package org.keycloak.adapters.springboot;

import java.util.HashSet;
import java.util.Iterator;
import org.apache.catalina.Context;
import org.apache.catalina.Valve;
import org.apache.tomcat.util.descriptor.web.LoginConfig;
import org.apache.tomcat.util.descriptor.web.SecurityCollection;
import org.apache.tomcat.util.descriptor.web.SecurityConstraint;
import org.keycloak.adapters.springboot.KeycloakSpringBootProperties;
import org.keycloak.adapters.tomcat.KeycloakAuthenticatorValve;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.condition.ConditionalOnWebApplication;
import org.springframework.boot.context.embedded.ConfigurableEmbeddedServletContainer;
import org.springframework.boot.context.embedded.EmbeddedServletContainerCustomizer;
import org.springframework.boot.context.embedded.jetty.JettyEmbeddedServletContainerFactory;
import org.springframework.boot.context.embedded.tomcat.TomcatContextCustomizer;
import org.springframework.boot.context.embedded.tomcat.TomcatEmbeddedServletContainerFactory;
import org.springframework.boot.context.embedded.undertow.UndertowEmbeddedServletContainerFactory;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

@EnableConfigurationProperties({KeycloakSpringBootProperties.class})
@Configuration
@ConditionalOnWebApplication
/* loaded from: input_file:org/keycloak/adapters/springboot/KeycloakSpringBootConfiguration.class */
public class KeycloakSpringBootConfiguration {
    private KeycloakSpringBootProperties keycloakProperties;

    @Autowired
    public void setKeycloakSpringBootProperties(KeycloakSpringBootProperties keycloakSpringBootProperties) {
        this.keycloakProperties = keycloakSpringBootProperties;
        KeycloakSpringBootConfigResolver.setAdapterConfig(keycloakSpringBootProperties);
    }

    @Bean
    public EmbeddedServletContainerCustomizer getKeycloakContainerCustomizer() {
        return new EmbeddedServletContainerCustomizer() { // from class: org.keycloak.adapters.springboot.KeycloakSpringBootConfiguration.1
            public void customize(ConfigurableEmbeddedServletContainer configurableEmbeddedServletContainer) {
                if (configurableEmbeddedServletContainer instanceof TomcatEmbeddedServletContainerFactory) {
                    TomcatEmbeddedServletContainerFactory tomcatEmbeddedServletContainerFactory = (TomcatEmbeddedServletContainerFactory) configurableEmbeddedServletContainer;
                    tomcatEmbeddedServletContainerFactory.addContextValves(new Valve[]{new KeycloakAuthenticatorValve()});
                    tomcatEmbeddedServletContainerFactory.addContextCustomizers(new TomcatContextCustomizer[]{KeycloakSpringBootConfiguration.this.getTomcatKeycloakContextCustomizer()});
                } else {
                    if (configurableEmbeddedServletContainer instanceof UndertowEmbeddedServletContainerFactory) {
                        throw new IllegalArgumentException("Undertow Keycloak integration is not yet implemented");
                    }
                    if (configurableEmbeddedServletContainer instanceof JettyEmbeddedServletContainerFactory) {
                        throw new IllegalArgumentException("Jetty Keycloak integration is not yet implemented");
                    }
                }
            }
        };
    }

    @Bean
    public TomcatContextCustomizer getTomcatKeycloakContextCustomizer() {
        return new TomcatContextCustomizer() { // from class: org.keycloak.adapters.springboot.KeycloakSpringBootConfiguration.2
            public void customize(Context context) {
                LoginConfig loginConfig = new LoginConfig();
                loginConfig.setAuthMethod("KEYCLOAK");
                context.setLoginConfig(loginConfig);
                HashSet hashSet = new HashSet();
                Iterator<KeycloakSpringBootProperties.SecurityConstraint> it = KeycloakSpringBootConfiguration.this.keycloakProperties.getSecurityConstraints().iterator();
                while (it.hasNext()) {
                    Iterator<KeycloakSpringBootProperties.SecurityCollection> it2 = it.next().getSecurityCollections().iterator();
                    while (it2.hasNext()) {
                        for (String str : it2.next().getAuthRoles()) {
                            if (!hashSet.contains(str)) {
                                context.addSecurityRole(str);
                                hashSet.add(str);
                            }
                        }
                    }
                }
                for (KeycloakSpringBootProperties.SecurityConstraint securityConstraint : KeycloakSpringBootConfiguration.this.keycloakProperties.getSecurityConstraints()) {
                    SecurityConstraint securityConstraint2 = new SecurityConstraint();
                    for (KeycloakSpringBootProperties.SecurityCollection securityCollection : securityConstraint.getSecurityCollections()) {
                        SecurityCollection securityCollection2 = new SecurityCollection();
                        if (securityCollection.getName() != null) {
                            securityCollection2.setName(securityCollection.getName());
                        }
                        if (securityCollection.getDescription() != null) {
                            securityCollection2.setDescription(securityCollection.getDescription());
                        }
                        Iterator<String> it3 = securityCollection.getAuthRoles().iterator();
                        while (it3.hasNext()) {
                            securityConstraint2.addAuthRole(it3.next());
                        }
                        Iterator<String> it4 = securityCollection.getPatterns().iterator();
                        while (it4.hasNext()) {
                            securityCollection2.addPattern(it4.next());
                        }
                        Iterator<String> it5 = securityCollection.getMethods().iterator();
                        while (it5.hasNext()) {
                            securityCollection2.addMethod(it5.next());
                        }
                        Iterator<String> it6 = securityCollection.getOmittedMethods().iterator();
                        while (it6.hasNext()) {
                            securityCollection2.addOmittedMethod(it6.next());
                        }
                        securityConstraint2.addCollection(securityCollection2);
                    }
                    context.addConstraint(securityConstraint2);
                }
                context.addParameter("keycloak.config.resolver", KeycloakSpringBootConfigResolver.class.getName());
            }
        };
    }
}
