package org.keycloak.models.utils;

import java.security.Key;
import java.security.KeyPair;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.X509Certificate;
import java.sql.SQLException;
import java.util.Collection;
import java.util.HashSet;
import java.util.List;
import java.util.Objects;
import java.util.Optional;
import java.util.Random;
import java.util.Set;
import java.util.UUID;
import java.util.concurrent.atomic.AtomicReference;
import java.util.function.Function;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import javax.crypto.spec.SecretKeySpec;
import javax.transaction.InvalidTransactionException;
import javax.transaction.SystemException;
import javax.transaction.Transaction;
import org.keycloak.Config;
import org.keycloak.broker.social.SocialIdentityProvider;
import org.keycloak.broker.social.SocialIdentityProviderFactory;
import org.keycloak.common.util.CertificateUtils;
import org.keycloak.common.util.KeyUtils;
import org.keycloak.common.util.PemUtils;
import org.keycloak.common.util.SecretGenerator;
import org.keycloak.common.util.Time;
import org.keycloak.component.ComponentModel;
import org.keycloak.crypto.Algorithm;
import org.keycloak.models.AccountRoles;
import org.keycloak.models.AuthenticationExecutionModel;
import org.keycloak.models.AuthenticationFlowModel;
import org.keycloak.models.ClientModel;
import org.keycloak.models.ClientScopeModel;
import org.keycloak.models.ClientSecretConstants;
import org.keycloak.models.Constants;
import org.keycloak.models.GroupModel;
import org.keycloak.models.IdentityProviderModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.KeycloakSessionFactory;
import org.keycloak.models.KeycloakSessionTask;
import org.keycloak.models.KeycloakSessionTaskWithResult;
import org.keycloak.models.KeycloakTransactionManager;
import org.keycloak.models.RealmModel;
import org.keycloak.models.RealmProvider;
import org.keycloak.models.RoleModel;
import org.keycloak.models.ScopeContainerModel;
import org.keycloak.models.UserModel;
import org.keycloak.protocol.oidc.OIDCConfigAttributes;
import org.keycloak.provider.Provider;
import org.keycloak.provider.ProviderFactory;
import org.keycloak.representations.idm.CertificateRepresentation;
import org.keycloak.transaction.JtaTransactionManagerLookup;

/* loaded from: input_file:BOOT-INF/lib/keycloak-server-spi-private-20.0.2.jar:org/keycloak/models/utils/KeycloakModelUtils.class */
public final class KeycloakModelUtils {
    public static final String AUTH_TYPE_CLIENT_SECRET = "client-secret";
    public static final String AUTH_TYPE_CLIENT_SECRET_JWT = "client-secret-jwt";
    public static final String GROUP_PATH_SEPARATOR = "/";
    private static final char CLIENT_ROLE_SEPARATOR = '.';

    /* loaded from: input_file:BOOT-INF/lib/keycloak-server-spi-private-20.0.2.jar:org/keycloak/models/utils/KeycloakModelUtils$ScopeComponentModel.class */
    private static class ScopeComponentModel extends ComponentModel {
        private final String componentId;
        private final String providerId;
        private final String providerType;
        private final String realmId;
        private final Config.Scope config;

        public ScopeComponentModel(Class<?> cls, Config.Scope scope, String str, String str2) {
            String str3 = scope.get("provider", Config.getProvider(str));
            this.providerId = str3 == null ? "default" : str3;
            this.config = scope.scope(this.providerId);
            this.componentId = str + "- " + (str2 == null ? "" : "f:" + str2 + ":") + this.providerId;
            this.realmId = str2;
            this.providerType = cls.getName();
        }

        @Override // org.keycloak.component.ComponentModel
        public String getProviderType() {
            return this.providerType;
        }

        @Override // org.keycloak.component.ComponentModel
        public String getProviderId() {
            return this.providerId;
        }

        @Override // org.keycloak.component.ComponentModel
        public String getName() {
            return this.componentId + "-config";
        }

        @Override // org.keycloak.component.ComponentModel
        public String getId() {
            return this.componentId;
        }

        @Override // org.keycloak.component.ComponentModel
        public String getParentId() {
            return this.realmId;
        }

        @Override // org.keycloak.component.ComponentModel
        public boolean get(String str, boolean z) {
            return this.config.getBoolean(str, Boolean.valueOf(z)).booleanValue();
        }

        @Override // org.keycloak.component.ComponentModel
        public long get(String str, long j) {
            return this.config.getLong(str, Long.valueOf(j)).longValue();
        }

        @Override // org.keycloak.component.ComponentModel
        public int get(String str, int i) {
            return this.config.getInt(str, Integer.valueOf(i)).intValue();
        }

        @Override // org.keycloak.component.ComponentModel
        public String get(String str, String str2) {
            return this.config.get(str, str2);
        }

        @Override // org.keycloak.component.ComponentModel
        public String get(String str) {
            return get(str, (String) null);
        }
    }

    private KeycloakModelUtils() {
    }

    public static String generateId() {
        return UUID.randomUUID().toString();
    }

    public static PublicKey getPublicKey(String str) {
        if (str == null) {
            return null;
        }
        try {
            return PemUtils.decodePublicKey(str);
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    public static X509Certificate getCertificate(String str) {
        if (str == null) {
            return null;
        }
        try {
            return PemUtils.decodeCertificate(str);
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    public static PrivateKey getPrivateKey(String str) {
        if (str == null) {
            return null;
        }
        try {
            return PemUtils.decodePrivateKey(str);
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    public static Key getSecretKey(String str) {
        if (str != null) {
            return new SecretKeySpec(str.getBytes(), HmacOTP.HMAC_SHA256);
        }
        return null;
    }

    public static String getPemFromKey(Key key) {
        return PemUtils.encodeKey(key);
    }

    public static String getPemFromCertificate(X509Certificate x509Certificate) {
        return PemUtils.encodeCertificate(x509Certificate);
    }

    public static CertificateRepresentation generateKeyPairCertificate(String str) {
        KeyPair generateRsaKeyPair = KeyUtils.generateRsaKeyPair(2048);
        X509Certificate generateV1SelfSignedCertificate = CertificateUtils.generateV1SelfSignedCertificate(generateRsaKeyPair, str);
        String encodeKey = PemUtils.encodeKey(generateRsaKeyPair.getPrivate());
        String encodeCertificate = PemUtils.encodeCertificate(generateV1SelfSignedCertificate);
        CertificateRepresentation certificateRepresentation = new CertificateRepresentation();
        certificateRepresentation.setPrivateKey(encodeKey);
        certificateRepresentation.setCertificate(encodeCertificate);
        return certificateRepresentation;
    }

    public static String generateSecret(ClientModel clientModel) {
        String randomString = SecretGenerator.getInstance().randomString(getSecretLengthByAuthenticationType(clientModel.getClientAuthenticatorType(), clientModel.getAttribute(OIDCConfigAttributes.TOKEN_ENDPOINT_AUTH_SIGNING_ALG)));
        clientModel.setSecret(randomString);
        clientModel.setAttribute(ClientSecretConstants.CLIENT_SECRET_CREATION_TIME, String.valueOf(Time.currentTime()));
        return randomString;
    }

    public static String getDefaultClientAuthenticatorType() {
        return AUTH_TYPE_CLIENT_SECRET;
    }

    public static String generateCodeSecret() {
        return UUID.randomUUID().toString();
    }

    public static ClientModel createManagementClient(RealmModel realmModel, String str) {
        ClientModel createClient = createClient(realmModel, str);
        createClient.setBearerOnly(true);
        return createClient;
    }

    public static ClientModel createPublicClient(RealmModel realmModel, String str) {
        ClientModel createClient = createClient(realmModel, str);
        createClient.setPublicClient(true);
        return createClient;
    }

    private static ClientModel createClient(RealmModel realmModel, String str) {
        ClientModel addClient = realmModel.addClient(str);
        addClient.setClientAuthenticatorType(getDefaultClientAuthenticatorType());
        return addClient;
    }

    public static boolean searchFor(RoleModel roleModel, RoleModel roleModel2, Set<String> set) {
        if (set.contains(roleModel2.getId())) {
            return false;
        }
        set.add(roleModel2.getId());
        if (!roleModel2.isComposite()) {
            return false;
        }
        Set set2 = (Set) roleModel2.getCompositesStream().collect(Collectors.toSet());
        return set2.contains(roleModel) || set2.stream().anyMatch(roleModel3 -> {
            return roleModel3.isComposite() && searchFor(roleModel, roleModel3, set);
        });
    }

    public static UserModel findUserByNameOrEmail(KeycloakSession keycloakSession, RealmModel realmModel, String str) {
        UserModel userByEmail;
        return (!realmModel.isLoginWithEmailAllowed() || str.indexOf(64) == -1 || (userByEmail = keycloakSession.users().getUserByEmail(realmModel, str)) == null) ? keycloakSession.users().getUserByUsername(realmModel, str) : userByEmail;
    }

    public static void runJobInTransaction(KeycloakSessionFactory keycloakSessionFactory, KeycloakSessionTask keycloakSessionTask) {
        KeycloakSession create = keycloakSessionFactory.create();
        KeycloakTransactionManager transactionManager = create.getTransactionManager();
        try {
            try {
                transactionManager.begin();
                keycloakSessionTask.run(create);
                if (transactionManager.isActive()) {
                    if (transactionManager.getRollbackOnly()) {
                        transactionManager.rollback();
                    } else {
                        transactionManager.commit();
                    }
                }
            } catch (RuntimeException e) {
                if (transactionManager.isActive()) {
                    transactionManager.rollback();
                }
                throw e;
            }
        } finally {
            create.close();
        }
    }

    public static <V> V runJobInRetriableTransaction(KeycloakSessionFactory keycloakSessionFactory, KeycloakSessionTaskWithResult<V> keycloakSessionTaskWithResult, int i, int i2) {
        int i3 = 0;
        Random random = new Random();
        while (true) {
            KeycloakSession create = keycloakSessionFactory.create();
            KeycloakTransactionManager transactionManager = create.getTransactionManager();
            try {
                transactionManager.begin();
                V run = keycloakSessionTaskWithResult.run(create);
                if (transactionManager.isActive()) {
                    if (transactionManager.getRollbackOnly()) {
                        transactionManager.rollback();
                    } else {
                        transactionManager.commit();
                    }
                }
                create.close();
                return run;
            } catch (RuntimeException e) {
                try {
                    if (transactionManager.isActive()) {
                        transactionManager.rollback();
                    }
                    if (!isExceptionRetriable(e)) {
                        break;
                    }
                    i3++;
                    if (i3 >= i) {
                        break;
                    }
                    try {
                        Thread.sleep(Math.min(i2 * i, (1 << i3) * i2) + random.nextInt(i2));
                        create.close();
                    } catch (InterruptedException e2) {
                        e2.addSuppressed(e);
                        throw new RuntimeException(e2);
                    }
                    throw e;
                } catch (Throwable th) {
                    create.close();
                    throw th;
                }
            }
        }
        throw e;
    }

    public static boolean isExceptionRetriable(Exception exc) {
        Throwable th;
        Objects.requireNonNull(exc);
        Throwable th2 = exc;
        while (true) {
            th = th2;
            if (th.getCause() == null || th.getCause() == th) {
                break;
            }
            th2 = th.getCause();
        }
        if (th instanceof SQLException) {
            return "40001".equals(((SQLException) th).getSQLState());
        }
        return false;
    }

    public static void runJobInTransactionWithTimeout(KeycloakSessionFactory keycloakSessionFactory, KeycloakSessionTask keycloakSessionTask, int i) {
        try {
            setTransactionLimit(keycloakSessionFactory, i);
            runJobInTransaction(keycloakSessionFactory, keycloakSessionTask);
        } finally {
            setTransactionLimit(keycloakSessionFactory, 0);
        }
    }

    public static void setTransactionLimit(KeycloakSessionFactory keycloakSessionFactory, int i) {
        JtaTransactionManagerLookup jtaTransactionManagerLookup = (JtaTransactionManagerLookup) keycloakSessionFactory.getProviderFactory(JtaTransactionManagerLookup.class);
        if (jtaTransactionManagerLookup == null || jtaTransactionManagerLookup.getTransactionManager() == null) {
            return;
        }
        try {
            jtaTransactionManagerLookup.getTransactionManager().setTransactionTimeout(i);
        } catch (SystemException e) {
            throw new RuntimeException((Throwable) e);
        }
    }

    public static Function<KeycloakSessionFactory, ComponentModel> componentModelGetter(String str, String str2) {
        return keycloakSessionFactory -> {
            return getComponentModel(keycloakSessionFactory, str, str2);
        };
    }

    public static ComponentModel getComponentModel(KeycloakSessionFactory keycloakSessionFactory, String str, String str2) {
        AtomicReference atomicReference = new AtomicReference();
        runJobInTransaction(keycloakSessionFactory, keycloakSession -> {
            RealmModel realm = keycloakSession.realms().getRealm(str);
            atomicReference.set(realm == null ? null : realm.getComponent(str2));
        });
        return (ComponentModel) atomicReference.get();
    }

    public static <T extends Provider> ProviderFactory<T> getComponentFactory(KeycloakSessionFactory keycloakSessionFactory, Class<T> cls, Config.Scope scope, String str) {
        String str2 = scope.get("realmId");
        String str3 = scope.get("componentId");
        if (str2 != null && str3 != null) {
            return keycloakSessionFactory.getProviderFactory(cls, str2, str3, componentModelGetter(str2, str3));
        }
        ScopeComponentModel scopeComponentModel = new ScopeComponentModel(cls, scope, str, "ROOT");
        return keycloakSessionFactory.getProviderFactory(cls, "ROOT", scopeComponentModel.getId(), keycloakSessionFactory2 -> {
            return scopeComponentModel;
        });
    }

    public static String getMasterRealmAdminApplicationClientId(String str) {
        return str + "-realm";
    }

    public static ComponentModel createComponentModel(String str, String str2, String str3, String str4, String... strArr) {
        String str5;
        ComponentModel componentModel = new ComponentModel();
        componentModel.setParentId(str2);
        componentModel.setName(str);
        componentModel.setProviderId(str3);
        componentModel.setProviderType(str4);
        String str6 = null;
        for (String str7 : strArr) {
            if (str6 == null) {
                str5 = str7;
            } else {
                componentModel.getConfig().add(str6, str7);
                str5 = null;
            }
            str6 = str5;
        }
        if (str6 != null) {
            throw new IllegalStateException("Invalid count of arguments for config. Maybe mistake?");
        }
        return componentModel;
    }

    public static String toLowerCaseSafe(String str) {
        if (str == null) {
            return null;
        }
        return str.toLowerCase();
    }

    public static void setupDefaultRole(RealmModel realmModel, String str) {
        RoleModel addRole = realmModel.addRole(str);
        addRole.setDescription("${role_default-roles}");
        realmModel.setDefaultRole(addRole);
    }

    public static RoleModel setupOfflineRole(RealmModel realmModel) {
        RoleModel role = realmModel.getRole("offline_access");
        if (role == null) {
            role = realmModel.addRole("offline_access");
            role.setDescription("${role_offline-access}");
            realmModel.addToDefaultRoles(role);
        }
        return role;
    }

    public static void setupDeleteAccount(ClientModel clientModel) {
        RoleModel role = clientModel.getRole(AccountRoles.DELETE_ACCOUNT);
        if (role == null) {
            role = clientModel.addRole(AccountRoles.DELETE_ACCOUNT);
        }
        role.setDescription("${role_delete-account}");
    }

    public static void deepFindAuthenticationExecutions(RealmModel realmModel, AuthenticationFlowModel authenticationFlowModel, List<AuthenticationExecutionModel> list) {
        realmModel.getAuthenticationExecutionsStream(authenticationFlowModel.getId()).forEachOrdered(authenticationExecutionModel -> {
            if (authenticationExecutionModel.isAuthenticatorFlow()) {
                deepFindAuthenticationExecutions(realmModel, realmModel.getAuthenticationFlowById(authenticationExecutionModel.getFlowId()), list);
            } else {
                list.add(authenticationExecutionModel);
            }
        });
    }

    public static String resolveFirstAttribute(GroupModel groupModel, String str) {
        String firstAttribute = groupModel.getFirstAttribute(str);
        if (firstAttribute != null) {
            return firstAttribute;
        }
        if (groupModel.getParentId() == null) {
            return null;
        }
        return resolveFirstAttribute(groupModel.getParent(), str);
    }

    public static Collection<String> resolveAttribute(GroupModel groupModel, String str, boolean z) {
        Set set = (Set) groupModel.getAttributeStream(str).collect(Collectors.toSet());
        if ((set.isEmpty() || z) && groupModel.getParentId() != null) {
            set.addAll(resolveAttribute(groupModel.getParent(), str, z));
        }
        return set;
    }

    public static Collection<String> resolveAttribute(UserModel userModel, String str, boolean z) {
        List list = (List) userModel.getAttributeStream(str).collect(Collectors.toList());
        HashSet hashSet = new HashSet();
        if (!list.isEmpty()) {
            if (!z) {
                return list;
            }
            hashSet.addAll(list);
        }
        Stream filter = userModel.getGroupsStream().map(groupModel -> {
            return resolveAttribute(groupModel, str, z);
        }).filter((v0) -> {
            return Objects.nonNull(v0);
        }).filter(collection -> {
            return !collection.isEmpty();
        });
        if (z) {
            hashSet.addAll((Collection) filter.flatMap((v0) -> {
                return v0.stream();
            }).collect(Collectors.toSet()));
        } else {
            Optional findFirst = filter.findFirst();
            if (findFirst.isPresent()) {
                return (Collection) findFirst.get();
            }
        }
        return hashSet;
    }

    private static GroupModel findSubGroup(String[] strArr, int i, GroupModel groupModel) {
        return (GroupModel) groupModel.getSubGroupsStream().map(groupModel2 -> {
            GroupModel findSubGroup;
            String name = groupModel2.getName();
            String[] formatPathSegments = formatPathSegments(strArr, i, name);
            if (!name.equals(formatPathSegments[i])) {
                return null;
            }
            if (formatPathSegments.length == i + 1) {
                return groupModel2;
            }
            if (i + 1 >= formatPathSegments.length || (findSubGroup = findSubGroup(formatPathSegments, i + 1, groupModel2)) == null) {
                return null;
            }
            return findSubGroup;
        }).filter((v0) -> {
            return Objects.nonNull(v0);
        }).findFirst().orElse(null);
    }

    private static String[] formatPathSegments(String[] strArr, int i, String str) {
        String[] split = str.split("/");
        if (split.length <= 1 || strArr.length < split.length) {
            return strArr;
        }
        for (int i2 = 0; i2 < split.length; i2++) {
            if (!split[i2].equals(strArr[i + i2])) {
                return strArr;
            }
        }
        int length = split.length - 1;
        String[] strArr2 = new String[strArr.length - length];
        for (int i3 = 0; i3 < strArr2.length; i3++) {
            if (i3 == i) {
                strArr2[i3] = str;
            } else if (i3 > i) {
                strArr2[i3] = strArr[i3 + length];
            } else {
                strArr2[i3] = strArr[i3];
            }
        }
        return strArr2;
    }

    public static GroupModel findGroupByPath(RealmModel realmModel, String str) {
        if (str == null) {
            return null;
        }
        if (str.startsWith("/")) {
            str = str.substring(1);
        }
        if (str.endsWith("/")) {
            str = str.substring(0, str.length() - 1);
        }
        String[] split = str.split("/");
        if (split.length == 0) {
            return null;
        }
        return (GroupModel) realmModel.getTopLevelGroupsStream().map(groupModel -> {
            GroupModel findSubGroup;
            String name = groupModel.getName();
            String[] formatPathSegments = formatPathSegments(split, 0, name);
            if (!name.equals(formatPathSegments[0])) {
                return null;
            }
            if (formatPathSegments.length == 1) {
                return groupModel;
            }
            if (formatPathSegments.length <= 1 || (findSubGroup = findSubGroup(formatPathSegments, 1, groupModel)) == null) {
                return null;
            }
            return findSubGroup;
        }).filter((v0) -> {
            return Objects.nonNull(v0);
        }).findFirst().orElse(null);
    }

    private static void buildGroupPath(StringBuilder sb, String str, GroupModel groupModel) {
        if (groupModel != null) {
            buildGroupPath(sb, groupModel.getName(), groupModel.getParent());
        }
        sb.append("/").append(str);
    }

    public static String buildGroupPath(GroupModel groupModel) {
        StringBuilder sb = new StringBuilder();
        buildGroupPath(sb, groupModel.getName(), groupModel.getParent());
        return sb.toString();
    }

    public static String buildGroupPath(GroupModel groupModel, GroupModel groupModel2) {
        StringBuilder sb = new StringBuilder();
        buildGroupPath(sb, groupModel.getName(), groupModel2);
        return sb.toString();
    }

    public static String normalizeGroupPath(String str) {
        if (str == null) {
            return null;
        }
        String str2 = str;
        if (!str2.startsWith("/")) {
            str2 = "/" + str2;
        }
        if (str2.endsWith("/")) {
            str2 = str2.substring(0, str2.length() - 1);
        }
        return str2;
    }

    @Deprecated
    public static Set<RoleModel> getClientScopeMappings(ClientModel clientModel, ScopeContainerModel scopeContainerModel) {
        return (Set) getClientScopeMappingsStream(clientModel, scopeContainerModel).collect(Collectors.toSet());
    }

    public static Stream<RoleModel> getClientScopeMappingsStream(ClientModel clientModel, ScopeContainerModel scopeContainerModel) {
        return scopeContainerModel.getScopeMappingsStream().filter(roleModel -> {
            return (roleModel.getContainer() instanceof ClientModel) && Objects.equals(clientModel.getId(), roleModel.getContainer().getId());
        });
    }

    public static RoleModel getRoleFromString(RealmModel realmModel, String str) {
        if (str == null) {
            return null;
        }
        int lastIndexOf = str.lastIndexOf(46);
        while (true) {
            int i = lastIndexOf;
            if (i < 0) {
                return realmModel.getRole(str);
            }
            ClientModel clientByClientId = realmModel.getClientByClientId(str.substring(0, i));
            if (clientByClientId != null) {
                return clientByClientId.getRole(str.substring(i + 1));
            }
            lastIndexOf = str.lastIndexOf(46, i - 1);
        }
    }

    public static String[] parseRole(String str) {
        int lastIndexOf = str.lastIndexOf(46);
        return lastIndexOf > -1 ? new String[]{str.substring(0, lastIndexOf), str.substring(lastIndexOf + 1)} : new String[]{null, str};
    }

    public static String buildRoleQualifier(String str, String str2) {
        return str == null ? str2 : str + '.' + str2;
    }

    public static boolean isFlowUsed(RealmModel realmModel, AuthenticationFlowModel authenticationFlowModel) {
        AuthenticationFlowModel browserFlow = realmModel.getBrowserFlow();
        if (browserFlow != null && browserFlow.getId().equals(authenticationFlowModel.getId())) {
            return true;
        }
        AuthenticationFlowModel registrationFlow = realmModel.getRegistrationFlow();
        if (registrationFlow != null && registrationFlow.getId().equals(authenticationFlowModel.getId())) {
            return true;
        }
        AuthenticationFlowModel clientAuthenticationFlow = realmModel.getClientAuthenticationFlow();
        if (clientAuthenticationFlow != null && clientAuthenticationFlow.getId().equals(authenticationFlowModel.getId())) {
            return true;
        }
        AuthenticationFlowModel directGrantFlow = realmModel.getDirectGrantFlow();
        if (directGrantFlow != null && directGrantFlow.getId().equals(authenticationFlowModel.getId())) {
            return true;
        }
        AuthenticationFlowModel resetCredentialsFlow = realmModel.getResetCredentialsFlow();
        if (resetCredentialsFlow != null && resetCredentialsFlow.getId().equals(authenticationFlowModel.getId())) {
            return true;
        }
        AuthenticationFlowModel dockerAuthenticationFlow = realmModel.getDockerAuthenticationFlow();
        if (dockerAuthenticationFlow == null || !dockerAuthenticationFlow.getId().equals(authenticationFlowModel.getId())) {
            return realmModel.getIdentityProvidersStream().anyMatch(identityProviderModel -> {
                return Objects.equals(identityProviderModel.getFirstBrokerLoginFlowId(), authenticationFlowModel.getId()) || Objects.equals(identityProviderModel.getPostBrokerLoginFlowId(), authenticationFlowModel.getId());
            });
        }
        return true;
    }

    public static ClientScopeModel getClientScopeByName(RealmModel realmModel, String str) {
        return realmModel.getClientScopesStream().filter(clientScopeModel -> {
            return Objects.equals(str, clientScopeModel.getName());
        }).findFirst().orElseGet(() -> {
            return realmModel.getClientByClientId(str);
        });
    }

    public static ClientScopeModel findClientScopeById(RealmModel realmModel, ClientModel clientModel, String str) {
        if (clientModel.getId().equals(str)) {
            return clientModel;
        }
        ClientScopeModel clientScopeById = realmModel.getClientScopeById(str);
        if (clientScopeById == null) {
            clientScopeById = clientModel.getDynamicClientScope(str);
        }
        return clientScopeById != null ? clientScopeById : realmModel.getClientById(str);
    }

    public static String convertClientScopeName(String str) {
        return str.contains(" ") ? str.replaceAll(" ", "_") : str;
    }

    public static void setupAuthorizationServices(RealmModel realmModel) {
        for (String str : Constants.AUTHZ_DEFAULT_AUTHORIZATION_ROLES) {
            if (realmModel.getRole(str) == null) {
                RoleModel addRole = realmModel.addRole(str);
                addRole.setDescription("${role_" + str + "}");
                realmModel.addToDefaultRoles(addRole);
            }
        }
    }

    public static void suspendJtaTransaction(KeycloakSessionFactory keycloakSessionFactory, Runnable runnable) {
        JtaTransactionManagerLookup jtaTransactionManagerLookup = (JtaTransactionManagerLookup) keycloakSessionFactory.getProviderFactory(JtaTransactionManagerLookup.class);
        Transaction transaction = null;
        if (jtaTransactionManagerLookup != null) {
            try {
                if (jtaTransactionManagerLookup.getTransactionManager() != null) {
                    try {
                        transaction = jtaTransactionManagerLookup.getTransactionManager().suspend();
                    } catch (SystemException e) {
                        throw new RuntimeException((Throwable) e);
                    }
                }
            } catch (Throwable th) {
                if (transaction != null) {
                    try {
                        jtaTransactionManagerLookup.getTransactionManager().resume(transaction);
                    } catch (InvalidTransactionException | SystemException e2) {
                        throw new RuntimeException((Throwable) e2);
                    }
                }
                throw th;
            }
        }
        runnable.run();
        if (transaction != null) {
            try {
                jtaTransactionManagerLookup.getTransactionManager().resume(transaction);
            } catch (InvalidTransactionException | SystemException e3) {
                throw new RuntimeException((Throwable) e3);
            }
        }
    }

    public static String getIdentityProviderDisplayName(KeycloakSession keycloakSession, IdentityProviderModel identityProviderModel) {
        String displayName = identityProviderModel.getDisplayName();
        if (displayName != null && !displayName.isEmpty()) {
            return displayName;
        }
        SocialIdentityProviderFactory socialIdentityProviderFactory = (SocialIdentityProviderFactory) keycloakSession.getKeycloakSessionFactory().getProviderFactory(SocialIdentityProvider.class, identityProviderModel.getProviderId());
        return socialIdentityProviderFactory != null ? socialIdentityProviderFactory.getName() : identityProviderModel.getAlias();
    }

    public static boolean isRealmProviderJpa(KeycloakSession keycloakSession) {
        Set<String> listProviderIds = keycloakSession.listProviderIds(RealmProvider.class);
        return listProviderIds != null && listProviderIds.size() == 1 && listProviderIds.iterator().next().equals("jpa");
    }

    public static int getSecretLengthByAuthenticationType(String str, String str2) {
        if (str == null) {
            return 32;
        }
        boolean z = -1;
        switch (str.hashCode()) {
            case 555959148:
                if (str.equals(AUTH_TYPE_CLIENT_SECRET_JWT)) {
                    z = false;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                if (Algorithm.HS384.equals(str2)) {
                    return 48;
                }
                return Algorithm.HS512.equals(str2) ? 64 : 32;
            default:
                return 32;
        }
    }

    public static boolean isUsernameCaseSensitive(RealmModel realmModel) {
        return realmModel.getAttribute(Constants.REALM_ATTR_USERNAME_CASE_SENSITIVE, Constants.REALM_ATTR_USERNAME_CASE_SENSITIVE_DEFAULT).booleanValue();
    }
}
