package org.wildfly.glow.deployment.openshift.keycloak;

import io.fabric8.kubernetes.api.model.KubernetesList;
import io.fabric8.kubernetes.client.dsl.Resource;
import io.fabric8.openshift.api.model.DeploymentConfig;
import io.fabric8.openshift.api.model.DeploymentConfigBuilder;
import io.fabric8.openshift.api.model.Route;
import io.fabric8.openshift.api.model.RouteBuilder;
import io.fabric8.openshift.client.OpenShiftClient;
import io.fabric8.openshift.client.dsl.TemplateResource;
import java.net.URL;
import java.nio.file.Path;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;
import java.util.concurrent.TimeUnit;
import org.wildfly.glow.Env;
import org.wildfly.glow.GlowMessageWriter;
import org.wildfly.glow.deployment.openshift.api.Deployer;
import org.wildfly.glow.deployment.openshift.api.OpenShiftSupport;
import org.wildfly.glow.deployment.openshift.api.Utils;

/* loaded from: input_file:org/wildfly/glow/deployment/openshift/keycloak/KeycloakDeployer.class */
public class KeycloakDeployer implements Deployer {
    private static final String KEYCLOAK_TEMPLATE_URL = "https://raw.githubusercontent.com/keycloak/keycloak-quickstarts/23.0.7/openshift/keycloak.yaml";
    private static final String KEYCLOAK_NAME = "keycloak";
    private static final String WILDFLY_REALM_PATH = "/realms/WildFly";
    private static final String KEYCLOAK_ADMIN = "admin";
    private static final String KEYCLOAK_ADMIN_PASSWORD = "admin";
    private static final String KEYCLOAK_DEMO = "demo";
    private static final String KEYCLOAK_DEMO_PASSWORD = "demo";
    private static final String KEYCLOAK_ADMIN_ENV = "KEYCLOAK_ADMIN";
    private static final String KEYCLOAK_ADMIN_PASSWORD_ENV = "KEYCLOAK_ADMIN_PASSWORD";
    private static final String OIDC_PROVIDER_URL_ENV = "OIDC_PROVIDER_URL";
    private static final String OIDC_PROVIDER_NAME_ENV = "OIDC_PROVIDER_NAME";
    private static final String OIDC_SECURE_DEPLOYMENT_SECRET_ENV = "OIDC_SECURE_DEPLOYMENT_SECRET";
    private static final String OIDC_USER_NAME_ENV = "OIDC_USER_NAME";
    private static final String OIDC_USER_PASSWORD_ENV = "OIDC_USER_PASSWORD";
    private static final String OIDC_HOSTNAME_HTTPS_ENV = "OIDC_HOSTNAME_HTTPS";
    private static final String MYSECRET = "mysecret";
    private static final String NAMESPACE_ENV = "NAMESPACE";
    private static final Set<String> RESOLVED_ENVS = new HashSet();

    @Override // org.wildfly.glow.deployment.openshift.api.Deployer
    public Map<String, String> disabledDeploy(String str, String str2, String str3, Map<String, String> map) {
        HashMap hashMap = new HashMap();
        hashMap.put(OIDC_HOSTNAME_HTTPS_ENV, str);
        hashMap.putAll(getExistingEnv(map));
        return hashMap;
    }

    private Map<String, String> getExistingEnv(Map<String, String> map) {
        HashMap hashMap = new HashMap();
        for (Map.Entry<String, String> entry : map.entrySet()) {
            if (entry.getKey().startsWith("OIDC_")) {
                hashMap.put(entry.getKey(), entry.getValue());
            }
        }
        return hashMap;
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // org.wildfly.glow.deployment.openshift.api.Deployer
    public Map<String, String> deploy(GlowMessageWriter glowMessageWriter, Path path, OpenShiftClient openShiftClient, Map<String, String> map, String str, String str2, String str3, Map<String, String> map2, boolean z) throws Exception {
        glowMessageWriter.info("Deploying Keycloak server");
        HashMap hashMap = new HashMap();
        String str4 = map2.get(KEYCLOAK_ADMIN_ENV);
        hashMap.put(KEYCLOAK_ADMIN_ENV, str4 == null ? "admin" : str4);
        String str5 = map2.get(KEYCLOAK_ADMIN_PASSWORD_ENV);
        hashMap.put(KEYCLOAK_ADMIN_PASSWORD_ENV, str5 == null ? "admin" : str5);
        hashMap.put(NAMESPACE_ENV, openShiftClient.getNamespace());
        ((TemplateResource) openShiftClient.templates().load(new URL(KEYCLOAK_TEMPLATE_URL))).createOr((v0) -> {
            return v0.update();
        });
        KubernetesList process = ((TemplateResource) openShiftClient.templates().withName(KEYCLOAK_NAME)).process(hashMap);
        if (!z) {
            openShiftClient.resourceList(process).createOrReplace();
        }
        Utils.persistResource(OpenShiftSupport.getDeployersDirectory(path), process, "keycloak-resources.yaml");
        glowMessageWriter.info("Waiting until keycloak is ready ...");
        DeploymentConfig build = ((DeploymentConfigBuilder) new DeploymentConfigBuilder().withNewMetadata().withName(KEYCLOAK_NAME).endMetadata()).build();
        if (!z) {
            ((Resource) openShiftClient.resources(DeploymentConfig.class).resource(build)).waitUntilReady(5L, TimeUnit.MINUTES);
        }
        String str6 = "https://" + (z ? "TO_BE_DEFINED" : ((Route) ((Resource) openShiftClient.routes().resource(((RouteBuilder) new RouteBuilder().withNewMetadata().withName(KEYCLOAK_NAME).endMetadata()).build())).get()).getSpec().getHost());
        glowMessageWriter.info("Keycloak route: " + str6);
        HashMap hashMap2 = new HashMap();
        String str7 = str6 + "/realms/WildFly";
        glowMessageWriter.warn("NOTE: Some actions must be taken from the keycloack console.");
        glowMessageWriter.warn("1- Use admin/admin to log to the console " + str6);
        glowMessageWriter.warn("2- Create a realm named WildFly");
        glowMessageWriter.warn("3- Create a user named demo, password demo");
        glowMessageWriter.warn("4- Create a role needed by your application and assign it to the demo user");
        if (map.containsKey(OIDC_PROVIDER_URL_ENV)) {
            glowMessageWriter.warn("5- Assign the role 'realm-management create-client' to the demo user");
            glowMessageWriter.warn("NOTE: In case your application is deployed prior you completed the keycloak admin tasks, make sure to re-deploy your application.");
        } else {
            glowMessageWriter.warn("5 - Create an OIDC Client named the way your OIDC configuration expects it. Set its Root URL to  'https://" + str + ("ROOT.war".equals(str2) ? "" : "/" + str2) + "'");
        }
        hashMap2.put(OIDC_PROVIDER_URL_ENV, str7);
        if (map.containsKey(OIDC_PROVIDER_URL_ENV)) {
            hashMap2.put(OIDC_PROVIDER_NAME_ENV, KEYCLOAK_NAME);
            hashMap2.put(OIDC_SECURE_DEPLOYMENT_SECRET_ENV, MYSECRET);
            hashMap2.put(OIDC_USER_NAME_ENV, "demo");
            hashMap2.put(OIDC_USER_PASSWORD_ENV, "demo");
            hashMap2.put(OIDC_HOSTNAME_HTTPS_ENV, str);
        }
        if (z) {
            glowMessageWriter.info("Resources for Keycloak server have been generated");
        } else {
            glowMessageWriter.info("Keycloak server has been deployed");
        }
        return hashMap2;
    }

    @Override // org.wildfly.glow.deployment.openshift.api.Deployer
    public Set<Env> getResolvedEnvs(Set<Env> set) {
        HashSet hashSet = new HashSet();
        for (Env env : set) {
            if (RESOLVED_ENVS.contains(env.getName())) {
                hashSet.add(env);
            }
        }
        return hashSet;
    }

    @Override // org.wildfly.glow.deployment.openshift.api.Deployer
    public Set<String> getSupportedLayers() {
        HashSet hashSet = new HashSet();
        hashSet.add("elytron-oidc-client");
        return hashSet;
    }

    @Override // org.wildfly.glow.deployment.openshift.api.Deployer
    public String getName() {
        return KEYCLOAK_NAME;
    }

    static {
        RESOLVED_ENVS.add(OIDC_PROVIDER_URL_ENV);
        RESOLVED_ENVS.add(OIDC_SECURE_DEPLOYMENT_SECRET_ENV);
        RESOLVED_ENVS.add(OIDC_USER_NAME_ENV);
        RESOLVED_ENVS.add(OIDC_USER_PASSWORD_ENV);
        RESOLVED_ENVS.add(OIDC_PROVIDER_NAME_ENV);
        RESOLVED_ENVS.add(OIDC_HOSTNAME_HTTPS_ENV);
    }
}
