClientModel addClient = clientRepresentation.getId() != null ? realmModel.addClient(clientRepresentation.getId(), clientRepresentation.getClientId()) : realmModel.addClient(clientRepresentation.getClientId());
        if (clientRepresentation.getName() != null) {
            addClient.setName(clientRepresentation.getName());
        }
        if (clientRepresentation.getDescription() != null) {
            addClient.setDescription(clientRepresentation.getDescription());
        }
        if (clientRepresentation.isEnabled() != null) {
            addClient.setEnabled(clientRepresentation.isEnabled().booleanValue());
        }
        if (clientRepresentation.isAlwaysDisplayInConsole() != null) {
            addClient.setAlwaysDisplayInConsole(clientRepresentation.isAlwaysDisplayInConsole().booleanValue());
        }
        addClient.setManagementUrl(clientRepresentation.getAdminUrl());
        if (clientRepresentation.isSurrogateAuthRequired() != null) {
            addClient.setSurrogateAuthRequired(clientRepresentation.isSurrogateAuthRequired().booleanValue());
        }
        if (clientRepresentation.getRootUrl() != null) {
            addClient.setRootUrl(clientRepresentation.getRootUrl());
        }
        if (clientRepresentation.getBaseUrl() != null) {
            addClient.setBaseUrl(clientRepresentation.getBaseUrl());
        }
        if (clientRepresentation.isBearerOnly() != null) {
            addClient.setBearerOnly(clientRepresentation.isBearerOnly().booleanValue());
        }
        if (clientRepresentation.isConsentRequired() != null) {
            addClient.setConsentRequired(clientRepresentation.isConsentRequired().booleanValue());
        }
        if (clientRepresentation.isDirectGrantsOnly() != null) {
            logger.warn("Using deprecated 'directGrantsOnly' configuration in JSON representation. It will be removed in future versions");
            addClient.setStandardFlowEnabled(!clientRepresentation.isDirectGrantsOnly().booleanValue());
            addClient.setDirectAccessGrantsEnabled(clientRepresentation.isDirectGrantsOnly().booleanValue());
        }
        if (clientRepresentation.isStandardFlowEnabled() != null) {
            addClient.setStandardFlowEnabled(clientRepresentation.isStandardFlowEnabled().booleanValue());
        }
        if (clientRepresentation.isImplicitFlowEnabled() != null) {
            addClient.setImplicitFlowEnabled(clientRepresentation.isImplicitFlowEnabled().booleanValue());
        }
        if (clientRepresentation.isDirectAccessGrantsEnabled() != null) {
            addClient.setDirectAccessGrantsEnabled(clientRepresentation.isDirectAccessGrantsEnabled().booleanValue());
        }
        if (clientRepresentation.isServiceAccountsEnabled() != null) {
            addClient.setServiceAccountsEnabled(clientRepresentation.isServiceAccountsEnabled().booleanValue());
        }
        if (clientRepresentation.isPublicClient() != null) {
            addClient.setPublicClient(clientRepresentation.isPublicClient().booleanValue());
        }
        if (clientRepresentation.isFrontchannelLogout() != null) {
            addClient.setFrontchannelLogout(clientRepresentation.isFrontchannelLogout().booleanValue());
        }
        if (clientRepresentation.getProtocol() != null) {
            addClient.setProtocol(clientRepresentation.getProtocol());
        } else {
            addClient.setProtocol(OIDC);
        }
        if (clientRepresentation.getNodeReRegistrationTimeout() != null) {
            addClient.setNodeReRegistrationTimeout(clientRepresentation.getNodeReRegistrationTimeout().intValue());
        } else {
            addClient.setNodeReRegistrationTimeout(-1);
        }
        if (clientRepresentation.getNotBefore() != null) {
            addClient.setNotBefore(clientRepresentation.getNotBefore().intValue());
        }
        if (clientRepresentation.getClientAuthenticatorType() != null) {
            addClient.setClientAuthenticatorType(clientRepresentation.getClientAuthenticatorType());
        } else {
            addClient.setClientAuthenticatorType(KeycloakModelUtils.getDefaultClientAuthenticatorType());
        }
        addClient.setSecret(clientRepresentation.getSecret());
        if (addClient.getSecret() == null) {
            KeycloakModelUtils.generateSecret(addClient);
        }
        if (clientRepresentation.getAttributes() != null) {
            for (Map.Entry entry : clientRepresentation.getAttributes().entrySet()) {
                addClient.setAttribute((String) entry.getKey(), (String) entry.getValue());
            }
        }
        if (clientRepresentation.getAuthenticationFlowBindingOverrides() != null) {
            for (Map.Entry entry2 : clientRepresentation.getAuthenticationFlowBindingOverrides().entrySet()) {
                if (entry2.getValue() != null && !((String) entry2.getValue()).trim().equals(BrowserSecurityHeaders.CONTENT_SECURITY_POLICY_REPORT_ONLY_DEFAULT)) {
                    String str = (String) entry2.getValue();
                    if (map != null && map.containsKey(str)) {
                        str = map.get(str);
                    }
                    if (addClient.getRealm().getAuthenticationFlowById(str) == null) {
                        throw new RuntimeException("Unable to resolve auth flow binding override for: " + ((String) entry2.getKey()));
                    }
                    addClient.setAuthenticationFlowBindingOverride((String) entry2.getKey(), str);
                }
            }
        }
        if (clientRepresentation.getRedirectUris() != null) {
            Iterator it = clientRepresentation.getRedirectUris().iterator();
            while (it.hasNext()) {
                addClient.addRedirectUri((String) it.next());
            }
        }
        if (clientRepresentation.getWebOrigins() != null) {
            for (String str2 : clientRepresentation.getWebOrigins()) {
                logger.debugv("Client: {0} webOrigin: {1}", clientRepresentation.getClientId(), str2);
                addClient.addWebOrigin(str2);
            }
        } else if (clientRepresentation.getRedirectUris() != null) {
            HashSet hashSet = new HashSet();
            for (String str3 : clientRepresentation.getRedirectUris()) {
                logger.debugv("add redirect-uri to origin: {0}", str3);
                if (str3.startsWith("http")) {
                    String origin = UriUtils.getOrigin(str3);
                    logger.debugv("adding default client origin: {0}", origin);
                    hashSet.add(origin);
                }
            }
            if (hashSet.size() > 0) {
                addClient.setWebOrigins(hashSet);
            }
        }
        if (clientRepresentation.getRegisteredNodes() != null) {
            for (Map.Entry entry3 : clientRepresentation.getRegisteredNodes().entrySet()) {
                addClient.registerNode((String) entry3.getKey(), ((Integer) entry3.getValue()).intValue());
            }
        }
        if (z && clientRepresentation.getDefaultRoles() != null) {
            addClient.updateDefaultRoles(clientRepresentation.getDefaultRoles());
        }
        if (clientRepresentation.getProtocolMappers() != null) {
            Iterator it2 = addClient.getProtocolMappers().iterator();
            while (it2.hasNext()) {
                addClient.removeProtocolMapper((ProtocolMapperModel) it2.next());
            }
            Iterator it3 = clientRepresentation.getProtocolMappers().iterator();
            while (it3.hasNext()) {
                addClient.addProtocolMapper(toModel((ProtocolMapperRepresentation) it3.next()));
            }
            MigrationUtils.updateProtocolMappers(addClient);
        }
        if (clientRepresentation.getClientTemplate() != null) {
            addClientScopeToClient(realmModel, addClient, KeycloakModelUtils.convertClientScopeName(clientRepresentation.getClientTemplate()), true);
        }
        if (clientRepresentation.getDefaultClientScopes() != null || clientRepresentation.getOptionalClientScopes() != null) {
            Iterator it4 = addClient.getClientScopes(true, false).values().iterator();
            while (it4.hasNext()) {
                addClient.removeClientScope((ClientScopeModel) it4.next());
            }
            Iterator it5 = addClient.getClientScopes(false, false).values().iterator();
            while (it5.hasNext()) {
                addClient.removeClientScope((ClientScopeModel) it5.next());
            }
        }
        if (clientRepresentation.getDefaultClientScopes() != null) {
            Iterator it6 = clientRepresentation.getDefaultClientScopes().iterator();
            while (it6.hasNext()) {
                addClientScopeToClient(realmModel, addClient, (String) it6.next(), true);
            }
        }
        if (clientRepresentation.getOptionalClientScopes() != null) {
            Iterator it7 = clientRepresentation.getOptionalClientScopes().iterator();
            while (it7.hasNext()) {
                addClientScopeToClient(realmModel, addClient, (String) it7.next(), false);
            }
        }
        if (clientRepresentation.isFullScopeAllowed() != null) {
            addClient.setFullScopeAllowed(clientRepresentation.isFullScopeAllowed().booleanValue());
        } else {
            addClient.setFullScopeAllowed(!addClient.isConsentRequired());
        }
        addClient.updateClient();
        clientRepresentation.setId(addClient.getId());
        return addClient;
    }

    private static void addClientScopeToClient(RealmModel realmModel, ClientModel clientModel, String str, boolean z) {
        ClientScopeModel clientScopeByName = KeycloakModelUtils.getClientScopeByName(realmModel, str);
        if (clientScopeByName != null) {
            clientModel.addClientScope(clientScopeByName, z);
        } else {
            logger.warnf("Referenced client scope '%s' doesn't exists. Ignoring", str);
        }
    }

    public static void updateClient(ClientRepresentation clientRepresentation, ClientModel clientModel) {
        if (clientRepresentation.getClientId() != null) {
            clientModel.setClientId(clientRepresentation.getClientId());
        }
        if (clientRepresentation.getName() != null) {
            clientModel.setName(clientRepresentation.getName());
        }
        if (clientRepresentation.getDescription() != null) {
            clientModel.setDescription(clientRepresentation.getDescription());
        }
        if (clientRepresentation.isEnabled() != null) {
            clientModel.setEnabled(clientRepresentation.isEnabled().booleanValue());
        }
        if (clientRepresentation.isAlwaysDisplayInConsole() != null) {
            clientModel.setAlwaysDisplayInConsole(clientRepresentation.isAlwaysDisplayInConsole().booleanValue());
        }
        if (clientRepresentation.isBearerOnly() != null) {
            clientModel.setBearerOnly(clientRepresentation.isBearerOnly().booleanValue());
        }
        if (clientRepresentation.isConsentRequired() != null) {
            clientModel.setConsentRequired(clientRepresentation.isConsentRequired().booleanValue());
        }
        if (clientRepresentation.isStandardFlowEnabled() != null) {
            clientModel.setStandardFlowEnabled(clientRepresentation.isStandardFlowEnabled().booleanValue());
        }
        if (clientRepresentation.isImplicitFlowEnabled() != null) {
            clientModel.setImplicitFlowEnabled(clientRepresentation.isImplicitFlowEnabled().booleanValue());
        }
        if (clientRepresentation.isDirectAccessGrantsEnabled() != null) {
            clientModel.setDirectAccessGrantsEnabled(clientRepresentation.isDirectAccessGrantsEnabled().booleanValue());
        }
        if (clientRepresentation.isServiceAccountsEnabled() != null) {
            clientModel.setServiceAccountsEnabled(clientRepresentation.isServiceAccountsEnabled().booleanValue());
        }
        if (clientRepresentation.isPublicClient() != null) {
            clientModel.setPublicClient(clientRepresentation.isPublicClient().booleanValue());
        }
        if (clientRepresentation.isFullScopeAllowed() != null) {
            clientModel.setFullScopeAllowed(clientRepresentation.isFullScopeAllowed().booleanValue());
        }
        if (clientRepresentation.isFrontchannelLogout() != null) {
            clientModel.setFrontchannelLogout(clientRepresentation.isFrontchannelLogout().booleanValue());
        }
        if (clientRepresentation.getRootUrl() != null) {
            clientModel.setRootUrl(clientRepresentation.getRootUrl());
        }
        if (clientRepresentation.getAdminUrl() != null) {
            clientModel.setManagementUrl(clientRepresentation.getAdminUrl());
        }
        if (clientRepresentation.getBaseUrl() != null) {
            clientModel.setBaseUrl(clientRepresentation.getBaseUrl());
        }
        if (clientRepresentation.isSurrogateAuthRequired() != null) {
            clientModel.setSurrogateAuthRequired(clientRepresentation.isSurrogateAuthRequired().booleanValue());
        }
        if (clientRepresentation.getNodeReRegistrationTimeout() != null) {
            clientModel.setNodeReRegistrationTimeout(clientRepresentation.getNodeReRegistrationTimeout().intValue());
        }
        if (clientRepresentation.getClientAuthenticatorType() != null) {
            clientModel.setClientAuthenticatorType(clientRepresentation.getClientAuthenticatorType());
        }
        if (clientRepresentation.getProtocol() != null) {
            clientModel.setProtocol(clientRepresentation.getProtocol());
        }
        if (clientRepresentation.getAttributes() != null) {
            for (Map.Entry entry : clientRepresentation.getAttributes().entrySet()) {
                clientModel.setAttribute((String) entry.getKey(), (String) entry.getValue());
            }
        }
        if (clientRepresentation.getAttributes() != null) {
            for (Map.Entry<String, String> entry2 : removeEmptyString(clientRepresentation.getAttributes()).entrySet()) {
                clientModel.setAttribute(entry2.getKey(), entry2.getValue());
            }
        }
        if (clientRepresentation.getAuthenticationFlowBindingOverrides() != null) {
            for (Map.Entry entry3 : clientRepresentation.getAuthenticationFlowBindingOverrides().entrySet()) {
                if (entry3.getValue() == null || ((String) entry3.getValue()).trim().equals(BrowserSecurityHeaders.CONTENT_SECURITY_POLICY_REPORT_ONLY_DEFAULT)) {
                    clientModel.removeAuthenticationFlowBindingOverride((String) entry3.getKey());
                } else {
                    if (clientModel.getRealm().getAuthenticationFlowById((String) entry3.getValue()) == null) {
                        throw new RuntimeException("Unable to resolve auth flow binding override for: " + ((String) entry3.getKey()));
                    }
                    clientModel.setAuthenticationFlowBindingOverride((String) entry3.getKey(), (String) entry3.getValue());
                }
            }
        }
        if (clientRepresentation.getNotBefore() != null) {
            clientModel.setNotBefore(clientRepresentation.getNotBefore().intValue());
        }
        if (clientRepresentation.getDefaultRoles() != null) {
            clientModel.updateDefaultRoles(clientRepresentation.getDefaultRoles());
        }
        List redirectUris = clientRepresentation.getRedirectUris();
        if (redirectUris != null) {
            clientModel.setRedirectUris(new HashSet(redirectUris));
        }
        List webOrigins = clientRepresentation.getWebOrigins();
        if (webOrigins != null) {
            clientModel.setWebOrigins(new HashSet(webOrigins));
        }
        if (clientRepresentation.getRegisteredNodes() != null) {
            for (Map.Entry entry4 : clientRepresentation.getRegisteredNodes().entrySet()) {
                clientModel.registerNode((String) entry4.getKey(), ((Integer) entry4.getValue()).intValue());
            }
        }
        if (clientRepresentation.getSecret() != null) {
            clientModel.setSecret(clientRepresentation.getSecret());
        }
        clientModel.updateClient();
    }

    public static void updateClientProtocolMappers(ClientRepresentation clientRepresentation, ClientModel clientModel) {
        if (clientRepresentation.getProtocolMappers() != null) {
            HashMap hashMap = new HashMap();
            for (ProtocolMapperModel protocolMapperModel : clientModel.getProtocolMappers()) {
                hashMap.put(generateProtocolNameKey(protocolMapperModel.getProtocol(), protocolMapperModel.getName()), protocolMapperModel);
            }
            for (ProtocolMapperRepresentation protocolMapperRepresentation : clientRepresentation.getProtocolMappers()) {
                String generateProtocolNameKey = generateProtocolNameKey(protocolMapperRepresentation.getProtocol(), protocolMapperRepresentation.getName());
                ProtocolMapperModel protocolMapperModel2 = (ProtocolMapperModel) hashMap.get(generateProtocolNameKey);
                if (protocolMapperModel2 != null) {
                    ProtocolMapperModel model = toModel(protocolMapperRepresentation);
                    model.setId(protocolMapperModel2.getId());
                    clientModel.updateProtocolMapper(model);
                    hashMap.remove(generateProtocolNameKey);
                } else {
                    clientModel.addProtocolMapper(toModel(protocolMapperRepresentation));
                }
            }
            Iterator it = hashMap.entrySet().iterator();
            while (it.hasNext()) {
                clientModel.removeProtocolMapper((ProtocolMapperModel) ((Map.Entry) it.next()).getValue());
            }
        }
    }

    private static String generateProtocolNameKey(String str, String str2) {
        return String.format("%s%%%s", str, str2);
    }

    private static Map<String, ClientScopeModel> createClientScopes(KeycloakSession keycloakSession, List<ClientScopeRepresentation> list, RealmModel realmModel) {
        HashMap hashMap = new HashMap();
        Iterator<ClientScopeRepresentation> it = list.iterator();
        while (it.hasNext()) {
            ClientScopeModel createClientScope = createClientScope(keycloakSession, realmModel, it.next());
            hashMap.put(createClientScope.getName(), createClientScope);
        }
        return hashMap;
    }

    public static ClientScopeModel createClientScope(KeycloakSession keycloakSession, RealmModel realmModel, ClientScopeRepresentation clientScopeRepresentation) {
        logger.debugv("Create client scope: {0}", clientScopeRepresentation.getName());
        ClientScopeModel addClientScope = clientScopeRepresentation.getId() != null ? realmModel.addClientScope(clientScopeRepresentation.getId(), clientScopeRepresentation.getName()) : realmModel.addClientScope(clientScopeRepresentation.getName());
        if (clientScopeRepresentation.getName() != null) {
            addClientScope.setName(clientScopeRepresentation.getName());
        }
        if (clientScopeRepresentation.getDescription() != null) {
            addClientScope.setDescription(clientScopeRepresentation.getDescription());
        }
        if (clientScopeRepresentation.getProtocol() != null) {
            addClientScope.setProtocol(clientScopeRepresentation.getProtocol());
        }
        if (clientScopeRepresentation.getProtocolMappers() != null) {
            Iterator it = addClientScope.getProtocolMappers().iterator();
            while (it.hasNext()) {
                addClientScope.removeProtocolMapper((ProtocolMapperModel) it.next());
            }
            Iterator it2 = clientScopeRepresentation.getProtocolMappers().iterator();
            while (it2.hasNext()) {
                addClientScope.addProtocolMapper(toModel((ProtocolMapperRepresentation) it2.next()));
            }
            MigrationUtils.updateProtocolMappers(addClientScope);
        }
        if (clientScopeRepresentation.getAttributes() != null) {
            for (Map.Entry entry : clientScopeRepresentation.getAttributes().entrySet()) {
                addClientScope.setAttribute((String) entry.getKey(), (String) entry.getValue());
            }
        }
        return addClientScope;
    }

    public static void updateClientScope(ClientScopeRepresentation clientScopeRepresentation, ClientScopeModel clientScopeModel) {
        if (clientScopeRepresentation.getName() != null) {
            clientScopeModel.setName(clientScopeRepresentation.getName());
        }
        if (clientScopeRepresentation.getDescription() != null) {
            clientScopeModel.setDescription(clientScopeRepresentation.getDescription());
        }
        if (clientScopeRepresentation.getProtocol() != null) {
            clientScopeModel.setProtocol(clientScopeRepresentation.getProtocol());
        }
        if (clientScopeRepresentation.getAttributes() != null) {
            for (Map.Entry entry : clientScopeRepresentation.getAttributes().entrySet()) {
                clientScopeModel.setAttribute((String) entry.getKey(), (String) entry.getValue());
            }
        }
    }

    public static long getClaimsMask(ClaimRepresentation claimRepresentation) {
        long j = claimRepresentation.getAddress() ? ClaimMask.ALL | 256 : ClaimMask.ALL & (-257);
        long j2 = claimRepresentation.getEmail() ? j | 32 : j & (-33);
        long j3 = claimRepresentation.getGender() ? j2 | 64 : j2 & (-65);
        long j4 = claimRepresentation.getLocale() ? j3 | 128 : j3 & (-129);
        long j5 = claimRepresentation.getName() ? j4 | 1 : j4 & (-2);
        long j6 = claimRepresentation.getPhone() ? j5 | 512 : j5 & (-513);
        long j7 = claimRepresentation.getPicture() ? j6 | 8 : j6 & (-9);
        long j8 = claimRepresentation.getProfile() ? j7 | 4 : j7 & (-5);
        long j9 = claimRepresentation.getUsername() ? j8 | 2 : j8 & (-3);
        return claimRepresentation.getWebsite() ? j9 | 16 : j9 & (-17);
    }

    public static void createClientScopeMappings(RealmModel realmModel, ClientModel clientModel, List<ScopeMappingRepresentation> list) {
        for (ScopeMappingRepresentation scopeMappingRepresentation : list) {
            ScopeContainerModel scopeContainerHavingScope = getScopeContainerHavingScope(realmModel, scopeMappingRepresentation);
            for (String str : scopeMappingRepresentation.getRoles()) {
                RoleModel role = clientModel.getRole(str.trim());
                if (role == null) {
                    role = clientModel.addRole(str.trim());
                }
                scopeContainerHavingScope.addScopeMapping(role);
            }
        }
    }

    private static ScopeContainerModel getScopeContainerHavingScope(RealmModel realmModel, ScopeMappingRepresentation scopeMappingRepresentation) {
        if (scopeMappingRepresentation.getClient() != null) {
            ClientModel clientByClientId = realmModel.getClientByClientId(scopeMappingRepresentation.getClient());
            if (clientByClientId == null) {
                throw new RuntimeException("Unknown client specification in scope mappings: " + scopeMappingRepresentation.getClient());
            }
            return clientByClientId;
        }
        if (scopeMappingRepresentation.getClientScope() != null) {
            ClientScopeModel clientScopeByName = KeycloakModelUtils.getClientScopeByName(realmModel, scopeMappingRepresentation.getClientScope());
            if (clientScopeByName == null) {
                throw new RuntimeException("Unknown clientScope specification in scope mappings: " + scopeMappingRepresentation.getClientScope());
            }
            return clientScopeByName;
        }
        if (scopeMappingRepresentation.getClientTemplate() == null) {
            throw new RuntimeException("Either client or clientScope needs to be specified in scope mappings");
        }
        String convertClientScopeName = KeycloakModelUtils.convertClientScopeName(scopeMappingRepresentation.getClientTemplate());
        ClientScopeModel clientScopeByName2 = KeycloakModelUtils.getClientScopeByName(realmModel, convertClientScopeName);
        if (clientScopeByName2 == null) {
            throw new RuntimeException("Unknown clientScope specification in scope mappings: " + convertClientScopeName);
        }
        return clientScopeByName2;
    }

    public static UserModel createUser(KeycloakSession keycloakSession, RealmModel realmModel, UserRepresentation userRepresentation) {
        convertDeprecatedSocialProviders(userRepresentation);
        UserModel addUser = keycloakSession.userLocalStorage().addUser(realmModel, userRepresentation.getId(), userRepresentation.getUsername(), false, false);
        addUser.setEnabled(userRepresentation.isEnabled() != null && userRepresentation.isEnabled().booleanValue());
        addUser.setCreatedTimestamp(userRepresentation.getCreatedTimestamp());
        addUser.setEmail(userRepresentation.getEmail());
        if (userRepresentation.isEmailVerified() != null) {
            addUser.setEmailVerified(userRepresentation.isEmailVerified().booleanValue());
        }
        addUser.setFirstName(userRepresentation.getFirstName());
        addUser.setLastName(userRepresentation.getLastName());
        addUser.setFederationLink(userRepresentation.getFederationLink());
        if (userRepresentation.getAttributes() != null) {
            for (Map.Entry entry : userRepresentation.getAttributes().entrySet()) {
                List list = (List) entry.getValue();
                if (list != null) {
                    addUser.setAttribute((String) entry.getKey(), new ArrayList(list));
                }
            }
        }
        if (userRepresentation.getRequiredActions() != null) {
            for (String str : userRepresentation.getRequiredActions()) {
                try {
                    addUser.addRequiredAction(UserModel.RequiredAction.valueOf(str.toUpperCase()));
                } catch (IllegalArgumentException e) {
                    addUser.addRequiredAction(str);
                }
            }
        }
        createCredentials(userRepresentation, keycloakSession, realmModel, addUser, false);
        createFederatedIdentities(userRepresentation, keycloakSession, realmModel, addUser);
        createRoleMappings(userRepresentation, addUser, realmModel);
        if (userRepresentation.getClientConsents() != null) {
            Iterator it = userRepresentation.getClientConsents().iterator();
            while (it.hasNext()) {
                keycloakSession.users().addConsent(realmModel, addUser.getId(), toModel(realmModel, (UserConsentRepresentation) it.next()));
            }
        }
        if (userRepresentation.getNotBefore() != null) {
            keycloakSession.users().setNotBeforeForUser(realmModel, addUser, userRepresentation.getNotBefore().intValue());
        }
        if (userRepresentation.getServiceAccountClientId() != null) {
            String serviceAccountClientId = userRepresentation.getServiceAccountClientId();
            ClientModel clientByClientId = realmModel.getClientByClientId(serviceAccountClientId);
            if (clientByClientId == null) {
                throw new RuntimeException("Unable to find client specified for service account link. Client: " + serviceAccountClientId);
            }
            addUser.setServiceAccountClientLink(clientByClientId.getId());
        }
        createGroups(userRepresentation, realmModel, addUser);
        return addUser;
    }

    public static void createGroups(UserRepresentation userRepresentation, RealmModel realmModel, UserModel userModel) {
        if (userRepresentation.getGroups() != null) {
            for (String str : userRepresentation.getGroups()) {
                GroupModel findGroupByPath = KeycloakModelUtils.findGroupByPath(realmModel, str);
                if (findGroupByPath == null) {
                    throw new RuntimeException("Unable to find group specified by path: " + str);
                }
                userModel.joinGroup(findGroupByPath);
            }
        }
    }

    public static void createFederatedIdentities(UserRepresentation userRepresentation, KeycloakSession keycloakSession, RealmModel realmModel, UserModel userModel) {
        if (userRepresentation.getFederatedIdentities() != null) {
            for (FederatedIdentityRepresentation federatedIdentityRepresentation : userRepresentation.getFederatedIdentities()) {
                keycloakSession.users().addFederatedIdentity(realmModel, userModel, new FederatedIdentityModel(federatedIdentityRepresentation.getIdentityProvider(), federatedIdentityRepresentation.getUserId(), federatedIdentityRepresentation.getUserName()));
            }
        }
    }

    public static void createCredentials(UserRepresentation userRepresentation, KeycloakSession keycloakSession, RealmModel realmModel, UserModel userModel, boolean z) {
        convertDeprecatedCredentialsFormat(userRepresentation);
        if (userRepresentation.getCredentials() != null) {
            for (CredentialRepresentation credentialRepresentation : userRepresentation.getCredentials()) {
                if (credentialRepresentation.getId() == null || keycloakSession.userCredentialManager().getStoredCredentialById(realmModel, userModel, credentialRepresentation.getId()) == null) {
                    if (credentialRepresentation.getValue() == null || credentialRepresentation.getValue().isEmpty()) {
                        keycloakSession.userCredentialManager().createCredentialThroughProvider(realmModel, userModel, toModel(credentialRepresentation));
                    } else {
                        RealmModel realm = keycloakSession.getContext().getRealm();
                        try {
                            try {
                                keycloakSession.getContext().setRealm(realmModel);
                                keycloakSession.userCredentialManager().updateCredential(realmModel, userModel, UserCredentialModel.password(credentialRepresentation.getValue(), false));
                                keycloakSession.getContext().setRealm(realm);
                            } catch (ModelException e) {
                                throw new PasswordPolicyNotMetException(e.getMessage(), userModel.getUsername(), e);
                            }
                        } catch (Throwable th) {
                            keycloakSession.getContext().setRealm(realm);
                            throw th;
                        }
                    }
                }
            }
        }
    }

    public static CredentialModel toModel(CredentialRepresentation credentialRepresentation) {
        CredentialModel credentialModel = new CredentialModel();
        credentialModel.setCreatedDate(credentialRepresentation.getCreatedDate());
        credentialModel.setType(credentialRepresentation.getType());
        credentialModel.setUserLabel(credentialRepresentation.getUserLabel());
        credentialModel.setSecretData(credentialRepresentation.getSecretData());
        credentialModel.setCredentialData(credentialRepresentation.getCredentialData());
        credentialModel.setId(credentialRepresentation.getId());
        return credentialModel;
    }

    public static void createRoleMappings(UserRepresentation userRepresentation, UserModel userModel, RealmModel realmModel) {
        if (userRepresentation.getRealmRoles() != null) {
            for (String str : userRepresentation.getRealmRoles()) {
                RoleModel role = realmModel.getRole(str.trim());
                if (role == null) {
                    role = realmModel.addRole(str.trim());
                }
                userModel.grantRole(role);
            }
        }
        if (userRepresentation.getClientRoles() != null) {
            for (Map.Entry entry : userRepresentation.getClientRoles().entrySet()) {
                ClientModel clientByClientId = realmModel.getClientByClientId((String) entry.getKey());
                if (clientByClientId == null) {
                    throw new RuntimeException("Unable to find client role mappings for client: " + ((String) entry.getKey()));
                }
                createClientRoleMappings(clientByClientId, userModel, (List) entry.getValue());
            }
        }
    }

    public static void createClientRoleMappings(ClientModel clientModel, UserModel userModel, List<String> list) {
        if (userModel == null) {
            throw new RuntimeException("User not found");
        }
        for (String str : list) {
            RoleModel role = clientModel.getRole(str.trim());
            if (role == null) {
                role = clientModel.addRole(str.trim());
            }
            userModel.grantRole(role);
        }
    }

    private static void importIdentityProviders(RealmRepresentation realmRepresentation, RealmModel realmModel, KeycloakSession keycloakSession) {
        if (realmRepresentation.getIdentityProviders() != null) {
            Iterator it = realmRepresentation.getIdentityProviders().iterator();
            while (it.hasNext()) {
                realmModel.addIdentityProvider(toModel(realmModel, (IdentityProviderRepresentation) it.next(), keycloakSession));
            }
        }
    }

    private static void importIdentityProviderMappers(RealmRepresentation realmRepresentation, RealmModel realmModel) {
        if (realmRepresentation.getIdentityProviderMappers() != null) {
            Iterator it = realmRepresentation.getIdentityProviderMappers().iterator();
            while (it.hasNext()) {
                realmModel.addIdentityProviderMapper(toModel((IdentityProviderMapperRepresentation) it.next()));
            }
        }
    }

    public static IdentityProviderModel toModel(RealmModel realmModel, IdentityProviderRepresentation identityProviderRepresentation, KeycloakSession keycloakSession) {
        IdentityProviderFactory identityProviderFactory = (IdentityProviderFactory) keycloakSession.getKeycloakSessionFactory().getProviderFactory(IdentityProvider.class, identityProviderRepresentation.getProviderId());
        if (identityProviderFactory == null) {
            identityProviderFactory = (IdentityProviderFactory) keycloakSession.getKeycloakSessionFactory().getProviderFactory(SocialIdentityProvider.class, identityProviderRepresentation.getProviderId());
        }
        if (identityProviderFactory == null) {
            throw new IllegalArgumentException("Invalid identity provider id [" + identityProviderRepresentation.getProviderId() + "]");
        }
        IdentityProviderModel createConfig = identityProviderFactory.createConfig();
        createConfig.setInternalId(identityProviderRepresentation.getInternalId());
        createConfig.setAlias(identityProviderRepresentation.getAlias());
        createConfig.setDisplayName(identityProviderRepresentation.getDisplayName());
        createConfig.setProviderId(identityProviderRepresentation.getProviderId());
        createConfig.setEnabled(identityProviderRepresentation.isEnabled());
        createConfig.setLinkOnly(identityProviderRepresentation.isLinkOnly());
        createConfig.setTrustEmail(identityProviderRepresentation.isTrustEmail());
        createConfig.setAuthenticateByDefault(identityProviderRepresentation.isAuthenticateByDefault());
        createConfig.setStoreToken(identityProviderRepresentation.isStoreToken());
        createConfig.setAddReadTokenRoleOnCreate(identityProviderRepresentation.isAddReadTokenRoleOnCreate());
        createConfig.setConfig(removeEmptyString(identityProviderRepresentation.getConfig()));
        String firstBrokerLoginFlowAlias = identityProviderRepresentation.getFirstBrokerLoginFlowAlias();
        if (firstBrokerLoginFlowAlias == null) {
            firstBrokerLoginFlowAlias = DefaultAuthenticationFlows.FIRST_BROKER_LOGIN_FLOW;
        }
        AuthenticationFlowModel flowByAlias = realmModel.getFlowByAlias(firstBrokerLoginFlowAlias);
        if (flowByAlias == null) {
            throw new ModelException("No available authentication flow with alias: " + firstBrokerLoginFlowAlias);
        }
        createConfig.setFirstBrokerLoginFlowId(flowByAlias.getId());
        String postBrokerLoginFlowAlias = identityProviderRepresentation.getPostBrokerLoginFlowAlias();
        if (postBrokerLoginFlowAlias == null || postBrokerLoginFlowAlias.trim().length() == 0) {
            createConfig.setPostBrokerLoginFlowId((String) null);
        } else {
            AuthenticationFlowModel flowByAlias2 = realmModel.getFlowByAlias(postBrokerLoginFlowAlias);
            if (flowByAlias2 == null) {
                throw new ModelException("No available authentication flow with alias: " + postBrokerLoginFlowAlias);
            }
            createConfig.setPostBrokerLoginFlowId(flowByAlias2.getId());
        }
        createConfig.validate(realmModel);
        return createConfig;
    }

    public static ProtocolMapperModel toModel(ProtocolMapperRepresentation protocolMapperRepresentation) {
        ProtocolMapperModel protocolMapperModel = new ProtocolMapperModel();
        protocolMapperModel.setId(protocolMapperRepresentation.getId());
        protocolMapperModel.setName(protocolMapperRepresentation.getName());
        protocolMapperModel.setProtocol(protocolMapperRepresentation.getProtocol());
        protocolMapperModel.setProtocolMapper(protocolMapperRepresentation.getProtocolMapper());
        protocolMapperModel.setConfig(removeEmptyString(protocolMapperRepresentation.getConfig()));
        return protocolMapperModel;
    }

    public static IdentityProviderMapperModel toModel(IdentityProviderMapperRepresentation identityProviderMapperRepresentation) {
        IdentityProviderMapperModel identityProviderMapperModel = new IdentityProviderMapperModel();
        identityProviderMapperModel.setId(identityProviderMapperRepresentation.getId());
        identityProviderMapperModel.setName(identityProviderMapperRepresentation.getName());
        identityProviderMapperModel.setIdentityProviderAlias(identityProviderMapperRepresentation.getIdentityProviderAlias());
        identityProviderMapperModel.setIdentityProviderMapper(identityProviderMapperRepresentation.getIdentityProviderMapper());
        identityProviderMapperModel.setConfig(removeEmptyString(identityProviderMapperRepresentation.getConfig()));
        return identityProviderMapperModel;
    }

    public static UserConsentModel toModel(RealmModel realmModel, UserConsentRepresentation userConsentRepresentation) {
        ClientModel clientByClientId = realmModel.getClientByClientId(userConsentRepresentation.getClientId());
        if (clientByClientId == null) {
            throw new RuntimeException("Unable to find client consent mappings for client: " + userConsentRepresentation.getClientId());
        }
        UserConsentModel userConsentModel = new UserConsentModel(clientByClientId);
        userConsentModel.setCreatedDate(userConsentRepresentation.getCreatedDate());
        userConsentModel.setLastUpdatedDate(userConsentRepresentation.getLastUpdatedDate());
        if (userConsentRepresentation.getGrantedClientScopes() != null) {
            for (String str : userConsentRepresentation.getGrantedClientScopes()) {
                ClientScopeModel clientScopeByName = KeycloakModelUtils.getClientScopeByName(realmModel, str);
                if (clientScopeByName == null) {
                    throw new RuntimeException("Unable to find client scope referenced in consent mappings of user. Client scope name: " + str);
                }
                userConsentModel.addGrantedClientScope(clientScopeByName);
            }
        }
        if (userConsentRepresentation.getGrantedRealmRoles() != null && userConsentRepresentation.getGrantedRealmRoles().contains(Constants.OFFLINE_ACCESS_ROLE)) {
            ClientScopeModel clientScopeModel = (ClientScopeModel) clientByClientId.getClientScopes(false, true).get(Constants.OFFLINE_ACCESS_ROLE);
            if (clientScopeModel == null) {
                logger.warn("Unable to find offline_access scope referenced in grantedRoles of user");
            }
            userConsentModel.addGrantedClientScope(clientScopeModel);
        }
        return userConsentModel;
    }

    public static AuthenticationFlowModel toModel(AuthenticationFlowRepresentation authenticationFlowRepresentation) {
        AuthenticationFlowModel authenticationFlowModel = new AuthenticationFlowModel();
        authenticationFlowModel.setId(authenticationFlowRepresentation.getId());
        authenticationFlowModel.setBuiltIn(authenticationFlowRepresentation.isBuiltIn());
        authenticationFlowModel.setTopLevel(authenticationFlowRepresentation.isTopLevel());
        authenticationFlowModel.setProviderId(authenticationFlowRepresentation.getProviderId());
        authenticationFlowModel.setAlias(authenticationFlowRepresentation.getAlias());
        authenticationFlowModel.setDescription(authenticationFlowRepresentation.getDescription());
        return authenticationFlowModel;
    }

    private static AuthenticationExecutionModel toModel(RealmModel realmModel, AuthenticationFlowModel authenticationFlowModel, AuthenticationExecutionExportRepresentation authenticationExecutionExportRepresentation) {
        AuthenticationExecutionModel authenticationExecutionModel = new AuthenticationExecutionModel();
        if (authenticationExecutionExportRepresentation.getAuthenticatorConfig() != null) {
            authenticationExecutionModel.setAuthenticatorConfig(realmModel.getAuthenticatorConfigByAlias(authenticationExecutionExportRepresentation.getAuthenticatorConfig()).getId());
        }
        authenticationExecutionModel.setAuthenticator(authenticationExecutionExportRepresentation.getAuthenticator());
        authenticationExecutionModel.setAuthenticatorFlow(authenticationExecutionExportRepresentation.isAutheticatorFlow());
        if (authenticationExecutionExportRepresentation.getFlowAlias() != null) {
            authenticationExecutionModel.setFlowId(realmModel.getFlowByAlias(authenticationExecutionExportRepresentation.getFlowAlias()).getId());
        }
        authenticationExecutionModel.setPriority(authenticationExecutionExportRepresentation.getPriority());
        try {
            authenticationExecutionModel.setRequirement(AuthenticationExecutionModel.Requirement.valueOf(authenticationExecutionExportRepresentation.getRequirement()));
            authenticationExecutionModel.setParentFlow(authenticationFlowModel.getId());
        } catch (IllegalArgumentException e) {
            if ("OPTIONAL".equals(authenticationExecutionExportRepresentation.getRequirement())) {
                MigrateTo8_0_0.migrateOptionalAuthenticationExecution(realmModel, authenticationFlowModel, authenticationExecutionModel, false);
            }
        }
        return authenticationExecutionModel;
    }

    public static AuthenticationExecutionModel toModel(RealmModel realmModel, AuthenticationExecutionRepresentation authenticationExecutionRepresentation) {
        AuthenticationExecutionModel authenticationExecutionModel = new AuthenticationExecutionModel();
        authenticationExecutionModel.setId(authenticationExecutionRepresentation.getId());
        authenticationExecutionModel.setFlowId(authenticationExecutionRepresentation.getFlowId());
        authenticationExecutionModel.setAuthenticator(authenticationExecutionRepresentation.getAuthenticator());
        authenticationExecutionModel.setPriority(authenticationExecutionRepresentation.getPriority());
        authenticationExecutionModel.setParentFlow(authenticationExecutionRepresentation.getParentFlow());
        authenticationExecutionModel.setAuthenticatorFlow(authenticationExecutionRepresentation.isAutheticatorFlow());
        authenticationExecutionModel.setRequirement(AuthenticationExecutionModel.Requirement.valueOf(authenticationExecutionRepresentation.getRequirement()));
        if (authenticationExecutionRepresentation.getAuthenticatorConfig() != null) {
            authenticationExecutionModel.setAuthenticatorConfig(realmModel.getAuthenticatorConfigByAlias(authenticationExecutionRepresentation.getAuthenticatorConfig()).getId());
        }
        return authenticationExecutionModel;
    }

    public static AuthenticatorConfigModel toModel(AuthenticatorConfigRepresentation authenticatorConfigRepresentation) {
        AuthenticatorConfigModel authenticatorConfigModel = new AuthenticatorConfigModel();
        authenticatorConfigModel.setAlias(authenticatorConfigRepresentation.getAlias());
        authenticatorConfigModel.setConfig(removeEmptyString(authenticatorConfigRepresentation.getConfig()));
        return authenticatorConfigModel;
    }

    public static RequiredActionProviderModel toModel(RequiredActionProviderRepresentation requiredActionProviderRepresentation) {
        RequiredActionProviderModel requiredActionProviderModel = new RequiredActionProviderModel();
        requiredActionProviderModel.setConfig(removeEmptyString(requiredActionProviderRepresentation.getConfig()));
        requiredActionProviderModel.setPriority(requiredActionProviderRepresentation.getPriority());
        requiredActionProviderModel.setDefaultAction(requiredActionProviderRepresentation.isDefaultAction());
        requiredActionProviderModel.setEnabled(requiredActionProviderRepresentation.isEnabled());
        requiredActionProviderModel.setProviderId(requiredActionProviderRepresentation.getProviderId());
        requiredActionProviderModel.setName(requiredActionProviderRepresentation.getName());
        requiredActionProviderModel.setAlias(requiredActionProviderRepresentation.getAlias());
        return requiredActionProviderModel;
    }

    public static ComponentModel toModel(KeycloakSession keycloakSession, ComponentRepresentation componentRepresentation) {
        ComponentModel componentModel = new ComponentModel();
        componentModel.setId(componentRepresentation.getId());
        componentModel.setParentId(componentRepresentation.getParentId());
        componentModel.setProviderType(componentRepresentation.getProviderType());
        componentModel.setProviderId(componentRepresentation.getProviderId());
        componentModel.setConfig(new MultivaluedHashMap());
        componentModel.setName(componentRepresentation.getName());
        componentModel.setSubType(componentRepresentation.getSubType());
        if (componentRepresentation.getConfig() != null) {
            for (String str : new HashSet(componentRepresentation.getConfig().keySet())) {
                List list = (List) componentRepresentation.getConfig().get(str);
                if (list != null) {
                    ListIterator listIterator = list.listIterator();
                    while (listIterator.hasNext()) {
                        String str2 = (String) listIterator.next();
                        if (str2 == null || str2.trim().isEmpty()) {
                            listIterator.remove();
                        }
                    }
                    if (!list.isEmpty()) {
                        componentModel.getConfig().put(str, list);
                    }
                }
            }
        }
        return componentModel;
    }

    public static void updateComponent(KeycloakSession keycloakSession, ComponentRepresentation componentRepresentation, ComponentModel componentModel, boolean z) {
        if (componentRepresentation.getName() != null) {
            componentModel.setName(componentRepresentation.getName());
        }
        if (componentRepresentation.getParentId() != null) {
            componentModel.setParentId(componentRepresentation.getParentId());
        }
        if (componentRepresentation.getProviderType() != null) {
            componentModel.setProviderType(componentRepresentation.getProviderType());
        }
        if (componentRepresentation.getProviderId() != null) {
            componentModel.setProviderId(componentRepresentation.getProviderId());
        }
        if (componentRepresentation.getSubType() != null) {
            componentModel.setSubType(componentRepresentation.getSubType());
        }
        Map<String, ProviderConfigProperty> componentConfigProperties = z ? null : ComponentUtil.getComponentConfigProperties(keycloakSession, componentModel);
        if (componentRepresentation.getConfig() != null) {
            for (String str : new HashSet(componentRepresentation.getConfig().keySet())) {
                if (!z && !componentConfigProperties.containsKey(str)) {
                    return;
                }
                List list = (List) componentRepresentation.getConfig().get(str);
                if (list == null || list.isEmpty() || list.get(0) == null || ((String) list.get(0)).trim().isEmpty()) {
                    componentModel.getConfig().remove(str);
                } else {
                    ListIterator listIterator = list.listIterator();
                    while (listIterator.hasNext()) {
                        String str2 = (String) listIterator.next();
                        if (str2 == null || str2.trim().isEmpty() || str2.equals("**********")) {
                            listIterator.remove();
                        }
                    }
                    if (!list.isEmpty()) {
                        componentModel.getConfig().put(str, list);
                    }
                }
            }
        }
    }

    public static void importRealmAuthorizationSettings(RealmRepresentation realmRepresentation, RealmModel realmModel, KeycloakSession keycloakSession) {
        if (realmRepresentation.getClients() != null) {
            realmRepresentation.getClients().forEach(clientRepresentation -> {
                importAuthorizationSettings(clientRepresentation, realmModel.getClientByClientId(clientRepresentation.getClientId()), keycloakSession);
            });
        }
    }

    public static void importAuthorizationSettings(ClientRepresentation clientRepresentation, ClientModel clientModel, KeycloakSession keycloakSession) {
        if (Boolean.TRUE.equals(clientRepresentation.getAuthorizationServicesEnabled())) {
            AuthorizationProvider create = ((AuthorizationProviderFactory) keycloakSession.getKeycloakSessionFactory().getProviderFactory(AuthorizationProvider.class)).create(keycloakSession, clientModel.getRealm());
            clientModel.setServiceAccountsEnabled(true);
            clientModel.setBearerOnly(false);
            clientModel.setPublicClient(false);
            ResourceServerRepresentation authorizationSettings = clientRepresentation.getAuthorizationSettings();
            if (authorizationSettings == null) {
                authorizationSettings = new ResourceServerRepresentation();
            }
            authorizationSettings.setClientId(clientModel.getId());
            toModel(authorizationSettings, create);
        }
    }

    public static ResourceServer toModel(ResourceServerRepresentation resourceServerRepresentation, AuthorizationProvider authorizationProvider) {
        ResourceServer resourceServer;
        UserModel userByUsername;
        ResourceServerStore resourceServerStore = authorizationProvider.getStoreFactory().getResourceServerStore();
        ResourceServer findById = resourceServerStore.findById(resourceServerRepresentation.getClientId());
        if (findById == null) {
            resourceServer = resourceServerStore.create(resourceServerRepresentation.getClientId());
            resourceServer.setAllowRemoteResourceManagement(true);
            resourceServer.setPolicyEnforcementMode(PolicyEnforcementMode.ENFORCING);
        } else {
            resourceServer = findById;
        }
        resourceServer.setPolicyEnforcementMode(resourceServerRepresentation.getPolicyEnforcementMode());
        resourceServer.setAllowRemoteResourceManagement(resourceServerRepresentation.isAllowRemoteResourceManagement());
        DecisionStrategy decisionStrategy = resourceServerRepresentation.getDecisionStrategy();
        if (decisionStrategy == null) {
            decisionStrategy = DecisionStrategy.UNANIMOUS;
        }
        resourceServer.setDecisionStrategy(decisionStrategy);
        Iterator it = resourceServerRepresentation.getScopes().iterator();
        while (it.hasNext()) {
            toModel((ScopeRepresentation) it.next(), resourceServer, authorizationProvider);
        }
        KeycloakSession keycloakSession = authorizationProvider.getKeycloakSession();
        RealmModel realm = authorizationProvider.getRealm();
        for (ResourceRepresentation resourceRepresentation : resourceServerRepresentation.getResources()) {
            ResourceOwnerRepresentation owner = resourceRepresentation.getOwner();
            if (owner == null) {
                ResourceOwnerRepresentation resourceOwnerRepresentation = new ResourceOwnerRepresentation();
                resourceOwnerRepresentation.setId(resourceServer.getId());
                resourceRepresentation.setOwner(resourceOwnerRepresentation);
            } else if (owner.getName() != null && (userByUsername = keycloakSession.users().getUserByUsername(owner.getName(), realm)) != null) {
                owner.setId(userByUsername.getId());
            }
            toModel(resourceRepresentation, resourceServer, authorizationProvider);
        }
        importPolicies(authorizationProvider, resourceServer, resourceServerRepresentation.getPolicies(), null);
        return resourceServer;
    }

    private static Policy importPolicies(AuthorizationProvider authorizationProvider, ResourceServer resourceServer, List<PolicyRepresentation> list, String str) {
        StoreFactory storeFactory = authorizationProvider.getStoreFactory();
        for (PolicyRepresentation policyRepresentation : list) {
            if (str == null || str.equals(policyRepresentation.getName())) {
                Map config = policyRepresentation.getConfig();
                String str2 = (String) config.get("applyPolicies");
                if (str2 != null && !str2.isEmpty()) {
                    PolicyStore policyStore = storeFactory.getPolicyStore();
                    try {
                        List<String> list2 = (List) JsonSerialization.readValue(str2, List.class);
                        HashSet hashSet = new HashSet();
                        for (String str3 : list2) {
                            Policy findByName = policyStore.findByName(str3, resourceServer.getId());
                            if (findByName == null) {
                                findByName = policyStore.findById(str3, resourceServer.getId());
                            }
                            if (findByName == null) {
                                findByName = importPolicies(authorizationProvider, resourceServer, list, str3);
                                if (findByName == null) {
                                    throw new RuntimeException("Policy with name [" + str3 + "] not defined.");
                                }
                            }
                            hashSet.add(findByName.getId());
                        }
                        config.put("applyPolicies", JsonSerialization.writeValueAsString(hashSet));
                    } catch (Exception e) {
                        throw new RuntimeException("Error while importing policy [" + policyRepresentation.getName() + "].", e);
                    }
                }
                PolicyStore policyStore2 = storeFactory.getPolicyStore();
                Policy findById = policyStore2.findById(policyRepresentation.getId(), resourceServer.getId());
                if (findById == null) {
                    findById = policyStore2.findByName(policyRepresentation.getName(), resourceServer.getId());
                }
                Policy create = findById == null ? policyStore2.create(policyRepresentation, resourceServer) : toModel((AbstractPolicyRepresentation) policyRepresentation, authorizationProvider, findById);
                if (str != null && str.equals(policyRepresentation.getName())) {
                    return create;
                }
            }
        }
        return null;
    }

    public static Policy toModel(AbstractPolicyRepresentation abstractPolicyRepresentation, AuthorizationProvider authorizationProvider, Policy policy) {
        String str;
        String str2;
        String str3;
        policy.setName(abstractPolicyRepresentation.getName());
        policy.setDescription(abstractPolicyRepresentation.getDescription());
        policy.setDecisionStrategy(abstractPolicyRepresentation.getDecisionStrategy());
        policy.setLogic(abstractPolicyRepresentation.getLogic());
        Set resources = abstractPolicyRepresentation.getResources();
        Set scopes = abstractPolicyRepresentation.getScopes();
        Set policies = abstractPolicyRepresentation.getPolicies();
        if (abstractPolicyRepresentation instanceof PolicyRepresentation) {
            PolicyRepresentation policyRepresentation = (PolicyRepresentation) PolicyRepresentation.class.cast(abstractPolicyRepresentation);
            if (resources == null && (str3 = (String) policyRepresentation.getConfig().get("resources")) != null) {
                try {
                    resources = (Set) JsonSerialization.readValue(str3, Set.class);
                } catch (IOException e) {
                    throw new RuntimeException(e);
                }
            }
            if (scopes == null && (str2 = (String) policyRepresentation.getConfig().get("scopes")) != null) {
                try {
                    scopes = (Set) JsonSerialization.readValue(str2, Set.class);
                } catch (IOException e2) {
                    throw new RuntimeException(e2);
                }
            }
            if (policies == null && (str = (String) policyRepresentation.getConfig().get("applyPolicies")) != null) {
                try {
                    policies = (Set) JsonSerialization.readValue(str, Set.class);
                } catch (IOException e3) {
                    throw new RuntimeException(e3);
                }
            }
            policy.setConfig(policyRepresentation.getConfig());
        }
        StoreFactory storeFactory = authorizationProvider.getStoreFactory();
        updateResources(resources, policy, storeFactory);
        updateScopes(scopes, policy, storeFactory);
        updateAssociatedPolicies(policies, policy, storeFactory);
        PolicyProviderFactory providerFactory = authorizationProvider.getProviderFactory(policy.getType());
        if (abstractPolicyRepresentation instanceof PolicyRepresentation) {
            providerFactory.onImport(policy, (PolicyRepresentation) PolicyRepresentation.class.cast(abstractPolicyRepresentation), authorizationProvider);
        } else if (abstractPolicyRepresentation.getId() == null) {
            providerFactory.onCreate(policy, abstractPolicyRepresentation, authorizationProvider);
        } else {
            providerFactory.onUpdate(policy, abstractPolicyRepresentation, authorizationProvider);
        }
        abstractPolicyRepresentation.setId(policy.getId());
        return policy;
    }

    private static void updateScopes(Set<String> set, Policy policy, StoreFactory storeFactory) {
        if (set != null) {
            if (set.isEmpty()) {
                Iterator it = new HashSet(policy.getScopes()).iterator();
                while (it.hasNext()) {
                    policy.removeScope((Scope) it.next());
                }
                return;
            }
            for (String str : set) {
                boolean z = false;
                Iterator it2 = new HashSet(policy.getScopes()).iterator();
                while (it2.hasNext()) {
                    Scope scope = (Scope) it2.next();
                    if (scope.getId().equals(str) || scope.getName().equals(str)) {
                        z = true;
                    }
                }
                if (!z) {
                    ResourceServer resourceServer = policy.getResourceServer();
                    Scope findById = storeFactory.getScopeStore().findById(str, resourceServer.getId());
                    if (findById == null) {
                        findById = storeFactory.getScopeStore().findByName(str, resourceServer.getId());
                        if (findById == null) {
                            throw new RuntimeException("Scope with id or name [" + str + "] does not exist");
                        }
                    }
                    policy.addScope(findById);
                }
            }
            Iterator it3 = new HashSet(policy.getScopes()).iterator();
            while (it3.hasNext()) {
                Scope scope2 = (Scope) it3.next();
                boolean z2 = false;
                for (String str2 : set) {
                    if (scope2.getId().equals(str2) || scope2.getName().equals(str2)) {
                        z2 = true;
                    }
                }
                if (!z2) {
                    policy.removeScope(scope2);
                }
            }
        }
        policy.removeConfig("scopes");
    }

    private static void updateAssociatedPolicies(Set<String> set, Policy policy, StoreFactory storeFactory) {
        ResourceServer resourceServer = policy.getResourceServer();
        if (set != null) {
            if (set.isEmpty()) {
                Iterator it = new HashSet(policy.getAssociatedPolicies()).iterator();
                while (it.hasNext()) {
                    policy.removeAssociatedPolicy((Policy) it.next());
                }
                return;
            }
            PolicyStore policyStore = storeFactory.getPolicyStore();
            for (String str : set) {
                boolean z = false;
                Iterator it2 = new HashSet(policy.getAssociatedPolicies()).iterator();
                while (it2.hasNext()) {
                    Policy policy2 = (Policy) it2.next();
                    if (policy2.getId().equals(str) || policy2.getName().equals(str)) {
                        z = true;
                    }
                }
                if (!z) {
                    Policy findById = policyStore.findById(str, resourceServer.getId());
                    if (findById == null) {
                        findById = policyStore.findByName(str, resourceServer.getId());
                        if (findById == null) {
                            throw new RuntimeException("Policy with id or name [" + str + "] does not exist");
                        }
                    }
                    policy.addAssociatedPolicy(findById);
                }
            }
            Iterator it3 = new HashSet(policy.getAssociatedPolicies()).iterator();
            while (it3.hasNext()) {
                Policy policy3 = (Policy) it3.next();
                boolean z2 = false;
                for (String str2 : set) {
                    if (policy3.getId().equals(str2) || policy3.getName().equals(str2)) {
                        z2 = true;
                    }
                }
                if (!z2) {
                    policy.removeAssociatedPolicy(policy3);
                }
            }
        }
        policy.removeConfig("applyPolicies");
    }

    private static void updateResources(Set<String> set, Policy policy, StoreFactory storeFactory) {
        if (set != null) {
            if (set.isEmpty()) {
                Iterator it = new HashSet(policy.getResources()).iterator();
                while (it.hasNext()) {
                    policy.removeResource((Resource) it.next());
                }
            }
            for (String str : set) {
                boolean z = false;
                Iterator it2 = new HashSet(policy.getResources()).iterator();
                while (it2.hasNext()) {
                    Resource resource = (Resource) it2.next();
                    if (resource.getId().equals(str) || resource.getName().equals(str)) {
                        z = true;
                    }
                }
                if (!z && !BrowserSecurityHeaders.CONTENT_SECURITY_POLICY_REPORT_ONLY_DEFAULT.equals(str)) {
                    Resource findById = storeFactory.getResourceStore().findById(str, policy.getResourceServer().getId());
                    if (findById == null) {
                        findById = storeFactory.getResourceStore().findByName(str, policy.getResourceServer().getId());
                        if (findById == null) {
                            throw new RuntimeException("Resource with id or name [" + str + "] does not exist or is not owned by the resource server");
                        }
                    }
                    policy.addResource(findById);
                }
            }
            Iterator it3 = new HashSet(policy.getResources()).iterator();
            while (it3.hasNext()) {
                Resource resource2 = (Resource) it3.next();
                boolean z2 = false;
                for (String str2 : set) {
                    if (resource2.getId().equals(str2) || resource2.getName().equals(str2)) {
                        z2 = true;
                    }
                }
                if (!z2) {
                    policy.removeResource(resource2);
                }
            }
        }
        policy.removeConfig("resources");
    }

    public static Resource toModel(ResourceRepresentation resourceRepresentation, ResourceServer resourceServer, AuthorizationProvider authorizationProvider) {
        ResourceStore resourceStore = authorizationProvider.getStoreFactory().getResourceStore();
        ResourceOwnerRepresentation owner = resourceRepresentation.getOwner();
        if (owner == null) {
            owner = new ResourceOwnerRepresentation();
            owner.setId(resourceServer.getId());
        }
        String id = owner.getId();
        if (id == null) {
            id = resourceServer.getId();
        }
        if (!resourceServer.getId().equals(id)) {
            RealmModel realm = authorizationProvider.getRealm();
            UserProvider users = authorizationProvider.getKeycloakSession().users();
            UserModel userById = users.getUserById(id, realm);
            if (userById == null) {
                userById = users.getUserByUsername(id, realm);
            }
            if (userById == null) {
                throw new RuntimeException("Owner must be a valid username or user identifier. If the resource server, the client id or null.");
            }
            id = userById.getId();
        }
        Resource findById = resourceRepresentation.getId() != null ? resourceStore.findById(resourceRepresentation.getId(), resourceServer.getId()) : resourceStore.findByName(resourceRepresentation.getName(), id, resourceServer.getId());
        if (findById == null) {
            Resource create = resourceStore.create(resourceRepresentation.getId(), resourceRepresentation.getName(), resourceServer, id);
            create.setDisplayName(resourceRepresentation.getDisplayName());
            create.setType(resourceRepresentation.getType());
            create.updateUris(resourceRepresentation.getUris());
            create.setIconUri(resourceRepresentation.getIconUri());
            create.setOwnerManagedAccess(Boolean.TRUE.equals(resourceRepresentation.getOwnerManagedAccess()));
            Set scopes = resourceRepresentation.getScopes();
            if (scopes != null) {
                create.updateScopes((Set) scopes.stream().map(scopeRepresentation -> {
                    return toModel(scopeRepresentation, resourceServer, authorizationProvider, false);
                }).collect(Collectors.toSet()));
            }
            Map attributes = resourceRepresentation.getAttributes();
            if (attributes != null) {
                for (Map.Entry entry : attributes.entrySet()) {
                    create.setAttribute((String) entry.getKey(), (List) entry.getValue());
                }
            }
            resourceRepresentation.setId(create.getId());
            return create;
        }
        findById.setName(resourceRepresentation.getName());
        findById.setDisplayName(resourceRepresentation.getDisplayName());
        findById.setType(resourceRepresentation.getType());
        findById.updateUris(resourceRepresentation.getUris());
        findById.setIconUri(resourceRepresentation.getIconUri());
        findById.setOwnerManagedAccess(Boolean.TRUE.equals(resourceRepresentation.getOwnerManagedAccess()));
        findById.updateScopes((Set) resourceRepresentation.getScopes().stream().map(scopeRepresentation2 -> {
            return toModel(scopeRepresentation2, resourceServer, authorizationProvider, false);
        }).collect(Collectors.toSet()));
        Map attributes2 = resourceRepresentation.getAttributes();
        if (attributes2 != null) {
            for (String str : findById.getAttributes().keySet()) {
                if (attributes2.containsKey(str)) {
                    findById.setAttribute(str, (List) attributes2.get(str));
                    attributes2.remove(str);
                } else {
                    findById.removeAttribute(str);
                }
            }
            for (String str2 : attributes2.keySet()) {
                findById.setAttribute(str2, (List) attributes2.get(str2));
            }
        }
        return findById;
    }

    public static Scope toModel(ScopeRepresentation scopeRepresentation, ResourceServer resourceServer, AuthorizationProvider authorizationProvider) {
        return toModel(scopeRepresentation, resourceServer, authorizationProvider, true);
    }

    public static Scope toModel(ScopeRepresentation scopeRepresentation, ResourceServer resourceServer, AuthorizationProvider authorizationProvider, boolean z) {
        ScopeStore scopeStore = authorizationProvider.getStoreFactory().getScopeStore();
        Scope findById = scopeRepresentation.getId() != null ? scopeStore.findById(scopeRepresentation.getId(), resourceServer.getId()) : scopeStore.findByName(scopeRepresentation.getName(), resourceServer.getId());
        if (findById != null) {
            if (z) {
                findById.setName(scopeRepresentation.getName());
                findById.setDisplayName(scopeRepresentation.getDisplayName());
                findById.setIconUri(scopeRepresentation.getIconUri());
            }
            return findById;
        }
        Scope create = scopeStore.create(scopeRepresentation.getId(), scopeRepresentation.getName(), resourceServer);
        create.setDisplayName(scopeRepresentation.getDisplayName());
        create.setIconUri(scopeRepresentation.getIconUri());
        scopeRepresentation.setId(create.getId());
        return create;
    }

    public static PermissionTicket toModel(PermissionTicketRepresentation permissionTicketRepresentation, String str, AuthorizationProvider authorizationProvider) {
        PermissionTicketStore permissionTicketStore = authorizationProvider.getStoreFactory().getPermissionTicketStore();
        PermissionTicket findById = permissionTicketStore.findById(permissionTicketRepresentation.getId(), str);
        boolean isGranted = permissionTicketRepresentation.isGranted();
        if (isGranted && !findById.isGranted()) {
            findById.setGrantedTimestamp(Long.valueOf(System.currentTimeMillis()));
        } else if (!isGranted) {
            permissionTicketStore.delete(findById.getId());
        }
        return findById;
    }

    public static void importFederatedUser(KeycloakSession keycloakSession, RealmModel realmModel, UserRepresentation userRepresentation) {
        UserFederatedStorageProvider userFederatedStorage = keycloakSession.userFederatedStorage();
        if (userRepresentation.getAttributes() != null) {
            for (Map.Entry entry : userRepresentation.getAttributes().entrySet()) {
                String str = (String) entry.getKey();
                List list = (List) entry.getValue();
                if (list != null) {
                    userFederatedStorage.setAttribute(realmModel, userRepresentation.getId(), str, new LinkedList(list));
                }
            }
        }
        if (userRepresentation.getRequiredActions() != null) {
            Iterator it = userRepresentation.getRequiredActions().iterator();
            while (it.hasNext()) {
                userFederatedStorage.addRequiredAction(realmModel, userRepresentation.getId(), (String) it.next());
            }
        }
        if (userRepresentation.getCredentials() != null) {
            Iterator it2 = userRepresentation.getCredentials().iterator();
            while (it2.hasNext()) {
                userFederatedStorage.createCredential(realmModel, userRepresentation.getId(), toModel((CredentialRepresentation) it2.next()));
            }
        }
        createFederatedRoleMappings(userFederatedStorage, userRepresentation, realmModel);
        if (userRepresentation.getGroups() != null) {
            for (String str2 : userRepresentation.getGroups()) {
                GroupModel findGroupByPath = KeycloakModelUtils.findGroupByPath(realmModel, str2);
                if (findGroupByPath == null) {
                    throw new RuntimeException("Unable to find group specified by path: " + str2);
                }
                userFederatedStorage.joinGroup(realmModel, userRepresentation.getId(), findGroupByPath);
            }
        }
        if (userRepresentation.getFederatedIdentities() != null) {
            for (FederatedIdentityRepresentation federatedIdentityRepresentation : userRepresentation.getFederatedIdentities()) {
                userFederatedStorage.addFederatedIdentity(realmModel, userRepresentation.getId(), new FederatedIdentityModel(federatedIdentityRepresentation.getIdentityProvider(), federatedIdentityRepresentation.getUserId(), federatedIdentityRepresentation.getUserName()));
            }
        }
        if (userRepresentation.getClientConsents() != null) {
            Iterator it3 = userRepresentation.getClientConsents().iterator();
            while (it3.hasNext()) {
                userFederatedStorage.addConsent(realmModel, userRepresentation.getId(), toModel(realmModel, (UserConsentRepresentation) it3.next()));
            }
        }
        if (userRepresentation.getNotBefore() != null) {
            userFederatedStorage.setNotBeforeForUser(realmModel, userRepresentation.getId(), userRepresentation.getNotBefore().intValue());
        }
    }

    public static void createFederatedRoleMappings(UserFederatedStorageProvider userFederatedStorageProvider, UserRepresentation userRepresentation, RealmModel realmModel) {
        if (userRepresentation.getRealmRoles() != null) {
            for (String str : userRepresentation.getRealmRoles()) {
                RoleModel role = realmModel.getRole(str.trim());
                if (role == null) {
                    role = realmModel.addRole(str.trim());
                }
                userFederatedStorageProvider.grantRole(realmModel, userRepresentation.getId(), role);
            }
        }
        if (userRepresentation.getClientRoles() != null) {
            for (Map.Entry entry : userRepresentation.getClientRoles().entrySet()) {
                ClientModel clientByClientId = realmModel.getClientByClientId((String) entry.getKey());
                if (clientByClientId == null) {
                    throw new RuntimeException("Unable to find client role mappings for client: " + ((String) entry.getKey()));
                }
                createFederatedClientRoleMappings(userFederatedStorageProvider, realmModel, clientByClientId, userRepresentation, (List) entry.getValue());
            }
        }
    }

    public static void createFederatedClientRoleMappings(UserFederatedStorageProvider userFederatedStorageProvider, RealmModel realmModel, ClientModel clientModel, UserRepresentation userRepresentation, List<String> list) {
        if (userRepresentation == null) {
            throw new RuntimeException("User not found");
        }
        for (String str : list) {
            RoleModel role = clientModel.getRole(str.trim());
            if (role == null) {
                role = clientModel.addRole(str.trim());
            }
            userFederatedStorageProvider.grantRole(realmModel, userRepresentation.getId(), role);
        }
    }

    public static Map<String, String> removeEmptyString(Map<String, String> map) {
        if (map == null) {
            return null;
        }
        HashMap hashMap = new HashMap(map);
        Iterator it = hashMap.entrySet().iterator();
        while (it.hasNext()) {
            Map.Entry entry = (Map.Entry) it.next();
            if (entry.getValue() == null || ((String) entry.getValue()).equals(BrowserSecurityHeaders.CONTENT_SECURITY_POLICY_REPORT_ONLY_DEFAULT)) {
                it.remove();
            }
        }
        return hashMap;
    }

    public static ResourceServer createResourceServer(ClientModel clientModel, KeycloakSession keycloakSession, boolean z) {
        if ((clientModel.isBearerOnly() || clientModel.isPublicClient()) && !clientModel.getClientId().equals(Config.getAdminRealm() + "-realm") && !clientModel.getClientId().equals(Constants.REALM_MANAGEMENT_CLIENT_ID)) {
            throw new RuntimeException("Only confidential clients are allowed to set authorization settings");
        }
        AuthorizationProvider authorizationProvider = (AuthorizationProvider) keycloakSession.getProvider(AuthorizationProvider.class);
        UserModel serviceAccount = keycloakSession.users().getServiceAccount(clientModel);
        if (serviceAccount == null) {
            clientModel.setServiceAccountsEnabled(true);
        }
        if (z) {
            RoleModel role = clientModel.getRole(Constants.AUTHZ_UMA_PROTECTION);
            if (role == null) {
                role = clientModel.addRole(Constants.AUTHZ_UMA_PROTECTION);
            }
            if (serviceAccount != null) {
                serviceAccount.grantRole(role);
            }
        }
        ResourceServerRepresentation resourceServerRepresentation = new ResourceServerRepresentation();
        resourceServerRepresentation.setAllowRemoteResourceManagement(true);
        resourceServerRepresentation.setClientId(clientModel.getId());
        return toModel(resourceServerRepresentation, authorizationProvider);
    }
}
