package org.keycloak.authorization.client;

import java.io.IOException;
import java.io.InputStream;
import java.util.Objects;
import org.keycloak.authorization.client.representation.ServerConfiguration;
import org.keycloak.authorization.client.resource.AuthorizationResource;
import org.keycloak.authorization.client.resource.ProtectionResource;
import org.keycloak.authorization.client.util.Http;
import org.keycloak.authorization.client.util.TokenCallable;
import org.keycloak.common.util.KeycloakUriBuilder;
import org.keycloak.constants.ServiceUrlConstants;
import org.keycloak.representations.AccessTokenResponse;
import org.keycloak.util.JsonSerialization;

/* loaded from: input_file:BOOT-INF/lib/keycloak-authz-client-9.0.3.jar:org/keycloak/authorization/client/AuthzClient.class */
public class AuthzClient {
    private final Http http;
    private TokenCallable patSupplier;
    private final ServerConfiguration serverConfiguration;
    private final Configuration configuration;

    public static AuthzClient create() throws RuntimeException {
        return create(Thread.currentThread().getContextClassLoader().getResourceAsStream("keycloak.json"));
    }

    public static AuthzClient create(InputStream inputStream) throws RuntimeException {
        if (Objects.isNull(inputStream)) {
            throw new IllegalArgumentException("Config input stream can not be null");
        }
        try {
            return create((Configuration) JsonSerialization.readValue(inputStream, Configuration.class));
        } catch (IOException e) {
            throw new RuntimeException("Could not parse configuration.", e);
        }
    }

    public static AuthzClient create(Configuration configuration) {
        return new AuthzClient(configuration, configuration.getClientAuthenticator());
    }

    public static AuthzClient create(Configuration configuration, ClientAuthenticator clientAuthenticator) {
        return new AuthzClient(configuration, clientAuthenticator);
    }

    public ProtectionResource protection() {
        return new ProtectionResource(this.http, this.serverConfiguration, this.configuration, createPatSupplier());
    }

    public ProtectionResource protection(final String str) {
        return new ProtectionResource(this.http, this.serverConfiguration, this.configuration, new TokenCallable(this.http, this.configuration, this.serverConfiguration) { // from class: org.keycloak.authorization.client.AuthzClient.1
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // org.keycloak.authorization.client.util.TokenCallable, java.util.concurrent.Callable
            public String call() {
                return str;
            }

            @Override // org.keycloak.authorization.client.util.TokenCallable
            protected boolean isRetry() {
                return false;
            }
        });
    }

    public ProtectionResource protection(String str, String str2) {
        return new ProtectionResource(this.http, this.serverConfiguration, this.configuration, createPatSupplier(str, str2));
    }

    public AuthorizationResource authorization() {
        return new AuthorizationResource(this.configuration, this.serverConfiguration, this.http, null);
    }

    public AuthorizationResource authorization(final String str) {
        return new AuthorizationResource(this.configuration, this.serverConfiguration, this.http, new TokenCallable(this.http, this.configuration, this.serverConfiguration) { // from class: org.keycloak.authorization.client.AuthzClient.2
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // org.keycloak.authorization.client.util.TokenCallable, java.util.concurrent.Callable
            public String call() {
                return str;
            }

            @Override // org.keycloak.authorization.client.util.TokenCallable
            protected boolean isRetry() {
                return false;
            }
        });
    }

    public AuthorizationResource authorization(String str, String str2) {
        return new AuthorizationResource(this.configuration, this.serverConfiguration, this.http, createRefreshableAccessTokenSupplier(str, str2));
    }

    public AccessTokenResponse obtainAccessToken() {
        return (AccessTokenResponse) this.http.post(this.serverConfiguration.getTokenEndpoint()).authentication().client().response().json(AccessTokenResponse.class).execute();
    }

    public AccessTokenResponse obtainAccessToken(String str, String str2) {
        return (AccessTokenResponse) this.http.post(this.serverConfiguration.getTokenEndpoint()).authentication().oauth2ResourceOwnerPassword(str, str2).response().json(AccessTokenResponse.class).execute();
    }

    public ServerConfiguration getServerConfiguration() {
        return this.serverConfiguration;
    }

    public Configuration getConfiguration() {
        return this.configuration;
    }

    private AuthzClient(Configuration configuration, ClientAuthenticator clientAuthenticator) {
        if (configuration == null) {
            throw new IllegalArgumentException("Client configuration can not be null.");
        }
        String authServerUrl = configuration.getAuthServerUrl();
        if (authServerUrl == null) {
            throw new IllegalArgumentException("Configuration URL can not be null.");
        }
        String uri = KeycloakUriBuilder.fromUri(authServerUrl).m10521clone().path(ServiceUrlConstants.AUTHZ_DISCOVERY_URL).build(configuration.getRealm()).toString();
        this.configuration = configuration;
        this.http = new Http(configuration, clientAuthenticator != null ? clientAuthenticator : configuration.getClientAuthenticator());
        try {
            this.serverConfiguration = (ServerConfiguration) this.http.get(uri).response().json(ServerConfiguration.class).execute();
            this.http.setServerConfiguration(this.serverConfiguration);
        } catch (Exception e) {
            throw new RuntimeException("Could not obtain configuration from server [" + uri + "].", e);
        }
    }

    private TokenCallable createPatSupplier(String str, String str2) {
        if (this.patSupplier == null) {
            this.patSupplier = createRefreshableAccessTokenSupplier(str, str2);
        }
        return this.patSupplier;
    }

    private TokenCallable createPatSupplier() {
        return createPatSupplier(null, null);
    }

    private TokenCallable createRefreshableAccessTokenSupplier(String str, String str2) {
        return new TokenCallable(str, str2, this.http, this.configuration, this.serverConfiguration);
    }
}
