package org.keycloak.models.map.authSession;

import java.util.Map;
import java.util.Objects;
import java.util.function.Function;
import java.util.function.Predicate;
import org.jboss.logging.Logger;
import org.keycloak.cluster.ClusterProvider;
import org.keycloak.common.util.StackUtil;
import org.keycloak.common.util.Time;
import org.keycloak.models.ClientModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.ModelDuplicateException;
import org.keycloak.models.RealmModel;
import org.keycloak.models.map.common.MapStorageUtils;
import org.keycloak.models.map.storage.MapKeycloakTransaction;
import org.keycloak.models.map.storage.MapStorage;
import org.keycloak.models.map.storage.ModelCriteriaBuilder;
import org.keycloak.models.utils.RealmInfoUtil;
import org.keycloak.sessions.AuthenticationSessionCompoundId;
import org.keycloak.sessions.AuthenticationSessionProvider;
import org.keycloak.sessions.RootAuthenticationSessionModel;

/* loaded from: input_file:org/keycloak/models/map/authSession/MapRootAuthenticationSessionProvider.class */
public class MapRootAuthenticationSessionProvider<K> implements AuthenticationSessionProvider {
    private static final Logger LOG = Logger.getLogger(MapRootAuthenticationSessionProvider.class);
    private final KeycloakSession session;
    protected final MapKeycloakTransaction<K, MapRootAuthenticationSessionEntity<K>, RootAuthenticationSessionModel> tx;
    private final MapStorage<K, MapRootAuthenticationSessionEntity<K>, RootAuthenticationSessionModel> sessionStore;
    private static final String AUTHENTICATION_SESSION_EVENTS = "AUTHENTICATION_SESSION_EVENTS";

    public MapRootAuthenticationSessionProvider(KeycloakSession keycloakSession, MapStorage<K, MapRootAuthenticationSessionEntity<K>, RootAuthenticationSessionModel> mapStorage) {
        this.session = keycloakSession;
        this.sessionStore = mapStorage;
        this.tx = mapStorage.createTransaction(keycloakSession);
        keycloakSession.getTransactionManager().enlistAfterCompletion(this.tx);
    }

    private Function<MapRootAuthenticationSessionEntity<K>, RootAuthenticationSessionModel> entityToAdapterFunc(RealmModel realmModel) {
        return mapRootAuthenticationSessionEntity -> {
            return new MapRootAuthenticationSessionAdapter<K>(this.session, realmModel, (MapRootAuthenticationSessionEntity) MapStorageUtils.registerEntityForChanges(this.tx, mapRootAuthenticationSessionEntity)) { // from class: org.keycloak.models.map.authSession.MapRootAuthenticationSessionProvider.1
                /* JADX WARN: Multi-variable type inference failed */
                public String getId() {
                    return MapRootAuthenticationSessionProvider.this.sessionStore.getKeyConvertor().keyToString(((MapRootAuthenticationSessionEntity) this.entity).getId());
                }
            };
        };
    }

    private Predicate<MapRootAuthenticationSessionEntity<K>> entityRealmFilter(String str) {
        return str == null ? mapRootAuthenticationSessionEntity -> {
            return false;
        } : mapRootAuthenticationSessionEntity2 -> {
            return Objects.equals(str, mapRootAuthenticationSessionEntity2.getRealmId());
        };
    }

    public RootAuthenticationSessionModel createRootAuthenticationSession(RealmModel realmModel) {
        Objects.requireNonNull(realmModel, "The provided realm can't be null!");
        return createRootAuthenticationSession(realmModel, null);
    }

    public RootAuthenticationSessionModel createRootAuthenticationSession(RealmModel realmModel, String str) {
        Objects.requireNonNull(realmModel, "The provided realm can't be null!");
        K yieldNewUniqueKey = str == null ? this.sessionStore.getKeyConvertor().yieldNewUniqueKey() : this.sessionStore.getKeyConvertor().fromString(str);
        LOG.tracef("createRootAuthenticationSession(%s)%s", realmModel.getName(), StackUtil.getShortStackTrace());
        MapRootAuthenticationSessionEntity<K> mapRootAuthenticationSessionEntity = new MapRootAuthenticationSessionEntity<>(yieldNewUniqueKey, realmModel.getId());
        mapRootAuthenticationSessionEntity.setRealmId(realmModel.getId());
        mapRootAuthenticationSessionEntity.setTimestamp(Time.currentTime());
        if (this.tx.read((MapKeycloakTransaction<K, MapRootAuthenticationSessionEntity<K>, RootAuthenticationSessionModel>) mapRootAuthenticationSessionEntity.getId()) != null) {
            throw new ModelDuplicateException("Root authentication session exists: " + mapRootAuthenticationSessionEntity.getId());
        }
        this.tx.create(mapRootAuthenticationSessionEntity.getId(), mapRootAuthenticationSessionEntity);
        return entityToAdapterFunc(realmModel).apply(mapRootAuthenticationSessionEntity);
    }

    public RootAuthenticationSessionModel getRootAuthenticationSession(RealmModel realmModel, String str) {
        Objects.requireNonNull(realmModel, "The provided realm can't be null!");
        if (str == null) {
            return null;
        }
        LOG.tracef("getRootAuthenticationSession(%s, %s)%s", realmModel.getName(), str, StackUtil.getShortStackTrace());
        MapRootAuthenticationSessionEntity<K> mapRootAuthenticationSessionEntity = (MapRootAuthenticationSessionEntity) this.tx.read((MapKeycloakTransaction<K, MapRootAuthenticationSessionEntity<K>, RootAuthenticationSessionModel>) this.sessionStore.getKeyConvertor().fromStringSafe(str));
        if (mapRootAuthenticationSessionEntity == null || !entityRealmFilter(realmModel.getId()).test(mapRootAuthenticationSessionEntity)) {
            return null;
        }
        return entityToAdapterFunc(realmModel).apply(mapRootAuthenticationSessionEntity);
    }

    public void removeRootAuthenticationSession(RealmModel realmModel, RootAuthenticationSessionModel rootAuthenticationSessionModel) {
        Objects.requireNonNull(rootAuthenticationSessionModel, "The provided root authentication session can't be null!");
        this.tx.delete(this.sessionStore.getKeyConvertor().fromString(rootAuthenticationSessionModel.getId()));
    }

    public void removeAllExpired() {
        this.session.realms().getRealmsStream().forEach(this::removeExpired);
    }

    public void removeExpired(RealmModel realmModel) {
        Objects.requireNonNull(realmModel, "The provided realm can't be null!");
        LOG.debugf("Removing expired sessions", new Object[0]);
        LOG.debugf("Removed %d expired authentication sessions for realm '%s'", this.tx.delete(this.sessionStore.getKeyConvertor().yieldNewUniqueKey(), this.sessionStore.createCriteriaBuilder().compare(RootAuthenticationSessionModel.SearchableFields.REALM_ID, ModelCriteriaBuilder.Operator.EQ, realmModel.getId()).compare(RootAuthenticationSessionModel.SearchableFields.TIMESTAMP, ModelCriteriaBuilder.Operator.LT, Integer.valueOf(Time.currentTime() - RealmInfoUtil.getDettachedClientSessionLifespan(realmModel)))), realmModel.getName());
    }

    public void onRealmRemoved(RealmModel realmModel) {
        Objects.requireNonNull(realmModel, "The provided realm can't be null!");
        this.sessionStore.delete(this.sessionStore.createCriteriaBuilder().compare(RootAuthenticationSessionModel.SearchableFields.REALM_ID, ModelCriteriaBuilder.Operator.EQ, realmModel.getId()));
    }

    public void onClientRemoved(RealmModel realmModel, ClientModel clientModel) {
    }

    public void updateNonlocalSessionAuthNotes(AuthenticationSessionCompoundId authenticationSessionCompoundId, Map<String, String> map) {
        if (authenticationSessionCompoundId == null) {
            return;
        }
        Objects.requireNonNull(map, "The provided authentication's notes map can't be null!");
        this.session.getProvider(ClusterProvider.class).notify(AUTHENTICATION_SESSION_EVENTS, MapAuthenticationSessionAuthNoteUpdateEvent.create(authenticationSessionCompoundId.getRootSessionId(), authenticationSessionCompoundId.getTabId(), authenticationSessionCompoundId.getClientUUID(), map), true, ClusterProvider.DCNotify.ALL_BUT_LOCAL_DC);
    }

    public void close() {
    }
}
