package org.keycloak.federation.ldap.mappers;

import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import org.keycloak.federation.ldap.LDAPConfig;
import org.keycloak.federation.ldap.LDAPFederationProvider;
import org.keycloak.mappers.MapperConfigValidationException;
import org.keycloak.models.RealmModel;
import org.keycloak.models.UserFederationMapperModel;
import org.keycloak.models.UserFederationProvider;
import org.keycloak.models.UserFederationProviderModel;
import org.keycloak.provider.ProviderConfigProperty;

/* loaded from: input_file:org/keycloak/federation/ldap/mappers/UserAttributeLDAPFederationMapperFactory.class */
public class UserAttributeLDAPFederationMapperFactory extends AbstractLDAPFederationMapperFactory {
    public static final String PROVIDER_ID = "user-attribute-ldap-mapper";
    protected static final List<ProviderConfigProperty> configProperties = new ArrayList();

    public String getHelpText() {
        return "Used to map single attribute from LDAP user to attribute of UserModel in Keycloak DB";
    }

    public String getDisplayCategory() {
        return AbstractLDAPFederationMapperFactory.ATTRIBUTE_MAPPER_CATEGORY;
    }

    public String getDisplayType() {
        return "User Attribute";
    }

    public List<ProviderConfigProperty> getConfigProperties() {
        return configProperties;
    }

    public Map<String, String> getDefaultConfig(UserFederationProviderModel userFederationProviderModel) {
        HashMap hashMap = new HashMap();
        hashMap.put("read.only", new LDAPConfig(userFederationProviderModel.getConfig()).getEditMode() == UserFederationProvider.EditMode.WRITABLE ? "false" : "true");
        hashMap.put(UserAttributeLDAPFederationMapper.ALWAYS_READ_VALUE_FROM_LDAP, "false");
        hashMap.put(UserAttributeLDAPFederationMapper.IS_MANDATORY_IN_LDAP, "false");
        return hashMap;
    }

    public String getId() {
        return PROVIDER_ID;
    }

    public void validateConfig(RealmModel realmModel, UserFederationMapperModel userFederationMapperModel) throws MapperConfigValidationException {
        checkMandatoryConfigAttribute(UserAttributeLDAPFederationMapper.USER_MODEL_ATTRIBUTE, "User Model Attribute", userFederationMapperModel);
        checkMandatoryConfigAttribute(UserAttributeLDAPFederationMapper.LDAP_ATTRIBUTE, "LDAP Attribute", userFederationMapperModel);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.keycloak.federation.ldap.mappers.AbstractLDAPFederationMapperFactory
    public AbstractLDAPFederationMapper createMapper(UserFederationMapperModel userFederationMapperModel, LDAPFederationProvider lDAPFederationProvider, RealmModel realmModel) {
        return new UserAttributeLDAPFederationMapper(userFederationMapperModel, lDAPFederationProvider, realmModel);
    }

    static {
        configProperties.add(createConfigProperty(UserAttributeLDAPFederationMapper.USER_MODEL_ATTRIBUTE, "User Model Attribute", "Name of mapped UserModel property or UserModel attribute in Keycloak DB. For example 'firstName', 'lastName, 'email', 'street' etc.", "String", null));
        configProperties.add(createConfigProperty(UserAttributeLDAPFederationMapper.LDAP_ATTRIBUTE, "LDAP Attribute", "Name of mapped attribute on LDAP object. For example 'cn', 'sn, 'mail', 'street' etc.", "String", null));
        configProperties.add(createConfigProperty("read.only", "Read Only", "Read-only attribute is imported from LDAP to Keycloak DB, but it's not saved back to LDAP when user is updated in Keycloak.", "boolean", null));
        configProperties.add(createConfigProperty(UserAttributeLDAPFederationMapper.ALWAYS_READ_VALUE_FROM_LDAP, "Always Read Value From LDAP", "If on, then during reading of the user will be value of attribute from LDAP always used instead of the value from Keycloak DB", "boolean", null));
        configProperties.add(createConfigProperty(UserAttributeLDAPFederationMapper.IS_MANDATORY_IN_LDAP, "Is Mandatory In LDAP", "If true, attribute is mandatory in LDAP. Hence if there is no value in Keycloak DB, the empty value will be set to be propagated to LDAP", "boolean", null));
    }
}
