package com.example.keycloak;

import org.keycloak.broker.provider.IdentityProviderMapper;
import org.keycloak.broker.saml.SamlUserIdentityProviderConfig;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.GroupModel;
import org.keycloak.broker.provider.ProviderConfigProperty;

import java.util.List;

public class GroupSyncMapper implements IdentityProviderMapper {

    private final KeycloakSession session;

    public GroupSyncMapper(KeycloakSession session) {
        this.session = session;
    }

    @Override
    public void mapRolesFromSamlAttributes(RealmModel realm, UserModel user, SamlUserIdentityProviderConfig config) {
        // Retrieve the groups from the SAML attribute (assuming it's an array of group names)
        Object groupsAttribute = user.getAttribute(config.getGroupAttribute());

        if (groupsAttribute == null) {
            return;  // No groups to map
        }

        // Assuming the groups attribute is an array of strings (e.g., ["Group1", "Group2", "Group3"])
        String[] groups = (String[]) groupsAttribute;

        // Create and assign the "Intermate members" group
        GroupModel intermateMembersGroup = getOrCreateGroup(realm, "Intermate members");

        // Iterate over each group in the SAML groups attribute
        for (String groupName : groups) {
            groupName = groupName.trim();  // Remove leading/trailing spaces
            GroupModel group = getOrCreateGroup(realm, groupName);
            user.joinGroup(group);  // Add user to the group
            intermateMembersGroup.addChildGroup(group);  // Make the group a child of "Intermate members"
        }
    }

    private GroupModel getOrCreateGroup(RealmModel realm, String groupName) {
        // Check if the group already exists in the realm
        GroupModel group = realm.getGroupByName(groupName);
        if (group == null) {
            // If the group doesn't exist, create it
            group = realm.createGroup(groupName);
        }
        return group;
    }

    @Override
    public List<ProviderConfigProperty> getConfigProperties() {
        // If you want to expose configuration options for your mapper, you can define them here
        return null;
    }

    @Override
    public void close() {
        // Clean up resources if necessary
    }
}