package io.jans.configapi.plugin.saml.service;

import com.fasterxml.jackson.core.JsonProcessingException;
import io.jans.configapi.core.util.Jackson;
import io.jans.configapi.plugin.saml.client.IdpClientFactory;
import io.jans.configapi.plugin.saml.model.IdentityProvider;
import io.jans.configapi.plugin.saml.util.Constants;
import io.jans.util.exception.InvalidAttributeException;
import jakarta.enterprise.context.ApplicationScoped;
import jakarta.inject.Inject;
import java.io.IOException;
import java.io.InputStream;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import org.apache.commons.lang.StringUtils;
import org.json.JSONArray;
import org.json.JSONException;
import org.json.JSONObject;
import org.slf4j.Logger;

@ApplicationScoped
/* loaded from: input_file:io/jans/configapi/plugin/saml/service/KeycloakService.class */
public class KeycloakService {
    public static final String REALM_NAME_NULL = "Realm name is null!!!";

    @Inject
    Logger logger;

    @Inject
    IdpClientFactory idpClientFactory;

    @Inject
    SamlConfigService samlConfigService;

    public List<IdentityProvider> findAllIdentityProviders(String str) throws IOException {
        this.logger.info("Fetch all IdentityProvider for realmName:{}, samlConfigService:{}", str, this.samlConfigService);
        if (StringUtils.isBlank(str)) {
            throw new InvalidAttributeException("IDP Realm name file is null!!!");
        }
        String kcAccessToken = getKcAccessToken(str);
        String idpUrl = getIdpUrl(str);
        this.logger.debug("Fetch all IdentityProvider for idpUrl:{}", idpUrl);
        String allIdp = this.idpClientFactory.getAllIdp(idpUrl, kcAccessToken);
        this.logger.info("Fetch all IdentityProvider for idpListAsString:{}", allIdp);
        List<IdentityProvider> createIdentityProviderList = createIdentityProviderList(allIdp);
        this.logger.info("Fetch all IdentityProvider for realmName:{}, identityProvider:{}", str, createIdentityProviderList);
        return createIdentityProviderList;
    }

    public Map<String, String> importSamlMetadata(String str, String str2, InputStream inputStream) throws IOException {
        this.logger.info("Import config providerId:{}, realmName:{}, idpMetadataStream:{} ", new Object[]{str, str2, inputStream});
        if (StringUtils.isBlank(str)) {
            throw new InvalidAttributeException("IDP ProviderId is null!!!");
        }
        if (StringUtils.isBlank(str2)) {
            throw new InvalidAttributeException("IDP Realm name file is null!!!");
        }
        if (inputStream == null) {
            throw new InvalidAttributeException("IDP Metedata file is null!!!");
        }
        String kcAccessToken = getKcAccessToken(str2);
        String samlMetadataImportUrl = getSamlMetadataImportUrl(str2);
        this.logger.info(" samlMetadataImportUrl:{}", samlMetadataImportUrl);
        Map<String, String> extractSamlMetadata = this.idpClientFactory.extractSamlMetadata(samlMetadataImportUrl, kcAccessToken, str, str2, inputStream);
        this.logger.info("Import SAML response for realmName:{}, config:{}", str2, extractSamlMetadata);
        boolean verifySamlIdpConfig = verifySamlIdpConfig(extractSamlMetadata);
        this.logger.debug("Is IDP metadata config valid:{}", Boolean.valueOf(verifySamlIdpConfig));
        if (verifySamlIdpConfig) {
            return extractSamlMetadata;
        }
        throw new InvalidAttributeException("Idp Metedata file is not valid !!!");
    }

    public IdentityProvider createUpdateIdentityProvider(String str, boolean z, IdentityProvider identityProvider) throws IOException {
        this.logger.info("Add/Update IdentityProvider under realmName:{}, isUpdate:{}, identityProvider:{})", new Object[]{str, Boolean.valueOf(z), identityProvider});
        if (StringUtils.isBlank(str)) {
            throw new InvalidAttributeException(REALM_NAME_NULL);
        }
        if (identityProvider == null) {
            throw new InvalidAttributeException("IdentityProvider object is null!!!");
        }
        String kcAccessToken = getKcAccessToken(str);
        String idpUrl = getIdpUrl(str);
        if (z) {
            idpUrl = idpUrl + "/" + identityProvider.getName();
            this.logger.info("Final URL for update IDP idpUrl:{}", idpUrl);
        }
        JSONObject createIdentityProviderJson = createIdentityProviderJson(identityProvider);
        populateKcConfig(createIdentityProviderJson);
        JSONObject createKcJSONObject = createKcJSONObject(createIdentityProviderJson);
        this.logger.info("Create new IdentityProvider - kcJsonObject:{}", createKcJSONObject);
        String createUpdateIdp = this.idpClientFactory.createUpdateIdp(idpUrl, kcAccessToken, z, createKcJSONObject);
        this.logger.debug("IdentityProvider response idpJson:{}", createUpdateIdp);
        this.logger.debug("IdentityProvider idp:{}", createIdentityProvider(createUpdateIdp));
        return identityProvider;
    }

    public boolean deleteIdentityProvider(String str, String str2) throws IOException {
        this.logger.info("Delete IdentityProvider under realmName:{}, idpName:{})", str, str2);
        if (StringUtils.isBlank(str)) {
            throw new InvalidAttributeException(REALM_NAME_NULL);
        }
        if (StringUtils.isBlank(str2)) {
            throw new InvalidAttributeException("Name of IdentityProvider to be deleted is null!!!");
        }
        String kcAccessToken = getKcAccessToken(str);
        String str3 = getIdpUrl(str) + "/" + str2;
        this.logger.info("IDP URL for delete is idpUrl:{}", str3);
        boolean deleteIdp = this.idpClientFactory.deleteIdp(str3, kcAccessToken);
        this.logger.info("IdentityProvider delete response deleteStatus:{}", Boolean.valueOf(deleteIdp));
        return deleteIdp;
    }

    public String getSpMetadata(String str, String str2) throws JsonProcessingException {
        if (StringUtils.isBlank(str)) {
            throw new InvalidAttributeException(REALM_NAME_NULL);
        }
        if (StringUtils.isBlank(str2)) {
            throw new InvalidAttributeException("Name of IdentityProvider is null!!!");
        }
        String kcAccessToken = getKcAccessToken(str);
        String spMetadataUrl = getSpMetadataUrl(str, str2);
        this.logger.info("IDP URL for delete is idpUrl:{}", spMetadataUrl);
        String spMetadata = this.idpClientFactory.getSpMetadata(spMetadataUrl, kcAccessToken);
        this.logger.info("IdentityProvider delete response spMetadataJson:{}", spMetadata);
        return spMetadata;
    }

    private String getKcAccessToken(String str) throws JsonProcessingException {
        this.logger.info(" realmName:{}", str);
        return IdpClientFactory.getAccessToken(getTokenUrl(str), this.samlConfigService.getClientId(), this.samlConfigService.getClientSecret(), this.samlConfigService.getGrantType(), this.samlConfigService.getScope(), this.samlConfigService.getUsername(), this.samlConfigService.getPassword(), this.samlConfigService.getServerUrl());
    }

    private String getIdpUrl(String str) {
        return this.samlConfigService.getIdpUrl(str);
    }

    private String getTokenUrl(String str) {
        return this.samlConfigService.getTokenUrl(str);
    }

    private String getSpMetadataUrl(String str, String str2) {
        return this.samlConfigService.getSpMetadataUrl(str, str2);
    }

    private String getSamlMetadataImportUrl(String str) {
        return this.samlConfigService.getIdpMetadataImportUrl(str);
    }

    private List<String> getKcAttributes() {
        return this.samlConfigService.getKcAttributes();
    }

    private List<String> getKcSamlConfig() {
        return this.samlConfigService.getKcSamlConfig();
    }

    private boolean verifySamlIdpConfig(Map<String, String> map) {
        this.logger.debug("verifySamlConfig - config:{}", map);
        if (map == null || map.isEmpty()) {
            return false;
        }
        this.logger.info("config.keySet().containsAll(Constants.SAML_IDP_CONFIG):{}", Boolean.valueOf(map.keySet().containsAll(Constants.SAML_IDP_CONFIG)));
        return map.keySet().containsAll(Constants.SAML_IDP_CONFIG);
    }

    private List<IdentityProvider> createIdentityProviderList(String str) throws IOException {
        this.logger.info("jsonIdentityProviderList:{}", str);
        if (StringUtils.isBlank(str)) {
            return null;
        }
        JSONArray jSONArray = new JSONArray(str);
        int length = jSONArray.length();
        ArrayList arrayList = new ArrayList();
        for (int i = 0; i < length; i++) {
            JSONObject jSONObject = jSONArray.getJSONObject(i);
            this.logger.trace(" i:{},{}", Integer.valueOf(i), jSONObject);
            if (jSONObject != null) {
                arrayList.add(createIdentityProvider(jSONObject.toString()));
            }
        }
        this.logger.info("idpList:{}", arrayList);
        return arrayList;
    }

    private JSONObject createIdentityProviderJson(IdentityProvider identityProvider) throws IOException {
        this.logger.info("Create Json - identityProvider:{}", identityProvider);
        if (identityProvider == null) {
            return null;
        }
        JSONObject jSONObject = new JSONObject(Jackson.asJson(identityProvider));
        jSONObject.put(Constants.INTERNAL_ID, identityProvider.getInum());
        jSONObject.put(Constants.ALIAS, identityProvider.getName());
        this.logger.info("jsonObj:{}", jSONObject);
        return jSONObject;
    }

    private IdentityProvider createIdentityProvider(String str) throws IOException {
        this.logger.info("jsonIdentityProvider:{}", str);
        if (StringUtils.isBlank(str)) {
            return null;
        }
        JSONObject jSONObject = new JSONObject(str);
        jSONObject.put(Constants.INUM, Jackson.getElement(str, Constants.INTERNAL_ID));
        jSONObject.put(Constants.NAME, Jackson.getElement(str, Constants.ALIAS));
        IdentityProvider identityProvider = (IdentityProvider) Jackson.createJsonMapper().readValue(jSONObject.toString(), IdentityProvider.class);
        this.logger.info("IDP - identityProvider:{}", identityProvider);
        return identityProvider;
    }

    private JSONObject populateKcConfig(JSONObject jSONObject) {
        this.logger.info("IDP - jsonObject:{}", jSONObject);
        List<String> kcSamlConfig = getKcSamlConfig();
        this.logger.info("kcSamlConfig:{}", kcSamlConfig);
        if (jSONObject == null || kcSamlConfig == null || kcSamlConfig.isEmpty()) {
            return jSONObject;
        }
        HashMap hashMap = new HashMap();
        for (String str : kcSamlConfig) {
            this.logger.trace("name:{}, jsonObject.has(name):{}", str, Boolean.valueOf(jSONObject.has(str)));
            if (jSONObject.has(str)) {
                hashMap.put(str, jSONObject.getString(str));
            }
        }
        this.logger.info("config:{}", hashMap);
        jSONObject.put("config", (Map) hashMap);
        this.logger.debug("IDP metadata config config:{})", hashMap);
        if (hashMap.isEmpty()) {
            throw new InvalidAttributeException("Idp Metedata config is null!!!");
        }
        this.logger.debug("Is IDP metadata config valid:{})", Boolean.valueOf(verifySamlIdpConfig(hashMap)));
        this.logger.info("Post config IDP jsonObject:{}", jSONObject);
        return jSONObject;
    }

    private JSONObject createKcJSONObject(JSONObject jSONObject) {
        this.logger.info("For KC - jsonObject:{}", jSONObject);
        List<String> kcAttributes = getKcAttributes();
        if (jSONObject == null || kcAttributes == null || kcAttributes.isEmpty()) {
            return jSONObject;
        }
        JSONObject jSONObject2 = new JSONObject();
        for (String str : kcAttributes) {
            try {
                this.logger.trace("name:{}, jsonObject.get(name):{}", str, jSONObject.get(str));
                jSONObject2.put(str, jSONObject.get(str));
            } catch (JSONException e) {
                this.logger.error("JSONException for attribute:{}, is:{}", str, e);
            }
        }
        this.logger.info("kcJSONObject:{}", jSONObject2);
        return jSONObject2;
    }
}
