package org.keycloak.services.resources.admin;

import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Set;
import javax.ws.rs.Consumes;
import javax.ws.rs.DELETE;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import org.jboss.resteasy.annotations.cache.NoCache;
import org.jboss.resteasy.spi.NotFoundException;
import org.keycloak.events.admin.OperationType;
import org.keycloak.events.admin.ResourceType;
import org.keycloak.models.ClientModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.models.RoleModel;
import org.keycloak.models.ScopeContainerModel;
import org.keycloak.models.utils.KeycloakModelUtils;
import org.keycloak.models.utils.ModelToRepresentation;
import org.keycloak.representations.idm.ClientMappingsRepresentation;
import org.keycloak.representations.idm.MappingsRepresentation;
import org.keycloak.representations.idm.RoleRepresentation;
import org.keycloak.utils.MediaType;

/* loaded from: input_file:org/keycloak/services/resources/admin/ScopeMappedResource.class */
public class ScopeMappedResource {
    protected RealmModel realm;
    private RealmAuth auth;
    protected ScopeContainerModel scopeContainer;
    protected KeycloakSession session;
    protected AdminEventBuilder adminEvent;

    public ScopeMappedResource(RealmModel realmModel, RealmAuth realmAuth, ScopeContainerModel scopeContainerModel, KeycloakSession keycloakSession, AdminEventBuilder adminEventBuilder) {
        this.realm = realmModel;
        this.auth = realmAuth;
        this.scopeContainer = scopeContainerModel;
        this.session = keycloakSession;
        this.adminEvent = adminEventBuilder.resource(ResourceType.REALM_SCOPE_MAPPING);
    }

    @GET
    @Produces({MediaType.APPLICATION_JSON})
    @NoCache
    public MappingsRepresentation getScopeMappings() {
        this.auth.requireView();
        if (this.scopeContainer == null) {
            throw new NotFoundException("Could not find client");
        }
        MappingsRepresentation mappingsRepresentation = new MappingsRepresentation();
        Set realmScopeMappings = this.scopeContainer.getRealmScopeMappings();
        if (realmScopeMappings.size() > 0) {
            ArrayList arrayList = new ArrayList();
            Iterator it = realmScopeMappings.iterator();
            while (it.hasNext()) {
                arrayList.add(ModelToRepresentation.toRepresentation((RoleModel) it.next()));
            }
            mappingsRepresentation.setRealmMappings(arrayList);
        }
        List<ClientModel> clients = this.realm.getClients();
        if (clients.size() > 0) {
            HashMap hashMap = new HashMap();
            for (ClientModel clientModel : clients) {
                Set clientScopeMappings = KeycloakModelUtils.getClientScopeMappings(clientModel, this.scopeContainer);
                if (clientScopeMappings.size() > 0) {
                    ClientMappingsRepresentation clientMappingsRepresentation = new ClientMappingsRepresentation();
                    clientMappingsRepresentation.setId(clientModel.getId());
                    clientMappingsRepresentation.setClient(clientModel.getClientId());
                    ArrayList arrayList2 = new ArrayList();
                    clientMappingsRepresentation.setMappings(arrayList2);
                    Iterator it2 = clientScopeMappings.iterator();
                    while (it2.hasNext()) {
                        arrayList2.add(ModelToRepresentation.toRepresentation((RoleModel) it2.next()));
                    }
                    hashMap.put(clientModel.getClientId(), clientMappingsRepresentation);
                    mappingsRepresentation.setClientMappings(hashMap);
                }
            }
        }
        return mappingsRepresentation;
    }

    @GET
    @Path("realm")
    @NoCache
    @Produces({MediaType.APPLICATION_JSON})
    public List<RoleRepresentation> getRealmScopeMappings() {
        this.auth.requireView();
        if (this.scopeContainer == null) {
            throw new NotFoundException("Could not find client");
        }
        Set realmScopeMappings = this.scopeContainer.getRealmScopeMappings();
        ArrayList arrayList = new ArrayList();
        Iterator it = realmScopeMappings.iterator();
        while (it.hasNext()) {
            arrayList.add(ModelToRepresentation.toRepresentation((RoleModel) it.next()));
        }
        return arrayList;
    }

    @GET
    @Path("realm/available")
    @NoCache
    @Produces({MediaType.APPLICATION_JSON})
    public List<RoleRepresentation> getAvailableRealmScopeMappings() {
        this.auth.requireView();
        if (this.scopeContainer == null) {
            throw new NotFoundException("Could not find client");
        }
        return getAvailable(this.scopeContainer, this.realm.getRoles());
    }

    public static List<RoleRepresentation> getAvailable(ScopeContainerModel scopeContainerModel, Set<RoleModel> set) {
        ArrayList arrayList = new ArrayList();
        for (RoleModel roleModel : set) {
            if (!scopeContainerModel.hasScope(roleModel)) {
                arrayList.add(ModelToRepresentation.toRepresentation(roleModel));
            }
        }
        return arrayList;
    }

    @GET
    @Path("realm/composite")
    @NoCache
    @Produces({MediaType.APPLICATION_JSON})
    public List<RoleRepresentation> getCompositeRealmScopeMappings() {
        this.auth.requireView();
        if (this.scopeContainer == null) {
            throw new NotFoundException("Could not find client");
        }
        return getComposite(this.scopeContainer, this.realm.getRoles());
    }

    public static List<RoleRepresentation> getComposite(ScopeContainerModel scopeContainerModel, Set<RoleModel> set) {
        ArrayList arrayList = new ArrayList();
        for (RoleModel roleModel : set) {
            if (scopeContainerModel.hasScope(roleModel)) {
                arrayList.add(ModelToRepresentation.toRepresentation(roleModel));
            }
        }
        return arrayList;
    }

    @POST
    @Path("realm")
    @Consumes({MediaType.APPLICATION_JSON})
    public void addRealmScopeMappings(List<RoleRepresentation> list) {
        this.auth.requireManage();
        if (this.scopeContainer == null) {
            throw new NotFoundException("Could not find client");
        }
        Iterator<RoleRepresentation> it = list.iterator();
        while (it.hasNext()) {
            RoleModel roleById = this.realm.getRoleById(it.next().getId());
            if (roleById == null) {
                throw new NotFoundException("Role not found");
            }
            this.scopeContainer.addScopeMapping(roleById);
        }
        this.adminEvent.operation(OperationType.CREATE).resourcePath(this.session.getContext().getUri()).representation(list).success();
    }

    @Path("realm")
    @Consumes({MediaType.APPLICATION_JSON})
    @DELETE
    public void deleteRealmScopeMappings(List<RoleRepresentation> list) {
        this.auth.requireManage();
        if (this.scopeContainer == null) {
            throw new NotFoundException("Could not find client");
        }
        if (list == null) {
            Set<RoleModel> realmScopeMappings = this.scopeContainer.getRealmScopeMappings();
            list = new LinkedList();
            for (RoleModel roleModel : realmScopeMappings) {
                this.scopeContainer.deleteScopeMapping(roleModel);
                list.add(ModelToRepresentation.toRepresentation(roleModel));
            }
        } else {
            Iterator<RoleRepresentation> it = list.iterator();
            while (it.hasNext()) {
                RoleModel roleById = this.realm.getRoleById(it.next().getId());
                if (roleById == null) {
                    throw new NotFoundException("Client not found");
                }
                this.scopeContainer.deleteScopeMapping(roleById);
            }
        }
        this.adminEvent.operation(OperationType.DELETE).resourcePath(this.session.getContext().getUri()).representation(list).success();
    }

    @Path("clients/{client}")
    public ScopeMappedClientResource getClientByIdScopeMappings(@PathParam("client") String str) {
        return new ScopeMappedClientResource(this.realm, this.auth, this.scopeContainer, this.session, this.realm.getClientById(str), this.adminEvent);
    }
}
