package org.keycloak.storage.ldap.mappers.membership;

import java.util.ArrayList;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Set;
import org.keycloak.models.RealmModel;
import org.keycloak.models.UserModel;
import org.keycloak.storage.ldap.LDAPConfig;
import org.keycloak.storage.ldap.LDAPStorageProvider;
import org.keycloak.storage.ldap.LDAPUtils;
import org.keycloak.storage.ldap.idm.model.LDAPDn;
import org.keycloak.storage.ldap.idm.model.LDAPObject;
import org.keycloak.storage.ldap.idm.query.Condition;
import org.keycloak.storage.ldap.idm.query.EscapeStrategy;
import org.keycloak.storage.ldap.idm.query.internal.LDAPQuery;
import org.keycloak.storage.ldap.idm.query.internal.LDAPQueryConditionsBuilder;
import org.keycloak.storage.ldap.mappers.membership.group.GroupLDAPStorageMapper;

/* loaded from: input_file:org/keycloak/storage/ldap/mappers/membership/MembershipType.class */
public enum MembershipType {
    DN { // from class: org.keycloak.storage.ldap.mappers.membership.MembershipType.1
        @Override // org.keycloak.storage.ldap.mappers.membership.MembershipType
        public Set<LDAPDn> getLDAPSubgroups(GroupLDAPStorageMapper groupLDAPStorageMapper, LDAPObject lDAPObject) {
            CommonLDAPGroupMapperConfig config = groupLDAPStorageMapper.getConfig();
            return getLDAPMembersWithParent(groupLDAPStorageMapper.getLdapProvider(), lDAPObject, config.getMembershipLdapAttribute(), LDAPDn.fromString(config.getLDAPGroupsDn()));
        }

        protected Set<LDAPDn> getLDAPMembersWithParent(LDAPStorageProvider lDAPStorageProvider, LDAPObject lDAPObject, String str, LDAPDn lDAPDn) {
            Set<String> existingMemberships = LDAPUtils.getExistingMemberships(lDAPStorageProvider, str, lDAPObject);
            HashSet hashSet = new HashSet();
            Iterator<String> it = existingMemberships.iterator();
            while (it.hasNext()) {
                LDAPDn fromString = LDAPDn.fromString(it.next());
                if (fromString.isDescendantOf(lDAPDn)) {
                    hashSet.add(fromString);
                }
            }
            return hashSet;
        }

        @Override // org.keycloak.storage.ldap.mappers.membership.MembershipType
        public List<UserModel> getGroupMembers(RealmModel realmModel, GroupLDAPStorageMapper groupLDAPStorageMapper, LDAPObject lDAPObject, int i, int i2) {
            LDAPStorageProvider ldapProvider = groupLDAPStorageMapper.getLdapProvider();
            Set<LDAPDn> lDAPMembersWithParent = getLDAPMembersWithParent(ldapProvider, lDAPObject, groupLDAPStorageMapper.getConfig().getMembershipLdapAttribute(), LDAPDn.fromString(ldapProvider.getLdapIdentityStore().getConfig().getUsersDn()));
            if (lDAPMembersWithParent != null && lDAPMembersWithParent.size() > i) {
                ArrayList arrayList = new ArrayList(lDAPMembersWithParent);
                List<LDAPDn> subList = arrayList.subList(i, Math.min(arrayList.size(), i + i2));
                LinkedList linkedList = new LinkedList();
                LDAPConfig config = ldapProvider.getLdapIdentityStore().getConfig();
                if (config.getUsernameLdapAttribute().equals(config.getRdnLdapAttribute())) {
                    Iterator it = subList.iterator();
                    while (it.hasNext()) {
                        linkedList.add(((LDAPDn) it.next()).getFirstRdnAttrValue());
                    }
                } else {
                    LDAPQuery createQueryForUserSearch = LDAPUtils.createQueryForUserSearch(ldapProvider, realmModel);
                    LDAPQueryConditionsBuilder lDAPQueryConditionsBuilder = new LDAPQueryConditionsBuilder();
                    Condition[] conditionArr = new Condition[subList.size()];
                    int i3 = 0;
                    for (LDAPDn lDAPDn : subList) {
                        conditionArr[i3] = lDAPQueryConditionsBuilder.equal(lDAPDn.getFirstRdnAttrName(), lDAPDn.getFirstRdnAttrValue(), EscapeStrategy.DEFAULT);
                        i3++;
                    }
                    createQueryForUserSearch.addWhereCondition(lDAPQueryConditionsBuilder.orCondition(conditionArr));
                    Iterator<LDAPObject> it2 = createQueryForUserSearch.getResultList().iterator();
                    while (it2.hasNext()) {
                        linkedList.add(LDAPUtils.getUsername(it2.next(), config));
                    }
                }
                return ldapProvider.loadUsersByUsernames(linkedList, realmModel);
            }
            return Collections.emptyList();
        }
    },
    UID { // from class: org.keycloak.storage.ldap.mappers.membership.MembershipType.2
        @Override // org.keycloak.storage.ldap.mappers.membership.MembershipType
        public Set<LDAPDn> getLDAPSubgroups(GroupLDAPStorageMapper groupLDAPStorageMapper, LDAPObject lDAPObject) {
            return Collections.emptySet();
        }

        @Override // org.keycloak.storage.ldap.mappers.membership.MembershipType
        public List<UserModel> getGroupMembers(RealmModel realmModel, GroupLDAPStorageMapper groupLDAPStorageMapper, LDAPObject lDAPObject, int i, int i2) {
            List<String> linkedList;
            LDAPStorageProvider ldapProvider = groupLDAPStorageMapper.getLdapProvider();
            LDAPConfig config = ldapProvider.getLdapIdentityStore().getConfig();
            Set<String> existingMemberships = LDAPUtils.getExistingMemberships(ldapProvider, groupLDAPStorageMapper.getConfig().getMembershipLdapAttribute(), lDAPObject);
            if (existingMemberships == null || existingMemberships.size() <= i) {
                return Collections.emptyList();
            }
            List<String> subList = new ArrayList(existingMemberships).subList(i, Math.min(existingMemberships.size(), i + i2));
            String membershipUserLdapAttribute = groupLDAPStorageMapper.getConfig().getMembershipUserLdapAttribute(config);
            if (membershipUserLdapAttribute.equals(config.getUsernameLdapAttribute())) {
                linkedList = subList;
            } else {
                linkedList = new LinkedList();
                LDAPQuery createQueryForUserSearch = LDAPUtils.createQueryForUserSearch(ldapProvider, realmModel);
                LDAPQueryConditionsBuilder lDAPQueryConditionsBuilder = new LDAPQueryConditionsBuilder();
                Condition[] conditionArr = new Condition[subList.size()];
                int i3 = 0;
                Iterator<String> it = subList.iterator();
                while (it.hasNext()) {
                    conditionArr[i3] = lDAPQueryConditionsBuilder.equal(membershipUserLdapAttribute, it.next(), EscapeStrategy.DEFAULT);
                    i3++;
                }
                createQueryForUserSearch.addWhereCondition(lDAPQueryConditionsBuilder.orCondition(conditionArr));
                Iterator<LDAPObject> it2 = createQueryForUserSearch.getResultList().iterator();
                while (it2.hasNext()) {
                    linkedList.add(LDAPUtils.getUsername(it2.next(), config));
                }
            }
            return groupLDAPStorageMapper.getLdapProvider().loadUsersByUsernames(linkedList, realmModel);
        }
    };

    public abstract Set<LDAPDn> getLDAPSubgroups(GroupLDAPStorageMapper groupLDAPStorageMapper, LDAPObject lDAPObject);

    public abstract List<UserModel> getGroupMembers(RealmModel realmModel, GroupLDAPStorageMapper groupLDAPStorageMapper, LDAPObject lDAPObject, int i, int i2);
}
