package org.keycloak.testsuite.federation;

import java.util.Collections;
import java.util.List;
import java.util.Objects;
import java.util.Optional;
import java.util.Set;
import java.util.function.Predicate;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import org.keycloak.component.ComponentModel;
import org.keycloak.credential.CredentialInput;
import org.keycloak.credential.CredentialInputUpdater;
import org.keycloak.credential.CredentialInputValidator;
import org.keycloak.credential.CredentialModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.models.UserModel;
import org.keycloak.storage.StorageId;
import org.keycloak.storage.UserStorageProvider;
import org.keycloak.storage.UserStorageUtil;
import org.keycloak.storage.adapter.AbstractUserAdapterFederatedStorage;
import org.keycloak.storage.user.UserLookupProvider;

/* loaded from: input_file:org/keycloak/testsuite/federation/PassThroughFederatedUserStorageProvider.class */
public class PassThroughFederatedUserStorageProvider implements UserStorageProvider, UserLookupProvider, CredentialInputValidator, CredentialInputUpdater {
    public static final Set<String> CREDENTIAL_TYPES = Collections.singleton("password");
    public static final String PASSTHROUGH_USERNAME = "passthrough";
    public static final String INITIAL_PASSWORD = "secret";
    private KeycloakSession session;
    private ComponentModel component;

    public PassThroughFederatedUserStorageProvider(KeycloakSession keycloakSession, ComponentModel componentModel) {
        this.session = keycloakSession;
        this.component = componentModel;
    }

    public Set<String> getSupportedCredentialTypes() {
        return CREDENTIAL_TYPES;
    }

    public boolean supportsCredentialType(String str) {
        return getSupportedCredentialTypes().contains(str);
    }

    public boolean isConfiguredFor(RealmModel realmModel, UserModel userModel, String str) {
        return "password".equals(str);
    }

    public boolean isValid(RealmModel realmModel, UserModel userModel, CredentialInput credentialInput) {
        if (!credentialInput.getType().equals("password")) {
            return false;
        }
        if ("secret".equals(credentialInput.getChallengeResponse())) {
            return true;
        }
        return UserStorageUtil.userFederatedStorage(this.session).getStoredCredentialsByTypeStream(realmModel, userModel.getId(), "CLEAR_TEXT_PASSWORD").map(credentialModel -> {
            return credentialModel.getSecretData();
        }).anyMatch(Predicate.isEqual("{\"value\":\"" + credentialInput.getChallengeResponse() + "\"}"));
    }

    public boolean updateCredential(RealmModel realmModel, UserModel userModel, CredentialInput credentialInput) {
        if (!credentialInput.getType().equals("password")) {
            return false;
        }
        Optional findFirst = UserStorageUtil.userFederatedStorage(this.session).getStoredCredentialsByTypeStream(realmModel, userModel.getId(), "CLEAR_TEXT_PASSWORD").findFirst();
        if (findFirst.isPresent()) {
            CredentialModel credentialModel = (CredentialModel) findFirst.get();
            credentialModel.setType("CLEAR_TEXT_PASSWORD");
            credentialModel.setSecretData("{\"value\":\"" + credentialInput.getChallengeResponse() + "\"}");
            UserStorageUtil.userFederatedStorage(this.session).updateCredential(realmModel, userModel.getId(), credentialModel);
            return true;
        }
        CredentialModel credentialModel2 = new CredentialModel();
        credentialModel2.setType("CLEAR_TEXT_PASSWORD");
        credentialModel2.setSecretData("{\"value\":\"" + credentialInput.getChallengeResponse() + "\"}");
        UserStorageUtil.userFederatedStorage(this.session).createCredential(realmModel, userModel.getId(), credentialModel2);
        return true;
    }

    public void disableCredentialType(RealmModel realmModel, UserModel userModel, String str) {
        ((List) UserStorageUtil.userFederatedStorage(this.session).getStoredCredentialsByTypeStream(realmModel, userModel.getId(), "CLEAR_TEXT_PASSWORD").collect(Collectors.toList())).forEach(credentialModel -> {
            UserStorageUtil.userFederatedStorage(this.session).removeStoredCredential(realmModel, userModel.getId(), credentialModel.getId());
        });
    }

    public Stream<String> getDisableableCredentialTypesStream(RealmModel realmModel, UserModel userModel) {
        return CREDENTIAL_TYPES.stream();
    }

    public void close() {
    }

    public UserModel getUserById(RealmModel realmModel, String str) {
        if (StorageId.externalId(str).equals(PASSTHROUGH_USERNAME)) {
            return getUserModel(realmModel);
        }
        return null;
    }

    public UserModel getUserByUsername(RealmModel realmModel, String str) {
        if (PASSTHROUGH_USERNAME.equals(str)) {
            return getUserModel(realmModel);
        }
        return null;
    }

    public UserModel getUserByEmail(RealmModel realmModel, String str) {
        if (UserStorageUtil.userFederatedStorage(this.session).getUsersByUserAttributeStream(realmModel, AbstractUserAdapterFederatedStorage.EMAIL_ATTRIBUTE, str).map(StorageId::new).filter(storageId -> {
            return Objects.equals(storageId.getExternalId(), PASSTHROUGH_USERNAME);
        }).filter(storageId2 -> {
            return Objects.equals(storageId2.getProviderId(), this.component.getId());
        }).findFirst().isPresent()) {
            return getUserModel(realmModel);
        }
        return null;
    }

    private UserModel getUserModel(RealmModel realmModel) {
        return new AbstractUserAdapterFederatedStorage.Streams(this.session, realmModel, this.component) { // from class: org.keycloak.testsuite.federation.PassThroughFederatedUserStorageProvider.1
            public String getUsername() {
                return PassThroughFederatedUserStorageProvider.PASSTHROUGH_USERNAME;
            }

            public void setUsername(String str) {
            }
        };
    }
}
