package org.keycloak.models.picketlink;

import java.io.IOException;
import java.io.StringWriter;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import org.bouncycastle.openssl.PEMWriter;
import org.keycloak.PemUtils;
import org.keycloak.models.ApplicationModel;
import org.keycloak.models.IdGenerator;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.OAuthClientModel;
import org.keycloak.models.PasswordPolicy;
import org.keycloak.models.RealmModel;
import org.keycloak.models.RequiredCredentialModel;
import org.keycloak.models.RoleModel;
import org.keycloak.models.SocialLinkModel;
import org.keycloak.models.UserCredentialModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.picketlink.mappings.ApplicationData;
import org.keycloak.models.picketlink.mappings.RealmData;
import org.keycloak.models.picketlink.relationships.ApplicationRelationship;
import org.keycloak.models.picketlink.relationships.OAuthClientRelationship;
import org.keycloak.models.picketlink.relationships.OAuthClientRequiredCredentialRelationship;
import org.keycloak.models.picketlink.relationships.RequiredApplicationCredentialRelationship;
import org.keycloak.models.picketlink.relationships.RequiredCredentialRelationship;
import org.keycloak.models.picketlink.relationships.ScopeRelationship;
import org.keycloak.models.picketlink.relationships.SocialLinkRelationship;
import org.picketlink.idm.IdentityManagementException;
import org.picketlink.idm.IdentityManager;
import org.picketlink.idm.PartitionManager;
import org.picketlink.idm.RelationshipManager;
import org.picketlink.idm.credential.Credentials;
import org.picketlink.idm.credential.Password;
import org.picketlink.idm.credential.TOTPCredential;
import org.picketlink.idm.credential.TOTPCredentials;
import org.picketlink.idm.credential.UsernamePasswordCredentials;
import org.picketlink.idm.credential.X509CertificateCredentials;
import org.picketlink.idm.model.IdentityType;
import org.picketlink.idm.model.sample.Grant;
import org.picketlink.idm.model.sample.Role;
import org.picketlink.idm.model.sample.SampleModel;
import org.picketlink.idm.model.sample.User;
import org.picketlink.idm.query.IdentityQuery;
import org.picketlink.idm.query.QueryParameter;
import org.picketlink.idm.query.RelationshipQuery;

/* loaded from: input_file:org/keycloak/models/picketlink/RealmAdapter.class */
public class RealmAdapter implements RealmModel {
    protected RealmData realm;
    protected volatile transient PublicKey publicKey;
    protected volatile transient PrivateKey privateKey;
    protected IdentityManager idm;
    protected PartitionManager partitionManager;
    protected RelationshipManager relationshipManager;
    protected KeycloakSession session;
    private PasswordPolicy passwordPolicy;

    public RealmAdapter(KeycloakSession keycloakSession, RealmData realmData, PartitionManager partitionManager) {
        this.session = keycloakSession;
        this.realm = realmData;
        this.partitionManager = partitionManager;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public IdentityManager getIdm() {
        if (this.idm == null) {
            this.idm = this.partitionManager.createIdentityManager(this.realm);
        }
        return this.idm;
    }

    protected RelationshipManager getRelationshipManager() {
        if (this.relationshipManager == null) {
            this.relationshipManager = this.partitionManager.createRelationshipManager();
        }
        return this.relationshipManager;
    }

    protected void updateRealm() {
        this.partitionManager.update(this.realm);
    }

    public String getId() {
        return this.realm.getName();
    }

    public String getName() {
        return this.realm.getRealmName();
    }

    public void setName(String str) {
        this.realm.setRealmName(str);
        updateRealm();
    }

    public boolean isEnabled() {
        return this.realm.isEnabled();
    }

    public void setEnabled(boolean z) {
        this.realm.setEnabled(z);
        updateRealm();
    }

    public boolean isSocial() {
        return this.realm.isSocial();
    }

    public void setSocial(boolean z) {
        this.realm.setSocial(z);
        updateRealm();
    }

    public boolean isAutomaticRegistrationAfterSocialLogin() {
        return this.realm.isAutomaticRegistrationAfterSocialLogin();
    }

    public void setAutomaticRegistrationAfterSocialLogin(boolean z) {
        this.realm.setAutomaticRegistrationAfterSocialLogin(z);
        updateRealm();
    }

    public boolean isSslNotRequired() {
        return this.realm.isSslNotRequired();
    }

    public void setSslNotRequired(boolean z) {
        this.realm.setSslNotRequired(z);
        updateRealm();
    }

    public boolean isCookieLoginAllowed() {
        return this.realm.isCookieLoginAllowed();
    }

    public void setCookieLoginAllowed(boolean z) {
        this.realm.setCookieLoginAllowed(z);
        updateRealm();
    }

    public boolean isRegistrationAllowed() {
        return this.realm.isRegistrationAllowed();
    }

    public void setRegistrationAllowed(boolean z) {
        this.realm.setRegistrationAllowed(z);
        updateRealm();
    }

    public boolean isVerifyEmail() {
        return this.realm.isVerifyEmail();
    }

    public void setVerifyEmail(boolean z) {
        this.realm.setVerifyEmail(z);
        updateRealm();
    }

    public boolean isResetPasswordAllowed() {
        return this.realm.isResetPasswordAllowed();
    }

    public void setResetPasswordAllowed(boolean z) {
        this.realm.setResetPasswordAllowed(z);
        updateRealm();
    }

    public int getTokenLifespan() {
        return this.realm.getTokenLifespan();
    }

    public void setTokenLifespan(int i) {
        this.realm.setTokenLifespan(i);
        updateRealm();
    }

    public int getAccessCodeLifespan() {
        return this.realm.getAccessCodeLifespan();
    }

    public void setAccessCodeLifespan(int i) {
        this.realm.setAccessCodeLifespan(i);
        updateRealm();
    }

    public int getAccessCodeLifespanUserAction() {
        return this.realm.getAccessCodeLifespanUserAction();
    }

    public void setAccessCodeLifespanUserAction(int i) {
        this.realm.setAccessCodeLifespanUserAction(i);
        updateRealm();
    }

    public String getPublicKeyPem() {
        return this.realm.getPublicKeyPem();
    }

    public void setPublicKeyPem(String str) {
        this.realm.setPublicKeyPem(str);
        this.publicKey = null;
        updateRealm();
    }

    public String getPrivateKeyPem() {
        return this.realm.getPrivateKeyPem();
    }

    public void setPrivateKeyPem(String str) {
        this.realm.setPrivateKeyPem(str);
        this.privateKey = null;
        updateRealm();
    }

    public PublicKey getPublicKey() {
        if (this.publicKey != null) {
            return this.publicKey;
        }
        String publicKeyPem = getPublicKeyPem();
        if (publicKeyPem != null) {
            try {
                this.publicKey = PemUtils.decodePublicKey(publicKeyPem);
            } catch (Exception e) {
                throw new RuntimeException(e);
            }
        }
        return this.publicKey;
    }

    public void setPublicKey(PublicKey publicKey) {
        this.publicKey = publicKey;
        StringWriter stringWriter = new StringWriter();
        PEMWriter pEMWriter = new PEMWriter(stringWriter);
        try {
            pEMWriter.writeObject(publicKey);
            pEMWriter.flush();
            setPublicKeyPem(PemUtils.removeBeginEnd(stringWriter.toString()));
        } catch (IOException e) {
            throw new RuntimeException(e);
        }
    }

    public PrivateKey getPrivateKey() {
        if (this.privateKey != null) {
            return this.privateKey;
        }
        String privateKeyPem = getPrivateKeyPem();
        if (privateKeyPem != null) {
            try {
                this.privateKey = PemUtils.decodePrivateKey(privateKeyPem);
            } catch (Exception e) {
                throw new RuntimeException(e);
            }
        }
        return this.privateKey;
    }

    public void setPrivateKey(PrivateKey privateKey) {
        this.privateKey = privateKey;
        StringWriter stringWriter = new StringWriter();
        PEMWriter pEMWriter = new PEMWriter(stringWriter);
        try {
            pEMWriter.writeObject(privateKey);
            pEMWriter.flush();
            setPrivateKeyPem(PemUtils.removeBeginEnd(stringWriter.toString()));
        } catch (IOException e) {
            throw new RuntimeException(e);
        }
    }

    public List<RequiredCredentialModel> getRequiredCredentials() {
        return getRequiredCredentialModels(getRequiredCredentialRelationships());
    }

    protected List<RequiredCredentialRelationship> getRequiredCredentialRelationships() {
        RelationshipQuery createRelationshipQuery = getRelationshipManager().createRelationshipQuery(RequiredCredentialRelationship.class);
        createRelationshipQuery.setParameter(RequiredCredentialRelationship.REALM, new Object[]{this.realm.getName()});
        return createRelationshipQuery.getResultList();
    }

    public void addRequiredApplicationCredential(RequiredCredentialModel requiredCredentialModel) {
        addRequiredCredential(requiredCredentialModel, new RequiredApplicationCredentialRelationship());
    }

    public List<RequiredCredentialModel> getRequiredApplicationCredentials() {
        return getRequiredCredentialModels(getResourceRequiredCredentialRelationships());
    }

    protected List<RequiredApplicationCredentialRelationship> getResourceRequiredCredentialRelationships() {
        RelationshipQuery createRelationshipQuery = getRelationshipManager().createRelationshipQuery(RequiredApplicationCredentialRelationship.class);
        createRelationshipQuery.setParameter(RequiredApplicationCredentialRelationship.REALM, new Object[]{this.realm.getName()});
        return createRelationshipQuery.getResultList();
    }

    public void addRequiredOAuthClientCredential(RequiredCredentialModel requiredCredentialModel) {
        addRequiredCredential(requiredCredentialModel, new OAuthClientRequiredCredentialRelationship());
    }

    public List<RequiredCredentialModel> getRequiredOAuthClientCredentials() {
        return getRequiredCredentialModels(getOAuthClientRequiredCredentialRelationships());
    }

    protected List<OAuthClientRequiredCredentialRelationship> getOAuthClientRequiredCredentialRelationships() {
        RelationshipQuery createRelationshipQuery = getRelationshipManager().createRelationshipQuery(OAuthClientRequiredCredentialRelationship.class);
        createRelationshipQuery.setParameter(RequiredApplicationCredentialRelationship.REALM, new Object[]{this.realm.getName()});
        return createRelationshipQuery.getResultList();
    }

    public void addRequiredCredential(RequiredCredentialModel requiredCredentialModel) {
        addRequiredCredential(requiredCredentialModel, new RequiredCredentialRelationship());
    }

    protected List<RequiredCredentialModel> getRequiredCredentialModels(List<? extends RequiredCredentialRelationship> list) {
        ArrayList arrayList = new ArrayList();
        for (RequiredCredentialRelationship requiredCredentialRelationship : list) {
            RequiredCredentialModel requiredCredentialModel = new RequiredCredentialModel();
            requiredCredentialModel.setInput(requiredCredentialRelationship.isInput());
            requiredCredentialModel.setSecret(requiredCredentialRelationship.isSecret());
            requiredCredentialModel.setType(requiredCredentialRelationship.getCredentialType());
            requiredCredentialModel.setFormLabel(requiredCredentialRelationship.getFormLabel());
            arrayList.add(requiredCredentialModel);
        }
        return arrayList;
    }

    protected void addRequiredCredential(RequiredCredentialModel requiredCredentialModel, RequiredCredentialRelationship requiredCredentialRelationship) {
        requiredCredentialRelationship.setCredentialType(requiredCredentialModel.getType());
        requiredCredentialRelationship.setInput(requiredCredentialModel.isInput());
        requiredCredentialRelationship.setSecret(requiredCredentialModel.isSecret());
        requiredCredentialRelationship.setRealm(this.realm.getName());
        requiredCredentialRelationship.setFormLabel(requiredCredentialModel.getFormLabel());
        getRelationshipManager().add(requiredCredentialRelationship);
    }

    public void updateRequiredCredentials(Set<String> set) {
        List<RequiredCredentialRelationship> requiredCredentialRelationships = getRequiredCredentialRelationships();
        RelationshipManager relationshipManager = getRelationshipManager();
        HashSet hashSet = new HashSet();
        for (RequiredCredentialRelationship requiredCredentialRelationship : requiredCredentialRelationships) {
            if (set.contains(requiredCredentialRelationship.getCredentialType())) {
                hashSet.add(requiredCredentialRelationship.getCredentialType());
            } else {
                relationshipManager.remove(requiredCredentialRelationship);
            }
        }
        for (String str : set) {
            if (!hashSet.contains(str)) {
                addRequiredCredential(str);
            }
        }
    }

    public void updateRequiredOAuthClientCredentials(Set<String> set) {
        List<OAuthClientRequiredCredentialRelationship> oAuthClientRequiredCredentialRelationships = getOAuthClientRequiredCredentialRelationships();
        RelationshipManager relationshipManager = getRelationshipManager();
        HashSet hashSet = new HashSet();
        for (OAuthClientRequiredCredentialRelationship oAuthClientRequiredCredentialRelationship : oAuthClientRequiredCredentialRelationships) {
            if (set.contains(oAuthClientRequiredCredentialRelationship.getCredentialType())) {
                hashSet.add(oAuthClientRequiredCredentialRelationship.getCredentialType());
            } else {
                relationshipManager.remove(oAuthClientRequiredCredentialRelationship);
            }
        }
        for (String str : set) {
            if (!hashSet.contains(str)) {
                addRequiredOAuthClientCredential(str);
            }
        }
    }

    public void updateRequiredApplicationCredentials(Set<String> set) {
        List<RequiredApplicationCredentialRelationship> resourceRequiredCredentialRelationships = getResourceRequiredCredentialRelationships();
        RelationshipManager relationshipManager = getRelationshipManager();
        HashSet hashSet = new HashSet();
        for (RequiredApplicationCredentialRelationship requiredApplicationCredentialRelationship : resourceRequiredCredentialRelationships) {
            if (set.contains(requiredApplicationCredentialRelationship.getCredentialType())) {
                hashSet.add(requiredApplicationCredentialRelationship.getCredentialType());
            } else {
                relationshipManager.remove(requiredApplicationCredentialRelationship);
            }
        }
        for (String str : set) {
            if (!hashSet.contains(str)) {
                addRequiredResourceCredential(str);
            }
        }
    }

    public void addRequiredCredential(String str) {
        addRequiredCredential(initRequiredCredentialModel(str));
    }

    public void addRequiredOAuthClientCredential(String str) {
        addRequiredOAuthClientCredential(initRequiredCredentialModel(str));
    }

    public void addRequiredResourceCredential(String str) {
        addRequiredApplicationCredential(initRequiredCredentialModel(str));
    }

    protected RequiredCredentialModel initRequiredCredentialModel(String str) {
        RequiredCredentialModel requiredCredentialModel = (RequiredCredentialModel) RequiredCredentialModel.BUILT_IN.get(str);
        if (requiredCredentialModel == null) {
            throw new RuntimeException("Unknown credential type " + str);
        }
        return requiredCredentialModel;
    }

    public boolean validatePassword(UserModel userModel, String str) {
        UsernamePasswordCredentials usernamePasswordCredentials = new UsernamePasswordCredentials(userModel.getLoginName(), new Password(str));
        getIdm().validateCredentials(usernamePasswordCredentials);
        return usernamePasswordCredentials.getStatus() == Credentials.Status.VALID;
    }

    public boolean validateTOTP(UserModel userModel, String str, String str2) {
        TOTPCredentials tOTPCredentials = new TOTPCredentials();
        tOTPCredentials.setToken(str2);
        tOTPCredentials.setUsername(userModel.getLoginName());
        tOTPCredentials.setPassword(new Password(str));
        getIdm().validateCredentials(tOTPCredentials);
        return tOTPCredentials.getStatus() == Credentials.Status.VALID;
    }

    public void updateCredential(UserModel userModel, UserCredentialModel userCredentialModel) {
        IdentityManager idm = getIdm();
        if (userCredentialModel.getType().equals("password")) {
            idm.updateCredential(((UserAdapter) userModel).getUser(), new Password(userCredentialModel.getValue()));
            return;
        }
        if (userCredentialModel.getType().equals("totp")) {
            TOTPCredential tOTPCredential = new TOTPCredential(userCredentialModel.getValue());
            tOTPCredential.setDevice(userCredentialModel.getDevice());
            idm.updateCredential(((UserAdapter) userModel).getUser(), tOTPCredential);
        } else if (userCredentialModel.getType().equals("cert")) {
            try {
                idm.updateCredential(((UserAdapter) userModel).getUser(), new X509CertificateCredentials(PemUtils.decodeCertificate(userCredentialModel.getValue())));
            } catch (Exception e) {
                throw new RuntimeException(e);
            }
        }
    }

    /* renamed from: getUser, reason: merged with bridge method [inline-methods] */
    public UserAdapter m8getUser(String str) {
        User findPicketlinkUser = findPicketlinkUser(str);
        if (findPicketlinkUser == null) {
            return null;
        }
        return new UserAdapter(findPicketlinkUser, getIdm());
    }

    protected User findPicketlinkUser(String str) {
        return SampleModel.getUser(getIdm(), str);
    }

    /* renamed from: addUser, reason: merged with bridge method [inline-methods] */
    public UserAdapter m7addUser(String str) {
        if (findPicketlinkUser(str) != null) {
            throw new IllegalStateException("User already exists");
        }
        User user = new User(str);
        getIdm().add(user);
        return new UserAdapter(user, getIdm());
    }

    public boolean removeUser(String str) {
        User findPicketlinkUser = findPicketlinkUser(str);
        if (findPicketlinkUser == null) {
            return false;
        }
        getIdm().remove(findPicketlinkUser);
        return true;
    }

    /* renamed from: getRole, reason: merged with bridge method [inline-methods] */
    public RoleAdapter m10getRole(String str) {
        Role role = SampleModel.getRole(getIdm(), str);
        if (role == null) {
            return null;
        }
        return new RoleAdapter(role, getIdm());
    }

    public RoleModel getRoleById(String str) {
        IdentityQuery createIdentityQuery = getIdm().createIdentityQuery(Role.class);
        createIdentityQuery.setParameter(IdentityType.ID, new Object[]{str});
        List resultList = createIdentityQuery.getResultList();
        if (resultList.size() == 0) {
            return null;
        }
        return new RoleAdapter((Role) resultList.get(0), getIdm());
    }

    /* renamed from: addRole, reason: merged with bridge method [inline-methods] */
    public RoleAdapter m9addRole(String str) {
        Role role = new Role(str);
        getIdm().add(role);
        return new RoleAdapter(role, getIdm());
    }

    public boolean removeRole(String str) {
        try {
            getIdm().remove(getIdm().lookupIdentityById(Role.class, str));
            return true;
        } catch (IdentityManagementException e) {
            return false;
        }
    }

    public List<RoleModel> getRoles() {
        IdentityManager idm = getIdm();
        IdentityQuery createIdentityQuery = idm.createIdentityQuery(Role.class);
        createIdentityQuery.setParameter(Role.PARTITION, new Object[]{this.realm});
        List resultList = createIdentityQuery.getResultList();
        ArrayList arrayList = new ArrayList();
        Iterator it = resultList.iterator();
        while (it.hasNext()) {
            arrayList.add(new RoleAdapter((Role) it.next(), idm));
        }
        return arrayList;
    }

    public Map<String, ApplicationModel> getApplicationNameMap() {
        HashMap hashMap = new HashMap();
        for (ApplicationModel applicationModel : getApplications()) {
            hashMap.put(applicationModel.getName(), applicationModel);
        }
        return hashMap;
    }

    public ApplicationModel getApplicationById(String str) {
        RelationshipQuery createRelationshipQuery = getRelationshipManager().createRelationshipQuery(ApplicationRelationship.class);
        createRelationshipQuery.setParameter(ApplicationRelationship.REALM, new Object[]{this.realm.getName()});
        createRelationshipQuery.setParameter(ApplicationRelationship.APPLICATION, new Object[]{str});
        if (createRelationshipQuery.getResultList().size() == 0) {
            return null;
        }
        return new ApplicationAdapter(this.partitionManager.getPartition(ApplicationData.class, str), this, this.partitionManager);
    }

    public List<ApplicationModel> getApplications() {
        RelationshipQuery createRelationshipQuery = getRelationshipManager().createRelationshipQuery(ApplicationRelationship.class);
        createRelationshipQuery.setParameter(ApplicationRelationship.REALM, new Object[]{this.realm.getName()});
        List resultList = createRelationshipQuery.getResultList();
        ArrayList arrayList = new ArrayList();
        Iterator it = resultList.iterator();
        while (it.hasNext()) {
            arrayList.add(new ApplicationAdapter(this.partitionManager.getPartition(ApplicationData.class, ((ApplicationRelationship) it.next()).getApplication()), this, this.partitionManager));
        }
        return arrayList;
    }

    public ApplicationModel addApplication(String str) {
        ApplicationData applicationData = new ApplicationData(IdGenerator.generateId());
        User user = new User(str);
        this.idm.add(user);
        applicationData.setResourceUser(user);
        applicationData.setResourceName(str);
        this.partitionManager.add(applicationData);
        ApplicationRelationship applicationRelationship = new ApplicationRelationship();
        applicationRelationship.setRealm(this.realm.getName());
        applicationRelationship.setApplication(applicationData.getName());
        getRelationshipManager().add(applicationRelationship);
        return new ApplicationAdapter(applicationData, this, this.partitionManager);
    }

    public boolean removeApplication(String str) {
        RelationshipQuery createRelationshipQuery = getRelationshipManager().createRelationshipQuery(ApplicationRelationship.class);
        createRelationshipQuery.setParameter(ApplicationRelationship.REALM, new Object[]{this.realm.getName()});
        createRelationshipQuery.setParameter(ApplicationRelationship.APPLICATION, new Object[]{str});
        List resultList = createRelationshipQuery.getResultList();
        if (resultList.size() == 0) {
            return false;
        }
        this.partitionManager.remove(this.partitionManager.getPartition(ApplicationData.class, ((ApplicationRelationship) resultList.get(0)).getApplication()));
        return true;
    }

    public boolean hasRole(UserModel userModel, RoleModel roleModel) {
        return SampleModel.hasRole(getRelationshipManager(), ((UserAdapter) userModel).getUser(), ((RoleAdapter) roleModel).getRole());
    }

    public boolean hasRole(UserModel userModel, String str) {
        return hasRole(userModel, m10getRole(str));
    }

    public void grantRole(UserModel userModel, RoleModel roleModel) {
        SampleModel.grantRole(getRelationshipManager(), ((UserAdapter) userModel).getUser(), ((RoleAdapter) roleModel).getRole());
    }

    public void deleteRoleMapping(UserModel userModel, RoleModel roleModel) {
        RelationshipQuery createRelationshipQuery = getRelationshipManager().createRelationshipQuery(Grant.class);
        createRelationshipQuery.setParameter(Grant.ASSIGNEE, new Object[]{((UserAdapter) userModel).getUser()});
        createRelationshipQuery.setParameter(Grant.ROLE, new Object[]{((RoleAdapter) roleModel).getRole()});
        Iterator it = createRelationshipQuery.getResultList().iterator();
        while (it.hasNext()) {
            getRelationshipManager().remove((Grant) it.next());
        }
    }

    public Set<String> getRoleMappingValues(UserModel userModel) {
        RelationshipQuery createRelationshipQuery = getRelationshipManager().createRelationshipQuery(Grant.class);
        createRelationshipQuery.setParameter(Grant.ASSIGNEE, new Object[]{((UserAdapter) userModel).getUser()});
        List<Grant> resultList = createRelationshipQuery.getResultList();
        HashSet hashSet = new HashSet();
        for (Grant grant : resultList) {
            if (grant.getRole().getPartition().getId().equals(this.realm.getId())) {
                hashSet.add(grant.getRole().getName());
            }
        }
        return hashSet;
    }

    public List<RoleModel> getRoleMappings(UserModel userModel) {
        RelationshipQuery createRelationshipQuery = getRelationshipManager().createRelationshipQuery(Grant.class);
        createRelationshipQuery.setParameter(Grant.ASSIGNEE, new Object[]{((UserAdapter) userModel).getUser()});
        List<Grant> resultList = createRelationshipQuery.getResultList();
        ArrayList arrayList = new ArrayList();
        for (Grant grant : resultList) {
            if (grant.getRole().getPartition().getId().equals(this.realm.getId())) {
                arrayList.add(new RoleAdapter(grant.getRole(), getIdm()));
            }
        }
        return arrayList;
    }

    public void addScopeMapping(UserModel userModel, String str) {
        Role role = SampleModel.getRole(getIdm(), str);
        if (role == null) {
            throw new RuntimeException("role not found");
        }
        ScopeRelationship scopeRelationship = new ScopeRelationship();
        scopeRelationship.setClient(((UserAdapter) userModel).getUser());
        scopeRelationship.setScope(role);
        getRelationshipManager().add(scopeRelationship);
    }

    public void addScopeMapping(UserModel userModel, RoleModel roleModel) {
        ScopeRelationship scopeRelationship = new ScopeRelationship();
        scopeRelationship.setClient(((UserAdapter) userModel).getUser());
        scopeRelationship.setScope(((RoleAdapter) roleModel).getRole());
        getRelationshipManager().add(scopeRelationship);
    }

    public void deleteScopeMapping(UserModel userModel, RoleModel roleModel) {
        RelationshipQuery createRelationshipQuery = getRelationshipManager().createRelationshipQuery(ScopeRelationship.class);
        createRelationshipQuery.setParameter(ScopeRelationship.CLIENT, new Object[]{((UserAdapter) userModel).getUser()});
        createRelationshipQuery.setParameter(ScopeRelationship.SCOPE, new Object[]{((RoleAdapter) roleModel).getRole()});
        Iterator it = createRelationshipQuery.getResultList().iterator();
        while (it.hasNext()) {
            getRelationshipManager().remove((ScopeRelationship) it.next());
        }
    }

    public OAuthClientModel addOAuthClient(String str) {
        User user = new User(str);
        getIdm().add(user);
        OAuthClientRelationship oAuthClientRelationship = new OAuthClientRelationship();
        oAuthClientRelationship.setOauthAgent(user);
        oAuthClientRelationship.setRealm(this.realm.getName());
        getRelationshipManager().add(oAuthClientRelationship);
        return new OAuthClientAdapter(oAuthClientRelationship, getIdm(), getRelationshipManager());
    }

    public boolean removeOAuthClient(String str) {
        RelationshipQuery createRelationshipQuery = getRelationshipManager().createRelationshipQuery(OAuthClientRelationship.class);
        createRelationshipQuery.setParameter(OAuthClientRelationship.REALM, new Object[]{this.realm.getName()});
        createRelationshipQuery.setParameter(OAuthClientRelationship.ID, new Object[]{str});
        List resultList = createRelationshipQuery.getResultList();
        if (resultList.size() == 0) {
            return false;
        }
        getRelationshipManager().remove((OAuthClientRelationship) resultList.get(0));
        return true;
    }

    public OAuthClientModel getOAuthClient(String str) {
        User findPicketlinkUser = findPicketlinkUser(str);
        if (findPicketlinkUser == null) {
            return null;
        }
        RelationshipQuery createRelationshipQuery = getRelationshipManager().createRelationshipQuery(OAuthClientRelationship.class);
        createRelationshipQuery.setParameter(OAuthClientRelationship.OAUTH_AGENT, new Object[]{findPicketlinkUser});
        List resultList = createRelationshipQuery.getResultList();
        if (resultList.size() == 0) {
            return null;
        }
        return new OAuthClientAdapter((OAuthClientRelationship) resultList.get(0), getIdm(), getRelationshipManager());
    }

    public OAuthClientModel getOAuthClientById(String str) {
        RelationshipQuery createRelationshipQuery = getRelationshipManager().createRelationshipQuery(OAuthClientRelationship.class);
        createRelationshipQuery.setParameter(OAuthClientRelationship.REALM, new Object[]{this.realm.getName()});
        createRelationshipQuery.setParameter(OAuthClientRelationship.ID, new Object[]{str});
        List resultList = createRelationshipQuery.getResultList();
        if (resultList.size() == 0) {
            return null;
        }
        return new OAuthClientAdapter((OAuthClientRelationship) resultList.get(0), getIdm(), getRelationshipManager());
    }

    public List<OAuthClientModel> getOAuthClients() {
        RelationshipQuery createRelationshipQuery = getRelationshipManager().createRelationshipQuery(OAuthClientRelationship.class);
        createRelationshipQuery.setParameter(OAuthClientRelationship.REALM, new Object[]{this.realm.getName()});
        List resultList = createRelationshipQuery.getResultList();
        ArrayList arrayList = new ArrayList();
        Iterator it = resultList.iterator();
        while (it.hasNext()) {
            arrayList.add(new OAuthClientAdapter((OAuthClientRelationship) it.next(), getIdm(), getRelationshipManager()));
        }
        return arrayList;
    }

    public List<RoleModel> getScopeMappings(UserModel userModel) {
        RelationshipQuery createRelationshipQuery = getRelationshipManager().createRelationshipQuery(ScopeRelationship.class);
        createRelationshipQuery.setParameter(ScopeRelationship.CLIENT, new Object[]{((UserAdapter) userModel).getUser()});
        List<ScopeRelationship> resultList = createRelationshipQuery.getResultList();
        ArrayList arrayList = new ArrayList();
        for (ScopeRelationship scopeRelationship : resultList) {
            if (scopeRelationship.getScope().getPartition().getId().equals(this.realm.getId())) {
                arrayList.add(new RoleAdapter(scopeRelationship.getScope(), getIdm()));
            }
        }
        return arrayList;
    }

    public Set<String> getScopeMappingValues(UserModel userModel) {
        RelationshipQuery createRelationshipQuery = getRelationshipManager().createRelationshipQuery(ScopeRelationship.class);
        createRelationshipQuery.setParameter(ScopeRelationship.CLIENT, new Object[]{((UserAdapter) userModel).getUser()});
        List<ScopeRelationship> resultList = createRelationshipQuery.getResultList();
        HashSet hashSet = new HashSet();
        for (ScopeRelationship scopeRelationship : resultList) {
            if (scopeRelationship.getScope().getPartition().getId().equals(this.realm.getId())) {
                hashSet.add(scopeRelationship.getScope().getName());
            }
        }
        return hashSet;
    }

    public List<String> getDefaultRoles() {
        if (this.realm.getDefaultRoles() == null) {
            return Collections.emptyList();
        }
        ArrayList arrayList = new ArrayList();
        for (String str : this.realm.getDefaultRoles()) {
            if (m10getRole(str) == null) {
                throw new RuntimeException("default role missing");
            }
            arrayList.add(str);
        }
        return arrayList;
    }

    public void addDefaultRole(String str) {
        if (m10getRole(str) == null) {
            m9addRole(str);
        }
        String[] defaultRoles = this.realm.getDefaultRoles();
        String[] strArr = defaultRoles == null ? new String[1] : (String[]) Arrays.copyOf(defaultRoles, defaultRoles.length + 1);
        strArr[strArr.length - 1] = str;
        this.realm.setDefaultRoles(strArr);
        updateRealm();
    }

    public void updateDefaultRoles(String[] strArr) {
        for (String str : strArr) {
            if (m10getRole(str) == null) {
                m9addRole(str);
            }
        }
        this.realm.setDefaultRoles(strArr);
        updateRealm();
    }

    public UserModel getUserBySocialLink(SocialLinkModel socialLinkModel) {
        RelationshipQuery createRelationshipQuery = getRelationshipManager().createRelationshipQuery(SocialLinkRelationship.class);
        createRelationshipQuery.setParameter(SocialLinkRelationship.SOCIAL_PROVIDER, new Object[]{socialLinkModel.getSocialProvider()});
        createRelationshipQuery.setParameter(SocialLinkRelationship.SOCIAL_USERNAME, new Object[]{socialLinkModel.getSocialUsername()});
        createRelationshipQuery.setParameter(SocialLinkRelationship.REALM, new Object[]{this.realm.getName()});
        List resultList = createRelationshipQuery.getResultList();
        if (resultList.isEmpty()) {
            return null;
        }
        if (resultList.size() > 1) {
            throw new IllegalStateException("More results found for socialProvider=" + socialLinkModel.getSocialProvider() + ", socialUsername=" + socialLinkModel.getSocialUsername() + ", results=" + resultList);
        }
        return new UserAdapter(((SocialLinkRelationship) resultList.get(0)).getUser(), getIdm());
    }

    public Set<SocialLinkModel> getSocialLinks(UserModel userModel) {
        RelationshipQuery createRelationshipQuery = getRelationshipManager().createRelationshipQuery(SocialLinkRelationship.class);
        createRelationshipQuery.setParameter(SocialLinkRelationship.USER, new Object[]{((UserAdapter) userModel).getUser()});
        List<SocialLinkRelationship> resultList = createRelationshipQuery.getResultList();
        HashSet hashSet = new HashSet();
        for (SocialLinkRelationship socialLinkRelationship : resultList) {
            hashSet.add(new SocialLinkModel(socialLinkRelationship.getSocialProvider(), socialLinkRelationship.getSocialUsername()));
        }
        return hashSet;
    }

    public void addSocialLink(UserModel userModel, SocialLinkModel socialLinkModel) {
        SocialLinkRelationship socialLinkRelationship = new SocialLinkRelationship();
        socialLinkRelationship.setUser(((UserAdapter) userModel).getUser());
        socialLinkRelationship.setSocialProvider(socialLinkModel.getSocialProvider());
        socialLinkRelationship.setSocialUsername(socialLinkModel.getSocialUsername());
        socialLinkRelationship.setRealm(this.realm.getName());
        getRelationshipManager().add(socialLinkRelationship);
    }

    public void removeSocialLink(UserModel userModel, SocialLinkModel socialLinkModel) {
        SocialLinkRelationship socialLinkRelationship = new SocialLinkRelationship();
        socialLinkRelationship.setUser(((UserAdapter) userModel).getUser());
        socialLinkRelationship.setSocialProvider(socialLinkModel.getSocialProvider());
        socialLinkRelationship.setSocialUsername(socialLinkModel.getSocialUsername());
        socialLinkRelationship.setRealm(this.realm.getName());
        getRelationshipManager().remove(socialLinkRelationship);
    }

    public List<UserModel> searchForUser(String str) {
        QueryParameter[] queryParameterArr = {User.LOGIN_NAME, User.FIRST_NAME, User.LAST_NAME, User.EMAIL};
        HashMap hashMap = new HashMap();
        for (QueryParameter queryParameter : queryParameterArr) {
            IdentityQuery createIdentityQuery = getIdm().createIdentityQuery(User.class);
            createIdentityQuery.setParameter(queryParameter, new Object[]{str.toLowerCase()});
            for (User user : createIdentityQuery.getResultList()) {
                hashMap.put(user.getLoginName(), user);
            }
        }
        ArrayList arrayList = new ArrayList();
        Iterator it = hashMap.values().iterator();
        while (it.hasNext()) {
            arrayList.add(new UserAdapter((User) it.next(), this.idm));
        }
        return arrayList;
    }

    public List<UserModel> searchForUserByAttributes(Map<String, String> map) {
        IdentityQuery createIdentityQuery = getIdm().createIdentityQuery(User.class);
        for (Map.Entry<String, String> entry : map.entrySet()) {
            if (entry.getKey().equals("username")) {
                createIdentityQuery.setParameter(User.LOGIN_NAME, new Object[]{entry.getValue()});
            } else if (entry.getKey().equalsIgnoreCase("firstName")) {
                createIdentityQuery.setParameter(User.FIRST_NAME, new Object[]{entry.getValue()});
            } else if (entry.getKey().equalsIgnoreCase("lastName")) {
                createIdentityQuery.setParameter(User.LAST_NAME, new Object[]{entry.getValue()});
            } else if (entry.getKey().equalsIgnoreCase("email")) {
                createIdentityQuery.setParameter(User.EMAIL, new Object[]{entry.getValue()});
            }
        }
        List resultList = createIdentityQuery.getResultList();
        ArrayList arrayList = new ArrayList();
        Iterator it = resultList.iterator();
        while (it.hasNext()) {
            arrayList.add(new UserAdapter((User) it.next(), this.idm));
        }
        return arrayList;
    }

    public Map<String, String> getSmtpConfig() {
        return this.realm.getSmtpConfig();
    }

    public void setSmtpConfig(Map<String, String> map) {
        this.realm.setSmtpConfig(map);
        updateRealm();
    }

    public Map<String, String> getSocialConfig() {
        return this.realm.getSocialConfig();
    }

    public void setSocialConfig(Map<String, String> map) {
        this.realm.setSocialConfig(map);
        updateRealm();
    }

    public PasswordPolicy getPasswordPolicy() {
        if (this.passwordPolicy == null) {
            this.passwordPolicy = new PasswordPolicy(this.realm.getPasswordPolicy());
        }
        return this.passwordPolicy;
    }

    public void setPasswordPolicy(PasswordPolicy passwordPolicy) {
        this.passwordPolicy = passwordPolicy;
        this.realm.setPasswordPolicy(passwordPolicy.toString());
        updateRealm();
    }
}
