package io.nessus.actions.jaxrs;

import io.nessus.actions.core.jaxrs.AbstractResource;
import io.nessus.actions.core.service.KeycloakService;
import io.nessus.actions.core.types.KeycloakTokens;
import io.nessus.actions.core.types.KeycloakUserInfo;
import io.nessus.actions.core.utils.ApiUtils;
import io.nessus.actions.jaxrs.service.UserStateService;
import io.nessus.actions.jaxrs.type.UserRegister;
import io.nessus.actions.jaxrs.type.UserTokens;
import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.Parameter;
import io.swagger.v3.oas.annotations.media.Content;
import io.swagger.v3.oas.annotations.media.Schema;
import io.swagger.v3.oas.annotations.responses.ApiResponse;
import io.swagger.v3.oas.annotations.responses.ApiResponses;
import javax.ws.rs.Consumes;
import javax.ws.rs.FormParam;
import javax.ws.rs.POST;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.client.Entity;
import javax.ws.rs.core.Response;

@Path("/users")
/* loaded from: input_file:io/nessus/actions/jaxrs/UsersResource.class */
public class UsersResource extends AbstractResource {
    @Consumes({"application/json"})
    @Operation(summary = "Register a new user with Keycloak")
    @PUT
    @ApiResponses({@ApiResponse(responseCode = "201", description = "[Created] User was successfully created to Keycloak."), @ApiResponse(responseCode = "409", description = "[Conflict] If the user already exists in Keycloak.")})
    public Response registerUser(UserRegister userRegister) {
        logInfo("Register: {}", new Object[]{userRegister.getEmail()});
        String keycloakRealmId = getConfig().getKeycloakRealmId();
        String masterAccessToken = getKeycloakService().getMasterAccessToken();
        Response withClient = withClient(ApiUtils.keycloakUri(this.config, "/admin/realms/" + keycloakRealmId + "/users"), webTarget -> {
            return webTarget.request(new String[]{"application/json"}).header("Authorization", "Bearer " + masterAccessToken).post(Entity.json(userRegister.toKeycloakUserRegister()));
        });
        ApiUtils.hasStatus(withClient, new Response.Status[]{Response.Status.CREATED});
        return withClient;
    }

    @Path("/login")
    @Consumes({"application/x-www-form-urlencoded"})
    @Operation(summary = "Login the user with Keycloak")
    @POST
    @ApiResponses({@ApiResponse(responseCode = "200", description = "[OK] Successful user login.", content = {@Content(mediaType = "application/json", schema = @Schema(implementation = UserTokens.class))}), @ApiResponse(responseCode = "401", description = "[Unauthorized] If the provided credentials were not valid.")})
    public Response userLogin(@FormParam("username") @Parameter(required = true) String str, @FormParam("password") @Parameter(required = true) String str2) {
        logInfo("Login: {}", new Object[]{str});
        KeycloakService keycloakService = getKeycloakService();
        Response userTokens = keycloakService.getUserTokens(str, str2);
        if (!ApiUtils.hasStatus(userTokens, new Response.Status[]{Response.Status.OK})) {
            return userTokens;
        }
        KeycloakTokens keycloakTokens = (KeycloakTokens) userTokens.readEntity(KeycloakTokens.class);
        String str3 = keycloakTokens.refreshToken;
        String str4 = keycloakTokens.accessToken;
        Response keycloakUserInfo = keycloakService.getKeycloakUserInfo(str4);
        if (!ApiUtils.hasStatus(keycloakUserInfo, new Response.Status[]{Response.Status.OK})) {
            return keycloakUserInfo;
        }
        KeycloakUserInfo keycloakUserInfo2 = (KeycloakUserInfo) keycloakUserInfo.readEntity(KeycloakUserInfo.class);
        UserTokens userTokens2 = new UserTokens(keycloakUserInfo2.subject, str4, str3);
        getService(UserStateService.class).userLogin(keycloakUserInfo2);
        return Response.ok(userTokens2, "application/json").build();
    }
}
