package org.keycloak.services.resources.admin;

import java.io.IOException;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.ws.rs.Consumes;
import javax.ws.rs.DELETE;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriInfo;
import org.jboss.logging.Logger;
import org.jboss.resteasy.annotations.cache.NoCache;
import org.jboss.resteasy.spi.BadRequestException;
import org.jboss.resteasy.spi.NotFoundException;
import org.keycloak.models.ApplicationModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.ModelDuplicateException;
import org.keycloak.models.RealmModel;
import org.keycloak.models.UserCredentialModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.UserSessionModel;
import org.keycloak.models.utils.KeycloakModelUtils;
import org.keycloak.models.utils.ModelToRepresentation;
import org.keycloak.models.utils.RepresentationToModel;
import org.keycloak.representations.adapters.action.GlobalRequestResult;
import org.keycloak.representations.idm.ApplicationRepresentation;
import org.keycloak.representations.idm.CredentialRepresentation;
import org.keycloak.representations.idm.UserSessionRepresentation;
import org.keycloak.services.managers.ApplicationManager;
import org.keycloak.services.managers.RealmManager;
import org.keycloak.services.managers.ResourceAdminManager;
import org.keycloak.services.resources.KeycloakApplication;
import org.keycloak.services.resources.admin.RealmAuth;
import org.keycloak.services.resources.flows.Flows;
import org.keycloak.util.JsonSerialization;
import org.keycloak.util.Time;
import org.picketlink.identity.federation.core.constants.AttributeConstants;

/* loaded from: input_file:WEB-INF/lib/keycloak-services-1.1.0.Beta1.jar:org/keycloak/services/resources/admin/ApplicationResource.class */
public class ApplicationResource {
    protected static final Logger logger = Logger.getLogger((Class<?>) ApplicationResource.class);
    protected RealmModel realm;
    private RealmAuth auth;
    protected ApplicationModel application;
    protected KeycloakSession session;

    @Context
    protected UriInfo uriInfo;

    @Context
    protected KeycloakApplication keycloak;

    protected KeycloakApplication getKeycloakApplication() {
        return this.keycloak;
    }

    public ApplicationResource(RealmModel realmModel, RealmAuth realmAuth, ApplicationModel applicationModel, KeycloakSession keycloakSession) {
        this.realm = realmModel;
        this.auth = realmAuth;
        this.application = applicationModel;
        this.session = keycloakSession;
        realmAuth.init(RealmAuth.Resource.APPLICATION);
    }

    @Path("claims")
    public ClaimResource getClaimResource() {
        return new ClaimResource(this.application, this.auth);
    }

    @PUT
    @Consumes({"application/json"})
    public Response update(ApplicationRepresentation applicationRepresentation) {
        this.auth.requireManage();
        try {
            RepresentationToModel.updateApplication(applicationRepresentation, this.application);
            return Response.noContent().build();
        } catch (ModelDuplicateException e) {
            return Flows.errors().exists("Application " + applicationRepresentation.getName() + " already exists");
        }
    }

    @GET
    @Produces({"application/json"})
    @NoCache
    public ApplicationRepresentation getApplication() {
        this.auth.requireView();
        return ModelToRepresentation.toRepresentation(this.application);
    }

    @Path("certificates/{attr}")
    public ClientAttributeCertificateResource getCertficateResource(@PathParam("attr") String str) {
        return new ClientAttributeCertificateResource(this.realm, this.auth, this.application, this.session, str);
    }

    @GET
    @NoCache
    @Path("installation/json")
    @Produces({"application/json"})
    public String getInstallation() throws IOException {
        this.auth.requireView();
        return JsonSerialization.mapper.writerWithDefaultPrettyPrinter().writeValueAsString(new ApplicationManager(new RealmManager(this.session)).toInstallationRepresentation(this.realm, this.application, getKeycloakApplication().getBaseUri(this.uriInfo)));
    }

    @GET
    @NoCache
    @Path("installation/jboss")
    @Produces({"text/plain"})
    public String getJBossInstallation() throws IOException {
        this.auth.requireView();
        return new ApplicationManager(new RealmManager(this.session)).toJBossSubsystemConfig(this.realm, this.application, getKeycloakApplication().getBaseUri(this.uriInfo));
    }

    @NoCache
    @DELETE
    public void deleteApplication() {
        this.auth.requireManage();
        new ApplicationManager(new RealmManager(this.session)).removeApplication(this.realm, this.application);
    }

    @Path("client-secret")
    @Consumes({"application/json"})
    @POST
    @Produces({"application/json"})
    public CredentialRepresentation regenerateSecret() {
        this.auth.requireManage();
        logger.debug("regenerateSecret");
        return ModelToRepresentation.toRepresentation(KeycloakModelUtils.generateSecret(this.application));
    }

    @GET
    @Path("client-secret")
    @NoCache
    @Produces({"application/json"})
    public CredentialRepresentation getClientSecret() {
        this.auth.requireView();
        logger.debug("getClientSecret");
        UserCredentialModel secret = UserCredentialModel.secret(this.application.getSecret());
        if (secret == null) {
            throw new NotFoundException("Application does not have a secret");
        }
        return ModelToRepresentation.toRepresentation(secret);
    }

    @Path("scope-mappings")
    public ScopeMappedResource getScopeMappedResource() {
        return new ScopeMappedResource(this.realm, this.auth, this.application, this.session);
    }

    @Path(AttributeConstants.ROLES)
    public RoleContainerResource getRoleContainerResource() {
        return new RoleContainerResource(this.realm, this.auth, this.application);
    }

    @GET
    @Path("allowed-origins")
    @NoCache
    @Produces({"application/json"})
    public Set<String> getAllowedOrigins() {
        this.auth.requireView();
        return this.application.getWebOrigins();
    }

    @Path("allowed-origins")
    @PUT
    @Consumes({"application/json"})
    public void updateAllowedOrigins(Set<String> set) {
        this.auth.requireManage();
        this.application.setWebOrigins(set);
    }

    @Path("allowed-origins")
    @Consumes({"application/json"})
    @DELETE
    public void deleteAllowedOrigins(Set<String> set) {
        this.auth.requireManage();
        Iterator<String> it = set.iterator();
        while (it.hasNext()) {
            this.application.removeWebOrigin(it.next());
        }
    }

    @POST
    @Path("push-revocation")
    public GlobalRequestResult pushRevocation() {
        this.auth.requireManage();
        return new ResourceAdminManager().pushApplicationRevocationPolicy(this.uriInfo.getRequestUri(), this.realm, this.application);
    }

    @GET
    @Path("session-count")
    @NoCache
    @Produces({"application/json"})
    public Map<String, Integer> getApplicationSessionCount() {
        this.auth.requireView();
        HashMap hashMap = new HashMap();
        hashMap.put("count", Integer.valueOf(this.session.sessions().getActiveUserSessions(this.application.getRealm(), this.application)));
        return hashMap;
    }

    @GET
    @Path("user-sessions")
    @NoCache
    @Produces({"application/json"})
    public List<UserSessionRepresentation> getUserSessions(@QueryParam("first") Integer num, @QueryParam("max") Integer num2) {
        this.auth.requireView();
        Integer valueOf = Integer.valueOf(num != null ? num.intValue() : -1);
        Integer valueOf2 = Integer.valueOf(num2 != null ? num2.intValue() : -1);
        ArrayList arrayList = new ArrayList();
        Iterator<UserSessionModel> it = this.session.sessions().getUserSessions(this.application.getRealm(), this.application, valueOf.intValue(), valueOf2.intValue()).iterator();
        while (it.hasNext()) {
            arrayList.add(ModelToRepresentation.toRepresentation(it.next()));
        }
        return arrayList;
    }

    @POST
    @Path("logout-all")
    public GlobalRequestResult logoutAll() {
        this.auth.requireManage();
        return new ResourceAdminManager().logoutApplication(this.uriInfo.getRequestUri(), this.realm, this.application);
    }

    @POST
    @Path("logout-user/{username}")
    public void logout(@PathParam("username") String str) {
        this.auth.requireManage();
        UserModel userByUsername = this.session.users().getUserByUsername(str, this.realm);
        if (userByUsername == null) {
            throw new NotFoundException("User not found");
        }
        new ResourceAdminManager().logoutUserFromApplication(this.uriInfo.getRequestUri(), this.realm, this.application, userByUsername, this.session);
    }

    @POST
    @Path("nodes")
    @Consumes({"application/json"})
    public void registerNode(Map<String, String> map) {
        this.auth.requireManage();
        String str = map.get("node");
        if (str == null) {
            throw new BadRequestException("Node not found in params");
        }
        if (logger.isDebugEnabled()) {
            logger.debug("Register node: " + str);
        }
        this.application.registerNode(str, Time.currentTime());
    }

    @Path("nodes/{node}")
    @NoCache
    @DELETE
    public void unregisterNode(@PathParam("node") String str) {
        this.auth.requireManage();
        if (logger.isDebugEnabled()) {
            logger.debug("Unregister node: " + str);
        }
        if (this.application.getRegisteredNodes().get(str) == null) {
            throw new NotFoundException("Application does not have a node " + str);
        }
        this.application.unregisterNode(str);
    }

    @GET
    @Path("test-nodes-available")
    @NoCache
    public GlobalRequestResult testNodesAvailable() {
        this.auth.requireManage();
        logger.debug("Test availability of cluster nodes");
        return new ResourceAdminManager().testNodesAvailability(this.uriInfo.getRequestUri(), this.realm, this.application);
    }
}
