package org.keycloak.services.resources.admin;

import java.util.HashMap;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import java.util.regex.PatternSyntaxException;
import javax.ws.rs.Consumes;
import javax.ws.rs.DELETE;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.HttpHeaders;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriInfo;
import org.jboss.logging.Logger;
import org.jboss.resteasy.annotations.cache.NoCache;
import org.jboss.resteasy.spi.NotFoundException;
import org.jboss.resteasy.spi.ResteasyProviderFactory;
import org.keycloak.ClientConnection;
import org.keycloak.events.Event;
import org.keycloak.events.EventQuery;
import org.keycloak.events.EventStoreProvider;
import org.keycloak.events.EventType;
import org.keycloak.exportimport.ClientImporter;
import org.keycloak.models.ClientModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.ModelDuplicateException;
import org.keycloak.models.RealmModel;
import org.keycloak.models.UserFederationProviderModel;
import org.keycloak.models.UserSessionModel;
import org.keycloak.models.cache.CacheRealmProvider;
import org.keycloak.models.cache.CacheUserProvider;
import org.keycloak.models.utils.ModelToRepresentation;
import org.keycloak.models.utils.RepresentationToModel;
import org.keycloak.protocol.oidc.TokenManager;
import org.keycloak.representations.adapters.action.GlobalRequestResult;
import org.keycloak.representations.idm.RealmEventsConfigRepresentation;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.services.ErrorResponse;
import org.keycloak.services.managers.AuthenticationManager;
import org.keycloak.services.managers.LDAPConnectionTestManager;
import org.keycloak.services.managers.RealmManager;
import org.keycloak.services.managers.ResourceAdminManager;
import org.keycloak.services.managers.UsersSyncManager;
import org.keycloak.services.resources.admin.RealmAuth;
import org.keycloak.timer.TimerProvider;

/* loaded from: input_file:WEB-INF/lib/keycloak-services-1.2.0.Final.jar:org/keycloak/services/resources/admin/RealmAdminResource.class */
public class RealmAdminResource {
    protected static final Logger logger = Logger.getLogger((Class<?>) RealmAdminResource.class);
    protected RealmAuth auth;
    protected RealmModel realm;
    private TokenManager tokenManager;

    @Context
    protected KeycloakSession session;

    @Context
    protected UriInfo uriInfo;

    @Context
    protected ClientConnection connection;

    @Context
    protected HttpHeaders headers;

    public RealmAdminResource(RealmAuth realmAuth, RealmModel realmModel, TokenManager tokenManager) {
        this.auth = realmAuth;
        this.realm = realmModel;
        this.tokenManager = tokenManager;
        realmAuth.init(RealmAuth.Resource.REALM);
    }

    @Path("client-importers/{formatId}")
    public Object getClientImporter(@PathParam("formatId") String str) {
        return ((ClientImporter) this.session.getProvider(ClientImporter.class, str)).createJaxrsService(this.realm, this.auth);
    }

    @Path("clients")
    public ClientsResource getClients() {
        ClientsResource clientsResource = new ClientsResource(this.realm, this.auth);
        ResteasyProviderFactory.getInstance().injectProperties(clientsResource);
        return clientsResource;
    }

    @Path("clients-by-id")
    public ClientsByIdResource getClientsById() {
        ClientsByIdResource clientsByIdResource = new ClientsByIdResource(this.realm, this.auth);
        ResteasyProviderFactory.getInstance().injectProperties(clientsByIdResource);
        return clientsByIdResource;
    }

    @Path("roles")
    public RoleContainerResource getRoleContainerResource() {
        return new RoleContainerResource(this.realm, this.auth, this.realm);
    }

    @GET
    @Produces({"application/json"})
    @NoCache
    public RealmRepresentation getRealm() {
        if (!this.auth.hasView()) {
            this.auth.requireAny();
            RealmRepresentation realmRepresentation = new RealmRepresentation();
            realmRepresentation.setRealm(this.realm.getName());
            return realmRepresentation;
        }
        RealmRepresentation representation = ModelToRepresentation.toRepresentation(this.realm, false);
        if (this.session.realms() instanceof CacheRealmProvider) {
            representation.setRealmCacheEnabled(Boolean.valueOf(((CacheRealmProvider) this.session.realms()).isEnabled()));
        }
        if (this.session.userStorage() instanceof CacheUserProvider) {
            representation.setUserCacheEnabled(Boolean.valueOf(((CacheUserProvider) this.session.userStorage()).isEnabled()));
        }
        return representation;
    }

    @PUT
    @Consumes({"application/json"})
    public Response updateRealm(RealmRepresentation realmRepresentation) {
        this.auth.requireManage();
        logger.debug("updating realm: " + this.realm.getName());
        try {
            RepresentationToModel.updateRealm(realmRepresentation, this.realm);
            if (realmRepresentation.isRealmCacheEnabled() != null && (this.session.realms() instanceof CacheRealmProvider)) {
                ((CacheRealmProvider) this.session.realms()).setEnabled(realmRepresentation.isRealmCacheEnabled().booleanValue());
            }
            if (realmRepresentation.isUserCacheEnabled() != null && (this.session.userStorage() instanceof CacheUserProvider)) {
                ((CacheUserProvider) this.session.userStorage()).setEnabled(realmRepresentation.isUserCacheEnabled().booleanValue());
            }
            List<UserFederationProviderModel> userFederationProviders = this.realm.getUserFederationProviders();
            UsersSyncManager usersSyncManager = new UsersSyncManager();
            Iterator<UserFederationProviderModel> it = userFederationProviders.iterator();
            while (it.hasNext()) {
                usersSyncManager.refreshPeriodicSyncForProvider(this.session.getKeycloakSessionFactory(), (TimerProvider) this.session.getProvider(TimerProvider.class), it.next(), this.realm.getId());
            }
            return Response.noContent().build();
        } catch (PatternSyntaxException e) {
            return ErrorResponse.exists("Specified regex pattern(s) is invalid.");
        } catch (ModelDuplicateException e2) {
            return ErrorResponse.exists("Realm " + realmRepresentation.getRealm() + " already exists.");
        } catch (Exception e3) {
            return ErrorResponse.exists("Failed to update " + realmRepresentation.getRealm() + " Realm.");
        }
    }

    @DELETE
    public void deleteRealm() {
        this.auth.requireManage();
        if (!new RealmManager(this.session).removeRealm(this.realm)) {
            throw new NotFoundException("Realm doesn't exist");
        }
    }

    @Path("users")
    public UsersResource users() {
        UsersResource usersResource = new UsersResource(this.realm, this.auth, this.tokenManager);
        ResteasyProviderFactory.getInstance().injectProperties(usersResource);
        return usersResource;
    }

    @Path("user-federation")
    public UserFederationResource userFederation() {
        UserFederationResource userFederationResource = new UserFederationResource(this.realm, this.auth);
        ResteasyProviderFactory.getInstance().injectProperties(userFederationResource);
        return userFederationResource;
    }

    @Path("roles-by-id")
    public RoleByIdResource rolesById() {
        RoleByIdResource roleByIdResource = new RoleByIdResource(this.realm, this.auth);
        ResteasyProviderFactory.getInstance().injectProperties(roleByIdResource);
        return roleByIdResource;
    }

    @POST
    @Path("push-revocation")
    public GlobalRequestResult pushRevocation() {
        this.auth.requireManage();
        return new ResourceAdminManager(this.session).pushRealmRevocationPolicy(this.uriInfo.getRequestUri(), this.realm);
    }

    @POST
    @Path("logout-all")
    public GlobalRequestResult logoutAll() {
        this.session.sessions().removeUserSessions(this.realm);
        return new ResourceAdminManager(this.session).logoutAll(this.uriInfo.getRequestUri(), this.realm);
    }

    @Path("sessions/{session}")
    @DELETE
    public void deleteSession(@PathParam("session") String str) {
        UserSessionModel userSession = this.session.sessions().getUserSession(this.realm, str);
        if (userSession == null) {
            throw new NotFoundException("Sesssion not found");
        }
        AuthenticationManager.backchannelLogout(this.session, this.realm, userSession, this.uriInfo, this.connection, this.headers, true);
    }

    @GET
    @Path("client-session-stats")
    @NoCache
    @Deprecated
    @Produces({"application/json"})
    public Map<String, Integer> getClientSessionStats() {
        this.auth.requireView();
        HashMap hashMap = new HashMap();
        for (ClientModel clientModel : this.realm.getClients()) {
            int activeUserSessions = this.session.sessions().getActiveUserSessions(clientModel.getRealm(), clientModel);
            if (activeUserSessions != 0) {
                hashMap.put(clientModel.getClientId(), Integer.valueOf(activeUserSessions));
            }
        }
        return hashMap;
    }

    @GET
    @Path("client-by-id-session-stats")
    @NoCache
    @Produces({"application/json"})
    public List<Map<String, String>> getClientByIdSessionStats() {
        this.auth.requireView();
        LinkedList linkedList = new LinkedList();
        for (ClientModel clientModel : this.realm.getClients()) {
            int activeUserSessions = this.session.sessions().getActiveUserSessions(clientModel.getRealm(), clientModel);
            if (activeUserSessions != 0) {
                HashMap hashMap = new HashMap();
                hashMap.put("id", clientModel.getId());
                hashMap.put("clientId", clientModel.getClientId());
                hashMap.put("active", activeUserSessions + "");
                linkedList.add(hashMap);
            }
        }
        return linkedList;
    }

    @GET
    @NoCache
    @Path("events/config")
    @Produces({"application/json"})
    public RealmEventsConfigRepresentation getRealmEventsConfig() {
        this.auth.init(RealmAuth.Resource.EVENTS).requireView();
        return ModelToRepresentation.toEventsConfigReprensetation(this.realm);
    }

    @Path("events/config")
    @PUT
    @Consumes({"application/json"})
    public void updateRealmEventsConfig(RealmEventsConfigRepresentation realmEventsConfigRepresentation) {
        this.auth.init(RealmAuth.Resource.EVENTS).requireManage();
        logger.debug("updating realm events config: " + this.realm.getName());
        new RealmManager(this.session).updateRealmEventsConfig(realmEventsConfigRepresentation, this.realm);
    }

    @GET
    @Path("events")
    @NoCache
    @Produces({"application/json"})
    public List<Event> getEvents(@QueryParam("client") String str, @QueryParam("user") String str2, @QueryParam("dateFrom") String str3, @QueryParam("dateTo") String str4, @QueryParam("ipAddress") String str5, @QueryParam("first") Integer num, @QueryParam("max") Integer num2) {
        this.auth.init(RealmAuth.Resource.EVENTS).requireView();
        EventQuery realm = ((EventStoreProvider) this.session.getProvider(EventStoreProvider.class)).createQuery().realm(this.realm.getId());
        if (str != null) {
            realm.client(str);
        }
        List list = (List) this.uriInfo.getQueryParameters().get("type");
        if (list != null) {
            EventType[] eventTypeArr = new EventType[list.size()];
            for (int i = 0; i < eventTypeArr.length; i++) {
                eventTypeArr[i] = EventType.valueOf((String) list.get(i));
            }
            realm.type(eventTypeArr);
        }
        if (str2 != null) {
            realm.user(str2);
        }
        if (str3 != null) {
            realm.fromDate(str3);
        }
        if (str4 != null) {
            realm.toDate(str4);
        }
        if (str5 != null) {
            realm.ipAddress(str5);
        }
        if (num != null) {
            realm.firstResult(num.intValue());
        }
        if (num2 != null) {
            realm.maxResults(num2.intValue());
        }
        return realm.getResultList();
    }

    @Path("events")
    @DELETE
    public void clearEvents() {
        this.auth.init(RealmAuth.Resource.EVENTS).requireManage();
        ((EventStoreProvider) this.session.getProvider(EventStoreProvider.class)).clear(this.realm.getId());
    }

    @GET
    @Path("testLDAPConnection")
    @NoCache
    public Response testLDAPConnection(@QueryParam("action") String str, @QueryParam("connectionUrl") String str2, @QueryParam("bindDn") String str3, @QueryParam("bindCredential") String str4) {
        this.auth.init(RealmAuth.Resource.REALM).requireManage();
        return new LDAPConnectionTestManager().testLDAP(str, str2, str3, str4) ? Response.noContent().build() : ErrorResponse.error("LDAP test error", Response.Status.BAD_REQUEST);
    }

    @Path("identity-provider")
    public IdentityProvidersResource getIdentityProviderResource() {
        return new IdentityProvidersResource(this.realm, this.session, this.auth);
    }
}
