package org.keycloak.services.resources;

import com.fasterxml.jackson.core.type.TypeReference;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.util.HashSet;
import java.util.List;
import java.util.NoSuchElementException;
import java.util.ServiceLoader;
import java.util.Set;
import java.util.StringTokenizer;
import java.util.concurrent.atomic.AtomicBoolean;
import javax.transaction.SystemException;
import javax.transaction.Transaction;
import javax.ws.rs.core.Application;
import org.jboss.logging.Logger;
import org.keycloak.Config;
import org.keycloak.common.util.Resteasy;
import org.keycloak.config.ConfigProviderFactory;
import org.keycloak.exportimport.ExportImportManager;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.KeycloakSessionFactory;
import org.keycloak.models.KeycloakSessionTask;
import org.keycloak.models.ModelDuplicateException;
import org.keycloak.models.RealmModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.UserProvider;
import org.keycloak.models.utils.KeycloakModelUtils;
import org.keycloak.models.utils.PostMigrationEvent;
import org.keycloak.models.utils.RepresentationToModel;
import org.keycloak.platform.Platform;
import org.keycloak.platform.PlatformProvider;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.representations.idm.UserRepresentation;
import org.keycloak.services.DefaultKeycloakSessionFactory;
import org.keycloak.services.ServicesLogger;
import org.keycloak.services.error.KeycloakErrorHandler;
import org.keycloak.services.filters.KeycloakSecurityHeadersFilter;
import org.keycloak.services.managers.ApplianceBootstrap;
import org.keycloak.services.managers.RealmManager;
import org.keycloak.services.managers.UserStorageSyncManager;
import org.keycloak.services.resources.admin.AdminRoot;
import org.keycloak.services.scheduled.ClearExpiredClientInitialAccessTokens;
import org.keycloak.services.scheduled.ClearExpiredEvents;
import org.keycloak.services.scheduled.ClearExpiredUserSessions;
import org.keycloak.services.scheduled.ClusterAwareScheduledTaskRunner;
import org.keycloak.services.scheduled.ScheduledTaskRunner;
import org.keycloak.services.util.ObjectMapperResolver;
import org.keycloak.timer.TimerProvider;
import org.keycloak.transaction.JtaTransactionManagerLookup;
import org.keycloak.util.JsonSerialization;

/* loaded from: input_file:org/keycloak/services/resources/KeycloakApplication.class */
public class KeycloakApplication extends Application {
    public static final AtomicBoolean BOOTSTRAP_ADMIN_USER = new AtomicBoolean(false);
    private static final Logger logger = Logger.getLogger(KeycloakApplication.class);
    protected final PlatformProvider platform = Platform.getPlatform();
    protected Set<Object> singletons = new HashSet();
    protected Set<Class<?>> classes = new HashSet();
    protected static KeycloakSessionFactory sessionFactory;

    public KeycloakApplication() {
        try {
            logger.debugv("PlatformProvider: {0}", this.platform.getClass().getName());
            logger.debugv("RestEasy provider: {0}", Resteasy.getProvider().getClass().getName());
            loadConfig();
            this.singletons.add(new RobotsResource());
            this.singletons.add(new RealmsResource());
            this.singletons.add(new AdminRoot());
            this.classes.add(ThemeResource.class);
            this.classes.add(JsResource.class);
            this.classes.add(KeycloakSecurityHeadersFilter.class);
            this.classes.add(KeycloakErrorHandler.class);
            this.singletons.add(new ObjectMapperResolver());
            this.singletons.add(new WelcomeResource());
            this.platform.onStartup(this::startup);
            this.platform.onShutdown(this::shutdown);
        } catch (Throwable th) {
            this.platform.exit(th);
        }
    }

    protected void startup() {
        sessionFactory = createSessionFactory();
        ExportImportManager bootstrap = bootstrap();
        if (bootstrap.isRunExport()) {
            bootstrap.runExport();
        }
        KeycloakModelUtils.runJobInTransaction(sessionFactory, new KeycloakSessionTask() { // from class: org.keycloak.services.resources.KeycloakApplication.1
            public void run(KeycloakSession keycloakSession) {
                KeycloakApplication.BOOTSTRAP_ADMIN_USER.set(new ApplianceBootstrap(keycloakSession).isNoMasterUser());
            }
        });
        sessionFactory.publish(new PostMigrationEvent());
        setupScheduledTasks(sessionFactory);
    }

    protected void shutdown() {
        if (sessionFactory != null) {
            sessionFactory.close();
        }
    }

    protected ExportImportManager bootstrap() {
        final ExportImportManager[] exportImportManagerArr = new ExportImportManager[1];
        logger.debug("bootstrap");
        KeycloakModelUtils.runJobInTransaction(sessionFactory, new KeycloakSessionTask() { // from class: org.keycloak.services.resources.KeycloakApplication.2
            public void run(KeycloakSession keycloakSession) {
                JtaTransactionManagerLookup providerFactory = KeycloakApplication.sessionFactory.getProviderFactory(JtaTransactionManagerLookup.class);
                if (providerFactory != null && providerFactory.getTransactionManager() != null) {
                    try {
                        Transaction transaction = providerFactory.getTransactionManager().getTransaction();
                        KeycloakApplication.logger.debugv("bootstrap current transaction? {0}", Boolean.valueOf(transaction != null));
                        if (transaction != null) {
                            KeycloakApplication.logger.debugv("bootstrap current transaction status? {0}", Integer.valueOf(transaction.getStatus()));
                        }
                    } catch (SystemException e) {
                        throw new RuntimeException((Throwable) e);
                    }
                }
                keycloakSession.clientPolicy().setupClientPoliciesOnKeycloakApp("/keycloak-default-client-profiles.json", "/keycloak-default-client-policies.json");
                ApplianceBootstrap applianceBootstrap = new ApplianceBootstrap(keycloakSession);
                exportImportManagerArr[0] = new ExportImportManager(keycloakSession);
                boolean isNewInstall = applianceBootstrap.isNewInstall();
                if (exportImportManagerArr[0].isRunImport() && exportImportManagerArr[0].isImportMasterIncluded()) {
                    isNewInstall = false;
                }
                if (isNewInstall) {
                    applianceBootstrap.createMasterRealm();
                }
            }
        });
        if (exportImportManagerArr[0].isRunImport()) {
            exportImportManagerArr[0].runImport();
        } else {
            importRealms();
        }
        importAddUser();
        return exportImportManagerArr[0];
    }

    protected void loadConfig() {
        try {
            ConfigProviderFactory configProviderFactory = (ConfigProviderFactory) ServiceLoader.load(ConfigProviderFactory.class, KeycloakApplication.class.getClassLoader()).iterator().next();
            logger.debugv("ConfigProvider: {0}", configProviderFactory.getClass().getName());
            Config.init(configProviderFactory.create().orElseThrow(() -> {
                return new RuntimeException("Failed to load Keycloak configuration");
            }));
        } catch (NoSuchElementException e) {
            throw new RuntimeException("No valid ConfigProvider found");
        }
    }

    public static KeycloakSessionFactory createSessionFactory() {
        DefaultKeycloakSessionFactory defaultKeycloakSessionFactory = new DefaultKeycloakSessionFactory();
        defaultKeycloakSessionFactory.init();
        return defaultKeycloakSessionFactory;
    }

    public static void setupScheduledTasks(KeycloakSessionFactory keycloakSessionFactory) {
        long longValue = Config.scope(new String[]{"scheduled"}).getLong("interval", 900L).longValue() * 1000;
        KeycloakSession create = keycloakSessionFactory.create();
        try {
            TimerProvider provider = create.getProvider(TimerProvider.class);
            provider.schedule(new ClusterAwareScheduledTaskRunner(keycloakSessionFactory, new ClearExpiredEvents(), longValue), longValue, "ClearExpiredEvents");
            provider.schedule(new ClusterAwareScheduledTaskRunner(keycloakSessionFactory, new ClearExpiredClientInitialAccessTokens(), longValue), longValue, "ClearExpiredClientInitialAccessTokens");
            provider.schedule(new ScheduledTaskRunner(keycloakSessionFactory, new ClearExpiredUserSessions()), longValue, ClearExpiredUserSessions.TASK_NAME);
            new UserStorageSyncManager().bootstrapPeriodic(keycloakSessionFactory, provider);
            create.close();
        } catch (Throwable th) {
            create.close();
            throw th;
        }
    }

    public static KeycloakSessionFactory getSessionFactory() {
        return sessionFactory;
    }

    public Set<Class<?>> getClasses() {
        return this.classes;
    }

    public Set<Object> getSingletons() {
        return this.singletons;
    }

    public void importRealms() {
        String property = System.getProperty("keycloak.import");
        if (property != null) {
            StringTokenizer stringTokenizer = new StringTokenizer(property, ",");
            while (stringTokenizer.hasMoreTokens()) {
                String trim = stringTokenizer.nextToken().trim();
                try {
                    importRealm((RealmRepresentation) loadJson(new FileInputStream(trim), RealmRepresentation.class), "file " + trim);
                } catch (FileNotFoundException e) {
                    throw new RuntimeException(e);
                }
            }
        }
    }

    public void importRealm(RealmRepresentation realmRepresentation, String str) {
        KeycloakSession create = sessionFactory.create();
        boolean z = false;
        try {
            create.getTransactionManager().begin();
            try {
                RealmManager realmManager = new RealmManager(create);
                if (realmRepresentation.getId() != null && realmManager.getRealm(realmRepresentation.getId()) != null) {
                    ServicesLogger.LOGGER.realmExists(realmRepresentation.getRealm(), str);
                    z = true;
                }
                if (realmManager.getRealmByName(realmRepresentation.getRealm()) != null) {
                    ServicesLogger.LOGGER.realmExists(realmRepresentation.getRealm(), str);
                    z = true;
                }
                if (!z) {
                    ServicesLogger.LOGGER.importedRealm(realmManager.importRealm(realmRepresentation).getName(), str);
                }
                create.getTransactionManager().commit();
            } catch (Throwable th) {
                create.getTransactionManager().rollback();
                if (!z) {
                    ServicesLogger.LOGGER.unableToImportRealm(th, realmRepresentation.getRealm(), str);
                }
            }
        } finally {
            create.close();
        }
    }

    public void importAddUser() {
        String property = System.getProperty("jboss.server.config.dir");
        if (property != null) {
            File file = new File(property + File.separator + "keycloak-add-user.json");
            if (file.isFile()) {
                ServicesLogger.LOGGER.imprtingUsersFrom(file);
                try {
                    for (RealmRepresentation realmRepresentation : (List) JsonSerialization.readValue(new FileInputStream(file), new TypeReference<List<RealmRepresentation>>() { // from class: org.keycloak.services.resources.KeycloakApplication.3
                    })) {
                        for (UserRepresentation userRepresentation : realmRepresentation.getUsers()) {
                            KeycloakSession create = sessionFactory.create();
                            try {
                                try {
                                    create.getTransactionManager().begin();
                                    RealmModel realmByName = create.realms().getRealmByName(realmRepresentation.getRealm());
                                    if (realmByName == null) {
                                        ServicesLogger.LOGGER.addUserFailedRealmNotFound(userRepresentation.getUsername(), realmRepresentation.getRealm());
                                    }
                                    UserProvider users = create.users();
                                    if (users.getUserByUsername(realmByName, userRepresentation.getUsername()) != null) {
                                        ServicesLogger.LOGGER.notCreatingExistingUser(userRepresentation.getUsername());
                                    } else {
                                        UserModel addUser = users.addUser(realmByName, userRepresentation.getUsername());
                                        addUser.setEnabled(userRepresentation.isEnabled().booleanValue());
                                        RepresentationToModel.createCredentials(userRepresentation, create, realmByName, addUser, false);
                                        RepresentationToModel.createRoleMappings(userRepresentation, addUser, realmByName);
                                        ServicesLogger.LOGGER.addUserSuccess(userRepresentation.getUsername(), realmRepresentation.getRealm());
                                    }
                                    create.getTransactionManager().commit();
                                    create.close();
                                } catch (ModelDuplicateException e) {
                                    create.getTransactionManager().rollback();
                                    ServicesLogger.LOGGER.addUserFailedUserExists(userRepresentation.getUsername(), realmRepresentation.getRealm());
                                    create.close();
                                } catch (Throwable th) {
                                    create.getTransactionManager().rollback();
                                    ServicesLogger.LOGGER.addUserFailed(th, userRepresentation.getUsername(), realmRepresentation.getRealm());
                                    create.close();
                                }
                            } catch (Throwable th2) {
                                create.close();
                                throw th2;
                            }
                        }
                    }
                    if (file.delete()) {
                        return;
                    }
                    ServicesLogger.LOGGER.failedToDeleteFile(file.getAbsolutePath());
                } catch (IOException e2) {
                    ServicesLogger.LOGGER.failedToLoadUsers(e2);
                }
            }
        }
    }

    private static <T> T loadJson(InputStream inputStream, Class<T> cls) {
        try {
            return (T) JsonSerialization.readValue(inputStream, cls);
        } catch (IOException e) {
            throw new RuntimeException("Failed to parse json", e);
        }
    }
}
