package org.uberfire.ext.security.management.keycloak;

import com.lowagie.text.ElementTags;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import org.jboss.errai.security.shared.api.identity.User;
import org.jboss.resteasy.client.ClientResponse;
import org.keycloak.representations.idm.CredentialRepresentation;
import org.keycloak.representations.idm.UserRepresentation;
import org.kie.soup.commons.validation.PortablePreconditions;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.uberfire.ext.security.management.api.AbstractEntityManager;
import org.uberfire.ext.security.management.api.Capability;
import org.uberfire.ext.security.management.api.CapabilityStatus;
import org.uberfire.ext.security.management.api.ContextualManager;
import org.uberfire.ext.security.management.api.UserManager;
import org.uberfire.ext.security.management.api.UserManagerSettings;
import org.uberfire.ext.security.management.api.UserSystemManager;
import org.uberfire.ext.security.management.api.exception.SecurityManagementException;
import org.uberfire.ext.security.management.api.exception.UserNotFoundException;
import org.uberfire.ext.security.management.impl.SearchResponseImpl;
import org.uberfire.ext.security.management.impl.UserManagerSettingsImpl;
import org.uberfire.ext.security.management.keycloak.client.resource.RoleMappingResource;
import org.uberfire.ext.security.management.keycloak.client.resource.RoleResource;
import org.uberfire.ext.security.management.keycloak.client.resource.RolesResource;
import org.uberfire.ext.security.management.keycloak.client.resource.UserResource;
import org.uberfire.ext.security.management.keycloak.client.resource.UsersResource;
import org.uberfire.ext.security.management.util.SecurityManagementUtils;

/* loaded from: input_file:WEB-INF/lib/uberfire-security-management-keycloak-7.36.1.Final.jar:org/uberfire/ext/security/management/keycloak/KeyCloakUserManager.class */
public class KeyCloakUserManager extends BaseKeyCloakManager implements UserManager, ContextualManager {
    private static final Logger LOG = LoggerFactory.getLogger((Class<?>) KeyCloakUserManager.class);
    private static final String CREDENTIAL_TYPE_PASSWORD = "password";
    UserSystemManager userSystemManager;

    @Override // org.uberfire.ext.security.management.api.ContextualManager
    public void initialize(UserSystemManager userSystemManager) throws Exception {
        this.userSystemManager = userSystemManager;
    }

    @Override // org.uberfire.ext.security.management.api.AbstractEntityManager
    public AbstractEntityManager.SearchResponse<User> search(AbstractEntityManager.SearchRequest searchRequest) throws SecurityManagementException {
        AbstractEntityManager.SearchRequest searchRequest2 = getSearchRequest(searchRequest);
        if (searchRequest2.getPage() <= 0) {
            throw new RuntimeException("First page must be 1.");
        }
        int page = searchRequest2.getPage() - 1;
        int pageSize = searchRequest2.getPageSize();
        ArrayList arrayList = new ArrayList();
        int[] iArr = {0};
        boolean[] zArr = {false};
        consumeRealm(realmResource -> {
            UsersResource users = realmResource.users();
            List<UserRepresentation> search = users.search(searchRequest2.getSearchPattern(), Integer.valueOf(page * pageSize), Integer.valueOf(pageSize + 1));
            iArr[0] = users.search(searchRequest2.getSearchPattern(), 1, Integer.MAX_VALUE).size();
            if (search == null || search.isEmpty()) {
                return;
            }
            int i = 0;
            for (UserRepresentation userRepresentation : search) {
                if (i == searchRequest2.getPageSize()) {
                    zArr[0] = true;
                } else {
                    arrayList.add(createUser(userRepresentation));
                    i++;
                }
            }
        });
        return new SearchResponseImpl(arrayList, page + 1, pageSize, iArr[0], zArr[0]);
    }

    /* JADX WARN: Can't rename method to resolve collision */
    @Override // org.uberfire.ext.security.management.api.AbstractEntityManager
    public User get(String str) throws SecurityManagementException {
        PortablePreconditions.checkNotNull("username", str);
        User[] userArr = new User[1];
        consumeRealm(realmResource -> {
            Set[] userGroupsAndRoles;
            UserResource userResource = getUserResource(realmResource.users(), str);
            RoleMappingResource roles = userResource.roles();
            Set set = null;
            Set set2 = null;
            if (roles != null && null != (userGroupsAndRoles = getUserGroupsAndRoles(roles))) {
                set = userGroupsAndRoles[0];
                set2 = userGroupsAndRoles[1];
            }
            userArr[0] = createUser(userResource.toRepresentation(), set, set2);
        });
        return userArr[0];
    }

    @Override // org.uberfire.ext.security.management.api.AbstractEntityManager
    public User create(User user) throws SecurityManagementException {
        PortablePreconditions.checkNotNull(ElementTags.ENTITY, user);
        consumeRealm(realmResource -> {
            UsersResource users = realmResource.users();
            UserRepresentation userRepresentation = new UserRepresentation();
            fillUserRepresentationAttributes(user, userRepresentation);
            handleResponse((ClientResponse) users.create(userRepresentation));
        });
        return user;
    }

    @Override // org.uberfire.ext.security.management.api.AbstractEntityManager
    public User update(User user) throws SecurityManagementException {
        PortablePreconditions.checkNotNull(ElementTags.ENTITY, user);
        consumeRealm(realmResource -> {
            UserResource userResource = getUserResource(realmResource.users(), user.getIdentifier());
            if (userResource == null) {
                throw new UserNotFoundException(user.getIdentifier());
            }
            UserRepresentation userRepresentation = new UserRepresentation();
            fillUserRepresentationAttributes(user, userRepresentation);
            handleResponse((ClientResponse) userResource.update(userRepresentation));
        });
        return user;
    }

    @Override // org.uberfire.ext.security.management.api.AbstractEntityManager
    public void delete(String... strArr) throws SecurityManagementException {
        PortablePreconditions.checkNotNull("identifiers", strArr);
        consumeRealm(realmResource -> {
            UsersResource users = realmResource.users();
            for (String str : strArr) {
                UserResource userResource = getUserResource(users, str);
                if (userResource == null) {
                    throw new UserNotFoundException(str);
                }
                handleResponse((ClientResponse) userResource.remove());
            }
        });
    }

    /* JADX WARN: Can't rename method to resolve collision */
    @Override // org.uberfire.ext.security.management.api.AbstractEntityManager
    public UserManagerSettings getSettings() {
        HashMap hashMap = new HashMap(8);
        for (Capability capability : SecurityManagementUtils.USERS_CAPABILITIES) {
            hashMap.put(capability, getCapabilityStatus(capability));
        }
        return new UserManagerSettingsImpl(hashMap, USER_ATTRIBUTES);
    }

    @Override // org.uberfire.ext.security.management.api.UserManager
    public void assignGroups(String str, Collection<String> collection) throws SecurityManagementException {
        PortablePreconditions.checkNotNull("username", str);
        Set<String> rolesToString = SecurityManagementUtils.rolesToString(SecurityManagementUtils.getRoles(this.userSystemManager, str));
        rolesToString.addAll(collection);
        assignGroupsOrRoles(str, rolesToString);
    }

    @Override // org.uberfire.ext.security.management.api.UserManager
    public void assignRoles(String str, Collection<String> collection) throws SecurityManagementException {
        PortablePreconditions.checkNotNull("username", str);
        Set<String> groupsToString = SecurityManagementUtils.groupsToString(SecurityManagementUtils.getGroups(this.userSystemManager, str));
        groupsToString.addAll(collection);
        assignGroupsOrRoles(str, groupsToString);
    }

    private void assignGroupsOrRoles(String str, Collection<String> collection) throws SecurityManagementException {
        PortablePreconditions.checkNotNull("username", str);
        consumeRealm(realmResource -> {
            UserResource userResource = getUserResource(realmResource.users(), str);
            if (userResource == null) {
                throw new UserNotFoundException(str);
            }
            RolesResource roles = realmResource.roles();
            userResource.roles().realmLevel().remove(userResource.roles().realmLevel().listEffective());
            if (collection == null || collection.isEmpty()) {
                return;
            }
            ArrayList arrayList = new ArrayList();
            Iterator it = collection.iterator();
            while (it.hasNext()) {
                String str2 = (String) it.next();
                RoleResource roleResource = roles.get(str2);
                if (roleResource != null) {
                    arrayList.add(getRoleRepresentation(str2, roleResource));
                }
            }
            userResource.roles().realmLevel().add(arrayList);
        });
    }

    @Override // org.uberfire.ext.security.management.api.UserManager
    public void changePassword(String str, String str2) throws SecurityManagementException {
        PortablePreconditions.checkNotNull("username", str);
        consumeRealm(realmResource -> {
            UserResource userResource = getUserResource(realmResource.users(), str);
            if (userResource == null) {
                throw new UserNotFoundException(str);
            }
            CredentialRepresentation credentialRepresentation = new CredentialRepresentation();
            credentialRepresentation.setType("password");
            credentialRepresentation.setValue(str2);
            userResource.resetPassword(credentialRepresentation);
        });
    }

    protected CapabilityStatus getCapabilityStatus(Capability capability) {
        if (capability != null) {
            switch (capability) {
                case CAN_SEARCH_USERS:
                case CAN_ADD_USER:
                case CAN_UPDATE_USER:
                case CAN_DELETE_USER:
                case CAN_READ_USER:
                case CAN_MANAGE_ATTRIBUTES:
                case CAN_ASSIGN_GROUPS:
                case CAN_ASSIGN_ROLES:
                case CAN_CHANGE_PASSWORD:
                    return CapabilityStatus.ENABLED;
            }
        }
        return CapabilityStatus.UNSUPPORTED;
    }

    @Override // org.uberfire.ext.security.management.api.ContextualManager
    public void destroy() throws Exception {
        getKeyCloakInstance().close();
    }
}
