package org.keycloak.adapters.config;

import java.io.InputStream;
import org.apache.http.client.HttpClient;
import org.keycloak.adapters.HttpClientBuilder;
import org.keycloak.util.KeycloakUriBuilder;

/* loaded from: input_file:org/keycloak/adapters/config/RealmConfigurationLoader.class */
public class RealmConfigurationLoader extends AdapterConfigLoader {
    protected HttpClient client;
    protected RealmConfiguration realmConfiguration;

    public RealmConfigurationLoader() {
    }

    public RealmConfigurationLoader(InputStream inputStream) {
        loadConfig(inputStream);
    }

    public void init(boolean z) {
        init();
        initRealmConfiguration(z);
    }

    protected void initRealmConfiguration(boolean z) {
        if (!z || this.adapterConfig.isBearerOnly()) {
            return;
        }
        initClient();
        this.realmConfiguration = new RealmConfiguration();
        if (this.adapterConfig.getAuthServerUrl() == null) {
            throw new RuntimeException("You must specify auth-url");
        }
        KeycloakUriBuilder fromUri = KeycloakUriBuilder.fromUri(this.adapterConfig.getAuthServerUrl());
        String uri = fromUri.clone().path("/rest/realms/{realm-name}/tokens/login").build(new Object[]{this.adapterConfig.getRealm()}).toString();
        String uri2 = fromUri.clone().path("/rest/realms/{realm-name}/tokens/access/codes").build(new Object[]{this.adapterConfig.getRealm()}).toString();
        this.realmConfiguration.setMetadata(this.resourceMetadata);
        this.realmConfiguration.setSslRequired(!this.adapterConfig.isSslNotRequired());
        this.realmConfiguration.setResourceCredentials(this.adapterConfig.getCredentials());
        this.realmConfiguration.setClient(getClient());
        this.realmConfiguration.setAuthUrl(KeycloakUriBuilder.fromUri(uri).queryParam("client_id", new Object[]{this.resourceMetadata.getResourceName()}));
        this.realmConfiguration.setCodeUrl(uri2);
    }

    protected void initClient() {
        int i = 10;
        if (this.adapterConfig.getConnectionPoolSize() > 0) {
            i = this.adapterConfig.getConnectionPoolSize();
        }
        HttpClientBuilder.HostnameVerificationPolicy hostnameVerificationPolicy = HttpClientBuilder.HostnameVerificationPolicy.WILDCARD;
        if (this.adapterConfig.isAllowAnyHostname()) {
            hostnameVerificationPolicy = HttpClientBuilder.HostnameVerificationPolicy.ANY;
        }
        HttpClientBuilder keyStore = new HttpClientBuilder().connectionPoolSize(i).hostnameVerification(hostnameVerificationPolicy).keyStore(this.clientCertKeystore, this.adapterConfig.getClientKeyPassword());
        if (this.adapterConfig.isDisableTrustManager()) {
            keyStore.disableTrustManager();
        } else {
            keyStore.trustStore(this.truststore);
        }
        this.client = keyStore.build();
    }

    public HttpClient getClient() {
        return this.client;
    }

    public RealmConfiguration getRealmConfiguration() {
        return this.realmConfiguration;
    }
}
