package org.simexid.keycloak.service;

import com.google.gson.Gson;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import org.simexid.keycloak.enums.KeycloakEnum;
import org.simexid.keycloak.exception.AttributesException;
import org.simexid.keycloak.exception.AuthorizationException;
import org.simexid.keycloak.exception.GenericException;
import org.simexid.keycloak.exception.MultipleRolesFoundException;
import org.simexid.keycloak.exception.MultipleUsersFoundException;
import org.simexid.keycloak.exception.RoleNotFoundException;
import org.simexid.keycloak.exception.UserNotFoundException;
import org.simexid.keycloak.model.KeycloakTokenResponse;
import org.simexid.keycloak.model.SSORoles;
import org.simexid.keycloak.model.SSOUser;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.core.ParameterizedTypeReference;
import org.springframework.http.HttpEntity;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpMethod;
import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
import org.springframework.http.ResponseEntity;
import org.springframework.stereotype.Service;
import org.springframework.util.LinkedMultiValueMap;
import org.springframework.util.MultiValueMap;
import org.springframework.web.client.RestTemplate;

@Service
/* loaded from: input_file:org/simexid/keycloak/service/KeycloakUtil.class */
public class KeycloakUtil {

    @Value("${simexid.security.keycloak.token-url}")
    private String tokenUrl;

    @Value("${simexid.security.keycloak.user-url}")
    private String userUrl;

    @Value("${simexid.security.keycloak.admin-url}")
    private String adminUrl;

    @Value("${simexid.security.keycloak.client-id}")
    private String clientId;

    @Value("${simexid.security.keycloak.client-uuid}")
    private String clientUiid;

    @Value("${simexid.security.keycloak.client-secret}")
    private String clientSecret;

    @Value("${simexid.security.keycloak.grant-type}")
    private String grantType;
    private long expiration;
    private String token = "";
    private HttpHeaders headers = new HttpHeaders();
    private MultiValueMap<String, String> map = new LinkedMultiValueMap();

    private void handleInputForKeycloakAuth() {
        this.headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
        if (this.map.isEmpty()) {
            this.map.add("client_id", this.clientId);
            this.map.add("client_secret", this.clientSecret);
            this.map.add("grant_type", this.grantType);
        }
    }

    public boolean authorized() throws AuthorizationException {
        long time = new Date().getTime();
        if (!this.token.isEmpty() && time < this.expiration) {
            return true;
        }
        try {
            RestTemplate restTemplate = new RestTemplate();
            handleInputForKeycloakAuth();
            ResponseEntity postForEntity = restTemplate.postForEntity(this.tokenUrl, new HttpEntity(this.map, this.headers), KeycloakTokenResponse.class, new Object[0]);
            KeycloakTokenResponse keycloakTokenResponse = (KeycloakTokenResponse) postForEntity.getBody();
            if (!postForEntity.getStatusCode().is2xxSuccessful() || keycloakTokenResponse == null || keycloakTokenResponse.getAccessToken().isBlank() || keycloakTokenResponse.getExp() <= 0) {
                return false;
            }
            this.token = keycloakTokenResponse.getAccessToken();
            this.expiration = new Date().getTime() + (keycloakTokenResponse.getExp() * 1000);
            return true;
        } catch (Exception e) {
            throw new AuthorizationException();
        }
    }

    public SSOUser getUserInfo(String str) throws GenericException, AuthorizationException {
        if (!authorized()) {
            return null;
        }
        try {
            RestTemplate restTemplate = new RestTemplate();
            this.headers.setContentType(MediaType.APPLICATION_JSON);
            this.headers.setBearerAuth(this.token);
            ResponseEntity exchange = restTemplate.exchange(this.userUrl + "/" + str, HttpMethod.GET, new HttpEntity((Object) null, this.headers), String.class, new Object[0]);
            if (exchange.getStatusCode().is2xxSuccessful()) {
                return (SSOUser) new Gson().fromJson((String) exchange.getBody(), SSOUser.class);
            }
            if (exchange.getStatusCode().isSameCodeAs(HttpStatus.valueOf(404))) {
                return null;
            }
            throw new GenericException();
        } catch (Exception e) {
            throw new GenericException();
        }
    }

    public boolean updateUser(String str, SSOUser sSOUser) throws AuthorizationException, GenericException {
        if (!authorized()) {
            return false;
        }
        try {
            RestTemplate restTemplate = new RestTemplate();
            this.headers.setContentType(MediaType.APPLICATION_JSON);
            this.headers.setBearerAuth(this.token);
            return restTemplate.exchange(this.userUrl + "/" + str, HttpMethod.PUT, new HttpEntity(sSOUser, this.headers), String.class, new Object[0]).getStatusCode().is2xxSuccessful();
        } catch (Exception e) {
            throw new GenericException();
        }
    }

    public boolean addUserAttributes(String str, List<HashMap<String, List<String>>> list) throws AuthorizationException, GenericException, AttributesException {
        SSOUser userInfo = getUserInfo(str);
        Iterator<HashMap<String, List<String>>> it = list.iterator();
        while (it.hasNext()) {
            for (Map.Entry<String, List<String>> entry : it.next().entrySet()) {
                userInfo.getAttributes().put(entry.getKey(), entry.getValue());
            }
        }
        return callForAddAttributes(str, "{\"email\":\"" + userInfo.getEmail() + "\",\"attributes\":" + new Gson().toJson(userInfo.getAttributes()) + "}}");
    }

    public boolean deleteUserAttributes(String str, List<String> list) throws AuthorizationException, GenericException, AttributesException {
        SSOUser userInfo = getUserInfo(str);
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            userInfo.getAttributes().remove(it.next());
        }
        return callForAddAttributes(str, "{\"email\":\"" + userInfo.getEmail() + "\",\"attributes\":" + new Gson().toJson(userInfo.getAttributes()) + "}}");
    }

    public boolean callForAddAttributes(String str, String str2) throws AuthorizationException, AttributesException {
        if (!authorized()) {
            return false;
        }
        try {
            RestTemplate restTemplate = new RestTemplate();
            this.headers.setContentType(MediaType.APPLICATION_JSON);
            this.headers.setBearerAuth(this.token);
            return restTemplate.exchange(this.userUrl + "/" + str, HttpMethod.PUT, new HttpEntity(str2, this.headers), String.class, new Object[0]).getStatusCode().is2xxSuccessful();
        } catch (Exception e) {
            throw new AttributesException();
        }
    }

    public boolean addRoleToUser(KeycloakEnum.SearchUserType searchUserType, String str, String str2, KeycloakEnum.Type type, String str3) throws MultipleUsersFoundException, MultipleRolesFoundException, AuthorizationException, GenericException {
        if (str3 == null || str3.isBlank()) {
            str3 = this.clientUiid;
        }
        List<SSOUser> searchUser = searchUser(searchUserType, str);
        if (searchUser.size() > 1) {
            throw new MultipleUsersFoundException();
        }
        List<SSORoles> searchRoles = searchRoles(str2, type, str3);
        if (searchRoles.size() > 1) {
            throw new MultipleRolesFoundException();
        }
        List<SSORoles> retrieveUserRole = retrieveUserRole(searchUser.get(0).getId(), type, str3);
        retrieveUserRole.add(searchRoles.get(0));
        return callForAddRole(searchUser.get(0).getId(), retrieveUserRole.toString(), type, str3);
    }

    public boolean deleteRoleToUser(KeycloakEnum.SearchUserType searchUserType, String str, String str2, KeycloakEnum.Type type, String str3) throws MultipleUsersFoundException, MultipleRolesFoundException, AuthorizationException, GenericException {
        if (str3 == null || str3.isBlank()) {
            str3 = this.clientUiid;
        }
        List<SSOUser> searchUser = searchUser(searchUserType, str);
        if (searchUser.size() > 1) {
            throw new MultipleUsersFoundException();
        }
        List<SSORoles> searchRoles = searchRoles(str2, type, str3);
        if (searchRoles.size() > 1) {
            throw new MultipleRolesFoundException();
        }
        List<SSORoles> retrieveUserRole = retrieveUserRole(searchUser.get(0).getId(), type, str3);
        retrieveUserRole.remove(searchRoles.get(0));
        return callForAddRole(searchUser.get(0).getId(), retrieveUserRole.toString(), type, str3);
    }

    /* JADX WARN: Failed to find 'out' block for switch in B:7:0x0011. Please report as an issue. */
    public boolean callForAddRole(String str, String str2, KeycloakEnum.Type type, String str3) throws AuthorizationException, GenericException {
        String str4;
        if (!authorized()) {
            return false;
        }
        try {
            switch (type) {
                case REALM:
                    str4 = "/role-mappings/realm";
                    RestTemplate restTemplate = new RestTemplate();
                    this.headers.setContentType(MediaType.APPLICATION_JSON);
                    this.headers.setBearerAuth(this.token);
                    return restTemplate.exchange(this.userUrl + "/" + str + str4, HttpMethod.POST, new HttpEntity(str2, this.headers), String.class, new Object[0]).getStatusCode().is2xxSuccessful();
                case CLIENT:
                    str4 = "/role-mappings/clients/" + str3;
                    RestTemplate restTemplate2 = new RestTemplate();
                    this.headers.setContentType(MediaType.APPLICATION_JSON);
                    this.headers.setBearerAuth(this.token);
                    return restTemplate2.exchange(this.userUrl + "/" + str + str4, HttpMethod.POST, new HttpEntity(str2, this.headers), String.class, new Object[0]).getStatusCode().is2xxSuccessful();
                default:
                    return false;
            }
        } catch (Exception e) {
            throw new GenericException();
        }
    }

    public List<SSOUser> searchUser(KeycloakEnum.SearchUserType searchUserType, String str) throws AuthorizationException, GenericException {
        if (!authorized()) {
            return null;
        }
        try {
            RestTemplate restTemplate = new RestTemplate();
            this.headers.setContentType(MediaType.APPLICATION_JSON);
            this.headers.setBearerAuth(this.token);
            ResponseEntity exchange = restTemplate.exchange(this.userUrl + "?" + searchUserType.getText() + "=" + str, HttpMethod.GET, new HttpEntity((Object) null, this.headers), new ParameterizedTypeReference<List<SSOUser>>() { // from class: org.simexid.keycloak.service.KeycloakUtil.1
            }, new Object[0]);
            if (!exchange.getStatusCode().is2xxSuccessful()) {
                throw new GenericException();
            }
            if (((List) Objects.requireNonNull((List) exchange.getBody())).isEmpty()) {
                throw new UserNotFoundException();
            }
            return (List) Objects.requireNonNull((List) exchange.getBody());
        } catch (Exception e) {
            throw new GenericException(e);
        }
    }

    public List<SSORoles> searchRoles(String str, KeycloakEnum.Type type, String str2) throws AuthorizationException, GenericException {
        String str3;
        if (!authorized()) {
            return null;
        }
        try {
            switch (type) {
                case REALM:
                    str3 = "/roles";
                    break;
                case CLIENT:
                    str3 = "/clients/" + str2 + "/roles";
                    break;
                default:
                    return null;
            }
            RestTemplate restTemplate = new RestTemplate();
            this.headers.setContentType(MediaType.APPLICATION_JSON);
            this.headers.setBearerAuth(this.token);
            ResponseEntity exchange = restTemplate.exchange(this.adminUrl + str3 + "?search=" + str, HttpMethod.GET, new HttpEntity((Object) null, this.headers), new ParameterizedTypeReference<List<SSORoles>>() { // from class: org.simexid.keycloak.service.KeycloakUtil.2
            }, new Object[0]);
            if (!exchange.getStatusCode().is2xxSuccessful()) {
                throw new GenericException();
            }
            if (((List) Objects.requireNonNull((List) exchange.getBody())).isEmpty()) {
                throw new RoleNotFoundException();
            }
            return (List) Objects.requireNonNull((List) exchange.getBody());
        } catch (Exception e) {
            throw new GenericException(e);
        }
    }

    public List<SSORoles> retrieveUserRole(String str, KeycloakEnum.Type type, String str2) throws AuthorizationException, GenericException {
        String str3;
        if (!authorized()) {
            return null;
        }
        try {
            switch (type) {
                case REALM:
                    str3 = "/role-mappings/realm";
                    break;
                case CLIENT:
                    str3 = "/role-mappings/clients/" + str2;
                    break;
                default:
                    return null;
            }
            RestTemplate restTemplate = new RestTemplate();
            this.headers.setContentType(MediaType.APPLICATION_JSON);
            this.headers.setBearerAuth(this.token);
            ResponseEntity exchange = restTemplate.exchange(this.userUrl + "/" + str + str3, HttpMethod.GET, new HttpEntity((Object) null, this.headers), new ParameterizedTypeReference<List<SSORoles>>() { // from class: org.simexid.keycloak.service.KeycloakUtil.3
            }, new Object[0]);
            if (!exchange.getStatusCode().is2xxSuccessful()) {
                throw new GenericException();
            }
            if (((List) Objects.requireNonNull((List) exchange.getBody())).isEmpty()) {
                throw new RoleNotFoundException();
            }
            return (List) exchange.getBody();
        } catch (Exception e) {
            throw new GenericException(e);
        }
    }
}
