package org.keycloak.exportimport.util;

import com.fasterxml.jackson.core.JsonEncoding;
import com.fasterxml.jackson.core.JsonGenerator;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.SerializationFeature;
import java.io.IOException;
import java.io.OutputStream;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Set;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import org.keycloak.common.Profile;
import org.keycloak.common.Version;
import org.keycloak.common.util.MultivaluedHashMap;
import org.keycloak.credential.CredentialModel;
import org.keycloak.exportimport.ExportOptions;
import org.keycloak.models.ClientModel;
import org.keycloak.models.FederatedIdentityModel;
import org.keycloak.models.GroupModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.models.RoleModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.utils.ModelToRepresentation;
import org.keycloak.organization.OrganizationProvider;
import org.keycloak.representations.idm.ClientRepresentation;
import org.keycloak.representations.idm.ComponentExportRepresentation;
import org.keycloak.representations.idm.CredentialRepresentation;
import org.keycloak.representations.idm.FederatedIdentityRepresentation;
import org.keycloak.representations.idm.IdentityProviderRepresentation;
import org.keycloak.representations.idm.MemberRepresentation;
import org.keycloak.representations.idm.MembershipType;
import org.keycloak.representations.idm.OrganizationRepresentation;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.representations.idm.RoleRepresentation;
import org.keycloak.representations.idm.RolesRepresentation;
import org.keycloak.representations.idm.ScopeMappingRepresentation;
import org.keycloak.representations.idm.UserRepresentation;
import org.keycloak.storage.federated.UserFederatedStorageProvider;

/* loaded from: input_file:org/keycloak/exportimport/util/ExportUtils.class */
public class ExportUtils {
    public static RealmRepresentation exportRealm(KeycloakSession keycloakSession, RealmModel realmModel, boolean z, boolean z2) {
        return exportRealm(keycloakSession, realmModel, new ExportOptions(z, true, true, false, false), z2);
    }

    public static RealmRepresentation exportRealm(KeycloakSession keycloakSession, RealmModel realmModel, ExportOptions exportOptions, boolean z) {
        UserModel serviceAccount;
        RealmRepresentation representation = ModelToRepresentation.toRepresentation(keycloakSession, realmModel, z, true);
        ModelToRepresentation.exportAuthenticationFlows(keycloakSession, realmModel, representation);
        ModelToRepresentation.exportRequiredActions(realmModel, representation);
        representation.setKeycloakVersion(Version.VERSION);
        representation.setClientScopes((List) realmModel.getClientScopesStream().map(ModelToRepresentation::toRepresentation).collect(Collectors.toList()));
        representation.setDefaultDefaultClientScopes((List) realmModel.getDefaultClientScopesStream(true).map((v0) -> {
            return v0.getName();
        }).collect(Collectors.toList()));
        representation.setDefaultOptionalClientScopes((List) realmModel.getDefaultClientScopesStream(false).map((v0) -> {
            return v0.getName();
        }).collect(Collectors.toList()));
        LinkedList<ClientModel> linkedList = new LinkedList();
        if (exportOptions.isClientsIncluded()) {
            representation.setClients((List) ModelToRepresentation.filterValidRepresentations(realmModel.getClientsStream(), clientModel -> {
                ClientRepresentation exportClient = exportClient(keycloakSession, clientModel);
                linkedList.add(clientModel);
                return exportClient;
            }).collect(Collectors.toList()));
        }
        if (exportOptions.isGroupsAndRolesIncluded()) {
            ModelToRepresentation.exportGroups(keycloakSession, realmModel, representation);
            HashMap hashMap = new HashMap();
            List<RoleRepresentation> exportRoles = exportRoles(realmModel.getRolesStream());
            RolesRepresentation rolesRepresentation = new RolesRepresentation();
            if (!exportRoles.isEmpty()) {
                rolesRepresentation.setRealm(exportRoles);
            }
            if (exportOptions.isClientsIncluded()) {
                for (ClientModel clientModel2 : linkedList) {
                    hashMap.put(clientModel2.getClientId(), exportRoles(clientModel2.getRolesStream()));
                }
                if (!hashMap.isEmpty()) {
                    rolesRepresentation.setClient(hashMap);
                }
            }
            representation.setRoles(rolesRepresentation);
        }
        HashMap hashMap2 = new HashMap();
        if (exportOptions.isClientsIncluded()) {
            for (ClientModel clientModel3 : new ArrayList(linkedList)) {
                ScopeMappingRepresentation scopeMappingRepresentation = null;
                for (RoleModel roleModel : (Set) clientModel3.getScopeMappingsStream().collect(Collectors.toSet())) {
                    if (roleModel.getContainer() instanceof RealmModel) {
                        if (scopeMappingRepresentation == null) {
                            scopeMappingRepresentation = representation.clientScopeMapping(clientModel3.getClientId());
                        }
                        scopeMappingRepresentation.role(roleModel.getName());
                    } else {
                        List list = (List) hashMap2.computeIfAbsent(roleModel.getContainer().getClientId(), str -> {
                            return new ArrayList();
                        });
                        ScopeMappingRepresentation scopeMappingRepresentation2 = null;
                        Iterator it = list.iterator();
                        while (true) {
                            if (!it.hasNext()) {
                                break;
                            }
                            ScopeMappingRepresentation scopeMappingRepresentation3 = (ScopeMappingRepresentation) it.next();
                            if (clientModel3.getClientId().equals(scopeMappingRepresentation3.getClient())) {
                                scopeMappingRepresentation2 = scopeMappingRepresentation3;
                                break;
                            }
                        }
                        if (scopeMappingRepresentation2 == null) {
                            scopeMappingRepresentation2 = new ScopeMappingRepresentation();
                            scopeMappingRepresentation2.setClient(clientModel3.getClientId());
                            list.add(scopeMappingRepresentation2);
                        }
                        scopeMappingRepresentation2.role(roleModel.getName());
                    }
                }
            }
        }
        realmModel.getClientScopesStream().forEach(clientScopeModel -> {
            ScopeMappingRepresentation scopeMappingRepresentation4 = null;
            for (RoleModel roleModel2 : (Set) clientScopeModel.getScopeMappingsStream().collect(Collectors.toSet())) {
                if (roleModel2.getContainer() instanceof RealmModel) {
                    if (scopeMappingRepresentation4 == null) {
                        scopeMappingRepresentation4 = representation.clientScopeScopeMapping(clientScopeModel.getName());
                    }
                    scopeMappingRepresentation4.role(roleModel2.getName());
                } else {
                    List list2 = (List) hashMap2.computeIfAbsent(roleModel2.getContainer().getClientId(), str2 -> {
                        return new ArrayList();
                    });
                    ScopeMappingRepresentation scopeMappingRepresentation5 = null;
                    Iterator it2 = list2.iterator();
                    while (true) {
                        if (!it2.hasNext()) {
                            break;
                        }
                        ScopeMappingRepresentation scopeMappingRepresentation6 = (ScopeMappingRepresentation) it2.next();
                        if (clientScopeModel.getName().equals(scopeMappingRepresentation6.getClientScope())) {
                            scopeMappingRepresentation5 = scopeMappingRepresentation6;
                            break;
                        }
                    }
                    if (scopeMappingRepresentation5 == null) {
                        scopeMappingRepresentation5 = new ScopeMappingRepresentation();
                        scopeMappingRepresentation5.setClientScope(clientScopeModel.getName());
                        list2.add(scopeMappingRepresentation5);
                    }
                    scopeMappingRepresentation5.role(roleModel2.getName());
                }
            }
        });
        if (!hashMap2.isEmpty()) {
            representation.setClientScopeMappings(hashMap2);
        }
        if (exportOptions.isUsersIncluded()) {
            List list2 = (List) keycloakSession.users().searchForUserStream(realmModel, Collections.emptyMap()).map(userModel -> {
                return exportUser(keycloakSession, realmModel, userModel, exportOptions, z);
            }).collect(Collectors.toList());
            if (!list2.isEmpty()) {
                representation.setUsers(list2);
            }
            if (userFederatedStorage(keycloakSession) != null) {
                List list3 = (List) userFederatedStorage(keycloakSession).getStoredUsersStream(realmModel, 0, -1).map(str2 -> {
                    return exportFederatedUser(keycloakSession, realmModel, str2, exportOptions);
                }).collect(Collectors.toList());
                if (!list3.isEmpty()) {
                    representation.setFederatedUsers(list3);
                }
            }
        } else if (exportOptions.isClientsIncluded() && exportOptions.isOnlyServiceAccountsIncluded()) {
            LinkedList linkedList2 = new LinkedList();
            for (ClientModel clientModel4 : linkedList) {
                if (clientModel4.isServiceAccountsEnabled() && !clientModel4.isPublicClient() && !clientModel4.isBearerOnly() && (serviceAccount = keycloakSession.users().getServiceAccount(clientModel4)) != null) {
                    linkedList2.add(exportUser(keycloakSession, realmModel, serviceAccount, exportOptions, z));
                }
            }
            if (!linkedList2.isEmpty()) {
                representation.setUsers(linkedList2);
            }
        }
        representation.setComponents(exportComponents(realmModel, realmModel.getId()));
        representation.setLocalizationTexts(realmModel.getRealmLocalizationTexts());
        if (Profile.isFeatureEnabled(Profile.Feature.ORGANIZATION) && !exportOptions.isPartial()) {
            OrganizationProvider provider = keycloakSession.getProvider(OrganizationProvider.class);
            Stream map = provider.getAllStream().map(organizationModel -> {
                OrganizationRepresentation representation2 = ModelToRepresentation.toRepresentation(organizationModel);
                provider.getMembersStream(organizationModel, (Map) null, (Boolean) null, (Integer) null, (Integer) null).forEach(userModel2 -> {
                    MemberRepresentation memberRepresentation = new MemberRepresentation();
                    memberRepresentation.setUsername(userModel2.getUsername());
                    memberRepresentation.setMembershipType(provider.isManagedMember(organizationModel, userModel2) ? MembershipType.MANAGED : MembershipType.UNMANAGED);
                    representation2.addMember(memberRepresentation);
                });
                Stream map2 = provider.getIdentityProviders(organizationModel).map(identityProviderModel -> {
                    IdentityProviderRepresentation identityProviderRepresentation = new IdentityProviderRepresentation();
                    identityProviderRepresentation.setAlias(identityProviderModel.getAlias());
                    return identityProviderRepresentation;
                });
                Objects.requireNonNull(representation2);
                map2.forEach(representation2::addIdentityProvider);
                return representation2;
            });
            Objects.requireNonNull(representation);
            map.forEach(representation::addOrganization);
        }
        return representation;
    }

    public static MultivaluedHashMap<String, ComponentExportRepresentation> exportComponents(RealmModel realmModel, String str) {
        MultivaluedHashMap<String, ComponentExportRepresentation> multivaluedHashMap = new MultivaluedHashMap<>();
        realmModel.getComponentsStream(str).forEach(componentModel -> {
            ComponentExportRepresentation componentExportRepresentation = new ComponentExportRepresentation();
            componentExportRepresentation.setId(componentModel.getId());
            componentExportRepresentation.setProviderId(componentModel.getProviderId());
            componentExportRepresentation.setConfig(componentModel.getConfig());
            componentExportRepresentation.setName(componentModel.getName());
            componentExportRepresentation.setSubType(componentModel.getSubType());
            componentExportRepresentation.setSubComponents(exportComponents(realmModel, componentModel.getId()));
            multivaluedHashMap.add(componentModel.getProviderType(), componentExportRepresentation);
        });
        return multivaluedHashMap;
    }

    public static ClientRepresentation exportClient(KeycloakSession keycloakSession, ClientModel clientModel) {
        ClientRepresentation representation = ModelToRepresentation.toRepresentation(clientModel, keycloakSession);
        representation.setSecret(clientModel.getSecret());
        if (Profile.isFeatureEnabled(Profile.Feature.AUTHORIZATION)) {
            representation.setAuthorizationSettings(ModelToRepresentation.toResourceServerRepresentation(keycloakSession, clientModel));
        }
        return representation;
    }

    public static List<RoleRepresentation> exportRoles(Stream<RoleModel> stream) {
        return (List) stream.map(ExportUtils::exportRole).collect(Collectors.toList());
    }

    public static RoleRepresentation exportRole(RoleModel roleModel) {
        RoleRepresentation representation = ModelToRepresentation.toRepresentation(roleModel);
        Set<RoleModel> set = (Set) roleModel.getCompositesStream().collect(Collectors.toSet());
        if (set != null && set.size() > 0) {
            HashSet hashSet = null;
            HashMap hashMap = null;
            for (RoleModel roleModel2 : set) {
                ClientModel container = roleModel2.getContainer();
                if (container instanceof RealmModel) {
                    if (hashSet == null) {
                        hashSet = new HashSet();
                    }
                    hashSet.add(roleModel2.getName());
                } else {
                    if (hashMap == null) {
                        hashMap = new HashMap();
                    }
                    String clientId = container.getClientId();
                    List list = (List) hashMap.get(clientId);
                    if (list == null) {
                        list = new ArrayList();
                        hashMap.put(clientId, list);
                    }
                    list.add(roleModel2.getName());
                }
            }
            RoleRepresentation.Composites composites = new RoleRepresentation.Composites();
            if (hashSet != null) {
                composites.setRealm(hashSet);
            }
            if (hashMap != null) {
                composites.setClient(hashMap);
            }
            representation.setComposites(composites);
        }
        return representation;
    }

    public static UserRepresentation exportUser(KeycloakSession keycloakSession, RealmModel realmModel, UserModel userModel, ExportOptions exportOptions, boolean z) {
        ClientModel clientById;
        UserRepresentation representation = ModelToRepresentation.toRepresentation(keycloakSession, realmModel, userModel);
        List list = (List) keycloakSession.users().getFederatedIdentitiesStream(realmModel, userModel).map(ExportUtils::exportSocialLink).collect(Collectors.toList());
        if (list.size() > 0) {
            representation.setFederatedIdentities(list);
        }
        if (exportOptions.isGroupsAndRolesIncluded()) {
            Set<RoleModel> set = (Set) userModel.getRoleMappingsStream().collect(Collectors.toSet());
            ArrayList arrayList = new ArrayList();
            HashMap hashMap = new HashMap();
            for (RoleModel roleModel : set) {
                if (roleModel.getContainer() instanceof RealmModel) {
                    arrayList.add(roleModel.getName());
                } else {
                    String clientId = roleModel.getContainer().getClientId();
                    List list2 = (List) hashMap.get(clientId);
                    if (list2 == null) {
                        list2 = new ArrayList();
                        hashMap.put(clientId, list2);
                    }
                    list2.add(roleModel.getName());
                }
            }
            if (arrayList.size() > 0) {
                representation.setRealmRoles(arrayList);
            }
            if (hashMap.size() > 0) {
                representation.setClientRoles(hashMap);
            }
        }
        if (z) {
            representation.setCredentials((List) userModel.credentialManager().getStoredCredentialsStream().map(ExportUtils::exportCredential).collect(Collectors.toList()));
        }
        representation.setFederationLink(userModel.getFederationLink());
        List list3 = (List) keycloakSession.users().getConsentsStream(realmModel, userModel.getId()).map(ModelToRepresentation::toRepresentation).collect(Collectors.toList());
        if (list3.size() > 0) {
            representation.setClientConsents(list3);
        }
        representation.setNotBefore(Integer.valueOf(keycloakSession.users().getNotBeforeOfUser(realmModel, userModel)));
        if (userModel.getServiceAccountClientLink() != null && (clientById = realmModel.getClientById(userModel.getServiceAccountClientLink())) != null) {
            representation.setServiceAccountClientId(clientById.getClientId());
        }
        if (exportOptions.isGroupsAndRolesIncluded()) {
            representation.setGroups((List) userModel.getGroupsStream().filter(groupModel -> {
                return GroupModel.Type.REALM.equals(groupModel.getType());
            }).map(ModelToRepresentation::buildGroupPath).collect(Collectors.toList()));
        }
        return representation;
    }

    public static FederatedIdentityRepresentation exportSocialLink(FederatedIdentityModel federatedIdentityModel) {
        FederatedIdentityRepresentation federatedIdentityRepresentation = new FederatedIdentityRepresentation();
        federatedIdentityRepresentation.setIdentityProvider(federatedIdentityModel.getIdentityProvider());
        federatedIdentityRepresentation.setUserId(federatedIdentityModel.getUserId());
        federatedIdentityRepresentation.setUserName(federatedIdentityModel.getUserName());
        return federatedIdentityRepresentation;
    }

    public static CredentialRepresentation exportCredential(CredentialModel credentialModel) {
        return ModelToRepresentation.toRepresentation(credentialModel);
    }

    public static void exportUsersToStream(KeycloakSession keycloakSession, RealmModel realmModel, List<UserModel> list, ObjectMapper objectMapper, OutputStream outputStream) throws IOException {
        exportUsersToStream(keycloakSession, realmModel, list, objectMapper, outputStream, new ExportOptions());
    }

    public static void exportUsersToStream(KeycloakSession keycloakSession, RealmModel realmModel, List<UserModel> list, ObjectMapper objectMapper, OutputStream outputStream, ExportOptions exportOptions) throws IOException {
        JsonGenerator createGenerator = objectMapper.getFactory().createGenerator(outputStream, JsonEncoding.UTF8);
        try {
            if (objectMapper.isEnabled(SerializationFeature.INDENT_OUTPUT)) {
                createGenerator.useDefaultPrettyPrinter();
            }
            createGenerator.writeStartObject();
            createGenerator.writeStringField("realm", realmModel.getName());
            createGenerator.writeFieldName("users");
            createGenerator.writeStartArray();
            Iterator<UserModel> it = list.iterator();
            while (it.hasNext()) {
                createGenerator.writeObject(exportUser(keycloakSession, realmModel, it.next(), exportOptions, true));
            }
            createGenerator.writeEndArray();
            createGenerator.writeEndObject();
            createGenerator.close();
        } catch (Throwable th) {
            createGenerator.close();
            throw th;
        }
    }

    public static void exportFederatedUsersToStream(KeycloakSession keycloakSession, RealmModel realmModel, List<String> list, ObjectMapper objectMapper, OutputStream outputStream) throws IOException {
        exportFederatedUsersToStream(keycloakSession, realmModel, list, objectMapper, outputStream, new ExportOptions());
    }

    public static void exportFederatedUsersToStream(KeycloakSession keycloakSession, RealmModel realmModel, List<String> list, ObjectMapper objectMapper, OutputStream outputStream, ExportOptions exportOptions) throws IOException {
        JsonGenerator createGenerator = objectMapper.getFactory().createGenerator(outputStream, JsonEncoding.UTF8);
        try {
            if (objectMapper.isEnabled(SerializationFeature.INDENT_OUTPUT)) {
                createGenerator.useDefaultPrettyPrinter();
            }
            createGenerator.writeStartObject();
            createGenerator.writeStringField("realm", realmModel.getName());
            createGenerator.writeFieldName("federatedUsers");
            createGenerator.writeStartArray();
            Iterator<String> it = list.iterator();
            while (it.hasNext()) {
                createGenerator.writeObject(exportFederatedUser(keycloakSession, realmModel, it.next(), exportOptions));
            }
            createGenerator.writeEndArray();
            createGenerator.writeEndObject();
            createGenerator.close();
        } catch (Throwable th) {
            createGenerator.close();
            throw th;
        }
    }

    public static UserRepresentation exportFederatedUser(KeycloakSession keycloakSession, RealmModel realmModel, String str, ExportOptions exportOptions) {
        UserRepresentation userRepresentation = new UserRepresentation();
        userRepresentation.setId(str);
        MultivaluedHashMap attributes = userFederatedStorage(keycloakSession).getAttributes(realmModel, str);
        if (attributes.size() > 0) {
            HashMap hashMap = new HashMap();
            hashMap.putAll(attributes);
            userRepresentation.setAttributes(hashMap);
        }
        List list = (List) userFederatedStorage(keycloakSession).getRequiredActionsStream(realmModel, str).collect(Collectors.toList());
        if (list.size() > 0) {
            userRepresentation.setRequiredActions(list);
        }
        List list2 = (List) userFederatedStorage(keycloakSession).getFederatedIdentitiesStream(str, realmModel).map(ExportUtils::exportSocialLink).collect(Collectors.toList());
        if (list2.size() > 0) {
            userRepresentation.setFederatedIdentities(list2);
        }
        if (exportOptions.isGroupsAndRolesIncluded()) {
            Set<RoleModel> set = (Set) userFederatedStorage(keycloakSession).getRoleMappingsStream(realmModel, str).collect(Collectors.toSet());
            ArrayList arrayList = new ArrayList();
            HashMap hashMap2 = new HashMap();
            for (RoleModel roleModel : set) {
                if (roleModel.getContainer() instanceof RealmModel) {
                    arrayList.add(roleModel.getName());
                } else {
                    String clientId = roleModel.getContainer().getClientId();
                    List list3 = (List) hashMap2.get(clientId);
                    if (list3 == null) {
                        list3 = new ArrayList();
                        hashMap2.put(clientId, list3);
                    }
                    list3.add(roleModel.getName());
                }
            }
            if (arrayList.size() > 0) {
                userRepresentation.setRealmRoles(arrayList);
            }
            if (hashMap2.size() > 0) {
                userRepresentation.setClientRoles(hashMap2);
            }
        }
        userRepresentation.setCredentials((List) userFederatedStorage(keycloakSession).getStoredCredentialsStream(realmModel, str).map(ExportUtils::exportCredential).collect(Collectors.toList()));
        List list4 = (List) keycloakSession.users().getConsentsStream(realmModel, str).map(ModelToRepresentation::toRepresentation).collect(Collectors.toList());
        if (list4.size() > 0) {
            userRepresentation.setClientConsents(list4);
        }
        userRepresentation.setNotBefore(Integer.valueOf(userFederatedStorage(keycloakSession).getNotBeforeOfUser(realmModel, userRepresentation.getId())));
        if (exportOptions.isGroupsAndRolesIncluded()) {
            userRepresentation.setGroups((List) userFederatedStorage(keycloakSession).getGroupsStream(realmModel, str).map(ModelToRepresentation::buildGroupPath).collect(Collectors.toList()));
        }
        return userRepresentation;
    }

    private static UserFederatedStorageProvider userFederatedStorage(KeycloakSession keycloakSession) {
        return keycloakSession.getProvider(UserFederatedStorageProvider.class);
    }
}
