package org.keycloak.storage;

import java.util.Objects;
import java.util.stream.Stream;
import org.jboss.logging.Logger;
import org.keycloak.common.util.reflections.Types;
import org.keycloak.component.ComponentModel;
import org.keycloak.models.ClientModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.ModelException;
import org.keycloak.models.RealmModel;
import org.keycloak.models.RoleModel;
import org.keycloak.models.RoleProvider;
import org.keycloak.storage.role.RoleLookupProvider;
import org.keycloak.storage.role.RoleStorageProvider;
import org.keycloak.storage.role.RoleStorageProviderFactory;
import org.keycloak.storage.role.RoleStorageProviderModel;
import org.keycloak.utils.ServicesUtils;

/* loaded from: input_file:org/keycloak/storage/RoleStorageManager.class */
public class RoleStorageManager implements RoleProvider {
    private static final Logger logger = Logger.getLogger(RoleStorageManager.class);
    protected KeycloakSession session;
    private final long roleStorageProviderTimeout;

    public RoleStorageManager(KeycloakSession keycloakSession, long j) {
        this.session = keycloakSession;
        this.roleStorageProviderTimeout = j;
    }

    public static boolean isStorageProviderEnabled(RealmModel realmModel, String str) {
        return getStorageProviderModel(realmModel, str).isEnabled();
    }

    public static RoleStorageProviderModel getStorageProviderModel(RealmModel realmModel, String str) {
        ComponentModel component = realmModel.getComponent(str);
        if (component == null) {
            return null;
        }
        return new RoleStorageProviderModel(component);
    }

    public static RoleStorageProvider getStorageProvider(KeycloakSession keycloakSession, RealmModel realmModel, String str) {
        ComponentModel component = realmModel.getComponent(str);
        if (component == null) {
            return null;
        }
        RoleStorageProviderModel roleStorageProviderModel = new RoleStorageProviderModel(component);
        RoleStorageProviderFactory providerFactory = keycloakSession.getKeycloakSessionFactory().getProviderFactory(RoleStorageProvider.class, component.getProviderId());
        if (providerFactory == null) {
            throw new ModelException("Could not find RoletStorageProviderFactory for: " + component.getProviderId());
        }
        return getStorageProviderInstance(keycloakSession, roleStorageProviderModel, providerFactory);
    }

    public static <T> Stream<RoleStorageProviderModel> getStorageProviders(RealmModel realmModel, KeycloakSession keycloakSession, Class<T> cls) {
        return realmModel.getRoleStorageProvidersStream().filter(roleStorageProviderModel -> {
            RoleStorageProviderFactory roleStorageProviderFactory = getRoleStorageProviderFactory(roleStorageProviderModel, keycloakSession);
            if (roleStorageProviderFactory != null) {
                return Types.supports(cls, roleStorageProviderFactory, RoleStorageProviderFactory.class);
            }
            logger.warnv("Configured RoleStorageProvider {0} of provider id {1} does not exist in realm {2}", roleStorageProviderModel.getName(), roleStorageProviderModel.getProviderId(), realmModel.getName());
            return false;
        });
    }

    private static RoleStorageProviderFactory getRoleStorageProviderFactory(RoleStorageProviderModel roleStorageProviderModel, KeycloakSession keycloakSession) {
        return keycloakSession.getKeycloakSessionFactory().getProviderFactory(RoleStorageProvider.class, roleStorageProviderModel.getProviderId());
    }

    public static RoleStorageProvider getStorageProviderInstance(KeycloakSession keycloakSession, RoleStorageProviderModel roleStorageProviderModel, RoleStorageProviderFactory roleStorageProviderFactory) {
        RoleStorageProvider roleStorageProvider = (RoleStorageProvider) keycloakSession.getAttribute(roleStorageProviderModel.getId());
        if (roleStorageProvider != null) {
            return roleStorageProvider;
        }
        RoleStorageProvider create = roleStorageProviderFactory.create(keycloakSession, roleStorageProviderModel);
        if (create == null) {
            throw new IllegalStateException("RoleStorageProvideFactory (of type " + roleStorageProviderFactory.getClass().getName() + ") produced a null instance");
        }
        keycloakSession.enlistForClose(create);
        keycloakSession.setAttribute(roleStorageProviderModel.getId(), create);
        return create;
    }

    public static <T> Stream<T> getStorageProviders(KeycloakSession keycloakSession, RealmModel realmModel, Class<T> cls) {
        return (Stream<T>) getStorageProviders(realmModel, keycloakSession, cls).map(roleStorageProviderModel -> {
            return cls.cast(getStorageProviderInstance(keycloakSession, roleStorageProviderModel, getRoleStorageProviderFactory(roleStorageProviderModel, keycloakSession)));
        });
    }

    public static <T> Stream<T> getEnabledStorageProviders(KeycloakSession keycloakSession, RealmModel realmModel, Class<T> cls) {
        return (Stream<T>) getStorageProviders(realmModel, keycloakSession, cls).filter((v0) -> {
            return v0.isEnabled();
        }).map(roleStorageProviderModel -> {
            return cls.cast(getStorageProviderInstance(keycloakSession, roleStorageProviderModel, getRoleStorageProviderFactory(roleStorageProviderModel, keycloakSession)));
        });
    }

    public RoleModel addRealmRole(RealmModel realmModel, String str) {
        return this.session.roleLocalStorage().addRealmRole(realmModel, str);
    }

    public RoleModel addRealmRole(RealmModel realmModel, String str, String str2) {
        return this.session.roleLocalStorage().addRealmRole(realmModel, str, str2);
    }

    public RoleModel getRealmRole(RealmModel realmModel, String str) {
        RoleModel realmRole = this.session.roleLocalStorage().getRealmRole(realmModel, str);
        return realmRole != null ? realmRole : (RoleModel) getEnabledStorageProviders(this.session, realmModel, RoleLookupProvider.class).map(roleLookupProvider -> {
            return roleLookupProvider.getRealmRole(realmModel, str);
        }).filter((v0) -> {
            return Objects.nonNull(v0);
        }).findFirst().orElse(null);
    }

    public RoleModel getRoleById(RealmModel realmModel, String str) {
        StorageId storageId = new StorageId(str);
        if (storageId.getProviderId() == null) {
            return this.session.roleLocalStorage().getRoleById(realmModel, str);
        }
        RoleStorageProvider storageProvider = getStorageProvider(this.session, realmModel, storageId.getProviderId());
        if (storageProvider != null && isStorageProviderEnabled(realmModel, storageId.getProviderId())) {
            return storageProvider.getRoleById(realmModel, str);
        }
        return null;
    }

    public Stream<RoleModel> getRealmRolesStream(RealmModel realmModel, Integer num, Integer num2) {
        return this.session.roleLocalStorage().getRealmRolesStream(realmModel, num, num2);
    }

    public Stream<RoleModel> searchForRolesStream(RealmModel realmModel, String str, Integer num, Integer num2) {
        return Stream.concat(this.session.roleLocalStorage().searchForRolesStream(realmModel, str, num, num2), getEnabledStorageProviders(this.session, realmModel, RoleLookupProvider.class).flatMap(ServicesUtils.timeBound(this.session, this.roleStorageProviderTimeout, obj -> {
            return ((RoleLookupProvider) obj).searchForRolesStream(realmModel, str, num, num2);
        })));
    }

    public boolean removeRole(RoleModel roleModel) {
        if (StorageId.isLocalStorage(roleModel.getId())) {
            return this.session.roleLocalStorage().removeRole(roleModel);
        }
        throw new RuntimeException("Federated roles do not support this operation");
    }

    public void removeRoles(RealmModel realmModel) {
        this.session.roleLocalStorage().removeRoles(realmModel);
    }

    public void removeRoles(ClientModel clientModel) {
        this.session.roleLocalStorage().removeRoles(clientModel);
    }

    public RoleModel addClientRole(ClientModel clientModel, String str) {
        return this.session.roleLocalStorage().addClientRole(clientModel, str);
    }

    public RoleModel addClientRole(ClientModel clientModel, String str, String str2) {
        return this.session.roleLocalStorage().addClientRole(clientModel, str, str2);
    }

    public RoleModel getClientRole(ClientModel clientModel, String str) {
        RoleModel clientRole = this.session.roleLocalStorage().getClientRole(clientModel, str);
        return clientRole != null ? clientRole : (RoleModel) getEnabledStorageProviders(this.session, clientModel.getRealm(), RoleLookupProvider.class).map(roleLookupProvider -> {
            return roleLookupProvider.getClientRole(clientModel, str);
        }).filter((v0) -> {
            return Objects.nonNull(v0);
        }).findFirst().orElse(null);
    }

    public Stream<RoleModel> getClientRolesStream(ClientModel clientModel) {
        return this.session.roleLocalStorage().getClientRolesStream(clientModel);
    }

    public Stream<RoleModel> getClientRolesStream(ClientModel clientModel, Integer num, Integer num2) {
        return this.session.roleLocalStorage().getClientRolesStream(clientModel, num, num2);
    }

    public Stream<RoleModel> searchForClientRolesStream(ClientModel clientModel, String str, Integer num, Integer num2) {
        return Stream.concat(this.session.roleLocalStorage().searchForClientRolesStream(clientModel, str, num, num2), getEnabledStorageProviders(this.session, clientModel.getRealm(), RoleLookupProvider.class).flatMap(ServicesUtils.timeBound(this.session, this.roleStorageProviderTimeout, obj -> {
            return ((RoleLookupProvider) obj).searchForClientRolesStream(clientModel, str, num, num2);
        })));
    }

    public void close() {
    }
}
