package org.keycloak.credential;

import java.util.Collections;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import org.keycloak.common.util.reflections.Types;
import org.keycloak.component.ComponentModel;
import org.keycloak.component.PrioritizedComponentModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.models.UserCredentialManager;
import org.keycloak.models.UserModel;
import org.keycloak.models.cache.CachedUserModel;
import org.keycloak.models.cache.OnUserCache;
import org.keycloak.storage.StorageId;
import org.keycloak.storage.UserStorageManager;

/* loaded from: input_file:org/keycloak/credential/UserCredentialStoreManager.class */
public class UserCredentialStoreManager implements UserCredentialManager, OnUserCache {
    protected KeycloakSession session;

    public UserCredentialStoreManager(KeycloakSession keycloakSession) {
        this.session = keycloakSession;
    }

    protected UserCredentialStore getStoreForUser(UserModel userModel) {
        return StorageId.isLocalStorage(userModel) ? this.session.userLocalStorage() : this.session.userFederatedStorage();
    }

    public void updateCredential(RealmModel realmModel, UserModel userModel, CredentialModel credentialModel) {
        getStoreForUser(userModel).updateCredential(realmModel, userModel, credentialModel);
    }

    public CredentialModel createCredential(RealmModel realmModel, UserModel userModel, CredentialModel credentialModel) {
        return getStoreForUser(userModel).createCredential(realmModel, userModel, credentialModel);
    }

    public boolean removeStoredCredential(RealmModel realmModel, UserModel userModel, String str) {
        return getStoreForUser(userModel).removeStoredCredential(realmModel, userModel, str);
    }

    public CredentialModel getStoredCredentialById(RealmModel realmModel, UserModel userModel, String str) {
        return getStoreForUser(userModel).getStoredCredentialById(realmModel, userModel, str);
    }

    public List<CredentialModel> getStoredCredentials(RealmModel realmModel, UserModel userModel) {
        return getStoreForUser(userModel).getStoredCredentials(realmModel, userModel);
    }

    public List<CredentialModel> getStoredCredentialsByType(RealmModel realmModel, UserModel userModel, String str) {
        return getStoreForUser(userModel).getStoredCredentialsByType(realmModel, userModel, str);
    }

    public CredentialModel getStoredCredentialByNameAndType(RealmModel realmModel, UserModel userModel, String str, String str2) {
        return getStoreForUser(userModel).getStoredCredentialByNameAndType(realmModel, userModel, str, str2);
    }

    public boolean isValid(RealmModel realmModel, UserModel userModel, List<CredentialInput> list) {
        LinkedList linkedList = new LinkedList();
        linkedList.addAll(list);
        if (!StorageId.isLocalStorage(userModel)) {
            CredentialInputValidator storageProvider = UserStorageManager.getStorageProvider(this.session, realmModel, StorageId.resolveProviderId(userModel));
            if (storageProvider instanceof CredentialInputValidator) {
                Iterator it = linkedList.iterator();
                while (it.hasNext()) {
                    CredentialInput credentialInput = (CredentialInput) it.next();
                    CredentialInputValidator credentialInputValidator = storageProvider;
                    if (credentialInputValidator.supportsCredentialType(credentialInput.getType()) && credentialInputValidator.isValid(realmModel, userModel, credentialInput)) {
                        it.remove();
                    }
                }
            }
        }
        if (linkedList.isEmpty()) {
            return true;
        }
        for (ComponentModel componentModel : getCredentialProviderComponents(realmModel)) {
            CredentialProviderFactory providerFactory = this.session.getKeycloakSessionFactory().getProviderFactory(CredentialProvider.class, componentModel.getProviderId());
            if (Types.supports(CredentialInputValidator.class, providerFactory, CredentialProviderFactory.class)) {
                Iterator it2 = linkedList.iterator();
                while (it2.hasNext()) {
                    CredentialInput credentialInput2 = (CredentialInput) it2.next();
                    CredentialInputValidator credentialInputValidator2 = (CredentialInputValidator) this.session.getAttribute(componentModel.getId());
                    if (credentialInputValidator2 == null) {
                        credentialInputValidator2 = (CredentialInputValidator) providerFactory.create(this.session, componentModel);
                        this.session.setAttribute(componentModel.getId(), credentialInputValidator2);
                    }
                    if (credentialInputValidator2.supportsCredentialType(credentialInput2.getType()) && credentialInputValidator2.isValid(realmModel, userModel, credentialInput2)) {
                        it2.remove();
                    }
                }
            }
        }
        return linkedList.isEmpty();
    }

    protected List<ComponentModel> getCredentialProviderComponents(RealmModel realmModel) {
        List<ComponentModel> components = realmModel.getComponents(realmModel.getId(), CredentialProvider.class.getName());
        if (components.isEmpty()) {
            return components;
        }
        LinkedList linkedList = new LinkedList();
        linkedList.addAll(components);
        Collections.sort(linkedList, PrioritizedComponentModel.comparator);
        return linkedList;
    }

    public void updateCredential(RealmModel realmModel, UserModel userModel, CredentialInput credentialInput) {
        if (!StorageId.isLocalStorage(userModel)) {
            CredentialInputUpdater storageProvider = UserStorageManager.getStorageProvider(this.session, realmModel, StorageId.resolveProviderId(userModel));
            if (storageProvider instanceof CredentialInputUpdater) {
                CredentialInputUpdater credentialInputUpdater = storageProvider;
                if (credentialInputUpdater.supportsCredentialType(credentialInput.getType()) && credentialInputUpdater.updateCredential(realmModel, userModel, credentialInput)) {
                    return;
                }
            }
        }
        for (ComponentModel componentModel : getCredentialProviderComponents(realmModel)) {
            CredentialProviderFactory providerFactory = this.session.getKeycloakSessionFactory().getProviderFactory(CredentialProvider.class, componentModel.getProviderId());
            if (Types.supports(CredentialInputUpdater.class, providerFactory, CredentialProviderFactory.class)) {
                CredentialInputUpdater credentialInputUpdater2 = (CredentialInputUpdater) this.session.getAttribute(componentModel.getId());
                if (credentialInputUpdater2 == null) {
                    credentialInputUpdater2 = (CredentialInputUpdater) providerFactory.create(this.session, componentModel);
                    this.session.setAttribute(componentModel.getId(), credentialInputUpdater2);
                }
                if (credentialInputUpdater2.supportsCredentialType(credentialInput.getType()) && credentialInputUpdater2.updateCredential(realmModel, userModel, credentialInput)) {
                    return;
                }
            }
        }
    }

    public void disableCredential(RealmModel realmModel, UserModel userModel, String str) {
        if (!StorageId.isLocalStorage(userModel)) {
            CredentialInputUpdater storageProvider = UserStorageManager.getStorageProvider(this.session, realmModel, StorageId.resolveProviderId(userModel));
            if (storageProvider instanceof CredentialInputUpdater) {
                CredentialInputUpdater credentialInputUpdater = storageProvider;
                if (credentialInputUpdater.supportsCredentialType(str)) {
                    credentialInputUpdater.disableCredentialType(realmModel, userModel, str);
                }
            }
        }
        for (ComponentModel componentModel : getCredentialProviderComponents(realmModel)) {
            CredentialProviderFactory providerFactory = this.session.getKeycloakSessionFactory().getProviderFactory(CredentialProvider.class, componentModel.getProviderId());
            if (Types.supports(CredentialInputUpdater.class, providerFactory, CredentialProviderFactory.class)) {
                CredentialInputUpdater credentialInputUpdater2 = (CredentialInputUpdater) this.session.getAttribute(componentModel.getId());
                if (credentialInputUpdater2 == null) {
                    credentialInputUpdater2 = (CredentialInputUpdater) providerFactory.create(this.session, componentModel);
                    this.session.setAttribute(componentModel.getId(), credentialInputUpdater2);
                }
                if (credentialInputUpdater2.supportsCredentialType(str)) {
                    credentialInputUpdater2.disableCredentialType(realmModel, userModel, str);
                }
            }
        }
    }

    public boolean isConfiguredFor(RealmModel realmModel, UserModel userModel, String str) {
        if (!StorageId.isLocalStorage(userModel)) {
            CredentialInputValidator storageProvider = UserStorageManager.getStorageProvider(this.session, realmModel, StorageId.resolveProviderId(userModel));
            if (storageProvider instanceof CredentialInputValidator) {
                CredentialInputValidator credentialInputValidator = storageProvider;
                if (credentialInputValidator.supportsCredentialType(str) && credentialInputValidator.isConfiguredFor(realmModel, userModel, str)) {
                    return true;
                }
            }
        }
        for (ComponentModel componentModel : getCredentialProviderComponents(realmModel)) {
            CredentialProviderFactory providerFactory = this.session.getKeycloakSessionFactory().getProviderFactory(CredentialProvider.class, componentModel.getProviderId());
            if (Types.supports(CredentialInputUpdater.class, providerFactory, CredentialProviderFactory.class)) {
                CredentialInputValidator credentialInputValidator2 = (CredentialInputValidator) this.session.getAttribute(componentModel.getId());
                if (credentialInputValidator2 == null) {
                    credentialInputValidator2 = (CredentialInputValidator) providerFactory.create(this.session, componentModel);
                    this.session.setAttribute(componentModel.getId(), credentialInputValidator2);
                }
                if (credentialInputValidator2.supportsCredentialType(str) && credentialInputValidator2.isConfiguredFor(realmModel, userModel, str)) {
                    return true;
                }
            }
        }
        return false;
    }

    public void onCache(RealmModel realmModel, CachedUserModel cachedUserModel) {
        for (ComponentModel componentModel : getCredentialProviderComponents(realmModel)) {
            CredentialProviderFactory providerFactory = this.session.getKeycloakSessionFactory().getProviderFactory(CredentialProvider.class, componentModel.getProviderId());
            if (Types.supports(OnUserCache.class, providerFactory, CredentialProviderFactory.class)) {
                OnUserCache onUserCache = (OnUserCache) this.session.getAttribute(componentModel.getId());
                if (onUserCache == null) {
                    onUserCache = (OnUserCache) providerFactory.create(this.session, componentModel);
                    this.session.setAttribute(componentModel.getId(), onUserCache);
                }
                onUserCache.onCache(realmModel, cachedUserModel);
            }
        }
    }

    public void close() {
    }
}
