package org.keycloak.userprofile;

import java.util.AbstractMap;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Optional;
import java.util.Set;
import java.util.function.Consumer;
import java.util.function.Function;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import org.jboss.logging.Logger;
import org.keycloak.common.util.CollectionUtil;
import org.keycloak.events.Details;
import org.keycloak.models.Constants;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.utils.KeycloakModelUtils;
import org.keycloak.representations.userprofile.config.UPConfig;
import org.keycloak.storage.StorageId;
import org.keycloak.utils.StringUtil;
import org.keycloak.validate.ValidationContext;
import org.keycloak.validate.ValidationError;
import org.keycloak.validate.ValidatorConfig;

/* loaded from: input_file:org/keycloak/userprofile/DefaultAttributes.class */
public class DefaultAttributes extends HashMap<String, List<String>> implements Attributes {
    private static final Logger logger = Logger.getLogger(DefaultAttributes.class);
    public static final String READ_ONLY_ATTRIBUTE_KEY = "kc.read.only";
    public static final String DEFAULT_MAX_LENGTH_ATTRIBUTES = "2048";
    protected final UserProfileContext context;
    protected final KeycloakSession session;
    private final Map<String, AttributeMetadata> metadataByAttribute;
    private final UPConfig upConfig;
    protected final UserModel user;
    private final Map<String, List<String>> unmanagedAttributes = new HashMap();

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: org.keycloak.userprofile.DefaultAttributes$3, reason: invalid class name */
    /* loaded from: input_file:org/keycloak/userprofile/DefaultAttributes$3.class */
    public static /* synthetic */ class AnonymousClass3 {
        static final /* synthetic */ int[] $SwitchMap$org$keycloak$representations$userprofile$config$UPConfig$UnmanagedAttributePolicy = new int[UPConfig.UnmanagedAttributePolicy.values().length];

        static {
            try {
                $SwitchMap$org$keycloak$representations$userprofile$config$UPConfig$UnmanagedAttributePolicy[UPConfig.UnmanagedAttributePolicy.ENABLED.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$org$keycloak$representations$userprofile$config$UPConfig$UnmanagedAttributePolicy[UPConfig.UnmanagedAttributePolicy.ADMIN_EDIT.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$org$keycloak$representations$userprofile$config$UPConfig$UnmanagedAttributePolicy[UPConfig.UnmanagedAttributePolicy.ADMIN_VIEW.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
        }
    }

    public DefaultAttributes(UserProfileContext userProfileContext, Map<String, ?> map, UserModel userModel, UserProfileMetadata userProfileMetadata, KeycloakSession keycloakSession) {
        this.context = userProfileContext;
        this.user = userModel;
        this.session = keycloakSession;
        this.metadataByAttribute = configureMetadata(userProfileMetadata.getAttributes(), userProfileMetadata);
        this.upConfig = ((UserProfileProvider) keycloakSession.getProvider(UserProfileProvider.class)).getConfiguration();
        putAll(Collections.unmodifiableMap(normalizeAttributes(map)));
    }

    public boolean isReadOnly(String str) {
        if (isReadableOrWritableDuringRegistration(str)) {
            return false;
        }
        if (isReadOnlyFromMetadata(str) || isReadOnlyInternalAttribute(str)) {
            return true;
        }
        return !isManagedAttribute(str) ? !isAllowEditUnmanagedAttribute() : getMetadata(str) == null;
    }

    private boolean isReadableOrWritableDuringRegistration(String str) {
        if (this.context.equals(UserProfileContext.REGISTRATION) && isRequired(str)) {
            return "email".equals(str) || Details.USERNAME.equals(str);
        }
        return false;
    }

    private boolean isAllowEditUnmanagedAttribute() {
        UPConfig.UnmanagedAttributePolicy unmanagedAttributePolicy = this.upConfig.getUnmanagedAttributePolicy();
        if (!isAllowUnmanagedAttribute()) {
            return false;
        }
        switch (AnonymousClass3.$SwitchMap$org$keycloak$representations$userprofile$config$UPConfig$UnmanagedAttributePolicy[unmanagedAttributePolicy.ordinal()]) {
            case 1:
                return true;
            case 2:
                return this.context.isAdminContext();
            default:
                return false;
        }
    }

    protected boolean isReadOnlyFromMetadata(String str) {
        AttributeMetadata attributeMetadata = this.metadataByAttribute.get(str);
        if (attributeMetadata == null) {
            return false;
        }
        return attributeMetadata.isReadOnly(createAttributeContext(attributeMetadata));
    }

    public boolean isRequired(String str) {
        AttributeMetadata attributeMetadata = this.metadataByAttribute.get(str);
        if (attributeMetadata == null) {
            return false;
        }
        return attributeMetadata.isRequired(createAttributeContext(attributeMetadata));
    }

    public boolean validate(String str, Consumer<ValidationError>... consumerArr) {
        AbstractMap.SimpleImmutableEntry<String, List<String>> createAttribute = createAttribute(str);
        ArrayList arrayList = new ArrayList();
        arrayList.addAll((Collection) Optional.ofNullable(this.metadataByAttribute.get(createAttribute.getKey())).map((v0) -> {
            return Collections.singletonList(v0);
        }).orElse(Collections.emptyList()));
        arrayList.addAll((Collection) Optional.ofNullable(this.metadataByAttribute.get(READ_ONLY_ATTRIBUTE_KEY)).map((v0) -> {
            return Collections.singletonList(v0);
        }).orElse(Collections.emptyList()));
        addDefaultValidators(str, arrayList);
        Boolean bool = null;
        for (AttributeMetadata attributeMetadata : arrayList) {
            AttributeContext createAttributeContext = createAttributeContext(createAttribute, attributeMetadata);
            Iterator it = attributeMetadata.getValidators().iterator();
            while (it.hasNext()) {
                ValidationContext validate = ((AttributeValidatorMetadata) it.next()).validate(createAttributeContext);
                if (!validate.isValid()) {
                    if (this.user != null && attributeMetadata.isReadOnly(createAttributeContext) && CollectionUtil.collectionEquals((List) this.user.getAttributeStream(str).filter(StringUtil::isNotBlank).collect(Collectors.toList()), (List) createAttribute.getValue().stream().filter(StringUtil::isNotBlank).collect(Collectors.toList()))) {
                        logger.debugf("User '%s' attribute '%s' has previous validation errors %s but is read-only in context %s.", new Object[]{this.user.getUsername(), str, validate.getErrors(), createAttributeContext.getContext()});
                    } else {
                        if (bool == null) {
                            bool = false;
                        }
                        if (consumerArr != null) {
                            for (ValidationError validationError : validate.getErrors()) {
                                for (Consumer<ValidationError> consumer : consumerArr) {
                                    consumer.accept(validationError);
                                }
                            }
                        }
                    }
                }
            }
        }
        return bool == null;
    }

    protected void addDefaultValidators(String str, List<AttributeMetadata> list) {
        addLengthValidatorIfNotSet(str, list);
    }

    private void addLengthValidatorIfNotSet(String str, List<AttributeMetadata> list) {
        Iterator<AttributeMetadata> it = list.iterator();
        while (it.hasNext()) {
            Iterator it2 = it.next().getValidators().iterator();
            while (it2.hasNext()) {
                if (((AttributeValidatorMetadata) it2.next()).getValidatorId().equals("length")) {
                    return;
                }
            }
        }
        AttributeMetadata attributeMetadata = new AttributeMetadata(str, -1);
        HashMap hashMap = new HashMap();
        hashMap.put("min", "0");
        hashMap.put("max", DEFAULT_MAX_LENGTH_ATTRIBUTES);
        attributeMetadata.addValidators(Collections.singletonList(new AttributeValidatorMetadata("length", new ValidatorConfig(hashMap))));
        list.add(attributeMetadata);
    }

    public List<String> get(String str) {
        return getOrDefault(str, EMPTY_VALUE);
    }

    public boolean contains(String str) {
        return containsKey(str);
    }

    public Set<String> nameSet() {
        return keySet();
    }

    public Map<String, List<String>> getWritable() {
        HashMap hashMap = new HashMap(this);
        for (String str : nameSet()) {
            AttributeMetadata metadata = getMetadata(str);
            RealmModel realm = this.session.getContext().getRealm();
            if (!Details.USERNAME.equals(str) || !realm.isRegistrationEmailAsUsername()) {
                if (isManagedAttribute(str) && (metadata == null || !metadata.canEdit(createAttributeContext(metadata)))) {
                    hashMap.remove(str);
                }
            }
        }
        return hashMap;
    }

    public AttributeMetadata getMetadata(String str) {
        return this.unmanagedAttributes.containsKey(str) ? createUnmanagedAttributeMetadata(str) : (AttributeMetadata) Optional.ofNullable(this.metadataByAttribute.get(str)).map((v0) -> {
            return v0.clone();
        }).orElse(null);
    }

    public Map<String, List<String>> getReadable() {
        HashMap hashMap = new HashMap(this);
        for (String str : nameSet()) {
            AttributeMetadata metadata = getMetadata(str);
            if (metadata == null) {
                hashMap.remove(str);
            } else if (!isReadableOrWritableDuringRegistration(str)) {
                AttributeContext createAttributeContext = createAttributeContext(metadata);
                if (!metadata.canView(createAttributeContext) || !metadata.isSelected(createAttributeContext)) {
                    hashMap.remove(str);
                }
            }
        }
        return hashMap;
    }

    public Map<String, List<String>> toMap() {
        return Collections.unmodifiableMap(this);
    }

    private AttributeContext createAttributeContext(Map.Entry<String, List<String>> entry, AttributeMetadata attributeMetadata) {
        return new AttributeContext(this.context, this.session, entry, this.user, attributeMetadata, this);
    }

    private AttributeContext createAttributeContext(String str, AttributeMetadata attributeMetadata) {
        return new AttributeContext(this.context, this.session, createAttribute(str), this.user, attributeMetadata, this);
    }

    protected AttributeContext createAttributeContext(AttributeMetadata attributeMetadata) {
        return createAttributeContext(createAttribute(attributeMetadata.getName()), attributeMetadata);
    }

    private Map<String, AttributeMetadata> configureMetadata(List<AttributeMetadata> list, UserProfileMetadata userProfileMetadata) {
        HashMap hashMap = new HashMap();
        for (AttributeMetadata attributeMetadata : list) {
            if (attributeMetadata.isSelected(createAttributeContext(attributeMetadata))) {
                hashMap.put(attributeMetadata.getName(), attributeMetadata);
            }
        }
        hashMap.putAll(getUserStorageProviderMetadata(userProfileMetadata));
        return hashMap;
    }

    private Map<String, AttributeMetadata> getUserStorageProviderMetadata(UserProfileMetadata userProfileMetadata) {
        if (this.user == null || (StorageId.isLocalStorage(this.user.getId()) && this.user.getFederationLink() == null)) {
            return Collections.emptyMap();
        }
        String federationLink = this.user.getFederationLink();
        UserProfileDecorator users = this.session.users();
        return users instanceof UserProfileDecorator ? (Map) users.decorateUserProfile(federationLink, userProfileMetadata).stream().collect(Collectors.toMap((v0) -> {
            return v0.getName();
        }, Function.identity())) : Collections.emptyMap();
    }

    private AbstractMap.SimpleImmutableEntry<String, List<String>> createAttribute(final String str) {
        return new AbstractMap.SimpleImmutableEntry<String, List<String>>(str, null) { // from class: org.keycloak.userprofile.DefaultAttributes.1
            @Override // java.util.AbstractMap.SimpleImmutableEntry, java.util.Map.Entry
            public List<String> getValue() {
                List<String> list = DefaultAttributes.this.get(str);
                return list == null ? Attributes.EMPTY_VALUE : list;
            }
        };
    }

    private Map<String, List<String>> normalizeAttributes(Map<String, ?> map) {
        HashMap hashMap = new HashMap();
        RealmModel realm = this.session.getContext().getRealm();
        if (map != null) {
            for (Map.Entry<String, ?> entry : map.entrySet()) {
                String key = entry.getKey();
                if (isSupportedAttribute(key)) {
                    String normalizeAttributeName = normalizeAttributeName(key);
                    hashMap.put(normalizeAttributeName, Collections.unmodifiableList(normalizeAttributeValues(normalizeAttributeName, entry.getValue())));
                } else if (!isManagedAttribute(key) && isAllowUnmanagedAttribute()) {
                    String normalizeAttributeName2 = normalizeAttributeName(key);
                    this.unmanagedAttributes.put(normalizeAttributeName2, normalizeAttributeValues(normalizeAttributeName2, entry.getValue()));
                }
            }
        }
        for (String str : this.metadataByAttribute.keySet()) {
            if (isSupportedAttribute(str) && !hashMap.containsKey(str)) {
                List<String> list = EMPTY_VALUE;
                AttributeMetadata attributeMetadata = this.metadataByAttribute.get(str);
                if (this.user != null && isIncludeAttributeIfNotProvided(attributeMetadata)) {
                    list = normalizeAttributeValues(str, this.user.getAttributes().getOrDefault(str, EMPTY_VALUE));
                }
                hashMap.put(str, list);
            }
        }
        if (this.user != null && hashMap.getOrDefault(Details.USERNAME, Collections.emptyList()).isEmpty() && isReadOnly(Details.USERNAME)) {
            setUserName(hashMap, Collections.singletonList(this.user.getUsername()));
        }
        List<String> orDefault = hashMap.getOrDefault("email", Collections.emptyList());
        if (!orDefault.isEmpty() && realm.isRegistrationEmailAsUsername()) {
            setUserName(hashMap, orDefault);
            if (this.user != null && isReadOnly("email")) {
                hashMap.put("email", Collections.singletonList(this.user.getEmail()));
                setUserName(hashMap, Collections.singletonList(this.user.getEmail()));
            }
        }
        if (isAllowUnmanagedAttribute()) {
            hashMap.putAll(this.unmanagedAttributes);
        }
        return hashMap;
    }

    private static String normalizeAttributeName(String str) {
        return str.startsWith(Constants.USER_ATTRIBUTES_PREFIX) ? str.substring(Constants.USER_ATTRIBUTES_PREFIX.length()) : str;
    }

    protected List<String> normalizeAttributeValues(String str, Object obj) {
        Stream filter = ((List) Optional.ofNullable(obj instanceof String ? Collections.singletonList((String) obj) : (List) obj).orElse(EMPTY_VALUE)).stream().filter((v0) -> {
            return Objects.nonNull(v0);
        });
        if ((Details.USERNAME.equals(str) && !isFederated()) || "email".equals(str)) {
            filter = filter.map(KeycloakModelUtils::toLowerCaseSafe);
        }
        return (List) filter.collect(Collectors.toList());
    }

    protected boolean isAllowUnmanagedAttribute() {
        UPConfig.UnmanagedAttributePolicy unmanagedAttributePolicy = this.upConfig.getUnmanagedAttributePolicy();
        if (unmanagedAttributePolicy == null) {
            return false;
        }
        switch (AnonymousClass3.$SwitchMap$org$keycloak$representations$userprofile$config$UPConfig$UnmanagedAttributePolicy[unmanagedAttributePolicy.ordinal()]) {
            case 2:
            case 3:
                return this.context.isAdminContext();
            default:
                return UPConfig.UnmanagedAttributePolicy.ENABLED.equals(unmanagedAttributePolicy);
        }
    }

    protected void setUserName(Map<String, List<String>> map, List<String> list) {
        map.put(Details.USERNAME, list);
    }

    protected boolean isIncludeAttributeIfNotProvided(AttributeMetadata attributeMetadata) {
        return !attributeMetadata.canEdit(createAttributeContext(attributeMetadata));
    }

    protected boolean isSupportedAttribute(String str) {
        if (READ_ONLY_ATTRIBUTE_KEY.equals(str)) {
            return false;
        }
        if (isManagedAttribute(str)) {
            return true;
        }
        return isReadOnlyInternalAttribute(str);
    }

    private boolean isManagedAttribute(String str) {
        return this.metadataByAttribute.containsKey(normalizeAttributeName(str));
    }

    protected boolean isReadOnlyInternalAttribute(String str) {
        AttributeMetadata attributeMetadata = this.metadataByAttribute.get(READ_ONLY_ATTRIBUTE_KEY);
        if (attributeMetadata == null) {
            return false;
        }
        AttributeContext createAttributeContext = createAttributeContext(str, attributeMetadata);
        Iterator it = attributeMetadata.getValidators().iterator();
        while (it.hasNext()) {
            if (!((AttributeValidatorMetadata) it.next()).validate(createAttributeContext).isValid()) {
                return true;
            }
        }
        return false;
    }

    public Map<String, List<String>> getUnmanagedAttributes() {
        return this.unmanagedAttributes;
    }

    protected AttributeMetadata createUnmanagedAttributeMetadata(String str) {
        return new AttributeMetadata(str, Integer.MAX_VALUE) { // from class: org.keycloak.userprofile.DefaultAttributes.2
            final UPConfig.UnmanagedAttributePolicy unmanagedAttributePolicy;

            {
                this.unmanagedAttributePolicy = DefaultAttributes.this.upConfig.getUnmanagedAttributePolicy();
            }

            public boolean canView(AttributeContext attributeContext) {
                return canEdit(attributeContext) || (UPConfig.UnmanagedAttributePolicy.ADMIN_VIEW.equals(this.unmanagedAttributePolicy) && attributeContext.getContext().isAdminContext());
            }

            public boolean canEdit(AttributeContext attributeContext) {
                return UPConfig.UnmanagedAttributePolicy.ENABLED.equals(this.unmanagedAttributePolicy) || (UPConfig.UnmanagedAttributePolicy.ADMIN_EDIT.equals(this.unmanagedAttributePolicy) && attributeContext.getContext().isAdminContext());
            }
        };
    }

    private boolean isFederated() {
        return this.user != null && this.user.isFederated();
    }
}
