package org.keycloak.protocol.oidc;

import javax.ws.rs.GET;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.HttpHeaders;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriBuilder;
import javax.ws.rs.core.UriInfo;
import org.jboss.logging.Logger;
import org.jboss.resteasy.spi.ResteasyProviderFactory;
import org.keycloak.OAuth2Constants;
import org.keycloak.events.EventBuilder;
import org.keycloak.jose.jwk.JWK;
import org.keycloak.jose.jwk.JWKBuilder;
import org.keycloak.login.LoginFormsProvider;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.protocol.oidc.endpoints.AuthorizationEndpoint;
import org.keycloak.protocol.oidc.endpoints.LoginStatusIframeEndpoint;
import org.keycloak.protocol.oidc.endpoints.LogoutEndpoint;
import org.keycloak.protocol.oidc.endpoints.TokenEndpoint;
import org.keycloak.protocol.oidc.endpoints.UserInfoEndpoint;
import org.keycloak.protocol.oidc.endpoints.ValidateTokenEndpoint;
import org.keycloak.protocol.oidc.representations.JSONWebKeySet;
import org.keycloak.services.managers.AuthenticationManager;
import org.keycloak.services.resources.RealmsResource;
import org.keycloak.services.resources.flows.Flows;

/* loaded from: input_file:WEB-INF/lib/keycloak-services-1.2.0.Beta1.jar:org/keycloak/protocol/oidc/OIDCLoginProtocolService.class */
public class OIDCLoginProtocolService {
    protected static final Logger logger = Logger.getLogger((Class<?>) OIDCLoginProtocolService.class);
    private RealmModel realm;
    private TokenManager tokenManager = new TokenManager();
    private EventBuilder event;
    private AuthenticationManager authManager;

    @Context
    private UriInfo uriInfo;

    @Context
    private KeycloakSession session;

    @Context
    private HttpHeaders headers;

    public OIDCLoginProtocolService(RealmModel realmModel, EventBuilder eventBuilder, AuthenticationManager authenticationManager) {
        this.realm = realmModel;
        this.event = eventBuilder;
        this.authManager = authenticationManager;
    }

    public static UriBuilder tokenServiceBaseUrl(UriInfo uriInfo) {
        return tokenServiceBaseUrl(uriInfo.getBaseUriBuilder());
    }

    public static UriBuilder tokenServiceBaseUrl(UriBuilder uriBuilder) {
        return uriBuilder.path(RealmsResource.class).path("{realm}/protocol/openid-connect");
    }

    public static UriBuilder authUrl(UriInfo uriInfo) {
        return authUrl(uriInfo.getBaseUriBuilder());
    }

    public static UriBuilder authUrl(UriBuilder uriBuilder) {
        return tokenServiceBaseUrl(uriBuilder).path(OIDCLoginProtocolService.class, "auth");
    }

    public static UriBuilder tokenUrl(UriBuilder uriBuilder) {
        return tokenServiceBaseUrl(uriBuilder).path(OIDCLoginProtocolService.class, "token");
    }

    public static UriBuilder validateAccessTokenUrl(UriBuilder uriBuilder) {
        return tokenServiceBaseUrl(uriBuilder).path(OIDCLoginProtocolService.class, "validateAccessToken");
    }

    public static UriBuilder logoutUrl(UriInfo uriInfo) {
        return logoutUrl(uriInfo.getBaseUriBuilder());
    }

    public static UriBuilder logoutUrl(UriBuilder uriBuilder) {
        return tokenServiceBaseUrl(uriBuilder).path(OIDCLoginProtocolService.class, "logout");
    }

    @Path("auth")
    public Object auth() {
        AuthorizationEndpoint authorizationEndpoint = new AuthorizationEndpoint(this.authManager, this.realm, this.event);
        ResteasyProviderFactory.getInstance().injectProperties(authorizationEndpoint);
        return authorizationEndpoint.init();
    }

    @Path("registrations")
    public Object registerPage() {
        AuthorizationEndpoint authorizationEndpoint = new AuthorizationEndpoint(this.authManager, this.realm, this.event);
        ResteasyProviderFactory.getInstance().injectProperties(authorizationEndpoint);
        return authorizationEndpoint.init().register();
    }

    @Path("token")
    public Object token() {
        TokenEndpoint tokenEndpoint = new TokenEndpoint(this.tokenManager, this.authManager, this.realm, this.event);
        ResteasyProviderFactory.getInstance().injectProperties(tokenEndpoint);
        return tokenEndpoint.init();
    }

    @Path("login")
    @Deprecated
    public Object loginPage() {
        AuthorizationEndpoint authorizationEndpoint = new AuthorizationEndpoint(this.authManager, this.realm, this.event);
        ResteasyProviderFactory.getInstance().injectProperties(authorizationEndpoint);
        return authorizationEndpoint.legacy("code").init();
    }

    @Path("login-status-iframe.html")
    public Object getLoginStatusIframe() {
        LoginStatusIframeEndpoint loginStatusIframeEndpoint = new LoginStatusIframeEndpoint(this.realm);
        ResteasyProviderFactory.getInstance().injectProperties(loginStatusIframeEndpoint);
        return loginStatusIframeEndpoint;
    }

    @Path("grants/access")
    @Deprecated
    public Object grantAccessToken() {
        TokenEndpoint tokenEndpoint = new TokenEndpoint(this.tokenManager, this.authManager, this.realm, this.event);
        ResteasyProviderFactory.getInstance().injectProperties(tokenEndpoint);
        return tokenEndpoint.legacy("password").init();
    }

    @Path("refresh")
    @Deprecated
    public Object refreshAccessToken() {
        TokenEndpoint tokenEndpoint = new TokenEndpoint(this.tokenManager, this.authManager, this.realm, this.event);
        ResteasyProviderFactory.getInstance().injectProperties(tokenEndpoint);
        return tokenEndpoint.legacy(OAuth2Constants.REFRESH_TOKEN).init();
    }

    @Path("access/codes")
    @Deprecated
    public Object accessCodeToToken() {
        TokenEndpoint tokenEndpoint = new TokenEndpoint(this.tokenManager, this.authManager, this.realm, this.event);
        ResteasyProviderFactory.getInstance().injectProperties(tokenEndpoint);
        return tokenEndpoint.legacy("authorization_code").init();
    }

    @Path("validate")
    public Object validateAccessToken(@QueryParam("access_token") String str) {
        ValidateTokenEndpoint validateTokenEndpoint = new ValidateTokenEndpoint(this.tokenManager, this.realm, this.event);
        ResteasyProviderFactory.getInstance().injectProperties(validateTokenEndpoint);
        return validateTokenEndpoint;
    }

    @GET
    @Produces({MediaType.APPLICATION_JSON})
    @Path("certs")
    public JSONWebKeySet certs() {
        JSONWebKeySet jSONWebKeySet = new JSONWebKeySet();
        jSONWebKeySet.setKeys(new JWK[]{JWKBuilder.create().rs256(this.realm.getPublicKey())});
        return jSONWebKeySet;
    }

    @Path("userinfo")
    public Object issueUserInfo() {
        UserInfoEndpoint userInfoEndpoint = new UserInfoEndpoint(this.tokenManager, this.realm);
        ResteasyProviderFactory.getInstance().injectProperties(userInfoEndpoint);
        return userInfoEndpoint;
    }

    @Path("logout")
    public Object logout() {
        LogoutEndpoint logoutEndpoint = new LogoutEndpoint(this.tokenManager, this.authManager, this.realm, this.event);
        ResteasyProviderFactory.getInstance().injectProperties(logoutEndpoint);
        return logoutEndpoint;
    }

    @GET
    @Path("oauth/oob")
    public Response installedAppUrnCallback(@QueryParam("code") String str, @QueryParam("error") String str2, @QueryParam("error_description") String str3) {
        LoginFormsProvider forms = Flows.forms(this.session, this.realm, null, this.uriInfo, this.headers);
        return str != null ? forms.setClientSessionCode(str).createCode() : forms.setError(str2, new Object[0]).createCode();
    }
}
