package org.keycloak.storage.ldap.mappers;

import java.util.List;
import org.keycloak.component.ComponentModel;
import org.keycloak.component.ComponentValidationException;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.provider.ProviderConfigProperty;
import org.keycloak.provider.ProviderConfigurationBuilder;
import org.keycloak.storage.UserStorageProvider;
import org.keycloak.storage.ldap.LDAPConfig;
import org.keycloak.storage.ldap.LDAPStorageProvider;

/* loaded from: input_file:org/keycloak/storage/ldap/mappers/FullNameLDAPStorageMapperFactory.class */
public class FullNameLDAPStorageMapperFactory extends AbstractLDAPStorageMapperFactory {
    public static final String PROVIDER_ID = "full-name-ldap-mapper";
    protected static final List<ProviderConfigProperty> configProperties = getConfigProps(null);

    private static List<ProviderConfigProperty> getConfigProps(ComponentModel componentModel) {
        boolean z = false;
        if (componentModel != null) {
            z = new LDAPConfig(componentModel.getConfig()).getEditMode() != UserStorageProvider.EditMode.WRITABLE;
        }
        return ProviderConfigurationBuilder.create().property().name(FullNameLDAPStorageMapper.LDAP_FULL_NAME_ATTRIBUTE).label("LDAP Full Name Attribute").helpText("Name of LDAP attribute, which contains fullName of user. Usually it will be 'cn' ").type("String").defaultValue("cn").add().property().name("read.only").label("Read Only").helpText("For Read-only is data imported from LDAP to Keycloak DB, but it's not saved back to LDAP when user is updated in Keycloak.").type("boolean").defaultValue(String.valueOf(z)).add().property().name(FullNameLDAPStorageMapper.WRITE_ONLY).label("Write Only").helpText("For Write-only is data propagated to LDAP when user is created or updated in Keycloak. But this mapper is not used to propagate data from LDAP back into Keycloak. This setting is useful if you configured separate firstName and lastName attribute mappers and you want to use those to read attribute from LDAP into Keycloak").type("boolean").defaultValue(String.valueOf(!z)).add().build();
    }

    @Override // org.keycloak.storage.ldap.mappers.LDAPStorageMapperFactory
    public String getHelpText() {
        return "Used to map full-name of user from single attribute in LDAP (usually 'cn' attribute) to firstName and lastName attributes of UserModel in Keycloak DB";
    }

    @Override // org.keycloak.storage.ldap.mappers.LDAPStorageMapperFactory
    public List<ProviderConfigProperty> getConfigProperties() {
        return configProperties;
    }

    public List<ProviderConfigProperty> getConfigProperties(RealmModel realmModel, ComponentModel componentModel) {
        return getConfigProps(componentModel);
    }

    @Override // org.keycloak.storage.ldap.mappers.LDAPStorageMapperFactory
    public String getId() {
        return PROVIDER_ID;
    }

    @Override // org.keycloak.storage.ldap.mappers.LDAPStorageMapperFactory
    public void validateConfiguration(KeycloakSession keycloakSession, RealmModel realmModel, ComponentModel componentModel) throws ComponentValidationException {
        checkMandatoryConfigAttribute(FullNameLDAPStorageMapper.LDAP_FULL_NAME_ATTRIBUTE, "LDAP Full Name Attribute", componentModel);
        boolean parseBooleanParameter = AbstractLDAPStorageMapper.parseBooleanParameter(componentModel, "read.only");
        boolean parseBooleanParameter2 = AbstractLDAPStorageMapper.parseBooleanParameter(componentModel, FullNameLDAPStorageMapper.WRITE_ONLY);
        ComponentModel component = realmModel.getComponent(componentModel.getParentId());
        if (component == null) {
            throw new ComponentValidationException("can't find parent component model", new Object[0]);
        }
        LDAPConfig lDAPConfig = new LDAPConfig(component.getConfig());
        lDAPConfig.getEditMode();
        if (parseBooleanParameter2 && lDAPConfig.getEditMode() != UserStorageProvider.EditMode.WRITABLE) {
            throw new ComponentValidationException("ldapErrorCantWriteOnlyForReadOnlyLdap", new Object[0]);
        }
        if (parseBooleanParameter2 && parseBooleanParameter) {
            throw new ComponentValidationException("ldapErrorCantWriteOnlyAndReadOnly", new Object[0]);
        }
    }

    @Override // org.keycloak.storage.ldap.mappers.AbstractLDAPStorageMapperFactory
    protected AbstractLDAPStorageMapper createMapper(ComponentModel componentModel, LDAPStorageProvider lDAPStorageProvider) {
        return new FullNameLDAPStorageMapper(componentModel, lDAPStorageProvider);
    }
}
