package org.keycloak.userprofile;

import java.util.regex.Pattern;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.protocol.oidc.endpoints.request.AuthzEndpointRequestParser;
import org.keycloak.services.managers.AuthenticationSessionManager;
import org.keycloak.services.messages.Messages;
import org.keycloak.userprofile.validation.StaticValidators;
import org.keycloak.userprofile.validation.UserProfileValidationResult;
import org.keycloak.userprofile.validation.UserUpdateEvent;
import org.keycloak.userprofile.validation.ValidationChainBuilder;

/* loaded from: input_file:org/keycloak/userprofile/LegacyUserProfileProvider.class */
public class LegacyUserProfileProvider implements UserProfileProvider {
    private final KeycloakSession session;
    private final Pattern readOnlyAttributes;
    private final Pattern adminReadOnlyAttributes;

    /* renamed from: org.keycloak.userprofile.LegacyUserProfileProvider$1, reason: invalid class name */
    /* loaded from: input_file:org/keycloak/userprofile/LegacyUserProfileProvider$1.class */
    static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$org$keycloak$userprofile$validation$UserUpdateEvent = new int[UserUpdateEvent.values().length];

        static {
            try {
                $SwitchMap$org$keycloak$userprofile$validation$UserUpdateEvent[UserUpdateEvent.UserResource.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$org$keycloak$userprofile$validation$UserUpdateEvent[UserUpdateEvent.IdpReview.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$org$keycloak$userprofile$validation$UserUpdateEvent[UserUpdateEvent.Account.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$org$keycloak$userprofile$validation$UserUpdateEvent[UserUpdateEvent.RegistrationProfile.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
            try {
                $SwitchMap$org$keycloak$userprofile$validation$UserUpdateEvent[UserUpdateEvent.UpdateProfile.ordinal()] = 5;
            } catch (NoSuchFieldError e5) {
            }
            try {
                $SwitchMap$org$keycloak$userprofile$validation$UserUpdateEvent[UserUpdateEvent.RegistrationUserCreation.ordinal()] = 6;
            } catch (NoSuchFieldError e6) {
            }
        }
    }

    public LegacyUserProfileProvider(KeycloakSession keycloakSession, Pattern pattern, Pattern pattern2) {
        this.session = keycloakSession;
        this.readOnlyAttributes = pattern;
        this.adminReadOnlyAttributes = pattern2;
    }

    public void close() {
    }

    public UserProfileValidationResult validate(UserProfileContext userProfileContext, UserProfile userProfile) {
        RealmModel realm = this.session.getContext().getRealm();
        ValidationChainBuilder builder = ValidationChainBuilder.builder();
        switch (AnonymousClass1.$SwitchMap$org$keycloak$userprofile$validation$UserUpdateEvent[userProfileContext.getUpdateEvent().ordinal()]) {
            case 1:
                addReadOnlyAttributeValidators(builder, this.adminReadOnlyAttributes, userProfileContext, userProfile);
                break;
            case 2:
                addBasicValidators(builder, !realm.isRegistrationEmailAsUsername());
                addReadOnlyAttributeValidators(builder, this.readOnlyAttributes, userProfileContext, userProfile);
                break;
            case AuthenticationSessionManager.AUTH_SESSION_LIMIT /* 3 */:
            case 4:
            case AuthzEndpointRequestParser.ADDITIONAL_REQ_PARAMS_MAX_MUMBER /* 5 */:
                addBasicValidators(builder, !realm.isRegistrationEmailAsUsername() && realm.isEditUsernameAllowed());
                addReadOnlyAttributeValidators(builder, this.readOnlyAttributes, userProfileContext, userProfile);
                addSessionValidators(builder);
                break;
            case 6:
                addUserCreationValidators(builder);
                addReadOnlyAttributeValidators(builder, this.readOnlyAttributes, userProfileContext, userProfile);
                break;
        }
        return new UserProfileValidationResult(builder.build().validate(userProfileContext, userProfile), userProfile);
    }

    public boolean isReadOnlyAttribute(String str) {
        return this.readOnlyAttributes.matcher(str).find() || this.adminReadOnlyAttributes.matcher(str).find();
    }

    private void addUserCreationValidators(ValidationChainBuilder validationChainBuilder) {
        RealmModel realm = this.session.getContext().getRealm();
        if (realm.isRegistrationEmailAsUsername()) {
            validationChainBuilder.addAttributeValidator().forAttribute("email").addSingleAttributeValueValidationFunction(Messages.INVALID_EMAIL, StaticValidators.isEmailValid()).addSingleAttributeValueValidationFunction(Messages.MISSING_EMAIL, StaticValidators.isBlank()).addSingleAttributeValueValidationFunction(Messages.EMAIL_EXISTS, StaticValidators.doesEmailExist(this.session)).build().build();
        } else {
            validationChainBuilder.addAttributeValidator().forAttribute("username").addSingleAttributeValueValidationFunction(Messages.MISSING_USERNAME, StaticValidators.isBlank()).addSingleAttributeValueValidationFunction(Messages.USERNAME_EXISTS, (str, userProfileContext) -> {
                return Boolean.valueOf(this.session.users().getUserByUsername(str, realm) == null);
            }).build();
        }
    }

    private void addBasicValidators(ValidationChainBuilder validationChainBuilder, boolean z) {
        validationChainBuilder.addAttributeValidator().forAttribute("username").addSingleAttributeValueValidationFunction(Messages.MISSING_USERNAME, StaticValidators.checkUsernameExists(z)).build().addAttributeValidator().forAttribute("firstName").addSingleAttributeValueValidationFunction(Messages.MISSING_FIRST_NAME, StaticValidators.isBlank()).build().addAttributeValidator().forAttribute("lastName").addSingleAttributeValueValidationFunction(Messages.MISSING_LAST_NAME, StaticValidators.isBlank()).build().addAttributeValidator().forAttribute("email").addSingleAttributeValueValidationFunction(Messages.MISSING_EMAIL, StaticValidators.isBlank()).addSingleAttributeValueValidationFunction(Messages.INVALID_EMAIL, StaticValidators.isEmailValid()).build();
    }

    private void addSessionValidators(ValidationChainBuilder validationChainBuilder) {
        validationChainBuilder.addAttributeValidator().forAttribute("username").addSingleAttributeValueValidationFunction(Messages.USERNAME_EXISTS, StaticValidators.userNameExists(this.session)).addSingleAttributeValueValidationFunction(Messages.READ_ONLY_USERNAME, StaticValidators.isUserMutable(this.session.getContext().getRealm())).build().addAttributeValidator().forAttribute("email").addSingleAttributeValueValidationFunction(Messages.EMAIL_EXISTS, StaticValidators.isEmailDuplicated(this.session)).addSingleAttributeValueValidationFunction(Messages.USERNAME_EXISTS, StaticValidators.doesEmailExistAsUsername(this.session)).build().build();
    }

    private void addReadOnlyAttributeValidators(ValidationChainBuilder validationChainBuilder, Pattern pattern, UserProfileContext userProfileContext, UserProfile userProfile) {
        addValidatorsForReadOnlyAttributes(validationChainBuilder, pattern, userProfile);
        addValidatorsForReadOnlyAttributes(validationChainBuilder, pattern, userProfileContext.getCurrentProfile());
    }

    private void addValidatorsForReadOnlyAttributes(ValidationChainBuilder validationChainBuilder, Pattern pattern, UserProfile userProfile) {
        if (userProfile == null) {
            return;
        }
        userProfile.getAttributes().keySet().stream().filter(str -> {
            return pattern.matcher(str).find();
        }).forEach(str2 -> {
            validationChainBuilder.addAttributeValidator().forAttribute(str2).addValidationFunction(Messages.UPDATE_READ_ONLY_ATTRIBUTES_REJECTED, StaticValidators.isReadOnlyAttributeUnchanged(str2)).build();
        });
    }
}
