package org.keycloak.services.resources.admin;

import java.util.Collections;
import java.util.Comparator;
import java.util.HashMap;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import javax.ws.rs.Consumes;
import javax.ws.rs.DELETE;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriInfo;
import org.jboss.logging.Logger;
import org.jboss.resteasy.annotations.cache.NoCache;
import org.jboss.resteasy.spi.NotFoundException;
import org.keycloak.events.admin.OperationType;
import org.keycloak.mappers.MapperConfigValidationException;
import org.keycloak.mappers.UserFederationMapper;
import org.keycloak.mappers.UserFederationMapperFactory;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.KeycloakSessionFactory;
import org.keycloak.models.RealmModel;
import org.keycloak.models.UserFederationMapperModel;
import org.keycloak.models.UserFederationProvider;
import org.keycloak.models.UserFederationProviderModel;
import org.keycloak.models.UserFederationSyncResult;
import org.keycloak.models.utils.KeycloakModelUtils;
import org.keycloak.models.utils.ModelToRepresentation;
import org.keycloak.models.utils.RepresentationToModel;
import org.keycloak.provider.ProviderConfigProperty;
import org.keycloak.representations.idm.ConfigPropertyRepresentation;
import org.keycloak.representations.idm.UserFederationMapperRepresentation;
import org.keycloak.representations.idm.UserFederationMapperTypeRepresentation;
import org.keycloak.representations.idm.UserFederationProviderRepresentation;
import org.keycloak.services.ErrorResponseException;
import org.keycloak.services.managers.UsersSyncManager;
import org.keycloak.timer.TimerProvider;

/* loaded from: input_file:org/keycloak/services/resources/admin/UserFederationProviderResource.class */
public class UserFederationProviderResource {
    protected static final Logger logger = Logger.getLogger(UserFederationProviderResource.class);
    private final KeycloakSession session;
    private final RealmModel realm;
    private final RealmAuth auth;
    private final UserFederationProviderModel federationProviderModel;
    private final AdminEventBuilder adminEvent;

    @Context
    private UriInfo uriInfo;

    public UserFederationProviderResource(KeycloakSession keycloakSession, RealmModel realmModel, RealmAuth realmAuth, UserFederationProviderModel userFederationProviderModel, AdminEventBuilder adminEventBuilder) {
        this.session = keycloakSession;
        this.realm = realmModel;
        this.auth = realmAuth;
        this.federationProviderModel = userFederationProviderModel;
        this.adminEvent = adminEventBuilder;
    }

    @NoCache
    @PUT
    @Consumes({"application/json"})
    public void updateProviderInstance(UserFederationProviderRepresentation userFederationProviderRepresentation) {
        this.auth.requireManage();
        String displayName = userFederationProviderRepresentation.getDisplayName();
        if (displayName != null && displayName.trim().equals("")) {
            displayName = null;
        }
        UserFederationProviderModel userFederationProviderModel = new UserFederationProviderModel(userFederationProviderRepresentation.getId(), userFederationProviderRepresentation.getProviderName(), userFederationProviderRepresentation.getConfig(), userFederationProviderRepresentation.getPriority(), displayName, userFederationProviderRepresentation.getFullSyncPeriod(), userFederationProviderRepresentation.getChangedSyncPeriod(), userFederationProviderRepresentation.getLastSync());
        this.realm.updateUserFederationProvider(userFederationProviderModel);
        new UsersSyncManager().refreshPeriodicSyncForProvider(this.session.getKeycloakSessionFactory(), (TimerProvider) this.session.getProvider(TimerProvider.class), userFederationProviderModel, this.realm.getId());
        if (UserFederationProvidersResource.checkKerberosCredential(this.session, this.realm, userFederationProviderModel)) {
            logger.info("Added 'kerberos' to required realm credentials");
        }
        this.adminEvent.operation(OperationType.UPDATE).resourcePath(this.uriInfo).representation(userFederationProviderRepresentation).success();
    }

    @GET
    @Produces({"application/json"})
    @NoCache
    public UserFederationProviderRepresentation getProviderInstance() {
        this.auth.requireView();
        return ModelToRepresentation.toRepresentation(this.federationProviderModel);
    }

    @NoCache
    @DELETE
    public void deleteProviderInstance() {
        this.auth.requireManage();
        this.realm.removeUserFederationProvider(this.federationProviderModel);
        new UsersSyncManager().removePeriodicSyncForProvider((TimerProvider) this.session.getProvider(TimerProvider.class), this.federationProviderModel);
        this.adminEvent.operation(OperationType.DELETE).resourcePath(this.uriInfo).success();
    }

    @POST
    @Path("sync")
    @NoCache
    public UserFederationSyncResult syncUsers(@QueryParam("action") String str) {
        UserFederationSyncResult syncChangedUsers;
        logger.debug("Syncing users");
        this.auth.requireManage();
        UsersSyncManager usersSyncManager = new UsersSyncManager();
        if ("triggerFullSync".equals(str)) {
            syncChangedUsers = usersSyncManager.syncAllUsers(this.session.getKeycloakSessionFactory(), this.realm.getId(), this.federationProviderModel);
        } else {
            if (!"triggerChangedUsersSync".equals(str)) {
                throw new NotFoundException("Unknown action: " + str);
            }
            syncChangedUsers = usersSyncManager.syncChangedUsers(this.session.getKeycloakSessionFactory(), this.realm.getId(), this.federationProviderModel);
        }
        this.adminEvent.operation(OperationType.ACTION).resourcePath(this.uriInfo).success();
        return syncChangedUsers;
    }

    @GET
    @Path("mapper-types")
    @NoCache
    public Map<String, UserFederationMapperTypeRepresentation> getMapperTypes() {
        this.auth.requireView();
        KeycloakSessionFactory keycloakSessionFactory = this.session.getKeycloakSessionFactory();
        HashMap hashMap = new HashMap();
        for (UserFederationMapperFactory userFederationMapperFactory : keycloakSessionFactory.getProviderFactories(UserFederationMapper.class)) {
            if (userFederationMapperFactory.getFederationProviderType().equals(this.federationProviderModel.getProviderName())) {
                UserFederationMapperTypeRepresentation userFederationMapperTypeRepresentation = new UserFederationMapperTypeRepresentation();
                userFederationMapperTypeRepresentation.setId(userFederationMapperFactory.getId());
                userFederationMapperTypeRepresentation.setCategory(userFederationMapperFactory.getDisplayCategory());
                userFederationMapperTypeRepresentation.setName(userFederationMapperFactory.getDisplayType());
                userFederationMapperTypeRepresentation.setHelpText(userFederationMapperFactory.getHelpText());
                userFederationMapperTypeRepresentation.setSyncConfig(userFederationMapperFactory.getSyncConfig());
                for (ProviderConfigProperty providerConfigProperty : userFederationMapperFactory.getConfigProperties()) {
                    ConfigPropertyRepresentation configPropertyRepresentation = new ConfigPropertyRepresentation();
                    configPropertyRepresentation.setName(providerConfigProperty.getName());
                    configPropertyRepresentation.setLabel(providerConfigProperty.getLabel());
                    configPropertyRepresentation.setType(providerConfigProperty.getType());
                    configPropertyRepresentation.setDefaultValue(providerConfigProperty.getDefaultValue());
                    configPropertyRepresentation.setHelpText(providerConfigProperty.getHelpText());
                    userFederationMapperTypeRepresentation.getProperties().add(configPropertyRepresentation);
                }
                userFederationMapperTypeRepresentation.setDefaultConfig(userFederationMapperFactory.getDefaultConfig(this.federationProviderModel));
                hashMap.put(userFederationMapperTypeRepresentation.getId(), userFederationMapperTypeRepresentation);
            }
        }
        return hashMap;
    }

    @GET
    @Path("mappers")
    @NoCache
    @Produces({"application/json"})
    public List<UserFederationMapperRepresentation> getMappers() {
        this.auth.requireView();
        LinkedList linkedList = new LinkedList();
        Iterator it = this.realm.getUserFederationMappersByFederationProvider(this.federationProviderModel.getId()).iterator();
        while (it.hasNext()) {
            linkedList.add(ModelToRepresentation.toRepresentation(this.realm, (UserFederationMapperModel) it.next()));
        }
        Collections.sort(linkedList, new Comparator<UserFederationMapperRepresentation>() { // from class: org.keycloak.services.resources.admin.UserFederationProviderResource.1
            @Override // java.util.Comparator
            public int compare(UserFederationMapperRepresentation userFederationMapperRepresentation, UserFederationMapperRepresentation userFederationMapperRepresentation2) {
                UserFederationMapperFactory providerFactory = UserFederationProviderResource.this.session.getKeycloakSessionFactory().getProviderFactory(UserFederationMapper.class, userFederationMapperRepresentation.getFederationMapperType());
                UserFederationMapperFactory providerFactory2 = UserFederationProviderResource.this.session.getKeycloakSessionFactory().getProviderFactory(UserFederationMapper.class, userFederationMapperRepresentation2.getFederationMapperType());
                int compareTo = providerFactory.getDisplayCategory().compareTo(providerFactory2.getDisplayCategory());
                if (compareTo != 0) {
                    return compareTo;
                }
                int compareTo2 = providerFactory.getDisplayType().compareTo(providerFactory2.getDisplayType());
                return compareTo2 != 0 ? compareTo2 : userFederationMapperRepresentation.getName().compareTo(userFederationMapperRepresentation2.getName());
            }
        });
        return linkedList;
    }

    @POST
    @Path("mappers")
    @Consumes({"application/json"})
    public Response addMapper(UserFederationMapperRepresentation userFederationMapperRepresentation) {
        this.auth.requireManage();
        UserFederationMapperModel model = RepresentationToModel.toModel(this.realm, userFederationMapperRepresentation);
        validateModel(model);
        UserFederationMapperModel addUserFederationMapper = this.realm.addUserFederationMapper(model);
        this.adminEvent.operation(OperationType.CREATE).resourcePath(this.uriInfo, addUserFederationMapper.getId()).representation(userFederationMapperRepresentation).success();
        return Response.created(this.uriInfo.getAbsolutePathBuilder().path(addUserFederationMapper.getId()).build(new Object[0])).build();
    }

    @GET
    @NoCache
    @Path("mappers/{id}")
    @Produces({"application/json"})
    public UserFederationMapperRepresentation getMapperById(@PathParam("id") String str) {
        this.auth.requireView();
        UserFederationMapperModel userFederationMapperById = this.realm.getUserFederationMapperById(str);
        if (userFederationMapperById == null) {
            throw new NotFoundException("Model not found");
        }
        return ModelToRepresentation.toRepresentation(this.realm, userFederationMapperById);
    }

    @NoCache
    @Path("mappers/{id}")
    @Consumes({"application/json"})
    @PUT
    public void update(@PathParam("id") String str, UserFederationMapperRepresentation userFederationMapperRepresentation) {
        this.auth.requireManage();
        if (this.realm.getUserFederationMapperById(str) == null) {
            throw new NotFoundException("Model not found");
        }
        UserFederationMapperModel model = RepresentationToModel.toModel(this.realm, userFederationMapperRepresentation);
        validateModel(model);
        this.realm.updateUserFederationMapper(model);
        this.adminEvent.operation(OperationType.UPDATE).resourcePath(this.uriInfo).representation(userFederationMapperRepresentation).success();
    }

    @NoCache
    @Path("mappers/{id}")
    @DELETE
    public void delete(@PathParam("id") String str) {
        this.auth.requireManage();
        UserFederationMapperModel userFederationMapperById = this.realm.getUserFederationMapperById(str);
        if (userFederationMapperById == null) {
            throw new NotFoundException("Model not found");
        }
        this.realm.removeUserFederationMapper(userFederationMapperById);
        this.adminEvent.operation(OperationType.DELETE).resourcePath(this.uriInfo).success();
    }

    @POST
    @Path("mappers/{id}/sync")
    @NoCache
    public UserFederationSyncResult syncMapperData(@PathParam("id") String str, @QueryParam("direction") String str2) {
        UserFederationSyncResult syncDataFromKeycloakToFederationProvider;
        this.auth.requireManage();
        UserFederationMapperModel userFederationMapperById = this.realm.getUserFederationMapperById(str);
        if (userFederationMapperById == null) {
            throw new NotFoundException("Mapper model not found");
        }
        UserFederationMapper provider = this.session.getProvider(UserFederationMapper.class, userFederationMapperById.getFederationMapperType());
        UserFederationProviderModel findUserFederationProviderById = KeycloakModelUtils.findUserFederationProviderById(userFederationMapperById.getFederationProviderId(), this.realm);
        if (findUserFederationProviderById == null) {
            throw new NotFoundException("Provider model not found");
        }
        UserFederationProvider userFederationProviderFactory = this.session.getKeycloakSessionFactory().getProviderFactory(UserFederationProvider.class, findUserFederationProviderById.getProviderName()).getInstance(this.session, findUserFederationProviderById);
        logger.infof("Syncing data for mapper '%s' of type '%s'. Direction: %s", userFederationMapperById.getName(), userFederationMapperById.getFederationMapperType(), str2);
        if ("fedToKeycloak".equals(str2)) {
            syncDataFromKeycloakToFederationProvider = provider.syncDataFromFederationProviderToKeycloak(userFederationMapperById, userFederationProviderFactory, this.session, this.realm);
        } else {
            if (!"keycloakToFed".equals(str2)) {
                throw new NotFoundException("Unknown direction: " + str2);
            }
            syncDataFromKeycloakToFederationProvider = provider.syncDataFromKeycloakToFederationProvider(userFederationMapperById, userFederationProviderFactory, this.session, this.realm);
        }
        this.adminEvent.operation(OperationType.ACTION).resourcePath(this.uriInfo).success();
        return syncDataFromKeycloakToFederationProvider;
    }

    private void validateModel(UserFederationMapperModel userFederationMapperModel) {
        try {
            this.session.getKeycloakSessionFactory().getProviderFactory(UserFederationMapper.class, userFederationMapperModel.getFederationMapperType()).validateConfig(this.realm, userFederationMapperModel);
        } catch (MapperConfigValidationException e) {
            throw new ErrorResponseException("Validation error", e.getMessage(), Response.Status.BAD_REQUEST);
        }
    }
}
