package de.adorsys.sts.keycloak.storageprovider;

import de.adorsys.sts.keycloak.AuthenticatorUtil;
import de.adorsys.sts.keycloak.Constants;
import de.adorsys.sts.keycloak.rest.CustomRestClient;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import org.keycloak.component.ComponentModel;
import org.keycloak.credential.CredentialInput;
import org.keycloak.credential.CredentialInputValidator;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.models.UserCredentialModel;
import org.keycloak.models.UserModel;
import org.keycloak.storage.UserStorageProvider;
import org.keycloak.storage.user.UserLookupProvider;

/* loaded from: input_file:de/adorsys/sts/keycloak/storageprovider/CustomUserStorageProvider.class */
public class CustomUserStorageProvider implements UserStorageProvider, UserLookupProvider, CredentialInputValidator {
    private static final Pattern PATTERN = Pattern.compile("f:[a-z0-9\\-]+:(.+)");
    private final KeycloakSession session;
    private final ComponentModel model;

    /* JADX INFO: Access modifiers changed from: package-private */
    public CustomUserStorageProvider(KeycloakSession keycloakSession, ComponentModel componentModel) {
        this.session = keycloakSession;
        this.model = componentModel;
    }

    public boolean supportsCredentialType(String str) {
        return "password".equals(str);
    }

    public boolean isConfiguredFor(RealmModel realmModel, UserModel userModel, String str) {
        return "password".equals(str);
    }

    public boolean isValid(RealmModel realmModel, UserModel userModel, CredentialInput credentialInput) {
        boolean z = false;
        String str = (String) this.model.getConfig().getFirst(Constants.STS_LOGIN_URL);
        if (str == null) {
            throw new IllegalStateException("STS login endpoint address is not set but mandatory");
        }
        if (credentialInput instanceof UserCredentialModel) {
            UserCredentialModel userCredentialModel = (UserCredentialModel) credentialInput;
            String loadUserSecrets = CustomRestClient.loadUserSecrets(str, userModel.getUsername(), userCredentialModel.getValue(), AuthenticatorUtil.extractAudiences(userCredentialModel));
            z = loadUserSecrets != null;
            userCredentialModel.setNote(Constants.CUSTOM_USER_SECRET_NOTE_KEY, loadUserSecrets);
        }
        return z;
    }

    public void close() {
    }

    private String extractUsernameFromId(String str) {
        Matcher matcher = PATTERN.matcher(str);
        return matcher.matches() ? matcher.group(1) : str;
    }

    public UserModel getUserById(String str, RealmModel realmModel) {
        return getUserByUsername(realmModel, extractUsernameFromId(str));
    }

    public UserModel getUserByUsername(RealmModel realmModel, String str) {
        return CustomUser.builder().session(this.session).storageProviderModel(this.model).realm(realmModel).username(str).build();
    }

    public UserModel getUserByUsername(String str, RealmModel realmModel) {
        return null;
    }

    public UserModel getUserByEmail(RealmModel realmModel, String str) {
        return null;
    }

    public UserModel getUserByEmail(String str, RealmModel realmModel) {
        return null;
    }
}
