package org.keycloak.models.map.storage.jpa;

import java.sql.Connection;
import java.sql.DatabaseMetaData;
import java.sql.DriverManager;
import java.sql.SQLException;
import java.util.Collections;
import java.util.HashMap;
import java.util.LinkedHashMap;
import java.util.Map;
import java.util.Set;
import java.util.concurrent.ConcurrentHashMap;
import java.util.function.Function;
import javax.naming.InitialContext;
import javax.naming.NamingException;
import javax.persistence.EntityManager;
import javax.persistence.EntityManagerFactory;
import javax.persistence.Persistence;
import javax.sql.DataSource;
import org.hibernate.boot.Metadata;
import org.hibernate.engine.spi.SessionFactoryImplementor;
import org.hibernate.event.service.spi.EventListenerRegistry;
import org.hibernate.event.spi.EventType;
import org.hibernate.event.spi.PreDeleteEventListener;
import org.hibernate.event.spi.PreInsertEventListener;
import org.hibernate.event.spi.PreUpdateEventListener;
import org.hibernate.integrator.spi.Integrator;
import org.hibernate.service.spi.SessionFactoryServiceRegistry;
import org.jboss.logging.Logger;
import org.keycloak.Config;
import org.keycloak.common.Profile;
import org.keycloak.common.util.StackUtil;
import org.keycloak.common.util.StringPropertyReplacer;
import org.keycloak.component.AmphibianProviderFactory;
import org.keycloak.models.ClientModel;
import org.keycloak.models.ClientScopeModel;
import org.keycloak.models.GroupModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.KeycloakSessionFactory;
import org.keycloak.models.RealmModel;
import org.keycloak.models.RoleModel;
import org.keycloak.models.dblock.DBLockProvider;
import org.keycloak.models.map.client.MapProtocolMapperEntity;
import org.keycloak.models.map.client.MapProtocolMapperEntityImpl;
import org.keycloak.models.map.common.DeepCloner;
import org.keycloak.models.map.realm.entity.MapAuthenticationExecutionEntity;
import org.keycloak.models.map.realm.entity.MapAuthenticationExecutionEntityImpl;
import org.keycloak.models.map.realm.entity.MapAuthenticationFlowEntity;
import org.keycloak.models.map.realm.entity.MapAuthenticationFlowEntityImpl;
import org.keycloak.models.map.realm.entity.MapAuthenticatorConfigEntity;
import org.keycloak.models.map.realm.entity.MapAuthenticatorConfigEntityImpl;
import org.keycloak.models.map.realm.entity.MapClientInitialAccessEntity;
import org.keycloak.models.map.realm.entity.MapClientInitialAccessEntityImpl;
import org.keycloak.models.map.realm.entity.MapIdentityProviderEntity;
import org.keycloak.models.map.realm.entity.MapIdentityProviderEntityImpl;
import org.keycloak.models.map.realm.entity.MapIdentityProviderMapperEntity;
import org.keycloak.models.map.realm.entity.MapIdentityProviderMapperEntityImpl;
import org.keycloak.models.map.realm.entity.MapOTPPolicyEntity;
import org.keycloak.models.map.realm.entity.MapOTPPolicyEntityImpl;
import org.keycloak.models.map.realm.entity.MapRequiredActionProviderEntity;
import org.keycloak.models.map.realm.entity.MapRequiredActionProviderEntityImpl;
import org.keycloak.models.map.realm.entity.MapRequiredCredentialEntity;
import org.keycloak.models.map.realm.entity.MapRequiredCredentialEntityImpl;
import org.keycloak.models.map.realm.entity.MapWebAuthnPolicyEntity;
import org.keycloak.models.map.realm.entity.MapWebAuthnPolicyEntityImpl;
import org.keycloak.models.map.storage.MapKeycloakTransaction;
import org.keycloak.models.map.storage.MapStorageProvider;
import org.keycloak.models.map.storage.MapStorageProviderFactory;
import org.keycloak.models.map.storage.jpa.authSession.JpaRootAuthenticationSessionMapKeycloakTransaction;
import org.keycloak.models.map.storage.jpa.authSession.entity.JpaAuthenticationSessionEntity;
import org.keycloak.models.map.storage.jpa.authSession.entity.JpaRootAuthenticationSessionEntity;
import org.keycloak.models.map.storage.jpa.client.JpaClientMapKeycloakTransaction;
import org.keycloak.models.map.storage.jpa.client.entity.JpaClientEntity;
import org.keycloak.models.map.storage.jpa.clientscope.JpaClientScopeMapKeycloakTransaction;
import org.keycloak.models.map.storage.jpa.clientscope.entity.JpaClientScopeEntity;
import org.keycloak.models.map.storage.jpa.group.JpaGroupMapKeycloakTransaction;
import org.keycloak.models.map.storage.jpa.group.entity.JpaGroupEntity;
import org.keycloak.models.map.storage.jpa.hibernate.listeners.JpaEntityVersionListener;
import org.keycloak.models.map.storage.jpa.hibernate.listeners.JpaOptimisticLockingListener;
import org.keycloak.models.map.storage.jpa.realm.JpaRealmMapKeycloakTransaction;
import org.keycloak.models.map.storage.jpa.realm.entity.JpaComponentEntity;
import org.keycloak.models.map.storage.jpa.realm.entity.JpaRealmEntity;
import org.keycloak.models.map.storage.jpa.role.JpaRoleMapKeycloakTransaction;
import org.keycloak.models.map.storage.jpa.role.entity.JpaRoleEntity;
import org.keycloak.models.map.storage.jpa.updater.MapJpaUpdaterProvider;
import org.keycloak.models.utils.KeycloakModelUtils;
import org.keycloak.provider.EnvironmentDependentProviderFactory;
import org.keycloak.sessions.RootAuthenticationSessionModel;

/* loaded from: input_file:org/keycloak/models/map/storage/jpa/JpaMapStorageProviderFactory.class */
public class JpaMapStorageProviderFactory implements AmphibianProviderFactory<MapStorageProvider>, MapStorageProviderFactory, EnvironmentDependentProviderFactory {
    public static final String PROVIDER_ID = "jpa-map-storage";
    private volatile EntityManagerFactory emf;
    private final Set<Class<?>> validatedModels = ConcurrentHashMap.newKeySet();
    private Config.Scope config;
    private static final Logger logger = Logger.getLogger(JpaMapStorageProviderFactory.class);
    public static final DeepCloner CLONER = new DeepCloner.Builder().constructor(JpaRootAuthenticationSessionEntity.class, JpaRootAuthenticationSessionEntity::new).constructor(JpaAuthenticationSessionEntity.class, JpaAuthenticationSessionEntity::new).constructor(JpaClientEntity.class, JpaClientEntity::new).constructor(MapProtocolMapperEntity.class, MapProtocolMapperEntityImpl::new).constructor(JpaClientScopeEntity.class, JpaClientScopeEntity::new).constructor(JpaGroupEntity.class, JpaGroupEntity::new).constructor(JpaRealmEntity.class, JpaRealmEntity::new).constructor(JpaComponentEntity.class, JpaComponentEntity::new).constructor(MapAuthenticationExecutionEntity.class, MapAuthenticationExecutionEntityImpl::new).constructor(MapAuthenticationFlowEntity.class, MapAuthenticationFlowEntityImpl::new).constructor(MapAuthenticatorConfigEntity.class, MapAuthenticatorConfigEntityImpl::new).constructor(MapClientInitialAccessEntity.class, MapClientInitialAccessEntityImpl::new).constructor(MapIdentityProviderEntity.class, MapIdentityProviderEntityImpl::new).constructor(MapIdentityProviderMapperEntity.class, MapIdentityProviderMapperEntityImpl::new).constructor(MapOTPPolicyEntity.class, MapOTPPolicyEntityImpl::new).constructor(MapRequiredActionProviderEntity.class, MapRequiredActionProviderEntityImpl::new).constructor(MapRequiredCredentialEntity.class, MapRequiredCredentialEntityImpl::new).constructor(MapWebAuthnPolicyEntity.class, MapWebAuthnPolicyEntityImpl::new).constructor(JpaRoleEntity.class, JpaRoleEntity::new).build();
    private static final Map<Class<?>, Function<EntityManager, MapKeycloakTransaction>> MODEL_TO_TX = new HashMap();

    public MapKeycloakTransaction createTransaction(Class<?> cls, EntityManager entityManager) {
        return MODEL_TO_TX.get(cls).apply(entityManager);
    }

    /* renamed from: create, reason: merged with bridge method [inline-methods] */
    public MapStorageProvider m4create(KeycloakSession keycloakSession) {
        lazyInit();
        return new JpaMapStorageProvider(this, keycloakSession, this.emf.createEntityManager());
    }

    public void init(Config.Scope scope) {
        this.config = scope;
    }

    public void postInit(KeycloakSessionFactory keycloakSessionFactory) {
    }

    public String getId() {
        return PROVIDER_ID;
    }

    public String getHelpText() {
        return "JPA Map Storage";
    }

    public boolean isSupported() {
        return Profile.isFeatureEnabled(Profile.Feature.MAP_STORAGE);
    }

    public void close() {
        if (this.emf != null) {
            this.emf.close();
        }
        this.validatedModels.clear();
    }

    private void lazyInit() {
        if (this.emf == null) {
            synchronized (this) {
                if (this.emf == null) {
                    logger.debugf("Initializing JPA connections %s", StackUtil.getShortStackTrace());
                    HashMap hashMap = new HashMap();
                    String str = this.config.get("persistenceUnitName", "keycloak-jpa-default");
                    String str2 = this.config.get("dataSource");
                    if (str2 != null) {
                        hashMap.put("javax.persistence.nonJtaDataSource", str2);
                    } else {
                        hashMap.put("javax.persistence.jdbc.url", this.config.get("url"));
                        hashMap.put("javax.persistence.jdbc.driver", this.config.get("driver"));
                        String str3 = this.config.get("user");
                        if (str3 != null) {
                            hashMap.put("javax.persistence.jdbc.user", str3);
                        }
                        String str4 = this.config.get("password");
                        if (str4 != null) {
                            hashMap.put("javax.persistence.jdbc.password", str4);
                        }
                    }
                    String str5 = this.config.get("schema");
                    if (str5 != null) {
                        hashMap.put("hibernate.default_schema", str5);
                    }
                    hashMap.put("hibernate.show_sql", this.config.getBoolean("showSql", false));
                    hashMap.put("hibernate.format_sql", this.config.getBoolean("formatSql", true));
                    hashMap.put("hibernate.dialect", this.config.get("driverDialect"));
                    hashMap.put("hibernate.integrator_provider", () -> {
                        return Collections.singletonList(new Integrator() { // from class: org.keycloak.models.map.storage.jpa.JpaMapStorageProviderFactory.1
                            public void integrate(Metadata metadata, SessionFactoryImplementor sessionFactoryImplementor, SessionFactoryServiceRegistry sessionFactoryServiceRegistry) {
                                EventListenerRegistry service = sessionFactoryServiceRegistry.getService(EventListenerRegistry.class);
                                service.appendListeners(EventType.PRE_INSERT, new PreInsertEventListener[]{JpaOptimisticLockingListener.INSTANCE});
                                service.appendListeners(EventType.PRE_UPDATE, new PreUpdateEventListener[]{JpaOptimisticLockingListener.INSTANCE});
                                service.appendListeners(EventType.PRE_DELETE, new PreDeleteEventListener[]{JpaOptimisticLockingListener.INSTANCE});
                                service.appendListeners(EventType.PRE_INSERT, new PreInsertEventListener[]{JpaEntityVersionListener.INSTANCE});
                                service.appendListeners(EventType.PRE_UPDATE, new PreUpdateEventListener[]{JpaEntityVersionListener.INSTANCE});
                                service.appendListeners(EventType.PRE_DELETE, new PreDeleteEventListener[]{JpaEntityVersionListener.INSTANCE});
                            }

                            public void disintegrate(SessionFactoryImplementor sessionFactoryImplementor, SessionFactoryServiceRegistry sessionFactoryServiceRegistry) {
                            }
                        });
                    });
                    Integer num = this.config.getInt("isolation");
                    if (num != null) {
                        if (num.intValue() < 4) {
                            logger.warn("Concurrent requests may not be reliable with transaction level lower than TRANSACTION_REPEATABLE_READ.");
                        }
                        hashMap.put("hibernate.connection.isolation", String.valueOf(num));
                    } else {
                        logger.warn("Concurrent requests may not be reliable with transaction level lower than TRANSACTION_REPEATABLE_READ.");
                    }
                    logger.trace("Creating EntityManagerFactory");
                    this.emf = Persistence.createEntityManagerFactory(str, hashMap);
                    logger.trace("EntityManagerFactory created");
                }
            }
        }
    }

    public void validateAndUpdateSchema(KeycloakSession keycloakSession, Class<?> cls) {
        if (this.validatedModels.add(cls)) {
            Connection connection = getConnection();
            try {
                if (logger.isDebugEnabled()) {
                    printOperationalInfo(connection);
                }
                if (!((MapJpaUpdaterProvider) keycloakSession.getProvider(MapJpaUpdaterProvider.class)).validate(cls, connection, this.config.get("schema")).equals(MapJpaUpdaterProvider.Status.VALID)) {
                    update(cls, connection, keycloakSession);
                }
                if (connection != null) {
                    try {
                        connection.close();
                    } catch (SQLException e) {
                        logger.warn("Can't close connection", e);
                    }
                }
            } catch (Throwable th) {
                if (connection != null) {
                    try {
                        connection.close();
                    } catch (SQLException e2) {
                        logger.warn("Can't close connection", e2);
                    }
                }
                throw th;
            }
        }
    }

    private Connection getConnection() {
        try {
            String str = this.config.get("dataSource");
            if (str != null) {
                return ((DataSource) new InitialContext().lookup(str)).getConnection();
            }
            Class.forName(this.config.get("driver"));
            return DriverManager.getConnection(StringPropertyReplacer.replaceProperties(this.config.get("url"), System.getProperties()), this.config.get("user"), this.config.get("password"));
        } catch (ClassNotFoundException | SQLException | NamingException e) {
            throw new RuntimeException("Failed to connect to database", e);
        }
    }

    private void printOperationalInfo(Connection connection) {
        try {
            LinkedHashMap linkedHashMap = new LinkedHashMap();
            DatabaseMetaData metaData = connection.getMetaData();
            linkedHashMap.put("databaseUrl", metaData.getURL());
            linkedHashMap.put("databaseUser", metaData.getUserName());
            linkedHashMap.put("databaseProduct", metaData.getDatabaseProductName() + " " + metaData.getDatabaseProductVersion());
            linkedHashMap.put("databaseDriver", metaData.getDriverName() + " " + metaData.getDriverVersion());
            logger.debugf("Database info: %s", linkedHashMap.toString());
        } catch (SQLException e) {
            logger.warn("Unable to prepare operational info due database exception: " + e.getMessage());
        }
    }

    private void update(Class<?> cls, Connection connection, KeycloakSession keycloakSession) {
        KeycloakModelUtils.runJobInTransaction(keycloakSession.getKeycloakSessionFactory(), keycloakSession2 -> {
            DBLockProvider provider = keycloakSession.getProvider(DBLockProvider.class);
            provider.waitForLock(DBLockProvider.Namespace.DATABASE);
            try {
                ((MapJpaUpdaterProvider) keycloakSession.getProvider(MapJpaUpdaterProvider.class)).update(cls, connection, this.config.get("schema"));
                provider.releaseLock();
            } catch (Throwable th) {
                provider.releaseLock();
                throw th;
            }
        });
    }

    static {
        MODEL_TO_TX.put(RootAuthenticationSessionModel.class, JpaRootAuthenticationSessionMapKeycloakTransaction::new);
        MODEL_TO_TX.put(ClientScopeModel.class, JpaClientScopeMapKeycloakTransaction::new);
        MODEL_TO_TX.put(ClientModel.class, JpaClientMapKeycloakTransaction::new);
        MODEL_TO_TX.put(GroupModel.class, JpaGroupMapKeycloakTransaction::new);
        MODEL_TO_TX.put(RealmModel.class, JpaRealmMapKeycloakTransaction::new);
        MODEL_TO_TX.put(RoleModel.class, JpaRoleMapKeycloakTransaction::new);
    }
}
