package io.jans.kc.api.admin.client;

import io.jans.kc.api.admin.client.model.ManagedSamlClient;
import jakarta.ws.rs.client.Client;
import jakarta.ws.rs.client.ClientBuilder;
import java.util.List;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import java.util.stream.Collectors;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;
import org.jboss.resteasy.client.jaxrs.engines.ApacheHttpClient43Engine;
import org.keycloak.admin.client.Keycloak;
import org.keycloak.admin.client.KeycloakBuilder;
import org.keycloak.admin.client.resource.ClientResource;
import org.keycloak.admin.client.resource.RealmResource;
import org.keycloak.representations.idm.ClientRepresentation;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:io/jans/kc/api/admin/client/KeycloakApi.class */
public class KeycloakApi {
    private static final String SAML_PROTOCOL = "saml";
    private Keycloak keycloak;
    private static final Integer DEFAULT_CONNPOOL_SIZE = 5;
    private static final Integer DEFAULT_MAX_CONN_PER_ROUTE = 100;
    private static final Pattern CLIENT_NAME_REGEX = Pattern.compile("^jans_saml_([a-zA-Z0-9\\-]+)$");
    private static final Logger log = LoggerFactory.getLogger(KeycloakApi.class);

    private KeycloakApi(Keycloak keycloak) {
        this.keycloak = keycloak;
    }

    public List<ManagedSamlClient> findAllManagedSamlClients(String str) {
        try {
            List findAll = realmByName(str).clients().findAll();
            log.debug("Clients from realm count : {}", Integer.valueOf(findAll.size()));
            return (List) findAll.stream().filter(KeycloakApi::isManagedClientRepresentation).map(KeycloakApi::toManagedSamlClient).collect(Collectors.toList());
        } catch (Exception e) {
            throw new KeycloakAdminClientApiError("Could not get managed clients", e);
        }
    }

    public void deleteManagedSamlClient(String str, ManagedSamlClient managedSamlClient) {
        try {
            ClientResource clientResource = realmByName(str).clients().get(managedSamlClient.keycloakId());
            if (clientResource != null) {
                clientResource.remove();
            }
        } catch (Exception e) {
            throw new KeycloakAdminClientApiError("Could not delete managed client", e);
        }
    }

    private RealmResource realmByName(String str) {
        return this.keycloak.realm(str);
    }

    public static final KeycloakApi createInstance(KeycloakConfiguration keycloakConfiguration) {
        try {
            Keycloak createKeycloakInstance = createKeycloakInstance(keycloakConfiguration);
            createKeycloakInstance.serverInfo().getInfo();
            return new KeycloakApi(createKeycloakInstance);
        } catch (IllegalStateException e) {
            throw new KeycloakConfigurationError("Could not create keycloak instance", e);
        }
    }

    private static final Keycloak createKeycloakInstance(KeycloakConfiguration keycloakConfiguration) throws IllegalStateException {
        return KeycloakBuilder.builder().serverUrl(keycloakConfiguration.serverUrl()).realm(keycloakConfiguration.realm()).username(keycloakConfiguration.username()).password(keycloakConfiguration.password()).clientId(keycloakConfiguration.clientId()).grantType("password").resteasyClient(createResteasyClient(keycloakConfiguration)).build();
    }

    private static final Client createResteasyClient(KeycloakConfiguration keycloakConfiguration) {
        Integer num = DEFAULT_CONNPOOL_SIZE;
        Integer connPoolSize = (keycloakConfiguration.connPoolSize() == null || keycloakConfiguration.connPoolSize().intValue() == 0) ? DEFAULT_CONNPOOL_SIZE : keycloakConfiguration.connPoolSize();
        PoolingHttpClientConnectionManager poolingHttpClientConnectionManager = new PoolingHttpClientConnectionManager();
        CloseableHttpClient build = HttpClients.custom().setConnectionManager(poolingHttpClientConnectionManager).build();
        poolingHttpClientConnectionManager.setMaxTotal(connPoolSize.intValue());
        poolingHttpClientConnectionManager.setDefaultMaxPerRoute(DEFAULT_MAX_CONN_PER_ROUTE.intValue());
        return ClientBuilder.newBuilder().httpEngine(new ApacheHttpClient43Engine(build)).build();
    }

    private static boolean isManagedClientRepresentation(ClientRepresentation clientRepresentation) {
        log.debug("Protocol: {} / Name: {}", clientRepresentation.getProtocol(), clientRepresentation.getName());
        if (!SAML_PROTOCOL.equalsIgnoreCase(clientRepresentation.getProtocol())) {
            log.debug("Protocol does not match");
            return false;
        }
        boolean matches = CLIENT_NAME_REGEX.matcher(clientRepresentation.getName()).matches();
        log.debug("Matches: {}", Boolean.valueOf(matches));
        return matches;
    }

    private static ManagedSamlClient toManagedSamlClient(ClientRepresentation clientRepresentation) {
        Matcher matcher = CLIENT_NAME_REGEX.matcher(clientRepresentation.getName());
        if (matcher.matches()) {
            return new ManagedSamlClient(clientRepresentation, matcher.group(1));
        }
        return null;
    }
}
