package net.bluemind.keycloak.utils.adapters;

import io.vertx.core.json.JsonArray;
import io.vertx.core.json.JsonObject;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
import java.util.Optional;
import java.util.Set;
import net.bluemind.keycloak.api.OidcClient;
import net.bluemind.keycloak.utils.KeycloakHelper;
import net.bluemind.network.topology.Topology;
import net.bluemind.server.api.Server;
import net.bluemind.server.api.TagDescriptor;

/* loaded from: input_file:net/bluemind/keycloak/utils/adapters/OidcClientAdapter.class */
public class OidcClientAdapter {
    private static final String BACK_CHANNEL_SID_REQUIRED = "true";
    public final OidcClient oidcClient;
    public final Optional<String> flowId;
    public final Optional<ProtocolMapper> protocolMapper;
    private static final String BACK_CHANNEL_URL = "http://" + ((Server) Topology.get().any(TagDescriptor.bm_core.getTag()).value).address() + ":8080/bluemind_sso_logout/backchannel";
    public static final String POST_LOGOUT_REDIRECT_URIS = "post.logout.redirect.uris";
    private static final String BACK_CHANNEL_URL_KEY = "backchannel.logout.url";
    private static final String BACK_CHANNEL_SID_REQUIRED_KEY = "backchannel.logout.session.required";
    public static final Set<String> MANAGED_ATTRIBUTES = Set.of(POST_LOGOUT_REDIRECT_URIS, BACK_CHANNEL_URL_KEY, BACK_CHANNEL_SID_REQUIRED_KEY);

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:net/bluemind/keycloak/utils/adapters/OidcClientAdapter$ProtocolMapper.class */
    public static class ProtocolMapper {
        public String name;
        public String protocol;
        public String protocolMapper;
        public boolean consentRequired;
        public Map<String, String> config = new HashMap();

        private ProtocolMapper() {
        }

        public static ProtocolMapper build() {
            ProtocolMapper protocolMapper = new ProtocolMapper();
            protocolMapper.name = "bm_pubpriv";
            protocolMapper.protocol = "openid-connect";
            protocolMapper.protocolMapper = "oidc-usermodel-attribute-mapper";
            protocolMapper.consentRequired = false;
            protocolMapper.config = Map.of("user.attribute", "bm_pubpriv", "claim.name", "bm_pubpriv", "aggregate.attrs", "false", "multivalued", "false", "access.token.claim", OidcClientAdapter.BACK_CHANNEL_SID_REQUIRED, "userinfo.token.claim", "false", "id.token.claim", "false");
            return protocolMapper;
        }

        public JsonArray toJson() {
            JsonObject jsonObject = new JsonObject();
            jsonObject.put("name", this.name);
            jsonObject.put("protocol", this.protocol);
            jsonObject.put("protocolMapper", this.protocolMapper);
            jsonObject.put("consentRequired", Boolean.valueOf(this.consentRequired));
            JsonObject jsonObject2 = new JsonObject();
            jsonObject.put("config", jsonObject2);
            Map<String, String> map = this.config;
            jsonObject2.getClass();
            map.forEach((v1, v2) -> {
                r1.put(v1, v2);
            });
            JsonArray jsonArray = new JsonArray();
            jsonArray.add(jsonObject);
            return jsonArray;
        }
    }

    private OidcClientAdapter(OidcClient oidcClient, Optional<String> optional, Optional<ProtocolMapper> optional2) {
        this.oidcClient = oidcClient;
        this.flowId = optional;
        this.protocolMapper = optional2;
    }

    private OidcClientAdapter(OidcClient oidcClient, Optional<String> optional) {
        this(oidcClient, optional, Optional.empty());
    }

    public OidcClientAdapter(OidcClient oidcClient) {
        this(oidcClient, Optional.empty(), Optional.empty());
    }

    public static OidcClientAdapter build(String str, String str2, Optional<String> optional) {
        OidcClient oidcClient = new OidcClient();
        oidcClient.enabled = true;
        oidcClient.id = str2;
        oidcClient.clientId = str2;
        oidcClient.directAccessGrantsEnabled = true;
        oidcClient.redirectUris = KeycloakHelper.getDomainUrls(str);
        oidcClient.webOrigins = Set.of("+");
        oidcClient.attributes = Map.of(POST_LOGOUT_REDIRECT_URIS, "*", BACK_CHANNEL_URL_KEY, BACK_CHANNEL_URL, BACK_CHANNEL_SID_REQUIRED_KEY, BACK_CHANNEL_SID_REQUIRED);
        oidcClient.baseUrl = KeycloakHelper.getExternalUrl(str);
        return new OidcClientAdapter(oidcClient, optional, Optional.of(ProtocolMapper.build()));
    }

    public static OidcClientAdapter fromJson(JsonObject jsonObject) {
        if (jsonObject == null) {
            return null;
        }
        OidcClient oidcClient = new OidcClient();
        oidcClient.enabled = jsonObject.getBoolean("enabled").booleanValue();
        oidcClient.id = jsonObject.getString("id");
        oidcClient.clientId = jsonObject.getString("clientId");
        oidcClient.publicClient = jsonObject.getBoolean("publicClient").booleanValue();
        oidcClient.secret = jsonObject.getString("secret");
        oidcClient.standardFlowEnabled = jsonObject.getBoolean("standardFlowEnabled").booleanValue();
        oidcClient.directAccessGrantsEnabled = jsonObject.getBoolean("directAccessGrantsEnabled").booleanValue();
        oidcClient.serviceAccountsEnabled = jsonObject.getBoolean("serviceAccountsEnabled").booleanValue();
        oidcClient.rootUrl = jsonObject.getString("rootUrl");
        oidcClient.redirectUris = new HashSet(jsonObject.getJsonArray("redirectUris").getList());
        oidcClient.webOrigins = new HashSet(jsonObject.getJsonArray("webOrigins").getList());
        oidcClient.baseUrl = jsonObject.getString("baseUrl");
        oidcClient.attributes = new HashMap();
        jsonObject.getJsonObject("attributes").stream().filter(entry -> {
            return MANAGED_ATTRIBUTES.contains(entry.getKey());
        }).forEach(entry2 -> {
            oidcClient.attributes.put((String) entry2.getKey(), entry2.getValue().toString());
        });
        return new OidcClientAdapter(oidcClient, Optional.ofNullable(jsonObject.getJsonObject("authenticationFlowBindingOverrides")).map(jsonObject2 -> {
            return jsonObject2.getString("browser");
        }));
    }

    public JsonObject toJson() {
        JsonObject jsonObject = new JsonObject();
        jsonObject.put("enabled", Boolean.valueOf(this.oidcClient.enabled));
        jsonObject.put("id", this.oidcClient.id);
        jsonObject.put("clientId", this.oidcClient.clientId);
        jsonObject.put("publicClient", Boolean.valueOf(this.oidcClient.publicClient));
        if (this.oidcClient.secret != null) {
            jsonObject.put("secret", this.oidcClient.secret);
        }
        jsonObject.put("redirectUris", this.oidcClient.redirectUris);
        jsonObject.put("baseUrl", this.oidcClient.baseUrl);
        jsonObject.put("rootUrl", this.oidcClient.rootUrl);
        JsonArray jsonArray = new JsonArray();
        Set set = this.oidcClient.webOrigins;
        jsonArray.getClass();
        set.forEach((v1) -> {
            r1.add(v1);
        });
        jsonObject.put("webOrigins", jsonArray);
        if (this.oidcClient.attributes != null) {
            JsonObject jsonObject2 = new JsonObject();
            Map map = this.oidcClient.attributes;
            jsonObject2.getClass();
            map.forEach((v1, v2) -> {
                r1.put(v1, v2);
            });
            jsonObject.put("attributes", jsonObject2);
        }
        jsonObject.put("standardFlowEnabled", Boolean.valueOf(this.oidcClient.standardFlowEnabled));
        jsonObject.put("directAccessGrantsEnabled", Boolean.valueOf(this.oidcClient.directAccessGrantsEnabled));
        jsonObject.put("serviceAccountsEnabled", Boolean.valueOf(this.oidcClient.serviceAccountsEnabled));
        this.flowId.ifPresent(str -> {
            JsonObject jsonObject3 = new JsonObject();
            jsonObject3.put("browser", str);
            jsonObject.put("authenticationFlowBindingOverrides", jsonObject3);
        });
        this.protocolMapper.ifPresent(protocolMapper -> {
            jsonObject.put("protocolMappers", protocolMapper.toJson());
        });
        return jsonObject;
    }
}
