package org.keycloak.storage.datastore;

import java.io.IOException;
import java.io.InputStream;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import java.util.function.Function;
import java.util.stream.Collectors;
import org.jboss.logging.Logger;
import org.keycloak.common.Profile;
import org.keycloak.common.enums.SslRequired;
import org.keycloak.common.util.MultivaluedHashMap;
import org.keycloak.component.ComponentModel;
import org.keycloak.deployment.DeployedConfigurationsManager;
import org.keycloak.exportimport.ExportAdapter;
import org.keycloak.exportimport.ExportOptions;
import org.keycloak.exportimport.util.ExportUtils;
import org.keycloak.keys.KeyProvider;
import org.keycloak.migration.MigrationProvider;
import org.keycloak.migration.migrators.MigrateTo8_0_0;
import org.keycloak.migration.migrators.MigrationUtils;
import org.keycloak.models.AuthenticationExecutionModel;
import org.keycloak.models.AuthenticationFlowModel;
import org.keycloak.models.BrowserSecurityHeaders;
import org.keycloak.models.CibaConfig;
import org.keycloak.models.ClientModel;
import org.keycloak.models.ClientScopeModel;
import org.keycloak.models.FederatedIdentityModel;
import org.keycloak.models.GroupModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.ModelException;
import org.keycloak.models.OAuth2DeviceConfig;
import org.keycloak.models.OTPPolicy;
import org.keycloak.models.OrganizationModel;
import org.keycloak.models.PasswordPolicy;
import org.keycloak.models.RealmModel;
import org.keycloak.models.RequiredActionProviderModel;
import org.keycloak.models.RoleModel;
import org.keycloak.models.ScopeContainerModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.WebAuthnPolicy;
import org.keycloak.models.utils.ComponentUtil;
import org.keycloak.models.utils.DefaultAuthenticationFlows;
import org.keycloak.models.utils.DefaultKeyProviders;
import org.keycloak.models.utils.DefaultRequiredActions;
import org.keycloak.models.utils.KeycloakModelUtils;
import org.keycloak.models.utils.ModelToRepresentation;
import org.keycloak.models.utils.RepresentationToModel;
import org.keycloak.models.utils.StripSecretsUtils;
import org.keycloak.organization.OrganizationProvider;
import org.keycloak.organization.validation.OrganizationsValidation;
import org.keycloak.partialimport.PartialImportResults;
import org.keycloak.representations.idm.ApplicationRepresentation;
import org.keycloak.representations.idm.AuthenticationExecutionExportRepresentation;
import org.keycloak.representations.idm.AuthenticationFlowRepresentation;
import org.keycloak.representations.idm.AuthenticatorConfigRepresentation;
import org.keycloak.representations.idm.ClaimRepresentation;
import org.keycloak.representations.idm.ClientRepresentation;
import org.keycloak.representations.idm.ClientScopeRepresentation;
import org.keycloak.representations.idm.ClientTemplateRepresentation;
import org.keycloak.representations.idm.ComponentExportRepresentation;
import org.keycloak.representations.idm.CredentialRepresentation;
import org.keycloak.representations.idm.FederatedIdentityRepresentation;
import org.keycloak.representations.idm.GroupRepresentation;
import org.keycloak.representations.idm.IdentityProviderMapperRepresentation;
import org.keycloak.representations.idm.IdentityProviderRepresentation;
import org.keycloak.representations.idm.MemberRepresentation;
import org.keycloak.representations.idm.MembershipType;
import org.keycloak.representations.idm.OAuthClientRepresentation;
import org.keycloak.representations.idm.OrganizationRepresentation;
import org.keycloak.representations.idm.PartialImportRepresentation;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.representations.idm.RequiredActionProviderRepresentation;
import org.keycloak.representations.idm.RoleRepresentation;
import org.keycloak.representations.idm.ScopeMappingRepresentation;
import org.keycloak.representations.idm.SocialLinkRepresentation;
import org.keycloak.representations.idm.UserConsentRepresentation;
import org.keycloak.representations.idm.UserFederationMapperRepresentation;
import org.keycloak.representations.idm.UserFederationProviderRepresentation;
import org.keycloak.representations.idm.UserRepresentation;
import org.keycloak.storage.ExportImportManager;
import org.keycloak.storage.ImportRealmFromRepresentationEvent;
import org.keycloak.storage.PartialImportRealmFromRepresentationEvent;
import org.keycloak.storage.UserStoragePrivateUtil;
import org.keycloak.storage.UserStorageProvider;
import org.keycloak.storage.UserStorageProviderModel;
import org.keycloak.storage.UserStorageUtil;
import org.keycloak.storage.federated.UserFederatedStorageProvider;
import org.keycloak.util.JsonSerialization;
import org.keycloak.utils.StringUtil;
import org.keycloak.validation.ValidationUtil;

/* loaded from: input_file:org/keycloak/storage/datastore/DefaultExportImportManager.class */
public class DefaultExportImportManager implements ExportImportManager {
    private final KeycloakSession session;
    private static final Logger logger = Logger.getLogger(DefaultExportImportManager.class);

    public DefaultExportImportManager(KeycloakSession keycloakSession) {
        this.session = keycloakSession;
    }

    public void exportRealm(RealmModel realmModel, ExportOptions exportOptions, ExportAdapter exportAdapter) {
        exportAdapter.setType("application/json");
        exportAdapter.writeToOutputStream(outputStream -> {
            RealmRepresentation exportRealm = ExportUtils.exportRealm(this.session, realmModel, exportOptions, false);
            StripSecretsUtils.stripSecrets(this.session, exportRealm);
            JsonSerialization.writeValueToStream(outputStream, exportRealm);
            outputStream.close();
        });
    }

    public RealmModel importRealm(InputStream inputStream) {
        try {
            RealmRepresentation realmRepresentation = (RealmRepresentation) JsonSerialization.readValue(inputStream, RealmRepresentation.class);
            logger.debugv("importRealm: {0}", realmRepresentation.getRealm());
            return ImportRealmFromRepresentationEvent.fire(this.session, realmRepresentation);
        } catch (IOException e) {
            throw new ModelException("unable to read contents from stream", e);
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    public void importRealm(RealmRepresentation realmRepresentation, RealmModel realmModel, boolean z) {
        convertDeprecatedSocialProviders(realmRepresentation);
        convertDeprecatedApplications(this.session, realmRepresentation);
        convertDeprecatedClientTemplates(realmRepresentation);
        realmModel.setName(realmRepresentation.getRealm());
        if (realmRepresentation.getDisplayName() != null) {
            realmModel.setDisplayName(realmRepresentation.getDisplayName());
        }
        if (realmRepresentation.getDisplayNameHtml() != null) {
            realmModel.setDisplayNameHtml(realmRepresentation.getDisplayNameHtml());
        }
        if (realmRepresentation.isEnabled() != null) {
            realmModel.setEnabled(realmRepresentation.isEnabled().booleanValue());
        }
        if (realmRepresentation.isUserManagedAccessAllowed() != null) {
            realmModel.setUserManagedAccessAllowed(realmRepresentation.isUserManagedAccessAllowed().booleanValue());
        }
        if (realmRepresentation.isBruteForceProtected() != null) {
            realmModel.setBruteForceProtected(realmRepresentation.isBruteForceProtected().booleanValue());
        }
        if (realmRepresentation.isPermanentLockout() != null) {
            realmModel.setPermanentLockout(realmRepresentation.isPermanentLockout().booleanValue());
        }
        if (realmRepresentation.getMaxTemporaryLockouts() != null) {
            realmModel.setMaxTemporaryLockouts(realmRepresentation.getMaxTemporaryLockouts().intValue());
        }
        if (realmRepresentation.getBruteForceStrategy() != null) {
            realmModel.setBruteForceStrategy(realmRepresentation.getBruteForceStrategy());
        }
        if (realmRepresentation.getMaxFailureWaitSeconds() != null) {
            realmModel.setMaxFailureWaitSeconds(realmRepresentation.getMaxFailureWaitSeconds().intValue());
        }
        if (realmRepresentation.getMinimumQuickLoginWaitSeconds() != null) {
            realmModel.setMinimumQuickLoginWaitSeconds(realmRepresentation.getMinimumQuickLoginWaitSeconds().intValue());
        }
        if (realmRepresentation.getWaitIncrementSeconds() != null) {
            realmModel.setWaitIncrementSeconds(realmRepresentation.getWaitIncrementSeconds().intValue());
        }
        if (realmRepresentation.getQuickLoginCheckMilliSeconds() != null) {
            realmModel.setQuickLoginCheckMilliSeconds(realmRepresentation.getQuickLoginCheckMilliSeconds().longValue());
        }
        if (realmRepresentation.getMaxDeltaTimeSeconds() != null) {
            realmModel.setMaxDeltaTimeSeconds(realmRepresentation.getMaxDeltaTimeSeconds().intValue());
        }
        if (realmRepresentation.getFailureFactor() != null) {
            realmModel.setFailureFactor(realmRepresentation.getFailureFactor().intValue());
        }
        if (realmRepresentation.isEventsEnabled() != null) {
            realmModel.setEventsEnabled(realmRepresentation.isEventsEnabled().booleanValue());
        }
        if (realmRepresentation.getEnabledEventTypes() != null) {
            realmModel.setEnabledEventTypes(new HashSet(realmRepresentation.getEnabledEventTypes()));
        }
        if (realmRepresentation.getEventsExpiration() != null) {
            realmModel.setEventsExpiration(realmRepresentation.getEventsExpiration().longValue());
        }
        if (realmRepresentation.getEventsListeners() != null) {
            realmModel.setEventsListeners(new HashSet(realmRepresentation.getEventsListeners()));
        }
        if (realmRepresentation.isAdminEventsEnabled() != null) {
            realmModel.setAdminEventsEnabled(realmRepresentation.isAdminEventsEnabled().booleanValue());
        }
        if (realmRepresentation.isAdminEventsDetailsEnabled() != null) {
            realmModel.setAdminEventsDetailsEnabled(realmRepresentation.isAdminEventsDetailsEnabled().booleanValue());
        }
        if (realmRepresentation.getNotBefore() != null) {
            realmModel.setNotBefore(realmRepresentation.getNotBefore().intValue());
        }
        if (realmRepresentation.getDefaultSignatureAlgorithm() != null) {
            realmModel.setDefaultSignatureAlgorithm(realmRepresentation.getDefaultSignatureAlgorithm());
        } else {
            realmModel.setDefaultSignatureAlgorithm("RS256");
        }
        if (realmRepresentation.getRevokeRefreshToken() != null) {
            realmModel.setRevokeRefreshToken(realmRepresentation.getRevokeRefreshToken().booleanValue());
        } else {
            realmModel.setRevokeRefreshToken(false);
        }
        if (realmRepresentation.getRefreshTokenMaxReuse() != null) {
            realmModel.setRefreshTokenMaxReuse(realmRepresentation.getRefreshTokenMaxReuse().intValue());
        } else {
            realmModel.setRefreshTokenMaxReuse(0);
        }
        if (realmRepresentation.getAccessTokenLifespan() != null) {
            realmModel.setAccessTokenLifespan(realmRepresentation.getAccessTokenLifespan().intValue());
        } else {
            realmModel.setAccessTokenLifespan(300);
        }
        if (realmRepresentation.getAccessTokenLifespanForImplicitFlow() != null) {
            realmModel.setAccessTokenLifespanForImplicitFlow(realmRepresentation.getAccessTokenLifespanForImplicitFlow().intValue());
        } else {
            realmModel.setAccessTokenLifespanForImplicitFlow(900);
        }
        if (realmRepresentation.getSsoSessionIdleTimeout() != null) {
            realmModel.setSsoSessionIdleTimeout(realmRepresentation.getSsoSessionIdleTimeout().intValue());
        } else {
            realmModel.setSsoSessionIdleTimeout(1800);
        }
        if (realmRepresentation.getSsoSessionMaxLifespan() != null) {
            realmModel.setSsoSessionMaxLifespan(realmRepresentation.getSsoSessionMaxLifespan().intValue());
        } else {
            realmModel.setSsoSessionMaxLifespan(36000);
        }
        if (realmRepresentation.getSsoSessionMaxLifespanRememberMe() != null) {
            realmModel.setSsoSessionMaxLifespanRememberMe(realmRepresentation.getSsoSessionMaxLifespanRememberMe().intValue());
        }
        if (realmRepresentation.getSsoSessionIdleTimeoutRememberMe() != null) {
            realmModel.setSsoSessionIdleTimeoutRememberMe(realmRepresentation.getSsoSessionIdleTimeoutRememberMe().intValue());
        }
        if (realmRepresentation.getOfflineSessionIdleTimeout() != null) {
            realmModel.setOfflineSessionIdleTimeout(realmRepresentation.getOfflineSessionIdleTimeout().intValue());
        } else {
            realmModel.setOfflineSessionIdleTimeout(2592000);
        }
        if (realmRepresentation.getOfflineSessionMaxLifespanEnabled() != null) {
            realmModel.setOfflineSessionMaxLifespanEnabled(realmRepresentation.getOfflineSessionMaxLifespanEnabled().booleanValue());
        } else {
            realmModel.setOfflineSessionMaxLifespanEnabled(false);
        }
        if (realmRepresentation.getOfflineSessionMaxLifespan() != null) {
            realmModel.setOfflineSessionMaxLifespan(realmRepresentation.getOfflineSessionMaxLifespan().intValue());
        } else {
            realmModel.setOfflineSessionMaxLifespan(5184000);
        }
        if (realmRepresentation.getClientSessionIdleTimeout() != null) {
            realmModel.setClientSessionIdleTimeout(realmRepresentation.getClientSessionIdleTimeout().intValue());
        }
        if (realmRepresentation.getClientSessionMaxLifespan() != null) {
            realmModel.setClientSessionMaxLifespan(realmRepresentation.getClientSessionMaxLifespan().intValue());
        }
        if (realmRepresentation.getClientOfflineSessionIdleTimeout() != null) {
            realmModel.setClientOfflineSessionIdleTimeout(realmRepresentation.getClientOfflineSessionIdleTimeout().intValue());
        }
        if (realmRepresentation.getClientOfflineSessionMaxLifespan() != null) {
            realmModel.setClientOfflineSessionMaxLifespan(realmRepresentation.getClientOfflineSessionMaxLifespan().intValue());
        }
        if (realmRepresentation.getAccessCodeLifespan() != null) {
            realmModel.setAccessCodeLifespan(realmRepresentation.getAccessCodeLifespan().intValue());
        } else {
            realmModel.setAccessCodeLifespan(60);
        }
        if (realmRepresentation.getAccessCodeLifespanUserAction() != null) {
            realmModel.setAccessCodeLifespanUserAction(realmRepresentation.getAccessCodeLifespanUserAction().intValue());
        } else {
            realmModel.setAccessCodeLifespanUserAction(300);
        }
        if (realmRepresentation.getAccessCodeLifespanLogin() != null) {
            realmModel.setAccessCodeLifespanLogin(realmRepresentation.getAccessCodeLifespanLogin().intValue());
        } else {
            realmModel.setAccessCodeLifespanLogin(1800);
        }
        if (realmRepresentation.getActionTokenGeneratedByAdminLifespan() != null) {
            realmModel.setActionTokenGeneratedByAdminLifespan(realmRepresentation.getActionTokenGeneratedByAdminLifespan().intValue());
        } else {
            realmModel.setActionTokenGeneratedByAdminLifespan(43200);
        }
        if (realmRepresentation.getActionTokenGeneratedByUserLifespan() != null) {
            realmModel.setActionTokenGeneratedByUserLifespan(realmRepresentation.getActionTokenGeneratedByUserLifespan().intValue());
        } else {
            realmModel.setActionTokenGeneratedByUserLifespan(realmModel.getAccessCodeLifespanUserAction());
        }
        OAuth2DeviceConfig oAuth2DeviceConfig = realmModel.getOAuth2DeviceConfig();
        oAuth2DeviceConfig.setOAuth2DeviceCodeLifespan(realmModel, realmRepresentation.getOAuth2DeviceCodeLifespan());
        oAuth2DeviceConfig.setOAuth2DevicePollingInterval(realmModel, realmRepresentation.getOAuth2DevicePollingInterval());
        if (realmRepresentation.getSslRequired() != null) {
            realmModel.setSslRequired(SslRequired.valueOf(realmRepresentation.getSslRequired().toUpperCase()));
        }
        if (realmRepresentation.isRegistrationAllowed() != null) {
            realmModel.setRegistrationAllowed(realmRepresentation.isRegistrationAllowed().booleanValue());
        }
        if (realmRepresentation.isRegistrationEmailAsUsername() != null) {
            realmModel.setRegistrationEmailAsUsername(realmRepresentation.isRegistrationEmailAsUsername().booleanValue());
        }
        if (realmRepresentation.isRememberMe() != null) {
            realmModel.setRememberMe(realmRepresentation.isRememberMe().booleanValue());
        }
        if (realmRepresentation.isVerifyEmail() != null) {
            realmModel.setVerifyEmail(realmRepresentation.isVerifyEmail().booleanValue());
        }
        if (realmRepresentation.isLoginWithEmailAllowed() != null) {
            realmModel.setLoginWithEmailAllowed(realmRepresentation.isLoginWithEmailAllowed().booleanValue());
        }
        if (realmRepresentation.isDuplicateEmailsAllowed() != null) {
            realmModel.setDuplicateEmailsAllowed(realmRepresentation.isDuplicateEmailsAllowed().booleanValue());
        }
        if (realmRepresentation.isResetPasswordAllowed() != null) {
            realmModel.setResetPasswordAllowed(realmRepresentation.isResetPasswordAllowed().booleanValue());
        }
        if (realmRepresentation.isEditUsernameAllowed() != null) {
            realmModel.setEditUsernameAllowed(realmRepresentation.isEditUsernameAllowed().booleanValue());
        }
        if (realmRepresentation.isOrganizationsEnabled() != null) {
            realmModel.setOrganizationsEnabled(realmRepresentation.isOrganizationsEnabled().booleanValue());
        }
        if (realmRepresentation.getLoginTheme() != null) {
            realmModel.setLoginTheme(realmRepresentation.getLoginTheme());
        }
        if (realmRepresentation.getAccountTheme() != null) {
            realmModel.setAccountTheme(realmRepresentation.getAccountTheme());
        }
        if (realmRepresentation.getAdminTheme() != null) {
            realmModel.setAdminTheme(realmRepresentation.getAdminTheme());
        }
        if (realmRepresentation.getEmailTheme() != null) {
            realmModel.setEmailTheme(realmRepresentation.getEmailTheme());
        }
        if (realmRepresentation.getLocalizationTexts() != null) {
            for (Map.Entry entry : realmRepresentation.getLocalizationTexts().entrySet()) {
                realmModel.createOrUpdateRealmLocalizationTexts((String) entry.getKey(), (Map) entry.getValue());
            }
        }
        if (realmRepresentation.getRequiredCredentials() != null) {
            Iterator it = realmRepresentation.getRequiredCredentials().iterator();
            while (it.hasNext()) {
                realmModel.addRequiredCredential((String) it.next());
            }
        } else {
            realmModel.addRequiredCredential("password");
        }
        if (realmRepresentation.getPasswordPolicy() != null) {
            realmModel.setPasswordPolicy(PasswordPolicy.parse(this.session, realmRepresentation.getPasswordPolicy()));
        }
        if (realmRepresentation.getOtpPolicyType() != null) {
            realmModel.setOTPPolicy(toPolicy(realmRepresentation));
        } else {
            realmModel.setOTPPolicy(OTPPolicy.DEFAULT_POLICY);
        }
        realmModel.setWebAuthnPolicy(getWebAuthnPolicyTwoFactor(realmRepresentation));
        realmModel.setWebAuthnPolicyPasswordless(getWebAuthnPolicyPasswordless(realmRepresentation));
        updateCibaSettings(realmRepresentation, realmModel);
        updateParSettings(realmRepresentation, realmModel);
        Map<String, String> importAuthenticationFlows = importAuthenticationFlows(this.session, realmModel, realmRepresentation);
        if (realmRepresentation.getRequiredActions() != null) {
            Iterator it2 = realmRepresentation.getRequiredActions().iterator();
            while (it2.hasNext()) {
                RequiredActionProviderModel model = toModel((RequiredActionProviderRepresentation) it2.next());
                MigrationUtils.updateOTPRequiredAction(model);
                realmModel.addRequiredActionProvider(model);
            }
            DefaultRequiredActions.addDeleteAccountAction(realmModel);
        } else {
            DefaultRequiredActions.addActions(realmModel);
        }
        importIdentityProviders(realmRepresentation, realmModel, this.session);
        importIdentityProviderMappers(realmRepresentation, this.session);
        Map hashMap = new HashMap();
        if (realmRepresentation.getClientScopes() != null) {
            hashMap = createClientScopes(this.session, realmRepresentation.getClientScopes(), realmModel);
        }
        if (realmRepresentation.getDefaultDefaultClientScopes() != null) {
            for (Object obj : realmRepresentation.getDefaultDefaultClientScopes()) {
                ClientScopeModel clientScopeModel = (ClientScopeModel) hashMap.get(obj);
                if (clientScopeModel != null) {
                    realmModel.addDefaultClientScope(clientScopeModel, true);
                } else {
                    logger.warnf("Referenced client scope '%s' doesn't exist", obj);
                }
            }
        }
        if (realmRepresentation.getDefaultOptionalClientScopes() != null) {
            for (Object obj2 : realmRepresentation.getDefaultOptionalClientScopes()) {
                ClientScopeModel clientScopeModel2 = (ClientScopeModel) hashMap.get(obj2);
                if (clientScopeModel2 != null) {
                    realmModel.addDefaultClientScope(clientScopeModel2, false);
                } else {
                    logger.warnf("Referenced client scope '%s' doesn't exist", obj2);
                }
            }
        }
        if (realmRepresentation.getAttributes() != null) {
            for (Map.Entry entry2 : realmRepresentation.getAttributes().entrySet()) {
                realmModel.setAttribute((String) entry2.getKey(), (String) entry2.getValue());
            }
        }
        Map hashMap2 = new HashMap();
        if (realmRepresentation.getClients() != null) {
            hashMap2 = createClients(this.session, realmRepresentation, realmModel, importAuthenticationFlows);
        }
        RepresentationToModel.importRoles(realmRepresentation.getRoles(), realmModel);
        convertDeprecatedDefaultRoles(realmRepresentation, realmModel);
        if (realmRepresentation.getClientScopeMappings() != null) {
            for (Map.Entry entry3 : realmRepresentation.getClientScopeMappings().entrySet()) {
                ClientModel clientModel = (ClientModel) hashMap2.computeIfAbsent((String) entry3.getKey(), str -> {
                    return realmModel.getClientByClientId((String) entry3.getKey());
                });
                if (clientModel == null) {
                    throw new RuntimeException("Unable to find client role mappings for client: " + ((String) entry3.getKey()));
                }
                createClientScopeMappings(realmModel, clientModel, (List) entry3.getValue());
            }
        }
        if (realmRepresentation.getScopeMappings() != null) {
            Map map = (Map) realmModel.getRolesStream().collect(Collectors.toMap((v0) -> {
                return v0.getId();
            }, Function.identity()));
            for (ScopeMappingRepresentation scopeMappingRepresentation : realmRepresentation.getScopeMappings()) {
                ScopeContainerModel scopeContainerHavingScope = getScopeContainerHavingScope(realmModel, scopeMappingRepresentation);
                for (String str2 : scopeMappingRepresentation.getRoles()) {
                    String trim = str2.trim();
                    RoleModel roleModel = (RoleModel) map.computeIfAbsent(trim, str3 -> {
                        return realmModel.getRole(trim);
                    });
                    if (roleModel == null) {
                        roleModel = realmModel.addRole(str2);
                        map.put(roleModel.getId(), roleModel);
                    }
                    scopeContainerHavingScope.addScopeMapping(roleModel);
                }
            }
        }
        if (realmRepresentation.getSmtpServer() != null) {
            realmModel.setSmtpConfig(new HashMap(realmRepresentation.getSmtpServer()));
        }
        if (realmRepresentation.getBrowserSecurityHeaders() != null) {
            realmModel.setBrowserSecurityHeaders(realmRepresentation.getBrowserSecurityHeaders());
        } else {
            realmModel.setBrowserSecurityHeaders(BrowserSecurityHeaders.realmDefaultHeaders);
        }
        if (realmRepresentation.getGroups() != null) {
            importGroups(realmModel, realmRepresentation);
            if (realmRepresentation.getDefaultGroups() != null) {
                KeycloakModelUtils.setDefaultGroups(this.session, realmModel, realmRepresentation.getDefaultGroups().stream());
            }
        }
        if (realmRepresentation.getComponents() != null) {
            importComponents(realmModel, realmRepresentation.getComponents(), realmModel.getId());
        }
        importUserFederationProvidersAndMappers(this.session, realmRepresentation, realmModel);
        if (realmRepresentation.getUsers() != null) {
            Iterator it3 = realmRepresentation.getUsers().iterator();
            while (it3.hasNext()) {
                createUser(realmModel, (UserRepresentation) it3.next());
            }
        }
        if (realmRepresentation.getFederatedUsers() != null) {
            Iterator it4 = realmRepresentation.getFederatedUsers().iterator();
            while (it4.hasNext()) {
                importFederatedUser(this.session, realmModel, (UserRepresentation) it4.next());
            }
        }
        if (!z) {
            importRealmAuthorizationSettings(realmRepresentation, realmModel, this.session);
        }
        if (realmRepresentation.isInternationalizationEnabled() != null) {
            realmModel.setInternationalizationEnabled(realmRepresentation.isInternationalizationEnabled().booleanValue());
        }
        if (realmRepresentation.getSupportedLocales() != null) {
            realmModel.setSupportedLocales(new HashSet(realmRepresentation.getSupportedLocales()));
        }
        if (realmRepresentation.getDefaultLocale() != null) {
            realmModel.setDefaultLocale(realmRepresentation.getDefaultLocale());
        }
        if (realmModel.getComponentsStream(realmModel.getId(), KeyProvider.class.getName()).count() == 0) {
            if (realmRepresentation.getPrivateKey() != null) {
                DefaultKeyProviders.createProviders(realmModel, realmRepresentation.getPrivateKey(), realmRepresentation.getCertificate());
            } else {
                DefaultKeyProviders.createProviders(realmModel);
            }
        }
        importOrganizations(realmRepresentation, realmModel);
    }

    public PartialImportResults partialImportRealm(RealmModel realmModel, InputStream inputStream) {
        try {
            return PartialImportRealmFromRepresentationEvent.fire(this.session, (PartialImportRepresentation) JsonSerialization.readValue(inputStream, PartialImportRepresentation.class), realmModel);
        } catch (IOException e) {
            throw new ModelException("unable to read contents from stream", e);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static RoleModel getOrAddRealmRole(RealmModel realmModel, String str) {
        RoleModel role = realmModel.getRole(str);
        if (role == null) {
            role = realmModel.addRole(str);
        }
        return role;
    }

    private static void convertDeprecatedDefaultRoles(RealmRepresentation realmRepresentation, RealmModel realmModel) {
        if (realmRepresentation.getDefaultRole() == null) {
            if (realmRepresentation.getDefaultRoles() != null) {
                realmRepresentation.getDefaultRoles().stream().map((v0) -> {
                    return v0.trim();
                }).map(str -> {
                    return getOrAddRealmRole(realmModel, str);
                }).forEach(roleModel -> {
                    realmModel.getDefaultRole().addCompositeRole(roleModel);
                });
            }
            if (realmRepresentation.getClients() != null) {
                for (ClientRepresentation clientRepresentation : realmRepresentation.getClients()) {
                    if (clientRepresentation.getDefaultRoles() != null) {
                        Arrays.stream(clientRepresentation.getDefaultRoles()).map((v0) -> {
                            return v0.trim();
                        }).map(str2 -> {
                            return getOrAddClientRole(realmModel.getClientById(clientRepresentation.getId()), str2);
                        }).forEach(roleModel2 -> {
                            realmModel.getDefaultRole().addCompositeRole(roleModel2);
                        });
                    }
                }
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static RoleModel getOrAddClientRole(ClientModel clientModel, String str) {
        RoleModel role = clientModel.getRole(str);
        if (role == null) {
            role = clientModel.addRole(str);
        }
        return role;
    }

    private static Map<String, ClientModel> createClients(KeycloakSession keycloakSession, RealmRepresentation realmRepresentation, RealmModel realmModel, Map<String, String> map) {
        HashMap hashMap = new HashMap();
        Iterator it = realmRepresentation.getClients().iterator();
        while (it.hasNext()) {
            ClientModel createClient = RepresentationToModel.createClient(keycloakSession, realmModel, (ClientRepresentation) it.next(), map);
            if (createClient.getAttribute("post.logout.redirect.uris") == null) {
                createClient.setAttribute("post.logout.redirect.uris", "+");
            }
            hashMap.put(createClient.getClientId(), createClient);
            ValidationUtil.validateClient(keycloakSession, createClient, false, validationResult -> {
                throw new RuntimeException("Invalid client " + createClient.getClientId() + ": " + validationResult.getAllErrorsAsString());
            });
        }
        return hashMap;
    }

    private static Map<String, ClientScopeModel> createClientScopes(KeycloakSession keycloakSession, List<ClientScopeRepresentation> list, RealmModel realmModel) {
        HashMap hashMap = new HashMap();
        Iterator<ClientScopeRepresentation> it = list.iterator();
        while (it.hasNext()) {
            ClientScopeModel createClientScope = RepresentationToModel.createClientScope(keycloakSession, realmModel, it.next());
            hashMap.put(createClientScope.getName(), createClientScope);
        }
        return hashMap;
    }

    private static void importIdentityProviders(RealmRepresentation realmRepresentation, RealmModel realmModel, KeycloakSession keycloakSession) {
        if (realmRepresentation.getIdentityProviders() != null) {
            Iterator it = realmRepresentation.getIdentityProviders().iterator();
            while (it.hasNext()) {
                keycloakSession.identityProviders().create(RepresentationToModel.toModel(realmModel, (IdentityProviderRepresentation) it.next(), keycloakSession));
            }
        }
    }

    private static void importIdentityProviderMappers(RealmRepresentation realmRepresentation, KeycloakSession keycloakSession) {
        if (realmRepresentation.getIdentityProviderMappers() != null) {
            Iterator it = realmRepresentation.getIdentityProviderMappers().iterator();
            while (it.hasNext()) {
                keycloakSession.identityProviders().createMapper(RepresentationToModel.toModel((IdentityProviderMapperRepresentation) it.next()));
            }
        }
    }

    public static long getClaimsMask(ClaimRepresentation claimRepresentation) {
        long j = claimRepresentation.getAddress() ? 1023 | 256 : 1023 & (-257);
        long j2 = claimRepresentation.getEmail() ? j | 32 : j & (-33);
        long j3 = claimRepresentation.getGender() ? j2 | 64 : j2 & (-65);
        long j4 = claimRepresentation.getLocale() ? j3 | 128 : j3 & (-129);
        long j5 = claimRepresentation.getName() ? j4 | 1 : j4 & (-2);
        long j6 = claimRepresentation.getPhone() ? j5 | 512 : j5 & (-513);
        long j7 = claimRepresentation.getPicture() ? j6 | 8 : j6 & (-9);
        long j8 = claimRepresentation.getProfile() ? j7 | 4 : j7 & (-5);
        long j9 = claimRepresentation.getUsername() ? j8 | 2 : j8 & (-3);
        return claimRepresentation.getWebsite() ? j9 | 16 : j9 & (-17);
    }

    public static void createClientScopeMappings(RealmModel realmModel, ClientModel clientModel, List<ScopeMappingRepresentation> list) {
        for (ScopeMappingRepresentation scopeMappingRepresentation : list) {
            ScopeContainerModel scopeContainerHavingScope = getScopeContainerHavingScope(realmModel, scopeMappingRepresentation);
            for (String str : scopeMappingRepresentation.getRoles()) {
                RoleModel role = clientModel.getRole(str.trim());
                if (role == null) {
                    role = clientModel.addRole(str.trim());
                }
                scopeContainerHavingScope.addScopeMapping(role);
            }
        }
    }

    private static ScopeContainerModel getScopeContainerHavingScope(RealmModel realmModel, ScopeMappingRepresentation scopeMappingRepresentation) {
        if (scopeMappingRepresentation.getClient() != null) {
            ClientModel clientByClientId = realmModel.getClientByClientId(scopeMappingRepresentation.getClient());
            if (clientByClientId == null) {
                throw new RuntimeException("Unknown client specification in scope mappings: " + scopeMappingRepresentation.getClient());
            }
            return clientByClientId;
        }
        if (scopeMappingRepresentation.getClientScope() != null) {
            ClientScopeModel clientScopeByName = KeycloakModelUtils.getClientScopeByName(realmModel, scopeMappingRepresentation.getClientScope());
            if (clientScopeByName == null) {
                throw new RuntimeException("Unknown clientScope specification in scope mappings: " + scopeMappingRepresentation.getClientScope());
            }
            return clientScopeByName;
        }
        if (scopeMappingRepresentation.getClientTemplate() == null) {
            throw new RuntimeException("Either client or clientScope needs to be specified in scope mappings");
        }
        String convertClientScopeName = KeycloakModelUtils.convertClientScopeName(scopeMappingRepresentation.getClientTemplate());
        ClientScopeModel clientScopeByName2 = KeycloakModelUtils.getClientScopeByName(realmModel, convertClientScopeName);
        if (clientScopeByName2 == null) {
            throw new RuntimeException("Unknown clientScope specification in scope mappings: " + convertClientScopeName);
        }
        return clientScopeByName2;
    }

    public static void renameRealm(RealmModel realmModel, String str) {
        if (str.equals(realmModel.getName())) {
            return;
        }
        if (StringUtil.isBlank(str)) {
            throw new ModelException("Realm name cannot be empty");
        }
        String name = realmModel.getName();
        realmModel.getMasterAdminClient().setClientId(KeycloakModelUtils.getMasterRealmAdminApplicationClientId(str));
        realmModel.setName(str);
        ClientModel clientByClientId = realmModel.getClientByClientId("security-admin-console");
        if (clientByClientId != null) {
            if (clientByClientId.getBaseUrl() != null) {
                clientByClientId.setBaseUrl(clientByClientId.getBaseUrl().replace("/admin/" + name + "/", "/admin/" + str + "/"));
            }
            HashSet hashSet = new HashSet();
            Iterator it = clientByClientId.getRedirectUris().iterator();
            while (it.hasNext()) {
                hashSet.add(replace((String) it.next(), "/admin/" + name + "/", "/admin/" + str + "/"));
            }
            clientByClientId.setRedirectUris(hashSet);
        }
        ClientModel clientByClientId2 = realmModel.getClientByClientId("account");
        if (clientByClientId2 != null) {
            if (clientByClientId2.getBaseUrl() != null) {
                clientByClientId2.setBaseUrl(clientByClientId2.getBaseUrl().replace("/realms/" + name + "/", "/realms/" + str + "/"));
            }
            HashSet hashSet2 = new HashSet();
            Iterator it2 = clientByClientId2.getRedirectUris().iterator();
            while (it2.hasNext()) {
                hashSet2.add(replace((String) it2.next(), "/realms/" + name + "/", "/realms/" + str + "/"));
            }
            clientByClientId2.setRedirectUris(hashSet2);
        }
        ClientModel clientByClientId3 = realmModel.getClientByClientId("account-console");
        if (clientByClientId3 != null) {
            if (clientByClientId3.getBaseUrl() != null) {
                clientByClientId3.setBaseUrl(clientByClientId3.getBaseUrl().replace("/realms/" + name + "/", "/realms/" + str + "/"));
            }
            HashSet hashSet3 = new HashSet();
            Iterator it3 = clientByClientId3.getRedirectUris().iterator();
            while (it3.hasNext()) {
                hashSet3.add(replace((String) it3.next(), "/realms/" + name + "/", "/realms/" + str + "/"));
            }
            clientByClientId3.setRedirectUris(hashSet3);
        }
    }

    private static String replace(String str, String str2, String str3) {
        if (str != null) {
            return str.replace(str2, str3);
        }
        return null;
    }

    public void updateRealm(RealmRepresentation realmRepresentation, RealmModel realmModel) {
        if (realmRepresentation.getRealm() != null) {
            renameRealm(realmModel, realmRepresentation.getRealm());
        }
        if (realmRepresentation.getAttributes() != null) {
            HashSet hashSet = new HashSet(realmModel.getAttributes().keySet());
            hashSet.removeAll(realmRepresentation.getAttributes().keySet());
            hashSet.removeAll(ModelToRepresentation.REALM_EXCLUDED_ATTRIBUTES);
            for (Map.Entry entry : realmRepresentation.getAttributes().entrySet()) {
                realmModel.setAttribute((String) entry.getKey(), (String) entry.getValue());
            }
            Iterator it = hashSet.iterator();
            while (it.hasNext()) {
                realmModel.removeAttribute((String) it.next());
            }
        }
        if (realmRepresentation.getDefaultGroups() != null) {
            KeycloakModelUtils.setDefaultGroups(this.session, realmModel, realmRepresentation.getDefaultGroups().stream());
        }
        if (realmRepresentation.getDisplayName() != null) {
            realmModel.setDisplayName(realmRepresentation.getDisplayName());
        }
        if (realmRepresentation.getDisplayNameHtml() != null) {
            realmModel.setDisplayNameHtml(realmRepresentation.getDisplayNameHtml());
        }
        if (realmRepresentation.isEnabled() != null) {
            realmModel.setEnabled(realmRepresentation.isEnabled().booleanValue());
        }
        if (realmRepresentation.isUserManagedAccessAllowed() != null) {
            realmModel.setUserManagedAccessAllowed(realmRepresentation.isUserManagedAccessAllowed().booleanValue());
        }
        if (realmRepresentation.isBruteForceProtected() != null) {
            realmModel.setBruteForceProtected(realmRepresentation.isBruteForceProtected().booleanValue());
        }
        if (realmRepresentation.isPermanentLockout() != null) {
            realmModel.setPermanentLockout(realmRepresentation.isPermanentLockout().booleanValue());
        }
        if (realmRepresentation.getMaxTemporaryLockouts() != null) {
            realmModel.setMaxTemporaryLockouts(realmRepresentation.getMaxTemporaryLockouts().intValue());
        }
        if (realmRepresentation.getBruteForceStrategy() != null) {
            realmModel.setBruteForceStrategy(realmRepresentation.getBruteForceStrategy());
        }
        if (realmRepresentation.getMaxFailureWaitSeconds() != null) {
            realmModel.setMaxFailureWaitSeconds(realmRepresentation.getMaxFailureWaitSeconds().intValue());
        }
        if (realmRepresentation.getMinimumQuickLoginWaitSeconds() != null) {
            realmModel.setMinimumQuickLoginWaitSeconds(realmRepresentation.getMinimumQuickLoginWaitSeconds().intValue());
        }
        if (realmRepresentation.getWaitIncrementSeconds() != null) {
            realmModel.setWaitIncrementSeconds(realmRepresentation.getWaitIncrementSeconds().intValue());
        }
        if (realmRepresentation.getQuickLoginCheckMilliSeconds() != null) {
            realmModel.setQuickLoginCheckMilliSeconds(realmRepresentation.getQuickLoginCheckMilliSeconds().longValue());
        }
        if (realmRepresentation.getMaxDeltaTimeSeconds() != null) {
            realmModel.setMaxDeltaTimeSeconds(realmRepresentation.getMaxDeltaTimeSeconds().intValue());
        }
        if (realmRepresentation.getFailureFactor() != null) {
            realmModel.setFailureFactor(realmRepresentation.getFailureFactor().intValue());
        }
        if (realmRepresentation.isRegistrationAllowed() != null) {
            realmModel.setRegistrationAllowed(realmRepresentation.isRegistrationAllowed().booleanValue());
        }
        if (realmRepresentation.isRegistrationEmailAsUsername() != null) {
            realmModel.setRegistrationEmailAsUsername(realmRepresentation.isRegistrationEmailAsUsername().booleanValue());
        }
        if (realmRepresentation.isRememberMe() != null) {
            realmModel.setRememberMe(realmRepresentation.isRememberMe().booleanValue());
        }
        if (realmRepresentation.isVerifyEmail() != null) {
            realmModel.setVerifyEmail(realmRepresentation.isVerifyEmail().booleanValue());
        }
        if (realmRepresentation.isLoginWithEmailAllowed() != null) {
            realmModel.setLoginWithEmailAllowed(realmRepresentation.isLoginWithEmailAllowed().booleanValue());
        }
        if (realmRepresentation.isDuplicateEmailsAllowed() != null) {
            realmModel.setDuplicateEmailsAllowed(realmRepresentation.isDuplicateEmailsAllowed().booleanValue());
        }
        if (realmRepresentation.isResetPasswordAllowed() != null) {
            realmModel.setResetPasswordAllowed(realmRepresentation.isResetPasswordAllowed().booleanValue());
        }
        if (realmRepresentation.isEditUsernameAllowed() != null) {
            realmModel.setEditUsernameAllowed(realmRepresentation.isEditUsernameAllowed().booleanValue());
        }
        if (realmRepresentation.isOrganizationsEnabled() != null) {
            realmModel.setOrganizationsEnabled(realmRepresentation.isOrganizationsEnabled().booleanValue());
        }
        if (realmRepresentation.getSslRequired() != null) {
            realmModel.setSslRequired(SslRequired.valueOf(realmRepresentation.getSslRequired().toUpperCase()));
        }
        if (realmRepresentation.getAccessCodeLifespan() != null) {
            realmModel.setAccessCodeLifespan(realmRepresentation.getAccessCodeLifespan().intValue());
        }
        if (realmRepresentation.getAccessCodeLifespanUserAction() != null) {
            realmModel.setAccessCodeLifespanUserAction(realmRepresentation.getAccessCodeLifespanUserAction().intValue());
        }
        if (realmRepresentation.getAccessCodeLifespanLogin() != null) {
            realmModel.setAccessCodeLifespanLogin(realmRepresentation.getAccessCodeLifespanLogin().intValue());
        }
        if (realmRepresentation.getActionTokenGeneratedByAdminLifespan() != null) {
            realmModel.setActionTokenGeneratedByAdminLifespan(realmRepresentation.getActionTokenGeneratedByAdminLifespan().intValue());
        }
        if (realmRepresentation.getActionTokenGeneratedByUserLifespan() != null) {
            realmModel.setActionTokenGeneratedByUserLifespan(realmRepresentation.getActionTokenGeneratedByUserLifespan().intValue());
        }
        OAuth2DeviceConfig oAuth2DeviceConfig = realmModel.getOAuth2DeviceConfig();
        oAuth2DeviceConfig.setOAuth2DeviceCodeLifespan(realmModel, realmRepresentation.getOAuth2DeviceCodeLifespan());
        oAuth2DeviceConfig.setOAuth2DevicePollingInterval(realmModel, realmRepresentation.getOAuth2DevicePollingInterval());
        if (realmRepresentation.getNotBefore() != null) {
            realmModel.setNotBefore(realmRepresentation.getNotBefore().intValue());
        }
        if (realmRepresentation.getDefaultSignatureAlgorithm() != null) {
            realmModel.setDefaultSignatureAlgorithm(realmRepresentation.getDefaultSignatureAlgorithm());
        }
        if (realmRepresentation.getRevokeRefreshToken() != null) {
            realmModel.setRevokeRefreshToken(realmRepresentation.getRevokeRefreshToken().booleanValue());
        }
        if (realmRepresentation.getRefreshTokenMaxReuse() != null) {
            realmModel.setRefreshTokenMaxReuse(realmRepresentation.getRefreshTokenMaxReuse().intValue());
        }
        if (realmRepresentation.getAccessTokenLifespan() != null) {
            realmModel.setAccessTokenLifespan(realmRepresentation.getAccessTokenLifespan().intValue());
        }
        if (realmRepresentation.getAccessTokenLifespanForImplicitFlow() != null) {
            realmModel.setAccessTokenLifespanForImplicitFlow(realmRepresentation.getAccessTokenLifespanForImplicitFlow().intValue());
        }
        if (realmRepresentation.getSsoSessionIdleTimeout() != null) {
            realmModel.setSsoSessionIdleTimeout(realmRepresentation.getSsoSessionIdleTimeout().intValue());
        }
        if (realmRepresentation.getSsoSessionMaxLifespan() != null) {
            realmModel.setSsoSessionMaxLifespan(realmRepresentation.getSsoSessionMaxLifespan().intValue());
        }
        if (realmRepresentation.getSsoSessionIdleTimeoutRememberMe() != null) {
            realmModel.setSsoSessionIdleTimeoutRememberMe(realmRepresentation.getSsoSessionIdleTimeoutRememberMe().intValue());
        }
        if (realmRepresentation.getSsoSessionMaxLifespanRememberMe() != null) {
            realmModel.setSsoSessionMaxLifespanRememberMe(realmRepresentation.getSsoSessionMaxLifespanRememberMe().intValue());
        }
        if (realmRepresentation.getOfflineSessionIdleTimeout() != null) {
            realmModel.setOfflineSessionIdleTimeout(realmRepresentation.getOfflineSessionIdleTimeout().intValue());
        }
        if (realmRepresentation.getOfflineSessionMaxLifespanEnabled() != null) {
            realmModel.setOfflineSessionMaxLifespanEnabled(realmRepresentation.getOfflineSessionMaxLifespanEnabled().booleanValue());
        }
        if (realmRepresentation.getOfflineSessionMaxLifespan() != null) {
            realmModel.setOfflineSessionMaxLifespan(realmRepresentation.getOfflineSessionMaxLifespan().intValue());
        }
        if (realmRepresentation.getClientSessionIdleTimeout() != null) {
            realmModel.setClientSessionIdleTimeout(realmRepresentation.getClientSessionIdleTimeout().intValue());
        }
        if (realmRepresentation.getClientSessionMaxLifespan() != null) {
            realmModel.setClientSessionMaxLifespan(realmRepresentation.getClientSessionMaxLifespan().intValue());
        }
        if (realmRepresentation.getClientOfflineSessionIdleTimeout() != null) {
            realmModel.setClientOfflineSessionIdleTimeout(realmRepresentation.getClientOfflineSessionIdleTimeout().intValue());
        }
        if (realmRepresentation.getClientOfflineSessionMaxLifespan() != null) {
            realmModel.setClientOfflineSessionMaxLifespan(realmRepresentation.getClientOfflineSessionMaxLifespan().intValue());
        }
        if (realmRepresentation.getRequiredCredentials() != null) {
            realmModel.updateRequiredCredentials(realmRepresentation.getRequiredCredentials());
        }
        if (realmRepresentation.getLoginTheme() != null) {
            realmModel.setLoginTheme(realmRepresentation.getLoginTheme());
        }
        if (realmRepresentation.getAccountTheme() != null) {
            realmModel.setAccountTheme(realmRepresentation.getAccountTheme());
        }
        if (realmRepresentation.getAdminTheme() != null) {
            realmModel.setAdminTheme(realmRepresentation.getAdminTheme());
        }
        if (realmRepresentation.getEmailTheme() != null) {
            realmModel.setEmailTheme(realmRepresentation.getEmailTheme());
        }
        if (realmRepresentation.isEventsEnabled() != null) {
            realmModel.setEventsEnabled(realmRepresentation.isEventsEnabled().booleanValue());
        }
        if (realmRepresentation.getEventsExpiration() != null) {
            realmModel.setEventsExpiration(realmRepresentation.getEventsExpiration().longValue());
        }
        if (realmRepresentation.getEventsListeners() != null) {
            realmModel.setEventsListeners(new HashSet(realmRepresentation.getEventsListeners()));
        }
        if (realmRepresentation.getEnabledEventTypes() != null) {
            realmModel.setEnabledEventTypes(new HashSet(realmRepresentation.getEnabledEventTypes()));
        }
        if (realmRepresentation.isAdminEventsEnabled() != null) {
            realmModel.setAdminEventsEnabled(realmRepresentation.isAdminEventsEnabled().booleanValue());
        }
        if (realmRepresentation.isAdminEventsDetailsEnabled() != null) {
            realmModel.setAdminEventsDetailsEnabled(realmRepresentation.isAdminEventsDetailsEnabled().booleanValue());
        }
        if (realmRepresentation.getPasswordPolicy() != null) {
            realmModel.setPasswordPolicy(PasswordPolicy.parse(this.session, realmRepresentation.getPasswordPolicy()));
        }
        if (realmRepresentation.getOtpPolicyType() != null) {
            realmModel.setOTPPolicy(toPolicy(realmRepresentation));
        }
        if (realmRepresentation.getWebAuthnPolicyRpEntityName() != null && !realmRepresentation.getWebAuthnPolicyRpEntityName().isEmpty()) {
            realmModel.setWebAuthnPolicy(getWebAuthnPolicyTwoFactor(realmRepresentation));
        }
        if (realmRepresentation.getWebAuthnPolicyPasswordlessRpEntityName() != null && !realmRepresentation.getWebAuthnPolicyPasswordlessRpEntityName().isEmpty()) {
            realmModel.setWebAuthnPolicyPasswordless(getWebAuthnPolicyPasswordless(realmRepresentation));
        }
        updateCibaSettings(realmRepresentation, realmModel);
        updateParSettings(realmRepresentation, realmModel);
        this.session.clientPolicy().updateRealmModelFromRepresentation(realmModel, realmRepresentation);
        if (realmRepresentation.getSmtpServer() != null) {
            HashMap hashMap = new HashMap(realmRepresentation.getSmtpServer());
            if (realmRepresentation.getSmtpServer().containsKey("password") && "**********".equals(realmRepresentation.getSmtpServer().get("password"))) {
                hashMap.put("password", realmModel.getSmtpConfig() != null ? (String) realmModel.getSmtpConfig().get("password") : null);
            }
            realmModel.setSmtpConfig(hashMap);
        }
        if (realmRepresentation.getBrowserSecurityHeaders() != null) {
            realmModel.setBrowserSecurityHeaders(realmRepresentation.getBrowserSecurityHeaders());
        }
        if (realmRepresentation.isInternationalizationEnabled() != null) {
            realmModel.setInternationalizationEnabled(realmRepresentation.isInternationalizationEnabled().booleanValue());
        }
        if (realmRepresentation.getSupportedLocales() != null) {
            realmModel.setSupportedLocales(new HashSet(realmRepresentation.getSupportedLocales()));
        }
        if (realmRepresentation.getDefaultLocale() != null) {
            realmModel.setDefaultLocale(realmRepresentation.getDefaultLocale());
        }
        if (realmRepresentation.getBrowserFlow() != null) {
            realmModel.setBrowserFlow(realmModel.getFlowByAlias(realmRepresentation.getBrowserFlow()));
        }
        if (realmRepresentation.getRegistrationFlow() != null) {
            realmModel.setRegistrationFlow(realmModel.getFlowByAlias(realmRepresentation.getRegistrationFlow()));
        }
        if (realmRepresentation.getDirectGrantFlow() != null) {
            realmModel.setDirectGrantFlow(realmModel.getFlowByAlias(realmRepresentation.getDirectGrantFlow()));
        }
        if (realmRepresentation.getResetCredentialsFlow() != null) {
            realmModel.setResetCredentialsFlow(realmModel.getFlowByAlias(realmRepresentation.getResetCredentialsFlow()));
        }
        if (realmRepresentation.getClientAuthenticationFlow() != null) {
            realmModel.setClientAuthenticationFlow(realmModel.getFlowByAlias(realmRepresentation.getClientAuthenticationFlow()));
        }
        if (realmRepresentation.getDockerAuthenticationFlow() != null) {
            realmModel.setDockerAuthenticationFlow(realmModel.getFlowByAlias(realmRepresentation.getDockerAuthenticationFlow()));
        }
        if (realmRepresentation.getFirstBrokerLoginFlow() != null) {
            realmModel.setFirstBrokerLoginFlow(realmModel.getFlowByAlias(realmRepresentation.getFirstBrokerLoginFlow()));
        }
    }

    public UserModel createUser(RealmModel realmModel, UserRepresentation userRepresentation) {
        convertDeprecatedSocialProviders(userRepresentation);
        UserModel addUser = UserStoragePrivateUtil.userLocalStorage(this.session).addUser(realmModel, userRepresentation.getId(), userRepresentation.getUsername(), false, false);
        addUser.setEnabled(userRepresentation.isEnabled() != null && userRepresentation.isEnabled().booleanValue());
        addUser.setCreatedTimestamp(userRepresentation.getCreatedTimestamp());
        addUser.setEmail(userRepresentation.getEmail());
        if (userRepresentation.isEmailVerified() != null) {
            addUser.setEmailVerified(userRepresentation.isEmailVerified().booleanValue());
        }
        addUser.setFirstName(userRepresentation.getFirstName());
        addUser.setLastName(userRepresentation.getLastName());
        addUser.setFederationLink(userRepresentation.getFederationLink());
        if (userRepresentation.getAttributes() != null) {
            for (Map.Entry entry : userRepresentation.getAttributes().entrySet().stream().sorted(Map.Entry.comparingByKey()).toList()) {
                List list = (List) entry.getValue();
                if (list != null) {
                    addUser.setAttribute((String) entry.getKey(), new ArrayList(list));
                }
            }
        }
        if (userRepresentation.getRequiredActions() != null) {
            Iterator it = userRepresentation.getRequiredActions().iterator();
            while (it.hasNext()) {
                addUser.addRequiredAction(DefaultRequiredActions.getDefaultRequiredActionCaseInsensitively((String) it.next()));
            }
        }
        RepresentationToModel.createCredentials(userRepresentation, this.session, realmModel, addUser, false);
        RepresentationToModel.createFederatedIdentities(userRepresentation, this.session, realmModel, addUser);
        RepresentationToModel.createRoleMappings(userRepresentation, addUser, realmModel);
        if (userRepresentation.getClientConsents() != null) {
            Iterator it2 = userRepresentation.getClientConsents().iterator();
            while (it2.hasNext()) {
                this.session.users().addConsent(realmModel, addUser.getId(), RepresentationToModel.toModel(realmModel, (UserConsentRepresentation) it2.next()));
            }
        }
        if (userRepresentation.getNotBefore() != null) {
            this.session.users().setNotBeforeForUser(realmModel, addUser, userRepresentation.getNotBefore().intValue());
        }
        if (userRepresentation.getServiceAccountClientId() != null) {
            String serviceAccountClientId = userRepresentation.getServiceAccountClientId();
            ClientModel clientByClientId = realmModel.getClientByClientId(serviceAccountClientId);
            if (clientByClientId == null) {
                throw new RuntimeException("Unable to find client specified for service account link. Client: " + serviceAccountClientId);
            }
            addUser.setServiceAccountClientLink(clientByClientId.getId());
        }
        RepresentationToModel.createGroups(this.session, userRepresentation, realmModel, addUser);
        return addUser;
    }

    public static void convertDeprecatedSocialProviders(UserRepresentation userRepresentation) {
        if (userRepresentation.getSocialLinks() != null && !userRepresentation.getSocialLinks().isEmpty() && userRepresentation.getFederatedIdentities() == null) {
            logger.warnf("Using deprecated 'socialLinks' configuration in JSON representation for user '%s'. It will be removed in future versions", userRepresentation.getUsername());
            LinkedList linkedList = new LinkedList();
            for (SocialLinkRepresentation socialLinkRepresentation : userRepresentation.getSocialLinks()) {
                FederatedIdentityRepresentation federatedIdentityRepresentation = new FederatedIdentityRepresentation();
                federatedIdentityRepresentation.setIdentityProvider(socialLinkRepresentation.getSocialProvider());
                federatedIdentityRepresentation.setUserId(socialLinkRepresentation.getSocialUserId());
                federatedIdentityRepresentation.setUserName(socialLinkRepresentation.getSocialUsername());
                linkedList.add(federatedIdentityRepresentation);
            }
            userRepresentation.setFederatedIdentities(linkedList);
        }
        userRepresentation.setSocialLinks((List) null);
    }

    private static void convertDeprecatedApplications(KeycloakSession keycloakSession, RealmRepresentation realmRepresentation) {
        if (realmRepresentation.getApplications() != null || realmRepresentation.getOauthClients() != null) {
            if (realmRepresentation.getClients() == null) {
                realmRepresentation.setClients(new LinkedList());
            }
            LinkedList<ApplicationRepresentation> linkedList = new LinkedList();
            if (realmRepresentation.getApplications() != null) {
                linkedList.addAll(realmRepresentation.getApplications());
            }
            if (realmRepresentation.getOauthClients() != null) {
                linkedList.addAll(realmRepresentation.getOauthClients());
            }
            for (ApplicationRepresentation applicationRepresentation : linkedList) {
                applicationRepresentation.setClientId(applicationRepresentation.getName());
                applicationRepresentation.setName((String) null);
                if (applicationRepresentation instanceof OAuthClientRepresentation) {
                    applicationRepresentation.setConsentRequired(true);
                    applicationRepresentation.setFullScopeAllowed(false);
                }
                if (applicationRepresentation.getProtocolMappers() == null && applicationRepresentation.getClaims() != null) {
                    applicationRepresentation.setProtocolMappers(keycloakSession.getProvider(MigrationProvider.class).getMappersForClaimMask(Long.valueOf(getClaimsMask(applicationRepresentation.getClaims()))));
                    applicationRepresentation.setClaims((ClaimRepresentation) null);
                }
                realmRepresentation.getClients().add(applicationRepresentation);
            }
        }
        if (realmRepresentation.getApplicationScopeMappings() != null && realmRepresentation.getClientScopeMappings() == null) {
            realmRepresentation.setClientScopeMappings(realmRepresentation.getApplicationScopeMappings());
        }
        if (realmRepresentation.getRoles() != null && realmRepresentation.getRoles().getApplication() != null && realmRepresentation.getRoles().getClient() == null) {
            realmRepresentation.getRoles().setClient(realmRepresentation.getRoles().getApplication());
        }
        if (realmRepresentation.getUsers() != null) {
            for (UserRepresentation userRepresentation : realmRepresentation.getUsers()) {
                if (userRepresentation.getApplicationRoles() != null && userRepresentation.getClientRoles() == null) {
                    userRepresentation.setClientRoles(userRepresentation.getApplicationRoles());
                }
            }
        }
        if (realmRepresentation.getRoles() != null && realmRepresentation.getRoles().getRealm() != null) {
            for (RoleRepresentation roleRepresentation : realmRepresentation.getRoles().getRealm()) {
                if (roleRepresentation.getComposites() != null && roleRepresentation.getComposites().getApplication() != null && roleRepresentation.getComposites().getClient() == null) {
                    roleRepresentation.getComposites().setClient(roleRepresentation.getComposites().getApplication());
                }
            }
        }
        if (realmRepresentation.getRoles() == null || realmRepresentation.getRoles().getClient() == null) {
            return;
        }
        Iterator it = realmRepresentation.getRoles().getClient().entrySet().iterator();
        while (it.hasNext()) {
            for (RoleRepresentation roleRepresentation2 : (List) ((Map.Entry) it.next()).getValue()) {
                if (roleRepresentation2.getComposites() != null && roleRepresentation2.getComposites().getApplication() != null && roleRepresentation2.getComposites().getClient() == null) {
                    roleRepresentation2.getComposites().setClient(roleRepresentation2.getComposites().getApplication());
                }
            }
        }
    }

    private static void convertDeprecatedSocialProviders(RealmRepresentation realmRepresentation) {
        if (realmRepresentation.isSocial() == null || !realmRepresentation.isSocial().booleanValue() || realmRepresentation.getSocialProviders() == null || realmRepresentation.getSocialProviders().isEmpty() || realmRepresentation.getIdentityProviders() != null) {
            return;
        }
        Boolean valueOf = Boolean.valueOf(realmRepresentation.isUpdateProfileOnInitialSocialLogin() != null && realmRepresentation.isUpdateProfileOnInitialSocialLogin().booleanValue());
        if (realmRepresentation.getSocialProviders() != null) {
            logger.warn("Using deprecated 'social' configuration in JSON representation. It will be removed in future versions");
            LinkedList linkedList = new LinkedList();
            for (String str : realmRepresentation.getSocialProviders().keySet()) {
                if (str.endsWith(".key")) {
                    String str2 = str.split("\\.")[0];
                    String str3 = (String) realmRepresentation.getSocialProviders().get(str);
                    String str4 = (String) realmRepresentation.getSocialProviders().get(str.replace(".key", ".secret"));
                    IdentityProviderRepresentation identityProviderRepresentation = new IdentityProviderRepresentation();
                    identityProviderRepresentation.setAlias(str2);
                    identityProviderRepresentation.setProviderId(str2);
                    identityProviderRepresentation.setEnabled(true);
                    identityProviderRepresentation.setLinkOnly(false);
                    identityProviderRepresentation.setUpdateProfileFirstLogin(valueOf.booleanValue());
                    HashMap hashMap = new HashMap();
                    hashMap.put("clientId", str3);
                    hashMap.put("clientSecret", str4);
                    identityProviderRepresentation.setConfig(hashMap);
                    linkedList.add(identityProviderRepresentation);
                }
            }
            realmRepresentation.setIdentityProviders(linkedList);
        }
    }

    private static void convertDeprecatedClientTemplates(RealmRepresentation realmRepresentation) {
        if (realmRepresentation.getClientTemplates() != null) {
            logger.warnf("Using deprecated 'clientTemplates' configuration in JSON representation for realm '%s'. It will be removed in future versions", realmRepresentation.getRealm());
            LinkedList linkedList = new LinkedList();
            for (ClientTemplateRepresentation clientTemplateRepresentation : realmRepresentation.getClientTemplates()) {
                ClientScopeRepresentation clientScopeRepresentation = new ClientScopeRepresentation();
                clientScopeRepresentation.setId(clientTemplateRepresentation.getId());
                clientScopeRepresentation.setName(clientTemplateRepresentation.getName());
                clientScopeRepresentation.setProtocol(clientTemplateRepresentation.getProtocol());
                clientScopeRepresentation.setDescription(clientTemplateRepresentation.getDescription());
                clientScopeRepresentation.setAttributes(clientTemplateRepresentation.getAttributes());
                clientScopeRepresentation.setProtocolMappers(clientTemplateRepresentation.getProtocolMappers());
                linkedList.add(clientScopeRepresentation);
            }
            realmRepresentation.setClientScopes(linkedList);
        }
    }

    public static void importUserFederationProvidersAndMappers(KeycloakSession keycloakSession, RealmRepresentation realmRepresentation, RealmModel realmModel) {
        HashSet hashSet = new HashSet();
        hashSet.add("ldap");
        hashSet.add("kerberos");
        HashMap hashMap = new HashMap();
        hashMap.put("ldap", "org.keycloak.storage.ldap.mappers.LDAPStorageMapper");
        HashMap hashMap2 = new HashMap();
        if (realmRepresentation.getUserFederationProviders() != null) {
            for (UserFederationProviderRepresentation userFederationProviderRepresentation : realmRepresentation.getUserFederationProviders()) {
                if (hashSet.contains(userFederationProviderRepresentation.getProviderName())) {
                    hashMap2.put(userFederationProviderRepresentation.getDisplayName(), realmModel.importComponentModel(convertFedProviderToComponent(realmModel.getId(), userFederationProviderRepresentation)));
                }
            }
        }
        HashSet hashSet2 = new HashSet(hashMap2.keySet());
        if (realmRepresentation.getUserFederationMappers() != null) {
            for (UserFederationMapperRepresentation userFederationMapperRepresentation : realmRepresentation.getUserFederationMappers()) {
                if (hashMap2.containsKey(userFederationMapperRepresentation.getFederationProviderDisplayName())) {
                    ComponentModel componentModel = (ComponentModel) hashMap2.get(userFederationMapperRepresentation.getFederationProviderDisplayName());
                    realmModel.importComponentModel(convertFedMapperToComponent(realmModel, componentModel, userFederationMapperRepresentation, (String) hashMap.get(componentModel.getProviderId())));
                    hashSet2.remove(userFederationMapperRepresentation.getFederationProviderDisplayName());
                }
            }
        }
        Iterator it = hashSet2.iterator();
        while (it.hasNext()) {
            ComponentUtil.notifyCreated(keycloakSession, realmModel, (ComponentModel) hashMap2.get((String) it.next()));
        }
    }

    public static ComponentModel convertFedMapperToComponent(RealmModel realmModel, ComponentModel componentModel, UserFederationMapperRepresentation userFederationMapperRepresentation, String str) {
        ComponentModel componentModel2 = new ComponentModel();
        componentModel2.setId(userFederationMapperRepresentation.getId());
        componentModel2.setName(userFederationMapperRepresentation.getName());
        componentModel2.setProviderId(userFederationMapperRepresentation.getFederationMapperType());
        componentModel2.setProviderType(str);
        componentModel2.setParentId(componentModel.getId());
        if (userFederationMapperRepresentation.getConfig() != null) {
            for (Map.Entry entry : userFederationMapperRepresentation.getConfig().entrySet()) {
                componentModel2.getConfig().putSingle((String) entry.getKey(), (String) entry.getValue());
            }
        }
        return componentModel2;
    }

    public static ComponentModel convertFedProviderToComponent(String str, UserFederationProviderRepresentation userFederationProviderRepresentation) {
        UserStorageProviderModel userStorageProviderModel = new UserStorageProviderModel();
        userStorageProviderModel.setId(userFederationProviderRepresentation.getId());
        userStorageProviderModel.setName(userFederationProviderRepresentation.getDisplayName());
        userStorageProviderModel.setParentId(str);
        userStorageProviderModel.setProviderId(userFederationProviderRepresentation.getProviderName());
        userStorageProviderModel.setProviderType(UserStorageProvider.class.getName());
        userStorageProviderModel.setFullSyncPeriod(userFederationProviderRepresentation.getFullSyncPeriod());
        userStorageProviderModel.setPriority(userFederationProviderRepresentation.getPriority());
        userStorageProviderModel.setChangedSyncPeriod(userFederationProviderRepresentation.getChangedSyncPeriod());
        userStorageProviderModel.setLastSync(userFederationProviderRepresentation.getLastSync());
        if (userFederationProviderRepresentation.getConfig() != null) {
            for (Map.Entry entry : userFederationProviderRepresentation.getConfig().entrySet()) {
                userStorageProviderModel.getConfig().putSingle((String) entry.getKey(), (String) entry.getValue());
            }
        }
        return userStorageProviderModel;
    }

    protected static void importComponents(RealmModel realmModel, MultivaluedHashMap<String, ComponentExportRepresentation> multivaluedHashMap, String str) {
        for (Map.Entry entry : multivaluedHashMap.entrySet()) {
            String str2 = (String) entry.getKey();
            for (ComponentExportRepresentation componentExportRepresentation : (List) entry.getValue()) {
                ComponentModel componentModel = new ComponentModel();
                componentModel.setId(componentExportRepresentation.getId());
                componentModel.setName(componentExportRepresentation.getName());
                componentModel.setConfig(componentExportRepresentation.getConfig());
                componentModel.setProviderType(str2);
                componentModel.setProviderId(componentExportRepresentation.getProviderId());
                componentModel.setSubType(componentExportRepresentation.getSubType());
                componentModel.setParentId(str);
                ComponentModel importComponentModel = realmModel.importComponentModel(componentModel);
                if (componentExportRepresentation.getSubComponents() != null) {
                    importComponents(realmModel, componentExportRepresentation.getSubComponents(), importComponentModel.getId());
                }
            }
        }
    }

    public static void importGroups(RealmModel realmModel, RealmRepresentation realmRepresentation) {
        List groups = realmRepresentation.getGroups();
        if (groups == null) {
            return;
        }
        Iterator it = groups.iterator();
        while (it.hasNext()) {
            RepresentationToModel.importGroup(realmModel, (GroupModel) null, (GroupRepresentation) it.next());
        }
    }

    private static WebAuthnPolicy getWebAuthnPolicyTwoFactor(RealmRepresentation realmRepresentation) {
        WebAuthnPolicy webAuthnPolicy = new WebAuthnPolicy();
        String webAuthnPolicyRpEntityName = realmRepresentation.getWebAuthnPolicyRpEntityName();
        if (webAuthnPolicyRpEntityName == null || webAuthnPolicyRpEntityName.isEmpty()) {
            webAuthnPolicyRpEntityName = "keycloak";
        }
        webAuthnPolicy.setRpEntityName(webAuthnPolicyRpEntityName);
        List webAuthnPolicySignatureAlgorithms = realmRepresentation.getWebAuthnPolicySignatureAlgorithms();
        if (webAuthnPolicySignatureAlgorithms == null || webAuthnPolicySignatureAlgorithms.isEmpty()) {
            webAuthnPolicySignatureAlgorithms = Arrays.asList("ES256,RS256".split(","));
        }
        webAuthnPolicy.setSignatureAlgorithm(webAuthnPolicySignatureAlgorithms);
        String webAuthnPolicyRpId = realmRepresentation.getWebAuthnPolicyRpId();
        if (webAuthnPolicyRpId == null || webAuthnPolicyRpId.isEmpty()) {
            webAuthnPolicyRpId = "";
        }
        webAuthnPolicy.setRpId(webAuthnPolicyRpId);
        String webAuthnPolicyAttestationConveyancePreference = realmRepresentation.getWebAuthnPolicyAttestationConveyancePreference();
        if (webAuthnPolicyAttestationConveyancePreference == null || webAuthnPolicyAttestationConveyancePreference.isEmpty()) {
            webAuthnPolicyAttestationConveyancePreference = "not specified";
        }
        webAuthnPolicy.setAttestationConveyancePreference(webAuthnPolicyAttestationConveyancePreference);
        String webAuthnPolicyAuthenticatorAttachment = realmRepresentation.getWebAuthnPolicyAuthenticatorAttachment();
        if (webAuthnPolicyAuthenticatorAttachment == null || webAuthnPolicyAuthenticatorAttachment.isEmpty()) {
            webAuthnPolicyAuthenticatorAttachment = "not specified";
        }
        webAuthnPolicy.setAuthenticatorAttachment(webAuthnPolicyAuthenticatorAttachment);
        String webAuthnPolicyRequireResidentKey = realmRepresentation.getWebAuthnPolicyRequireResidentKey();
        if (webAuthnPolicyRequireResidentKey == null || webAuthnPolicyRequireResidentKey.isEmpty()) {
            webAuthnPolicyRequireResidentKey = "not specified";
        }
        webAuthnPolicy.setRequireResidentKey(webAuthnPolicyRequireResidentKey);
        String webAuthnPolicyUserVerificationRequirement = realmRepresentation.getWebAuthnPolicyUserVerificationRequirement();
        if (webAuthnPolicyUserVerificationRequirement == null || webAuthnPolicyUserVerificationRequirement.isEmpty()) {
            webAuthnPolicyUserVerificationRequirement = "not specified";
        }
        webAuthnPolicy.setUserVerificationRequirement(webAuthnPolicyUserVerificationRequirement);
        Integer webAuthnPolicyCreateTimeout = realmRepresentation.getWebAuthnPolicyCreateTimeout();
        if (webAuthnPolicyCreateTimeout != null) {
            webAuthnPolicy.setCreateTimeout(webAuthnPolicyCreateTimeout.intValue());
        } else {
            webAuthnPolicy.setCreateTimeout(0);
        }
        Boolean isWebAuthnPolicyAvoidSameAuthenticatorRegister = realmRepresentation.isWebAuthnPolicyAvoidSameAuthenticatorRegister();
        if (isWebAuthnPolicyAvoidSameAuthenticatorRegister != null) {
            webAuthnPolicy.setAvoidSameAuthenticatorRegister(isWebAuthnPolicyAvoidSameAuthenticatorRegister.booleanValue());
        }
        List webAuthnPolicyAcceptableAaguids = realmRepresentation.getWebAuthnPolicyAcceptableAaguids();
        if (webAuthnPolicyAcceptableAaguids != null) {
            webAuthnPolicy.setAcceptableAaguids(webAuthnPolicyAcceptableAaguids);
        }
        List webAuthnPolicyExtraOrigins = realmRepresentation.getWebAuthnPolicyExtraOrigins();
        if (webAuthnPolicyExtraOrigins != null) {
            webAuthnPolicy.setExtraOrigins(webAuthnPolicyExtraOrigins);
        }
        return webAuthnPolicy;
    }

    private static WebAuthnPolicy getWebAuthnPolicyPasswordless(RealmRepresentation realmRepresentation) {
        WebAuthnPolicy webAuthnPolicy = new WebAuthnPolicy();
        String webAuthnPolicyPasswordlessRpEntityName = realmRepresentation.getWebAuthnPolicyPasswordlessRpEntityName();
        if (webAuthnPolicyPasswordlessRpEntityName == null || webAuthnPolicyPasswordlessRpEntityName.isEmpty()) {
            webAuthnPolicyPasswordlessRpEntityName = "keycloak";
        }
        webAuthnPolicy.setRpEntityName(webAuthnPolicyPasswordlessRpEntityName);
        List webAuthnPolicyPasswordlessSignatureAlgorithms = realmRepresentation.getWebAuthnPolicyPasswordlessSignatureAlgorithms();
        if (webAuthnPolicyPasswordlessSignatureAlgorithms == null || webAuthnPolicyPasswordlessSignatureAlgorithms.isEmpty()) {
            webAuthnPolicyPasswordlessSignatureAlgorithms = Arrays.asList("ES256,RS256".split(","));
        }
        webAuthnPolicy.setSignatureAlgorithm(webAuthnPolicyPasswordlessSignatureAlgorithms);
        String webAuthnPolicyPasswordlessRpId = realmRepresentation.getWebAuthnPolicyPasswordlessRpId();
        if (webAuthnPolicyPasswordlessRpId == null || webAuthnPolicyPasswordlessRpId.isEmpty()) {
            webAuthnPolicyPasswordlessRpId = "";
        }
        webAuthnPolicy.setRpId(webAuthnPolicyPasswordlessRpId);
        String webAuthnPolicyPasswordlessAttestationConveyancePreference = realmRepresentation.getWebAuthnPolicyPasswordlessAttestationConveyancePreference();
        if (webAuthnPolicyPasswordlessAttestationConveyancePreference == null || webAuthnPolicyPasswordlessAttestationConveyancePreference.isEmpty()) {
            webAuthnPolicyPasswordlessAttestationConveyancePreference = "not specified";
        }
        webAuthnPolicy.setAttestationConveyancePreference(webAuthnPolicyPasswordlessAttestationConveyancePreference);
        String webAuthnPolicyPasswordlessAuthenticatorAttachment = realmRepresentation.getWebAuthnPolicyPasswordlessAuthenticatorAttachment();
        if (webAuthnPolicyPasswordlessAuthenticatorAttachment == null || webAuthnPolicyPasswordlessAuthenticatorAttachment.isEmpty()) {
            webAuthnPolicyPasswordlessAuthenticatorAttachment = "not specified";
        }
        webAuthnPolicy.setAuthenticatorAttachment(webAuthnPolicyPasswordlessAuthenticatorAttachment);
        String webAuthnPolicyPasswordlessRequireResidentKey = realmRepresentation.getWebAuthnPolicyPasswordlessRequireResidentKey();
        if (webAuthnPolicyPasswordlessRequireResidentKey == null || webAuthnPolicyPasswordlessRequireResidentKey.isEmpty()) {
            webAuthnPolicyPasswordlessRequireResidentKey = "not specified";
        }
        webAuthnPolicy.setRequireResidentKey(webAuthnPolicyPasswordlessRequireResidentKey);
        String webAuthnPolicyPasswordlessUserVerificationRequirement = realmRepresentation.getWebAuthnPolicyPasswordlessUserVerificationRequirement();
        if (webAuthnPolicyPasswordlessUserVerificationRequirement == null || webAuthnPolicyPasswordlessUserVerificationRequirement.isEmpty()) {
            webAuthnPolicyPasswordlessUserVerificationRequirement = "not specified";
        }
        webAuthnPolicy.setUserVerificationRequirement(webAuthnPolicyPasswordlessUserVerificationRequirement);
        Integer webAuthnPolicyPasswordlessCreateTimeout = realmRepresentation.getWebAuthnPolicyPasswordlessCreateTimeout();
        if (webAuthnPolicyPasswordlessCreateTimeout != null) {
            webAuthnPolicy.setCreateTimeout(webAuthnPolicyPasswordlessCreateTimeout.intValue());
        } else {
            webAuthnPolicy.setCreateTimeout(0);
        }
        Boolean isWebAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister = realmRepresentation.isWebAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister();
        if (isWebAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister != null) {
            webAuthnPolicy.setAvoidSameAuthenticatorRegister(isWebAuthnPolicyPasswordlessAvoidSameAuthenticatorRegister.booleanValue());
        }
        List webAuthnPolicyPasswordlessAcceptableAaguids = realmRepresentation.getWebAuthnPolicyPasswordlessAcceptableAaguids();
        if (webAuthnPolicyPasswordlessAcceptableAaguids != null) {
            webAuthnPolicy.setAcceptableAaguids(webAuthnPolicyPasswordlessAcceptableAaguids);
        }
        List webAuthnPolicyPasswordlessExtraOrigins = realmRepresentation.getWebAuthnPolicyPasswordlessExtraOrigins();
        if (webAuthnPolicyPasswordlessExtraOrigins != null) {
            webAuthnPolicy.setExtraOrigins(webAuthnPolicyPasswordlessExtraOrigins);
        }
        return webAuthnPolicy;
    }

    public static Map<String, String> importAuthenticationFlows(KeycloakSession keycloakSession, RealmModel realmModel, RealmRepresentation realmRepresentation) {
        HashMap hashMap = new HashMap();
        if (realmRepresentation.getAuthenticatorConfig() != null) {
            for (AuthenticatorConfigRepresentation authenticatorConfigRepresentation : realmRepresentation.getAuthenticatorConfig()) {
                if (authenticatorConfigRepresentation.getAlias() == null) {
                    throw new IllegalStateException("Provided realm contains authenticator config with null alias. It should be resolved by adding alias to the authenticator config before exporting the realm.");
                }
                realmModel.addAuthenticatorConfig(RepresentationToModel.toModel(authenticatorConfigRepresentation));
            }
        }
        if (realmRepresentation.getAuthenticationFlows() != null) {
            Iterator it = realmRepresentation.getAuthenticationFlows().iterator();
            while (it.hasNext()) {
                AuthenticationFlowModel model = RepresentationToModel.toModel((AuthenticationFlowRepresentation) it.next());
                hashMap.put(model.getId(), realmModel.addAuthenticationFlow(model).getId());
            }
            for (AuthenticationFlowRepresentation authenticationFlowRepresentation : realmRepresentation.getAuthenticationFlows()) {
                AuthenticationFlowModel flowByAlias = realmModel.getFlowByAlias(authenticationFlowRepresentation.getAlias());
                Iterator it2 = authenticationFlowRepresentation.getAuthenticationExecutions().iterator();
                while (it2.hasNext()) {
                    realmModel.addAuthenticatorExecution(toModel(keycloakSession, realmModel, flowByAlias, (AuthenticationExecutionExportRepresentation) it2.next()));
                }
            }
        }
        DefaultAuthenticationFlows.migrateFlows(realmModel);
        if (realmRepresentation.getBrowserFlow() == null) {
            AuthenticationFlowModel flowByAlias2 = realmModel.getFlowByAlias("browser");
            if (flowByAlias2 != null) {
                realmModel.setBrowserFlow(flowByAlias2);
            }
        } else {
            realmModel.setBrowserFlow(realmModel.getFlowByAlias(realmRepresentation.getBrowserFlow()));
        }
        if (realmRepresentation.getRegistrationFlow() == null) {
            AuthenticationFlowModel flowByAlias3 = realmModel.getFlowByAlias("registration");
            if (flowByAlias3 != null) {
                realmModel.setRegistrationFlow(flowByAlias3);
            }
        } else {
            realmModel.setRegistrationFlow(realmModel.getFlowByAlias(realmRepresentation.getRegistrationFlow()));
        }
        if (realmRepresentation.getDirectGrantFlow() == null) {
            AuthenticationFlowModel flowByAlias4 = realmModel.getFlowByAlias("direct grant");
            if (flowByAlias4 != null) {
                realmModel.setDirectGrantFlow(flowByAlias4);
            }
        } else {
            realmModel.setDirectGrantFlow(realmModel.getFlowByAlias(realmRepresentation.getDirectGrantFlow()));
        }
        if (realmRepresentation.getResetCredentialsFlow() == null) {
            AuthenticationFlowModel flowByAlias5 = realmModel.getFlowByAlias("reset credentials");
            if (flowByAlias5 == null) {
                DefaultAuthenticationFlows.resetCredentialsFlow(realmModel);
            } else {
                realmModel.setResetCredentialsFlow(flowByAlias5);
            }
        } else {
            realmModel.setResetCredentialsFlow(realmModel.getFlowByAlias(realmRepresentation.getResetCredentialsFlow()));
        }
        if (realmRepresentation.getClientAuthenticationFlow() == null) {
            AuthenticationFlowModel flowByAlias6 = realmModel.getFlowByAlias("clients");
            if (flowByAlias6 == null) {
                DefaultAuthenticationFlows.clientAuthFlow(realmModel);
            } else {
                realmModel.setClientAuthenticationFlow(flowByAlias6);
            }
        } else {
            realmModel.setClientAuthenticationFlow(realmModel.getFlowByAlias(realmRepresentation.getClientAuthenticationFlow()));
        }
        if (realmRepresentation.getFirstBrokerLoginFlow() == null) {
            AuthenticationFlowModel flowByAlias7 = realmModel.getFlowByAlias("first broker login");
            if (flowByAlias7 == null) {
                DefaultAuthenticationFlows.firstBrokerLoginFlow(realmModel, true);
            } else {
                realmModel.setFirstBrokerLoginFlow(flowByAlias7);
            }
        } else {
            realmModel.setFirstBrokerLoginFlow(realmModel.getFlowByAlias(realmRepresentation.getFirstBrokerLoginFlow()));
        }
        String str = null;
        if (realmRepresentation.getIdentityProviders() != null) {
            Iterator it3 = realmRepresentation.getIdentityProviders().iterator();
            while (true) {
                if (!it3.hasNext()) {
                    break;
                }
                IdentityProviderRepresentation identityProviderRepresentation = (IdentityProviderRepresentation) it3.next();
                if (identityProviderRepresentation.isEnabled() && identityProviderRepresentation.isAuthenticateByDefault()) {
                    str = identityProviderRepresentation.getProviderId();
                    break;
                }
            }
        }
        if (realmRepresentation.getDockerAuthenticationFlow() == null) {
            AuthenticationFlowModel flowByAlias8 = realmModel.getFlowByAlias("docker auth");
            if (flowByAlias8 == null) {
                DefaultAuthenticationFlows.dockerAuthenticationFlow(realmModel);
            } else {
                realmModel.setDockerAuthenticationFlow(flowByAlias8);
            }
        } else {
            realmModel.setDockerAuthenticationFlow(realmModel.getFlowByAlias(realmRepresentation.getDockerAuthenticationFlow()));
        }
        DefaultAuthenticationFlows.addIdentityProviderAuthenticator(realmModel, str);
        return hashMap;
    }

    private static AuthenticationExecutionModel toModel(KeycloakSession keycloakSession, RealmModel realmModel, AuthenticationFlowModel authenticationFlowModel, AuthenticationExecutionExportRepresentation authenticationExecutionExportRepresentation) {
        AuthenticationExecutionModel authenticationExecutionModel = new AuthenticationExecutionModel();
        if (authenticationExecutionExportRepresentation.getAuthenticatorConfig() != null) {
            authenticationExecutionModel.setAuthenticatorConfig(new DeployedConfigurationsManager(keycloakSession).getAuthenticatorConfigByAlias(realmModel, authenticationExecutionExportRepresentation.getAuthenticatorConfig()).getId());
        }
        authenticationExecutionModel.setAuthenticator(authenticationExecutionExportRepresentation.getAuthenticator());
        authenticationExecutionModel.setAuthenticatorFlow(authenticationExecutionExportRepresentation.isAuthenticatorFlow());
        if (authenticationExecutionExportRepresentation.getFlowAlias() != null) {
            authenticationExecutionModel.setFlowId(realmModel.getFlowByAlias(authenticationExecutionExportRepresentation.getFlowAlias()).getId());
        }
        if (authenticationExecutionExportRepresentation.getPriority() != null) {
            authenticationExecutionModel.setPriority(authenticationExecutionExportRepresentation.getPriority().intValue());
        }
        try {
            authenticationExecutionModel.setRequirement(AuthenticationExecutionModel.Requirement.valueOf(authenticationExecutionExportRepresentation.getRequirement()));
            authenticationExecutionModel.setParentFlow(authenticationFlowModel.getId());
        } catch (IllegalArgumentException e) {
            if ("OPTIONAL".equals(authenticationExecutionExportRepresentation.getRequirement())) {
                MigrateTo8_0_0.migrateOptionalAuthenticationExecution(realmModel, authenticationFlowModel, authenticationExecutionModel, false);
            }
        }
        return authenticationExecutionModel;
    }

    private static void updateCibaSettings(RealmRepresentation realmRepresentation, RealmModel realmModel) {
        Map attributesOrEmpty = realmRepresentation.getAttributesOrEmpty();
        CibaConfig cibaPolicy = realmModel.getCibaPolicy();
        cibaPolicy.setBackchannelTokenDeliveryMode((String) attributesOrEmpty.get("cibaBackchannelTokenDeliveryMode"));
        cibaPolicy.setExpiresIn((String) attributesOrEmpty.get("cibaExpiresIn"));
        cibaPolicy.setPoolingInterval((String) attributesOrEmpty.get("cibaInterval"));
        cibaPolicy.setAuthRequestedUserHint((String) attributesOrEmpty.get("cibaAuthRequestedUserHint"));
    }

    private static void updateParSettings(RealmRepresentation realmRepresentation, RealmModel realmModel) {
        realmModel.getParPolicy().setRequestUriLifespan((String) realmRepresentation.getAttributesOrEmpty().get("parRequestUriLifespan"));
    }

    public static OTPPolicy toPolicy(RealmRepresentation realmRepresentation) {
        OTPPolicy oTPPolicy = new OTPPolicy();
        if (realmRepresentation.getOtpPolicyType() != null) {
            oTPPolicy.setType(realmRepresentation.getOtpPolicyType());
        }
        if (realmRepresentation.getOtpPolicyLookAheadWindow() != null) {
            oTPPolicy.setLookAheadWindow(realmRepresentation.getOtpPolicyLookAheadWindow().intValue());
        }
        if (realmRepresentation.getOtpPolicyInitialCounter() != null) {
            oTPPolicy.setInitialCounter(realmRepresentation.getOtpPolicyInitialCounter().intValue());
        }
        if (realmRepresentation.getOtpPolicyAlgorithm() != null) {
            oTPPolicy.setAlgorithm(realmRepresentation.getOtpPolicyAlgorithm());
        }
        if (realmRepresentation.getOtpPolicyDigits() != null) {
            oTPPolicy.setDigits(realmRepresentation.getOtpPolicyDigits().intValue());
        }
        if (realmRepresentation.getOtpPolicyPeriod() != null) {
            oTPPolicy.setPeriod(realmRepresentation.getOtpPolicyPeriod().intValue());
        }
        if (realmRepresentation.isOtpPolicyCodeReusable() != null) {
            oTPPolicy.setCodeReusable(realmRepresentation.isOtpPolicyCodeReusable().booleanValue());
        }
        return oTPPolicy;
    }

    public static RequiredActionProviderModel toModel(RequiredActionProviderRepresentation requiredActionProviderRepresentation) {
        RequiredActionProviderModel requiredActionProviderModel = new RequiredActionProviderModel();
        requiredActionProviderModel.setConfig(RepresentationToModel.removeEmptyString(requiredActionProviderRepresentation.getConfig()));
        requiredActionProviderModel.setPriority(requiredActionProviderRepresentation.getPriority());
        requiredActionProviderModel.setDefaultAction(requiredActionProviderRepresentation.isDefaultAction());
        requiredActionProviderModel.setEnabled(requiredActionProviderRepresentation.isEnabled());
        requiredActionProviderModel.setProviderId(DefaultRequiredActions.getDefaultRequiredActionCaseInsensitively(requiredActionProviderRepresentation.getProviderId()));
        requiredActionProviderModel.setName(requiredActionProviderRepresentation.getName());
        requiredActionProviderModel.setAlias(DefaultRequiredActions.getDefaultRequiredActionCaseInsensitively(requiredActionProviderRepresentation.getAlias()));
        return requiredActionProviderModel;
    }

    public static void importRealmAuthorizationSettings(RealmRepresentation realmRepresentation, RealmModel realmModel, KeycloakSession keycloakSession) {
        if (realmRepresentation.getClients() != null) {
            realmRepresentation.getClients().forEach(clientRepresentation -> {
                RepresentationToModel.importAuthorizationSettings(clientRepresentation, realmModel.getClientByClientId(clientRepresentation.getClientId()), keycloakSession);
            });
        }
    }

    public static void importFederatedUser(KeycloakSession keycloakSession, RealmModel realmModel, UserRepresentation userRepresentation) {
        UserFederatedStorageProvider userFederatedStorage = UserStorageUtil.userFederatedStorage(keycloakSession);
        if (userRepresentation.getAttributes() != null) {
            for (Map.Entry entry : userRepresentation.getAttributes().entrySet()) {
                String str = (String) entry.getKey();
                List list = (List) entry.getValue();
                if (list != null) {
                    userFederatedStorage.setAttribute(realmModel, userRepresentation.getId(), str, new LinkedList(list));
                }
            }
        }
        if (userRepresentation.getRequiredActions() != null) {
            Iterator it = userRepresentation.getRequiredActions().iterator();
            while (it.hasNext()) {
                userFederatedStorage.addRequiredAction(realmModel, userRepresentation.getId(), (String) it.next());
            }
        }
        if (userRepresentation.getCredentials() != null) {
            Iterator it2 = userRepresentation.getCredentials().iterator();
            while (it2.hasNext()) {
                userFederatedStorage.createCredential(realmModel, userRepresentation.getId(), RepresentationToModel.toModel((CredentialRepresentation) it2.next()));
            }
        }
        createFederatedRoleMappings(userFederatedStorage, userRepresentation, realmModel);
        if (userRepresentation.getGroups() != null) {
            for (String str2 : userRepresentation.getGroups()) {
                GroupModel findGroupByPath = KeycloakModelUtils.findGroupByPath(keycloakSession, realmModel, str2);
                if (findGroupByPath == null) {
                    throw new RuntimeException("Unable to find group specified by path: " + str2);
                }
                userFederatedStorage.joinGroup(realmModel, userRepresentation.getId(), findGroupByPath);
            }
        }
        if (userRepresentation.getFederatedIdentities() != null) {
            for (FederatedIdentityRepresentation federatedIdentityRepresentation : userRepresentation.getFederatedIdentities()) {
                userFederatedStorage.addFederatedIdentity(realmModel, userRepresentation.getId(), new FederatedIdentityModel(federatedIdentityRepresentation.getIdentityProvider(), federatedIdentityRepresentation.getUserId(), federatedIdentityRepresentation.getUserName()));
            }
        }
        if (userRepresentation.getClientConsents() != null) {
            Iterator it3 = userRepresentation.getClientConsents().iterator();
            while (it3.hasNext()) {
                userFederatedStorage.addConsent(realmModel, userRepresentation.getId(), RepresentationToModel.toModel(realmModel, (UserConsentRepresentation) it3.next()));
            }
        }
        if (userRepresentation.getNotBefore() != null) {
            userFederatedStorage.setNotBeforeForUser(realmModel, userRepresentation.getId(), userRepresentation.getNotBefore().intValue());
        }
    }

    private static void createFederatedRoleMappings(UserFederatedStorageProvider userFederatedStorageProvider, UserRepresentation userRepresentation, RealmModel realmModel) {
        if (userRepresentation.getRealmRoles() != null) {
            for (String str : userRepresentation.getRealmRoles()) {
                RoleModel role = realmModel.getRole(str.trim());
                if (role == null) {
                    role = realmModel.addRole(str.trim());
                }
                userFederatedStorageProvider.grantRole(realmModel, userRepresentation.getId(), role);
            }
        }
        if (userRepresentation.getClientRoles() != null) {
            for (Map.Entry entry : userRepresentation.getClientRoles().entrySet()) {
                ClientModel clientByClientId = realmModel.getClientByClientId((String) entry.getKey());
                if (clientByClientId == null) {
                    throw new RuntimeException("Unable to find client role mappings for client: " + ((String) entry.getKey()));
                }
                createFederatedClientRoleMappings(userFederatedStorageProvider, realmModel, clientByClientId, userRepresentation, (List) entry.getValue());
            }
        }
    }

    private static void createFederatedClientRoleMappings(UserFederatedStorageProvider userFederatedStorageProvider, RealmModel realmModel, ClientModel clientModel, UserRepresentation userRepresentation, List<String> list) {
        if (userRepresentation == null) {
            throw new RuntimeException("User not found");
        }
        for (String str : list) {
            RoleModel role = clientModel.getRole(str.trim());
            if (role == null) {
                role = clientModel.addRole(str.trim());
            }
            userFederatedStorageProvider.grantRole(realmModel, userRepresentation.getId(), role);
        }
    }

    private void importOrganizations(RealmRepresentation realmRepresentation, RealmModel realmModel) {
        if (Profile.isFeatureEnabled(Profile.Feature.ORGANIZATION)) {
            OrganizationProvider provider = this.session.getProvider(OrganizationProvider.class);
            for (OrganizationRepresentation organizationRepresentation : (List) Optional.ofNullable(realmRepresentation.getOrganizations()).orElse(Collections.emptyList())) {
                OrganizationsValidation.validateUrl(organizationRepresentation.getRedirectUrl());
                OrganizationModel create = provider.create(organizationRepresentation.getId(), organizationRepresentation.getName(), organizationRepresentation.getAlias());
                RepresentationToModel.toModel(organizationRepresentation, create);
                Iterator it = ((List) Optional.ofNullable(organizationRepresentation.getIdentityProviders()).orElse(Collections.emptyList())).iterator();
                while (it.hasNext()) {
                    provider.addIdentityProvider(create, this.session.identityProviders().getByAlias(((IdentityProviderRepresentation) it.next()).getAlias()));
                }
                for (MemberRepresentation memberRepresentation : (List) Optional.ofNullable(organizationRepresentation.getMembers()).orElse(Collections.emptyList())) {
                    UserModel userByUsername = this.session.users().getUserByUsername(realmModel, memberRepresentation.getUsername());
                    if (MembershipType.MANAGED.equals(memberRepresentation.getMembershipType())) {
                        provider.addManagedMember(create, userByUsername);
                    } else {
                        provider.addMember(create, userByUsername);
                    }
                }
            }
        }
    }
}
