package org.keycloak.userprofile.config;

import java.io.IOException;
import java.io.InputStream;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.regex.Pattern;
import org.keycloak.common.util.ObjectUtil;
import org.keycloak.models.KeycloakSession;
import org.keycloak.userprofile.UserProfileContext;
import org.keycloak.util.JsonSerialization;
import org.keycloak.validate.ValidationResult;
import org.keycloak.validate.ValidatorConfig;
import org.keycloak.validate.Validators;

/* loaded from: input_file:org/keycloak/userprofile/config/UPConfigUtils.class */
public class UPConfigUtils {
    public static final String ROLE_USER = "user";
    public static final String ROLE_ADMIN = "admin";
    private static final Set<String> PSEUDOROLES = new HashSet();

    public static UPConfig readConfig(InputStream inputStream) throws IOException {
        return (UPConfig) JsonSerialization.readValue(inputStream, UPConfig.class);
    }

    public static List<String> validate(KeycloakSession keycloakSession, UPConfig uPConfig) {
        ArrayList arrayList = new ArrayList();
        if (uPConfig.getAttributes() != null) {
            HashSet hashSet = new HashSet();
            uPConfig.getAttributes().forEach(uPAttribute -> {
                validate(keycloakSession, uPAttribute, arrayList, hashSet);
            });
        } else {
            arrayList.add("UserProfile configuration without 'attributes' section is not allowed");
        }
        return arrayList;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static void validate(KeycloakSession keycloakSession, UPAttribute uPAttribute, List<String> list, Set<String> set) {
        String name = uPAttribute.getName();
        if (ObjectUtil.isBlank(name)) {
            list.add("Attribute configuration without 'name' is not allowed");
        } else if (set.contains(name)) {
            list.add("Attribute configuration already exists with 'name':'" + name + "'");
        } else {
            set.add(name);
            if (!isValidAttributeName(name)) {
                list.add("Invalid attribute name (only letters, numbers and '.' '_' '-' special characters allowed): " + name + "'");
            }
        }
        if (uPAttribute.getValidations() != null) {
            uPAttribute.getValidations().forEach((str, map) -> {
                validateValidationConfig(keycloakSession, str, map, name, list);
            });
        }
        if (uPAttribute.getPermissions() != null) {
            if (uPAttribute.getPermissions().getView() != null) {
                validateRoles(uPAttribute.getPermissions().getView(), "permissions.view", list, name);
            }
            if (uPAttribute.getPermissions().getEdit() != null) {
                validateRoles(uPAttribute.getPermissions().getEdit(), "permissions.edit", list, name);
            }
        }
        if (uPAttribute.getRequired() != null) {
            validateRoles(uPAttribute.getRequired().getRoles(), "required.roles", list, name);
        }
    }

    public static boolean isValidAttributeName(String str) {
        return Pattern.matches("[a-zA-Z0-9\\._\\-]+", str);
    }

    private static void validateRoles(List<String> list, String str, List<String> list2, String str2) {
        if (list != null) {
            for (String str3 : list) {
                if (!PSEUDOROLES.contains(str3)) {
                    list2.add("'" + str + "' configuration for attribute '" + str2 + "' contains unsupported role '" + str3 + "'");
                }
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static void validateValidationConfig(KeycloakSession keycloakSession, String str, Map<String, Object> map, String str2, List<String> list) {
        if (ObjectUtil.isBlank(str)) {
            list.add("Validation without validator id is defined for attribute '" + str2 + "'");
            return;
        }
        if (keycloakSession != null) {
            if (Validators.validator(keycloakSession, str) == null) {
                list.add("Validator '" + str + "' defined for attribute '" + str2 + "' doesn't exist");
                return;
            }
            ValidationResult validateConfig = Validators.validateConfig(keycloakSession, str, ValidatorConfig.configFromMap(map));
            if (validateConfig.isValid()) {
                return;
            }
            StringBuilder sb = new StringBuilder();
            validateConfig.forEachError(validationError -> {
                sb.append(validationError.toString() + ", ");
            });
            list.add("Validator '" + str + "' defined for attribute '" + str2 + "' has incorrect configuration: " + sb.toString());
        }
    }

    public static List<String> getChunks(String str, int i) {
        ArrayList arrayList = new ArrayList();
        if (str != null) {
            int length = (str.length() / i) + 1;
            for (int i2 = 0; i2 < length; i2++) {
                if (i2 + 1 < length) {
                    arrayList.add(str.substring(i2 * i, (i2 + 1) * i));
                } else if (i2 == 0 || i2 * i < str.length()) {
                    arrayList.add(str.substring(i2 * i));
                }
            }
        }
        return arrayList;
    }

    public static boolean canBeAuthFlowContext(UserProfileContext userProfileContext) {
        return (userProfileContext == UserProfileContext.USER_API || userProfileContext == UserProfileContext.ACCOUNT || userProfileContext == UserProfileContext.ACCOUNT_OLD) ? false : true;
    }

    public static boolean isRoleForContext(UserProfileContext userProfileContext, List<String> list) {
        if (list == null) {
            return false;
        }
        return userProfileContext == UserProfileContext.USER_API ? list.contains(ROLE_ADMIN) : list.contains(ROLE_USER);
    }

    public static String capitalizeFirstLetter(String str) {
        return (str == null || str.isEmpty()) ? str : str.substring(0, 1).toUpperCase() + str.substring(1);
    }

    static {
        PSEUDOROLES.add(ROLE_ADMIN);
        PSEUDOROLES.add(ROLE_USER);
    }
}
