package org.keycloak.services.managers;

import java.util.Iterator;
import org.jboss.logging.Logger;
import org.keycloak.Config;
import org.keycloak.enums.SslRequired;
import org.keycloak.models.AdminRoles;
import org.keycloak.models.ApplicationModel;
import org.keycloak.models.Constants;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.KeycloakSessionFactory;
import org.keycloak.models.RealmModel;
import org.keycloak.models.UserCredentialModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.utils.KeycloakModelUtils;
import twitter4j.internal.http.HttpResponseCode;

/* loaded from: input_file:WEB-INF/lib/keycloak-services-1.0.2.Final.jar:org/keycloak/services/managers/ApplianceBootstrap.class */
public class ApplianceBootstrap {
    private static final Logger logger = Logger.getLogger((Class<?>) ApplianceBootstrap.class);

    public void bootstrap(KeycloakSessionFactory keycloakSessionFactory, String str) {
        KeycloakSession create = keycloakSessionFactory.create();
        create.getTransaction().begin();
        try {
            bootstrap(create, str);
            create.getTransaction().commit();
            create.close();
        } catch (Throwable th) {
            create.close();
            throw th;
        }
    }

    public void bootstrap(KeycloakSession keycloakSession, String str) {
        String adminRealm = Config.getAdminRealm();
        if (keycloakSession.realms().getRealm(adminRealm) != null) {
            return;
        }
        logger.info("Initializing " + adminRealm + " realm");
        RealmManager realmManager = new RealmManager(keycloakSession);
        realmManager.setContextPath(str);
        RealmModel createRealm = realmManager.createRealm(adminRealm, adminRealm);
        createRealm.setName(adminRealm);
        createRealm.setEnabled(true);
        createRealm.addRequiredCredential("password");
        createRealm.setSsoSessionIdleTimeout(HttpResponseCode.MULTIPLE_CHOICES);
        createRealm.setAccessTokenLifespan(60);
        createRealm.setSsoSessionMaxLifespan(36000);
        createRealm.setAccessCodeLifespan(60);
        createRealm.setAccessCodeLifespanUserAction(HttpResponseCode.MULTIPLE_CHOICES);
        createRealm.setSslRequired(SslRequired.EXTERNAL);
        createRealm.setRegistrationAllowed(false);
        KeycloakModelUtils.generateRealmKeys(createRealm);
        UserModel addUser = keycloakSession.users().addUser(createRealm, "admin");
        addUser.setEnabled(true);
        UserCredentialModel userCredentialModel = new UserCredentialModel();
        userCredentialModel.setType("password");
        userCredentialModel.setValue("admin");
        keycloakSession.users().updateCredential(createRealm, addUser, userCredentialModel);
        addUser.addRequiredAction(UserModel.RequiredAction.UPDATE_PASSWORD);
        addUser.grantRole(createRealm.getRole(AdminRoles.ADMIN));
        ApplicationModel applicationModel = createRealm.getApplicationNameMap().get(Constants.ACCOUNT_MANAGEMENT_APP);
        Iterator<String> it = applicationModel.getDefaultRoles().iterator();
        while (it.hasNext()) {
            addUser.grantRole(applicationModel.getRole(it.next()));
        }
    }
}
