package org.keycloak.services.resources.admin;

import java.util.HashMap;
import java.util.LinkedList;
import javax.ws.rs.GET;
import javax.ws.rs.Produces;
import org.jboss.resteasy.annotations.cache.NoCache;
import org.keycloak.common.util.PemUtils;
import org.keycloak.crypto.KeyWrapper;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.representations.idm.KeysMetadataRepresentation;
import org.keycloak.services.resources.admin.permissions.AdminPermissionEvaluator;
import org.keycloak.utils.MediaType;

/* loaded from: input_file:org/keycloak/services/resources/admin/KeyResource.class */
public class KeyResource {
    private RealmModel realm;
    private KeycloakSession session;
    private AdminPermissionEvaluator auth;

    public KeyResource(RealmModel realmModel, KeycloakSession keycloakSession, AdminPermissionEvaluator adminPermissionEvaluator) {
        this.realm = realmModel;
        this.session = keycloakSession;
        this.auth = adminPermissionEvaluator;
    }

    @GET
    @Produces({MediaType.APPLICATION_JSON})
    @NoCache
    public KeysMetadataRepresentation getKeyMetadata() {
        this.auth.realm().requireViewRealm();
        KeysMetadataRepresentation keysMetadataRepresentation = new KeysMetadataRepresentation();
        keysMetadataRepresentation.setKeys(new LinkedList());
        keysMetadataRepresentation.setActive(new HashMap());
        for (KeyWrapper keyWrapper : this.session.keys().getKeys(this.realm)) {
            KeysMetadataRepresentation.KeyMetadataRepresentation keyMetadataRepresentation = new KeysMetadataRepresentation.KeyMetadataRepresentation();
            keyMetadataRepresentation.setProviderId(keyWrapper.getProviderId());
            keyMetadataRepresentation.setProviderPriority(keyWrapper.getProviderPriority());
            keyMetadataRepresentation.setKid(keyWrapper.getKid());
            keyMetadataRepresentation.setStatus(keyWrapper.getStatus() != null ? keyWrapper.getStatus().name() : null);
            keyMetadataRepresentation.setType(keyWrapper.getType());
            keyMetadataRepresentation.setAlgorithm(keyWrapper.getAlgorithm());
            keyMetadataRepresentation.setPublicKey(keyWrapper.getPublicKey() != null ? PemUtils.encodeKey(keyWrapper.getPublicKey()) : null);
            keyMetadataRepresentation.setCertificate(keyWrapper.getCertificate() != null ? PemUtils.encodeCertificate(keyWrapper.getCertificate()) : null);
            keysMetadataRepresentation.getKeys().add(keyMetadataRepresentation);
            if (keyWrapper.getStatus().isActive() && !keysMetadataRepresentation.getActive().containsKey(keyWrapper.getAlgorithm())) {
                keysMetadataRepresentation.getActive().put(keyWrapper.getAlgorithm(), keyWrapper.getKid());
            }
        }
        return keysMetadataRepresentation;
    }
}
