package org.keycloak.services.resources;

import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.net.URI;
import java.net.URL;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import java.util.StringTokenizer;
import javax.servlet.ServletContext;
import javax.ws.rs.core.Application;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.UriInfo;
import org.codehaus.jackson.map.ObjectMapper;
import org.jboss.logging.Logger;
import org.jboss.resteasy.core.Dispatcher;
import org.jboss.resteasy.spi.ResteasyProviderFactory;
import org.keycloak.Config;
import org.keycloak.SkeletonKeyContextResolver;
import org.keycloak.exportimport.ExportImportProvider;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.provider.ProviderSession;
import org.keycloak.provider.ProviderSessionFactory;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.services.DefaultProviderSessionFactory;
import org.keycloak.services.managers.ApplianceBootstrap;
import org.keycloak.services.managers.BruteForceProtector;
import org.keycloak.services.managers.RealmManager;
import org.keycloak.services.managers.TokenManager;
import org.keycloak.services.resources.admin.AdminRoot;
import org.keycloak.services.scheduled.ClearExpiredAuditEvents;
import org.keycloak.services.scheduled.ClearExpiredUserSessions;
import org.keycloak.services.scheduled.ScheduledTaskRunner;
import org.keycloak.services.util.JsonConfigProvider;
import org.keycloak.timer.TimerProvider;
import org.keycloak.util.JsonSerialization;
import org.keycloak.util.ProviderLoader;

/* loaded from: input_file:org/keycloak/services/resources/KeycloakApplication.class */
public class KeycloakApplication extends Application {
    private static final Logger log = Logger.getLogger(KeycloakApplication.class);
    protected Set<Object> singletons = new HashSet();
    protected Set<Class<?>> classes = new HashSet();
    protected ProviderSessionFactory providerSessionFactory;
    protected String contextPath;

    public KeycloakApplication(@Context ServletContext servletContext, @Context Dispatcher dispatcher) {
        loadConfig();
        this.providerSessionFactory = createProviderSessionFactory();
        dispatcher.getDefaultContextObjects().put(KeycloakApplication.class, this);
        this.contextPath = servletContext.getContextPath();
        BruteForceProtector bruteForceProtector = new BruteForceProtector(this.providerSessionFactory);
        dispatcher.getDefaultContextObjects().put(BruteForceProtector.class, bruteForceProtector);
        ResteasyProviderFactory.pushContext(BruteForceProtector.class, bruteForceProtector);
        bruteForceProtector.start();
        servletContext.setAttribute(BruteForceProtector.class.getName(), bruteForceProtector);
        servletContext.setAttribute(ProviderSessionFactory.class.getName(), this.providerSessionFactory);
        TokenManager tokenManager = new TokenManager();
        this.singletons.add(new RealmsResource(tokenManager));
        this.singletons.add(new SocialResource(tokenManager));
        this.singletons.add(new AdminRoot(tokenManager));
        this.classes.add(SkeletonKeyContextResolver.class);
        this.classes.add(QRCodeResource.class);
        this.classes.add(ThemeResource.class);
        this.classes.add(JsResource.class);
        this.classes.add(WelcomeResource.class);
        checkExportImportProvider();
        setupDefaultRealm(servletContext.getContextPath());
        setupScheduledTasks(this.providerSessionFactory);
        importRealms(servletContext);
    }

    public String getContextPath() {
        return this.contextPath;
    }

    public URI getBaseUri(UriInfo uriInfo) {
        return uriInfo.getBaseUriBuilder().replacePath(getContextPath()).build(new Object[0]);
    }

    protected void loadConfig() {
        try {
            URL url = null;
            String property = System.getProperty("jboss.server.config.dir");
            if (property != null) {
                File file = new File(property + File.separator + "keycloak-server.json");
                if (file.isFile()) {
                    url = file.toURI().toURL();
                }
            }
            if (url == null) {
                url = Thread.currentThread().getContextClassLoader().getResource("META-INF/keycloak-server.json");
            }
            if (url == null) {
                log.warn("Config 'keycloak-server.json' not found");
            } else {
                Config.init(new JsonConfigProvider(new ObjectMapper().readTree(url)));
                log.info("Loaded config from " + url);
            }
        } catch (IOException e) {
            throw new RuntimeException("Failed to load config", e);
        }
    }

    protected void setupDefaultRealm(String str) {
        new ApplianceBootstrap().bootstrap(this.providerSessionFactory, str);
    }

    public static DefaultProviderSessionFactory createProviderSessionFactory() {
        DefaultProviderSessionFactory defaultProviderSessionFactory = new DefaultProviderSessionFactory();
        defaultProviderSessionFactory.init();
        return defaultProviderSessionFactory;
    }

    public static void setupScheduledTasks(ProviderSessionFactory providerSessionFactory) {
        long longValue = Config.scope(new String[]{"scheduled"}).getLong("interval", 60L).longValue() * 1000;
        TimerProvider provider = providerSessionFactory.createSession().getProvider(TimerProvider.class);
        provider.schedule(new ScheduledTaskRunner(providerSessionFactory, new ClearExpiredAuditEvents()), longValue);
        provider.schedule(new ScheduledTaskRunner(providerSessionFactory, new ClearExpiredUserSessions()), longValue);
    }

    public ProviderSessionFactory getProviderSessionFactory() {
        return this.providerSessionFactory;
    }

    public Set<Class<?>> getClasses() {
        return this.classes;
    }

    public Set<Object> getSingletons() {
        return this.singletons;
    }

    public void importRealms(ServletContext servletContext) {
        importRealmFile();
        importRealmResources(servletContext);
    }

    public void importRealmResources(ServletContext servletContext) {
        String initParameter = servletContext.getInitParameter("keycloak.import.realm.resources");
        if (initParameter != null) {
            StringTokenizer stringTokenizer = new StringTokenizer(initParameter, ",");
            while (stringTokenizer.hasMoreTokens()) {
                String trim = stringTokenizer.nextToken().trim();
                InputStream resourceAsStream = servletContext.getResourceAsStream(trim);
                if (resourceAsStream == null) {
                    log.warn("Could not find realm resource to import: " + trim);
                }
                importRealm((RealmRepresentation) loadJson(resourceAsStream, RealmRepresentation.class), "resource " + trim);
            }
        }
    }

    public void importRealmFile() {
        String property = System.getProperty("keycloak.import");
        if (property != null) {
            try {
                importRealm((RealmRepresentation) loadJson(new FileInputStream(property), RealmRepresentation.class), "file " + property);
            } catch (FileNotFoundException e) {
                throw new RuntimeException(e);
            }
        }
    }

    public void importRealm(RealmRepresentation realmRepresentation, String str) {
        ProviderSession createSession = this.providerSessionFactory.createSession();
        KeycloakSession provider = createSession.getProvider(KeycloakSession.class);
        try {
            provider.getTransaction().begin();
            RealmManager realmManager = new RealmManager(provider);
            realmManager.setContextPath(getContextPath());
            if (realmRepresentation.getId() != null && realmManager.getRealm(realmRepresentation.getId()) != null) {
                log.info("Not importing realm " + realmRepresentation.getRealm() + " from " + str + ".  It already exists.");
                createSession.close();
            } else {
                if (realmManager.getRealmByName(realmRepresentation.getRealm()) != null) {
                    log.info("Not importing realm " + realmRepresentation.getRealm() + " from " + str + ".  It already exists.");
                    createSession.close();
                    return;
                }
                RealmModel createRealm = realmManager.createRealm(realmRepresentation.getId(), realmRepresentation.getRealm());
                realmManager.importRealm(realmRepresentation, createRealm);
                log.info("Imported realm " + createRealm.getName() + " from " + str);
                provider.getTransaction().commit();
                createSession.close();
            }
        } catch (Throwable th) {
            createSession.close();
            throw th;
        }
    }

    private static <T> T loadJson(InputStream inputStream, Class<T> cls) {
        try {
            return (T) JsonSerialization.readValue(inputStream, cls);
        } catch (IOException e) {
            throw new RuntimeException("Failed to parse json", e);
        }
    }

    protected void checkExportImportProvider() {
        Iterator it = ProviderLoader.load(ExportImportProvider.class).iterator();
        if (it.hasNext()) {
            ((ExportImportProvider) it.next()).checkExportImport(this.providerSessionFactory);
        } else {
            log.warn("No ExportImportProvider found!");
        }
    }
}
