package ru.playa.keycloak.modules.vk;

import com.fasterxml.jackson.databind.JsonNode;
import java.io.IOException;
import org.keycloak.broker.oidc.mappers.AbstractJsonUserAttributeMapper;
import org.keycloak.broker.provider.BrokeredIdentityContext;
import org.keycloak.broker.provider.IdentityBrokerException;
import org.keycloak.broker.provider.util.SimpleHttp;
import org.keycloak.broker.social.SocialIdentityProvider;
import org.keycloak.events.EventBuilder;
import org.keycloak.models.KeycloakSession;
import ru.playa.keycloak.modules.AbstractRussianOAuth2IdentityProvider;
import ru.playa.keycloak.modules.JsonUtils;
import ru.playa.keycloak.modules.MessageUtils;
import ru.playa.keycloak.modules.StringUtils;

/* loaded from: input_file:ru/playa/keycloak/modules/vk/VKIdentityProvider.class */
public class VKIdentityProvider extends AbstractRussianOAuth2IdentityProvider<VKIdentityProviderConfig> implements SocialIdentityProvider<VKIdentityProviderConfig> {
    private static final String AUTH_URL = "https://oauth.vk.com/authorize";
    private static final String TOKEN_URL = "https://oauth.vk.com/access_token";
    private static final String PROFILE_URL = "https://api.vk.com/method/users.get";
    private static final String DEFAULT_SCOPE = "";

    public VKIdentityProvider(KeycloakSession keycloakSession, VKIdentityProviderConfig vKIdentityProviderConfig) {
        super(keycloakSession, vKIdentityProviderConfig);
        vKIdentityProviderConfig.setAuthorizationUrl("https://oauth.vk.com/authorize?v=" + ((VKIdentityProviderConfig) getConfig()).getVersion());
        vKIdentityProviderConfig.setTokenUrl("https://oauth.vk.com/access_token?v=" + ((VKIdentityProviderConfig) getConfig()).getVersion());
        vKIdentityProviderConfig.setUserInfoUrl("https://api.vk.com/method/users.get?v=" + ((VKIdentityProviderConfig) getConfig()).getVersion());
    }

    protected boolean supportsExternalExchange() {
        return true;
    }

    protected String getProfileEndpointForValidation(EventBuilder eventBuilder) {
        return PROFILE_URL;
    }

    protected SimpleHttp buildUserInfoRequest(String str, String str2) {
        return SimpleHttp.doGet("https://api.vk.com/method/users.get?v=" + ((VKIdentityProviderConfig) getConfig()).getVersion() + "&access_token=" + str, this.session);
    }

    protected BrokeredIdentityContext extractIdentityFromProfile(EventBuilder eventBuilder, JsonNode jsonNode) {
        JsonNode jsonNode2 = jsonNode.get("response").get(0);
        BrokeredIdentityContext brokeredIdentityContext = new BrokeredIdentityContext(getJsonProperty(jsonNode2, "id"));
        brokeredIdentityContext.setUsername(getJsonProperty(jsonNode2, "screen_name"));
        brokeredIdentityContext.setFirstName(getJsonProperty(jsonNode2, "first_name"));
        brokeredIdentityContext.setLastName(getJsonProperty(jsonNode2, "last_name"));
        brokeredIdentityContext.setIdpConfig(getConfig());
        brokeredIdentityContext.setIdp(this);
        AbstractJsonUserAttributeMapper.storeUserProfileForMapper(brokeredIdentityContext, jsonNode2, ((VKIdentityProviderConfig) getConfig()).getAlias());
        return brokeredIdentityContext;
    }

    private BrokeredIdentityContext extractIdentityFromProfile(JsonNode jsonNode, String str) {
        BrokeredIdentityContext extractIdentityFromProfile = extractIdentityFromProfile((EventBuilder) null, jsonNode);
        if (((VKIdentityProviderConfig) getConfig()).isEmailRequired() && StringUtils.isNullOrEmpty(str)) {
            throw new IllegalArgumentException(MessageUtils.email("VK"));
        }
        if (StringUtils.isNullOrEmpty(extractIdentityFromProfile.getUsername())) {
            extractIdentityFromProfile.setUsername(str);
        }
        extractIdentityFromProfile.setEmail(str);
        return extractIdentityFromProfile;
    }

    public BrokeredIdentityContext getFederatedIdentity(String str) {
        String extractTokenFromResponse = extractTokenFromResponse(str, getAccessTokenResponseParameter());
        String asString = JsonUtils.getAsString(str, "user_id");
        String asString2 = JsonUtils.getAsString(str, "email");
        if (extractTokenFromResponse == null) {
            throw new IdentityBrokerException("No access token available in OAuth server response: " + str);
        }
        BrokeredIdentityContext doGetFederatedIdentity = doGetFederatedIdentity(extractTokenFromResponse, asString, asString2);
        doGetFederatedIdentity.getContextData().put("FEDERATED_ACCESS_TOKEN", extractTokenFromResponse);
        return doGetFederatedIdentity;
    }

    private BrokeredIdentityContext doGetFederatedIdentity(String str, String str2, String str3) {
        try {
            return extractIdentityFromProfile(SimpleHttp.doGet("https://api.vk.com/method/users.get?v=" + ((VKIdentityProviderConfig) getConfig()).getVersion() + "&access_token=" + str + "&user_ids=" + str2 + "&fields=screen_name&name_case=Nom", this.session).param("content-type", "application/json; charset=utf-8").asJson(), str3);
        } catch (IOException e) {
            throw new IdentityBrokerException("Could not obtain user profile from VK: " + e.getMessage(), e);
        }
    }

    protected BrokeredIdentityContext doGetFederatedIdentity(String str) {
        try {
            return extractIdentityFromProfile((EventBuilder) null, SimpleHttp.doGet("https://api.vk.com/method/users.get?v=" + ((VKIdentityProviderConfig) getConfig()).getVersion() + "&access_token=" + str, this.session).asJson());
        } catch (IOException e) {
            throw new IdentityBrokerException("Could not obtain user profile from VK: " + e.getMessage(), e);
        }
    }

    protected String getDefaultScopes() {
        return DEFAULT_SCOPE;
    }
}
