package ru.playa.keycloak.modules.mailru;

import com.fasterxml.jackson.databind.JsonNode;
import java.io.IOException;
import org.keycloak.broker.oidc.mappers.AbstractJsonUserAttributeMapper;
import org.keycloak.broker.provider.BrokeredIdentityContext;
import org.keycloak.broker.provider.IdentityBrokerException;
import org.keycloak.broker.provider.IdentityProvider;
import org.keycloak.broker.provider.util.SimpleHttp;
import org.keycloak.broker.social.SocialIdentityProvider;
import org.keycloak.events.EventBuilder;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import ru.playa.keycloak.modules.AbstractRussianOAuth2IdentityProvider;
import ru.playa.keycloak.modules.RussianException;
import ru.playa.keycloak.modules.Utils;

/* loaded from: input_file:ru/playa/keycloak/modules/mailru/MailRuIdentityProvider.class */
public class MailRuIdentityProvider extends AbstractRussianOAuth2IdentityProvider<MailRuIdentityProviderConfig> implements SocialIdentityProvider<MailRuIdentityProviderConfig> {
    private static final String AUTH_URL = "https://oauth.mail.ru/login";
    private static final String TOKEN_URL = "https://oauth.mail.ru/token";
    private static final String PROFILE_URL = "https://oauth.mail.ru/userinfo";
    private static final String DEFAULT_SCOPE = "userinfo";

    public MailRuIdentityProvider(KeycloakSession keycloakSession, MailRuIdentityProviderConfig mailRuIdentityProviderConfig) {
        super(keycloakSession, mailRuIdentityProviderConfig);
        mailRuIdentityProviderConfig.setAuthorizationUrl(AUTH_URL);
        mailRuIdentityProviderConfig.setTokenUrl(TOKEN_URL);
        mailRuIdentityProviderConfig.setUserInfoUrl(PROFILE_URL);
    }

    @Override // ru.playa.keycloak.modules.AbstractRussianOAuth2IdentityProvider
    public Object callback(RealmModel realmModel, IdentityProvider.AuthenticationCallback authenticationCallback, EventBuilder eventBuilder) {
        return new MailRuEndpoint(authenticationCallback, eventBuilder, this, this.session);
    }

    protected boolean supportsExternalExchange() {
        return true;
    }

    protected String getProfileEndpointForValidation(EventBuilder eventBuilder) {
        return PROFILE_URL;
    }

    protected SimpleHttp buildUserInfoRequest(String str, String str2) {
        logger.info("subjectToken: " + str);
        logger.info("userInfoUrl: " + str2);
        return SimpleHttp.doGet("https://oauth.mail.ru/userinfo?access_token=" + str, this.session);
    }

    protected BrokeredIdentityContext extractIdentityFromProfile(EventBuilder eventBuilder, JsonNode jsonNode) {
        logger.info("profile: " + jsonNode.toString());
        BrokeredIdentityContext brokeredIdentityContext = new BrokeredIdentityContext(getJsonProperty(jsonNode, "email"), getConfig());
        String jsonProperty = getJsonProperty(jsonNode, "email");
        if (Utils.isNullOrEmpty(jsonProperty)) {
            throw new RussianException(MailRuIdentityProviderFactory.PROVIDER_ID, RussianException.EMAIL_CAN_NOT_EMPTY_KEY);
        }
        Utils.isHostedDomain(jsonProperty, getConfig().getHostedDomain(), MailRuIdentityProviderFactory.PROVIDER_ID);
        brokeredIdentityContext.setEmail(jsonProperty);
        brokeredIdentityContext.setUsername(jsonProperty);
        brokeredIdentityContext.setFirstName(getJsonProperty(jsonNode, "first_name"));
        brokeredIdentityContext.setLastName(getJsonProperty(jsonNode, "last_name"));
        brokeredIdentityContext.setIdp(this);
        AbstractJsonUserAttributeMapper.storeUserProfileForMapper(brokeredIdentityContext, jsonNode, getConfig().getAlias());
        return brokeredIdentityContext;
    }

    protected BrokeredIdentityContext doGetFederatedIdentity(String str) {
        try {
            return extractIdentityFromProfile(null, SimpleHttp.doGet("https://oauth.mail.ru/userinfo?access_token=" + str, this.session).asJson());
        } catch (IOException e) {
            throw new IdentityBrokerException("Could not obtain user profile from MailRu: " + e.getMessage(), e);
        }
    }

    protected String getDefaultScopes() {
        return DEFAULT_SCOPE;
    }
}
