package org.keycloak.storage.jpa;

import java.util.ArrayList;
import java.util.Collection;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Set;
import javax.persistence.EntityManager;
import javax.persistence.TypedQuery;
import org.keycloak.common.util.MultivaluedHashMap;
import org.keycloak.common.util.Time;
import org.keycloak.component.ComponentModel;
import org.keycloak.credential.CredentialModel;
import org.keycloak.credential.UserCredentialStore;
import org.keycloak.models.ClientModel;
import org.keycloak.models.FederatedIdentityModel;
import org.keycloak.models.GroupModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.ModelDuplicateException;
import org.keycloak.models.ModelException;
import org.keycloak.models.ProtocolMapperModel;
import org.keycloak.models.RealmModel;
import org.keycloak.models.RoleModel;
import org.keycloak.models.UserConsentModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.utils.KeycloakModelUtils;
import org.keycloak.storage.StorageId;
import org.keycloak.storage.UserStorageProvider;
import org.keycloak.storage.federated.UserFederatedStorageProvider;
import org.keycloak.storage.jpa.entity.BrokerLinkEntity;
import org.keycloak.storage.jpa.entity.FederatedUser;
import org.keycloak.storage.jpa.entity.FederatedUserAttributeEntity;
import org.keycloak.storage.jpa.entity.FederatedUserConsentEntity;
import org.keycloak.storage.jpa.entity.FederatedUserConsentProtocolMapperEntity;
import org.keycloak.storage.jpa.entity.FederatedUserConsentRoleEntity;
import org.keycloak.storage.jpa.entity.FederatedUserCredentialAttributeEntity;
import org.keycloak.storage.jpa.entity.FederatedUserCredentialEntity;
import org.keycloak.storage.jpa.entity.FederatedUserGroupMembershipEntity;
import org.keycloak.storage.jpa.entity.FederatedUserRequiredActionEntity;
import org.keycloak.storage.jpa.entity.FederatedUserRoleMappingEntity;

/* loaded from: input_file:org/keycloak/storage/jpa/JpaUserFederatedStorageProvider.class */
public class JpaUserFederatedStorageProvider implements UserFederatedStorageProvider, UserCredentialStore {
    private final KeycloakSession session;
    protected EntityManager em;

    public JpaUserFederatedStorageProvider(KeycloakSession keycloakSession, EntityManager entityManager) {
        this.session = keycloakSession;
        this.em = entityManager;
    }

    public void close() {
    }

    protected void createIndex(RealmModel realmModel, String str) {
        if (this.em.find(FederatedUser.class, str) == null) {
            FederatedUser federatedUser = new FederatedUser();
            federatedUser.setId(str);
            federatedUser.setRealmId(realmModel.getId());
            federatedUser.setStorageProviderId(new StorageId(str).getProviderId());
            this.em.persist(federatedUser);
        }
    }

    public void setAttribute(RealmModel realmModel, String str, String str2, List<String> list) {
        createIndex(realmModel, str);
        deleteAttribute(realmModel, str, str2);
        this.em.flush();
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            persistAttributeValue(realmModel, str, str2, it.next());
        }
    }

    private void deleteAttribute(RealmModel realmModel, String str, String str2) {
        this.em.createNamedQuery("deleteUserFederatedAttributesByUserAndName").setParameter("userId", str).setParameter("realmId", realmModel.getId()).setParameter("name", str2).executeUpdate();
    }

    private void persistAttributeValue(RealmModel realmModel, String str, String str2, String str3) {
        FederatedUserAttributeEntity federatedUserAttributeEntity = new FederatedUserAttributeEntity();
        federatedUserAttributeEntity.setId(KeycloakModelUtils.generateId());
        federatedUserAttributeEntity.setName(str2);
        federatedUserAttributeEntity.setValue(str3);
        federatedUserAttributeEntity.setUserId(str);
        federatedUserAttributeEntity.setRealmId(realmModel.getId());
        federatedUserAttributeEntity.setStorageProviderId(new StorageId(str).getProviderId());
        this.em.persist(federatedUserAttributeEntity);
    }

    public void setSingleAttribute(RealmModel realmModel, String str, String str2, String str3) {
        createIndex(realmModel, str);
        deleteAttribute(realmModel, str, str2);
        this.em.flush();
        persistAttributeValue(realmModel, str, str2, str3);
    }

    public void removeAttribute(RealmModel realmModel, String str, String str2) {
        deleteAttribute(realmModel, str, str2);
        this.em.flush();
    }

    public MultivaluedHashMap<String, String> getAttributes(RealmModel realmModel, String str) {
        List<FederatedUserAttributeEntity> resultList = this.em.createNamedQuery("getFederatedAttributesByUser", FederatedUserAttributeEntity.class).setParameter("userId", str).setParameter("realmId", realmModel.getId()).getResultList();
        MultivaluedHashMap<String, String> multivaluedHashMap = new MultivaluedHashMap<>();
        for (FederatedUserAttributeEntity federatedUserAttributeEntity : resultList) {
            multivaluedHashMap.add(federatedUserAttributeEntity.getName(), federatedUserAttributeEntity.getValue());
        }
        return multivaluedHashMap;
    }

    public List<String> getUsersByUserAttribute(RealmModel realmModel, String str, String str2) {
        return this.em.createNamedQuery("getFederatedAttributesByNameAndValue", String.class).setParameter("realmId", realmModel.getId()).setParameter("name", str).setParameter("value", str2).getResultList();
    }

    public String getUserByFederatedIdentity(FederatedIdentityModel federatedIdentityModel, RealmModel realmModel) {
        List resultList = this.em.createNamedQuery("findUserByBrokerLinkAndRealm", String.class).setParameter("realmId", realmModel.getId()).setParameter("identityProvider", federatedIdentityModel.getIdentityProvider()).setParameter("brokerUserId", federatedIdentityModel.getUserId()).getResultList();
        if (resultList.isEmpty()) {
            return null;
        }
        if (resultList.size() > 1) {
            throw new IllegalStateException("More results found for identityProvider=" + federatedIdentityModel.getIdentityProvider() + ", userId=" + federatedIdentityModel.getUserId() + ", results=" + resultList);
        }
        return (String) resultList.get(0);
    }

    public void addFederatedIdentity(RealmModel realmModel, String str, FederatedIdentityModel federatedIdentityModel) {
        createIndex(realmModel, str);
        BrokerLinkEntity brokerLinkEntity = new BrokerLinkEntity();
        brokerLinkEntity.setRealmId(realmModel.getId());
        brokerLinkEntity.setUserId(str);
        brokerLinkEntity.setBrokerUserId(federatedIdentityModel.getUserId());
        brokerLinkEntity.setIdentityProvider(federatedIdentityModel.getIdentityProvider());
        brokerLinkEntity.setToken(federatedIdentityModel.getToken());
        brokerLinkEntity.setBrokerUserName(federatedIdentityModel.getUserName());
        brokerLinkEntity.setStorageProviderId(new StorageId(str).getProviderId());
        this.em.persist(brokerLinkEntity);
    }

    public boolean removeFederatedIdentity(RealmModel realmModel, String str, String str2) {
        BrokerLinkEntity brokerLinkEntity = getBrokerLinkEntity(realmModel, str, str2);
        if (brokerLinkEntity == null) {
            return false;
        }
        this.em.remove(brokerLinkEntity);
        return true;
    }

    private BrokerLinkEntity getBrokerLinkEntity(RealmModel realmModel, String str, String str2) {
        List resultList = this.em.createNamedQuery("findBrokerLinkByUserAndProvider", BrokerLinkEntity.class).setParameter("userId", str).setParameter("realmId", realmModel.getId()).setParameter("identityProvider", str2).getResultList();
        if (resultList.size() > 0) {
            return (BrokerLinkEntity) resultList.get(0);
        }
        return null;
    }

    public void updateFederatedIdentity(RealmModel realmModel, String str, FederatedIdentityModel federatedIdentityModel) {
        createIndex(realmModel, str);
        BrokerLinkEntity brokerLinkEntity = getBrokerLinkEntity(realmModel, str, federatedIdentityModel.getIdentityProvider());
        if (brokerLinkEntity == null) {
            return;
        }
        brokerLinkEntity.setBrokerUserName(federatedIdentityModel.getUserName());
        brokerLinkEntity.setBrokerUserId(federatedIdentityModel.getUserId());
        brokerLinkEntity.setToken(federatedIdentityModel.getToken());
        this.em.persist(brokerLinkEntity);
        this.em.flush();
    }

    public Set<FederatedIdentityModel> getFederatedIdentities(String str, RealmModel realmModel) {
        List<BrokerLinkEntity> resultList = this.em.createNamedQuery("findBrokerLinkByUser", BrokerLinkEntity.class).setParameter("userId", str).getResultList();
        HashSet hashSet = new HashSet();
        for (BrokerLinkEntity brokerLinkEntity : resultList) {
            hashSet.add(new FederatedIdentityModel(brokerLinkEntity.getIdentityProvider(), brokerLinkEntity.getBrokerUserId(), brokerLinkEntity.getBrokerUserName(), brokerLinkEntity.getToken()));
        }
        return hashSet;
    }

    public FederatedIdentityModel getFederatedIdentity(String str, String str2, RealmModel realmModel) {
        BrokerLinkEntity brokerLinkEntity = getBrokerLinkEntity(realmModel, str, str2);
        if (brokerLinkEntity == null) {
            return null;
        }
        return new FederatedIdentityModel(brokerLinkEntity.getIdentityProvider(), brokerLinkEntity.getBrokerUserId(), brokerLinkEntity.getBrokerUserName(), brokerLinkEntity.getToken());
    }

    public void addConsent(RealmModel realmModel, String str, UserConsentModel userConsentModel) {
        createIndex(realmModel, str);
        String id = userConsentModel.getClient().getId();
        if (getGrantedConsentEntity(str, id) != null) {
            throw new ModelDuplicateException("Consent already exists for client [" + id + "] and user [" + str + "]");
        }
        FederatedUserConsentEntity federatedUserConsentEntity = new FederatedUserConsentEntity();
        federatedUserConsentEntity.setId(KeycloakModelUtils.generateId());
        federatedUserConsentEntity.setUserId(str);
        federatedUserConsentEntity.setClientId(id);
        federatedUserConsentEntity.setRealmId(realmModel.getId());
        federatedUserConsentEntity.setStorageProviderId(new StorageId(str).getProviderId());
        long currentTimeMillis = Time.currentTimeMillis();
        federatedUserConsentEntity.setCreatedDate(Long.valueOf(currentTimeMillis));
        federatedUserConsentEntity.setLastUpdatedDate(Long.valueOf(currentTimeMillis));
        this.em.persist(federatedUserConsentEntity);
        this.em.flush();
        updateGrantedConsentEntity(federatedUserConsentEntity, userConsentModel);
    }

    public UserConsentModel getConsentByClient(RealmModel realmModel, String str, String str2) {
        return toConsentModel(realmModel, getGrantedConsentEntity(str, str2));
    }

    public List<UserConsentModel> getConsents(RealmModel realmModel, String str) {
        TypedQuery createNamedQuery = this.em.createNamedQuery("userFederatedConsentsByUser", FederatedUserConsentEntity.class);
        createNamedQuery.setParameter("userId", str);
        List resultList = createNamedQuery.getResultList();
        ArrayList arrayList = new ArrayList();
        Iterator it = resultList.iterator();
        while (it.hasNext()) {
            arrayList.add(toConsentModel(realmModel, (FederatedUserConsentEntity) it.next()));
        }
        return arrayList;
    }

    public void updateConsent(RealmModel realmModel, String str, UserConsentModel userConsentModel) {
        createIndex(realmModel, str);
        String id = userConsentModel.getClient().getId();
        FederatedUserConsentEntity grantedConsentEntity = getGrantedConsentEntity(str, id);
        if (grantedConsentEntity == null) {
            throw new ModelException("Consent not found for client [" + id + "] and user [" + str + "]");
        }
        updateGrantedConsentEntity(grantedConsentEntity, userConsentModel);
    }

    public boolean revokeConsentForClient(RealmModel realmModel, String str, String str2) {
        FederatedUserConsentEntity grantedConsentEntity = getGrantedConsentEntity(str, str2);
        if (grantedConsentEntity == null) {
            return false;
        }
        this.em.remove(grantedConsentEntity);
        this.em.flush();
        return true;
    }

    private FederatedUserConsentEntity getGrantedConsentEntity(String str, String str2) {
        TypedQuery createNamedQuery = this.em.createNamedQuery("userFederatedConsentByUserAndClient", FederatedUserConsentEntity.class);
        createNamedQuery.setParameter("userId", str);
        createNamedQuery.setParameter("clientId", str2);
        List resultList = createNamedQuery.getResultList();
        if (resultList.size() > 1) {
            throw new ModelException("More results found for user [" + str + "] and client [" + str2 + "]");
        }
        if (resultList.size() == 1) {
            return (FederatedUserConsentEntity) resultList.get(0);
        }
        return null;
    }

    private UserConsentModel toConsentModel(RealmModel realmModel, FederatedUserConsentEntity federatedUserConsentEntity) {
        if (federatedUserConsentEntity == null) {
            return null;
        }
        ClientModel clientById = realmModel.getClientById(federatedUserConsentEntity.getClientId());
        if (clientById == null) {
            throw new ModelException("Client with id " + federatedUserConsentEntity.getClientId() + " is not available");
        }
        UserConsentModel userConsentModel = new UserConsentModel(clientById);
        userConsentModel.setCreatedDate(federatedUserConsentEntity.getCreatedDate());
        userConsentModel.setLastUpdatedDate(federatedUserConsentEntity.getLastUpdatedDate());
        Collection<FederatedUserConsentRoleEntity> grantedRoles = federatedUserConsentEntity.getGrantedRoles();
        if (grantedRoles != null) {
            Iterator<FederatedUserConsentRoleEntity> it = grantedRoles.iterator();
            while (it.hasNext()) {
                RoleModel roleById = realmModel.getRoleById(it.next().getRoleId());
                if (roleById != null) {
                    userConsentModel.addGrantedRole(roleById);
                }
            }
        }
        Collection<FederatedUserConsentProtocolMapperEntity> grantedProtocolMappers = federatedUserConsentEntity.getGrantedProtocolMappers();
        if (grantedProtocolMappers != null) {
            Iterator<FederatedUserConsentProtocolMapperEntity> it2 = grantedProtocolMappers.iterator();
            while (it2.hasNext()) {
                userConsentModel.addGrantedProtocolMapper(clientById.getProtocolMapperById(it2.next().getProtocolMapperId()));
            }
        }
        return userConsentModel;
    }

    private void updateGrantedConsentEntity(FederatedUserConsentEntity federatedUserConsentEntity, UserConsentModel userConsentModel) {
        Collection<FederatedUserConsentProtocolMapperEntity> grantedProtocolMappers = federatedUserConsentEntity.getGrantedProtocolMappers();
        HashSet<FederatedUserConsentProtocolMapperEntity> hashSet = new HashSet(grantedProtocolMappers);
        for (ProtocolMapperModel protocolMapperModel : userConsentModel.getGrantedProtocolMappers()) {
            FederatedUserConsentProtocolMapperEntity federatedUserConsentProtocolMapperEntity = new FederatedUserConsentProtocolMapperEntity();
            federatedUserConsentProtocolMapperEntity.setUserConsent(federatedUserConsentEntity);
            federatedUserConsentProtocolMapperEntity.setProtocolMapperId(protocolMapperModel.getId());
            if (grantedProtocolMappers.contains(federatedUserConsentProtocolMapperEntity)) {
                hashSet.remove(federatedUserConsentProtocolMapperEntity);
            } else {
                this.em.persist(federatedUserConsentProtocolMapperEntity);
                this.em.flush();
                grantedProtocolMappers.add(federatedUserConsentProtocolMapperEntity);
            }
        }
        for (FederatedUserConsentProtocolMapperEntity federatedUserConsentProtocolMapperEntity2 : hashSet) {
            grantedProtocolMappers.remove(federatedUserConsentProtocolMapperEntity2);
            this.em.remove(federatedUserConsentProtocolMapperEntity2);
        }
        Collection<FederatedUserConsentRoleEntity> grantedRoles = federatedUserConsentEntity.getGrantedRoles();
        HashSet<FederatedUserConsentRoleEntity> hashSet2 = new HashSet(grantedRoles);
        for (RoleModel roleModel : userConsentModel.getGrantedRoles()) {
            FederatedUserConsentRoleEntity federatedUserConsentRoleEntity = new FederatedUserConsentRoleEntity();
            federatedUserConsentRoleEntity.setUserConsent(federatedUserConsentEntity);
            federatedUserConsentRoleEntity.setRoleId(roleModel.getId());
            if (grantedRoles.contains(federatedUserConsentRoleEntity)) {
                hashSet2.remove(federatedUserConsentRoleEntity);
            } else {
                this.em.persist(federatedUserConsentRoleEntity);
                this.em.flush();
                grantedRoles.add(federatedUserConsentRoleEntity);
            }
        }
        for (FederatedUserConsentRoleEntity federatedUserConsentRoleEntity2 : hashSet2) {
            grantedRoles.remove(federatedUserConsentRoleEntity2);
            this.em.remove(federatedUserConsentRoleEntity2);
        }
        federatedUserConsentEntity.setLastUpdatedDate(Long.valueOf(Time.currentTimeMillis()));
        this.em.flush();
    }

    public void setNotBeforeForUser(RealmModel realmModel, String str, int i) {
        setSingleAttribute(realmModel, str, "fedNotBefore", String.valueOf(i));
    }

    public int getNotBeforeOfUser(RealmModel realmModel, String str) {
        String str2 = (String) getAttributes(realmModel, str).getFirst("fedNotBefore");
        if (str2 == null) {
            return 0;
        }
        return Integer.parseInt(str2);
    }

    public Set<GroupModel> getGroups(RealmModel realmModel, String str) {
        HashSet hashSet = new HashSet();
        TypedQuery createNamedQuery = this.em.createNamedQuery("feduserGroupMembership", FederatedUserGroupMembershipEntity.class);
        createNamedQuery.setParameter("userId", str);
        List resultList = createNamedQuery.getResultList();
        if (resultList.size() == 0) {
            return hashSet;
        }
        Iterator it = resultList.iterator();
        while (it.hasNext()) {
            hashSet.add(realmModel.getGroupById(((FederatedUserGroupMembershipEntity) it.next()).getGroupId()));
        }
        return hashSet;
    }

    public void joinGroup(RealmModel realmModel, String str, GroupModel groupModel) {
        createIndex(realmModel, str);
        FederatedUserGroupMembershipEntity federatedUserGroupMembershipEntity = new FederatedUserGroupMembershipEntity();
        federatedUserGroupMembershipEntity.setUserId(str);
        federatedUserGroupMembershipEntity.setStorageProviderId(new StorageId(str).getProviderId());
        federatedUserGroupMembershipEntity.setGroupId(groupModel.getId());
        federatedUserGroupMembershipEntity.setRealmId(realmModel.getId());
        this.em.persist(federatedUserGroupMembershipEntity);
    }

    public void leaveGroup(RealmModel realmModel, String str, GroupModel groupModel) {
        if (str == null || groupModel == null) {
            return;
        }
        TypedQuery createNamedQuery = this.em.createNamedQuery("feduserMemberOf", FederatedUserGroupMembershipEntity.class);
        createNamedQuery.setParameter("userId", str);
        createNamedQuery.setParameter("groupId", groupModel.getId());
        List resultList = createNamedQuery.getResultList();
        if (resultList.size() == 0) {
            return;
        }
        Iterator it = resultList.iterator();
        while (it.hasNext()) {
            this.em.remove((FederatedUserGroupMembershipEntity) it.next());
        }
        this.em.flush();
    }

    public List<String> getMembership(RealmModel realmModel, GroupModel groupModel, int i, int i2) {
        TypedQuery parameter = this.em.createNamedQuery("fedgroupMembership", String.class).setParameter("realmId", realmModel.getId()).setParameter("groupId", groupModel.getId());
        parameter.setFirstResult(i);
        parameter.setMaxResults(i2);
        return parameter.getResultList();
    }

    public Set<String> getRequiredActions(RealmModel realmModel, String str) {
        HashSet hashSet = new HashSet();
        Iterator<FederatedUserRequiredActionEntity> it = getRequiredActionEntities(realmModel, str).iterator();
        while (it.hasNext()) {
            hashSet.add(it.next().getAction());
        }
        return hashSet;
    }

    private List<FederatedUserRequiredActionEntity> getRequiredActionEntities(RealmModel realmModel, String str) {
        return this.em.createNamedQuery("getFederatedUserRequiredActionsByUser", FederatedUserRequiredActionEntity.class).setParameter("userId", str).setParameter("realmId", realmModel.getId()).getResultList();
    }

    public void addRequiredAction(RealmModel realmModel, String str, String str2) {
        createIndex(realmModel, str);
        FederatedUserRequiredActionEntity federatedUserRequiredActionEntity = new FederatedUserRequiredActionEntity();
        federatedUserRequiredActionEntity.setUserId(str);
        federatedUserRequiredActionEntity.setRealmId(realmModel.getId());
        federatedUserRequiredActionEntity.setStorageProviderId(new StorageId(str).getProviderId());
        federatedUserRequiredActionEntity.setAction(str2);
        this.em.persist(federatedUserRequiredActionEntity);
    }

    public void removeRequiredAction(RealmModel realmModel, String str, String str2) {
        for (FederatedUserRequiredActionEntity federatedUserRequiredActionEntity : getRequiredActionEntities(realmModel, str)) {
            if (str2.equals(federatedUserRequiredActionEntity.getAction())) {
                this.em.remove(federatedUserRequiredActionEntity);
            }
        }
        this.em.flush();
    }

    public void grantRole(RealmModel realmModel, String str, RoleModel roleModel) {
        createIndex(realmModel, str);
        FederatedUserRoleMappingEntity federatedUserRoleMappingEntity = new FederatedUserRoleMappingEntity();
        federatedUserRoleMappingEntity.setUserId(str);
        federatedUserRoleMappingEntity.setStorageProviderId(new StorageId(str).getProviderId());
        federatedUserRoleMappingEntity.setRealmId(realmModel.getId());
        federatedUserRoleMappingEntity.setRoleId(roleModel.getId());
        this.em.persist(federatedUserRoleMappingEntity);
    }

    public Set<RoleModel> getRoleMappings(RealmModel realmModel, String str) {
        HashSet hashSet = new HashSet();
        TypedQuery createNamedQuery = this.em.createNamedQuery("feduserRoleMappings", FederatedUserRoleMappingEntity.class);
        createNamedQuery.setParameter("userId", str);
        List resultList = createNamedQuery.getResultList();
        if (resultList.size() == 0) {
            return hashSet;
        }
        Iterator it = resultList.iterator();
        while (it.hasNext()) {
            hashSet.add(realmModel.getRoleById(((FederatedUserRoleMappingEntity) it.next()).getRoleId()));
        }
        return hashSet;
    }

    public void deleteRoleMapping(RealmModel realmModel, String str, RoleModel roleModel) {
        TypedQuery createNamedQuery = this.em.createNamedQuery("feduserRoleMappings", FederatedUserRoleMappingEntity.class);
        createNamedQuery.setParameter("userId", str);
        for (FederatedUserRoleMappingEntity federatedUserRoleMappingEntity : createNamedQuery.getResultList()) {
            if (federatedUserRoleMappingEntity.getRoleId().equals(roleModel.getId())) {
                this.em.remove(federatedUserRoleMappingEntity);
            }
        }
        this.em.flush();
    }

    public void updateCredential(RealmModel realmModel, String str, CredentialModel credentialModel) {
        FederatedUserCredentialEntity federatedUserCredentialEntity = (FederatedUserCredentialEntity) this.em.find(FederatedUserCredentialEntity.class, credentialModel.getId());
        if (federatedUserCredentialEntity == null) {
            return;
        }
        createIndex(realmModel, str);
        federatedUserCredentialEntity.setAlgorithm(credentialModel.getAlgorithm());
        federatedUserCredentialEntity.setCounter(credentialModel.getCounter());
        federatedUserCredentialEntity.setCreatedDate(credentialModel.getCreatedDate());
        federatedUserCredentialEntity.setDevice(credentialModel.getDevice());
        federatedUserCredentialEntity.setDigits(credentialModel.getDigits());
        federatedUserCredentialEntity.setHashIterations(credentialModel.getHashIterations());
        federatedUserCredentialEntity.setPeriod(credentialModel.getPeriod());
        federatedUserCredentialEntity.setSalt(credentialModel.getSalt());
        federatedUserCredentialEntity.setType(credentialModel.getType());
        federatedUserCredentialEntity.setValue(credentialModel.getValue());
        if (federatedUserCredentialEntity.getCredentialAttributes().isEmpty() && (credentialModel.getConfig() == null || credentialModel.getConfig().isEmpty())) {
            return;
        }
        MultivaluedHashMap multivaluedHashMap = new MultivaluedHashMap();
        MultivaluedHashMap config = credentialModel.getConfig();
        if (config == null) {
            config = new MultivaluedHashMap();
        }
        Iterator<FederatedUserCredentialAttributeEntity> it = federatedUserCredentialEntity.getCredentialAttributes().iterator();
        while (it.hasNext()) {
            FederatedUserCredentialAttributeEntity next = it.next();
            List list = config.getList(next.getName());
            if (list == null || !list.contains(next.getValue())) {
                this.em.remove(next);
                it.remove();
            } else {
                multivaluedHashMap.add(next.getName(), next.getValue());
            }
        }
        for (String str2 : config.keySet()) {
            List<String> list2 = config.getList(str2);
            List list3 = multivaluedHashMap.getList(str2);
            for (String str3 : list2) {
                if (list3 == null || !list3.contains(str3)) {
                    FederatedUserCredentialAttributeEntity federatedUserCredentialAttributeEntity = new FederatedUserCredentialAttributeEntity();
                    federatedUserCredentialAttributeEntity.setId(KeycloakModelUtils.generateId());
                    federatedUserCredentialAttributeEntity.setValue(str3);
                    federatedUserCredentialAttributeEntity.setName(str2);
                    federatedUserCredentialAttributeEntity.setCredential(federatedUserCredentialEntity);
                    this.em.persist(federatedUserCredentialAttributeEntity);
                    federatedUserCredentialEntity.getCredentialAttributes().add(federatedUserCredentialAttributeEntity);
                }
            }
        }
    }

    public CredentialModel createCredential(RealmModel realmModel, String str, CredentialModel credentialModel) {
        createIndex(realmModel, str);
        FederatedUserCredentialEntity federatedUserCredentialEntity = new FederatedUserCredentialEntity();
        federatedUserCredentialEntity.setId(credentialModel.getId() == null ? KeycloakModelUtils.generateId() : credentialModel.getId());
        federatedUserCredentialEntity.setAlgorithm(credentialModel.getAlgorithm());
        federatedUserCredentialEntity.setCounter(credentialModel.getCounter());
        federatedUserCredentialEntity.setCreatedDate(credentialModel.getCreatedDate());
        federatedUserCredentialEntity.setDevice(credentialModel.getDevice());
        federatedUserCredentialEntity.setDigits(credentialModel.getDigits());
        federatedUserCredentialEntity.setHashIterations(credentialModel.getHashIterations());
        federatedUserCredentialEntity.setPeriod(credentialModel.getPeriod());
        federatedUserCredentialEntity.setSalt(credentialModel.getSalt());
        federatedUserCredentialEntity.setType(credentialModel.getType());
        federatedUserCredentialEntity.setValue(credentialModel.getValue());
        federatedUserCredentialEntity.setUserId(str);
        federatedUserCredentialEntity.setRealmId(realmModel.getId());
        federatedUserCredentialEntity.setStorageProviderId(new StorageId(str).getProviderId());
        this.em.persist(federatedUserCredentialEntity);
        MultivaluedHashMap config = credentialModel.getConfig();
        if (config != null && !config.isEmpty()) {
            for (String str2 : config.keySet()) {
                for (String str3 : config.getList(str2)) {
                    FederatedUserCredentialAttributeEntity federatedUserCredentialAttributeEntity = new FederatedUserCredentialAttributeEntity();
                    federatedUserCredentialAttributeEntity.setId(KeycloakModelUtils.generateId());
                    federatedUserCredentialAttributeEntity.setValue(str3);
                    federatedUserCredentialAttributeEntity.setName(str2);
                    federatedUserCredentialAttributeEntity.setCredential(federatedUserCredentialEntity);
                    this.em.persist(federatedUserCredentialAttributeEntity);
                    federatedUserCredentialEntity.getCredentialAttributes().add(federatedUserCredentialAttributeEntity);
                }
            }
        }
        return toModel(federatedUserCredentialEntity);
    }

    public boolean removeStoredCredential(RealmModel realmModel, String str, String str2) {
        FederatedUserCredentialEntity federatedUserCredentialEntity = (FederatedUserCredentialEntity) this.em.find(FederatedUserCredentialEntity.class, str2);
        if (federatedUserCredentialEntity == null) {
            return false;
        }
        this.em.remove(federatedUserCredentialEntity);
        return true;
    }

    public CredentialModel getStoredCredentialById(RealmModel realmModel, String str, String str2) {
        FederatedUserCredentialEntity federatedUserCredentialEntity = (FederatedUserCredentialEntity) this.em.find(FederatedUserCredentialEntity.class, str2);
        if (federatedUserCredentialEntity == null) {
            return null;
        }
        return toModel(federatedUserCredentialEntity);
    }

    protected CredentialModel toModel(FederatedUserCredentialEntity federatedUserCredentialEntity) {
        CredentialModel credentialModel = new CredentialModel();
        credentialModel.setId(federatedUserCredentialEntity.getId());
        credentialModel.setType(federatedUserCredentialEntity.getType());
        credentialModel.setValue(federatedUserCredentialEntity.getValue());
        credentialModel.setAlgorithm(federatedUserCredentialEntity.getAlgorithm());
        credentialModel.setSalt(federatedUserCredentialEntity.getSalt());
        credentialModel.setPeriod(federatedUserCredentialEntity.getPeriod());
        credentialModel.setCounter(federatedUserCredentialEntity.getCounter());
        credentialModel.setCreatedDate(federatedUserCredentialEntity.getCreatedDate());
        credentialModel.setDevice(federatedUserCredentialEntity.getDevice());
        credentialModel.setDigits(federatedUserCredentialEntity.getDigits());
        credentialModel.setHashIterations(federatedUserCredentialEntity.getHashIterations());
        MultivaluedHashMap multivaluedHashMap = new MultivaluedHashMap();
        credentialModel.setConfig(multivaluedHashMap);
        for (FederatedUserCredentialAttributeEntity federatedUserCredentialAttributeEntity : federatedUserCredentialEntity.getCredentialAttributes()) {
            multivaluedHashMap.add(federatedUserCredentialAttributeEntity.getName(), federatedUserCredentialAttributeEntity.getValue());
        }
        return credentialModel;
    }

    public List<CredentialModel> getStoredCredentials(RealmModel realmModel, String str) {
        List resultList = this.em.createNamedQuery("federatedUserCredentialByUser", FederatedUserCredentialEntity.class).setParameter("userId", str).getResultList();
        LinkedList linkedList = new LinkedList();
        Iterator it = resultList.iterator();
        while (it.hasNext()) {
            linkedList.add(toModel((FederatedUserCredentialEntity) it.next()));
        }
        return linkedList;
    }

    public List<CredentialModel> getStoredCredentialsByType(RealmModel realmModel, String str, String str2) {
        List resultList = this.em.createNamedQuery("federatedUserCredentialByUserAndType", FederatedUserCredentialEntity.class).setParameter("type", str2).setParameter("userId", str).getResultList();
        LinkedList linkedList = new LinkedList();
        Iterator it = resultList.iterator();
        while (it.hasNext()) {
            linkedList.add(toModel((FederatedUserCredentialEntity) it.next()));
        }
        return linkedList;
    }

    public CredentialModel getStoredCredentialByNameAndType(RealmModel realmModel, String str, String str2, String str3) {
        List resultList = this.em.createNamedQuery("federatedUserCredentialByNameAndType", FederatedUserCredentialEntity.class).setParameter("type", str3).setParameter("device", str2).setParameter("userId", str).getResultList();
        if (resultList.isEmpty()) {
            return null;
        }
        return toModel((FederatedUserCredentialEntity) resultList.get(0));
    }

    public List<String> getStoredUsers(RealmModel realmModel, int i, int i2) {
        TypedQuery firstResult = this.em.createNamedQuery("getFederatedUserIds", String.class).setParameter("realmId", realmModel.getId()).setFirstResult(i);
        if (i2 > 0) {
            firstResult.setMaxResults(i2);
        }
        return firstResult.getResultList();
    }

    public void updateCredential(RealmModel realmModel, UserModel userModel, CredentialModel credentialModel) {
        updateCredential(realmModel, userModel.getId(), credentialModel);
    }

    public CredentialModel createCredential(RealmModel realmModel, UserModel userModel, CredentialModel credentialModel) {
        return createCredential(realmModel, userModel.getId(), credentialModel);
    }

    public boolean removeStoredCredential(RealmModel realmModel, UserModel userModel, String str) {
        return removeStoredCredential(realmModel, userModel.getId(), str);
    }

    public CredentialModel getStoredCredentialById(RealmModel realmModel, UserModel userModel, String str) {
        return getStoredCredentialById(realmModel, userModel.getId(), str);
    }

    public List<CredentialModel> getStoredCredentials(RealmModel realmModel, UserModel userModel) {
        return getStoredCredentials(realmModel, userModel.getId());
    }

    public List<CredentialModel> getStoredCredentialsByType(RealmModel realmModel, UserModel userModel, String str) {
        return getStoredCredentialsByType(realmModel, userModel.getId(), str);
    }

    public CredentialModel getStoredCredentialByNameAndType(RealmModel realmModel, UserModel userModel, String str, String str2) {
        return getStoredCredentialByNameAndType(realmModel, userModel.getId(), str, str2);
    }

    public int getStoredUsersCount(RealmModel realmModel) {
        return ((Number) this.em.createNamedQuery("getFederatedUserCount").setParameter("realmId", realmModel.getId()).getSingleResult()).intValue();
    }

    public void preRemove(RealmModel realmModel) {
        this.em.createNamedQuery("deleteFederatedUserConsentRolesByRealm").setParameter("realmId", realmModel.getId()).executeUpdate();
        this.em.createNamedQuery("deleteFederatedUserConsentProtMappersByRealm").setParameter("realmId", realmModel.getId()).executeUpdate();
        this.em.createNamedQuery("deleteFederatedUserConsentsByRealm").setParameter("realmId", realmModel.getId()).executeUpdate();
        this.em.createNamedQuery("deleteFederatedUserRoleMappingsByRealm").setParameter("realmId", realmModel.getId()).executeUpdate();
        this.em.createNamedQuery("deleteFederatedUserRequiredActionsByRealm").setParameter("realmId", realmModel.getId()).executeUpdate();
        this.em.createNamedQuery("deleteBrokerLinkByRealm").setParameter("realmId", realmModel.getId()).executeUpdate();
        this.em.createNamedQuery("deleteFederatedCredentialAttributeByRealm").setParameter("realmId", realmModel.getId()).executeUpdate();
        this.em.createNamedQuery("deleteFederatedUserCredentialsByRealm").setParameter("realmId", realmModel.getId()).executeUpdate();
        this.em.createNamedQuery("deleteUserFederatedAttributesByRealm").setParameter("realmId", realmModel.getId()).executeUpdate();
        this.em.createNamedQuery("deleteFederatedUserGroupMembershipByRealm").setParameter("realmId", realmModel.getId()).executeUpdate();
        this.em.createNamedQuery("deleteFederatedUsersByRealm").setParameter("realmId", realmModel.getId()).executeUpdate();
    }

    public void preRemove(RealmModel realmModel, RoleModel roleModel) {
        this.em.createNamedQuery("deleteFederatedUserRoleMappingsByRole").setParameter("roleId", roleModel.getId()).executeUpdate();
        this.em.createNamedQuery("deleteFederatedUserRoleMappingsByRole").setParameter("roleId", roleModel.getId()).executeUpdate();
    }

    public void preRemove(RealmModel realmModel, GroupModel groupModel) {
        this.em.createNamedQuery("deleteFederatedUserGroupMembershipsByGroup").setParameter("groupId", groupModel.getId()).executeUpdate();
    }

    public void preRemove(RealmModel realmModel, ClientModel clientModel) {
        this.em.createNamedQuery("deleteFederatedUserConsentProtMappersByClient").setParameter("clientId", clientModel.getId()).executeUpdate();
        this.em.createNamedQuery("deleteFederatedUserConsentRolesByClient").setParameter("clientId", clientModel.getId()).executeUpdate();
        this.em.createNamedQuery("deleteFederatedUserConsentsByClient").setParameter("clientId", clientModel.getId()).executeUpdate();
    }

    public void preRemove(ProtocolMapperModel protocolMapperModel) {
        this.em.createNamedQuery("deleteFederatedUserConsentProtMappersByProtocolMapper").setParameter("protocolMapperId", protocolMapperModel.getId()).executeUpdate();
    }

    public void preRemove(RealmModel realmModel, UserModel userModel) {
        this.em.createNamedQuery("deleteBrokerLinkByUser").setParameter("userId", userModel.getId()).setParameter("realmId", realmModel.getId()).executeUpdate();
        this.em.createNamedQuery("deleteUserFederatedAttributesByUser").setParameter("userId", userModel.getId()).setParameter("realmId", realmModel.getId()).executeUpdate();
        this.em.createNamedQuery("deleteFederatedUserConsentProtMappersByUser").setParameter("userId", userModel.getId()).setParameter("realmId", realmModel.getId()).executeUpdate();
        this.em.createNamedQuery("deleteFederatedUserConsentRolesByUser").setParameter("userId", userModel.getId()).setParameter("realmId", realmModel.getId()).executeUpdate();
        this.em.createNamedQuery("deleteFederatedUserConsentsByUser").setParameter("userId", userModel.getId()).setParameter("realmId", realmModel.getId()).executeUpdate();
        this.em.createNamedQuery("deleteFederatedCredentialAttributeByUser").setParameter("userId", userModel.getId()).setParameter("realmId", realmModel.getId()).executeUpdate();
        this.em.createNamedQuery("deleteFederatedUserCredentialByUser").setParameter("userId", userModel.getId()).setParameter("realmId", realmModel.getId()).executeUpdate();
        this.em.createNamedQuery("deleteFederatedUserGroupMembershipsByUser").setParameter("userId", userModel.getId()).setParameter("realmId", realmModel.getId()).executeUpdate();
        this.em.createNamedQuery("deleteFederatedUserRequiredActionsByUser").setParameter("userId", userModel.getId()).setParameter("realmId", realmModel.getId()).executeUpdate();
        this.em.createNamedQuery("deleteFederatedUserRoleMappingsByUser").setParameter("userId", userModel.getId()).setParameter("realmId", realmModel.getId()).executeUpdate();
        this.em.createNamedQuery("deleteFederatedUserByUser").setParameter("userId", userModel.getId()).setParameter("realmId", realmModel.getId()).executeUpdate();
    }

    public void preRemove(RealmModel realmModel, ComponentModel componentModel) {
        if (componentModel.getProviderType().equals(UserStorageProvider.class.getName())) {
            this.em.createNamedQuery("deleteBrokerLinkByStorageProvider").setParameter("storageProviderId", componentModel.getId()).executeUpdate();
            this.em.createNamedQuery("deleteFederatedAttributesByStorageProvider").setParameter("storageProviderId", componentModel.getId()).executeUpdate();
            this.em.createNamedQuery("deleteFederatedUserConsentProtMappersByStorageProvider").setParameter("storageProviderId", componentModel.getId()).executeUpdate();
            this.em.createNamedQuery("deleteFederatedUserRoleMappingsByStorageProvider").setParameter("storageProviderId", componentModel.getId()).executeUpdate();
            this.em.createNamedQuery("deleteFederatedUserConsentsByStorageProvider").setParameter("storageProviderId", componentModel.getId()).executeUpdate();
            this.em.createNamedQuery("deleteFederatedCredentialAttributeByStorageProvider").setParameter("storageProviderId", componentModel.getId()).executeUpdate();
            this.em.createNamedQuery("deleteFederatedUserCredentialsByStorageProvider").setParameter("storageProviderId", componentModel.getId()).executeUpdate();
            this.em.createNamedQuery("deleteFederatedUserGroupMembershipByStorageProvider").setParameter("storageProviderId", componentModel.getId()).executeUpdate();
            this.em.createNamedQuery("deleteFederatedUserRequiredActionsByStorageProvider").setParameter("storageProviderId", componentModel.getId()).executeUpdate();
            this.em.createNamedQuery("deleteFederatedUserRoleMappingsByStorageProvider").setParameter("storageProviderId", componentModel.getId()).executeUpdate();
            this.em.createNamedQuery("deleteFederatedUsersByStorageProvider").setParameter("storageProviderId", componentModel.getId()).executeUpdate();
        }
    }
}
