package ru.playa.keycloak.modules;

import com.fasterxml.jackson.databind.JsonNode;
import java.io.IOException;
import java.util.List;
import java.util.Objects;
import org.keycloak.broker.oidc.mappers.AbstractJsonUserAttributeMapper;
import org.keycloak.broker.provider.BrokeredIdentityContext;
import org.keycloak.broker.provider.IdentityBrokerException;
import org.keycloak.broker.provider.util.SimpleHttp;
import org.keycloak.broker.social.SocialIdentityProvider;
import org.keycloak.events.EventBuilder;
import org.keycloak.models.KeycloakSession;
import org.keycloak.provider.ProviderConfigProperty;
import org.keycloak.provider.ProviderConfigurationBuilder;
import ru.playa.keycloak.modules.AbstractVKIdentityProviderConfig;

/* loaded from: input_file:ru/playa/keycloak/modules/AbstractVKOAuth2IdentityProvider.class */
public abstract class AbstractVKOAuth2IdentityProvider<T extends AbstractVKIdentityProviderConfig> extends AbstractRussianOAuth2IdentityProvider<T> implements SocialIdentityProvider<T> {
    private static final String DEFAULT_SCOPE = "";
    public static final List<ProviderConfigProperty> CONFIG_PROPERTIES = ProviderConfigurationBuilder.create().property().name("version").label("Version VK API").helpText("Version of VK API.").type("String").add().property().name("emailRequired").label("Email Required").helpText("Is email required (user can be registered in VK via phone)").type("boolean").defaultValue("false").add().property().name("fetchedFields").label("Fetched Fields").helpText("Additional fields to need to be fetched").type("String").add().build();

    public AbstractVKOAuth2IdentityProvider(KeycloakSession keycloakSession, T t) {
        super(keycloakSession, t);
    }

    protected boolean supportsExternalExchange() {
        return true;
    }

    protected String getProfileEndpointForValidation(EventBuilder eventBuilder) {
        return ((AbstractVKIdentityProviderConfig) getConfig()).getUserInfoUrl();
    }

    protected SimpleHttp buildUserInfoRequest(String str, String str2) {
        return SimpleHttp.doGet(((AbstractVKIdentityProviderConfig) getConfig()).getUserInfoUrl() + "&access_token=" + str, this.session);
    }

    protected BrokeredIdentityContext extractIdentityFromProfile(EventBuilder eventBuilder, JsonNode jsonNode) {
        logger.infof("ExtractIdentityFromProfile. Node %s", jsonNode);
        JsonNode jsonNode2 = JsonUtils.asJsonNode(jsonNode, "response").get(0);
        logger.infof("ExtractIdentityFromProfile. Context %s", jsonNode2);
        BrokeredIdentityContext brokeredIdentityContext = new BrokeredIdentityContext((String) Objects.requireNonNull(JsonUtils.asText(jsonNode2, "id")));
        brokeredIdentityContext.setUsername(JsonUtils.asText(jsonNode2, "screen_name"));
        brokeredIdentityContext.setFirstName(JsonUtils.asText(jsonNode2, "first_name"));
        brokeredIdentityContext.setLastName(JsonUtils.asText(jsonNode2, "last_name"));
        brokeredIdentityContext.setIdpConfig(getConfig());
        brokeredIdentityContext.setIdp(this);
        AbstractJsonUserAttributeMapper.storeUserProfileForMapper(brokeredIdentityContext, jsonNode2, ((AbstractVKIdentityProviderConfig) getConfig()).getAlias());
        return brokeredIdentityContext;
    }

    protected BrokeredIdentityContext extractIdentityFromProfile(JsonNode jsonNode, String str) {
        BrokeredIdentityContext extractIdentityFromProfile = extractIdentityFromProfile((EventBuilder) null, jsonNode);
        if (((AbstractVKIdentityProviderConfig) getConfig()).isEmailRequired() && StringUtils.isNullOrEmpty(str)) {
            throw new IllegalArgumentException(MessageUtils.email("VK"));
        }
        if (StringUtils.nonNullOrEmpty(str)) {
            extractIdentityFromProfile.setUsername(str);
        } else if (StringUtils.isNullOrEmpty(extractIdentityFromProfile.getUsername())) {
            extractIdentityFromProfile.setUsername("vk." + extractIdentityFromProfile.getId());
        }
        extractIdentityFromProfile.setEmail(str);
        return extractIdentityFromProfile;
    }

    public BrokeredIdentityContext getFederatedIdentity(String str) {
        logger.infof("GetFederatedIdentity %s", str);
        JsonNode asJsonNode = JsonUtils.asJsonNode(str);
        JsonNode asJsonNode2 = JsonUtils.asJsonNode(asJsonNode, "response") == null ? asJsonNode : JsonUtils.asJsonNode(asJsonNode, "response");
        String asText = JsonUtils.asText(asJsonNode2, "access_token");
        String asText2 = JsonUtils.asText(asJsonNode2, "user_id");
        String asText3 = JsonUtils.asText(asJsonNode2, "email");
        if (asText == null) {
            throw new IdentityBrokerException("No access token available in OAuth server response: " + str);
        }
        BrokeredIdentityContext doGetFederatedIdentity = doGetFederatedIdentity(asText, asText2, asText3);
        doGetFederatedIdentity.getContextData().put("FEDERATED_ACCESS_TOKEN", asText);
        return doGetFederatedIdentity;
    }

    protected BrokeredIdentityContext doGetFederatedIdentity(String str, String str2, String str3) {
        try {
            return extractIdentityFromProfile(SimpleHttp.doGet(((AbstractVKIdentityProviderConfig) getConfig()).getUserInfoUrl() + "&access_token=" + str + "&user_ids=" + str2 + "&fields=screen_name" + (StringUtils.isNullOrEmpty(((AbstractVKIdentityProviderConfig) getConfig()).getFetchedFields()) ? DEFAULT_SCOPE : "," + ((AbstractVKIdentityProviderConfig) getConfig()).getFetchedFields()) + "&name_case=Nom", this.session).param("content-type", "application/json; charset=utf-8").asJson(), str3);
        } catch (IOException e) {
            throw new IdentityBrokerException("Could not obtain user profile from VK: " + e.getMessage(), e);
        }
    }

    protected BrokeredIdentityContext doGetFederatedIdentity(String str) {
        try {
            return extractIdentityFromProfile((EventBuilder) null, SimpleHttp.doGet(((AbstractVKIdentityProviderConfig) getConfig()).getUserInfoUrl() + "&access_token=" + str, this.session).asJson());
        } catch (IOException e) {
            throw new IdentityBrokerException("Could not obtain user profile from VK: " + e.getMessage(), e);
        }
    }

    protected String getDefaultScopes() {
        return DEFAULT_SCOPE;
    }
}
