package org.keycloak.protocol.saml.mappers;

import java.util.ArrayList;
import java.util.HashMap;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.stream.Collectors;
import org.keycloak.dom.saml.v2.assertion.AttributeStatementType;
import org.keycloak.dom.saml.v2.assertion.AttributeType;
import org.keycloak.models.ClientSessionContext;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.ProtocolMapperModel;
import org.keycloak.models.UserSessionModel;
import org.keycloak.protocol.ProtocolMapper;
import org.keycloak.protocol.ProtocolMapperUtils;
import org.keycloak.protocol.saml.SamlProtocol;
import org.keycloak.provider.ProviderConfigProperty;

/* loaded from: input_file:org/keycloak/protocol/saml/mappers/RoleListMapper.class */
public class RoleListMapper extends AbstractSAMLProtocolMapper implements SAMLRoleListMapper {
    public static final String PROVIDER_ID = "saml-role-list-mapper";
    public static final String SINGLE_ROLE_ATTRIBUTE = "single";
    private static final List<ProviderConfigProperty> configProperties = new ArrayList();

    public String getDisplayCategory() {
        return "Role Mapper";
    }

    public String getDisplayType() {
        return "Role list";
    }

    public String getHelpText() {
        return "Role names are stored in an attribute value.  There is either one attribute with multiple attribute values, or an attribute per role name depending on how you configure it.  You can also specify the attribute name i.e. 'Role' or 'memberOf' being examples.";
    }

    public List<ProviderConfigProperty> getConfigProperties() {
        return configProperties;
    }

    public String getId() {
        return PROVIDER_ID;
    }

    @Override // org.keycloak.protocol.saml.mappers.SAMLRoleListMapper
    public void mapRoles(AttributeStatementType attributeStatementType, ProtocolMapperModel protocolMapperModel, KeycloakSession keycloakSession, UserSessionModel userSessionModel, ClientSessionContext clientSessionContext) {
        AttributeType createAttributeType;
        AttributeType createAttributeType2;
        boolean parseBoolean = Boolean.parseBoolean((String) protocolMapperModel.getConfig().get("single"));
        LinkedList linkedList = new LinkedList();
        AttributeType attributeType = null;
        for (Map.Entry<ProtocolMapperModel, ProtocolMapper> entry : ProtocolMapperUtils.getSortedProtocolMappers(keycloakSession, clientSessionContext)) {
            ProtocolMapperModel key = entry.getKey();
            SAMLRoleNameMapper sAMLRoleNameMapper = (ProtocolMapper) entry.getValue();
            if (sAMLRoleNameMapper instanceof SAMLRoleNameMapper) {
                linkedList.add(new SamlProtocol.ProtocolMapperProcessor(sAMLRoleNameMapper, key));
            }
            if (sAMLRoleNameMapper instanceof HardcodedRole) {
                if (parseBoolean) {
                    if (attributeType == null) {
                        attributeType = AttributeStatementHelper.createAttributeType(protocolMapperModel);
                        attributeStatementType.addAttribute(new AttributeStatementType.ASTChoiceType(attributeType));
                    }
                    createAttributeType2 = attributeType;
                } else {
                    createAttributeType2 = AttributeStatementHelper.createAttributeType(protocolMapperModel);
                    attributeStatementType.addAttribute(new AttributeStatementType.ASTChoiceType(createAttributeType2));
                }
                createAttributeType2.addAttributeValue(key.getConfig().get("role"));
            }
        }
        for (String str : (List) clientSessionContext.getRoles().stream().map(roleModel -> {
            return (String) linkedList.stream().map(protocolMapperProcessor -> {
                return ((SAMLRoleNameMapper) protocolMapperProcessor.mapper).mapName(protocolMapperProcessor.model, roleModel);
            }).filter((v0) -> {
                return Objects.nonNull(v0);
            }).findFirst().orElse(roleModel.getName());
        }).collect(Collectors.toList())) {
            if (parseBoolean) {
                if (attributeType == null) {
                    attributeType = AttributeStatementHelper.createAttributeType(protocolMapperModel);
                    attributeStatementType.addAttribute(new AttributeStatementType.ASTChoiceType(attributeType));
                }
                createAttributeType = attributeType;
            } else {
                createAttributeType = AttributeStatementHelper.createAttributeType(protocolMapperModel);
                attributeStatementType.addAttribute(new AttributeStatementType.ASTChoiceType(createAttributeType));
            }
            createAttributeType.addAttributeValue(str);
        }
    }

    public static ProtocolMapperModel create(String str, String str2, String str3, String str4, boolean z) {
        ProtocolMapperModel protocolMapperModel = new ProtocolMapperModel();
        protocolMapperModel.setName(str);
        protocolMapperModel.setProtocolMapper(PROVIDER_ID);
        protocolMapperModel.setProtocol("saml");
        HashMap hashMap = new HashMap();
        hashMap.put("attribute.name", str2);
        if (str4 != null) {
            hashMap.put(AttributeStatementHelper.FRIENDLY_NAME, str4);
        }
        if (str3 != null) {
            hashMap.put(AttributeStatementHelper.SAML_ATTRIBUTE_NAMEFORMAT, str3);
        }
        hashMap.put("single", Boolean.toString(z));
        protocolMapperModel.setConfig(hashMap);
        return protocolMapperModel;
    }

    static {
        ProviderConfigProperty providerConfigProperty = new ProviderConfigProperty();
        providerConfigProperty.setName("attribute.name");
        providerConfigProperty.setLabel("Role attribute name");
        providerConfigProperty.setDefaultValue("Role");
        providerConfigProperty.setHelpText("Name of the SAML attribute you want to put your roles into.  i.e. 'Role', 'memberOf'.");
        configProperties.add(providerConfigProperty);
        ProviderConfigProperty providerConfigProperty2 = new ProviderConfigProperty();
        providerConfigProperty2.setName(AttributeStatementHelper.FRIENDLY_NAME);
        providerConfigProperty2.setLabel(AttributeStatementHelper.FRIENDLY_NAME_LABEL);
        providerConfigProperty2.setHelpText(AttributeStatementHelper.FRIENDLY_NAME_HELP_TEXT);
        configProperties.add(providerConfigProperty2);
        ProviderConfigProperty providerConfigProperty3 = new ProviderConfigProperty();
        providerConfigProperty3.setName(AttributeStatementHelper.SAML_ATTRIBUTE_NAMEFORMAT);
        providerConfigProperty3.setLabel("SAML Attribute NameFormat");
        providerConfigProperty3.setHelpText("SAML Attribute NameFormat.  Can be basic, URI reference, or unspecified.");
        ArrayList arrayList = new ArrayList(3);
        arrayList.add(AttributeStatementHelper.BASIC);
        arrayList.add(AttributeStatementHelper.URI_REFERENCE);
        arrayList.add(AttributeStatementHelper.UNSPECIFIED);
        providerConfigProperty3.setType("List");
        providerConfigProperty3.setOptions(arrayList);
        configProperties.add(providerConfigProperty3);
        ProviderConfigProperty providerConfigProperty4 = new ProviderConfigProperty();
        providerConfigProperty4.setName("single");
        providerConfigProperty4.setLabel("Single Role Attribute");
        providerConfigProperty4.setType("boolean");
        providerConfigProperty4.setDefaultValue("true");
        providerConfigProperty4.setHelpText("If true, all roles will be stored under one attribute with multiple attribute values.");
        configProperties.add(providerConfigProperty4);
    }
}
