package org.keycloak.services.managers;

import java.net.URI;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.UriBuilder;
import org.jboss.logging.Logger;
import org.jboss.resteasy.client.ClientResponse;
import org.jboss.resteasy.client.core.executors.ApacheHttpClient4Executor;
import org.keycloak.TokenIdGenerator;
import org.keycloak.models.ApplicationModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.models.UserModel;
import org.keycloak.representations.adapters.action.LogoutAction;
import org.keycloak.representations.adapters.action.PushNotBeforeAction;
import org.keycloak.representations.adapters.action.SessionStats;
import org.keycloak.representations.adapters.action.SessionStatsAction;
import org.keycloak.representations.adapters.action.UserStats;
import org.keycloak.representations.adapters.action.UserStatsAction;
import org.keycloak.services.util.HttpClientBuilder;
import org.keycloak.services.util.ResolveRelative;
import org.keycloak.util.Time;

/* loaded from: input_file:org/keycloak/services/managers/ResourceAdminManager.class */
public class ResourceAdminManager {
    protected static Logger logger = Logger.getLogger(ResourceAdminManager.class);

    public SessionStats getSessionStats(URI uri, KeycloakSession keycloakSession, RealmModel realmModel, ApplicationModel applicationModel, boolean z) {
        ApacheHttpClient4Executor createExecutor = createExecutor();
        try {
            SessionStats sessionStats = getSessionStats(uri, keycloakSession, realmModel, applicationModel, z, createExecutor);
            createExecutor.getHttpClient().getConnectionManager().shutdown();
            return sessionStats;
        } catch (Throwable th) {
            createExecutor.getHttpClient().getConnectionManager().shutdown();
            throw th;
        }
    }

    public static ApacheHttpClient4Executor createExecutor() {
        return new ApacheHttpClient4Executor(new HttpClientBuilder().disableTrustManager().build());
    }

    public SessionStats getSessionStats(URI uri, KeycloakSession keycloakSession, RealmModel realmModel, ApplicationModel applicationModel, boolean z, ApacheHttpClient4Executor apacheHttpClient4Executor) {
        String managementUrl = getManagementUrl(uri, applicationModel);
        if (managementUrl == null) {
            logger.debug("no management url.");
            return null;
        }
        SessionStatsAction sessionStatsAction = new SessionStatsAction(TokenIdGenerator.generateId(), Time.currentTime() + 30, applicationModel.getName());
        sessionStatsAction.setListUsers(z);
        String encodeToken = new TokenManager().encodeToken(realmModel, sessionStatsAction);
        logger.debugv("session stats for application: {0} url: {1}", applicationModel.getName(), managementUrl);
        try {
            ClientResponse post = apacheHttpClient4Executor.createRequest(UriBuilder.fromUri(managementUrl).path("k_get_session_stats").build(new Object[0]).toString()).body(MediaType.TEXT_PLAIN_TYPE, encodeToken).post(SessionStats.class);
            try {
                if (post.getStatus() != 200) {
                    logger.warn("Failed to get stats: " + post.getStatus());
                    post.releaseConnection();
                    return null;
                }
                SessionStats sessionStats = (SessionStats) post.getEntity();
                if (z && sessionStats.getUsers() != null) {
                    HashMap hashMap = new HashMap();
                    for (Map.Entry entry : sessionStats.getUsers().entrySet()) {
                        UserModel userById = keycloakSession.users().getUserById((String) entry.getKey(), realmModel);
                        if (userById != null) {
                            hashMap.put(userById.getUsername(), entry.getValue());
                        }
                    }
                    sessionStats.setUsers(hashMap);
                }
                return sessionStats;
            } finally {
                post.releaseConnection();
            }
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    protected String getManagementUrl(URI uri, ApplicationModel applicationModel) {
        return ResolveRelative.resolveRelativeUri(uri, applicationModel.getManagementUrl());
    }

    public UserStats getUserStats(URI uri, RealmModel realmModel, ApplicationModel applicationModel, UserModel userModel) {
        ApacheHttpClient4Executor createExecutor = createExecutor();
        try {
            UserStats userStats = getUserStats(uri, realmModel, applicationModel, userModel, createExecutor);
            createExecutor.getHttpClient().getConnectionManager().shutdown();
            return userStats;
        } catch (Throwable th) {
            createExecutor.getHttpClient().getConnectionManager().shutdown();
            throw th;
        }
    }

    public UserStats getUserStats(URI uri, RealmModel realmModel, ApplicationModel applicationModel, UserModel userModel, ApacheHttpClient4Executor apacheHttpClient4Executor) {
        String managementUrl = getManagementUrl(uri, applicationModel);
        if (managementUrl == null) {
            logger.debug("no management url.");
            return null;
        }
        String encodeToken = new TokenManager().encodeToken(realmModel, new UserStatsAction(TokenIdGenerator.generateId(), Time.currentTime() + 30, applicationModel.getName(), userModel.getId()));
        logger.debugv("session stats for application: {0} url: {1}", applicationModel.getName(), managementUrl);
        try {
            ClientResponse post = apacheHttpClient4Executor.createRequest(UriBuilder.fromUri(managementUrl).path("k_get_user_stats").build(new Object[0]).toString()).body(MediaType.TEXT_PLAIN_TYPE, encodeToken).post(UserStats.class);
            try {
                if (post.getStatus() != 200) {
                    logger.warn("Failed to get stats: " + post.getStatus());
                    post.releaseConnection();
                    return null;
                }
                UserStats userStats = (UserStats) post.getEntity();
                post.releaseConnection();
                return userStats;
            } catch (Throwable th) {
                post.releaseConnection();
                throw th;
            }
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    public void logoutUser(URI uri, RealmModel realmModel, String str, String str2) {
        ApacheHttpClient4Executor createExecutor = createExecutor();
        try {
            List applications = realmModel.getApplications();
            logger.debugv("logging out {0} resources ", Integer.valueOf(applications.size()));
            Iterator it = applications.iterator();
            while (it.hasNext()) {
                logoutApplication(uri, realmModel, (ApplicationModel) it.next(), str, str2, createExecutor, 0);
            }
        } finally {
            createExecutor.getHttpClient().getConnectionManager().shutdown();
        }
    }

    public void logoutSession(URI uri, RealmModel realmModel, String str) {
        ApacheHttpClient4Executor createExecutor = createExecutor();
        try {
            List applications = realmModel.getApplications();
            logger.debugv("logging out {0} resources ", Integer.valueOf(applications.size()));
            Iterator it = applications.iterator();
            while (it.hasNext()) {
                logoutApplication(uri, realmModel, (ApplicationModel) it.next(), null, str, createExecutor, 0);
            }
        } finally {
            createExecutor.getHttpClient().getConnectionManager().shutdown();
        }
    }

    public void logoutAll(URI uri, RealmModel realmModel) {
        ApacheHttpClient4Executor createExecutor = createExecutor();
        try {
            realmModel.setNotBefore(Time.currentTime());
            List applications = realmModel.getApplications();
            logger.debugv("logging out {0} resources ", Integer.valueOf(applications.size()));
            Iterator it = applications.iterator();
            while (it.hasNext()) {
                logoutApplication(uri, realmModel, (ApplicationModel) it.next(), null, null, createExecutor, realmModel.getNotBefore());
            }
        } finally {
            createExecutor.getHttpClient().getConnectionManager().shutdown();
        }
    }

    public void logoutApplication(URI uri, RealmModel realmModel, ApplicationModel applicationModel, String str, String str2) {
        ApacheHttpClient4Executor createExecutor = createExecutor();
        try {
            applicationModel.setNotBefore(Time.currentTime());
            logoutApplication(uri, realmModel, applicationModel, str, str2, createExecutor, applicationModel.getNotBefore());
            createExecutor.getHttpClient().getConnectionManager().shutdown();
        } catch (Throwable th) {
            createExecutor.getHttpClient().getConnectionManager().shutdown();
            throw th;
        }
    }

    protected boolean logoutApplication(URI uri, RealmModel realmModel, ApplicationModel applicationModel, String str, String str2, ApacheHttpClient4Executor apacheHttpClient4Executor, int i) {
        String managementUrl = getManagementUrl(uri, applicationModel);
        if (managementUrl == null) {
            logger.debugv("Can't logout {0}: no management url", applicationModel.getName());
            return false;
        }
        String encodeToken = new TokenManager().encodeToken(realmModel, new LogoutAction(TokenIdGenerator.generateId(), Time.currentTime() + 30, applicationModel.getName(), str, str2, i));
        logger.debugv("logout user: {0} resource: {1} url: {2}", str, applicationModel.getName(), managementUrl);
        try {
            ClientResponse post = apacheHttpClient4Executor.createRequest(UriBuilder.fromUri(managementUrl).path("k_logout").build(new Object[0]).toString()).body(MediaType.TEXT_PLAIN_TYPE, encodeToken).post(UserStats.class);
            try {
                boolean z = post.getStatus() == 204;
                logger.debug("logout success.");
                post.releaseConnection();
                return z;
            } catch (Throwable th) {
                post.releaseConnection();
                throw th;
            }
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    public void pushRealmRevocationPolicy(URI uri, RealmModel realmModel) {
        ApacheHttpClient4Executor createExecutor = createExecutor();
        try {
            Iterator it = realmModel.getApplications().iterator();
            while (it.hasNext()) {
                pushRevocationPolicy(uri, realmModel, (ApplicationModel) it.next(), realmModel.getNotBefore(), createExecutor);
            }
        } finally {
            createExecutor.getHttpClient().getConnectionManager().shutdown();
        }
    }

    public void pushApplicationRevocationPolicy(URI uri, RealmModel realmModel, ApplicationModel applicationModel) {
        ApacheHttpClient4Executor createExecutor = createExecutor();
        try {
            pushRevocationPolicy(uri, realmModel, applicationModel, applicationModel.getNotBefore(), createExecutor);
            createExecutor.getHttpClient().getConnectionManager().shutdown();
        } catch (Throwable th) {
            createExecutor.getHttpClient().getConnectionManager().shutdown();
            throw th;
        }
    }

    protected boolean pushRevocationPolicy(URI uri, RealmModel realmModel, ApplicationModel applicationModel, int i, ApacheHttpClient4Executor apacheHttpClient4Executor) {
        if (i <= 0) {
            return false;
        }
        String managementUrl = getManagementUrl(uri, applicationModel);
        if (managementUrl == null) {
            logger.debug("no management URL for application: " + applicationModel.getName());
            return false;
        }
        String encodeToken = new TokenManager().encodeToken(realmModel, new PushNotBeforeAction(TokenIdGenerator.generateId(), Time.currentTime() + 30, applicationModel.getName(), i));
        logger.debugv("pushRevocation resource: {0} url: {1}", applicationModel.getName(), managementUrl);
        try {
            ClientResponse post = apacheHttpClient4Executor.createRequest(UriBuilder.fromUri(managementUrl).path("k_push_not_before").build(new Object[0]).toString()).body(MediaType.TEXT_PLAIN_TYPE, encodeToken).post();
            try {
                boolean z = post.getStatus() == 204;
                logger.debug("pushRevocation success.");
                post.releaseConnection();
                return z;
            } catch (Throwable th) {
                post.releaseConnection();
                throw th;
            }
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }
}
