package org.keycloak.services.resources.admin;

import java.io.IOException;
import javax.ws.rs.Consumes;
import javax.ws.rs.DELETE;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriInfo;
import org.jboss.logging.Logger;
import org.jboss.resteasy.annotations.cache.NoCache;
import org.jboss.resteasy.spi.NotFoundException;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.ModelDuplicateException;
import org.keycloak.models.OAuthClientModel;
import org.keycloak.models.RealmModel;
import org.keycloak.models.UserCredentialModel;
import org.keycloak.models.utils.ModelToRepresentation;
import org.keycloak.models.utils.RepresentationToModel;
import org.keycloak.representations.idm.CredentialRepresentation;
import org.keycloak.representations.idm.OAuthClientRepresentation;
import org.keycloak.services.managers.OAuthClientManager;
import org.keycloak.services.managers.RealmManager;
import org.keycloak.services.resources.KeycloakApplication;
import org.keycloak.services.resources.admin.RealmAuth;
import org.keycloak.services.resources.flows.Flows;
import org.keycloak.util.JsonSerialization;

/* loaded from: input_file:WEB-INF/lib/keycloak-services-1.1.0.Final.jar:org/keycloak/services/resources/admin/OAuthClientResource.class */
public class OAuthClientResource {
    protected static final Logger logger = Logger.getLogger((Class<?>) RealmAdminResource.class);
    protected RealmModel realm;
    private RealmAuth auth;
    protected OAuthClientModel oauthClient;
    protected KeycloakSession session;

    @Context
    protected UriInfo uriInfo;

    @Context
    protected KeycloakApplication application;

    protected KeycloakApplication getApplication() {
        return this.application;
    }

    public OAuthClientResource(RealmModel realmModel, RealmAuth realmAuth, OAuthClientModel oAuthClientModel, KeycloakSession keycloakSession) {
        this.realm = realmModel;
        this.auth = realmAuth;
        this.oauthClient = oAuthClientModel;
        this.session = keycloakSession;
        realmAuth.init(RealmAuth.Resource.CLIENT);
    }

    @Path("claims")
    public ClaimResource getClaimResource() {
        return new ClaimResource(this.oauthClient, this.auth);
    }

    @Path("certificates/{attr}")
    public ClientAttributeCertificateResource getCertficateResource(@PathParam("attr") String str) {
        return new ClientAttributeCertificateResource(this.realm, this.auth, this.oauthClient, this.session, str);
    }

    @PUT
    @Consumes({"application/json"})
    public Response update(OAuthClientRepresentation oAuthClientRepresentation) {
        this.auth.requireManage();
        try {
            RepresentationToModel.updateOAuthClient(oAuthClientRepresentation, this.oauthClient);
            return Response.noContent().build();
        } catch (ModelDuplicateException e) {
            return Flows.errors().exists("Client " + oAuthClientRepresentation.getName() + " already exists");
        }
    }

    @GET
    @Produces({"application/json"})
    @NoCache
    public OAuthClientRepresentation getOAuthClient() {
        this.auth.requireView();
        return ModelToRepresentation.toRepresentation(this.oauthClient);
    }

    @GET
    @NoCache
    @Path("installation")
    @Produces({"application/json"})
    public String getInstallation() throws IOException {
        this.auth.requireView();
        return JsonSerialization.mapper.writerWithDefaultPrettyPrinter().writeValueAsString(new OAuthClientManager().toInstallationRepresentation(this.realm, this.oauthClient, getApplication().getBaseUri(this.uriInfo)));
    }

    @NoCache
    @DELETE
    public void deleteOAuthClient() {
        this.auth.requireManage();
        new OAuthClientManager(new RealmManager(this.session)).removeClient(this.realm, this.oauthClient);
    }

    @Path("client-secret")
    @Consumes({"application/json"})
    @POST
    @Produces({"application/json"})
    public CredentialRepresentation regenerateSecret() {
        this.auth.requireManage();
        logger.debug("regenerateSecret");
        UserCredentialModel generateSecret = UserCredentialModel.generateSecret();
        this.oauthClient.setSecret(generateSecret.getValue());
        return ModelToRepresentation.toRepresentation(generateSecret);
    }

    @GET
    @Path("client-secret")
    @NoCache
    @Produces({"application/json"})
    public CredentialRepresentation getClientSecret() {
        this.auth.requireView();
        logger.debug("getClientSecret");
        UserCredentialModel secret = UserCredentialModel.secret(this.oauthClient.getSecret());
        if (secret == null) {
            throw new NotFoundException("Application does not have a secret");
        }
        return ModelToRepresentation.toRepresentation(secret);
    }

    @Path("scope-mappings")
    public ScopeMappedResource getScopeMappedResource() {
        return new ScopeMappedResource(this.realm, this.auth, this.oauthClient, this.session);
    }
}
