package org.keycloak.subsystem.server.extension;

import java.io.IOException;
import java.io.InputStream;
import java.nio.charset.StandardCharsets;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.function.BiConsumer;
import org.jboss.as.server.deployment.Attachments;
import org.jboss.as.server.deployment.DeploymentUnit;
import org.jboss.as.server.deployment.module.ResourceRoot;
import org.jboss.vfs.VirtualFile;
import org.keycloak.authentication.AuthenticatorSpi;
import org.keycloak.authentication.authenticators.browser.DeployedScriptAuthenticatorFactory;
import org.keycloak.authorization.policy.provider.PolicySpi;
import org.keycloak.authorization.policy.provider.js.DeployedScriptPolicyFactory;
import org.keycloak.common.util.StreamUtil;
import org.keycloak.protocol.ProtocolMapperSpi;
import org.keycloak.protocol.oidc.mappers.DeployedScriptOIDCProtocolMapper;
import org.keycloak.provider.KeycloakDeploymentInfo;
import org.keycloak.representations.provider.ScriptProviderDescriptor;
import org.keycloak.representations.provider.ScriptProviderMetadata;
import org.keycloak.util.JsonSerialization;

/* loaded from: input_file:org/keycloak/subsystem/server/extension/ScriptProviderDeploymentProcessor.class */
final class ScriptProviderDeploymentProcessor {
    private static final Map<String, BiConsumer<KeycloakDeploymentInfo, ScriptProviderMetadata>> PROVIDERS = new HashMap();

    ScriptProviderDeploymentProcessor() {
    }

    private static void registerScriptAuthenticator(KeycloakDeploymentInfo keycloakDeploymentInfo, ScriptProviderMetadata scriptProviderMetadata) {
        keycloakDeploymentInfo.addProvider(AuthenticatorSpi.class, new DeployedScriptAuthenticatorFactory(scriptProviderMetadata));
    }

    private static void registerScriptPolicy(KeycloakDeploymentInfo keycloakDeploymentInfo, ScriptProviderMetadata scriptProviderMetadata) {
        keycloakDeploymentInfo.addProvider(PolicySpi.class, new DeployedScriptPolicyFactory(scriptProviderMetadata));
    }

    private static void registerScriptMapper(KeycloakDeploymentInfo keycloakDeploymentInfo, ScriptProviderMetadata scriptProviderMetadata) {
        keycloakDeploymentInfo.addProvider(ProtocolMapperSpi.class, new DeployedScriptOIDCProtocolMapper(scriptProviderMetadata));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void deploy(DeploymentUnit deploymentUnit, KeycloakDeploymentInfo keycloakDeploymentInfo) {
        VirtualFile root;
        ScriptProviderDescriptor readScriptProviderDescriptor;
        ResourceRoot resourceRoot = (ResourceRoot) deploymentUnit.getAttachment(Attachments.DEPLOYMENT_ROOT);
        if (resourceRoot == null || (root = resourceRoot.getRoot()) == null || !root.exists() || !root.getName().endsWith(".jar") || (readScriptProviderDescriptor = readScriptProviderDescriptor(root)) == null) {
            return;
        }
        for (Map.Entry entry : readScriptProviderDescriptor.getProviders().entrySet()) {
            for (ScriptProviderMetadata scriptProviderMetadata : (List) entry.getValue()) {
                String fileName = scriptProviderMetadata.getFileName();
                if (fileName == null) {
                    throw new RuntimeException("You must provide the script file name");
                }
                try {
                    InputStream openStream = root.getChild(fileName).openStream();
                    try {
                        scriptProviderMetadata.setCode(StreamUtil.readString(openStream, StandardCharsets.UTF_8));
                        if (openStream != null) {
                            openStream.close();
                        }
                        scriptProviderMetadata.setId("script-" + fileName);
                        String name = scriptProviderMetadata.getName();
                        if (name == null) {
                            name = fileName;
                        }
                        scriptProviderMetadata.setName(name);
                        PROVIDERS.get(entry.getKey()).accept(keycloakDeploymentInfo, scriptProviderMetadata);
                    } catch (Throwable th) {
                        if (openStream != null) {
                            try {
                                openStream.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        }
                        throw th;
                    }
                } catch (IOException e) {
                    throw new RuntimeException("Failed to read script file [" + fileName + "]", e);
                }
            }
        }
    }

    private static ScriptProviderDescriptor readScriptProviderDescriptor(VirtualFile virtualFile) {
        VirtualFile child = virtualFile.getChild("META-INF/keycloak-scripts.json");
        if (!child.exists()) {
            return null;
        }
        try {
            InputStream openStream = child.openStream();
            try {
                ScriptProviderDescriptor scriptProviderDescriptor = (ScriptProviderDescriptor) JsonSerialization.readValue(openStream, ScriptProviderDescriptor.class);
                if (openStream != null) {
                    openStream.close();
                }
                return scriptProviderDescriptor;
            } finally {
            }
        } catch (IOException e) {
            throw new RuntimeException("Failed to read providers metadata", e);
        }
    }

    static {
        PROVIDERS.put("authenticators", ScriptProviderDeploymentProcessor::registerScriptAuthenticator);
        PROVIDERS.put("policies", ScriptProviderDeploymentProcessor::registerScriptPolicy);
        PROVIDERS.put("mappers", ScriptProviderDeploymentProcessor::registerScriptMapper);
    }
}
