package org.keycloak.models.cache.infinispan.idp;

import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Objects;
import java.util.Optional;
import java.util.Set;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import org.keycloak.common.Profile;
import org.keycloak.models.IdentityProviderMapperModel;
import org.keycloak.models.IdentityProviderModel;
import org.keycloak.models.IdentityProviderStorageProvider;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.ModelException;
import org.keycloak.models.OrganizationModel;
import org.keycloak.models.RealmModel;
import org.keycloak.models.cache.CacheRealmProvider;
import org.keycloak.models.cache.infinispan.CachedCount;
import org.keycloak.models.cache.infinispan.RealmCacheManager;
import org.keycloak.models.cache.infinispan.RealmCacheSession;
import org.keycloak.organization.OrganizationProvider;

/* loaded from: input_file:org/keycloak/models/cache/infinispan/idp/InfinispanIdentityProviderStorageProvider.class */
public class InfinispanIdentityProviderStorageProvider implements IdentityProviderStorageProvider {
    private static final String IDP_COUNT_KEY_SUFFIX = ".idp.count";
    private static final String IDP_ALIAS_KEY_SUFFIX = ".idp.alias";
    private static final String IDP_ORG_ID_KEY_SUFFIX = ".idp.orgId";
    private static final String IDP_LOGIN_SUFFIX = ".idp.login";
    private final KeycloakSession session;
    private final IdentityProviderStorageProvider idpDelegate;
    private final RealmCacheSession realmCache;
    private final long startupRevision;

    public InfinispanIdentityProviderStorageProvider(KeycloakSession keycloakSession) {
        this.session = keycloakSession;
        this.idpDelegate = keycloakSession.getProvider(IdentityProviderStorageProvider.class, "jpa");
        this.realmCache = keycloakSession.getProvider(CacheRealmProvider.class);
        this.startupRevision = this.realmCache.getCache().getCurrentCounter();
    }

    private static String cacheKeyIdpCount(RealmModel realmModel) {
        return realmModel.getId() + ".idp.count";
    }

    private static String cacheKeyIdpAlias(RealmModel realmModel, String str) {
        return realmModel.getId() + "." + str + ".idp.alias";
    }

    private static String cacheKeyIdpMapperAliasName(RealmModel realmModel, String str, String str2) {
        return realmModel.getId() + "." + str + ".idp.alias." + str2;
    }

    public static String cacheKeyOrgId(RealmModel realmModel, String str) {
        return realmModel.getId() + "." + str + ".idp.orgId";
    }

    public static String cacheKeyForLogin(RealmModel realmModel, IdentityProviderStorageProvider.FetchMode fetchMode) {
        return realmModel.getId() + ".idp.login." + fetchMode;
    }

    public IdentityProviderModel create(IdentityProviderModel identityProviderModel) {
        registerCountInvalidation();
        registerIDPLoginInvalidation(identityProviderModel);
        return this.idpDelegate.create(identityProviderModel);
    }

    public void update(IdentityProviderModel identityProviderModel) {
        IdentityProviderModel byId = getById(identityProviderModel.getInternalId());
        registerIDPInvalidation(byId);
        registerIDPLoginInvalidationOnUpdate(byId, identityProviderModel);
        this.idpDelegate.update(identityProviderModel);
    }

    public boolean remove(String str) {
        String cacheKeyIdpAlias = cacheKeyIdpAlias(getRealm(), str);
        IdentityProviderModel byAlias = this.idpDelegate.getByAlias(str);
        if (isInvalid(cacheKeyIdpAlias)) {
            registerIDPInvalidation(byAlias);
        } else {
            CachedIdentityProvider cachedIdentityProvider = (CachedIdentityProvider) this.realmCache.getCache().get(cacheKeyIdpAlias, CachedIdentityProvider.class);
            if (cachedIdentityProvider != null) {
                registerIDPInvalidation(cachedIdentityProvider.getIdentityProvider());
            }
        }
        registerCountInvalidation();
        registerIDPLoginInvalidation(byAlias);
        return this.idpDelegate.remove(str);
    }

    public void removeAll() {
        registerCountInvalidation();
        this.idpDelegate.removeAll();
    }

    public IdentityProviderModel getById(String str) {
        if (str == null) {
            return null;
        }
        CachedIdentityProvider cachedIdentityProvider = (CachedIdentityProvider) this.realmCache.getCache().get(str, CachedIdentityProvider.class);
        String id = getRealm().getId();
        if (cachedIdentityProvider != null && !cachedIdentityProvider.getRealm().equals(id)) {
            cachedIdentityProvider = null;
        }
        if (cachedIdentityProvider == null) {
            Long currentRevision = this.realmCache.getCache().getCurrentRevision(str);
            IdentityProviderModel byId = this.idpDelegate.getById(str);
            if (byId == null) {
                return null;
            }
            if (isInvalid(str)) {
                return createOrganizationAwareIdentityProviderModel(byId);
            }
            cachedIdentityProvider = new CachedIdentityProvider(currentRevision, getRealm(), str, byId);
            this.realmCache.getCache().addRevisioned(cachedIdentityProvider, this.realmCache.getStartupRevision());
        } else if (isInvalid(str)) {
            return createOrganizationAwareIdentityProviderModel(this.idpDelegate.getById(str));
        }
        return createOrganizationAwareIdentityProviderModel(cachedIdentityProvider.getIdentityProvider());
    }

    public IdentityProviderModel getByAlias(String str) {
        String cacheKeyIdpAlias = cacheKeyIdpAlias(getRealm(), str);
        if (isInvalid(cacheKeyIdpAlias)) {
            return createOrganizationAwareIdentityProviderModel(this.idpDelegate.getByAlias(str));
        }
        CachedIdentityProvider cachedIdentityProvider = (CachedIdentityProvider) this.realmCache.getCache().get(cacheKeyIdpAlias, CachedIdentityProvider.class);
        if (cachedIdentityProvider == null) {
            Long currentRevision = this.realmCache.getCache().getCurrentRevision(cacheKeyIdpAlias);
            IdentityProviderModel byAlias = this.idpDelegate.getByAlias(str);
            if (byAlias == null) {
                return null;
            }
            cachedIdentityProvider = new CachedIdentityProvider(currentRevision, getRealm(), cacheKeyIdpAlias, byAlias);
            this.realmCache.getCache().addRevisioned(cachedIdentityProvider, this.realmCache.getStartupRevision());
        }
        return createOrganizationAwareIdentityProviderModel(cachedIdentityProvider.getIdentityProvider());
    }

    public Stream<IdentityProviderModel> getByOrganization(String str, Integer num, Integer num2) {
        Set<String> iDPs;
        RealmModel realm = getRealm();
        String cacheKeyOrgId = cacheKeyOrgId(realm, str);
        if (isInvalid(cacheKeyOrgId) || isInvalid(str)) {
            return this.idpDelegate.getByOrganization(str, num, num2).map(this::createOrganizationAwareIdentityProviderModel);
        }
        RealmCacheManager cache = this.realmCache.getCache();
        IdentityProviderListQuery identityProviderListQuery = (IdentityProviderListQuery) cache.get(cacheKeyOrgId, IdentityProviderListQuery.class);
        String str2 = Optional.ofNullable(num).orElse(-1) + "." + Optional.ofNullable(num2).orElse(-1);
        if (identityProviderListQuery == null) {
            Long currentRevision = cache.getCurrentRevision(cacheKeyOrgId);
            iDPs = (Set) this.idpDelegate.getByOrganization(str, num, num2).map((v0) -> {
                return v0.getInternalId();
            }).collect(Collectors.toSet());
            cache.addRevisioned(new IdentityProviderListQuery(currentRevision, cacheKeyOrgId, realm, str2, iDPs), this.startupRevision);
        } else {
            iDPs = identityProviderListQuery.getIDPs(str2);
            if (iDPs == null) {
                cache.invalidateObject(cacheKeyOrgId);
                Long currentRevision2 = cache.getCurrentRevision(cacheKeyOrgId);
                iDPs = (Set) this.idpDelegate.getByOrganization(str, num, num2).map((v0) -> {
                    return v0.getInternalId();
                }).collect(Collectors.toSet());
                cache.addRevisioned(new IdentityProviderListQuery(currentRevision2, cacheKeyOrgId, realm, str2, iDPs, identityProviderListQuery), cache.getCurrentCounter());
            }
        }
        HashSet hashSet = new HashSet();
        Iterator<String> it = iDPs.iterator();
        while (it.hasNext()) {
            IdentityProviderModel byId = this.session.identityProviders().getById(it.next());
            if (byId == null) {
                this.realmCache.registerInvalidation(cacheKeyOrgId);
                return this.idpDelegate.getByOrganization(str, num, num2).map(this::createOrganizationAwareIdentityProviderModel);
            }
            hashSet.add(byId);
        }
        return hashSet.stream();
    }

    public Stream<IdentityProviderModel> getForLogin(IdentityProviderStorageProvider.FetchMode fetchMode, String str) {
        Set<String> iDPs;
        String cacheKeyForLogin = cacheKeyForLogin(getRealm(), fetchMode);
        if (isInvalid(cacheKeyForLogin)) {
            return this.idpDelegate.getForLogin(fetchMode, str).map(this::createOrganizationAwareIdentityProviderModel);
        }
        RealmCacheManager cache = this.realmCache.getCache();
        IdentityProviderListQuery identityProviderListQuery = (IdentityProviderListQuery) cache.get(cacheKeyForLogin, IdentityProviderListQuery.class);
        String str2 = str != null ? str : "";
        if (identityProviderListQuery == null) {
            Long currentRevision = cache.getCurrentRevision(cacheKeyForLogin);
            iDPs = (Set) this.idpDelegate.getForLogin(fetchMode, str).map((v0) -> {
                return v0.getInternalId();
            }).collect(Collectors.toSet());
            cache.addRevisioned(new IdentityProviderListQuery(currentRevision, cacheKeyForLogin, getRealm(), str2, iDPs), this.startupRevision);
        } else {
            iDPs = identityProviderListQuery.getIDPs(str2);
            if (iDPs == null) {
                cache.invalidateObject(cacheKeyForLogin);
                Long currentRevision2 = cache.getCurrentRevision(cacheKeyForLogin);
                iDPs = (Set) this.idpDelegate.getForLogin(fetchMode, str).map((v0) -> {
                    return v0.getInternalId();
                }).collect(Collectors.toSet());
                cache.addRevisioned(new IdentityProviderListQuery(currentRevision2, cacheKeyForLogin, getRealm(), str2, iDPs, identityProviderListQuery), cache.getCurrentCounter());
            }
        }
        HashSet hashSet = new HashSet();
        Iterator<String> it = iDPs.iterator();
        while (it.hasNext()) {
            IdentityProviderModel byId = this.session.identityProviders().getById(it.next());
            if (byId == null) {
                this.realmCache.registerInvalidation(cacheKeyForLogin);
                return this.idpDelegate.getForLogin(fetchMode, str).map(this::createOrganizationAwareIdentityProviderModel);
            }
            hashSet.add(byId);
        }
        return hashSet.stream();
    }

    public Stream<String> getByFlow(String str, String str2, Integer num, Integer num2) {
        return this.idpDelegate.getByFlow(str, str2, num, num2);
    }

    public Stream<IdentityProviderModel> getAllStream(Map<String, String> map, Integer num, Integer num2) {
        return this.idpDelegate.getAllStream(map, num, num2).map(this::createOrganizationAwareIdentityProviderModel);
    }

    public long count() {
        String cacheKeyIdpCount = cacheKeyIdpCount(getRealm());
        CachedCount cachedCount = (CachedCount) this.realmCache.getCache().get(cacheKeyIdpCount, CachedCount.class);
        if (cachedCount != null && !isInvalid(cacheKeyIdpCount)) {
            return cachedCount.getCount();
        }
        Long currentRevision = this.realmCache.getCache().getCurrentRevision(cacheKeyIdpCount);
        long count = this.idpDelegate.count();
        this.realmCache.getCache().addRevisioned(new CachedCount(currentRevision, getRealm(), cacheKeyIdpCount, count), this.realmCache.getStartupRevision());
        return count;
    }

    public void close() {
        this.idpDelegate.close();
    }

    public IdentityProviderMapperModel createMapper(IdentityProviderMapperModel identityProviderMapperModel) {
        return this.idpDelegate.createMapper(identityProviderMapperModel);
    }

    public void updateMapper(IdentityProviderMapperModel identityProviderMapperModel) {
        registerIDPMapperInvalidation(identityProviderMapperModel);
        this.idpDelegate.updateMapper(identityProviderMapperModel);
    }

    public boolean removeMapper(IdentityProviderMapperModel identityProviderMapperModel) {
        registerIDPMapperInvalidation(identityProviderMapperModel);
        return this.idpDelegate.removeMapper(identityProviderMapperModel);
    }

    public void removeAllMappers() {
        this.idpDelegate.removeAllMappers();
    }

    public IdentityProviderMapperModel getMapperById(String str) {
        CachedIdentityProviderMapper cachedIdentityProviderMapper = (CachedIdentityProviderMapper) this.realmCache.getCache().get(str, CachedIdentityProviderMapper.class);
        String id = getRealm().getId();
        if (cachedIdentityProviderMapper != null && !cachedIdentityProviderMapper.getRealm().equals(id)) {
            cachedIdentityProviderMapper = null;
        }
        if (cachedIdentityProviderMapper == null) {
            Long currentRevision = this.realmCache.getCache().getCurrentRevision(str);
            IdentityProviderMapperModel mapperById = this.idpDelegate.getMapperById(str);
            if (mapperById == null) {
                return null;
            }
            if (isInvalid(str)) {
                return mapperById;
            }
            cachedIdentityProviderMapper = new CachedIdentityProviderMapper(currentRevision, getRealm(), str, mapperById);
            this.realmCache.getCache().addRevisioned(cachedIdentityProviderMapper, this.realmCache.getStartupRevision());
        } else if (isInvalid(str)) {
            return this.idpDelegate.getMapperById(str);
        }
        return cachedIdentityProviderMapper.getIdentityProviderMapper();
    }

    public IdentityProviderMapperModel getMapperByName(String str, String str2) {
        String cacheKeyIdpMapperAliasName = cacheKeyIdpMapperAliasName(getRealm(), str, str2);
        if (isInvalid(cacheKeyIdpMapperAliasName)) {
            return this.idpDelegate.getMapperByName(str, str2);
        }
        CachedIdentityProviderMapper cachedIdentityProviderMapper = (CachedIdentityProviderMapper) this.realmCache.getCache().get(cacheKeyIdpMapperAliasName, CachedIdentityProviderMapper.class);
        if (cachedIdentityProviderMapper == null) {
            Long currentRevision = this.realmCache.getCache().getCurrentRevision(cacheKeyIdpMapperAliasName);
            IdentityProviderMapperModel mapperByName = this.idpDelegate.getMapperByName(str, str2);
            if (mapperByName == null) {
                return null;
            }
            cachedIdentityProviderMapper = new CachedIdentityProviderMapper(currentRevision, getRealm(), cacheKeyIdpMapperAliasName, mapperByName);
            this.realmCache.getCache().addRevisioned(cachedIdentityProviderMapper, this.realmCache.getStartupRevision());
        }
        return cachedIdentityProviderMapper.getIdentityProviderMapper();
    }

    public Stream<IdentityProviderMapperModel> getMappersStream(Map<String, String> map, Integer num, Integer num2) {
        return this.idpDelegate.getMappersStream(map, num, num2);
    }

    public Stream<IdentityProviderMapperModel> getMappersByAliasStream(String str) {
        return this.idpDelegate.getMappersByAliasStream(str);
    }

    private void registerIDPInvalidation(IdentityProviderModel identityProviderModel) {
        this.realmCache.registerInvalidation(identityProviderModel.getInternalId());
        this.realmCache.registerInvalidation(cacheKeyIdpAlias(getRealm(), identityProviderModel.getAlias()));
    }

    private void registerCountInvalidation() {
        this.realmCache.registerInvalidation(cacheKeyIdpCount(getRealm()));
    }

    private void registerIDPMapperInvalidation(IdentityProviderMapperModel identityProviderMapperModel) {
        if (identityProviderMapperModel.getId() == null) {
            throw new ModelException("Identity Provider Mapper does not exist");
        }
        this.realmCache.registerInvalidation(identityProviderMapperModel.getId());
        this.realmCache.registerInvalidation(cacheKeyIdpMapperAliasName(getRealm(), identityProviderMapperModel.getIdentityProviderAlias(), identityProviderMapperModel.getName()));
    }

    private void registerIDPLoginInvalidation(IdentityProviderModel identityProviderModel) {
        if (IdentityProviderStorageProvider.LoginFilter.getLoginPredicate().test(identityProviderModel)) {
            for (IdentityProviderStorageProvider.FetchMode fetchMode : IdentityProviderStorageProvider.FetchMode.values()) {
                this.realmCache.registerInvalidation(cacheKeyForLogin(getRealm(), fetchMode));
            }
        }
    }

    private void registerIDPLoginInvalidationOnUpdate(IdentityProviderModel identityProviderModel, IdentityProviderModel identityProviderModel2) {
        if (IdentityProviderStorageProvider.LoginFilter.getLoginPredicate().test(identityProviderModel) || IdentityProviderStorageProvider.LoginFilter.getLoginPredicate().test(identityProviderModel2)) {
            if (IdentityProviderStorageProvider.LoginFilter.getLoginPredicate().test(identityProviderModel) && IdentityProviderStorageProvider.LoginFilter.getLoginPredicate().test(identityProviderModel2) && Objects.equals(identityProviderModel.getOrganizationId(), identityProviderModel2.getOrganizationId())) {
                return;
            }
            for (IdentityProviderStorageProvider.FetchMode fetchMode : IdentityProviderStorageProvider.FetchMode.values()) {
                this.realmCache.registerInvalidation(cacheKeyForLogin(getRealm(), fetchMode));
            }
        }
    }

    private RealmModel getRealm() {
        RealmModel realm = this.session.getContext().getRealm();
        if (realm == null) {
            throw new IllegalArgumentException("Session not bound to a realm");
        }
        return realm;
    }

    private boolean isInvalid(String str) {
        return this.realmCache.isInvalid(str);
    }

    private IdentityProviderModel createOrganizationAwareIdentityProviderModel(IdentityProviderModel identityProviderModel) {
        return !Profile.isFeatureEnabled(Profile.Feature.ORGANIZATION) ? identityProviderModel : new IdentityProviderModel(identityProviderModel) { // from class: org.keycloak.models.cache.infinispan.idp.InfinispanIdentityProviderStorageProvider.1
            public boolean isEnabled() {
                if (getOrganizationId() == null) {
                    return super.isEnabled();
                }
                OrganizationProvider provider = InfinispanIdentityProviderStorageProvider.this.session.getProvider(OrganizationProvider.class);
                OrganizationModel byId = provider == null ? null : provider.getById(getOrganizationId());
                return byId != null && provider.isEnabled() && byId.isEnabled() && super.isEnabled();
            }
        };
    }
}
