package org.keycloak.broker.saml.mappers;

import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import org.keycloak.broker.provider.AbstractIdentityProviderMapper;
import org.keycloak.broker.provider.BrokeredIdentityContext;
import org.keycloak.broker.saml.SAMLEndpoint;
import org.keycloak.broker.saml.SAMLIdentityProviderFactory;
import org.keycloak.dom.saml.v2.assertion.AssertionType;
import org.keycloak.dom.saml.v2.assertion.AttributeStatementType;
import org.keycloak.dom.saml.v2.assertion.AttributeType;
import org.keycloak.models.IdentityProviderMapperModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.models.UserModel;
import org.keycloak.provider.ProviderConfigProperty;

/* loaded from: input_file:org/keycloak/broker/saml/mappers/UserAttributeMapper.class */
public class UserAttributeMapper extends AbstractIdentityProviderMapper {
    public static final String[] COMPATIBLE_PROVIDERS = {SAMLIdentityProviderFactory.PROVIDER_ID};
    private static final List<ProviderConfigProperty> configProperties = new ArrayList();
    public static final String ATTRIBUTE_NAME = "attribute.name";
    public static final String ATTRIBUTE_FRIENDLY_NAME = "attribute.friendly.name";
    public static final String USER_ATTRIBUTE = "user.attribute";
    public static final String PROVIDER_ID = "saml-user-attribute-idp-mapper";

    public List<ProviderConfigProperty> getConfigProperties() {
        return configProperties;
    }

    public String getId() {
        return PROVIDER_ID;
    }

    public String[] getCompatibleProviders() {
        return COMPATIBLE_PROVIDERS;
    }

    public String getDisplayCategory() {
        return "Attribute Importer";
    }

    public String getDisplayType() {
        return "Attribute Importer";
    }

    public void importNewUser(KeycloakSession keycloakSession, RealmModel realmModel, UserModel userModel, IdentityProviderMapperModel identityProviderMapperModel, BrokeredIdentityContext brokeredIdentityContext) {
        String str = (String) identityProviderMapperModel.getConfig().get(USER_ATTRIBUTE);
        String attribute = getAttribute(identityProviderMapperModel, brokeredIdentityContext);
        if (attribute != null) {
            userModel.setAttribute(str, attribute.toString());
        }
    }

    protected String getAttribute(IdentityProviderMapperModel identityProviderMapperModel, BrokeredIdentityContext brokeredIdentityContext) {
        String str = (String) identityProviderMapperModel.getConfig().get("attribute.name");
        if (str != null && str.trim().equals("")) {
            str = null;
        }
        String str2 = (String) identityProviderMapperModel.getConfig().get("attribute.friendly.name");
        if (str2 != null && str2.trim().equals("")) {
            str2 = null;
        }
        Iterator it = ((AssertionType) brokeredIdentityContext.getContextData().get(SAMLEndpoint.SAML_ASSERTION)).getAttributeStatements().iterator();
        while (it.hasNext()) {
            Iterator it2 = ((AttributeStatementType) it.next()).getAttributes().iterator();
            while (it2.hasNext()) {
                AttributeType attribute = ((AttributeStatementType.ASTChoiceType) it2.next()).getAttribute();
                if (str == null || str.equals(attribute.getName())) {
                    if (str2 == null || str.equals(attribute.getFriendlyName())) {
                        List attributeValue = attribute.getAttributeValue();
                        if (attributeValue == null || attributeValue.isEmpty()) {
                            return null;
                        }
                        return attributeValue.get(0).toString();
                    }
                }
            }
        }
        return null;
    }

    public void updateBrokeredUser(KeycloakSession keycloakSession, RealmModel realmModel, UserModel userModel, IdentityProviderMapperModel identityProviderMapperModel, BrokeredIdentityContext brokeredIdentityContext) {
        String str = (String) identityProviderMapperModel.getConfig().get(USER_ATTRIBUTE);
        String attribute = getAttribute(identityProviderMapperModel, brokeredIdentityContext);
        String attribute2 = userModel.getAttribute(str);
        if (attribute != null && !attribute.equals(attribute2)) {
            userModel.setAttribute(str, attribute.toString());
        } else if (attribute == null) {
            userModel.removeAttribute(str);
        }
    }

    public String getHelpText() {
        return "Import declared saml attribute if it exists in assertion into the specified user attribute.";
    }

    static {
        ProviderConfigProperty providerConfigProperty = new ProviderConfigProperty();
        providerConfigProperty.setName("attribute.name");
        providerConfigProperty.setLabel("Attribute Name");
        providerConfigProperty.setHelpText("Name of attribute to search for in assertion.  You can leave this blank and specify a friendly name instead.");
        providerConfigProperty.setType("String");
        configProperties.add(providerConfigProperty);
        ProviderConfigProperty providerConfigProperty2 = new ProviderConfigProperty();
        providerConfigProperty2.setName("attribute.friendly.name");
        providerConfigProperty2.setLabel("Friendly Name");
        providerConfigProperty2.setHelpText("Friendly name of attribute to search for in assertion.  You can leave this blank and specify a name instead.");
        providerConfigProperty2.setType("String");
        configProperties.add(providerConfigProperty2);
        ProviderConfigProperty providerConfigProperty3 = new ProviderConfigProperty();
        providerConfigProperty3.setName(USER_ATTRIBUTE);
        providerConfigProperty3.setLabel("User Attribute Name");
        providerConfigProperty3.setHelpText("User attribute name to store saml attribute.");
        providerConfigProperty3.setType("String");
        configProperties.add(providerConfigProperty3);
    }
}
