package org.keycloak.services.resources.admin;

import java.util.HashMap;
import java.util.LinkedList;
import javax.ws.rs.GET;
import javax.ws.rs.Produces;
import org.jboss.resteasy.annotations.cache.NoCache;
import org.keycloak.common.util.PemUtils;
import org.keycloak.jose.jws.AlgorithmType;
import org.keycloak.keys.RsaKeyMetadata;
import org.keycloak.keys.SecretKeyMetadata;
import org.keycloak.models.KeyManager;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.representations.idm.KeysMetadataRepresentation;
import org.keycloak.services.resources.admin.permissions.AdminPermissionEvaluator;
import org.keycloak.utils.MediaType;

/* loaded from: input_file:org/keycloak/services/resources/admin/KeyResource.class */
public class KeyResource {
    private RealmModel realm;
    private KeycloakSession session;
    private AdminPermissionEvaluator auth;

    public KeyResource(RealmModel realmModel, KeycloakSession keycloakSession, AdminPermissionEvaluator adminPermissionEvaluator) {
        this.realm = realmModel;
        this.session = keycloakSession;
        this.auth = adminPermissionEvaluator;
    }

    @GET
    @Produces({MediaType.APPLICATION_JSON})
    @NoCache
    public KeysMetadataRepresentation getKeyMetadata() {
        this.auth.realm().requireViewRealm();
        KeyManager keys = this.session.keys();
        KeysMetadataRepresentation keysMetadataRepresentation = new KeysMetadataRepresentation();
        HashMap hashMap = new HashMap();
        hashMap.put(AlgorithmType.RSA.name(), keys.getActiveRsaKey(this.realm).getKid());
        hashMap.put(AlgorithmType.HMAC.name(), keys.getActiveHmacKey(this.realm).getKid());
        hashMap.put(AlgorithmType.AES.name(), keys.getActiveAesKey(this.realm).getKid());
        keysMetadataRepresentation.setActive(hashMap);
        LinkedList linkedList = new LinkedList();
        for (RsaKeyMetadata rsaKeyMetadata : this.session.keys().getRsaKeys(this.realm, true)) {
            KeysMetadataRepresentation.KeyMetadataRepresentation keyMetadataRepresentation = new KeysMetadataRepresentation.KeyMetadataRepresentation();
            keyMetadataRepresentation.setProviderId(rsaKeyMetadata.getProviderId());
            keyMetadataRepresentation.setProviderPriority(rsaKeyMetadata.getProviderPriority());
            keyMetadataRepresentation.setKid(rsaKeyMetadata.getKid());
            keyMetadataRepresentation.setStatus(rsaKeyMetadata.getStatus() != null ? rsaKeyMetadata.getStatus().name() : null);
            keyMetadataRepresentation.setType(AlgorithmType.RSA.name());
            keyMetadataRepresentation.setPublicKey(PemUtils.encodeKey(rsaKeyMetadata.getPublicKey()));
            keyMetadataRepresentation.setCertificate(PemUtils.encodeCertificate(rsaKeyMetadata.getCertificate()));
            linkedList.add(keyMetadataRepresentation);
        }
        for (SecretKeyMetadata secretKeyMetadata : this.session.keys().getHmacKeys(this.realm, true)) {
            KeysMetadataRepresentation.KeyMetadataRepresentation keyMetadataRepresentation2 = new KeysMetadataRepresentation.KeyMetadataRepresentation();
            keyMetadataRepresentation2.setProviderId(secretKeyMetadata.getProviderId());
            keyMetadataRepresentation2.setProviderPriority(secretKeyMetadata.getProviderPriority());
            keyMetadataRepresentation2.setKid(secretKeyMetadata.getKid());
            keyMetadataRepresentation2.setStatus(secretKeyMetadata.getStatus() != null ? secretKeyMetadata.getStatus().name() : null);
            keyMetadataRepresentation2.setType(AlgorithmType.HMAC.name());
            linkedList.add(keyMetadataRepresentation2);
        }
        for (SecretKeyMetadata secretKeyMetadata2 : this.session.keys().getAesKeys(this.realm, true)) {
            KeysMetadataRepresentation.KeyMetadataRepresentation keyMetadataRepresentation3 = new KeysMetadataRepresentation.KeyMetadataRepresentation();
            keyMetadataRepresentation3.setProviderId(secretKeyMetadata2.getProviderId());
            keyMetadataRepresentation3.setProviderPriority(secretKeyMetadata2.getProviderPriority());
            keyMetadataRepresentation3.setKid(secretKeyMetadata2.getKid());
            keyMetadataRepresentation3.setStatus(secretKeyMetadata2.getStatus() != null ? secretKeyMetadata2.getStatus().name() : null);
            keyMetadataRepresentation3.setType(AlgorithmType.AES.name());
            linkedList.add(keyMetadataRepresentation3);
        }
        keysMetadataRepresentation.setKeys(linkedList);
        return keysMetadataRepresentation;
    }
}
