package org.keycloak.models.jpa;

import freemarker.debug.DebugModel;
import java.io.IOException;
import java.io.StringWriter;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.persistence.EntityManager;
import javax.persistence.TypedQuery;
import org.bouncycastle.openssl.PEMWriter;
import org.keycloak.PemUtils;
import org.keycloak.models.ApplicationModel;
import org.keycloak.models.OAuthClientModel;
import org.keycloak.models.PasswordPolicy;
import org.keycloak.models.RealmModel;
import org.keycloak.models.RequiredCredentialModel;
import org.keycloak.models.RoleModel;
import org.keycloak.models.SocialLinkModel;
import org.keycloak.models.UserCredentialModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.jpa.entities.ApplicationEntity;
import org.keycloak.models.jpa.entities.ApplicationScopeMappingEntity;
import org.keycloak.models.jpa.entities.ApplicationUserRoleMappingEntity;
import org.keycloak.models.jpa.entities.CredentialEntity;
import org.keycloak.models.jpa.entities.OAuthClientEntity;
import org.keycloak.models.jpa.entities.RealmEntity;
import org.keycloak.models.jpa.entities.RealmScopeMappingEntity;
import org.keycloak.models.jpa.entities.RealmUserRoleMappingEntity;
import org.keycloak.models.jpa.entities.RequiredCredentialEntity;
import org.keycloak.models.jpa.entities.RoleEntity;
import org.keycloak.models.jpa.entities.SocialLinkEntity;
import org.keycloak.models.jpa.entities.UserEntity;
import org.keycloak.models.utils.SHAPasswordEncoder;
import org.keycloak.models.utils.TimeBasedOTP;
import twitter4j.conf.PropertyConfiguration;

/* loaded from: input_file:WEB-INF/lib/keycloak-model-jpa-1.0-alpha-1-12062013.jar:org/keycloak/models/jpa/RealmAdapter.class */
public class RealmAdapter implements RealmModel {
    protected RealmEntity realm;
    protected EntityManager em;
    protected volatile transient PublicKey publicKey;
    protected volatile transient PrivateKey privateKey;
    private PasswordPolicy passwordPolicy;

    public RealmAdapter(EntityManager entityManager, RealmEntity realmEntity) {
        this.em = entityManager;
        this.realm = realmEntity;
    }

    @Override // org.keycloak.models.RealmModel
    public String getId() {
        return this.realm.getId();
    }

    @Override // org.keycloak.models.RealmModel
    public String getName() {
        return this.realm.getName();
    }

    @Override // org.keycloak.models.RealmModel
    public void setName(String str) {
        this.realm.setName(str);
        this.em.flush();
    }

    @Override // org.keycloak.models.RealmModel
    public boolean isEnabled() {
        return this.realm.isEnabled();
    }

    @Override // org.keycloak.models.RealmModel
    public void setEnabled(boolean z) {
        this.realm.setEnabled(z);
        this.em.flush();
    }

    @Override // org.keycloak.models.RealmModel
    public boolean isSslNotRequired() {
        return this.realm.isSslNotRequired();
    }

    @Override // org.keycloak.models.RealmModel
    public void setSslNotRequired(boolean z) {
        this.realm.setSslNotRequired(z);
        this.em.flush();
    }

    @Override // org.keycloak.models.RealmModel
    public boolean isCookieLoginAllowed() {
        return this.realm.isCookieLoginAllowed();
    }

    @Override // org.keycloak.models.RealmModel
    public void setCookieLoginAllowed(boolean z) {
        this.realm.setCookieLoginAllowed(z);
        this.em.flush();
    }

    @Override // org.keycloak.models.RealmModel
    public boolean isRegistrationAllowed() {
        return this.realm.isRegistrationAllowed();
    }

    @Override // org.keycloak.models.RealmModel
    public void setRegistrationAllowed(boolean z) {
        this.realm.setRegistrationAllowed(z);
        this.em.flush();
    }

    @Override // org.keycloak.models.RealmModel
    public boolean isVerifyEmail() {
        return this.realm.isVerifyEmail();
    }

    @Override // org.keycloak.models.RealmModel
    public void setVerifyEmail(boolean z) {
        this.realm.setVerifyEmail(z);
        this.em.flush();
    }

    @Override // org.keycloak.models.RealmModel
    public boolean isResetPasswordAllowed() {
        return this.realm.isResetPasswordAllowed();
    }

    @Override // org.keycloak.models.RealmModel
    public void setResetPasswordAllowed(boolean z) {
        this.realm.setResetPasswordAllowed(z);
        this.em.flush();
    }

    @Override // org.keycloak.models.RealmModel
    public int getTokenLifespan() {
        return this.realm.getTokenLifespan();
    }

    @Override // org.keycloak.models.RealmModel
    public void setTokenLifespan(int i) {
        this.realm.setTokenLifespan(i);
        this.em.flush();
    }

    @Override // org.keycloak.models.RealmModel
    public int getAccessCodeLifespan() {
        return this.realm.getAccessCodeLifespan();
    }

    @Override // org.keycloak.models.RealmModel
    public void setAccessCodeLifespan(int i) {
        this.realm.setAccessCodeLifespan(i);
        this.em.flush();
    }

    @Override // org.keycloak.models.RealmModel
    public int getAccessCodeLifespanUserAction() {
        return this.realm.getAccessCodeLifespanUserAction();
    }

    @Override // org.keycloak.models.RealmModel
    public void setAccessCodeLifespanUserAction(int i) {
        this.realm.setAccessCodeLifespanUserAction(i);
        this.em.flush();
    }

    @Override // org.keycloak.models.RealmModel
    public String getPublicKeyPem() {
        return this.realm.getPublicKeyPem();
    }

    @Override // org.keycloak.models.RealmModel
    public void setPublicKeyPem(String str) {
        this.realm.setPublicKeyPem(str);
        this.em.flush();
    }

    @Override // org.keycloak.models.RealmModel
    public String getPrivateKeyPem() {
        return this.realm.getPrivateKeyPem();
    }

    @Override // org.keycloak.models.RealmModel
    public void setPrivateKeyPem(String str) {
        this.realm.setPrivateKeyPem(str);
        this.em.flush();
    }

    @Override // org.keycloak.models.RealmModel
    public PublicKey getPublicKey() {
        if (this.publicKey != null) {
            return this.publicKey;
        }
        String publicKeyPem = getPublicKeyPem();
        if (publicKeyPem != null) {
            try {
                this.publicKey = PemUtils.decodePublicKey(publicKeyPem);
            } catch (Exception e) {
                throw new RuntimeException(e);
            }
        }
        return this.publicKey;
    }

    @Override // org.keycloak.models.RealmModel
    public void setPublicKey(PublicKey publicKey) {
        this.publicKey = publicKey;
        StringWriter stringWriter = new StringWriter();
        PEMWriter pEMWriter = new PEMWriter(stringWriter);
        try {
            pEMWriter.writeObject(publicKey);
            pEMWriter.flush();
            setPublicKeyPem(PemUtils.removeBeginEnd(stringWriter.toString()));
        } catch (IOException e) {
            throw new RuntimeException(e);
        }
    }

    @Override // org.keycloak.models.RealmModel
    public PrivateKey getPrivateKey() {
        if (this.privateKey != null) {
            return this.privateKey;
        }
        String privateKeyPem = getPrivateKeyPem();
        if (privateKeyPem != null) {
            try {
                this.privateKey = PemUtils.decodePrivateKey(privateKeyPem);
            } catch (Exception e) {
                throw new RuntimeException(e);
            }
        }
        return this.privateKey;
    }

    @Override // org.keycloak.models.RealmModel
    public void setPrivateKey(PrivateKey privateKey) {
        this.privateKey = privateKey;
        StringWriter stringWriter = new StringWriter();
        PEMWriter pEMWriter = new PEMWriter(stringWriter);
        try {
            pEMWriter.writeObject(privateKey);
            pEMWriter.flush();
            setPrivateKeyPem(PemUtils.removeBeginEnd(stringWriter.toString()));
        } catch (IOException e) {
            throw new RuntimeException(e);
        }
    }

    protected RequiredCredentialModel initRequiredCredentialModel(String str) {
        RequiredCredentialModel requiredCredentialModel = RequiredCredentialModel.BUILT_IN.get(str);
        if (requiredCredentialModel == null) {
            throw new RuntimeException("Unknown credential type " + str);
        }
        return requiredCredentialModel;
    }

    @Override // org.keycloak.models.RealmModel
    public void addRequiredCredential(String str) {
        addRequiredCredential(initRequiredCredentialModel(str));
        this.em.flush();
    }

    public void addRequiredCredential(RequiredCredentialModel requiredCredentialModel) {
        RequiredCredentialEntity requiredCredentialEntity = new RequiredCredentialEntity();
        requiredCredentialEntity.setInput(requiredCredentialModel.isInput());
        requiredCredentialEntity.setSecret(requiredCredentialModel.isSecret());
        requiredCredentialEntity.setType(requiredCredentialModel.getType());
        requiredCredentialEntity.setFormLabel(requiredCredentialModel.getFormLabel());
        this.em.persist(requiredCredentialEntity);
        this.realm.getRequiredCredentials().add(requiredCredentialEntity);
        this.em.flush();
    }

    @Override // org.keycloak.models.RealmModel
    public void updateRequiredCredentials(Set<String> set) {
        Collection<RequiredCredentialEntity> requiredCredentials = this.realm.getRequiredCredentials();
        if (requiredCredentials == null) {
            requiredCredentials = new ArrayList();
        }
        HashSet hashSet = new HashSet();
        ArrayList<RequiredCredentialEntity> arrayList = new ArrayList();
        for (RequiredCredentialEntity requiredCredentialEntity : requiredCredentials) {
            if (set.contains(requiredCredentialEntity.getType())) {
                hashSet.add(requiredCredentialEntity.getType());
            } else {
                arrayList.add(requiredCredentialEntity);
            }
        }
        for (RequiredCredentialEntity requiredCredentialEntity2 : arrayList) {
            requiredCredentials.remove(requiredCredentialEntity2);
            this.em.remove(requiredCredentialEntity2);
        }
        for (String str : set) {
            if (!hashSet.contains(str)) {
                addRequiredCredential(str);
            }
        }
        this.em.flush();
    }

    @Override // org.keycloak.models.RealmModel
    public List<RequiredCredentialModel> getRequiredCredentials() {
        ArrayList arrayList = new ArrayList();
        Collection<RequiredCredentialEntity> requiredCredentials = this.realm.getRequiredCredentials();
        if (requiredCredentials == null) {
            return arrayList;
        }
        for (RequiredCredentialEntity requiredCredentialEntity : requiredCredentials) {
            RequiredCredentialModel requiredCredentialModel = new RequiredCredentialModel();
            requiredCredentialModel.setFormLabel(requiredCredentialEntity.getFormLabel());
            requiredCredentialModel.setType(requiredCredentialEntity.getType());
            requiredCredentialModel.setSecret(requiredCredentialEntity.isSecret());
            requiredCredentialModel.setInput(requiredCredentialEntity.isInput());
            arrayList.add(requiredCredentialModel);
        }
        return arrayList;
    }

    @Override // org.keycloak.models.RealmModel
    public List<RequiredCredentialModel> getRequiredApplicationCredentials() {
        ArrayList arrayList = new ArrayList();
        Collection<RequiredCredentialEntity> requiredApplicationCredentials = this.realm.getRequiredApplicationCredentials();
        if (requiredApplicationCredentials == null) {
            return arrayList;
        }
        for (RequiredCredentialEntity requiredCredentialEntity : requiredApplicationCredentials) {
            RequiredCredentialModel requiredCredentialModel = new RequiredCredentialModel();
            requiredCredentialModel.setFormLabel(requiredCredentialEntity.getFormLabel());
            requiredCredentialModel.setType(requiredCredentialEntity.getType());
            requiredCredentialModel.setSecret(requiredCredentialEntity.isSecret());
            requiredCredentialModel.setInput(requiredCredentialEntity.isInput());
            arrayList.add(requiredCredentialModel);
        }
        return arrayList;
    }

    @Override // org.keycloak.models.RealmModel
    public List<RequiredCredentialModel> getRequiredOAuthClientCredentials() {
        ArrayList arrayList = new ArrayList();
        Collection<RequiredCredentialEntity> requiredOAuthClientCredentials = this.realm.getRequiredOAuthClientCredentials();
        if (requiredOAuthClientCredentials == null) {
            return arrayList;
        }
        for (RequiredCredentialEntity requiredCredentialEntity : requiredOAuthClientCredentials) {
            RequiredCredentialModel requiredCredentialModel = new RequiredCredentialModel();
            requiredCredentialModel.setFormLabel(requiredCredentialEntity.getFormLabel());
            requiredCredentialModel.setType(requiredCredentialEntity.getType());
            requiredCredentialModel.setSecret(requiredCredentialEntity.isSecret());
            requiredCredentialModel.setInput(requiredCredentialEntity.isInput());
            arrayList.add(requiredCredentialModel);
        }
        return arrayList;
    }

    public void addRequiredOAuthClientCredential(RequiredCredentialModel requiredCredentialModel) {
        RequiredCredentialEntity requiredCredentialEntity = new RequiredCredentialEntity();
        requiredCredentialEntity.setInput(requiredCredentialModel.isInput());
        requiredCredentialEntity.setSecret(requiredCredentialModel.isSecret());
        requiredCredentialEntity.setType(requiredCredentialModel.getType());
        requiredCredentialEntity.setFormLabel(requiredCredentialModel.getFormLabel());
        this.em.persist(requiredCredentialEntity);
        this.realm.getRequiredOAuthClientCredentials().add(requiredCredentialEntity);
        this.em.flush();
    }

    @Override // org.keycloak.models.RealmModel
    public void addRequiredOAuthClientCredential(String str) {
        addRequiredOAuthClientCredential(initRequiredCredentialModel(str));
        this.em.flush();
    }

    public void addRequiredResourceCredential(RequiredCredentialModel requiredCredentialModel) {
        RequiredCredentialEntity requiredCredentialEntity = new RequiredCredentialEntity();
        requiredCredentialEntity.setInput(requiredCredentialModel.isInput());
        requiredCredentialEntity.setSecret(requiredCredentialModel.isSecret());
        requiredCredentialEntity.setType(requiredCredentialModel.getType());
        requiredCredentialEntity.setFormLabel(requiredCredentialModel.getFormLabel());
        this.em.persist(requiredCredentialEntity);
        this.realm.getRequiredApplicationCredentials().add(requiredCredentialEntity);
        this.em.flush();
    }

    @Override // org.keycloak.models.RealmModel
    public void addRequiredResourceCredential(String str) {
        addRequiredResourceCredential(initRequiredCredentialModel(str));
        this.em.flush();
    }

    @Override // org.keycloak.models.RealmModel
    public void updateRequiredOAuthClientCredentials(Set<String> set) {
        Collection<RequiredCredentialEntity> requiredOAuthClientCredentials = this.realm.getRequiredOAuthClientCredentials();
        if (requiredOAuthClientCredentials == null) {
            requiredOAuthClientCredentials = new ArrayList();
        }
        HashSet hashSet = new HashSet();
        ArrayList<RequiredCredentialEntity> arrayList = new ArrayList();
        for (RequiredCredentialEntity requiredCredentialEntity : requiredOAuthClientCredentials) {
            if (set.contains(requiredCredentialEntity.getType())) {
                hashSet.add(requiredCredentialEntity.getType());
            } else {
                arrayList.add(requiredCredentialEntity);
            }
        }
        for (RequiredCredentialEntity requiredCredentialEntity2 : arrayList) {
            requiredOAuthClientCredentials.remove(requiredCredentialEntity2);
            this.em.remove(requiredCredentialEntity2);
        }
        for (String str : set) {
            if (!hashSet.contains(str)) {
                addRequiredOAuthClientCredential(str);
            }
        }
        this.em.flush();
    }

    @Override // org.keycloak.models.RealmModel
    public void updateRequiredApplicationCredentials(Set<String> set) {
        Collection<RequiredCredentialEntity> requiredApplicationCredentials = this.realm.getRequiredApplicationCredentials();
        if (requiredApplicationCredentials == null) {
            requiredApplicationCredentials = new ArrayList();
        }
        HashSet hashSet = new HashSet();
        ArrayList<RequiredCredentialEntity> arrayList = new ArrayList();
        for (RequiredCredentialEntity requiredCredentialEntity : requiredApplicationCredentials) {
            if (set.contains(requiredCredentialEntity.getType())) {
                hashSet.add(requiredCredentialEntity.getType());
            } else {
                arrayList.add(requiredCredentialEntity);
            }
        }
        for (RequiredCredentialEntity requiredCredentialEntity2 : arrayList) {
            requiredApplicationCredentials.remove(requiredCredentialEntity2);
            this.em.remove(requiredCredentialEntity2);
        }
        for (String str : set) {
            if (!hashSet.contains(str)) {
                addRequiredResourceCredential(str);
            }
        }
        this.em.flush();
    }

    @Override // org.keycloak.models.RealmModel
    public UserModel getUser(String str) {
        TypedQuery createNamedQuery = this.em.createNamedQuery("getRealmUserByLoginName", UserEntity.class);
        createNamedQuery.setParameter("loginName", str);
        createNamedQuery.setParameter("realm", this.realm);
        List resultList = createNamedQuery.getResultList();
        if (resultList.size() == 0) {
            return null;
        }
        return new UserAdapter((UserEntity) resultList.get(0));
    }

    @Override // org.keycloak.models.RealmModel
    public UserModel addUser(String str) {
        UserEntity userEntity = new UserEntity();
        userEntity.setLoginName(str);
        userEntity.setRealm(this.realm);
        this.em.persist(userEntity);
        this.em.flush();
        return new UserAdapter(userEntity);
    }

    @Override // org.keycloak.models.RealmModel
    public boolean removeUser(String str) {
        TypedQuery createNamedQuery = this.em.createNamedQuery("getRealmUserByLoginName", UserEntity.class);
        createNamedQuery.setParameter("loginName", str);
        createNamedQuery.setParameter("realm", this.realm);
        List resultList = createNamedQuery.getResultList();
        if (resultList.size() == 0) {
            return false;
        }
        removeUser((UserEntity) resultList.get(0));
        return true;
    }

    private void removeUser(UserEntity userEntity) {
        this.em.createQuery("delete from " + ApplicationScopeMappingEntity.class.getSimpleName() + " where user = :user").setParameter(PropertyConfiguration.USER, userEntity).executeUpdate();
        this.em.createQuery("delete from " + ApplicationUserRoleMappingEntity.class.getSimpleName() + " where user = :user").setParameter(PropertyConfiguration.USER, userEntity).executeUpdate();
        this.em.createQuery("delete from " + RealmScopeMappingEntity.class.getSimpleName() + " where user = :user").setParameter(PropertyConfiguration.USER, userEntity).executeUpdate();
        this.em.createQuery("delete from " + RealmUserRoleMappingEntity.class.getSimpleName() + " where user = :user").setParameter(PropertyConfiguration.USER, userEntity).executeUpdate();
        this.em.createQuery("delete from " + SocialLinkEntity.class.getSimpleName() + " where user = :user").setParameter(PropertyConfiguration.USER, userEntity).executeUpdate();
        this.em.remove(userEntity);
    }

    @Override // org.keycloak.models.RealmModel
    public List<String> getDefaultRoles() {
        Collection<RoleEntity> defaultRoles = this.realm.getDefaultRoles();
        ArrayList arrayList = new ArrayList();
        if (defaultRoles == null) {
            return arrayList;
        }
        Iterator<RoleEntity> it = defaultRoles.iterator();
        while (it.hasNext()) {
            arrayList.add(it.next().getName());
        }
        return arrayList;
    }

    @Override // org.keycloak.models.RealmModel
    public void addDefaultRole(String str) {
        RoleModel role = getRole(str);
        if (role == null) {
            role = addRole(str);
        }
        Collection<RoleEntity> defaultRoles = this.realm.getDefaultRoles();
        Iterator<RoleEntity> it = defaultRoles.iterator();
        while (it.hasNext()) {
            if (it.next().getId().equals(role.getId())) {
                return;
            }
        }
        defaultRoles.add(((RoleAdapter) role).getRole());
        this.em.flush();
    }

    public static boolean contains(String str, String[] strArr) {
        for (String str2 : strArr) {
            if (str.equals(str2)) {
                return true;
            }
        }
        return false;
    }

    @Override // org.keycloak.models.RealmModel
    public void updateDefaultRoles(String[] strArr) {
        Collection<RoleEntity> defaultRoles = this.realm.getDefaultRoles();
        HashSet hashSet = new HashSet();
        ArrayList arrayList = new ArrayList();
        for (RoleEntity roleEntity : defaultRoles) {
            if (contains(roleEntity.getName(), strArr)) {
                hashSet.add(roleEntity.getName());
            } else {
                arrayList.add(roleEntity);
            }
        }
        Iterator it = arrayList.iterator();
        while (it.hasNext()) {
            defaultRoles.remove((RoleEntity) it.next());
        }
        this.em.flush();
        for (String str : strArr) {
            if (!hashSet.contains(str)) {
                addDefaultRole(str);
            }
        }
        this.em.flush();
    }

    @Override // org.keycloak.models.RealmModel
    public Map<String, ApplicationModel> getApplicationNameMap() {
        HashMap hashMap = new HashMap();
        for (ApplicationModel applicationModel : getApplications()) {
            hashMap.put(applicationModel.getName(), applicationModel);
        }
        return hashMap;
    }

    @Override // org.keycloak.models.RealmModel
    public List<ApplicationModel> getApplications() {
        ArrayList arrayList = new ArrayList();
        if (this.realm.getApplications() == null) {
            return arrayList;
        }
        Iterator<ApplicationEntity> it = this.realm.getApplications().iterator();
        while (it.hasNext()) {
            arrayList.add(new ApplicationAdapter(this.em, it.next()));
        }
        return arrayList;
    }

    @Override // org.keycloak.models.RealmModel
    public ApplicationModel addApplication(String str) {
        ApplicationEntity applicationEntity = new ApplicationEntity();
        UserEntity userEntity = new UserEntity();
        userEntity.setLoginName(str);
        userEntity.setRealm(this.realm);
        userEntity.setEnabled(true);
        this.em.persist(userEntity);
        applicationEntity.setApplicationUser(userEntity);
        applicationEntity.setName(str);
        applicationEntity.setEnabled(true);
        this.realm.getApplications().add(applicationEntity);
        this.em.persist(applicationEntity);
        this.em.flush();
        ApplicationAdapter applicationAdapter = new ApplicationAdapter(this.em, applicationEntity);
        this.em.flush();
        return applicationAdapter;
    }

    @Override // org.keycloak.models.RealmModel
    public boolean removeApplication(String str) {
        ApplicationEntity applicationEntity = null;
        for (ApplicationEntity applicationEntity2 : this.realm.getApplications()) {
            if (applicationEntity2.getId().equals(str)) {
                applicationEntity = applicationEntity2;
            }
        }
        if (applicationEntity == null) {
            return false;
        }
        this.realm.getApplications().remove(applicationEntity);
        this.em.createQuery("delete from " + ApplicationScopeMappingEntity.class.getSimpleName() + " where application = :application").setParameter("application", applicationEntity).executeUpdate();
        this.em.createQuery("delete from " + ApplicationUserRoleMappingEntity.class.getSimpleName() + " where application = :application").setParameter("application", applicationEntity).executeUpdate();
        this.em.createQuery("delete from " + ApplicationScopeMappingEntity.class.getSimpleName() + " where user = :user").setParameter(PropertyConfiguration.USER, applicationEntity.getApplicationUser()).executeUpdate();
        this.em.createQuery("delete from " + RealmScopeMappingEntity.class.getSimpleName() + " where user = :user").setParameter(PropertyConfiguration.USER, applicationEntity.getApplicationUser()).executeUpdate();
        this.em.createQuery("delete from " + ApplicationUserRoleMappingEntity.class.getSimpleName() + " where user = :user").setParameter(PropertyConfiguration.USER, applicationEntity.getApplicationUser()).executeUpdate();
        this.em.createQuery("delete from " + RealmUserRoleMappingEntity.class.getSimpleName() + " where user = :user").setParameter(PropertyConfiguration.USER, applicationEntity.getApplicationUser()).executeUpdate();
        removeUser(applicationEntity.getApplicationUser());
        this.em.remove(applicationEntity);
        return true;
    }

    @Override // org.keycloak.models.RealmModel
    public ApplicationModel getApplicationById(String str) {
        ApplicationEntity applicationEntity = (ApplicationEntity) this.em.find(ApplicationEntity.class, str);
        if (applicationEntity == null) {
            return null;
        }
        return new ApplicationAdapter(this.em, applicationEntity);
    }

    @Override // org.keycloak.models.RealmModel
    public UserModel getUserBySocialLink(SocialLinkModel socialLinkModel) {
        TypedQuery createNamedQuery = this.em.createNamedQuery("findUserByLinkAndRealm", UserEntity.class);
        createNamedQuery.setParameter("realm", this.realm);
        createNamedQuery.setParameter("socialProvider", socialLinkModel.getSocialProvider());
        createNamedQuery.setParameter("socialUsername", socialLinkModel.getSocialUsername());
        List resultList = createNamedQuery.getResultList();
        if (resultList.isEmpty()) {
            return null;
        }
        if (resultList.size() > 1) {
            throw new IllegalStateException("More results found for socialProvider=" + socialLinkModel.getSocialProvider() + ", socialUsername=" + socialLinkModel.getSocialUsername() + ", results=" + resultList);
        }
        return new UserAdapter((UserEntity) resultList.get(0));
    }

    @Override // org.keycloak.models.RealmModel
    public Set<SocialLinkModel> getSocialLinks(UserModel userModel) {
        TypedQuery createNamedQuery = this.em.createNamedQuery("findSocialLinkByUser", SocialLinkEntity.class);
        createNamedQuery.setParameter(PropertyConfiguration.USER, ((UserAdapter) userModel).getUser());
        List<SocialLinkEntity> resultList = createNamedQuery.getResultList();
        HashSet hashSet = new HashSet();
        for (SocialLinkEntity socialLinkEntity : resultList) {
            hashSet.add(new SocialLinkModel(socialLinkEntity.getSocialProvider(), socialLinkEntity.getSocialUsername()));
        }
        return hashSet;
    }

    @Override // org.keycloak.models.RealmModel
    public void addSocialLink(UserModel userModel, SocialLinkModel socialLinkModel) {
        SocialLinkEntity socialLinkEntity = new SocialLinkEntity();
        socialLinkEntity.setRealm(this.realm);
        socialLinkEntity.setSocialProvider(socialLinkModel.getSocialProvider());
        socialLinkEntity.setSocialUsername(socialLinkModel.getSocialUsername());
        socialLinkEntity.setUser(((UserAdapter) userModel).getUser());
        this.em.persist(socialLinkEntity);
        this.em.flush();
    }

    @Override // org.keycloak.models.RealmModel
    public void removeSocialLink(UserModel userModel, SocialLinkModel socialLinkModel) {
        TypedQuery createNamedQuery = this.em.createNamedQuery("findSocialLinkByAll", SocialLinkEntity.class);
        createNamedQuery.setParameter("realm", this.realm);
        createNamedQuery.setParameter(PropertyConfiguration.USER, ((UserAdapter) userModel).getUser());
        createNamedQuery.setParameter("socialProvider", socialLinkModel.getSocialProvider());
        createNamedQuery.setParameter("socialUsername", socialLinkModel.getSocialUsername());
        Iterator it = createNamedQuery.getResultList().iterator();
        while (it.hasNext()) {
            this.em.remove((SocialLinkEntity) it.next());
        }
        this.em.flush();
    }

    @Override // org.keycloak.models.RealmModel
    public boolean isSocial() {
        return this.realm.isSocial();
    }

    @Override // org.keycloak.models.RealmModel
    public void setSocial(boolean z) {
        this.realm.setSocial(z);
        this.em.flush();
    }

    @Override // org.keycloak.models.RealmModel
    public boolean isAutomaticRegistrationAfterSocialLogin() {
        return this.realm.isAutomaticRegistrationAfterSocialLogin();
    }

    @Override // org.keycloak.models.RealmModel
    public void setAutomaticRegistrationAfterSocialLogin(boolean z) {
        this.realm.setAutomaticRegistrationAfterSocialLogin(z);
        this.em.flush();
    }

    @Override // org.keycloak.models.RealmModel
    public List<UserModel> searchForUser(String str) {
        TypedQuery createQuery = this.em.createQuery("select u from UserEntity u where u.realm = :realm and lower(u.loginName) like :search or lower(concat(u.firstName, ' ', u.lastName)) like :search or u.email like :search", UserEntity.class);
        createQuery.setParameter("realm", this.realm);
        createQuery.setParameter("search", "%" + str.toLowerCase() + "%");
        List resultList = createQuery.getResultList();
        ArrayList arrayList = new ArrayList();
        Iterator it = resultList.iterator();
        while (it.hasNext()) {
            arrayList.add(new UserAdapter((UserEntity) it.next()));
        }
        return arrayList;
    }

    @Override // org.keycloak.models.RealmModel
    public List<UserModel> searchForUserByAttributes(Map<String, String> map) {
        StringBuilder sb = new StringBuilder("select u from UserEntity u");
        boolean z = true;
        for (Map.Entry<String, String> entry : map.entrySet()) {
            String str = null;
            if (entry.getKey().equals("username")) {
                str = "lower(loginName)";
            } else if (entry.getKey().equalsIgnoreCase(UserModel.FIRST_NAME)) {
                str = "lower(firstName)";
            } else if (entry.getKey().equalsIgnoreCase(UserModel.LAST_NAME)) {
                str = "lower(lastName)";
            } else if (entry.getKey().equalsIgnoreCase(UserModel.EMAIL)) {
                str = "lower(email)";
            }
            if (str != null) {
                if (z) {
                    z = false;
                    sb.append(" where ");
                } else {
                    sb.append(" and ");
                }
                sb.append(str).append(" like '%").append(entry.getValue().toLowerCase()).append("%'");
            }
        }
        List resultList = this.em.createQuery(sb.toString(), UserEntity.class).getResultList();
        ArrayList arrayList = new ArrayList();
        Iterator it = resultList.iterator();
        while (it.hasNext()) {
            arrayList.add(new UserAdapter((UserEntity) it.next()));
        }
        return arrayList;
    }

    @Override // org.keycloak.models.RealmModel
    public OAuthClientModel addOAuthClient(String str) {
        OAuthClientEntity oAuthClientEntity = new OAuthClientEntity();
        UserEntity userEntity = new UserEntity();
        userEntity.setLoginName(str);
        userEntity.setRealm(this.realm);
        userEntity.setEnabled(true);
        this.em.persist(userEntity);
        oAuthClientEntity.setAgent(userEntity);
        oAuthClientEntity.setName(str);
        oAuthClientEntity.setRealm(this.realm);
        this.em.persist(oAuthClientEntity);
        this.em.flush();
        return new OAuthClientAdapter(oAuthClientEntity);
    }

    @Override // org.keycloak.models.RealmModel
    public boolean removeOAuthClient(String str) {
        OAuthClientEntity oAuthClientEntity = (OAuthClientEntity) this.em.find(OAuthClientEntity.class, str);
        this.em.createQuery("delete from " + ApplicationScopeMappingEntity.class.getSimpleName() + " where user = :user").setParameter(PropertyConfiguration.USER, oAuthClientEntity.getAgent()).executeUpdate();
        this.em.createQuery("delete from " + RealmScopeMappingEntity.class.getSimpleName() + " where user = :user").setParameter(PropertyConfiguration.USER, oAuthClientEntity.getAgent()).executeUpdate();
        this.em.createQuery("delete from " + ApplicationUserRoleMappingEntity.class.getSimpleName() + " where user = :user").setParameter(PropertyConfiguration.USER, oAuthClientEntity.getAgent()).executeUpdate();
        this.em.createQuery("delete from " + RealmUserRoleMappingEntity.class.getSimpleName() + " where user = :user").setParameter(PropertyConfiguration.USER, oAuthClientEntity.getAgent()).executeUpdate();
        removeUser(oAuthClientEntity.getAgent());
        this.em.remove(oAuthClientEntity);
        return true;
    }

    @Override // org.keycloak.models.RealmModel
    public OAuthClientModel getOAuthClient(String str) {
        TypedQuery createNamedQuery = this.em.createNamedQuery("findOAuthClientByUser", OAuthClientEntity.class);
        createNamedQuery.setParameter("name", str);
        createNamedQuery.setParameter("realm", this.realm);
        List resultList = createNamedQuery.getResultList();
        if (resultList.size() == 0) {
            return null;
        }
        return new OAuthClientAdapter((OAuthClientEntity) resultList.get(0));
    }

    @Override // org.keycloak.models.RealmModel
    public OAuthClientModel getOAuthClientById(String str) {
        OAuthClientEntity oAuthClientEntity = (OAuthClientEntity) this.em.find(OAuthClientEntity.class, str);
        if (oAuthClientEntity == null) {
            return null;
        }
        return new OAuthClientAdapter(oAuthClientEntity);
    }

    @Override // org.keycloak.models.RealmModel
    public List<OAuthClientModel> getOAuthClients() {
        TypedQuery createNamedQuery = this.em.createNamedQuery("findOAuthClientByRealm", OAuthClientEntity.class);
        createNamedQuery.setParameter("realm", this.realm);
        List resultList = createNamedQuery.getResultList();
        ArrayList arrayList = new ArrayList();
        Iterator it = resultList.iterator();
        while (it.hasNext()) {
            arrayList.add(new OAuthClientAdapter((OAuthClientEntity) it.next()));
        }
        return arrayList;
    }

    @Override // org.keycloak.models.RealmModel
    public Map<String, String> getSmtpConfig() {
        return this.realm.getSmtpConfig();
    }

    @Override // org.keycloak.models.RealmModel
    public void setSmtpConfig(Map<String, String> map) {
        this.realm.setSmtpConfig(map);
        this.em.flush();
    }

    @Override // org.keycloak.models.RealmModel
    public Map<String, String> getSocialConfig() {
        return this.realm.getSocialConfig();
    }

    @Override // org.keycloak.models.RealmModel
    public void setSocialConfig(Map<String, String> map) {
        this.realm.setSocialConfig(map);
        this.em.flush();
    }

    @Override // org.keycloak.models.RoleContainerModel
    public RoleModel getRole(String str) {
        Collection<RoleEntity> roles = this.realm.getRoles();
        if (roles == null) {
            return null;
        }
        for (RoleEntity roleEntity : roles) {
            if (roleEntity.getName().equals(str)) {
                return new RoleAdapter(roleEntity);
            }
        }
        return null;
    }

    @Override // org.keycloak.models.RoleContainerModel
    public RoleModel addRole(String str) {
        RoleModel role = getRole(str);
        if (role != null) {
            return role;
        }
        RoleEntity roleEntity = new RoleEntity();
        roleEntity.setName(str);
        this.em.persist(roleEntity);
        this.realm.getRoles().add(roleEntity);
        this.em.flush();
        return new RoleAdapter(roleEntity);
    }

    @Override // org.keycloak.models.RoleContainerModel
    public boolean removeRole(String str) {
        RoleEntity roleEntity = (RoleEntity) this.em.find(RoleEntity.class, str);
        if (roleEntity == null) {
            return false;
        }
        this.realm.getRoles().remove(roleEntity);
        this.realm.getDefaultRoles().remove(roleEntity);
        this.em.createQuery("delete from " + ApplicationScopeMappingEntity.class.getSimpleName() + " where role = :role").setParameter("role", roleEntity).executeUpdate();
        this.em.createQuery("delete from " + ApplicationUserRoleMappingEntity.class.getSimpleName() + " where role = :role").setParameter("role", roleEntity).executeUpdate();
        this.em.createQuery("delete from " + RealmScopeMappingEntity.class.getSimpleName() + " where role = :role").setParameter("role", roleEntity).executeUpdate();
        this.em.createQuery("delete from " + RealmUserRoleMappingEntity.class.getSimpleName() + " where role = :role").setParameter("role", roleEntity).executeUpdate();
        this.em.remove(roleEntity);
        return true;
    }

    @Override // org.keycloak.models.RoleContainerModel
    public List<RoleModel> getRoles() {
        ArrayList arrayList = new ArrayList();
        Collection<RoleEntity> roles = this.realm.getRoles();
        if (roles == null) {
            return arrayList;
        }
        Iterator<RoleEntity> it = roles.iterator();
        while (it.hasNext()) {
            arrayList.add(new RoleAdapter(it.next()));
        }
        return arrayList;
    }

    @Override // org.keycloak.models.RoleContainerModel
    public RoleModel getRoleById(String str) {
        RoleEntity roleEntity = (RoleEntity) this.em.find(RoleEntity.class, str);
        if (roleEntity == null) {
            return null;
        }
        return new RoleAdapter(roleEntity);
    }

    @Override // org.keycloak.models.RoleMapperModel
    public boolean hasRole(UserModel userModel, RoleModel roleModel) {
        return getRealmUserRoleMappingEntityTypedQuery((UserAdapter) userModel, (RoleAdapter) roleModel).getResultList().size() > 0;
    }

    protected TypedQuery<RealmUserRoleMappingEntity> getRealmUserRoleMappingEntityTypedQuery(UserAdapter userAdapter, RoleAdapter roleAdapter) {
        TypedQuery<RealmUserRoleMappingEntity> createNamedQuery = this.em.createNamedQuery("userHasRealmRole", RealmUserRoleMappingEntity.class);
        createNamedQuery.setParameter(PropertyConfiguration.USER, userAdapter.getUser());
        createNamedQuery.setParameter("role", roleAdapter.getRole());
        createNamedQuery.setParameter("realm", this.realm);
        return createNamedQuery;
    }

    @Override // org.keycloak.models.RoleMapperModel
    public void grantRole(UserModel userModel, RoleModel roleModel) {
        if (hasRole(userModel, roleModel)) {
            return;
        }
        RealmUserRoleMappingEntity realmUserRoleMappingEntity = new RealmUserRoleMappingEntity();
        realmUserRoleMappingEntity.setRealm(this.realm);
        realmUserRoleMappingEntity.setUser(((UserAdapter) userModel).getUser());
        realmUserRoleMappingEntity.setRole(((RoleAdapter) roleModel).getRole());
        this.em.persist(realmUserRoleMappingEntity);
        this.em.flush();
    }

    @Override // org.keycloak.models.RoleMapperModel
    public List<RoleModel> getRoleMappings(UserModel userModel) {
        TypedQuery createNamedQuery = this.em.createNamedQuery("userRealmMappings", RealmUserRoleMappingEntity.class);
        createNamedQuery.setParameter(PropertyConfiguration.USER, ((UserAdapter) userModel).getUser());
        createNamedQuery.setParameter("realm", this.realm);
        List resultList = createNamedQuery.getResultList();
        ArrayList arrayList = new ArrayList();
        Iterator it = resultList.iterator();
        while (it.hasNext()) {
            arrayList.add(new RoleAdapter(((RealmUserRoleMappingEntity) it.next()).getRole()));
        }
        return arrayList;
    }

    @Override // org.keycloak.models.RoleMapperModel
    public Set<String> getRoleMappingValues(UserModel userModel) {
        TypedQuery createNamedQuery = this.em.createNamedQuery("userRealmMappings", RealmUserRoleMappingEntity.class);
        createNamedQuery.setParameter(PropertyConfiguration.USER, ((UserAdapter) userModel).getUser());
        createNamedQuery.setParameter("realm", this.realm);
        List resultList = createNamedQuery.getResultList();
        HashSet hashSet = new HashSet();
        Iterator it = resultList.iterator();
        while (it.hasNext()) {
            hashSet.add(((RealmUserRoleMappingEntity) it.next()).getRole().getName());
        }
        return hashSet;
    }

    @Override // org.keycloak.models.RoleMapperModel
    public void deleteRoleMapping(UserModel userModel, RoleModel roleModel) {
        List resultList = getRealmUserRoleMappingEntityTypedQuery((UserAdapter) userModel, (RoleAdapter) roleModel).getResultList();
        if (resultList.size() == 0) {
            return;
        }
        Iterator it = resultList.iterator();
        while (it.hasNext()) {
            this.em.remove((RealmUserRoleMappingEntity) it.next());
        }
        this.em.flush();
    }

    @Override // org.keycloak.models.RoleMapperModel
    public boolean hasRole(UserModel userModel, String str) {
        RoleModel role = getRole(str);
        if (role == null) {
            return false;
        }
        return hasRole(userModel, role);
    }

    @Override // org.keycloak.models.ScopeMapperModel
    public void addScopeMapping(UserModel userModel, String str) {
        RoleModel role = getRole(str);
        if (role == null) {
            throw new RuntimeException("role does not exist");
        }
        addScopeMapping(userModel, role);
        this.em.flush();
    }

    @Override // org.keycloak.models.ScopeMapperModel
    public Set<String> getScopeMappingValues(UserModel userModel) {
        TypedQuery createNamedQuery = this.em.createNamedQuery("userRealmScopeMappings", RealmScopeMappingEntity.class);
        createNamedQuery.setParameter(PropertyConfiguration.USER, ((UserAdapter) userModel).getUser());
        createNamedQuery.setParameter("realm", this.realm);
        List resultList = createNamedQuery.getResultList();
        HashSet hashSet = new HashSet();
        Iterator it = resultList.iterator();
        while (it.hasNext()) {
            hashSet.add(((RealmScopeMappingEntity) it.next()).getRole().getName());
        }
        return hashSet;
    }

    @Override // org.keycloak.models.ScopeMapperModel
    public List<RoleModel> getScopeMappings(UserModel userModel) {
        TypedQuery createNamedQuery = this.em.createNamedQuery("userRealmScopeMappings", RealmScopeMappingEntity.class);
        createNamedQuery.setParameter(PropertyConfiguration.USER, ((UserAdapter) userModel).getUser());
        createNamedQuery.setParameter("realm", this.realm);
        List resultList = createNamedQuery.getResultList();
        ArrayList arrayList = new ArrayList();
        Iterator it = resultList.iterator();
        while (it.hasNext()) {
            arrayList.add(new RoleAdapter(((RealmScopeMappingEntity) it.next()).getRole()));
        }
        return arrayList;
    }

    @Override // org.keycloak.models.ScopeMapperModel
    public void addScopeMapping(UserModel userModel, RoleModel roleModel) {
        if (hasScope(userModel, roleModel)) {
            return;
        }
        RealmScopeMappingEntity realmScopeMappingEntity = new RealmScopeMappingEntity();
        realmScopeMappingEntity.setRealm(this.realm);
        realmScopeMappingEntity.setUser(((UserAdapter) userModel).getUser());
        realmScopeMappingEntity.setRole(((RoleAdapter) roleModel).getRole());
        this.em.persist(realmScopeMappingEntity);
        this.em.flush();
    }

    @Override // org.keycloak.models.ScopeMapperModel
    public void deleteScopeMapping(UserModel userModel, RoleModel roleModel) {
        List resultList = getRealmScopeMappingQuery((UserAdapter) userModel, (RoleAdapter) roleModel).getResultList();
        if (resultList.size() == 0) {
            return;
        }
        Iterator it = resultList.iterator();
        while (it.hasNext()) {
            this.em.remove((RealmScopeMappingEntity) it.next());
        }
    }

    public boolean hasScope(UserModel userModel, RoleModel roleModel) {
        return getRealmScopeMappingQuery((UserAdapter) userModel, (RoleAdapter) roleModel).getResultList().size() > 0;
    }

    protected TypedQuery<RealmScopeMappingEntity> getRealmScopeMappingQuery(UserAdapter userAdapter, RoleAdapter roleAdapter) {
        TypedQuery<RealmScopeMappingEntity> createNamedQuery = this.em.createNamedQuery("userHasRealmScope", RealmScopeMappingEntity.class);
        createNamedQuery.setParameter(PropertyConfiguration.USER, userAdapter.getUser());
        createNamedQuery.setParameter("role", roleAdapter.getRole());
        createNamedQuery.setParameter("realm", this.realm);
        return createNamedQuery;
    }

    @Override // org.keycloak.models.RealmModel
    public boolean validatePassword(UserModel userModel, String str) {
        for (CredentialEntity credentialEntity : ((UserAdapter) userModel).getUser().getCredentials()) {
            if (credentialEntity.getType().equals("password")) {
                return new SHAPasswordEncoder(DebugModel.TYPE_METHOD_EX).verify(str, credentialEntity.getValue());
            }
        }
        return false;
    }

    @Override // org.keycloak.models.RealmModel
    public boolean validateTOTP(UserModel userModel, String str, String str2) {
        if (!validatePassword(userModel, str)) {
            return false;
        }
        for (CredentialEntity credentialEntity : ((UserAdapter) userModel).getUser().getCredentials()) {
            if (credentialEntity.getType().equals("totp")) {
                return new TimeBasedOTP().validate(str2, credentialEntity.getValue().getBytes());
            }
        }
        return false;
    }

    @Override // org.keycloak.models.RealmModel
    public void updateCredential(UserModel userModel, UserCredentialModel userCredentialModel) {
        CredentialEntity credentialEntity = null;
        UserEntity user = ((UserAdapter) userModel).getUser();
        for (CredentialEntity credentialEntity2 : user.getCredentials()) {
            if (credentialEntity2.getType().equals(userCredentialModel.getType())) {
                credentialEntity = credentialEntity2;
            }
        }
        if (credentialEntity == null) {
            credentialEntity = new CredentialEntity();
            credentialEntity.setType(userCredentialModel.getType());
            credentialEntity.setDevice(userCredentialModel.getDevice());
            credentialEntity.setUser(user);
            this.em.persist(credentialEntity);
            user.getCredentials().add(credentialEntity);
        }
        if (userCredentialModel.getType().equals("password")) {
            credentialEntity.setValue(new SHAPasswordEncoder(DebugModel.TYPE_METHOD_EX).encode(userCredentialModel.getValue()));
        } else {
            credentialEntity.setValue(userCredentialModel.getValue());
        }
        credentialEntity.setDevice(userCredentialModel.getDevice());
        this.em.flush();
    }

    @Override // org.keycloak.models.RealmModel
    public PasswordPolicy getPasswordPolicy() {
        if (this.passwordPolicy == null) {
            this.passwordPolicy = new PasswordPolicy(this.realm.getPasswordPolicy());
        }
        return this.passwordPolicy;
    }

    @Override // org.keycloak.models.RealmModel
    public void setPasswordPolicy(PasswordPolicy passwordPolicy) {
        this.passwordPolicy = passwordPolicy;
        this.realm.setPasswordPolicy(passwordPolicy.toString());
        this.em.flush();
    }
}
