package org.keycloak.testsuite.federation;

import java.util.Map;
import java.util.Objects;
import java.util.Set;
import java.util.concurrent.ConcurrentMap;
import java.util.concurrent.ConcurrentSkipListSet;
import java.util.concurrent.atomic.AtomicInteger;
import java.util.stream.Stream;
import org.jboss.logging.Logger;
import org.keycloak.component.ComponentModel;
import org.keycloak.credential.CredentialInput;
import org.keycloak.credential.CredentialInputUpdater;
import org.keycloak.credential.CredentialInputValidator;
import org.keycloak.models.GroupModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.models.RoleModel;
import org.keycloak.models.UserCredentialModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.credential.PasswordUserCredentialModel;
import org.keycloak.storage.ReadOnlyException;
import org.keycloak.storage.StorageId;
import org.keycloak.storage.UserStoragePrivateUtil;
import org.keycloak.storage.UserStorageProvider;
import org.keycloak.storage.UserStorageUtil;
import org.keycloak.storage.adapter.AbstractUserAdapterFederatedStorage;
import org.keycloak.storage.federated.UserGroupMembershipFederatedStorage;
import org.keycloak.storage.user.ImportedUserValidation;
import org.keycloak.storage.user.UserLookupProvider;
import org.keycloak.storage.user.UserQueryProvider;
import org.keycloak.storage.user.UserRegistrationProvider;
import org.keycloak.utils.StreamsUtil;

/* loaded from: input_file:org/keycloak/testsuite/federation/UserMapStorage.class */
public class UserMapStorage implements UserLookupProvider, UserStorageProvider, UserRegistrationProvider, CredentialInputUpdater, CredentialInputValidator, UserGroupMembershipFederatedStorage.Streams, UserQueryProvider, ImportedUserValidation {
    protected final Map<String, String> userPasswords;
    protected final ConcurrentMap<String, Set<String>> userGroups;
    protected ComponentModel model;
    protected KeycloakSession session;
    protected UserStorageProvider.EditMode editMode;
    private transient Boolean importEnabled;
    private static final Logger log = Logger.getLogger(UserMapStorage.class);
    public static final AtomicInteger allocations = new AtomicInteger(0);
    public static final AtomicInteger closings = new AtomicInteger(0);
    public static final AtomicInteger realmRemovals = new AtomicInteger(0);
    public static final AtomicInteger groupRemovals = new AtomicInteger(0);
    public static final AtomicInteger roleRemovals = new AtomicInteger(0);

    public UserMapStorage(KeycloakSession keycloakSession, ComponentModel componentModel, Map<String, String> map, ConcurrentMap<String, Set<String>> concurrentMap) {
        this.session = keycloakSession;
        this.model = componentModel;
        this.userPasswords = map;
        this.userGroups = concurrentMap;
        allocations.incrementAndGet();
        String str = (String) componentModel.getConfig().getFirst("editMode");
        if (str == null) {
            this.editMode = UserStorageProvider.EditMode.UNSYNCED;
        } else {
            this.editMode = UserStorageProvider.EditMode.valueOf(str);
        }
    }

    private static String getUserIdInMap(RealmModel realmModel, String str) {
        return realmModel.getId() + "/" + str;
    }

    public UserModel getUserById(RealmModel realmModel, String str) {
        String externalId = new StorageId(str).getExternalId();
        if (this.userPasswords.containsKey(translateUserName(externalId))) {
            return createUser(realmModel, externalId);
        }
        return null;
    }

    public Set<String> getUsernames() {
        return this.userPasswords.keySet();
    }

    private UserModel createUser(RealmModel realmModel, final String str) {
        UserModel userModel;
        if (isImportEnabled()) {
            userModel = UserStoragePrivateUtil.userLocalStorage(this.session).addUser(realmModel, str);
            userModel.setEnabled(true);
            userModel.setFederationLink(this.model.getId());
        } else {
            userModel = new AbstractUserAdapterFederatedStorage.Streams(this.session, realmModel, this.model) { // from class: org.keycloak.testsuite.federation.UserMapStorage.1
                public String getUsername() {
                    return str.toLowerCase();
                }

                public void setUsername(String str2) {
                    if (!Objects.equals(str2, str.toLowerCase())) {
                        throw new RuntimeException("Unsupported");
                    }
                }

                public void leaveGroup(GroupModel groupModel) {
                    UserMapStorage.this.leaveGroup(this.realm, getUsername(), groupModel);
                }

                public void joinGroup(GroupModel groupModel) {
                    UserMapStorage.this.joinGroup(this.realm, getUsername(), groupModel);
                }

                public String getFederationLink() {
                    return UserMapStorage.this.model.getId();
                }
            };
        }
        return userModel;
    }

    public boolean supportsCredentialType(String str) {
        return "password".equals(str);
    }

    public boolean updateCredential(RealmModel realmModel, UserModel userModel, CredentialInput credentialInput) {
        if (this.editMode == UserStorageProvider.EditMode.READ_ONLY) {
            throw new ReadOnlyException("Federated storage is not writable");
        }
        if (!(credentialInput instanceof UserCredentialModel) || !credentialInput.getType().equals("password")) {
            return false;
        }
        this.userPasswords.put(translateUserName(userModel.getUsername()), credentialInput.getChallengeResponse());
        return true;
    }

    public void disableCredentialType(RealmModel realmModel, UserModel userModel, String str) {
    }

    public Stream<String> getDisableableCredentialTypesStream(RealmModel realmModel, UserModel userModel) {
        return Stream.empty();
    }

    public boolean isConfiguredFor(RealmModel realmModel, UserModel userModel, String str) {
        return "password".equals(str);
    }

    public boolean isValid(RealmModel realmModel, UserModel userModel, CredentialInput credentialInput) {
        String str;
        return (credentialInput instanceof PasswordUserCredentialModel) && credentialInput.getType().equals("password") && (str = this.userPasswords.get(translateUserName(userModel.getUsername()))) != null && str.equals(((UserCredentialModel) credentialInput).getValue());
    }

    public UserModel getUserByUsername(RealmModel realmModel, String str) {
        if (this.userPasswords.containsKey(translateUserName(str))) {
            return createUser(realmModel, str);
        }
        return null;
    }

    public UserModel getUserByEmail(RealmModel realmModel, String str) {
        return null;
    }

    public UserModel addUser(RealmModel realmModel, String str) {
        if (this.editMode == UserStorageProvider.EditMode.READ_ONLY) {
            throw new ReadOnlyException("Federated storage is not writable");
        }
        this.userPasswords.put(translateUserName(str), "");
        return createUser(realmModel, str);
    }

    public boolean removeUser(RealmModel realmModel, UserModel userModel) {
        if (this.editMode != UserStorageProvider.EditMode.READ_ONLY && this.editMode != UserStorageProvider.EditMode.UNSYNCED) {
            return this.userPasswords.remove(translateUserName(userModel.getUsername())) != null;
        }
        log.warnf("User '%s' can't be deleted in LDAP as editMode is '%s'. Deleting user just from Keycloak DB, but he will be re-imported from LDAP again once searched in Keycloak", userModel.getUsername(), this.editMode.toString());
        this.userPasswords.remove(translateUserName(userModel.getUsername()));
        return true;
    }

    public boolean removeUserByName(String str) {
        if (this.editMode != UserStorageProvider.EditMode.READ_ONLY && this.editMode != UserStorageProvider.EditMode.UNSYNCED) {
            return this.userPasswords.remove(translateUserName(str)) != null;
        }
        log.warnf("User '%s' can't be deleted in LDAP as editMode is '%s'. Deleting user just from Keycloak DB, but he will be re-imported from LDAP again once searched in Keycloak", str, this.editMode.toString());
        this.userPasswords.remove(translateUserName(str));
        return true;
    }

    public boolean isImportEnabled() {
        if (this.importEnabled == null) {
            String str = (String) this.model.getConfig().getFirst("importEnabled");
            if (str == null) {
                this.importEnabled = true;
            } else {
                this.importEnabled = Boolean.valueOf(str);
            }
        }
        return this.importEnabled.booleanValue();
    }

    public void setImportEnabled(boolean z) {
        this.importEnabled = Boolean.valueOf(z);
        this.model.getConfig().putSingle("importEnabled", Boolean.toString(z));
    }

    public void preRemove(RealmModel realmModel) {
        log.infof("preRemove: realm=%s", realmModel.getName());
        realmRemovals.incrementAndGet();
    }

    public void preRemove(RealmModel realmModel, GroupModel groupModel) {
        log.infof("preRemove: realm=%s, group=%s", realmModel.getName(), groupModel.getName());
        groupRemovals.incrementAndGet();
    }

    public void preRemove(RealmModel realmModel, RoleModel roleModel) {
        log.infof("preRemove: realm=%s, role=%s", realmModel.getName(), roleModel.getName());
        roleRemovals.incrementAndGet();
    }

    public void close() {
        closings.incrementAndGet();
    }

    public int getUsersCount(RealmModel realmModel) {
        return this.userPasswords.size();
    }

    public Stream<UserModel> searchForUserStream(RealmModel realmModel, String str) {
        String translateUserName = translateUserName(str);
        return this.userPasswords.keySet().stream().sorted().filter(str2 -> {
            return translateUserName(str2).contains(translateUserName);
        }).map(str3 -> {
            return createUser(realmModel, str3);
        });
    }

    public Stream<UserModel> searchForUserStream(RealmModel realmModel, String str, Integer num, Integer num2) {
        translateUserName(str);
        return StreamsUtil.paginatedStream(this.userPasswords.keySet().stream().sorted().filter(str2 -> {
            return translateUserName(str2).contains(str);
        }), num, num2).map(str3 -> {
            return createUser(realmModel, str3);
        });
    }

    /* JADX WARN: Failed to find 'out' block for switch in B:8:0x0064. Please report as an issue. */
    public Stream<UserModel> searchForUserStream(RealmModel realmModel, Map<String, String> map, Integer num, Integer num2) {
        Stream<String> sorted = this.userPasswords.keySet().stream().sorted();
        for (Map.Entry<String, String> entry : map.entrySet()) {
            String key = entry.getKey();
            String value = entry.getValue();
            if (value != null) {
                boolean z = -1;
                switch (key.hashCode()) {
                    case -265713450:
                        if (key.equals("username")) {
                            z = false;
                            break;
                        }
                        break;
                    case 352694088:
                        if (key.equals("keycloak.session.realm.users.query.search")) {
                            z = true;
                            break;
                        }
                        break;
                }
                switch (z) {
                    case false:
                    case true:
                        if (Boolean.valueOf(map.getOrDefault("keycloak.session.realm.users.query.exact", Boolean.FALSE.toString())).booleanValue()) {
                            sorted = sorted.filter(str -> {
                                return str.toLowerCase().equals(value.toLowerCase());
                            });
                            break;
                        } else {
                            sorted = sorted.filter(str2 -> {
                                return str2.toLowerCase().contains(value.toLowerCase());
                            });
                            break;
                        }
                }
            }
        }
        return StreamsUtil.paginatedStream(sorted, num, num2).map(str3 -> {
            return createUser(realmModel, str3);
        });
    }

    public Stream<UserModel> getGroupMembersStream(RealmModel realmModel, GroupModel groupModel, Integer num, Integer num2) {
        return getMembershipStream(realmModel, groupModel, Integer.valueOf(num == null ? -1 : num.intValue()), Integer.valueOf(num2 == null ? -1 : num2.intValue())).map(str -> {
            return createUser(realmModel, str);
        });
    }

    public Stream<UserModel> searchForUserByUserAttributeStream(RealmModel realmModel, String str, String str2) {
        return isImportEnabled() ? UserStoragePrivateUtil.userLocalStorage(this.session).searchForUserByUserAttributeStream(realmModel, str, str2) : UserStorageUtil.userFederatedStorage(this.session).getUsersByUserAttributeStream(realmModel, str, str2).map(str3 -> {
            return createUser(realmModel, str3);
        });
    }

    public Stream<GroupModel> getGroupsStream(RealmModel realmModel, String str) {
        Set<String> set = this.userGroups.get(getUserIdInMap(realmModel, str));
        if (set == null) {
            return Stream.empty();
        }
        Stream<String> stream = set.stream();
        Objects.requireNonNull(realmModel);
        return stream.map(realmModel::getGroupById);
    }

    public void joinGroup(RealmModel realmModel, String str, GroupModel groupModel) {
        this.userGroups.computeIfAbsent(getUserIdInMap(realmModel, str), str2 -> {
            return new ConcurrentSkipListSet();
        }).add(groupModel.getId());
    }

    public void leaveGroup(RealmModel realmModel, String str, GroupModel groupModel) {
        Set<String> set = this.userGroups.get(getUserIdInMap(realmModel, str));
        if (set != null) {
            set.remove(groupModel.getId());
        }
    }

    public Stream<String> getMembershipStream(RealmModel realmModel, GroupModel groupModel, Integer num, Integer num2) {
        return StreamsUtil.paginatedStream(this.userGroups.entrySet().stream(), num, num2).filter(entry -> {
            return ((Set) entry.getValue()).contains(groupModel.getId());
        }).map((v0) -> {
            return v0.getKey();
        }).filter(str -> {
            return str.startsWith(realmModel.getId());
        }).map(str2 -> {
            return str2.substring(str2.indexOf("/") + 1);
        });
    }

    public UserModel validate(RealmModel realmModel, UserModel userModel) {
        boolean containsKey = this.userPasswords.containsKey(translateUserName(userModel.getUsername()));
        if (!containsKey) {
            this.userGroups.remove(getUserIdInMap(realmModel, userModel.getUsername()));
        }
        if (containsKey) {
            return userModel;
        }
        return null;
    }

    private static String translateUserName(String str) {
        if (str == null) {
            return null;
        }
        return str.toLowerCase();
    }
}
