package org.keycloak.adapters;

import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.net.URI;
import java.security.PublicKey;
import java.util.Map;
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpGet;
import org.jboss.logging.Logger;
import org.keycloak.adapters.authentication.ClientCredentialsProvider;
import org.keycloak.adapters.spi.HttpFacade;
import org.keycloak.common.enums.RelativeUrlsUsed;
import org.keycloak.common.enums.SslRequired;
import org.keycloak.common.util.KeycloakUriBuilder;
import org.keycloak.enums.TokenStore;
import org.keycloak.representations.adapters.config.AdapterConfig;
import org.keycloak.representations.idm.PublishedRealmRepresentation;
import org.keycloak.util.JsonSerialization;

/* loaded from: input_file:wildfly-10.1.0.Final/modules/system/add-ons/keycloak/org/keycloak/keycloak-adapter-core/main/keycloak-adapter-core-2.1.0.Final.jar:org/keycloak/adapters/AdapterDeploymentContext.class */
public class AdapterDeploymentContext {
    private static final Logger log = Logger.getLogger((Class<?>) AdapterDeploymentContext.class);
    protected KeycloakDeployment deployment;
    protected KeycloakConfigResolver configResolver;

    /* JADX INFO: Access modifiers changed from: protected */
    /* loaded from: input_file:wildfly-10.1.0.Final/modules/system/add-ons/keycloak/org/keycloak/keycloak-adapter-core/main/keycloak-adapter-core-2.1.0.Final.jar:org/keycloak/adapters/AdapterDeploymentContext$DeploymentDelegate.class */
    public static class DeploymentDelegate extends KeycloakDeployment {
        protected KeycloakDeployment delegate;

        public DeploymentDelegate(KeycloakDeployment keycloakDeployment) {
            this.delegate = keycloakDeployment;
        }

        public void setAuthServerBaseUrl(String str) {
            this.authServerBaseUrl = str;
            resolveUrls(KeycloakUriBuilder.fromUri(str));
        }

        @Override // org.keycloak.adapters.KeycloakDeployment
        public RelativeUrlsUsed getRelativeUrls() {
            return this.delegate.getRelativeUrls();
        }

        @Override // org.keycloak.adapters.KeycloakDeployment
        public String getRealmInfoUrl() {
            return this.realmInfoUrl != null ? this.realmInfoUrl : this.delegate.getRealmInfoUrl();
        }

        @Override // org.keycloak.adapters.KeycloakDeployment
        public String getTokenUrl() {
            return this.tokenUrl != null ? this.tokenUrl : this.delegate.getTokenUrl();
        }

        @Override // org.keycloak.adapters.KeycloakDeployment
        public KeycloakUriBuilder getLogoutUrl() {
            return this.logoutUrl != null ? this.logoutUrl : this.delegate.getLogoutUrl();
        }

        @Override // org.keycloak.adapters.KeycloakDeployment
        public String getAccountUrl() {
            return this.accountUrl != null ? this.accountUrl : this.delegate.getAccountUrl();
        }

        @Override // org.keycloak.adapters.KeycloakDeployment
        public String getRegisterNodeUrl() {
            return this.registerNodeUrl != null ? this.registerNodeUrl : this.delegate.getRegisterNodeUrl();
        }

        @Override // org.keycloak.adapters.KeycloakDeployment
        public String getUnregisterNodeUrl() {
            return this.unregisterNodeUrl != null ? this.unregisterNodeUrl : this.delegate.getUnregisterNodeUrl();
        }

        @Override // org.keycloak.adapters.KeycloakDeployment
        public String getResourceName() {
            return this.delegate.getResourceName();
        }

        @Override // org.keycloak.adapters.KeycloakDeployment
        public String getRealm() {
            return this.delegate.getRealm();
        }

        @Override // org.keycloak.adapters.KeycloakDeployment
        public void setRealm(String str) {
            this.delegate.setRealm(str);
        }

        @Override // org.keycloak.adapters.KeycloakDeployment
        public PublicKey getRealmKey() {
            return this.delegate.getRealmKey();
        }

        @Override // org.keycloak.adapters.KeycloakDeployment
        public void setRealmKey(PublicKey publicKey) {
            this.delegate.setRealmKey(publicKey);
        }

        @Override // org.keycloak.adapters.KeycloakDeployment
        public void setResourceName(String str) {
            this.delegate.setResourceName(str);
        }

        @Override // org.keycloak.adapters.KeycloakDeployment
        public boolean isBearerOnly() {
            return this.delegate.isBearerOnly();
        }

        @Override // org.keycloak.adapters.KeycloakDeployment
        public void setBearerOnly(boolean z) {
            this.delegate.setBearerOnly(z);
        }

        @Override // org.keycloak.adapters.KeycloakDeployment
        public boolean isEnableBasicAuth() {
            return this.delegate.isEnableBasicAuth();
        }

        @Override // org.keycloak.adapters.KeycloakDeployment
        public void setEnableBasicAuth(boolean z) {
            this.delegate.setEnableBasicAuth(z);
        }

        @Override // org.keycloak.adapters.KeycloakDeployment
        public boolean isPublicClient() {
            return this.delegate.isPublicClient();
        }

        @Override // org.keycloak.adapters.KeycloakDeployment
        public void setPublicClient(boolean z) {
            this.delegate.setPublicClient(z);
        }

        @Override // org.keycloak.adapters.KeycloakDeployment
        public Map<String, Object> getResourceCredentials() {
            return this.delegate.getResourceCredentials();
        }

        @Override // org.keycloak.adapters.KeycloakDeployment
        public void setResourceCredentials(Map<String, Object> map) {
            this.delegate.setResourceCredentials(map);
        }

        @Override // org.keycloak.adapters.KeycloakDeployment
        public void setClientAuthenticator(ClientCredentialsProvider clientCredentialsProvider) {
            this.delegate.setClientAuthenticator(clientCredentialsProvider);
        }

        @Override // org.keycloak.adapters.KeycloakDeployment
        public ClientCredentialsProvider getClientAuthenticator() {
            return this.delegate.getClientAuthenticator();
        }

        @Override // org.keycloak.adapters.KeycloakDeployment
        public HttpClient getClient() {
            return this.delegate.getClient();
        }

        @Override // org.keycloak.adapters.KeycloakDeployment
        public void setClient(HttpClient httpClient) {
            this.delegate.setClient(httpClient);
        }

        @Override // org.keycloak.adapters.KeycloakDeployment
        public String getScope() {
            return this.delegate.getScope();
        }

        @Override // org.keycloak.adapters.KeycloakDeployment
        public void setScope(String str) {
            this.delegate.setScope(str);
        }

        @Override // org.keycloak.adapters.KeycloakDeployment
        public SslRequired getSslRequired() {
            return this.delegate.getSslRequired();
        }

        @Override // org.keycloak.adapters.KeycloakDeployment
        public void setSslRequired(SslRequired sslRequired) {
            this.delegate.setSslRequired(sslRequired);
        }

        @Override // org.keycloak.adapters.KeycloakDeployment
        public TokenStore getTokenStore() {
            return this.delegate.getTokenStore();
        }

        @Override // org.keycloak.adapters.KeycloakDeployment
        public void setTokenStore(TokenStore tokenStore) {
            this.delegate.setTokenStore(tokenStore);
        }

        @Override // org.keycloak.adapters.KeycloakDeployment
        public String getStateCookieName() {
            return this.delegate.getStateCookieName();
        }

        @Override // org.keycloak.adapters.KeycloakDeployment
        public void setStateCookieName(String str) {
            this.delegate.setStateCookieName(str);
        }

        @Override // org.keycloak.adapters.KeycloakDeployment
        public boolean isUseResourceRoleMappings() {
            return this.delegate.isUseResourceRoleMappings();
        }

        @Override // org.keycloak.adapters.KeycloakDeployment
        public void setUseResourceRoleMappings(boolean z) {
            this.delegate.setUseResourceRoleMappings(z);
        }

        @Override // org.keycloak.adapters.KeycloakDeployment
        public boolean isCors() {
            return this.delegate.isCors();
        }

        @Override // org.keycloak.adapters.KeycloakDeployment
        public void setCors(boolean z) {
            this.delegate.setCors(z);
        }

        @Override // org.keycloak.adapters.KeycloakDeployment
        public int getCorsMaxAge() {
            return this.delegate.getCorsMaxAge();
        }

        @Override // org.keycloak.adapters.KeycloakDeployment
        public void setCorsMaxAge(int i) {
            this.delegate.setCorsMaxAge(i);
        }

        @Override // org.keycloak.adapters.KeycloakDeployment
        public String getCorsAllowedHeaders() {
            return this.delegate.getCorsAllowedHeaders();
        }

        @Override // org.keycloak.adapters.KeycloakDeployment
        public void setNotBefore(int i) {
            this.delegate.setNotBefore(i);
        }

        @Override // org.keycloak.adapters.KeycloakDeployment
        public int getNotBefore() {
            return this.delegate.getNotBefore();
        }

        @Override // org.keycloak.adapters.KeycloakDeployment
        public void setExposeToken(boolean z) {
            this.delegate.setExposeToken(z);
        }

        @Override // org.keycloak.adapters.KeycloakDeployment
        public boolean isExposeToken() {
            return this.delegate.isExposeToken();
        }

        @Override // org.keycloak.adapters.KeycloakDeployment
        public void setCorsAllowedMethods(String str) {
            this.delegate.setCorsAllowedMethods(str);
        }

        @Override // org.keycloak.adapters.KeycloakDeployment
        public String getCorsAllowedMethods() {
            return this.delegate.getCorsAllowedMethods();
        }

        @Override // org.keycloak.adapters.KeycloakDeployment
        public void setCorsAllowedHeaders(String str) {
            this.delegate.setCorsAllowedHeaders(str);
        }

        @Override // org.keycloak.adapters.KeycloakDeployment
        public boolean isAlwaysRefreshToken() {
            return this.delegate.isAlwaysRefreshToken();
        }

        @Override // org.keycloak.adapters.KeycloakDeployment
        public void setAlwaysRefreshToken(boolean z) {
            this.delegate.setAlwaysRefreshToken(z);
        }

        @Override // org.keycloak.adapters.KeycloakDeployment
        public int getRegisterNodePeriod() {
            return this.delegate.getRegisterNodePeriod();
        }

        @Override // org.keycloak.adapters.KeycloakDeployment
        public void setRegisterNodePeriod(int i) {
            this.delegate.setRegisterNodePeriod(i);
        }

        @Override // org.keycloak.adapters.KeycloakDeployment
        public void setRegisterNodeAtStartup(boolean z) {
            this.delegate.setRegisterNodeAtStartup(z);
        }

        @Override // org.keycloak.adapters.KeycloakDeployment
        public boolean isRegisterNodeAtStartup() {
            return this.delegate.isRegisterNodeAtStartup();
        }

        @Override // org.keycloak.adapters.KeycloakDeployment
        public String getPrincipalAttribute() {
            return this.delegate.getPrincipalAttribute();
        }

        @Override // org.keycloak.adapters.KeycloakDeployment
        public void setPrincipalAttribute(String str) {
            this.delegate.setPrincipalAttribute(str);
        }

        @Override // org.keycloak.adapters.KeycloakDeployment
        public boolean isTurnOffChangeSessionIdOnLogin() {
            return this.delegate.isTurnOffChangeSessionIdOnLogin();
        }

        @Override // org.keycloak.adapters.KeycloakDeployment
        public void setTurnOffChangeSessionIdOnLogin(boolean z) {
            this.delegate.setTurnOffChangeSessionIdOnLogin(z);
        }

        @Override // org.keycloak.adapters.KeycloakDeployment
        public int getTokenMinimumTimeToLive() {
            return this.delegate.getTokenMinimumTimeToLive();
        }

        @Override // org.keycloak.adapters.KeycloakDeployment
        public void setTokenMinimumTimeToLive(int i) {
            this.delegate.setTokenMinimumTimeToLive(i);
        }
    }

    public AdapterDeploymentContext() {
    }

    public AdapterDeploymentContext(KeycloakDeployment keycloakDeployment) {
        this.deployment = keycloakDeployment;
    }

    public AdapterDeploymentContext(KeycloakConfigResolver keycloakConfigResolver) {
        this.configResolver = keycloakConfigResolver;
    }

    public KeycloakDeployment resolveDeployment(HttpFacade httpFacade) {
        if (null != this.configResolver) {
            return this.configResolver.resolve(httpFacade.getRequest());
        }
        if (this.deployment == null) {
            return null;
        }
        if (this.deployment.getAuthServerBaseUrl() == null) {
            return this.deployment;
        }
        KeycloakDeployment resolveUrls = resolveUrls(this.deployment, httpFacade);
        if (resolveUrls.getRealmKey() == null) {
            resolveRealmKey(resolveUrls);
        }
        return resolveUrls;
    }

    protected KeycloakDeployment resolveUrls(KeycloakDeployment keycloakDeployment, HttpFacade httpFacade) {
        if (keycloakDeployment.relativeUrls == RelativeUrlsUsed.NEVER) {
            return keycloakDeployment;
        }
        DeploymentDelegate deploymentDelegate = new DeploymentDelegate(this.deployment);
        deploymentDelegate.setAuthServerBaseUrl(getBaseBuilder(httpFacade, this.deployment.getAuthServerBaseUrl()).build(new Object[0]).toString());
        return deploymentDelegate;
    }

    public void resolveRealmKey(KeycloakDeployment keycloakDeployment) {
        if (keycloakDeployment.getClient() == null) {
            throw new RuntimeException("KeycloakDeployment was never initialized through appropriate SPIs");
        }
        try {
            HttpResponse execute = keycloakDeployment.getClient().execute(new HttpGet(keycloakDeployment.getRealmInfoUrl()));
            int statusCode = execute.getStatusLine().getStatusCode();
            if (statusCode != 200) {
                close(execute);
                throw new RuntimeException("Unable to resolve realm public key remotely, status = " + statusCode);
            }
            HttpEntity entity = execute.getEntity();
            if (entity == null) {
                throw new RuntimeException("Unable to resolve realm public key remotely.  There was no entity.");
            }
            InputStream content = entity.getContent();
            try {
                ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                while (true) {
                    int read = content.read();
                    if (read == -1) {
                        break;
                    } else {
                        byteArrayOutputStream.write(read);
                    }
                }
                keycloakDeployment.setRealmKey(((PublishedRealmRepresentation) JsonSerialization.readValue(new String(byteArrayOutputStream.toByteArray()), PublishedRealmRepresentation.class)).getPublicKey());
            } finally {
                try {
                    content.close();
                } catch (IOException e) {
                }
            }
        } catch (IOException e2) {
            throw new RuntimeException("Unable to resolve realm public key remotely", e2);
        }
    }

    protected KeycloakUriBuilder getBaseBuilder(HttpFacade httpFacade, String str) {
        KeycloakUriBuilder fromUri = KeycloakUriBuilder.fromUri(str);
        URI create = URI.create(httpFacade.getRequest().getURI());
        String scheme = create.getScheme();
        if (this.deployment.getSslRequired().isRequired(httpFacade.getRequest().getRemoteAddr())) {
            scheme = "https";
            if (!create.getScheme().equals(scheme) && create.getPort() != -1) {
                log.error("request scheme: " + create.getScheme() + " ssl required");
                throw new RuntimeException("Can't resolve relative url from adapter config.");
            }
        }
        fromUri.scheme(scheme);
        fromUri.host(create.getHost());
        if (create.getPort() != -1) {
            fromUri.port(create.getPort());
        }
        return fromUri;
    }

    protected void close(HttpResponse httpResponse) {
        if (httpResponse.getEntity() != null) {
            try {
                httpResponse.getEntity().getContent().close();
            } catch (IOException e) {
            }
        }
    }

    public void updateDeployment(AdapterConfig adapterConfig) {
        if (null != this.configResolver) {
            throw new IllegalStateException("Cannot parse an adapter config and build an updated deployment when on a multi-tenant scenario.");
        }
        this.deployment = KeycloakDeploymentBuilder.build(adapterConfig);
    }
}
