package org.keycloak.userprofile.validator;

import java.util.List;
import java.util.regex.Pattern;
import org.jboss.logging.Logger;
import org.keycloak.common.util.ObjectUtil;
import org.keycloak.models.UserModel;
import org.keycloak.services.messages.Messages;
import org.keycloak.userprofile.AttributeContext;
import org.keycloak.userprofile.UserProfileAttributeValidationContext;
import org.keycloak.validate.SimpleValidator;
import org.keycloak.validate.ValidationContext;
import org.keycloak.validate.ValidationError;
import org.keycloak.validate.ValidatorConfig;

/* loaded from: input_file:org/keycloak/userprofile/validator/ReadOnlyAttributeUnchangedValidator.class */
public class ReadOnlyAttributeUnchangedValidator implements SimpleValidator {
    public static final String ID = "up-readonly-attribute-unchanged";
    public static final String CFG_PATTERN = "pattern";
    private static final Logger logger = Logger.getLogger(ReadOnlyAttributeUnchangedValidator.class);
    public static String UPDATE_READ_ONLY_ATTRIBUTES_REJECTED_MSG = Messages.UPDATE_READ_ONLY_ATTRIBUTES_REJECTED;

    public String getId() {
        return ID;
    }

    public ValidationContext validate(Object obj, String str, ValidationContext validationContext, ValidatorConfig validatorConfig) {
        List list;
        AttributeContext attributeContext = UserProfileAttributeValidationContext.from(validationContext).getAttributeContext();
        String str2 = (String) attributeContext.getAttribute().getKey();
        Pattern pattern = (Pattern) validatorConfig.get(CFG_PATTERN);
        if (pattern.matcher(str2).find() && (list = (List) obj) != null) {
            UserModel user = attributeContext.getUser();
            String firstAttribute = user == null ? null : user.getFirstAttribute(str2);
            String str3 = null;
            if (!list.isEmpty()) {
                str3 = (String) list.get(0);
            }
            if (!isUnchanged(firstAttribute, str3)) {
                logger.warnf("Attempt to edit denied attribute '%s' of user '%s'", pattern, user == null ? "new user" : user.getFirstAttribute("username"));
                validationContext.addError(new ValidationError(ID, str2, UPDATE_READ_ONLY_ATTRIBUTES_REJECTED_MSG));
            }
            return validationContext;
        }
        return validationContext;
    }

    private boolean isUnchanged(String str, String str2) {
        if (str == null && ObjectUtil.isBlank(str2)) {
            return true;
        }
        return ObjectUtil.isEqualOrBothNull(str, str2);
    }
}
