package ru.playa.keycloak.modules.vk;

import com.fasterxml.jackson.databind.JsonNode;
import java.io.IOException;
import java.util.Objects;
import java.util.Optional;
import org.keycloak.broker.oidc.mappers.AbstractJsonUserAttributeMapper;
import org.keycloak.broker.provider.BrokeredIdentityContext;
import org.keycloak.broker.provider.IdentityBrokerException;
import org.keycloak.broker.provider.util.SimpleHttp;
import org.keycloak.broker.social.SocialIdentityProvider;
import org.keycloak.events.EventBuilder;
import org.keycloak.models.KeycloakSession;
import ru.playa.keycloak.modules.AbstractRussianOAuth2IdentityProvider;
import ru.playa.keycloak.modules.Utils;

/* loaded from: input_file:ru/playa/keycloak/modules/vk/VKIdentityProvider.class */
public class VKIdentityProvider extends AbstractRussianOAuth2IdentityProvider<VKIdentityProviderConfig> implements SocialIdentityProvider<VKIdentityProviderConfig> {
    private static final String AUTH_URL = "https://oauth.vk.com/authorize";
    private static final String TOKEN_URL = "https://oauth.vk.com/access_token";
    private static final String PROFILE_URL = "https://api.vk.com/method/users.get";
    private static final String DEFAULT_SCOPE = "";

    public VKIdentityProvider(KeycloakSession keycloakSession, VKIdentityProviderConfig vKIdentityProviderConfig) {
        super(keycloakSession, vKIdentityProviderConfig);
        vKIdentityProviderConfig.setAuthorizationUrl("https://oauth.vk.com/authorize?v=" + ((VKIdentityProviderConfig) getConfig()).getVersion());
        vKIdentityProviderConfig.setTokenUrl("https://oauth.vk.com/access_token?v=" + ((VKIdentityProviderConfig) getConfig()).getVersion());
        vKIdentityProviderConfig.setUserInfoUrl("https://api.vk.com/method/users.get?v=" + ((VKIdentityProviderConfig) getConfig()).getVersion());
    }

    protected boolean supportsExternalExchange() {
        return true;
    }

    protected String getProfileEndpointForValidation(EventBuilder eventBuilder) {
        return ((VKIdentityProviderConfig) getConfig()).getUserInfoUrl();
    }

    protected SimpleHttp buildUserInfoRequest(String str, String str2) {
        return SimpleHttp.doGet(((VKIdentityProviderConfig) getConfig()).getUserInfoUrl() + "&access_token=" + str, this.session);
    }

    protected BrokeredIdentityContext extractIdentityFromProfile(EventBuilder eventBuilder, JsonNode jsonNode) {
        logger.infof("ExtractIdentityFromProfile. Node %s", jsonNode);
        JsonNode jsonNode2 = (JsonNode) Optional.ofNullable(Utils.asJsonNode(jsonNode, "response")).map(jsonNode3 -> {
            return jsonNode3.get(0);
        }).orElse(jsonNode);
        logger.infof("ExtractIdentityFromProfile. Context %s", jsonNode2);
        BrokeredIdentityContext brokeredIdentityContext = new BrokeredIdentityContext((String) Objects.requireNonNull(Utils.asText(jsonNode2, "id")), getConfig());
        brokeredIdentityContext.setUsername(Utils.asText(jsonNode2, "screen_name"));
        brokeredIdentityContext.setFirstName(Utils.asText(jsonNode2, "first_name"));
        brokeredIdentityContext.setLastName(Utils.asText(jsonNode2, "last_name"));
        brokeredIdentityContext.setIdp(this);
        AbstractJsonUserAttributeMapper.storeUserProfileForMapper(brokeredIdentityContext, jsonNode2, ((VKIdentityProviderConfig) getConfig()).getAlias());
        return brokeredIdentityContext;
    }

    protected BrokeredIdentityContext extractIdentityFromProfile(JsonNode jsonNode, String str, String str2) {
        BrokeredIdentityContext extractIdentityFromProfile = extractIdentityFromProfile(null, jsonNode);
        if (((VKIdentityProviderConfig) getConfig()).isEmailRequired() && Utils.isNullOrEmpty(str)) {
            throw new IllegalArgumentException(Utils.toEmailErrorMessage("VK"));
        }
        if (Utils.nonNullOrEmpty(str)) {
            extractIdentityFromProfile.setUsername(str);
        } else if (Utils.isNullOrEmpty(extractIdentityFromProfile.getUsername())) {
            extractIdentityFromProfile.setUsername("vk." + extractIdentityFromProfile.getId());
        }
        extractIdentityFromProfile.setEmail(str);
        extractIdentityFromProfile.setUserAttribute("phone", str2);
        return extractIdentityFromProfile;
    }

    public BrokeredIdentityContext getFederatedIdentity(String str) {
        logger.infof("GetFederatedIdentity %s", str);
        JsonNode asJsonNode = Utils.asJsonNode(str);
        JsonNode asJsonNode2 = Utils.asJsonNode(asJsonNode, "response") == null ? asJsonNode : Utils.asJsonNode(asJsonNode, "response");
        String asText = Utils.asText(asJsonNode2, "access_token");
        String asText2 = Utils.asText(asJsonNode2, "user_id");
        String asText3 = Utils.asText(asJsonNode2, "email");
        String asText4 = Utils.asText(asJsonNode2, "phone");
        if (asText == null) {
            throw new IdentityBrokerException("No access token available in OAuth server response: " + str);
        }
        BrokeredIdentityContext doGetFederatedIdentity = doGetFederatedIdentity(asText, asText2, asText3, asText4);
        doGetFederatedIdentity.getContextData().put("FEDERATED_ACCESS_TOKEN", asText);
        return doGetFederatedIdentity;
    }

    protected BrokeredIdentityContext doGetFederatedIdentity(String str, String str2, String str3, String str4) {
        try {
            return extractIdentityFromProfile(SimpleHttp.doGet(((VKIdentityProviderConfig) getConfig()).getUserInfoUrl() + "&access_token=" + str + "&user_ids=" + str2 + "&fields=screen_name" + (Utils.isNullOrEmpty(((VKIdentityProviderConfig) getConfig()).getFetchedFields()) ? DEFAULT_SCOPE : "," + ((VKIdentityProviderConfig) getConfig()).getFetchedFields()) + "&name_case=Nom", this.session).param("content-type", "application/json; charset=utf-8").asJson(), str3, str4);
        } catch (IOException e) {
            throw new IdentityBrokerException("Could not obtain user profile from VK: " + e.getMessage(), e);
        }
    }

    protected BrokeredIdentityContext doGetFederatedIdentity(String str) {
        try {
            return extractIdentityFromProfile(null, SimpleHttp.doGet(((VKIdentityProviderConfig) getConfig()).getUserInfoUrl() + "&access_token=" + str, this.session).asJson());
        } catch (IOException e) {
            throw new IdentityBrokerException("Could not obtain user profile from VK: " + e.getMessage(), e);
        }
    }

    protected String getDefaultScopes() {
        return DEFAULT_SCOPE;
    }
}
