package io.jans.configapi.plugin.saml.service;

import io.jans.as.common.service.OrganizationService;
import io.jans.configapi.plugin.saml.client.IdpClientFactory;
import io.jans.configapi.plugin.saml.mapper.IdentityProviderMapper;
import io.jans.configapi.plugin.saml.model.IdentityProvider;
import io.jans.model.SearchRequest;
import io.jans.orm.PersistenceEntryManager;
import io.jans.orm.model.PagedResult;
import io.jans.util.exception.InvalidAttributeException;
import jakarta.enterprise.context.ApplicationScoped;
import jakarta.inject.Inject;
import jakarta.ws.rs.core.Response;
import java.io.IOException;
import java.io.InputStream;
import java.util.List;
import java.util.Map;
import org.keycloak.representations.idm.IdentityProviderRepresentation;
import org.slf4j.Logger;

@ApplicationScoped
/* loaded from: input_file:io/jans/configapi/plugin/saml/service/IdpService.class */
public class IdpService {

    @Inject
    Logger log;

    @Inject
    PersistenceEntryManager persistenceEntryManager;

    @Inject
    SamlConfigService samlConfigService;

    @Inject
    OrganizationService organizationService;

    @Inject
    IdentityProviderService identityProviderService;

    @Inject
    KeycloakService keycloakService;

    @Inject
    IdentityProviderMapper identityProviderMapper;

    @Inject
    IdpClientFactory idpClientFactory;

    public String getIdentityProviderDn() {
        return this.samlConfigService.getTrustedIdpDn();
    }

    public String getSpMetadataUrl(String str, String str2) {
        return this.samlConfigService.getSpMetadataUrl(str, str2);
    }

    public List<IdentityProvider> getAllIdentityProviders() {
        return this.identityProviderService.getAllIdentityProvider(0);
    }

    public IdentityProvider getIdentityProviderByInum(String str) {
        return this.identityProviderService.getIdentityProviderByInum(str);
    }

    public List<IdentityProvider> getIdentityProviderByName(String str) {
        return this.identityProviderService.getIdentityProviderByName(str);
    }

    public PagedResult<IdentityProvider> getIdentityProviders(SearchRequest searchRequest) {
        return this.identityProviderService.getIdentityProvider(searchRequest);
    }

    public IdentityProvider createSamlIdentityProvider(IdentityProvider identityProvider, InputStream inputStream) throws IOException {
        this.log.info("Create IdentityProvider with IDP metadata file in identityProvider:{}, idpMetadataStream:{}, samlConfigService.isSamlEnabled():{}", new Object[]{identityProvider, inputStream, Boolean.valueOf(this.samlConfigService.isSamlEnabled())});
        if (identityProvider == null) {
            throw new InvalidAttributeException("IdentityProvider object is null!!!");
        }
        if (inputStream == null) {
            throw new InvalidAttributeException("Idp Metedata file is null!!!");
        }
        Map<String, String> validateSamlMetadata = validateSamlMetadata(identityProvider.getRealm(), inputStream);
        this.log.debug("Validated metadata to create IDP - config:{}", validateSamlMetadata);
        identityProvider.setConfig(validateSamlMetadata);
        this.log.debug("Create IdentityProvider identityProvider:{})", identityProvider);
        this.identityProviderService.addSamlIdentityProvider(identityProvider, inputStream);
        this.log.debug("Created IdentityProvider in Jans DB -  identityProvider:{})", identityProvider);
        if (this.samlConfigService.isSamlEnabled()) {
            IdentityProviderRepresentation convertToIdentityProviderRepresentation = convertToIdentityProviderRepresentation(identityProvider);
            this.log.debug("converted kcIdp:{}", convertToIdentityProviderRepresentation);
            this.log.debug("IDP Service idpMetadataStream:{}, idpMetadataStream.available():{}", inputStream, Integer.valueOf(inputStream.available()));
            IdentityProviderRepresentation createIdentityProvider = this.keycloakService.createIdentityProvider(identityProvider.getRealm(), convertToIdentityProviderRepresentation);
            this.log.debug("Newly created kcIdp:{}", createIdentityProvider);
            identityProvider = convertToIdentityProvider(identityProvider, createIdentityProvider);
            this.log.debug("Final created identityProvider:{}", identityProvider);
            if (identityProvider != null) {
                String spMetadataUrl = getSpMetadataUrl(identityProvider.getRealm(), identityProvider.getName());
                this.log.info(" Setting KC SP Metadata URL - spMetadataUrl:{} ", spMetadataUrl);
                identityProvider.setSpMetaDataURL(spMetadataUrl);
            }
        }
        return identityProvider;
    }

    public IdentityProvider updateSamlIdentityProvider(IdentityProvider identityProvider, InputStream inputStream) throws IOException {
        this.log.debug("Update IdentityProvider with IDP metadata file in - identityProvider:{}, idpMetadataStream:{}, samlConfigService.isSamlEnabled():{}", new Object[]{identityProvider, inputStream, Boolean.valueOf(this.samlConfigService.isSamlEnabled())});
        if (identityProvider == null) {
            throw new InvalidAttributeException("IdentityProvider object for update is null!!!");
        }
        if (inputStream == null) {
            throw new InvalidAttributeException("Idp Metedata file for update is null!!!");
        }
        Map<String, String> validateSamlMetadata = validateSamlMetadata(identityProvider.getRealm(), inputStream);
        this.log.debug("Validated metadata to update config:{}", validateSamlMetadata);
        identityProvider.setConfig(validateSamlMetadata);
        updateIdentityProvider(identityProvider);
        this.log.debug("Updated IdentityProvider dentityProvider:{}, , identityProvider.getRealm():{})", identityProvider, identityProvider.getRealm());
        if (this.samlConfigService.isSamlEnabled()) {
            IdentityProviderRepresentation convertToIdentityProviderRepresentation = convertToIdentityProviderRepresentation(identityProvider);
            this.log.debug("converted kcIdp:{}", convertToIdentityProviderRepresentation);
            IdentityProviderRepresentation updateIdentityProvider = this.keycloakService.updateIdentityProvider(identityProvider.getRealm(), convertToIdentityProviderRepresentation);
            this.log.debug("Updated kcIdp:{}", updateIdentityProvider);
            identityProvider = convertToIdentityProvider(identityProvider, updateIdentityProvider);
            if (identityProvider != null) {
                String spMetadataUrl = getSpMetadataUrl(identityProvider.getRealm(), identityProvider.getName());
                this.log.info(" Updating KC SP Metadata URL - spMetadataUrl:{} ", spMetadataUrl);
                identityProvider.setSpMetaDataURL(spMetadataUrl);
            }
        }
        return identityProvider;
    }

    public void deleteIdentityProvider(IdentityProvider identityProvider) {
        if (this.samlConfigService.isSamlEnabled()) {
            this.keycloakService.deleteIdentityProvider(identityProvider.getRealm(), identityProvider.getName());
        }
        this.identityProviderService.removeIdentityProvider(identityProvider);
    }

    public void processUnprocessedIdpMetadataFiles() {
        this.identityProviderService.processUnprocessedIdpMetadataFiles();
    }

    public Response getSpMetadata(IdentityProvider identityProvider) {
        if (identityProvider == null) {
            return null;
        }
        return this.idpClientFactory.getSpMetadata(getSpMetadataUrl(identityProvider.getRealm(), identityProvider.getName()));
    }

    private IdentityProvider updateIdentityProvider(IdentityProvider identityProvider) throws IOException {
        this.log.info("Update IdentityProvider with IDP metadata file in identityProvider:{}", identityProvider);
        this.identityProviderService.updateIdentityProvider(identityProvider);
        this.log.debug("Updated IdentityProvider in Jans DB -  identityProvider:{})", identityProvider);
        return identityProvider;
    }

    private Map<String, String> validateSamlMetadata(String str, InputStream inputStream) {
        return this.keycloakService.validateSamlMetadata(str, inputStream);
    }

    private IdentityProvider convertToIdentityProvider(IdentityProvider identityProvider, IdentityProviderRepresentation identityProviderRepresentation) {
        this.log.debug("identityProvider:{}, kcIdp:{}", identityProvider, identityProviderRepresentation);
        IdentityProvider convertToIdentityProvider = convertToIdentityProvider(identityProviderRepresentation);
        this.log.info("convertToIdentityProvider - idp:{}", convertToIdentityProvider);
        if (convertToIdentityProvider != null && identityProvider != null) {
            convertToIdentityProvider.setRealm(identityProvider.getRealm());
            convertToIdentityProvider.setSpMetaDataFN(identityProvider.getSpMetaDataFN());
            convertToIdentityProvider.setSpMetaDataURL(identityProvider.getSpMetaDataURL());
            convertToIdentityProvider.setSpMetaDataLocation(identityProvider.getSpMetaDataLocation());
            convertToIdentityProvider.setIdpMetaDataFN(identityProvider.getIdpMetaDataFN());
            convertToIdentityProvider.setIdpMetaDataLocation(identityProvider.getIdpMetaDataLocation());
            convertToIdentityProvider.setIdpMetaDataURL(identityProvider.getIdpMetaDataURL());
            convertToIdentityProvider.setStatus(identityProvider.getStatus());
            convertToIdentityProvider.setValidationStatus(identityProvider.getValidationStatus());
            convertToIdentityProvider.setValidationLog(identityProvider.getValidationLog());
        }
        return convertToIdentityProvider;
    }

    private IdentityProvider convertToIdentityProvider(IdentityProviderRepresentation identityProviderRepresentation) {
        this.log.debug("kcIdp:{}", identityProviderRepresentation);
        if (identityProviderRepresentation == null) {
            return null;
        }
        IdentityProvider kcIdentityProviderToIdentityProvider = this.identityProviderMapper.kcIdentityProviderToIdentityProvider(identityProviderRepresentation);
        this.log.info("convertToIdentityProvider - idp:{}", kcIdentityProviderToIdentityProvider);
        return kcIdentityProviderToIdentityProvider;
    }

    private IdentityProviderRepresentation convertToIdentityProviderRepresentation(IdentityProvider identityProvider) {
        this.log.info("idp:{}", identityProvider);
        if (identityProvider == null) {
            return null;
        }
        IdentityProviderRepresentation identityProviderToKCIdentityProvider = this.identityProviderMapper.identityProviderToKCIdentityProvider(identityProvider);
        this.log.debug("convert IdentityProviderRepresentation - kcIdp:{}", identityProviderToKCIdentityProvider);
        this.log.trace("convert IDP data kcIdp.getAlias():{}, kcIdp.getInternalId():{}, kcIdp.getProviderId():{}, kcIdp.getConfig():{}, kcIdp.isEnabled():{}, kcIdp.isLinkOnly():{}, kcIdp.isStoreToken():{},kcIdp.getFirstBrokerLoginFlowAlias():{}, kcIdp.getPostBrokerLoginFlowAlias():{},kcIdp.isTrustEmail():{}", new Object[]{identityProviderToKCIdentityProvider.getAlias(), identityProviderToKCIdentityProvider.getInternalId(), identityProviderToKCIdentityProvider.getProviderId(), identityProviderToKCIdentityProvider.getConfig(), Boolean.valueOf(identityProviderToKCIdentityProvider.isEnabled()), Boolean.valueOf(identityProviderToKCIdentityProvider.isLinkOnly()), Boolean.valueOf(identityProviderToKCIdentityProvider.isStoreToken()), identityProviderToKCIdentityProvider.getFirstBrokerLoginFlowAlias(), identityProviderToKCIdentityProvider.getPostBrokerLoginFlowAlias(), Boolean.valueOf(identityProviderToKCIdentityProvider.isTrustEmail())});
        return identityProviderToKCIdentityProvider;
    }
}
