package org.keycloak.models.utils;

import java.io.IOException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import java.util.TreeSet;
import org.jboss.logging.Logger;
import org.keycloak.authorization.AuthorizationProvider;
import org.keycloak.authorization.model.ResourceServer;
import org.keycloak.authorization.store.ResourceServerStore;
import org.keycloak.common.enums.SslRequired;
import org.keycloak.common.util.Base64;
import org.keycloak.common.util.UriUtils;
import org.keycloak.migration.MigrationProvider;
import org.keycloak.models.AuthenticationExecutionModel;
import org.keycloak.models.AuthenticationFlowModel;
import org.keycloak.models.AuthenticatorConfigModel;
import org.keycloak.models.BrowserSecurityHeaders;
import org.keycloak.models.ClaimMask;
import org.keycloak.models.ClientModel;
import org.keycloak.models.ClientTemplateModel;
import org.keycloak.models.Constants;
import org.keycloak.models.FederatedIdentityModel;
import org.keycloak.models.GroupModel;
import org.keycloak.models.IdentityProviderMapperModel;
import org.keycloak.models.IdentityProviderModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.ModelException;
import org.keycloak.models.OTPPolicy;
import org.keycloak.models.PasswordPolicy;
import org.keycloak.models.ProtocolMapperModel;
import org.keycloak.models.RealmModel;
import org.keycloak.models.RequiredActionProviderModel;
import org.keycloak.models.RoleModel;
import org.keycloak.models.ScopeContainerModel;
import org.keycloak.models.UserConsentModel;
import org.keycloak.models.UserCredentialModel;
import org.keycloak.models.UserCredentialValueModel;
import org.keycloak.models.UserFederationMapperModel;
import org.keycloak.models.UserFederationProviderModel;
import org.keycloak.models.UserModel;
import org.keycloak.representations.idm.ApplicationRepresentation;
import org.keycloak.representations.idm.AuthenticationExecutionExportRepresentation;
import org.keycloak.representations.idm.AuthenticationExecutionRepresentation;
import org.keycloak.representations.idm.AuthenticationFlowRepresentation;
import org.keycloak.representations.idm.AuthenticatorConfigRepresentation;
import org.keycloak.representations.idm.ClaimRepresentation;
import org.keycloak.representations.idm.ClientRepresentation;
import org.keycloak.representations.idm.ClientTemplateRepresentation;
import org.keycloak.representations.idm.CredentialRepresentation;
import org.keycloak.representations.idm.FederatedIdentityRepresentation;
import org.keycloak.representations.idm.GroupRepresentation;
import org.keycloak.representations.idm.IdentityProviderMapperRepresentation;
import org.keycloak.representations.idm.IdentityProviderRepresentation;
import org.keycloak.representations.idm.OAuthClientRepresentation;
import org.keycloak.representations.idm.ProtocolMapperRepresentation;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.representations.idm.RequiredActionProviderRepresentation;
import org.keycloak.representations.idm.RoleRepresentation;
import org.keycloak.representations.idm.RolesRepresentation;
import org.keycloak.representations.idm.ScopeMappingRepresentation;
import org.keycloak.representations.idm.SocialLinkRepresentation;
import org.keycloak.representations.idm.UserConsentRepresentation;
import org.keycloak.representations.idm.UserFederationMapperRepresentation;
import org.keycloak.representations.idm.UserFederationProviderRepresentation;
import org.keycloak.representations.idm.UserRepresentation;

/* loaded from: input_file:org/keycloak/models/utils/RepresentationToModel.class */
public class RepresentationToModel {
    private static Logger logger = Logger.getLogger(RepresentationToModel.class);

    public static OTPPolicy toPolicy(RealmRepresentation realmRepresentation) {
        OTPPolicy oTPPolicy = new OTPPolicy();
        if (realmRepresentation.getOtpPolicyType() != null) {
            oTPPolicy.setType(realmRepresentation.getOtpPolicyType());
        }
        if (realmRepresentation.getOtpPolicyLookAheadWindow() != null) {
            oTPPolicy.setLookAheadWindow(realmRepresentation.getOtpPolicyLookAheadWindow().intValue());
        }
        if (realmRepresentation.getOtpPolicyInitialCounter() != null) {
            oTPPolicy.setInitialCounter(realmRepresentation.getOtpPolicyInitialCounter().intValue());
        }
        if (realmRepresentation.getOtpPolicyAlgorithm() != null) {
            oTPPolicy.setAlgorithm(realmRepresentation.getOtpPolicyAlgorithm());
        }
        if (realmRepresentation.getOtpPolicyDigits() != null) {
            oTPPolicy.setDigits(realmRepresentation.getOtpPolicyDigits().intValue());
        }
        if (realmRepresentation.getOtpPolicyPeriod() != null) {
            oTPPolicy.setPeriod(realmRepresentation.getOtpPolicyPeriod().intValue());
        }
        return oTPPolicy;
    }

    public static void importRealm(KeycloakSession keycloakSession, RealmRepresentation realmRepresentation, RealmModel realmModel) {
        convertDeprecatedSocialProviders(realmRepresentation);
        convertDeprecatedApplications(keycloakSession, realmRepresentation);
        realmModel.setName(realmRepresentation.getRealm());
        if (realmRepresentation.getDisplayName() != null) {
            realmModel.setDisplayName(realmRepresentation.getDisplayName());
        }
        if (realmRepresentation.getDisplayNameHtml() != null) {
            realmModel.setDisplayNameHtml(realmRepresentation.getDisplayNameHtml());
        }
        if (realmRepresentation.isEnabled() != null) {
            realmModel.setEnabled(realmRepresentation.isEnabled().booleanValue());
        }
        if (realmRepresentation.isBruteForceProtected() != null) {
            realmModel.setBruteForceProtected(realmRepresentation.isBruteForceProtected().booleanValue());
        }
        if (realmRepresentation.getMaxFailureWaitSeconds() != null) {
            realmModel.setMaxFailureWaitSeconds(realmRepresentation.getMaxFailureWaitSeconds().intValue());
        }
        if (realmRepresentation.getMinimumQuickLoginWaitSeconds() != null) {
            realmModel.setMinimumQuickLoginWaitSeconds(realmRepresentation.getMinimumQuickLoginWaitSeconds().intValue());
        }
        if (realmRepresentation.getWaitIncrementSeconds() != null) {
            realmModel.setWaitIncrementSeconds(realmRepresentation.getWaitIncrementSeconds().intValue());
        }
        if (realmRepresentation.getQuickLoginCheckMilliSeconds() != null) {
            realmModel.setQuickLoginCheckMilliSeconds(realmRepresentation.getQuickLoginCheckMilliSeconds().longValue());
        }
        if (realmRepresentation.getMaxDeltaTimeSeconds() != null) {
            realmModel.setMaxDeltaTimeSeconds(realmRepresentation.getMaxDeltaTimeSeconds().intValue());
        }
        if (realmRepresentation.getFailureFactor() != null) {
            realmModel.setFailureFactor(realmRepresentation.getFailureFactor().intValue());
        }
        if (realmRepresentation.isEventsEnabled() != null) {
            realmModel.setEventsEnabled(realmRepresentation.isEventsEnabled().booleanValue());
        }
        if (realmRepresentation.getEventsExpiration() != null) {
            realmModel.setEventsExpiration(realmRepresentation.getEventsExpiration().longValue());
        }
        if (realmRepresentation.getEventsListeners() != null) {
            realmModel.setEventsListeners(new HashSet(realmRepresentation.getEventsListeners()));
        }
        if (realmRepresentation.isAdminEventsEnabled() != null) {
            realmModel.setAdminEventsEnabled(realmRepresentation.isAdminEventsEnabled().booleanValue());
        }
        if (realmRepresentation.isAdminEventsDetailsEnabled() != null) {
            realmModel.setAdminEventsDetailsEnabled(realmRepresentation.isAdminEventsDetailsEnabled().booleanValue());
        }
        if (realmRepresentation.getNotBefore() != null) {
            realmModel.setNotBefore(realmRepresentation.getNotBefore().intValue());
        }
        if (realmRepresentation.getRevokeRefreshToken() != null) {
            realmModel.setRevokeRefreshToken(realmRepresentation.getRevokeRefreshToken().booleanValue());
        } else {
            realmModel.setRevokeRefreshToken(false);
        }
        if (realmRepresentation.getAccessTokenLifespan() != null) {
            realmModel.setAccessTokenLifespan(realmRepresentation.getAccessTokenLifespan().intValue());
        } else {
            realmModel.setAccessTokenLifespan(300);
        }
        if (realmRepresentation.getAccessTokenLifespanForImplicitFlow() != null) {
            realmModel.setAccessTokenLifespanForImplicitFlow(realmRepresentation.getAccessTokenLifespanForImplicitFlow().intValue());
        } else {
            realmModel.setAccessTokenLifespanForImplicitFlow(Constants.DEFAULT_ACCESS_TOKEN_LIFESPAN_FOR_IMPLICIT_FLOW_TIMEOUT);
        }
        if (realmRepresentation.getSsoSessionIdleTimeout() != null) {
            realmModel.setSsoSessionIdleTimeout(realmRepresentation.getSsoSessionIdleTimeout().intValue());
        } else {
            realmModel.setSsoSessionIdleTimeout(1800);
        }
        if (realmRepresentation.getSsoSessionMaxLifespan() != null) {
            realmModel.setSsoSessionMaxLifespan(realmRepresentation.getSsoSessionMaxLifespan().intValue());
        } else {
            realmModel.setSsoSessionMaxLifespan(36000);
        }
        if (realmRepresentation.getOfflineSessionIdleTimeout() != null) {
            realmModel.setOfflineSessionIdleTimeout(realmRepresentation.getOfflineSessionIdleTimeout().intValue());
        } else {
            realmModel.setOfflineSessionIdleTimeout(Constants.DEFAULT_OFFLINE_SESSION_IDLE_TIMEOUT);
        }
        if (realmRepresentation.getAccessCodeLifespan() != null) {
            realmModel.setAccessCodeLifespan(realmRepresentation.getAccessCodeLifespan().intValue());
        } else {
            realmModel.setAccessCodeLifespan(60);
        }
        if (realmRepresentation.getAccessCodeLifespanUserAction() != null) {
            realmModel.setAccessCodeLifespanUserAction(realmRepresentation.getAccessCodeLifespanUserAction().intValue());
        } else {
            realmModel.setAccessCodeLifespanUserAction(300);
        }
        if (realmRepresentation.getAccessCodeLifespanLogin() != null) {
            realmModel.setAccessCodeLifespanLogin(realmRepresentation.getAccessCodeLifespanLogin().intValue());
        } else {
            realmModel.setAccessCodeLifespanLogin(1800);
        }
        if (realmRepresentation.getSslRequired() != null) {
            realmModel.setSslRequired(SslRequired.valueOf(realmRepresentation.getSslRequired().toUpperCase()));
        }
        if (realmRepresentation.isRegistrationAllowed() != null) {
            realmModel.setRegistrationAllowed(realmRepresentation.isRegistrationAllowed().booleanValue());
        }
        if (realmRepresentation.isRegistrationEmailAsUsername() != null) {
            realmModel.setRegistrationEmailAsUsername(realmRepresentation.isRegistrationEmailAsUsername().booleanValue());
        }
        if (realmRepresentation.isRememberMe() != null) {
            realmModel.setRememberMe(realmRepresentation.isRememberMe().booleanValue());
        }
        if (realmRepresentation.isVerifyEmail() != null) {
            realmModel.setVerifyEmail(realmRepresentation.isVerifyEmail().booleanValue());
        }
        if (realmRepresentation.isResetPasswordAllowed() != null) {
            realmModel.setResetPasswordAllowed(realmRepresentation.isResetPasswordAllowed().booleanValue());
        }
        if (realmRepresentation.isEditUsernameAllowed() != null) {
            realmModel.setEditUsernameAllowed(realmRepresentation.isEditUsernameAllowed().booleanValue());
        }
        if (realmRepresentation.getPrivateKey() == null || realmRepresentation.getPublicKey() == null) {
            KeycloakModelUtils.generateRealmKeys(realmModel);
        } else {
            realmModel.setPrivateKeyPem(realmRepresentation.getPrivateKey());
            realmModel.setPublicKeyPem(realmRepresentation.getPublicKey());
        }
        if (realmRepresentation.getCertificate() == null) {
            KeycloakModelUtils.generateRealmCertificate(realmModel);
        } else {
            realmModel.setCertificatePem(realmRepresentation.getCertificate());
        }
        if (realmRepresentation.getCodeSecret() == null) {
            realmModel.setCodeSecret(KeycloakModelUtils.generateCodeSecret());
        } else {
            realmModel.setCodeSecret(realmRepresentation.getCodeSecret());
        }
        if (realmRepresentation.getLoginTheme() != null) {
            realmModel.setLoginTheme(realmRepresentation.getLoginTheme());
        }
        if (realmRepresentation.getAccountTheme() != null) {
            realmModel.setAccountTheme(realmRepresentation.getAccountTheme());
        }
        if (realmRepresentation.getAdminTheme() != null) {
            realmModel.setAdminTheme(realmRepresentation.getAdminTheme());
        }
        if (realmRepresentation.getEmailTheme() != null) {
            realmModel.setEmailTheme(realmRepresentation.getEmailTheme());
        }
        if (realmRepresentation.getRequiredCredentials() != null) {
            Iterator it = realmRepresentation.getRequiredCredentials().iterator();
            while (it.hasNext()) {
                realmModel.addRequiredCredential((String) it.next());
            }
        } else {
            realmModel.addRequiredCredential(UserCredentialModel.PASSWORD);
        }
        if (realmRepresentation.getPasswordPolicy() != null) {
            realmModel.setPasswordPolicy(new PasswordPolicy(realmRepresentation.getPasswordPolicy()));
        }
        if (realmRepresentation.getOtpPolicyType() != null) {
            realmModel.setOTPPolicy(toPolicy(realmRepresentation));
        } else {
            realmModel.setOTPPolicy(OTPPolicy.DEFAULT_POLICY);
        }
        importAuthenticationFlows(realmModel, realmRepresentation);
        if (realmRepresentation.getRequiredActions() != null) {
            Iterator it2 = realmRepresentation.getRequiredActions().iterator();
            while (it2.hasNext()) {
                realmModel.addRequiredActionProvider(toModel((RequiredActionProviderRepresentation) it2.next()));
            }
        } else {
            DefaultRequiredActions.addActions(realmModel);
        }
        importIdentityProviders(realmRepresentation, realmModel);
        importIdentityProviderMappers(realmRepresentation, realmModel);
        if (realmRepresentation.getClientTemplates() != null) {
            createClientTemplates(keycloakSession, realmRepresentation, realmModel);
        }
        if (realmRepresentation.getClients() != null) {
            createClients(keycloakSession, realmRepresentation, realmModel);
        }
        importRoles(realmRepresentation.getRoles(), realmModel);
        if (realmRepresentation.getDefaultRoles() != null) {
            Iterator it3 = realmRepresentation.getDefaultRoles().iterator();
            while (it3.hasNext()) {
                realmModel.addDefaultRole(((String) it3.next()).trim());
            }
        }
        if (realmRepresentation.getClients() != null) {
            for (ClientRepresentation clientRepresentation : realmRepresentation.getClients()) {
                if (clientRepresentation.getDefaultRoles() != null) {
                    realmModel.getClientByClientId(clientRepresentation.getClientId()).updateDefaultRoles(clientRepresentation.getDefaultRoles());
                }
            }
        }
        if (realmRepresentation.getClientScopeMappings() != null) {
            for (Map.Entry entry : realmRepresentation.getClientScopeMappings().entrySet()) {
                ClientModel clientByClientId = realmModel.getClientByClientId((String) entry.getKey());
                if (clientByClientId == null) {
                    throw new RuntimeException("Unable to find client role mappings for client: " + ((String) entry.getKey()));
                }
                createClientScopeMappings(realmModel, clientByClientId, (List) entry.getValue());
            }
        }
        if (realmRepresentation.getScopeMappings() != null) {
            for (ScopeMappingRepresentation scopeMappingRepresentation : realmRepresentation.getScopeMappings()) {
                ScopeContainerModel scopeContainerHavingScope = getScopeContainerHavingScope(realmModel, scopeMappingRepresentation);
                for (String str : scopeMappingRepresentation.getRoles()) {
                    RoleModel role = realmModel.getRole(str.trim());
                    if (role == null) {
                        role = realmModel.addRole(str.trim());
                    }
                    scopeContainerHavingScope.addScopeMapping(role);
                }
            }
        }
        if (realmRepresentation.getSmtpServer() != null) {
            realmModel.setSmtpConfig(new HashMap(realmRepresentation.getSmtpServer()));
        }
        if (realmRepresentation.getBrowserSecurityHeaders() != null) {
            realmModel.setBrowserSecurityHeaders(realmRepresentation.getBrowserSecurityHeaders());
        } else {
            realmModel.setBrowserSecurityHeaders(BrowserSecurityHeaders.defaultHeaders);
        }
        List<UserFederationProviderModel> list = null;
        if (realmRepresentation.getUserFederationProviders() != null) {
            list = convertFederationProviders(realmRepresentation.getUserFederationProviders());
            realmModel.setUserFederationProviders(list);
        }
        if (realmRepresentation.getUserFederationMappers() != null) {
            if (realmRepresentation.getUserFederationProviders() != null) {
                TreeSet<String> treeSet = new TreeSet();
                Iterator it4 = realmRepresentation.getUserFederationMappers().iterator();
                while (it4.hasNext()) {
                    treeSet.add(((UserFederationMapperRepresentation) it4.next()).getFederationProviderDisplayName());
                }
                for (String str2 : treeSet) {
                    for (UserFederationProviderModel userFederationProviderModel : list) {
                        if (str2.equals(userFederationProviderModel.getDisplayName())) {
                            Iterator<UserFederationMapperModel> it5 = realmModel.getUserFederationMappersByFederationProvider(userFederationProviderModel.getId()).iterator();
                            while (it5.hasNext()) {
                                realmModel.removeUserFederationMapper(it5.next());
                            }
                        }
                    }
                }
            }
            Iterator it6 = realmRepresentation.getUserFederationMappers().iterator();
            while (it6.hasNext()) {
                realmModel.addUserFederationMapper(toModel(realmModel, (UserFederationMapperRepresentation) it6.next()));
            }
        }
        if (realmRepresentation.getGroups() != null) {
            importGroups(realmModel, realmRepresentation);
            if (realmRepresentation.getDefaultGroups() != null) {
                for (String str3 : realmRepresentation.getDefaultGroups()) {
                    GroupModel findGroupByPath = KeycloakModelUtils.findGroupByPath(realmModel, str3);
                    if (findGroupByPath == null) {
                        throw new RuntimeException("default group in realm rep doesn't exist: " + str3);
                    }
                    realmModel.addDefaultGroup(findGroupByPath);
                }
            }
        }
        if (realmRepresentation.getUsers() != null) {
            Iterator it7 = realmRepresentation.getUsers().iterator();
            while (it7.hasNext()) {
                createUser(keycloakSession, realmModel, (UserRepresentation) it7.next());
            }
        }
        if (realmRepresentation.isInternationalizationEnabled() != null) {
            realmModel.setInternationalizationEnabled(realmRepresentation.isInternationalizationEnabled().booleanValue());
        }
        if (realmRepresentation.getSupportedLocales() != null) {
            realmModel.setSupportedLocales(new HashSet(realmRepresentation.getSupportedLocales()));
        }
        if (realmRepresentation.getDefaultLocale() != null) {
            realmModel.setDefaultLocale(realmRepresentation.getDefaultLocale());
        }
    }

    public static void importRoles(RolesRepresentation rolesRepresentation, RealmModel realmModel) {
        if (rolesRepresentation == null) {
            return;
        }
        if (rolesRepresentation.getRealm() != null) {
            Iterator it = rolesRepresentation.getRealm().iterator();
            while (it.hasNext()) {
                createRole(realmModel, (RoleRepresentation) it.next());
            }
        }
        if (rolesRepresentation.getClient() != null) {
            for (Map.Entry entry : rolesRepresentation.getClient().entrySet()) {
                ClientModel clientByClientId = realmModel.getClientByClientId((String) entry.getKey());
                if (clientByClientId == null) {
                    throw new RuntimeException("App doesn't exist in role definitions: " + ((String) entry.getKey()));
                }
                for (RoleRepresentation roleRepresentation : (List) entry.getValue()) {
                    RoleModel addRole = roleRepresentation.getId() != null ? clientByClientId.addRole(roleRepresentation.getId(), roleRepresentation.getName()) : clientByClientId.addRole(roleRepresentation.getName());
                    addRole.setDescription(roleRepresentation.getDescription());
                    addRole.setScopeParamRequired(roleRepresentation.isScopeParamRequired() == null ? false : roleRepresentation.isScopeParamRequired().booleanValue());
                }
            }
        }
        if (rolesRepresentation.getRealm() != null) {
            for (RoleRepresentation roleRepresentation2 : rolesRepresentation.getRealm()) {
                addComposites(realmModel.getRole(roleRepresentation2.getName()), roleRepresentation2, realmModel);
            }
        }
        if (rolesRepresentation.getClient() != null) {
            for (Map.Entry entry2 : rolesRepresentation.getClient().entrySet()) {
                ClientModel clientByClientId2 = realmModel.getClientByClientId((String) entry2.getKey());
                if (clientByClientId2 == null) {
                    throw new RuntimeException("App doesn't exist in role definitions: " + ((String) entry2.getKey()));
                }
                for (RoleRepresentation roleRepresentation3 : (List) entry2.getValue()) {
                    addComposites(clientByClientId2.getRole(roleRepresentation3.getName()), roleRepresentation3, realmModel);
                }
            }
        }
    }

    public static void importGroups(RealmModel realmModel, RealmRepresentation realmRepresentation) {
        List groups = realmRepresentation.getGroups();
        if (groups == null) {
            return;
        }
        Iterator it = groups.iterator();
        while (it.hasNext()) {
            importGroup(realmModel, null, (GroupRepresentation) it.next());
        }
    }

    public static void importGroup(RealmModel realmModel, GroupModel groupModel, GroupRepresentation groupRepresentation) {
        GroupModel createGroup = realmModel.createGroup(groupRepresentation.getId(), groupRepresentation.getName());
        if (groupRepresentation.getAttributes() != null) {
            for (Map.Entry entry : groupRepresentation.getAttributes().entrySet()) {
                createGroup.setAttribute((String) entry.getKey(), (List) entry.getValue());
            }
        }
        realmModel.moveGroup(createGroup, groupModel);
        if (groupRepresentation.getRealmRoles() != null) {
            for (String str : groupRepresentation.getRealmRoles()) {
                RoleModel role = realmModel.getRole(str.trim());
                if (role == null) {
                    role = realmModel.addRole(str.trim());
                }
                createGroup.grantRole(role);
            }
        }
        if (groupRepresentation.getClientRoles() != null) {
            for (Map.Entry entry2 : groupRepresentation.getClientRoles().entrySet()) {
                ClientModel clientByClientId = realmModel.getClientByClientId((String) entry2.getKey());
                if (clientByClientId == null) {
                    throw new RuntimeException("Unable to find client role mappings for client: " + ((String) entry2.getKey()));
                }
                for (String str2 : (List) entry2.getValue()) {
                    RoleModel role2 = clientByClientId.getRole(str2.trim());
                    if (role2 == null) {
                        role2 = clientByClientId.addRole(str2.trim());
                    }
                    createGroup.grantRole(role2);
                }
            }
        }
        if (groupRepresentation.getSubGroups() != null) {
            Iterator it = groupRepresentation.getSubGroups().iterator();
            while (it.hasNext()) {
                importGroup(realmModel, createGroup, (GroupRepresentation) it.next());
            }
        }
    }

    public static void importAuthenticationFlows(RealmModel realmModel, RealmRepresentation realmRepresentation) {
        if (realmRepresentation.getAuthenticationFlows() == null) {
            DefaultAuthenticationFlows.migrateFlows(realmModel);
        } else {
            Iterator it = realmRepresentation.getAuthenticatorConfig().iterator();
            while (it.hasNext()) {
                realmModel.addAuthenticatorConfig(toModel((AuthenticatorConfigRepresentation) it.next()));
            }
            Iterator it2 = realmRepresentation.getAuthenticationFlows().iterator();
            while (it2.hasNext()) {
                AuthenticationFlowModel model = toModel((AuthenticationFlowRepresentation) it2.next());
                model.setId(null);
                realmModel.addAuthenticationFlow(model);
            }
            for (AuthenticationFlowRepresentation authenticationFlowRepresentation : realmRepresentation.getAuthenticationFlows()) {
                AuthenticationFlowModel flowByAlias = realmModel.getFlowByAlias(authenticationFlowRepresentation.getAlias());
                Iterator it3 = authenticationFlowRepresentation.getAuthenticationExecutions().iterator();
                while (it3.hasNext()) {
                    AuthenticationExecutionModel model2 = toModel(realmModel, (AuthenticationExecutionExportRepresentation) it3.next());
                    model2.setParentFlow(flowByAlias.getId());
                    realmModel.addAuthenticatorExecution(model2);
                }
            }
        }
        if (realmRepresentation.getBrowserFlow() == null) {
            realmModel.setBrowserFlow(realmModel.getFlowByAlias(DefaultAuthenticationFlows.BROWSER_FLOW));
        } else {
            realmModel.setBrowserFlow(realmModel.getFlowByAlias(realmRepresentation.getBrowserFlow()));
        }
        if (realmRepresentation.getRegistrationFlow() == null) {
            realmModel.setRegistrationFlow(realmModel.getFlowByAlias(DefaultAuthenticationFlows.REGISTRATION_FLOW));
        } else {
            realmModel.setRegistrationFlow(realmModel.getFlowByAlias(realmRepresentation.getRegistrationFlow()));
        }
        if (realmRepresentation.getDirectGrantFlow() == null) {
            realmModel.setDirectGrantFlow(realmModel.getFlowByAlias(DefaultAuthenticationFlows.DIRECT_GRANT_FLOW));
        } else {
            realmModel.setDirectGrantFlow(realmModel.getFlowByAlias(realmRepresentation.getDirectGrantFlow()));
        }
        if (realmRepresentation.getResetCredentialsFlow() == null) {
            AuthenticationFlowModel flowByAlias2 = realmModel.getFlowByAlias(DefaultAuthenticationFlows.RESET_CREDENTIALS_FLOW);
            if (flowByAlias2 == null) {
                DefaultAuthenticationFlows.resetCredentialsFlow(realmModel);
            } else {
                realmModel.setResetCredentialsFlow(flowByAlias2);
            }
        } else {
            realmModel.setResetCredentialsFlow(realmModel.getFlowByAlias(realmRepresentation.getResetCredentialsFlow()));
        }
        if (realmRepresentation.getClientAuthenticationFlow() == null) {
            AuthenticationFlowModel flowByAlias3 = realmModel.getFlowByAlias(DefaultAuthenticationFlows.CLIENT_AUTHENTICATION_FLOW);
            if (flowByAlias3 == null) {
                DefaultAuthenticationFlows.clientAuthFlow(realmModel);
            } else {
                realmModel.setClientAuthenticationFlow(flowByAlias3);
            }
        } else {
            realmModel.setClientAuthenticationFlow(realmModel.getFlowByAlias(realmRepresentation.getClientAuthenticationFlow()));
        }
        if (realmModel.getFlowByAlias(DefaultAuthenticationFlows.FIRST_BROKER_LOGIN_FLOW) == null) {
            DefaultAuthenticationFlows.firstBrokerLoginFlow(realmModel, true);
        }
    }

    private static void convertDeprecatedSocialProviders(RealmRepresentation realmRepresentation) {
        if (realmRepresentation.isSocial() == null || !realmRepresentation.isSocial().booleanValue() || realmRepresentation.getSocialProviders() == null || realmRepresentation.getSocialProviders().isEmpty() || realmRepresentation.getIdentityProviders() != null) {
            return;
        }
        Boolean valueOf = Boolean.valueOf(realmRepresentation.isUpdateProfileOnInitialSocialLogin() != null && realmRepresentation.isUpdateProfileOnInitialSocialLogin().booleanValue());
        if (realmRepresentation.getSocialProviders() != null) {
            logger.warn("Using deprecated 'social' configuration in JSON representation. It will be removed in future versions");
            LinkedList linkedList = new LinkedList();
            for (String str : realmRepresentation.getSocialProviders().keySet()) {
                if (str.endsWith(".key")) {
                    String str2 = str.split("\\.")[0];
                    String str3 = (String) realmRepresentation.getSocialProviders().get(str);
                    String str4 = (String) realmRepresentation.getSocialProviders().get(str.replace(".key", ".secret"));
                    IdentityProviderRepresentation identityProviderRepresentation = new IdentityProviderRepresentation();
                    identityProviderRepresentation.setAlias(str2);
                    identityProviderRepresentation.setProviderId(str2);
                    identityProviderRepresentation.setEnabled(true);
                    identityProviderRepresentation.setUpdateProfileFirstLogin(valueOf.booleanValue());
                    HashMap hashMap = new HashMap();
                    hashMap.put("clientId", str3);
                    hashMap.put("clientSecret", str4);
                    identityProviderRepresentation.setConfig(hashMap);
                    linkedList.add(identityProviderRepresentation);
                }
            }
            realmRepresentation.setIdentityProviders(linkedList);
        }
    }

    private static void convertDeprecatedSocialProviders(UserRepresentation userRepresentation) {
        if (userRepresentation.getSocialLinks() != null && !userRepresentation.getSocialLinks().isEmpty() && userRepresentation.getFederatedIdentities() == null) {
            logger.warnf("Using deprecated 'socialLinks' configuration in JSON representation for user '%s'. It will be removed in future versions", userRepresentation.getUsername());
            LinkedList linkedList = new LinkedList();
            for (SocialLinkRepresentation socialLinkRepresentation : userRepresentation.getSocialLinks()) {
                FederatedIdentityRepresentation federatedIdentityRepresentation = new FederatedIdentityRepresentation();
                federatedIdentityRepresentation.setIdentityProvider(socialLinkRepresentation.getSocialProvider());
                federatedIdentityRepresentation.setUserId(socialLinkRepresentation.getSocialUserId());
                federatedIdentityRepresentation.setUserName(socialLinkRepresentation.getSocialUsername());
                linkedList.add(federatedIdentityRepresentation);
            }
            userRepresentation.setFederatedIdentities(linkedList);
        }
        userRepresentation.setSocialLinks((List) null);
    }

    private static void convertDeprecatedApplications(KeycloakSession keycloakSession, RealmRepresentation realmRepresentation) {
        if (realmRepresentation.getApplications() != null || realmRepresentation.getOauthClients() != null) {
            if (realmRepresentation.getClients() == null) {
                realmRepresentation.setClients(new LinkedList());
            }
            LinkedList<ApplicationRepresentation> linkedList = new LinkedList();
            if (realmRepresentation.getApplications() != null) {
                linkedList.addAll(realmRepresentation.getApplications());
            }
            if (realmRepresentation.getOauthClients() != null) {
                linkedList.addAll(realmRepresentation.getOauthClients());
            }
            for (ApplicationRepresentation applicationRepresentation : linkedList) {
                applicationRepresentation.setClientId(applicationRepresentation.getName());
                applicationRepresentation.setName((String) null);
                if (applicationRepresentation instanceof OAuthClientRepresentation) {
                    applicationRepresentation.setConsentRequired(true);
                    applicationRepresentation.setFullScopeAllowed(false);
                }
                if (applicationRepresentation.getProtocolMappers() == null && applicationRepresentation.getClaims() != null) {
                    applicationRepresentation.setProtocolMappers(((MigrationProvider) keycloakSession.getProvider(MigrationProvider.class)).getMappersForClaimMask(Long.valueOf(getClaimsMask(applicationRepresentation.getClaims()))));
                    applicationRepresentation.setClaims((ClaimRepresentation) null);
                }
                realmRepresentation.getClients().add(applicationRepresentation);
            }
        }
        if (realmRepresentation.getApplicationScopeMappings() != null && realmRepresentation.getClientScopeMappings() == null) {
            realmRepresentation.setClientScopeMappings(realmRepresentation.getApplicationScopeMappings());
        }
        if (realmRepresentation.getRoles() != null && realmRepresentation.getRoles().getApplication() != null && realmRepresentation.getRoles().getClient() == null) {
            realmRepresentation.getRoles().setClient(realmRepresentation.getRoles().getApplication());
        }
        if (realmRepresentation.getUsers() != null) {
            for (UserRepresentation userRepresentation : realmRepresentation.getUsers()) {
                if (userRepresentation.getApplicationRoles() != null && userRepresentation.getClientRoles() == null) {
                    userRepresentation.setClientRoles(userRepresentation.getApplicationRoles());
                }
            }
        }
        if (realmRepresentation.getRoles() != null && realmRepresentation.getRoles().getRealm() != null) {
            for (RoleRepresentation roleRepresentation : realmRepresentation.getRoles().getRealm()) {
                if (roleRepresentation.getComposites() != null && roleRepresentation.getComposites().getApplication() != null && roleRepresentation.getComposites().getClient() == null) {
                    roleRepresentation.getComposites().setClient(roleRepresentation.getComposites().getApplication());
                }
            }
        }
        if (realmRepresentation.getRoles() == null || realmRepresentation.getRoles().getClient() == null) {
            return;
        }
        Iterator it = realmRepresentation.getRoles().getClient().entrySet().iterator();
        while (it.hasNext()) {
            for (RoleRepresentation roleRepresentation2 : (List) ((Map.Entry) it.next()).getValue()) {
                if (roleRepresentation2.getComposites() != null && roleRepresentation2.getComposites().getApplication() != null && roleRepresentation2.getComposites().getClient() == null) {
                    roleRepresentation2.getComposites().setClient(roleRepresentation2.getComposites().getApplication());
                }
            }
        }
    }

    public static void renameRealm(RealmModel realmModel, String str) {
        if (str.equals(realmModel.getName())) {
            return;
        }
        String name = realmModel.getName();
        realmModel.getMasterAdminClient().setClientId(KeycloakModelUtils.getMasterRealmAdminApplicationClientId(str));
        realmModel.setName(str);
        ClientModel clientByClientId = realmModel.getClientByClientId(Constants.ADMIN_CONSOLE_CLIENT_ID);
        if (clientByClientId != null) {
            if (clientByClientId.getBaseUrl() != null) {
                clientByClientId.setBaseUrl(clientByClientId.getBaseUrl().replace("/admin/" + name + "/", "/admin/" + str + "/"));
            }
            HashSet hashSet = new HashSet();
            Iterator<String> it = clientByClientId.getRedirectUris().iterator();
            while (it.hasNext()) {
                hashSet.add(replace(it.next(), "/admin/" + name + "/", "/admin/" + str + "/"));
            }
            clientByClientId.setRedirectUris(hashSet);
        }
        ClientModel clientByClientId2 = realmModel.getClientByClientId(Constants.ACCOUNT_MANAGEMENT_CLIENT_ID);
        if (clientByClientId2 != null) {
            if (clientByClientId2.getBaseUrl() != null) {
                clientByClientId2.setBaseUrl(clientByClientId2.getBaseUrl().replace("/realms/" + name + "/", "/realms/" + str + "/"));
            }
            HashSet hashSet2 = new HashSet();
            Iterator<String> it2 = clientByClientId2.getRedirectUris().iterator();
            while (it2.hasNext()) {
                hashSet2.add(replace(it2.next(), "/realms/" + name + "/", "/realms/" + str + "/"));
            }
            clientByClientId2.setRedirectUris(hashSet2);
        }
    }

    private static String replace(String str, String str2, String str3) {
        if (str != null) {
            return str.replace(str2, str3);
        }
        return null;
    }

    public static void updateRealm(RealmRepresentation realmRepresentation, RealmModel realmModel) {
        if (realmRepresentation.getRealm() != null) {
            renameRealm(realmModel, realmRepresentation.getRealm());
        }
        if (realmRepresentation.getDisplayName() != null) {
            realmModel.setDisplayName(realmRepresentation.getDisplayName());
        }
        if (realmRepresentation.getDisplayNameHtml() != null) {
            realmModel.setDisplayNameHtml(realmRepresentation.getDisplayNameHtml());
        }
        if (realmRepresentation.isEnabled() != null) {
            realmModel.setEnabled(realmRepresentation.isEnabled().booleanValue());
        }
        if (realmRepresentation.isBruteForceProtected() != null) {
            realmModel.setBruteForceProtected(realmRepresentation.isBruteForceProtected().booleanValue());
        }
        if (realmRepresentation.getMaxFailureWaitSeconds() != null) {
            realmModel.setMaxFailureWaitSeconds(realmRepresentation.getMaxFailureWaitSeconds().intValue());
        }
        if (realmRepresentation.getMinimumQuickLoginWaitSeconds() != null) {
            realmModel.setMinimumQuickLoginWaitSeconds(realmRepresentation.getMinimumQuickLoginWaitSeconds().intValue());
        }
        if (realmRepresentation.getWaitIncrementSeconds() != null) {
            realmModel.setWaitIncrementSeconds(realmRepresentation.getWaitIncrementSeconds().intValue());
        }
        if (realmRepresentation.getQuickLoginCheckMilliSeconds() != null) {
            realmModel.setQuickLoginCheckMilliSeconds(realmRepresentation.getQuickLoginCheckMilliSeconds().longValue());
        }
        if (realmRepresentation.getMaxDeltaTimeSeconds() != null) {
            realmModel.setMaxDeltaTimeSeconds(realmRepresentation.getMaxDeltaTimeSeconds().intValue());
        }
        if (realmRepresentation.getFailureFactor() != null) {
            realmModel.setFailureFactor(realmRepresentation.getFailureFactor().intValue());
        }
        if (realmRepresentation.isRegistrationAllowed() != null) {
            realmModel.setRegistrationAllowed(realmRepresentation.isRegistrationAllowed().booleanValue());
        }
        if (realmRepresentation.isRegistrationEmailAsUsername() != null) {
            realmModel.setRegistrationEmailAsUsername(realmRepresentation.isRegistrationEmailAsUsername().booleanValue());
        }
        if (realmRepresentation.isRememberMe() != null) {
            realmModel.setRememberMe(realmRepresentation.isRememberMe().booleanValue());
        }
        if (realmRepresentation.isVerifyEmail() != null) {
            realmModel.setVerifyEmail(realmRepresentation.isVerifyEmail().booleanValue());
        }
        if (realmRepresentation.isResetPasswordAllowed() != null) {
            realmModel.setResetPasswordAllowed(realmRepresentation.isResetPasswordAllowed().booleanValue());
        }
        if (realmRepresentation.isEditUsernameAllowed() != null) {
            realmModel.setEditUsernameAllowed(realmRepresentation.isEditUsernameAllowed().booleanValue());
        }
        if (realmRepresentation.getSslRequired() != null) {
            realmModel.setSslRequired(SslRequired.valueOf(realmRepresentation.getSslRequired().toUpperCase()));
        }
        if (realmRepresentation.getAccessCodeLifespan() != null) {
            realmModel.setAccessCodeLifespan(realmRepresentation.getAccessCodeLifespan().intValue());
        }
        if (realmRepresentation.getAccessCodeLifespanUserAction() != null) {
            realmModel.setAccessCodeLifespanUserAction(realmRepresentation.getAccessCodeLifespanUserAction().intValue());
        }
        if (realmRepresentation.getAccessCodeLifespanLogin() != null) {
            realmModel.setAccessCodeLifespanLogin(realmRepresentation.getAccessCodeLifespanLogin().intValue());
        }
        if (realmRepresentation.getNotBefore() != null) {
            realmModel.setNotBefore(realmRepresentation.getNotBefore().intValue());
        }
        if (realmRepresentation.getRevokeRefreshToken() != null) {
            realmModel.setRevokeRefreshToken(realmRepresentation.getRevokeRefreshToken().booleanValue());
        }
        if (realmRepresentation.getAccessTokenLifespan() != null) {
            realmModel.setAccessTokenLifespan(realmRepresentation.getAccessTokenLifespan().intValue());
        }
        if (realmRepresentation.getAccessTokenLifespanForImplicitFlow() != null) {
            realmModel.setAccessTokenLifespanForImplicitFlow(realmRepresentation.getAccessTokenLifespanForImplicitFlow().intValue());
        }
        if (realmRepresentation.getSsoSessionIdleTimeout() != null) {
            realmModel.setSsoSessionIdleTimeout(realmRepresentation.getSsoSessionIdleTimeout().intValue());
        }
        if (realmRepresentation.getSsoSessionMaxLifespan() != null) {
            realmModel.setSsoSessionMaxLifespan(realmRepresentation.getSsoSessionMaxLifespan().intValue());
        }
        if (realmRepresentation.getOfflineSessionIdleTimeout() != null) {
            realmModel.setOfflineSessionIdleTimeout(realmRepresentation.getOfflineSessionIdleTimeout().intValue());
        }
        if (realmRepresentation.getRequiredCredentials() != null) {
            realmModel.updateRequiredCredentials(realmRepresentation.getRequiredCredentials());
        }
        if (realmRepresentation.getLoginTheme() != null) {
            realmModel.setLoginTheme(realmRepresentation.getLoginTheme());
        }
        if (realmRepresentation.getAccountTheme() != null) {
            realmModel.setAccountTheme(realmRepresentation.getAccountTheme());
        }
        if (realmRepresentation.getAdminTheme() != null) {
            realmModel.setAdminTheme(realmRepresentation.getAdminTheme());
        }
        if (realmRepresentation.getEmailTheme() != null) {
            realmModel.setEmailTheme(realmRepresentation.getEmailTheme());
        }
        if (realmRepresentation.isEventsEnabled() != null) {
            realmModel.setEventsEnabled(realmRepresentation.isEventsEnabled().booleanValue());
        }
        if (realmRepresentation.getEventsExpiration() != null) {
            realmModel.setEventsExpiration(realmRepresentation.getEventsExpiration().longValue());
        }
        if (realmRepresentation.getEventsListeners() != null) {
            realmModel.setEventsListeners(new HashSet(realmRepresentation.getEventsListeners()));
        }
        if (realmRepresentation.getEnabledEventTypes() != null) {
            realmModel.setEnabledEventTypes(new HashSet(realmRepresentation.getEnabledEventTypes()));
        }
        if (realmRepresentation.isAdminEventsEnabled() != null) {
            realmModel.setAdminEventsEnabled(realmRepresentation.isAdminEventsEnabled().booleanValue());
        }
        if (realmRepresentation.isAdminEventsDetailsEnabled() != null) {
            realmModel.setAdminEventsDetailsEnabled(realmRepresentation.isAdminEventsDetailsEnabled().booleanValue());
        }
        if (realmRepresentation.getPasswordPolicy() != null) {
            realmModel.setPasswordPolicy(new PasswordPolicy(realmRepresentation.getPasswordPolicy()));
        }
        if (realmRepresentation.getOtpPolicyType() != null) {
            realmModel.setOTPPolicy(toPolicy(realmRepresentation));
        }
        if (realmRepresentation.getDefaultRoles() != null) {
            realmModel.updateDefaultRoles((String[]) realmRepresentation.getDefaultRoles().toArray(new String[realmRepresentation.getDefaultRoles().size()]));
        }
        if (realmRepresentation.getSmtpServer() != null) {
            realmModel.setSmtpConfig(new HashMap(realmRepresentation.getSmtpServer()));
        }
        if (realmRepresentation.getBrowserSecurityHeaders() != null) {
            realmModel.setBrowserSecurityHeaders(realmRepresentation.getBrowserSecurityHeaders());
        }
        if (realmRepresentation.getUserFederationProviders() != null) {
            realmModel.setUserFederationProviders(convertFederationProviders(realmRepresentation.getUserFederationProviders()));
        }
        if ("GENERATE".equals(realmRepresentation.getPublicKey())) {
            KeycloakModelUtils.generateRealmKeys(realmModel);
        } else {
            if (realmRepresentation.getPrivateKey() != null && realmRepresentation.getPublicKey() != null) {
                realmModel.setPrivateKeyPem(realmRepresentation.getPrivateKey());
                realmModel.setPublicKeyPem(realmRepresentation.getPublicKey());
                realmModel.setCodeSecret(KeycloakModelUtils.generateCodeSecret());
            }
            if (realmRepresentation.getCertificate() != null) {
                realmModel.setCertificatePem(realmRepresentation.getCertificate());
            }
        }
        if (realmRepresentation.isInternationalizationEnabled() != null) {
            realmModel.setInternationalizationEnabled(realmRepresentation.isInternationalizationEnabled().booleanValue());
        }
        if (realmRepresentation.getSupportedLocales() != null) {
            realmModel.setSupportedLocales(new HashSet(realmRepresentation.getSupportedLocales()));
        }
        if (realmRepresentation.getDefaultLocale() != null) {
            realmModel.setDefaultLocale(realmRepresentation.getDefaultLocale());
        }
        if (realmRepresentation.getBrowserFlow() != null) {
            realmModel.setBrowserFlow(realmModel.getFlowByAlias(realmRepresentation.getBrowserFlow()));
        }
        if (realmRepresentation.getRegistrationFlow() != null) {
            realmModel.setRegistrationFlow(realmModel.getFlowByAlias(realmRepresentation.getRegistrationFlow()));
        }
        if (realmRepresentation.getDirectGrantFlow() != null) {
            realmModel.setDirectGrantFlow(realmModel.getFlowByAlias(realmRepresentation.getDirectGrantFlow()));
        }
        if (realmRepresentation.getResetCredentialsFlow() != null) {
            realmModel.setResetCredentialsFlow(realmModel.getFlowByAlias(realmRepresentation.getResetCredentialsFlow()));
        }
        if (realmRepresentation.getClientAuthenticationFlow() != null) {
            realmModel.setClientAuthenticationFlow(realmModel.getFlowByAlias(realmRepresentation.getClientAuthenticationFlow()));
        }
    }

    private static List<UserFederationProviderModel> convertFederationProviders(List<UserFederationProviderRepresentation> list) {
        ArrayList arrayList = new ArrayList();
        for (UserFederationProviderRepresentation userFederationProviderRepresentation : list) {
            arrayList.add(new UserFederationProviderModel(userFederationProviderRepresentation.getId(), userFederationProviderRepresentation.getProviderName(), userFederationProviderRepresentation.getConfig(), userFederationProviderRepresentation.getPriority(), userFederationProviderRepresentation.getDisplayName(), userFederationProviderRepresentation.getFullSyncPeriod(), userFederationProviderRepresentation.getChangedSyncPeriod(), userFederationProviderRepresentation.getLastSync()));
        }
        return arrayList;
    }

    public static UserFederationMapperModel toModel(RealmModel realmModel, UserFederationMapperRepresentation userFederationMapperRepresentation) {
        UserFederationMapperModel userFederationMapperModel = new UserFederationMapperModel();
        userFederationMapperModel.setId(userFederationMapperRepresentation.getId());
        userFederationMapperModel.setName(userFederationMapperRepresentation.getName());
        userFederationMapperModel.setFederationMapperType(userFederationMapperRepresentation.getFederationMapperType());
        userFederationMapperModel.setConfig(userFederationMapperRepresentation.getConfig());
        UserFederationProviderModel findUserFederationProviderByDisplayName = KeycloakModelUtils.findUserFederationProviderByDisplayName(userFederationMapperRepresentation.getFederationProviderDisplayName(), realmModel);
        if (findUserFederationProviderByDisplayName == null) {
            throw new ModelException("Couldn't find federation provider with display name [" + userFederationMapperRepresentation.getFederationProviderDisplayName() + "] referenced from mapper [" + userFederationMapperRepresentation.getName());
        }
        userFederationMapperModel.setFederationProviderId(findUserFederationProviderByDisplayName.getId());
        return userFederationMapperModel;
    }

    public static void createRole(RealmModel realmModel, RoleRepresentation roleRepresentation) {
        RoleModel addRole = roleRepresentation.getId() != null ? realmModel.addRole(roleRepresentation.getId(), roleRepresentation.getName()) : realmModel.addRole(roleRepresentation.getName());
        if (roleRepresentation.getDescription() != null) {
            addRole.setDescription(roleRepresentation.getDescription());
        }
        addRole.setScopeParamRequired(roleRepresentation.isScopeParamRequired() == null ? false : roleRepresentation.isScopeParamRequired().booleanValue());
    }

    private static void addComposites(RoleModel roleModel, RoleRepresentation roleRepresentation, RealmModel realmModel) {
        if (roleRepresentation.getComposites() == null) {
            return;
        }
        if (roleRepresentation.getComposites().getRealm() != null) {
            for (String str : roleRepresentation.getComposites().getRealm()) {
                RoleModel role = realmModel.getRole(str);
                if (role == null) {
                    throw new RuntimeException("Unable to find composite realm role: " + str);
                }
                roleModel.addCompositeRole(role);
            }
        }
        if (roleRepresentation.getComposites().getClient() != null) {
            for (Map.Entry entry : roleRepresentation.getComposites().getClient().entrySet()) {
                ClientModel clientByClientId = realmModel.getClientByClientId((String) entry.getKey());
                if (clientByClientId == null) {
                    throw new RuntimeException("App doesn't exist in role definitions: " + roleRepresentation.getName());
                }
                for (String str2 : (List) entry.getValue()) {
                    RoleModel role2 = clientByClientId.getRole(str2);
                    if (role2 == null) {
                        throw new RuntimeException("Unable to find composite client role: " + str2);
                    }
                    roleModel.addCompositeRole(role2);
                }
            }
        }
    }

    private static Map<String, ClientModel> createClients(KeycloakSession keycloakSession, RealmRepresentation realmRepresentation, RealmModel realmModel) {
        HashMap hashMap = new HashMap();
        Iterator it = realmRepresentation.getClients().iterator();
        while (it.hasNext()) {
            ClientModel createClient = createClient(keycloakSession, realmModel, (ClientRepresentation) it.next(), false);
            hashMap.put(createClient.getClientId(), createClient);
        }
        return hashMap;
    }

    public static ClientModel createClient(KeycloakSession keycloakSession, RealmModel realmModel, ClientRepresentation clientRepresentation, boolean z) {
        logger.debug("Create client: {0}" + clientRepresentation.getClientId());
        ClientModel addClient = clientRepresentation.getId() != null ? realmModel.addClient(clientRepresentation.getId(), clientRepresentation.getClientId()) : realmModel.addClient(clientRepresentation.getClientId());
        if (clientRepresentation.getName() != null) {
            addClient.setName(clientRepresentation.getName());
        }
        if (clientRepresentation.getDescription() != null) {
            addClient.setDescription(clientRepresentation.getDescription());
        }
        if (clientRepresentation.isEnabled() != null) {
            addClient.setEnabled(clientRepresentation.isEnabled().booleanValue());
        }
        addClient.setManagementUrl(clientRepresentation.getAdminUrl());
        if (clientRepresentation.isSurrogateAuthRequired() != null) {
            addClient.setSurrogateAuthRequired(clientRepresentation.isSurrogateAuthRequired().booleanValue());
        }
        if (clientRepresentation.getRootUrl() != null) {
            addClient.setRootUrl(clientRepresentation.getRootUrl());
        }
        if (clientRepresentation.getBaseUrl() != null) {
            addClient.setBaseUrl(clientRepresentation.getBaseUrl());
        }
        if (clientRepresentation.isBearerOnly() != null) {
            addClient.setBearerOnly(clientRepresentation.isBearerOnly().booleanValue());
        }
        if (clientRepresentation.isConsentRequired() != null) {
            addClient.setConsentRequired(clientRepresentation.isConsentRequired().booleanValue());
        }
        if (clientRepresentation.isDirectGrantsOnly() != null) {
            logger.warn("Using deprecated 'directGrantsOnly' configuration in JSON representation. It will be removed in future versions");
            addClient.setStandardFlowEnabled(!clientRepresentation.isDirectGrantsOnly().booleanValue());
            addClient.setDirectAccessGrantsEnabled(clientRepresentation.isDirectGrantsOnly().booleanValue());
        }
        if (clientRepresentation.isStandardFlowEnabled() != null) {
            addClient.setStandardFlowEnabled(clientRepresentation.isStandardFlowEnabled().booleanValue());
        }
        if (clientRepresentation.isImplicitFlowEnabled() != null) {
            addClient.setImplicitFlowEnabled(clientRepresentation.isImplicitFlowEnabled().booleanValue());
        }
        if (clientRepresentation.isDirectAccessGrantsEnabled() != null) {
            addClient.setDirectAccessGrantsEnabled(clientRepresentation.isDirectAccessGrantsEnabled().booleanValue());
        }
        if (clientRepresentation.isServiceAccountsEnabled() != null) {
            addClient.setServiceAccountsEnabled(clientRepresentation.isServiceAccountsEnabled().booleanValue());
        }
        if (clientRepresentation.isPublicClient() != null) {
            addClient.setPublicClient(clientRepresentation.isPublicClient().booleanValue());
        }
        if (clientRepresentation.isFrontchannelLogout() != null) {
            addClient.setFrontchannelLogout(clientRepresentation.isFrontchannelLogout().booleanValue());
        }
        if (clientRepresentation.getProtocol() != null) {
            addClient.setProtocol(clientRepresentation.getProtocol());
        }
        if (clientRepresentation.getNodeReRegistrationTimeout() != null) {
            addClient.setNodeReRegistrationTimeout(clientRepresentation.getNodeReRegistrationTimeout().intValue());
        } else {
            addClient.setNodeReRegistrationTimeout(-1);
        }
        addClient.updateClient();
        if (clientRepresentation.getNotBefore() != null) {
            addClient.setNotBefore(clientRepresentation.getNotBefore().intValue());
        }
        if (clientRepresentation.getClientAuthenticatorType() != null) {
            addClient.setClientAuthenticatorType(clientRepresentation.getClientAuthenticatorType());
        } else {
            addClient.setClientAuthenticatorType(KeycloakModelUtils.getDefaultClientAuthenticatorType());
        }
        addClient.setSecret(clientRepresentation.getSecret());
        if (addClient.getSecret() == null) {
            KeycloakModelUtils.generateSecret(addClient);
        }
        if (clientRepresentation.getAttributes() != null) {
            for (Map.Entry entry : clientRepresentation.getAttributes().entrySet()) {
                addClient.setAttribute((String) entry.getKey(), (String) entry.getValue());
            }
        }
        if (clientRepresentation.getRedirectUris() != null) {
            Iterator it = clientRepresentation.getRedirectUris().iterator();
            while (it.hasNext()) {
                addClient.addRedirectUri((String) it.next());
            }
        }
        if (clientRepresentation.getWebOrigins() != null) {
            for (String str : clientRepresentation.getWebOrigins()) {
                logger.debugv("Client: {0} webOrigin: {1}", clientRepresentation.getClientId(), str);
                addClient.addWebOrigin(str);
            }
        } else if (clientRepresentation.getRedirectUris() != null) {
            HashSet hashSet = new HashSet();
            for (String str2 : clientRepresentation.getRedirectUris()) {
                logger.debugv("add redirect-uri to origin: {0}", str2);
                if (str2.startsWith("http")) {
                    String origin = UriUtils.getOrigin(str2);
                    logger.debugv("adding default client origin: {0}", origin);
                    hashSet.add(origin);
                }
            }
            if (hashSet.size() > 0) {
                addClient.setWebOrigins(hashSet);
            }
        }
        if (clientRepresentation.getRegisteredNodes() != null) {
            for (Map.Entry entry2 : clientRepresentation.getRegisteredNodes().entrySet()) {
                addClient.registerNode((String) entry2.getKey(), ((Integer) entry2.getValue()).intValue());
            }
        }
        if (z && clientRepresentation.getDefaultRoles() != null) {
            addClient.updateDefaultRoles(clientRepresentation.getDefaultRoles());
        }
        if (clientRepresentation.getProtocolMappers() != null) {
            Iterator<ProtocolMapperModel> it2 = addClient.getProtocolMappers().iterator();
            while (it2.hasNext()) {
                addClient.removeProtocolMapper(it2.next());
            }
            Iterator it3 = clientRepresentation.getProtocolMappers().iterator();
            while (it3.hasNext()) {
                addClient.addProtocolMapper(toModel((ProtocolMapperRepresentation) it3.next()));
            }
        }
        if (clientRepresentation.getClientTemplate() != null) {
            Iterator<ClientTemplateModel> it4 = realmModel.getClientTemplates().iterator();
            while (true) {
                if (!it4.hasNext()) {
                    break;
                }
                ClientTemplateModel next = it4.next();
                if (next.getName().equals(clientRepresentation.getClientTemplate())) {
                    addClient.setClientTemplate(next);
                    break;
                }
            }
        }
        if (clientRepresentation.isFullScopeAllowed() != null) {
            addClient.setFullScopeAllowed(clientRepresentation.isFullScopeAllowed().booleanValue());
        } else if (addClient.getClientTemplate() != null) {
            addClient.setFullScopeAllowed(!addClient.isConsentRequired() && addClient.getClientTemplate().isFullScopeAllowed());
        } else {
            addClient.setFullScopeAllowed(!addClient.isConsentRequired());
        }
        if (clientRepresentation.isUseTemplateConfig() != null) {
            addClient.setUseTemplateConfig(clientRepresentation.isUseTemplateConfig().booleanValue());
        } else {
            addClient.setUseTemplateConfig(false);
        }
        if (clientRepresentation.isUseTemplateScope() != null) {
            addClient.setUseTemplateScope(clientRepresentation.isUseTemplateScope().booleanValue());
        } else {
            addClient.setUseTemplateScope(clientRepresentation.getClientTemplate() != null);
        }
        if (clientRepresentation.isUseTemplateMappers() != null) {
            addClient.setUseTemplateMappers(clientRepresentation.isUseTemplateMappers().booleanValue());
        } else {
            addClient.setUseTemplateMappers(clientRepresentation.getClientTemplate() != null);
        }
        if (Boolean.TRUE.equals(clientRepresentation.getAuthorizationServicesEnabled())) {
            ResourceServerStore resourceServerStore = ((AuthorizationProvider) keycloakSession.getProvider(AuthorizationProvider.class)).getStoreFactory().getResourceServerStore();
            addClient.setServiceAccountsEnabled(true);
            addClient.setBearerOnly(false);
            addClient.setPublicClient(false);
            ResourceServer create = resourceServerStore.create(addClient.getId());
            create.setAllowRemoteResourceManagement(true);
            create.setPolicyEnforcementMode(ResourceServer.PolicyEnforcementMode.ENFORCING);
        }
        return addClient;
    }

    public static void updateClient(ClientRepresentation clientRepresentation, ClientModel clientModel) {
        if (clientRepresentation.getClientId() != null) {
            clientModel.setClientId(clientRepresentation.getClientId());
        }
        if (clientRepresentation.getName() != null) {
            clientModel.setName(clientRepresentation.getName());
        }
        if (clientRepresentation.getDescription() != null) {
            clientModel.setDescription(clientRepresentation.getDescription());
        }
        if (clientRepresentation.isEnabled() != null) {
            clientModel.setEnabled(clientRepresentation.isEnabled().booleanValue());
        }
        if (clientRepresentation.isBearerOnly() != null) {
            clientModel.setBearerOnly(clientRepresentation.isBearerOnly().booleanValue());
        }
        if (clientRepresentation.isConsentRequired() != null) {
            clientModel.setConsentRequired(clientRepresentation.isConsentRequired().booleanValue());
        }
        if (clientRepresentation.isStandardFlowEnabled() != null) {
            clientModel.setStandardFlowEnabled(clientRepresentation.isStandardFlowEnabled().booleanValue());
        }
        if (clientRepresentation.isImplicitFlowEnabled() != null) {
            clientModel.setImplicitFlowEnabled(clientRepresentation.isImplicitFlowEnabled().booleanValue());
        }
        if (clientRepresentation.isDirectAccessGrantsEnabled() != null) {
            clientModel.setDirectAccessGrantsEnabled(clientRepresentation.isDirectAccessGrantsEnabled().booleanValue());
        }
        if (clientRepresentation.isServiceAccountsEnabled() != null) {
            clientModel.setServiceAccountsEnabled(clientRepresentation.isServiceAccountsEnabled().booleanValue());
        }
        if (clientRepresentation.isPublicClient() != null) {
            clientModel.setPublicClient(clientRepresentation.isPublicClient().booleanValue());
        }
        if (clientRepresentation.isFullScopeAllowed() != null) {
            clientModel.setFullScopeAllowed(clientRepresentation.isFullScopeAllowed().booleanValue());
        }
        if (clientRepresentation.isFrontchannelLogout() != null) {
            clientModel.setFrontchannelLogout(clientRepresentation.isFrontchannelLogout().booleanValue());
        }
        if (clientRepresentation.getRootUrl() != null) {
            clientModel.setRootUrl(clientRepresentation.getRootUrl());
        }
        if (clientRepresentation.getAdminUrl() != null) {
            clientModel.setManagementUrl(clientRepresentation.getAdminUrl());
        }
        if (clientRepresentation.getBaseUrl() != null) {
            clientModel.setBaseUrl(clientRepresentation.getBaseUrl());
        }
        if (clientRepresentation.isSurrogateAuthRequired() != null) {
            clientModel.setSurrogateAuthRequired(clientRepresentation.isSurrogateAuthRequired().booleanValue());
        }
        if (clientRepresentation.getNodeReRegistrationTimeout() != null) {
            clientModel.setNodeReRegistrationTimeout(clientRepresentation.getNodeReRegistrationTimeout().intValue());
        }
        if (clientRepresentation.getClientAuthenticatorType() != null) {
            clientModel.setClientAuthenticatorType(clientRepresentation.getClientAuthenticatorType());
        }
        clientModel.updateClient();
        if (clientRepresentation.getProtocol() != null) {
            clientModel.setProtocol(clientRepresentation.getProtocol());
        }
        if (clientRepresentation.getAttributes() != null) {
            for (Map.Entry entry : clientRepresentation.getAttributes().entrySet()) {
                clientModel.setAttribute((String) entry.getKey(), (String) entry.getValue());
            }
        }
        if (clientRepresentation.getNotBefore() != null) {
            clientModel.setNotBefore(clientRepresentation.getNotBefore().intValue());
        }
        if (clientRepresentation.getDefaultRoles() != null) {
            clientModel.updateDefaultRoles(clientRepresentation.getDefaultRoles());
        }
        List redirectUris = clientRepresentation.getRedirectUris();
        if (redirectUris != null) {
            clientModel.setRedirectUris(new HashSet(redirectUris));
        }
        List webOrigins = clientRepresentation.getWebOrigins();
        if (webOrigins != null) {
            clientModel.setWebOrigins(new HashSet(webOrigins));
        }
        if (clientRepresentation.getRegisteredNodes() != null) {
            for (Map.Entry entry2 : clientRepresentation.getRegisteredNodes().entrySet()) {
                clientModel.registerNode((String) entry2.getKey(), ((Integer) entry2.getValue()).intValue());
            }
        }
        if (clientRepresentation.isUseTemplateConfig() != null) {
            clientModel.setUseTemplateConfig(clientRepresentation.isUseTemplateConfig().booleanValue());
        }
        if (clientRepresentation.isUseTemplateScope() != null) {
            clientModel.setUseTemplateScope(clientRepresentation.isUseTemplateScope().booleanValue());
        }
        if (clientRepresentation.isUseTemplateMappers() != null) {
            clientModel.setUseTemplateMappers(clientRepresentation.isUseTemplateMappers().booleanValue());
        }
        if (clientRepresentation.getClientTemplate() != null) {
            if (clientRepresentation.getClientTemplate().equals("NONE")) {
                clientModel.setClientTemplate(null);
                return;
            }
            for (ClientTemplateModel clientTemplateModel : clientModel.getRealm().getClientTemplates()) {
                if (clientTemplateModel.getName().equals(clientRepresentation.getClientTemplate())) {
                    clientModel.setClientTemplate(clientTemplateModel);
                    if (clientRepresentation.isUseTemplateConfig() == null) {
                        clientModel.setUseTemplateConfig(true);
                    }
                    if (clientRepresentation.isUseTemplateScope() == null) {
                        clientModel.setUseTemplateScope(true);
                    }
                    if (clientRepresentation.isUseTemplateMappers() == null) {
                        clientModel.setUseTemplateMappers(true);
                        return;
                    }
                    return;
                }
            }
        }
    }

    private static Map<String, ClientTemplateModel> createClientTemplates(KeycloakSession keycloakSession, RealmRepresentation realmRepresentation, RealmModel realmModel) {
        HashMap hashMap = new HashMap();
        Iterator it = realmRepresentation.getClientTemplates().iterator();
        while (it.hasNext()) {
            ClientTemplateModel createClientTemplate = createClientTemplate(keycloakSession, realmModel, (ClientTemplateRepresentation) it.next());
            hashMap.put(createClientTemplate.getName(), createClientTemplate);
        }
        return hashMap;
    }

    public static ClientTemplateModel createClientTemplate(KeycloakSession keycloakSession, RealmModel realmModel, ClientTemplateRepresentation clientTemplateRepresentation) {
        logger.debug("Create client template: {0}" + clientTemplateRepresentation.getName());
        ClientTemplateModel addClientTemplate = clientTemplateRepresentation.getId() != null ? realmModel.addClientTemplate(clientTemplateRepresentation.getId(), clientTemplateRepresentation.getName()) : realmModel.addClientTemplate(clientTemplateRepresentation.getName());
        if (clientTemplateRepresentation.getName() != null) {
            addClientTemplate.setName(clientTemplateRepresentation.getName());
        }
        if (clientTemplateRepresentation.getDescription() != null) {
            addClientTemplate.setDescription(clientTemplateRepresentation.getDescription());
        }
        if (clientTemplateRepresentation.getProtocol() != null) {
            addClientTemplate.setProtocol(clientTemplateRepresentation.getProtocol());
        }
        if (clientTemplateRepresentation.isFullScopeAllowed() != null) {
            addClientTemplate.setFullScopeAllowed(clientTemplateRepresentation.isFullScopeAllowed().booleanValue());
        }
        if (clientTemplateRepresentation.getProtocolMappers() != null) {
            Iterator<ProtocolMapperModel> it = addClientTemplate.getProtocolMappers().iterator();
            while (it.hasNext()) {
                addClientTemplate.removeProtocolMapper(it.next());
            }
            Iterator it2 = clientTemplateRepresentation.getProtocolMappers().iterator();
            while (it2.hasNext()) {
                addClientTemplate.addProtocolMapper(toModel((ProtocolMapperRepresentation) it2.next()));
            }
        }
        if (clientTemplateRepresentation.isBearerOnly() != null) {
            addClientTemplate.setBearerOnly(clientTemplateRepresentation.isBearerOnly().booleanValue());
        }
        if (clientTemplateRepresentation.isConsentRequired() != null) {
            addClientTemplate.setConsentRequired(clientTemplateRepresentation.isConsentRequired().booleanValue());
        }
        if (clientTemplateRepresentation.isStandardFlowEnabled() != null) {
            addClientTemplate.setStandardFlowEnabled(clientTemplateRepresentation.isStandardFlowEnabled().booleanValue());
        }
        if (clientTemplateRepresentation.isImplicitFlowEnabled() != null) {
            addClientTemplate.setImplicitFlowEnabled(clientTemplateRepresentation.isImplicitFlowEnabled().booleanValue());
        }
        if (clientTemplateRepresentation.isDirectAccessGrantsEnabled() != null) {
            addClientTemplate.setDirectAccessGrantsEnabled(clientTemplateRepresentation.isDirectAccessGrantsEnabled().booleanValue());
        }
        if (clientTemplateRepresentation.isServiceAccountsEnabled() != null) {
            addClientTemplate.setServiceAccountsEnabled(clientTemplateRepresentation.isServiceAccountsEnabled().booleanValue());
        }
        if (clientTemplateRepresentation.isPublicClient() != null) {
            addClientTemplate.setPublicClient(clientTemplateRepresentation.isPublicClient().booleanValue());
        }
        if (clientTemplateRepresentation.isFrontchannelLogout() != null) {
            addClientTemplate.setFrontchannelLogout(clientTemplateRepresentation.isFrontchannelLogout().booleanValue());
        }
        if (clientTemplateRepresentation.getAttributes() != null) {
            for (Map.Entry entry : clientTemplateRepresentation.getAttributes().entrySet()) {
                addClientTemplate.setAttribute((String) entry.getKey(), (String) entry.getValue());
            }
        }
        return addClientTemplate;
    }

    public static void updateClientTemplate(ClientTemplateRepresentation clientTemplateRepresentation, ClientTemplateModel clientTemplateModel) {
        if (clientTemplateRepresentation.getName() != null) {
            clientTemplateModel.setName(clientTemplateRepresentation.getName());
        }
        if (clientTemplateRepresentation.getDescription() != null) {
            clientTemplateModel.setDescription(clientTemplateRepresentation.getDescription());
        }
        if (clientTemplateRepresentation.isFullScopeAllowed() != null) {
            clientTemplateModel.setFullScopeAllowed(clientTemplateRepresentation.isFullScopeAllowed().booleanValue());
        }
        if (clientTemplateRepresentation.getProtocol() != null) {
            clientTemplateModel.setProtocol(clientTemplateRepresentation.getProtocol());
        }
        if (clientTemplateRepresentation.isBearerOnly() != null) {
            clientTemplateModel.setBearerOnly(clientTemplateRepresentation.isBearerOnly().booleanValue());
        }
        if (clientTemplateRepresentation.isConsentRequired() != null) {
            clientTemplateModel.setConsentRequired(clientTemplateRepresentation.isConsentRequired().booleanValue());
        }
        if (clientTemplateRepresentation.isStandardFlowEnabled() != null) {
            clientTemplateModel.setStandardFlowEnabled(clientTemplateRepresentation.isStandardFlowEnabled().booleanValue());
        }
        if (clientTemplateRepresentation.isImplicitFlowEnabled() != null) {
            clientTemplateModel.setImplicitFlowEnabled(clientTemplateRepresentation.isImplicitFlowEnabled().booleanValue());
        }
        if (clientTemplateRepresentation.isDirectAccessGrantsEnabled() != null) {
            clientTemplateModel.setDirectAccessGrantsEnabled(clientTemplateRepresentation.isDirectAccessGrantsEnabled().booleanValue());
        }
        if (clientTemplateRepresentation.isServiceAccountsEnabled() != null) {
            clientTemplateModel.setServiceAccountsEnabled(clientTemplateRepresentation.isServiceAccountsEnabled().booleanValue());
        }
        if (clientTemplateRepresentation.isPublicClient() != null) {
            clientTemplateModel.setPublicClient(clientTemplateRepresentation.isPublicClient().booleanValue());
        }
        if (clientTemplateRepresentation.isFullScopeAllowed() != null) {
            clientTemplateModel.setFullScopeAllowed(clientTemplateRepresentation.isFullScopeAllowed().booleanValue());
        }
        if (clientTemplateRepresentation.isFrontchannelLogout() != null) {
            clientTemplateModel.setFrontchannelLogout(clientTemplateRepresentation.isFrontchannelLogout().booleanValue());
        }
        if (clientTemplateRepresentation.getAttributes() != null) {
            for (Map.Entry entry : clientTemplateRepresentation.getAttributes().entrySet()) {
                clientTemplateModel.setAttribute((String) entry.getKey(), (String) entry.getValue());
            }
        }
    }

    public static long getClaimsMask(ClaimRepresentation claimRepresentation) {
        long j = claimRepresentation.getAddress() ? ClaimMask.ALL | 256 : ClaimMask.ALL & (-257);
        long j2 = claimRepresentation.getEmail() ? j | 32 : j & (-33);
        long j3 = claimRepresentation.getGender() ? j2 | 64 : j2 & (-65);
        long j4 = claimRepresentation.getLocale() ? j3 | 128 : j3 & (-129);
        long j5 = claimRepresentation.getName() ? j4 | 1 : j4 & (-2);
        long j6 = claimRepresentation.getPhone() ? j5 | 512 : j5 & (-513);
        long j7 = claimRepresentation.getPicture() ? j6 | 8 : j6 & (-9);
        long j8 = claimRepresentation.getProfile() ? j7 | 4 : j7 & (-5);
        long j9 = claimRepresentation.getUsername() ? j8 | 2 : j8 & (-3);
        return claimRepresentation.getWebsite() ? j9 | 16 : j9 & (-17);
    }

    public static void createClientScopeMappings(RealmModel realmModel, ClientModel clientModel, List<ScopeMappingRepresentation> list) {
        for (ScopeMappingRepresentation scopeMappingRepresentation : list) {
            ScopeContainerModel scopeContainerHavingScope = getScopeContainerHavingScope(realmModel, scopeMappingRepresentation);
            for (String str : scopeMappingRepresentation.getRoles()) {
                RoleModel role = clientModel.getRole(str.trim());
                if (role == null) {
                    role = clientModel.addRole(str.trim());
                }
                scopeContainerHavingScope.addScopeMapping(role);
            }
        }
    }

    private static ScopeContainerModel getScopeContainerHavingScope(RealmModel realmModel, ScopeMappingRepresentation scopeMappingRepresentation) {
        if (scopeMappingRepresentation.getClient() != null) {
            ClientModel clientByClientId = realmModel.getClientByClientId(scopeMappingRepresentation.getClient());
            if (clientByClientId == null) {
                throw new RuntimeException("Unknown client specification in scope mappings: " + scopeMappingRepresentation.getClient());
            }
            return clientByClientId;
        }
        if (scopeMappingRepresentation.getClientTemplate() == null) {
            throw new RuntimeException("Either client or clientTemplate needs to be specified in scope mappings");
        }
        ClientTemplateModel clientTemplateByName = KeycloakModelUtils.getClientTemplateByName(realmModel, scopeMappingRepresentation.getClientTemplate());
        if (clientTemplateByName == null) {
            throw new RuntimeException("Unknown clientTemplate specification in scope mappings: " + scopeMappingRepresentation.getClientTemplate());
        }
        return clientTemplateByName;
    }

    public static UserModel createUser(KeycloakSession keycloakSession, RealmModel realmModel, UserRepresentation userRepresentation) {
        convertDeprecatedSocialProviders(userRepresentation);
        UserModel addUser = keycloakSession.userStorage().addUser(realmModel, userRepresentation.getId(), userRepresentation.getUsername(), false, false);
        addUser.setEnabled(userRepresentation.isEnabled() != null && userRepresentation.isEnabled().booleanValue());
        addUser.setCreatedTimestamp(userRepresentation.getCreatedTimestamp());
        addUser.setEmail(userRepresentation.getEmail());
        if (userRepresentation.isEmailVerified() != null) {
            addUser.setEmailVerified(userRepresentation.isEmailVerified().booleanValue());
        }
        addUser.setFirstName(userRepresentation.getFirstName());
        addUser.setLastName(userRepresentation.getLastName());
        addUser.setFederationLink(userRepresentation.getFederationLink());
        if (userRepresentation.isTotp() != null) {
            addUser.setOtpEnabled(userRepresentation.isTotp().booleanValue());
        }
        if (userRepresentation.getAttributes() != null) {
            for (Map.Entry entry : userRepresentation.getAttributes().entrySet()) {
                Object value = entry.getValue();
                if (value instanceof Collection) {
                    addUser.setAttribute((String) entry.getKey(), new ArrayList((Collection) value));
                } else if (value instanceof String) {
                    addUser.setSingleAttribute((String) entry.getKey(), (String) value);
                }
            }
        }
        if (userRepresentation.getRequiredActions() != null) {
            Iterator it = userRepresentation.getRequiredActions().iterator();
            while (it.hasNext()) {
                addUser.addRequiredAction(UserModel.RequiredAction.valueOf((String) it.next()));
            }
        }
        createCredentials(userRepresentation, addUser);
        if (userRepresentation.getFederatedIdentities() != null) {
            for (FederatedIdentityRepresentation federatedIdentityRepresentation : userRepresentation.getFederatedIdentities()) {
                keycloakSession.users().addFederatedIdentity(realmModel, addUser, new FederatedIdentityModel(federatedIdentityRepresentation.getIdentityProvider(), federatedIdentityRepresentation.getUserId(), federatedIdentityRepresentation.getUserName()));
            }
        }
        createRoleMappings(userRepresentation, addUser, realmModel);
        if (userRepresentation.getClientConsents() != null) {
            Iterator it2 = userRepresentation.getClientConsents().iterator();
            while (it2.hasNext()) {
                addUser.addConsent(toModel(realmModel, (UserConsentRepresentation) it2.next()));
            }
        }
        if (userRepresentation.getServiceAccountClientId() != null) {
            String serviceAccountClientId = userRepresentation.getServiceAccountClientId();
            ClientModel clientByClientId = realmModel.getClientByClientId(serviceAccountClientId);
            if (clientByClientId == null) {
                throw new RuntimeException("Unable to find client specified for service account link. Client: " + serviceAccountClientId);
            }
            addUser.setServiceAccountClientLink(clientByClientId.getId());
        }
        if (userRepresentation.getGroups() != null) {
            for (String str : userRepresentation.getGroups()) {
                GroupModel findGroupByPath = KeycloakModelUtils.findGroupByPath(realmModel, str);
                if (findGroupByPath == null) {
                    throw new RuntimeException("Unable to find group specified by path: " + str);
                }
                addUser.joinGroup(findGroupByPath);
            }
        }
        return addUser;
    }

    public static void createCredentials(UserRepresentation userRepresentation, UserModel userModel) {
        if (userRepresentation.getCredentials() != null) {
            Iterator it = userRepresentation.getCredentials().iterator();
            while (it.hasNext()) {
                updateCredential(userModel, (CredentialRepresentation) it.next());
            }
        }
    }

    private static void updateCredential(UserModel userModel, CredentialRepresentation credentialRepresentation) {
        if (credentialRepresentation.getValue() != null) {
            userModel.updateCredential(convertCredential(credentialRepresentation));
            return;
        }
        UserCredentialValueModel userCredentialValueModel = new UserCredentialValueModel();
        userCredentialValueModel.setType(credentialRepresentation.getType());
        userCredentialValueModel.setDevice(credentialRepresentation.getDevice());
        if (credentialRepresentation.getHashIterations() != null) {
            userCredentialValueModel.setHashIterations(credentialRepresentation.getHashIterations().intValue());
        }
        try {
            if (credentialRepresentation.getSalt() != null) {
                userCredentialValueModel.setSalt(Base64.decode(credentialRepresentation.getSalt()));
            }
            userCredentialValueModel.setValue(credentialRepresentation.getHashedSaltedValue());
            if (credentialRepresentation.getCounter() != null) {
                userCredentialValueModel.setCounter(credentialRepresentation.getCounter().intValue());
            }
            if (credentialRepresentation.getDigits() != null) {
                userCredentialValueModel.setDigits(credentialRepresentation.getDigits().intValue());
            }
            if (credentialRepresentation.getAlgorithm() != null) {
                if ((UserCredentialModel.PASSWORD.equals(credentialRepresentation.getType()) || UserCredentialModel.PASSWORD_HISTORY.equals(credentialRepresentation.getType())) && credentialRepresentation.getAlgorithm().equals("HmacSHA1")) {
                    userCredentialValueModel.setAlgorithm("pbkdf2");
                } else {
                    userCredentialValueModel.setAlgorithm(credentialRepresentation.getAlgorithm());
                }
            } else if (UserCredentialModel.PASSWORD.equals(credentialRepresentation.getType()) || UserCredentialModel.PASSWORD_HISTORY.equals(credentialRepresentation.getType())) {
                userCredentialValueModel.setAlgorithm("pbkdf2");
            } else if (UserCredentialModel.isOtp(credentialRepresentation.getType())) {
                userCredentialValueModel.setAlgorithm("HmacSHA1");
            }
            if (credentialRepresentation.getPeriod() != null) {
                userCredentialValueModel.setPeriod(credentialRepresentation.getPeriod().intValue());
            }
            if (credentialRepresentation.getDigits() == null && UserCredentialModel.isOtp(credentialRepresentation.getType())) {
                userCredentialValueModel.setDigits(6);
            }
            if (credentialRepresentation.getPeriod() == null && UserCredentialModel.TOTP.equals(credentialRepresentation.getType())) {
                userCredentialValueModel.setPeriod(30);
            }
            userCredentialValueModel.setCreatedDate(credentialRepresentation.getCreatedDate());
            userModel.updateCredentialDirectly(userCredentialValueModel);
        } catch (IOException e) {
            throw new RuntimeException(e);
        }
    }

    public static UserCredentialModel convertCredential(CredentialRepresentation credentialRepresentation) {
        UserCredentialModel userCredentialModel = new UserCredentialModel();
        userCredentialModel.setType(credentialRepresentation.getType());
        userCredentialModel.setValue(credentialRepresentation.getValue());
        return userCredentialModel;
    }

    public static void createRoleMappings(UserRepresentation userRepresentation, UserModel userModel, RealmModel realmModel) {
        if (userRepresentation.getRealmRoles() != null) {
            for (String str : userRepresentation.getRealmRoles()) {
                RoleModel role = realmModel.getRole(str.trim());
                if (role == null) {
                    role = realmModel.addRole(str.trim());
                }
                userModel.grantRole(role);
            }
        }
        if (userRepresentation.getClientRoles() != null) {
            for (Map.Entry entry : userRepresentation.getClientRoles().entrySet()) {
                ClientModel clientByClientId = realmModel.getClientByClientId((String) entry.getKey());
                if (clientByClientId == null) {
                    throw new RuntimeException("Unable to find client role mappings for client: " + ((String) entry.getKey()));
                }
                createClientRoleMappings(clientByClientId, userModel, (List) entry.getValue());
            }
        }
    }

    public static void createClientRoleMappings(ClientModel clientModel, UserModel userModel, List<String> list) {
        if (userModel == null) {
            throw new RuntimeException("User not found");
        }
        for (String str : list) {
            RoleModel role = clientModel.getRole(str.trim());
            if (role == null) {
                role = clientModel.addRole(str.trim());
            }
            userModel.grantRole(role);
        }
    }

    private static void importIdentityProviders(RealmRepresentation realmRepresentation, RealmModel realmModel) {
        if (realmRepresentation.getIdentityProviders() != null) {
            Iterator it = realmRepresentation.getIdentityProviders().iterator();
            while (it.hasNext()) {
                realmModel.addIdentityProvider(toModel(realmModel, (IdentityProviderRepresentation) it.next()));
            }
        }
    }

    private static void importIdentityProviderMappers(RealmRepresentation realmRepresentation, RealmModel realmModel) {
        if (realmRepresentation.getIdentityProviderMappers() != null) {
            Iterator it = realmRepresentation.getIdentityProviderMappers().iterator();
            while (it.hasNext()) {
                realmModel.addIdentityProviderMapper(toModel((IdentityProviderMapperRepresentation) it.next()));
            }
        }
    }

    public static IdentityProviderModel toModel(RealmModel realmModel, IdentityProviderRepresentation identityProviderRepresentation) {
        IdentityProviderModel identityProviderModel = new IdentityProviderModel();
        identityProviderModel.setInternalId(identityProviderRepresentation.getInternalId());
        identityProviderModel.setAlias(identityProviderRepresentation.getAlias());
        identityProviderModel.setProviderId(identityProviderRepresentation.getProviderId());
        identityProviderModel.setEnabled(identityProviderRepresentation.isEnabled());
        identityProviderModel.setTrustEmail(identityProviderRepresentation.isTrustEmail());
        identityProviderModel.setAuthenticateByDefault(identityProviderRepresentation.isAuthenticateByDefault());
        identityProviderModel.setStoreToken(identityProviderRepresentation.isStoreToken());
        identityProviderModel.setAddReadTokenRoleOnCreate(identityProviderRepresentation.isAddReadTokenRoleOnCreate());
        identityProviderModel.setConfig(identityProviderRepresentation.getConfig());
        String firstBrokerLoginFlowAlias = identityProviderRepresentation.getFirstBrokerLoginFlowAlias();
        if (firstBrokerLoginFlowAlias == null) {
            firstBrokerLoginFlowAlias = DefaultAuthenticationFlows.FIRST_BROKER_LOGIN_FLOW;
        }
        AuthenticationFlowModel flowByAlias = realmModel.getFlowByAlias(firstBrokerLoginFlowAlias);
        if (flowByAlias == null) {
            throw new ModelException("No available authentication flow with alias: " + firstBrokerLoginFlowAlias);
        }
        identityProviderModel.setFirstBrokerLoginFlowId(flowByAlias.getId());
        String postBrokerLoginFlowAlias = identityProviderRepresentation.getPostBrokerLoginFlowAlias();
        if (postBrokerLoginFlowAlias == null || postBrokerLoginFlowAlias.trim().length() == 0) {
            identityProviderModel.setPostBrokerLoginFlowId(null);
        } else {
            AuthenticationFlowModel flowByAlias2 = realmModel.getFlowByAlias(postBrokerLoginFlowAlias);
            if (flowByAlias2 == null) {
                throw new ModelException("No available authentication flow with alias: " + postBrokerLoginFlowAlias);
            }
            identityProviderModel.setPostBrokerLoginFlowId(flowByAlias2.getId());
        }
        return identityProviderModel;
    }

    public static ProtocolMapperModel toModel(ProtocolMapperRepresentation protocolMapperRepresentation) {
        ProtocolMapperModel protocolMapperModel = new ProtocolMapperModel();
        protocolMapperModel.setId(protocolMapperRepresentation.getId());
        protocolMapperModel.setName(protocolMapperRepresentation.getName());
        protocolMapperModel.setConsentRequired(protocolMapperRepresentation.isConsentRequired());
        protocolMapperModel.setConsentText(protocolMapperRepresentation.getConsentText());
        protocolMapperModel.setProtocol(protocolMapperRepresentation.getProtocol());
        protocolMapperModel.setProtocolMapper(protocolMapperRepresentation.getProtocolMapper());
        protocolMapperModel.setConfig(protocolMapperRepresentation.getConfig());
        return protocolMapperModel;
    }

    public static IdentityProviderMapperModel toModel(IdentityProviderMapperRepresentation identityProviderMapperRepresentation) {
        IdentityProviderMapperModel identityProviderMapperModel = new IdentityProviderMapperModel();
        identityProviderMapperModel.setId(identityProviderMapperRepresentation.getId());
        identityProviderMapperModel.setName(identityProviderMapperRepresentation.getName());
        identityProviderMapperModel.setIdentityProviderAlias(identityProviderMapperRepresentation.getIdentityProviderAlias());
        identityProviderMapperModel.setIdentityProviderMapper(identityProviderMapperRepresentation.getIdentityProviderMapper());
        identityProviderMapperModel.setConfig(identityProviderMapperRepresentation.getConfig());
        return identityProviderMapperModel;
    }

    public static UserConsentModel toModel(RealmModel realmModel, UserConsentRepresentation userConsentRepresentation) {
        ClientModel clientByClientId = realmModel.getClientByClientId(userConsentRepresentation.getClientId());
        if (clientByClientId == null) {
            throw new RuntimeException("Unable to find client consent mappings for client: " + userConsentRepresentation.getClientId());
        }
        UserConsentModel userConsentModel = new UserConsentModel(clientByClientId);
        if (userConsentRepresentation.getGrantedRealmRoles() != null) {
            for (String str : userConsentRepresentation.getGrantedRealmRoles()) {
                RoleModel role = realmModel.getRole(str);
                if (role == null) {
                    throw new RuntimeException("Unable to find realm role referenced in consent mappings of user. Role name: " + str);
                }
                userConsentModel.addGrantedRole(role);
            }
        }
        if (userConsentRepresentation.getGrantedClientRoles() != null) {
            for (Map.Entry entry : userConsentRepresentation.getGrantedClientRoles().entrySet()) {
                String str2 = (String) entry.getKey();
                ClientModel clientByClientId2 = realmModel.getClientByClientId(str2);
                if (clientByClientId2 == null) {
                    throw new RuntimeException("Unable to find client referenced in consent mappings. Client ID: " + str2);
                }
                Iterator it = ((List) entry.getValue()).iterator();
                while (it.hasNext()) {
                    RoleModel role2 = clientByClientId2.getRole((String) it.next());
                    if (role2 == null) {
                        throw new RuntimeException("Unable to find client role referenced in consent mappings of user. Role name: " + role2 + ", Client: " + str2);
                    }
                    userConsentModel.addGrantedRole(role2);
                }
            }
        }
        if (userConsentRepresentation.getGrantedProtocolMappers() != null) {
            for (Map.Entry entry2 : userConsentRepresentation.getGrantedProtocolMappers().entrySet()) {
                String str3 = (String) entry2.getKey();
                for (String str4 : (List) entry2.getValue()) {
                    ProtocolMapperModel protocolMapperByName = clientByClientId.getProtocolMapperByName(str3, str4);
                    if (protocolMapperByName == null) {
                        throw new RuntimeException("Unable to find protocol mapper for protocol " + str3 + ", mapper name " + str4);
                    }
                    userConsentModel.addGrantedProtocolMapper(protocolMapperByName);
                }
            }
        }
        return userConsentModel;
    }

    public static AuthenticationFlowModel toModel(AuthenticationFlowRepresentation authenticationFlowRepresentation) {
        AuthenticationFlowModel authenticationFlowModel = new AuthenticationFlowModel();
        authenticationFlowModel.setId(authenticationFlowRepresentation.getId());
        authenticationFlowModel.setBuiltIn(authenticationFlowRepresentation.isBuiltIn());
        authenticationFlowModel.setTopLevel(authenticationFlowRepresentation.isTopLevel());
        authenticationFlowModel.setProviderId(authenticationFlowRepresentation.getProviderId());
        authenticationFlowModel.setAlias(authenticationFlowRepresentation.getAlias());
        authenticationFlowModel.setDescription(authenticationFlowRepresentation.getDescription());
        return authenticationFlowModel;
    }

    public static AuthenticationExecutionModel toModel(RealmModel realmModel, AuthenticationExecutionExportRepresentation authenticationExecutionExportRepresentation) {
        AuthenticationExecutionModel authenticationExecutionModel = new AuthenticationExecutionModel();
        if (authenticationExecutionExportRepresentation.getAuthenticatorConfig() != null) {
            authenticationExecutionModel.setAuthenticatorConfig(realmModel.getAuthenticatorConfigByAlias(authenticationExecutionExportRepresentation.getAuthenticatorConfig()).getId());
        }
        authenticationExecutionModel.setAuthenticator(authenticationExecutionExportRepresentation.getAuthenticator());
        authenticationExecutionModel.setAuthenticatorFlow(authenticationExecutionExportRepresentation.isAutheticatorFlow());
        if (authenticationExecutionExportRepresentation.getFlowAlias() != null) {
            authenticationExecutionModel.setFlowId(realmModel.getFlowByAlias(authenticationExecutionExportRepresentation.getFlowAlias()).getId());
        }
        authenticationExecutionModel.setPriority(authenticationExecutionExportRepresentation.getPriority());
        authenticationExecutionModel.setRequirement(AuthenticationExecutionModel.Requirement.valueOf(authenticationExecutionExportRepresentation.getRequirement()));
        return authenticationExecutionModel;
    }

    public static AuthenticationExecutionModel toModel(RealmModel realmModel, AuthenticationExecutionRepresentation authenticationExecutionRepresentation) {
        AuthenticationExecutionModel authenticationExecutionModel = new AuthenticationExecutionModel();
        authenticationExecutionModel.setId(authenticationExecutionRepresentation.getId());
        authenticationExecutionModel.setFlowId(authenticationExecutionRepresentation.getFlowId());
        authenticationExecutionModel.setAuthenticator(authenticationExecutionRepresentation.getAuthenticator());
        authenticationExecutionModel.setPriority(authenticationExecutionRepresentation.getPriority());
        authenticationExecutionModel.setParentFlow(authenticationExecutionRepresentation.getParentFlow());
        authenticationExecutionModel.setAuthenticatorFlow(authenticationExecutionRepresentation.isAutheticatorFlow());
        authenticationExecutionModel.setRequirement(AuthenticationExecutionModel.Requirement.valueOf(authenticationExecutionRepresentation.getRequirement()));
        if (authenticationExecutionRepresentation.getAuthenticatorConfig() != null) {
            authenticationExecutionModel.setAuthenticatorConfig(realmModel.getAuthenticatorConfigByAlias(authenticationExecutionRepresentation.getAuthenticatorConfig()).getId());
        }
        return authenticationExecutionModel;
    }

    public static AuthenticatorConfigModel toModel(AuthenticatorConfigRepresentation authenticatorConfigRepresentation) {
        AuthenticatorConfigModel authenticatorConfigModel = new AuthenticatorConfigModel();
        authenticatorConfigModel.setAlias(authenticatorConfigRepresentation.getAlias());
        authenticatorConfigModel.setConfig(authenticatorConfigRepresentation.getConfig());
        return authenticatorConfigModel;
    }

    public static RequiredActionProviderModel toModel(RequiredActionProviderRepresentation requiredActionProviderRepresentation) {
        RequiredActionProviderModel requiredActionProviderModel = new RequiredActionProviderModel();
        requiredActionProviderModel.setConfig(requiredActionProviderRepresentation.getConfig());
        requiredActionProviderModel.setDefaultAction(requiredActionProviderRepresentation.isDefaultAction());
        requiredActionProviderModel.setEnabled(requiredActionProviderRepresentation.isEnabled());
        requiredActionProviderModel.setProviderId(requiredActionProviderRepresentation.getProviderId());
        requiredActionProviderModel.setName(requiredActionProviderRepresentation.getName());
        requiredActionProviderModel.setAlias(requiredActionProviderRepresentation.getAlias());
        return requiredActionProviderModel;
    }
}
