package org.keycloak.authentication.authenticators.x509;

import java.util.Arrays;
import java.util.List;
import java.util.Objects;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import org.keycloak.authentication.AuthenticationFlowContext;
import org.keycloak.models.Constants;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.ModelDuplicateException;
import org.keycloak.models.UserModel;
import org.keycloak.models.utils.KeycloakModelUtils;

/* loaded from: input_file:org/keycloak/authentication/authenticators/x509/UserIdentityToModelMapper.class */
public abstract class UserIdentityToModelMapper {

    /* loaded from: input_file:org/keycloak/authentication/authenticators/x509/UserIdentityToModelMapper$UserIdentityToCustomAttributeMapper.class */
    static class UserIdentityToCustomAttributeMapper extends UserIdentityToModelMapper {
        private List<String> _customAttributes;

        UserIdentityToCustomAttributeMapper(String str) {
            this._customAttributes = Arrays.asList(Constants.CFG_DELIMITER_PATTERN.split(str));
        }

        @Override // org.keycloak.authentication.authenticators.x509.UserIdentityToModelMapper
        public UserModel find(AuthenticationFlowContext authenticationFlowContext, Object obj) throws Exception {
            KeycloakSession session = authenticationFlowContext.getSession();
            List asList = Arrays.asList(Constants.CFG_DELIMITER_PATTERN.split(obj.toString()));
            if (this._customAttributes.isEmpty() || asList.isEmpty() || this._customAttributes.size() != asList.size()) {
                return null;
            }
            Stream searchForUserByUserAttributeStream = session.users().searchForUserByUserAttributeStream(this._customAttributes.get(0), (String) asList.get(0), authenticationFlowContext.getRealm());
            for (int i = 1; i < this._customAttributes.size(); i++) {
                String str = this._customAttributes.get(i);
                String str2 = (String) asList.get(i);
                searchForUserByUserAttributeStream = searchForUserByUserAttributeStream.filter(userModel -> {
                    return Objects.equals(userModel.getFirstAttribute(str), str2);
                });
            }
            List list = (List) searchForUserByUserAttributeStream.collect(Collectors.toList());
            if (list.size() > 1) {
                throw new ModelDuplicateException();
            }
            if (list.size() == 1) {
                return (UserModel) list.get(0);
            }
            return null;
        }
    }

    /* loaded from: input_file:org/keycloak/authentication/authenticators/x509/UserIdentityToModelMapper$UsernameOrEmailMapper.class */
    static class UsernameOrEmailMapper extends UserIdentityToModelMapper {
        UsernameOrEmailMapper() {
        }

        @Override // org.keycloak.authentication.authenticators.x509.UserIdentityToModelMapper
        public UserModel find(AuthenticationFlowContext authenticationFlowContext, Object obj) throws Exception {
            return KeycloakModelUtils.findUserByNameOrEmail(authenticationFlowContext.getSession(), authenticationFlowContext.getRealm(), obj.toString().trim());
        }
    }

    public abstract UserModel find(AuthenticationFlowContext authenticationFlowContext, Object obj) throws Exception;

    public static UserIdentityToModelMapper getUsernameOrEmailMapper() {
        return new UsernameOrEmailMapper();
    }

    public static UserIdentityToModelMapper getUserIdentityToCustomAttributeMapper(String str) {
        return new UserIdentityToCustomAttributeMapper(str);
    }
}
