package net.bluemind.keycloak.internal;

import io.vertx.core.http.HttpMethod;
import io.vertx.core.json.JsonObject;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Objects;
import java.util.concurrent.TimeUnit;
import java.util.stream.Stream;
import net.bluemind.core.api.fault.ServerFault;
import net.bluemind.core.container.service.internal.RBACManager;
import net.bluemind.core.rest.BmContext;
import net.bluemind.core.task.api.TaskRef;
import net.bluemind.core.task.service.BlockingServerTask;
import net.bluemind.core.task.service.IServerTaskMonitor;
import net.bluemind.core.task.service.ITasksManager;
import net.bluemind.domain.api.Domain;
import net.bluemind.domain.api.IDomains;
import net.bluemind.keycloak.api.IKeycloakAdmin;
import net.bluemind.keycloak.api.IKeycloakUids;
import net.bluemind.keycloak.api.Realm;
import net.bluemind.keycloak.utils.KeycloakAdminClient;
import net.bluemind.keycloak.utils.KeycloakHelper;
import net.bluemind.keycloak.utils.adapters.RealmAdapter;
import net.bluemind.keycloak.utils.endpoint.KeycloakEndpoints;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.slf4j.event.Level;

/* loaded from: input_file:net/bluemind/keycloak/internal/KeycloakAdminService.class */
public class KeycloakAdminService implements IKeycloakAdmin {
    private static final Logger logger = LoggerFactory.getLogger(KeycloakAdminService.class);
    private RBACManager rbacManager;
    private BmContext context;

    public KeycloakAdminService(BmContext bmContext) {
        this.rbacManager = new RBACManager(bmContext);
        this.context = bmContext;
    }

    public void createRealm(String str) throws ServerFault {
        this.rbacManager.check(new String[]{"manageDomain"});
        String realmId = IKeycloakUids.realmId(str);
        logger.info("Create realm {} for domain {}", realmId, str);
        try {
            KeycloakAdminClient.getInstance().execute(KeycloakEndpoints.realmsAdminEndpoint(), HttpMethod.POST, RealmAdapter.build(str).toJson()).get(18L, TimeUnit.SECONDS);
            String realmAdminEndpoint = KeycloakEndpoints.realmAdminEndpoint(realmId);
            try {
                Stream filter = ((JsonObject) KeycloakAdminClient.getInstance().execute(realmAdminEndpoint + "/authentication/required-actions", HttpMethod.GET).get(18L, TimeUnit.SECONDS)).getJsonArray("results").stream().filter(Objects::nonNull);
                Class<JsonObject> cls = JsonObject.class;
                JsonObject.class.getClass();
                filter.filter(cls::isInstance).map(obj -> {
                    return (JsonObject) obj;
                }).filter(jsonObject -> {
                    return "VERIFY_PROFILE".equals(jsonObject.getString("alias"));
                }).map(jsonObject2 -> {
                    return jsonObject2.put("enabled", false);
                }).findAny().ifPresent(jsonObject3 -> {
                    try {
                        KeycloakAdminClient.getInstance().execute(realmAdminEndpoint + "/authentication/required-actions/VERIFY_PROFILE", HttpMethod.PUT, jsonObject3).get(18L, TimeUnit.SECONDS);
                    } catch (Exception e) {
                        throw new ServerFault("Failed to disable VERIFY_PROFILE required action", e);
                    }
                });
            } catch (Exception e) {
                throw new ServerFault("Failed to get realm required actions", e);
            }
        } catch (Exception e2) {
            throw new ServerFault("Failed to create realm", e2);
        }
    }

    public void deleteRealm(String str) throws ServerFault {
        this.rbacManager.check(new String[]{"manageDomain"});
        String realmId = IKeycloakUids.realmId(str);
        logger.info("Delete realm {} for domain {}", realmId, str);
        try {
            KeycloakAdminClient.getInstance().execute(KeycloakEndpoints.realmAdminEndpoint(realmId), HttpMethod.DELETE).get(18L, TimeUnit.SECONDS);
        } catch (Exception e) {
            throw new ServerFault("Failed to delete realm", e);
        }
    }

    public List<Realm> allRealms() throws ServerFault {
        this.rbacManager.check(new String[]{"manageDomain"});
        logger.info("Get realms");
        try {
            JsonObject jsonObject = (JsonObject) KeycloakAdminClient.getInstance().execute(KeycloakEndpoints.realmsAdminEndpoint(), HttpMethod.GET).get(18L, TimeUnit.SECONDS);
            ArrayList arrayList = new ArrayList();
            jsonObject.getJsonArray("results").forEach(obj -> {
                arrayList.add(RealmAdapter.fromJson((JsonObject) obj));
            });
            return arrayList;
        } catch (Exception unused) {
            throw new ServerFault("Failed fetch realms");
        }
    }

    public Realm getRealm(String str) throws ServerFault {
        this.rbacManager.check(new String[]{"manageDomain"});
        String realmId = IKeycloakUids.realmId(str);
        logger.info("Get realm {} for domain {}", realmId, str);
        try {
            return RealmAdapter.fromJson((JsonObject) KeycloakAdminClient.getInstance().execute(KeycloakEndpoints.realmAdminEndpoint(realmId), HttpMethod.GET).get(18L, TimeUnit.SECONDS));
        } catch (Exception e) {
            throw new ServerFault("Failed to get realm", e);
        }
    }

    public TaskRef initForDomain(final String str, final Boolean bool) throws ServerFault {
        this.rbacManager.check(new String[]{"manageDomain"});
        return ((ITasksManager) this.context.provider().instance(ITasksManager.class, new String[0])).run(new BlockingServerTask() { // from class: net.bluemind.keycloak.internal.KeycloakAdminService.1
            public void run(IServerTaskMonitor iServerTaskMonitor) throws Exception {
                String realmId = IKeycloakUids.realmId(str);
                iServerTaskMonitor.begin(1.0d, String.format("Init keycloak realm %s for domain %s ... ", realmId, str));
                try {
                    KeycloakHelper.initForDomain(str, bool != null && bool.booleanValue());
                    iServerTaskMonitor.end(true, String.format("Init keycloak realm %s for domain %s done ", realmId, str), "[]");
                } catch (Exception e) {
                    KeycloakAdminService.logger.error(e.getMessage(), e);
                    iServerTaskMonitor.end(false, String.format("Failed to init keycloak realm %s for domain %s ", realmId, str), "[]");
                }
            }
        });
    }

    public TaskRef reconfigure() throws ServerFault {
        this.rbacManager.check(new String[]{"manageDomain"});
        return ((ITasksManager) this.context.provider().instance(ITasksManager.class, new String[0])).run(new BlockingServerTask() { // from class: net.bluemind.keycloak.internal.KeycloakAdminService.2
            public void run(IServerTaskMonitor iServerTaskMonitor) throws Exception {
                List list = ((IDomains) KeycloakAdminService.this.context.su().provider().instance(IDomains.class, new String[0])).all().stream().filter(itemValue -> {
                    return !((Domain) itemValue.value).global;
                }).map(itemValue2 -> {
                    return itemValue2.uid;
                }).toList();
                iServerTaskMonitor.begin(1.0d + list.size(), String.format("Reset keycloak for %d domains", Integer.valueOf(list.size() + 1)));
                int i = 0;
                for (Realm realm : KeycloakAdminService.this.allRealms()) {
                    if (!"master".equals(realm.realm)) {
                        iServerTaskMonitor.log("Clear existing realm {}", new Object[]{realm.realm});
                        try {
                            KeycloakAdminService.this.deleteRealm(realm.realm);
                        } catch (Exception e) {
                            iServerTaskMonitor.log(e.getMessage(), Level.ERROR);
                            i++;
                        }
                    }
                }
                if (!initOneDomain(iServerTaskMonitor, "global.virt")) {
                    i++;
                }
                Iterator it = list.iterator();
                while (it.hasNext()) {
                    if (!initOneDomain(iServerTaskMonitor, (String) it.next())) {
                        i++;
                    }
                }
                if (i == 0) {
                    iServerTaskMonitor.end(true, "Domains reconfigured", "[]");
                } else {
                    iServerTaskMonitor.end(false, "Reconfiguration is incomplete, " + i + " error(s) detected", "[]");
                }
            }

            private boolean initOneDomain(IServerTaskMonitor iServerTaskMonitor, String str) {
                boolean z = false;
                try {
                    KeycloakHelper.initForDomain(str, false);
                } catch (Exception e) {
                    KeycloakAdminService.logger.error(e.getMessage(), e);
                    iServerTaskMonitor.log(e.getMessage(), Level.ERROR);
                    z = true;
                }
                iServerTaskMonitor.progress(1.0d, "Initializing realm for domain " + str + " " + (z ? "[FAILED]" : "[OK]"));
                return !z;
            }
        });
    }
}
