package org.keycloak.events.jpa;

import com.fasterxml.jackson.core.type.TypeReference;
import com.fasterxml.jackson.databind.ObjectMapper;
import jakarta.persistence.EntityManager;
import java.io.IOException;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.UUID;
import java.util.stream.Collectors;
import org.jboss.logging.Logger;
import org.keycloak.common.util.Time;
import org.keycloak.events.Event;
import org.keycloak.events.EventQuery;
import org.keycloak.events.EventStoreProvider;
import org.keycloak.events.EventType;
import org.keycloak.events.admin.AdminEvent;
import org.keycloak.events.admin.AdminEventQuery;
import org.keycloak.events.admin.AuthDetails;
import org.keycloak.events.admin.OperationType;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.models.jpa.entities.RealmAttributeEntity;
import org.keycloak.models.jpa.entities.RealmAttributes;
import org.keycloak.models.utils.KeycloakModelUtils;

/* loaded from: input_file:org/keycloak/events/jpa/JpaEventStoreProvider.class */
public class JpaEventStoreProvider implements EventStoreProvider {
    private static final ObjectMapper mapper = new ObjectMapper();
    private static final TypeReference<Map<String, String>> mapType = new TypeReference<Map<String, String>>() { // from class: org.keycloak.events.jpa.JpaEventStoreProvider.1
    };
    private static final Logger logger = Logger.getLogger(JpaEventStoreProvider.class);
    private final KeycloakSession session;
    private final EntityManager em;
    private final int maxDetailLength;
    private final int maxFieldLength;

    public JpaEventStoreProvider(KeycloakSession keycloakSession, EntityManager entityManager, int i, int i2) {
        this.session = keycloakSession;
        this.em = entityManager;
        this.maxDetailLength = i;
        this.maxFieldLength = i2;
    }

    public EventQuery createQuery() {
        return new JpaEventQuery(this.em);
    }

    public void clear() {
        this.em.createQuery("delete from EventEntity").executeUpdate();
    }

    public void clear(RealmModel realmModel) {
        this.em.createQuery("delete from EventEntity where realmId = :realmId").setParameter("realmId", realmModel.getId()).executeUpdate();
    }

    public void clear(RealmModel realmModel, long j) {
        this.em.createQuery("delete from EventEntity where realmId = :realmId and time < :time").setParameter("realmId", realmModel.getId()).setParameter("time", Long.valueOf(j)).executeUpdate();
    }

    public void clearExpiredEvents() {
        int i = 0;
        long currentTimeMillis = Time.currentTimeMillis();
        if (!KeycloakModelUtils.isRealmProviderJpa(this.session)) {
            this.session.realms().getRealmsStream().forEach(realmModel -> {
                if (!realmModel.isEventsEnabled() || realmModel.getEventsExpiration() <= 0) {
                    return;
                }
                clear(realmModel, Time.currentTimeMillis() - (realmModel.getEventsExpiration() * 1000));
            });
            return;
        }
        for (Long l : this.em.createQuery("select distinct realm.eventsExpiration from RealmEntity realm where realm.eventsExpiration > 0").getResultList()) {
            int executeUpdate = this.em.createQuery("delete from EventEntity where realmId in :realmIds and time < :eventTime").setParameter("realmIds", this.em.createQuery("select realm.id from RealmEntity realm where realm.eventsExpiration = :expiration").setParameter("expiration", l).getResultList()).setParameter("eventTime", Long.valueOf(currentTimeMillis - (l.longValue() * 1000))).executeUpdate();
            logger.tracef("Deleted %d events for the expiration %d", executeUpdate, l);
            i += executeUpdate;
        }
        logger.debugf("Cleared %d expired events in all realms", i);
    }

    public void onEvent(Event event) {
        this.em.persist(convertEvent(event));
    }

    public AdminEventQuery createAdminQuery() {
        return new JpaAdminEventQuery(this.em);
    }

    public void clearAdmin() {
        this.em.createQuery("delete from AdminEventEntity").executeUpdate();
    }

    public void clearAdmin(RealmModel realmModel) {
        this.em.createQuery("delete from AdminEventEntity where realmId = :realmId").setParameter("realmId", realmModel.getId()).executeUpdate();
    }

    public void clearAdmin(RealmModel realmModel, long j) {
        this.em.createQuery("delete from AdminEventEntity where realmId = :realmId and time < :time").setParameter("realmId", realmModel.getId()).setParameter("time", Long.valueOf(j)).executeUpdate();
    }

    public void onEvent(AdminEvent adminEvent, boolean z) {
        this.em.persist(convertAdminEvent(adminEvent, z));
    }

    public void close() {
    }

    private EventEntity convertEvent(Event event) {
        EventEntity eventEntity = new EventEntity();
        eventEntity.setId(event.getId() == null ? UUID.randomUUID().toString() : event.getId());
        eventEntity.setTime(event.getTime());
        eventEntity.setType(event.getType().toString());
        eventEntity.setRealmId(event.getRealmId());
        eventEntity.setClientId(event.getClientId());
        eventEntity.setUserId(event.getUserId());
        eventEntity.setSessionId(event.getSessionId());
        eventEntity.setIpAddress(event.getIpAddress());
        eventEntity.setError(event.getError());
        try {
            if (this.maxDetailLength <= 0 || event.getDetails() == null) {
                eventEntity.setDetailsJson(mapper.writeValueAsString(event.getDetails()));
            } else {
                HashMap hashMap = new HashMap(event.getDetails());
                hashMap.entrySet().forEach(entry -> {
                    entry.setValue(trimToMaxDetailLength((String) entry.getValue()));
                });
                eventEntity.setDetailsJson(trimToMaxFieldLength(mapper.writeValueAsString(hashMap)));
            }
        } catch (IOException e) {
            logger.error("Failed to write log details", e);
        }
        return eventEntity;
    }

    private String trimToMaxDetailLength(String str) {
        if (str == null || str.length() <= this.maxDetailLength) {
            return str;
        }
        logger.warnf("Detail '%s' will be truncated.", str);
        return str.substring(0, this.maxDetailLength - 3).concat("...");
    }

    private String trimToMaxFieldLength(String str) {
        if (this.maxFieldLength <= 0 || str == null || str.length() <= this.maxFieldLength) {
            return str;
        }
        logger.warnf("Field '%s' will be truncated.", str);
        return str.substring(0, this.maxFieldLength - 3).concat("...");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Event convertEvent(EventEntity eventEntity) {
        Event event = new Event();
        event.setId(eventEntity.getId() == null ? UUID.randomUUID().toString() : eventEntity.getId());
        event.setTime(eventEntity.getTime());
        event.setType(EventType.valueOf(eventEntity.getType()));
        event.setRealmId(eventEntity.getRealmId());
        event.setClientId(eventEntity.getClientId());
        event.setUserId(eventEntity.getUserId());
        event.setSessionId(eventEntity.getSessionId());
        event.setIpAddress(eventEntity.getIpAddress());
        event.setError(eventEntity.getError());
        try {
            event.setDetails((Map) mapper.readValue(eventEntity.getDetailsJson(), mapType));
        } catch (IOException e) {
            logger.error("Failed to read log details", e);
        }
        return event;
    }

    private AdminEventEntity convertAdminEvent(AdminEvent adminEvent, boolean z) {
        AdminEventEntity adminEventEntity = new AdminEventEntity();
        adminEventEntity.setId(adminEvent.getId() == null ? UUID.randomUUID().toString() : adminEvent.getId());
        adminEventEntity.setTime(adminEvent.getTime());
        adminEventEntity.setRealmId(adminEvent.getRealmId());
        setAuthDetails(adminEventEntity, adminEvent.getAuthDetails());
        adminEventEntity.setOperationType(adminEvent.getOperationType().toString());
        if (adminEvent.getResourceTypeAsString() != null) {
            adminEventEntity.setResourceType(adminEvent.getResourceTypeAsString());
        }
        adminEventEntity.setResourcePath(adminEvent.getResourcePath());
        adminEventEntity.setError(adminEvent.getError());
        if (z) {
            adminEventEntity.setRepresentation(trimToMaxFieldLength(adminEvent.getRepresentation()));
        }
        return adminEventEntity;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static AdminEvent convertAdminEvent(AdminEventEntity adminEventEntity) {
        AdminEvent adminEvent = new AdminEvent();
        adminEvent.setId(adminEventEntity.getId() == null ? UUID.randomUUID().toString() : adminEventEntity.getId());
        adminEvent.setTime(adminEventEntity.getTime());
        adminEvent.setRealmId(adminEventEntity.getRealmId());
        setAuthDetails(adminEvent, adminEventEntity);
        adminEvent.setOperationType(OperationType.valueOf(adminEventEntity.getOperationType()));
        if (adminEventEntity.getResourceType() != null) {
            adminEvent.setResourceTypeAsString(adminEventEntity.getResourceType());
        }
        adminEvent.setResourcePath(adminEventEntity.getResourcePath());
        adminEvent.setError(adminEventEntity.getError());
        if (adminEventEntity.getRepresentation() != null) {
            adminEvent.setRepresentation(adminEventEntity.getRepresentation());
        }
        return adminEvent;
    }

    private static void setAuthDetails(AdminEventEntity adminEventEntity, AuthDetails authDetails) {
        adminEventEntity.setAuthRealmId(authDetails.getRealmId());
        adminEventEntity.setAuthClientId(authDetails.getClientId());
        adminEventEntity.setAuthUserId(authDetails.getUserId());
        adminEventEntity.setAuthIpAddress(authDetails.getIpAddress());
    }

    private static void setAuthDetails(AdminEvent adminEvent, AdminEventEntity adminEventEntity) {
        AuthDetails authDetails = new AuthDetails();
        authDetails.setRealmId(adminEventEntity.getAuthRealmId());
        authDetails.setClientId(adminEventEntity.getAuthClientId());
        authDetails.setUserId(adminEventEntity.getAuthUserId());
        authDetails.setIpAddress(adminEventEntity.getAuthIpAddress());
        adminEvent.setAuthDetails(authDetails);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void clearExpiredAdminEvents() {
        Map map = (Map) this.em.createNamedQuery("selectRealmAttributesNotEmptyByName", RealmAttributeEntity.class).setParameter("name", RealmAttributes.ADMIN_EVENTS_EXPIRATION).getResultStream().filter(realmAttributeEntity -> {
            try {
                return Long.parseLong(realmAttributeEntity.getValue()) > 0;
            } catch (NumberFormatException e) {
                logger.warnf("Unable to parse value '%s' for attribute '%s' in realm '%s' (expecting it to be decimal numeric)", new Object[]{realmAttributeEntity.getValue(), RealmAttributes.ADMIN_EVENTS_EXPIRATION, realmAttributeEntity.getRealm().getId(), e});
                return false;
            }
        }).collect(Collectors.groupingBy(realmAttributeEntity2 -> {
            return Long.valueOf(realmAttributeEntity2.getValue());
        }));
        long currentTimeMillis = Time.currentTimeMillis();
        map.forEach((l, list) -> {
            logger.tracef("Deleted %d admin events for the expiration %d", this.em.createQuery("delete from AdminEventEntity where realmId in :realmIds and time < :eventTime").setParameter("realmIds", (List) list.stream().map((v0) -> {
                return v0.getRealm();
            }).map((v0) -> {
                return v0.getId();
            }).collect(Collectors.toList())).setParameter("eventTime", Long.valueOf(currentTimeMillis - (l.longValue() * 1000))).executeUpdate(), l);
        });
    }
}
