package org.keycloak.models;

import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;

/* loaded from: input_file:WEB-INF/lib/keycloak-model-api-1.0-rc-1.jar:org/keycloak/models/UserFederationManager.class */
public class UserFederationManager implements UserProvider {
    protected KeycloakSession session;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:WEB-INF/lib/keycloak-model-api-1.0-rc-1.jar:org/keycloak/models/UserFederationManager$PaginatedQuery.class */
    public interface PaginatedQuery {
        List<UserModel> query(RealmModel realmModel, int i, int i2);
    }

    public UserFederationManager(KeycloakSession keycloakSession) {
        this.session = keycloakSession;
    }

    @Override // org.keycloak.models.UserProvider
    public UserModel addUser(RealmModel realmModel, String str, String str2, boolean z) {
        return registerWithFederation(realmModel, this.session.userStorage().addUser(realmModel, str, str2, z));
    }

    protected UserFederationProvider getFederationProvider(UserFederationProviderModel userFederationProviderModel) {
        return ((UserFederationProviderFactory) this.session.getKeycloakSessionFactory().getProviderFactory(UserFederationProvider.class, userFederationProviderModel.getProviderName())).getInstance(this.session, userFederationProviderModel);
    }

    @Override // org.keycloak.models.UserProvider
    public UserModel addUser(RealmModel realmModel, String str) {
        return registerWithFederation(realmModel, this.session.userStorage().addUser(realmModel, str));
    }

    protected UserModel registerWithFederation(RealmModel realmModel, UserModel userModel) {
        for (UserFederationProviderModel userFederationProviderModel : realmModel.getUserFederationProviders()) {
            UserFederationProvider federationProvider = getFederationProvider(userFederationProviderModel);
            if (federationProvider.synchronizeRegistrations()) {
                userModel.setFederationLink(userFederationProviderModel.getId());
                return federationProvider.register(realmModel, userModel);
            }
        }
        return userModel;
    }

    protected UserFederationProvider getFederationLink(RealmModel realmModel, UserModel userModel) {
        if (userModel.getFederationLink() == null) {
            return null;
        }
        for (UserFederationProviderModel userFederationProviderModel : realmModel.getUserFederationProviders()) {
            if (userFederationProviderModel.getId().equals(userModel.getFederationLink())) {
                return getFederationProvider(userFederationProviderModel);
            }
        }
        return null;
    }

    @Override // org.keycloak.models.UserProvider
    public boolean removeUser(RealmModel realmModel, UserModel userModel) {
        UserFederationProvider federationLink = getFederationLink(realmModel, userModel);
        return federationLink != null ? federationLink.removeUser(realmModel, userModel) : this.session.userStorage().removeUser(realmModel, userModel);
    }

    protected void validateUser(RealmModel realmModel, UserModel userModel) {
        UserFederationProvider federationLink = getFederationLink(realmModel, userModel);
        if (federationLink == null || federationLink.isValid(userModel)) {
            return;
        }
        deleteInvalidUser(realmModel, userModel);
        throw new IllegalStateException("Federated user no longer valid");
    }

    protected void deleteInvalidUser(RealmModel realmModel, UserModel userModel) {
        KeycloakSession create = this.session.getKeycloakSessionFactory().create();
        try {
            create.getTransaction().begin();
            RealmModel realm = create.realms().getRealm(realmModel.getId());
            create.userStorage().removeUser(realm, create.userStorage().getUserById(userModel.getId(), realm));
            create.getTransaction().commit();
            create.close();
        } catch (Throwable th) {
            create.close();
            throw th;
        }
    }

    protected boolean isValid(RealmModel realmModel, UserModel userModel) {
        UserFederationProvider federationLink = getFederationLink(realmModel, userModel);
        if (federationLink != null) {
            return federationLink.isValid(userModel);
        }
        return true;
    }

    protected UserModel validateAndProxyUser(RealmModel realmModel, UserModel userModel) {
        UserFederationProvider federationLink = getFederationLink(realmModel, userModel);
        if (federationLink == null) {
            return userModel;
        }
        if (isValid(realmModel, userModel)) {
            return federationLink.proxy(userModel);
        }
        deleteInvalidUser(realmModel, userModel);
        return null;
    }

    @Override // org.keycloak.models.UserProvider
    public void addSocialLink(RealmModel realmModel, UserModel userModel, SocialLinkModel socialLinkModel) {
        validateUser(realmModel, userModel);
        this.session.userStorage().addSocialLink(realmModel, userModel, socialLinkModel);
    }

    @Override // org.keycloak.models.UserProvider
    public boolean removeSocialLink(RealmModel realmModel, UserModel userModel, String str) {
        validateUser(realmModel, userModel);
        if (userModel == null) {
            throw new IllegalStateException("Federated user no longer valid");
        }
        return this.session.userStorage().removeSocialLink(realmModel, userModel, str);
    }

    @Override // org.keycloak.models.UserProvider
    public UserModel getUserById(String str, RealmModel realmModel) {
        UserModel userById = this.session.userStorage().getUserById(str, realmModel);
        if (userById != null) {
            userById = validateAndProxyUser(realmModel, userById);
        }
        return userById;
    }

    @Override // org.keycloak.models.UserProvider
    public UserModel getUserByUsername(String str, RealmModel realmModel) {
        UserModel userByUsername = this.session.userStorage().getUserByUsername(str, realmModel);
        if (userByUsername != null) {
            userByUsername = validateAndProxyUser(realmModel, userByUsername);
            if (userByUsername != null) {
                return userByUsername;
            }
        }
        Iterator<UserFederationProviderModel> it = realmModel.getUserFederationProviders().iterator();
        while (it.hasNext()) {
            userByUsername = getFederationProvider(it.next()).getUserByUsername(realmModel, str);
            if (userByUsername != null) {
                return userByUsername;
            }
        }
        return userByUsername;
    }

    @Override // org.keycloak.models.UserProvider
    public UserModel getUserByEmail(String str, RealmModel realmModel) {
        UserModel userByEmail = this.session.userStorage().getUserByEmail(str, realmModel);
        if (userByEmail != null) {
            userByEmail = validateAndProxyUser(realmModel, userByEmail);
            if (userByEmail != null) {
                return userByEmail;
            }
        }
        Iterator<UserFederationProviderModel> it = realmModel.getUserFederationProviders().iterator();
        while (it.hasNext()) {
            userByEmail = getFederationProvider(it.next()).getUserByEmail(realmModel, str);
            if (userByEmail != null) {
                return userByEmail;
            }
        }
        return userByEmail;
    }

    @Override // org.keycloak.models.UserProvider
    public UserModel getUserBySocialLink(SocialLinkModel socialLinkModel, RealmModel realmModel) {
        UserModel userBySocialLink = this.session.userStorage().getUserBySocialLink(socialLinkModel, realmModel);
        if (userBySocialLink != null) {
            userBySocialLink = validateAndProxyUser(realmModel, userBySocialLink);
        }
        return userBySocialLink;
    }

    @Override // org.keycloak.models.UserProvider
    public List<UserModel> getUsers(RealmModel realmModel) {
        return getUsers(realmModel, 0, 2147483646);
    }

    @Override // org.keycloak.models.UserProvider
    public int getUsersCount(RealmModel realmModel) {
        return this.session.userStorage().getUsersCount(realmModel);
    }

    /* JADX WARN: Code restructure failed: missing block: B:35:0x0036, code lost:
    
        return r0;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    protected java.util.List<org.keycloak.models.UserModel> query(org.keycloak.models.UserFederationManager.PaginatedQuery r6, org.keycloak.models.RealmModel r7, int r8, int r9) {
        /*
            r5 = this;
            java.util.LinkedList r0 = new java.util.LinkedList
            r1 = r0
            r1.<init>()
            r10 = r0
            r0 = r9
            if (r0 > 0) goto L11
            r0 = r10
            return r0
        L11:
            r0 = r8
            r11 = r0
            r0 = r9
            r12 = r0
        L18:
            r0 = r6
            r1 = r7
            r2 = r11
            r3 = r12
            java.util.List r0 = r0.query(r1, r2, r3)
            r13 = r0
            r0 = r13
            if (r0 == 0) goto L34
            r0 = r13
            int r0 = r0.size()
            if (r0 != 0) goto L37
        L34:
            r0 = r10
            return r0
        L37:
            r0 = 0
            r14 = r0
            r0 = r13
            java.util.Iterator r0 = r0.iterator()
            r15 = r0
        L43:
            r0 = r15
            boolean r0 = r0.hasNext()
            if (r0 == 0) goto L7a
            r0 = r15
            java.lang.Object r0 = r0.next()
            org.keycloak.models.UserModel r0 = (org.keycloak.models.UserModel) r0
            r16 = r0
            r0 = r5
            r1 = r7
            r2 = r16
            org.keycloak.models.UserModel r0 = r0.validateAndProxyUser(r1, r2)
            r16 = r0
            r0 = r16
            if (r0 != 0) goto L6a
            goto L43
        L6a:
            r0 = r10
            r1 = r16
            boolean r0 = r0.add(r1)
            int r14 = r14 + 1
            goto L43
        L7a:
            r0 = r10
            int r0 = r0.size()
            r1 = r9
            if (r0 != r1) goto L89
            r0 = r10
            return r0
        L89:
            r0 = r13
            int r0 = r0.size()
            r1 = r12
            if (r0 >= r1) goto L98
            r0 = r10
            return r0
        L98:
            r0 = r13
            int r0 = r0.size()
            r11 = r0
            r0 = r12
            r1 = r14
            int r0 = r0 - r1
            r12 = r0
            goto L18
        */
        throw new UnsupportedOperationException("Method not decompiled: org.keycloak.models.UserFederationManager.query(org.keycloak.models.UserFederationManager$PaginatedQuery, org.keycloak.models.RealmModel, int, int):java.util.List");
    }

    @Override // org.keycloak.models.UserProvider
    public List<UserModel> getUsers(RealmModel realmModel, int i, int i2) {
        return query(new PaginatedQuery() { // from class: org.keycloak.models.UserFederationManager.1
            @Override // org.keycloak.models.UserFederationManager.PaginatedQuery
            public List<UserModel> query(RealmModel realmModel2, int i3, int i4) {
                return UserFederationManager.this.session.userStorage().getUsers(realmModel2, i3, i4);
            }
        }, realmModel, i, i2);
    }

    @Override // org.keycloak.models.UserProvider
    public List<UserModel> searchForUser(String str, RealmModel realmModel) {
        return searchForUser(str, realmModel, 0, 2147483646);
    }

    void federationLoad(RealmModel realmModel, Map<String, String> map) {
        Iterator<UserFederationProviderModel> it = realmModel.getUserFederationProviders().iterator();
        while (it.hasNext()) {
            getFederationProvider(it.next()).searchByAttributes(map, realmModel, 30);
        }
    }

    @Override // org.keycloak.models.UserProvider
    public List<UserModel> searchForUser(final String str, RealmModel realmModel, int i, int i2) {
        HashMap hashMap = new HashMap();
        int lastIndexOf = str.lastIndexOf(32);
        if (lastIndexOf > -1) {
            String trim = str.substring(0, lastIndexOf).trim();
            String trim2 = str.substring(lastIndexOf).trim();
            hashMap.put("firstName", trim);
            hashMap.put("lastName", trim2);
        } else if (str.indexOf(64) > -1) {
            hashMap.put("username", str.trim());
            hashMap.put("email", str.trim());
        } else {
            hashMap.put("lastName", str.trim());
            hashMap.put("username", str.trim());
        }
        federationLoad(realmModel, hashMap);
        return query(new PaginatedQuery() { // from class: org.keycloak.models.UserFederationManager.2
            @Override // org.keycloak.models.UserFederationManager.PaginatedQuery
            public List<UserModel> query(RealmModel realmModel2, int i3, int i4) {
                return UserFederationManager.this.session.userStorage().searchForUser(str, realmModel2, i3, i4);
            }
        }, realmModel, i, i2);
    }

    @Override // org.keycloak.models.UserProvider
    public List<UserModel> searchForUserByAttributes(Map<String, String> map, RealmModel realmModel) {
        return searchForUserByAttributes(map, realmModel, 0, 2147483646);
    }

    @Override // org.keycloak.models.UserProvider
    public List<UserModel> searchForUserByAttributes(final Map<String, String> map, RealmModel realmModel, int i, int i2) {
        federationLoad(realmModel, map);
        return query(new PaginatedQuery() { // from class: org.keycloak.models.UserFederationManager.3
            @Override // org.keycloak.models.UserFederationManager.PaginatedQuery
            public List<UserModel> query(RealmModel realmModel2, int i3, int i4) {
                return UserFederationManager.this.session.userStorage().searchForUserByAttributes(map, realmModel2, i3, i4);
            }
        }, realmModel, i, i2);
    }

    @Override // org.keycloak.models.UserProvider
    public Set<SocialLinkModel> getSocialLinks(UserModel userModel, RealmModel realmModel) {
        validateUser(realmModel, userModel);
        if (userModel == null) {
            throw new IllegalStateException("Federated user no longer valid");
        }
        return this.session.userStorage().getSocialLinks(userModel, realmModel);
    }

    @Override // org.keycloak.models.UserProvider
    public SocialLinkModel getSocialLink(UserModel userModel, String str, RealmModel realmModel) {
        validateUser(realmModel, userModel);
        if (userModel == null) {
            throw new IllegalStateException("Federated user no longer valid");
        }
        return this.session.userStorage().getSocialLink(userModel, str, realmModel);
    }

    @Override // org.keycloak.models.UserProvider
    public void preRemove(RealmModel realmModel) {
        Iterator<UserFederationProviderModel> it = realmModel.getUserFederationProviders().iterator();
        while (it.hasNext()) {
            getFederationProvider(it.next()).preRemove(realmModel);
        }
        this.session.userStorage().preRemove(realmModel);
    }

    @Override // org.keycloak.models.UserProvider
    public void preRemove(RealmModel realmModel, UserFederationProviderModel userFederationProviderModel) {
        this.session.userStorage().preRemove(realmModel, userFederationProviderModel);
    }

    @Override // org.keycloak.models.UserProvider
    public void preRemove(RealmModel realmModel, RoleModel roleModel) {
        Iterator<UserFederationProviderModel> it = realmModel.getUserFederationProviders().iterator();
        while (it.hasNext()) {
            getFederationProvider(it.next()).preRemove(realmModel, roleModel);
        }
        this.session.userStorage().preRemove(realmModel, roleModel);
    }

    public void updateCredential(RealmModel realmModel, UserModel userModel, UserCredentialModel userCredentialModel) {
        String validate;
        if (userCredentialModel.getType().equals("password") && realmModel.getPasswordPolicy() != null && (validate = realmModel.getPasswordPolicy().validate(userCredentialModel.getValue())) != null) {
            throw new ModelException(validate);
        }
        userModel.updateCredential(userCredentialModel);
    }

    @Override // org.keycloak.models.UserProvider
    public boolean validCredentials(RealmModel realmModel, UserModel userModel, List<UserCredentialModel> list) {
        UserFederationProvider federationLink = getFederationLink(realmModel, userModel);
        if (federationLink != null) {
            validateUser(realmModel, userModel);
            Set<String> supportedCredentialTypes = federationLink.getSupportedCredentialTypes(userModel);
            if (supportedCredentialTypes.size() > 0) {
                ArrayList arrayList = new ArrayList();
                ArrayList arrayList2 = new ArrayList();
                for (UserCredentialModel userCredentialModel : list) {
                    if (supportedCredentialTypes.contains(userCredentialModel.getType())) {
                        arrayList.add(userCredentialModel);
                    } else {
                        arrayList2.add(userCredentialModel);
                    }
                }
                if (federationLink.validCredentials(realmModel, userModel, arrayList)) {
                    return this.session.userStorage().validCredentials(realmModel, userModel, arrayList2);
                }
                return false;
            }
        }
        return this.session.userStorage().validCredentials(realmModel, userModel, list);
    }

    @Override // org.keycloak.models.UserProvider
    public boolean validCredentials(RealmModel realmModel, UserModel userModel, UserCredentialModel... userCredentialModelArr) {
        UserFederationProvider federationLink = getFederationLink(realmModel, userModel);
        if (federationLink != null) {
            validateUser(realmModel, userModel);
            Set<String> supportedCredentialTypes = federationLink.getSupportedCredentialTypes(userModel);
            if (supportedCredentialTypes.size() > 0) {
                ArrayList arrayList = new ArrayList();
                ArrayList arrayList2 = new ArrayList();
                for (UserCredentialModel userCredentialModel : userCredentialModelArr) {
                    if (supportedCredentialTypes.contains(userCredentialModel.getType())) {
                        arrayList.add(userCredentialModel);
                    } else {
                        arrayList2.add(userCredentialModel);
                    }
                }
                if (federationLink.validCredentials(realmModel, userModel, arrayList)) {
                    return this.session.userStorage().validCredentials(realmModel, userModel, arrayList2);
                }
                return false;
            }
        }
        return this.session.userStorage().validCredentials(realmModel, userModel, userCredentialModelArr);
    }

    @Override // org.keycloak.models.UserProvider, org.keycloak.provider.Provider
    public void close() {
    }
}
