package org.keycloak.adapters.installed;

import com.fasterxml.jackson.annotation.JsonProperty;
import com.fasterxml.jackson.core.util.MinimalPrettyPrinter;
import java.awt.Desktop;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.OutputStreamWriter;
import java.io.PrintStream;
import java.io.PrintWriter;
import java.io.Reader;
import java.net.ServerSocket;
import java.net.Socket;
import java.net.URI;
import java.net.URISyntaxException;
import java.util.Locale;
import java.util.UUID;
import java.util.concurrent.TimeUnit;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.ws.rs.client.Entity;
import javax.ws.rs.core.Form;
import javax.ws.rs.core.Response;
import org.jboss.resteasy.client.jaxrs.ResteasyClient;
import org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder;
import org.keycloak.OAuth2Constants;
import org.keycloak.OAuthErrorException;
import org.keycloak.adapters.KeycloakDeployment;
import org.keycloak.adapters.KeycloakDeploymentBuilder;
import org.keycloak.adapters.ServerRequest;
import org.keycloak.adapters.rotation.AdapterRSATokenVerifier;
import org.keycloak.common.VerificationException;
import org.keycloak.common.util.KeycloakUriBuilder;
import org.keycloak.jose.jws.JWSInput;
import org.keycloak.jose.jws.JWSInputException;
import org.keycloak.representations.AccessToken;
import org.keycloak.representations.AccessTokenResponse;
import org.keycloak.representations.IDToken;

/* loaded from: input_file:org/keycloak/adapters/installed/KeycloakInstalled.class */
public class KeycloakInstalled {
    private static final String KEYCLOAK_JSON = "META-INF/keycloak.json";
    private KeycloakDeployment deployment;
    private AccessTokenResponse tokenResponse;
    private String tokenString;
    private String idTokenString;
    private IDToken idToken;
    private AccessToken token;
    private String refreshToken;
    private Status status;
    private Locale locale;
    private HttpResponseWriter loginResponseWriter;
    private HttpResponseWriter logoutResponseWriter;
    Pattern callbackPattern;
    Pattern paramPattern;
    Pattern codePattern;
    private static HttpResponseWriter defaultLoginWriter = new HttpResponseWriter() { // from class: org.keycloak.adapters.installed.KeycloakInstalled.1
        @Override // org.keycloak.adapters.installed.KeycloakInstalled.HttpResponseWriter
        public void success(PrintWriter printWriter, KeycloakInstalled keycloakInstalled) {
            printWriter.println("HTTP/1.1 200 OK");
            printWriter.println("Content-Type: text/html");
            printWriter.println();
            printWriter.println("<html><h1>Login completed.</h1><div>");
            printWriter.println("This browser will remain logged in until you close it, logout, or the session expires.");
            printWriter.println("</div></html>");
            printWriter.flush();
        }

        @Override // org.keycloak.adapters.installed.KeycloakInstalled.HttpResponseWriter
        public void failure(PrintWriter printWriter, KeycloakInstalled keycloakInstalled) {
            printWriter.println("HTTP/1.1 200 OK");
            printWriter.println("Content-Type: text/html");
            printWriter.println();
            printWriter.println("<html><h1>Login attempt failed.</h1><div>");
            printWriter.println("</div></html>");
            printWriter.flush();
        }
    };
    private static HttpResponseWriter defaultLogoutWriter = new HttpResponseWriter() { // from class: org.keycloak.adapters.installed.KeycloakInstalled.2
        @Override // org.keycloak.adapters.installed.KeycloakInstalled.HttpResponseWriter
        public void success(PrintWriter printWriter, KeycloakInstalled keycloakInstalled) {
            printWriter.println("HTTP/1.1 200 OK");
            printWriter.println("Content-Type: text/html");
            printWriter.println();
            printWriter.println("<html><h1>Logout completed.</h1><div>");
            printWriter.println("You may close this browser tab.");
            printWriter.println("</div></html>");
            printWriter.flush();
        }

        @Override // org.keycloak.adapters.installed.KeycloakInstalled.HttpResponseWriter
        public void failure(PrintWriter printWriter, KeycloakInstalled keycloakInstalled) {
            printWriter.println("HTTP/1.1 200 OK");
            printWriter.println("Content-Type: text/html");
            printWriter.println();
            printWriter.println("<html><h1>Logout failed.</h1><div>");
            printWriter.println("You may close this browser tab.");
            printWriter.println("</div></html>");
            printWriter.flush();
        }
    };

    /* loaded from: input_file:org/keycloak/adapters/installed/KeycloakInstalled$CallbackListener.class */
    public class CallbackListener extends Thread {
        private ServerSocket server = new ServerSocket(0);
        private String code;
        private String error;
        private String errorDescription;
        private IOException errorException;
        private String state;
        private Socket socket;
        private HttpResponseWriter writer;

        public CallbackListener(HttpResponseWriter httpResponseWriter) throws IOException {
            this.writer = httpResponseWriter;
        }

        @Override // java.lang.Thread, java.lang.Runnable
        public void run() {
            try {
                this.socket = this.server.accept();
                String str = new BufferedReader(new InputStreamReader(this.socket.getInputStream())).readLine().split(MinimalPrettyPrinter.DEFAULT_ROOT_VALUE_SEPARATOR)[1];
                if (str.indexOf(63) >= 0) {
                    for (String str2 : str.split("\\?")[1].split("&")) {
                        String[] split = str2.split("=");
                        if (split[0].equals(OAuth2Constants.CODE)) {
                            this.code = split[1];
                        } else if (split[0].equals(OAuth2Constants.ERROR)) {
                            this.error = split[1];
                        } else if (split[0].equals("error-description")) {
                            this.errorDescription = split[1];
                        } else if (split[0].equals(OAuth2Constants.STATE)) {
                            this.state = split[1];
                        }
                    }
                }
                PrintWriter printWriter = new PrintWriter(new OutputStreamWriter(this.socket.getOutputStream()));
                if (this.error == null) {
                    this.writer.success(printWriter, KeycloakInstalled.this);
                } else {
                    this.writer.failure(printWriter, KeycloakInstalled.this);
                }
                printWriter.flush();
                this.socket.close();
            } catch (IOException e) {
                this.errorException = e;
            }
            try {
                this.server.close();
            } catch (IOException e2) {
            }
        }
    }

    /* loaded from: input_file:org/keycloak/adapters/installed/KeycloakInstalled$HttpResponseWriter.class */
    public interface HttpResponseWriter {
        void success(PrintWriter printWriter, KeycloakInstalled keycloakInstalled);

        void failure(PrintWriter printWriter, KeycloakInstalled keycloakInstalled);
    }

    /* loaded from: input_file:org/keycloak/adapters/installed/KeycloakInstalled$MaskingThread.class */
    public static class MaskingThread extends Thread {
        private volatile boolean stop;
        private char echochar = '*';

        @Override // java.lang.Thread, java.lang.Runnable
        public void run() {
            int priority = Thread.currentThread().getPriority();
            Thread.currentThread().setPriority(10);
            try {
                this.stop = true;
                while (this.stop) {
                    System.out.print("\b" + this.echochar);
                    try {
                        Thread.currentThread();
                        Thread.sleep(1L);
                    } catch (InterruptedException e) {
                        Thread.currentThread().interrupt();
                        Thread.currentThread().setPriority(priority);
                        return;
                    }
                }
            } finally {
                Thread.currentThread().setPriority(priority);
            }
        }

        public void stopMasking() {
            this.stop = false;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/keycloak/adapters/installed/KeycloakInstalled$Status.class */
    public enum Status {
        LOGGED_MANUAL,
        LOGGED_DESKTOP
    }

    public KeycloakInstalled() {
        this.callbackPattern = Pattern.compile("callback\\s*=\\s*\"([^\"]+)\"");
        this.paramPattern = Pattern.compile("param=\"([^\"]+)\"\\s+label=\"([^\"]+)\"\\s+mask=(\\S+)");
        this.codePattern = Pattern.compile("code=([^&]+)");
        this.deployment = KeycloakDeploymentBuilder.build(Thread.currentThread().getContextClassLoader().getResourceAsStream(KEYCLOAK_JSON));
    }

    public KeycloakInstalled(InputStream inputStream) {
        this.callbackPattern = Pattern.compile("callback\\s*=\\s*\"([^\"]+)\"");
        this.paramPattern = Pattern.compile("param=\"([^\"]+)\"\\s+label=\"([^\"]+)\"\\s+mask=(\\S+)");
        this.codePattern = Pattern.compile("code=([^&]+)");
        this.deployment = KeycloakDeploymentBuilder.build(inputStream);
    }

    public KeycloakInstalled(KeycloakDeployment keycloakDeployment) {
        this.callbackPattern = Pattern.compile("callback\\s*=\\s*\"([^\"]+)\"");
        this.paramPattern = Pattern.compile("param=\"([^\"]+)\"\\s+label=\"([^\"]+)\"\\s+mask=(\\S+)");
        this.codePattern = Pattern.compile("code=([^&]+)");
        this.deployment = keycloakDeployment;
    }

    public HttpResponseWriter getLoginResponseWriter() {
        return this.loginResponseWriter == null ? defaultLoginWriter : this.loginResponseWriter;
    }

    public HttpResponseWriter getLogoutResponseWriter() {
        return this.logoutResponseWriter == null ? defaultLogoutWriter : this.logoutResponseWriter;
    }

    public void setLoginResponseWriter(HttpResponseWriter httpResponseWriter) {
        this.loginResponseWriter = httpResponseWriter;
    }

    public void setLogoutResponseWriter(HttpResponseWriter httpResponseWriter) {
        this.logoutResponseWriter = httpResponseWriter;
    }

    public Locale getLocale() {
        return this.locale;
    }

    public void setLocale(Locale locale) {
        this.locale = locale;
    }

    public void login() throws IOException, ServerRequest.HttpFailure, VerificationException, InterruptedException, OAuthErrorException, URISyntaxException {
        if (isDesktopSupported()) {
            loginDesktop();
        } else {
            loginManual();
        }
    }

    public void login(PrintStream printStream, Reader reader) throws IOException, ServerRequest.HttpFailure, VerificationException, InterruptedException, OAuthErrorException, URISyntaxException {
        if (isDesktopSupported()) {
            loginDesktop();
        } else {
            loginManual(printStream, reader);
        }
    }

    public void logout() throws IOException, InterruptedException, URISyntaxException {
        if (this.status == Status.LOGGED_DESKTOP) {
            logoutDesktop();
        }
        this.tokenString = null;
        this.token = null;
        this.idTokenString = null;
        this.idToken = null;
        this.refreshToken = null;
        this.status = null;
    }

    public void loginDesktop() throws IOException, VerificationException, OAuthErrorException, URISyntaxException, ServerRequest.HttpFailure, InterruptedException {
        CallbackListener callbackListener = new CallbackListener(getLoginResponseWriter());
        callbackListener.start();
        String str = "http://localhost:" + callbackListener.server.getLocalPort();
        String uuid = UUID.randomUUID().toString();
        KeycloakUriBuilder queryParam = this.deployment.getAuthUrl().m983clone().queryParam(OAuth2Constants.RESPONSE_TYPE, OAuth2Constants.CODE).queryParam(OAuth2Constants.CLIENT_ID, this.deployment.getResourceName()).queryParam(OAuth2Constants.REDIRECT_URI, str).queryParam(OAuth2Constants.STATE, uuid).queryParam(OAuth2Constants.SCOPE, OAuth2Constants.SCOPE_OPENID);
        if (this.locale != null) {
            queryParam.queryParam(OAuth2Constants.UI_LOCALES_PARAM, this.locale.getLanguage());
        }
        Desktop.getDesktop().browse(new URI(queryParam.build(new Object[0]).toString()));
        callbackListener.join();
        if (!uuid.equals(callbackListener.state)) {
            throw new VerificationException("Invalid state");
        }
        if (callbackListener.error != null) {
            throw new OAuthErrorException(callbackListener.error, callbackListener.errorDescription);
        }
        if (callbackListener.errorException != null) {
            throw callbackListener.errorException;
        }
        processCode(callbackListener.code, str);
        this.status = Status.LOGGED_DESKTOP;
    }

    private void logoutDesktop() throws IOException, URISyntaxException, InterruptedException {
        CallbackListener callbackListener = new CallbackListener(getLogoutResponseWriter());
        callbackListener.start();
        Desktop.getDesktop().browse(new URI(this.deployment.getLogoutUrl().queryParam(OAuth2Constants.REDIRECT_URI, "http://localhost:" + callbackListener.server.getLocalPort()).build(new Object[0]).toString()));
        callbackListener.join();
        if (callbackListener.errorException != null) {
            throw callbackListener.errorException;
        }
    }

    public void loginManual() throws IOException, ServerRequest.HttpFailure, VerificationException {
        loginManual(System.out, new InputStreamReader(System.in));
    }

    public void loginManual(PrintStream printStream, Reader reader) throws IOException, ServerRequest.HttpFailure, VerificationException {
        String uri = this.deployment.getAuthUrl().m983clone().queryParam(OAuth2Constants.RESPONSE_TYPE, OAuth2Constants.CODE).queryParam(OAuth2Constants.CLIENT_ID, this.deployment.getResourceName()).queryParam(OAuth2Constants.REDIRECT_URI, "urn:ietf:wg:oauth:2.0:oob").queryParam(OAuth2Constants.SCOPE, OAuth2Constants.SCOPE_OPENID).build(new Object[0]).toString();
        printStream.println("Open the following URL in a browser. After login copy/paste the code back and press <enter>");
        printStream.println(uri);
        printStream.println();
        printStream.print("Code: ");
        processCode(readCode(reader), "urn:ietf:wg:oauth:2.0:oob");
        this.status = Status.LOGGED_MANUAL;
    }

    public boolean loginCommandLine() throws IOException, ServerRequest.HttpFailure, VerificationException {
        return loginCommandLine("urn:ietf:wg:oauth:2.0:oob");
    }

    public boolean loginCommandLine(String str) throws IOException, ServerRequest.HttpFailure, VerificationException {
        String uri = this.deployment.getAuthUrl().m983clone().queryParam(OAuth2Constants.RESPONSE_TYPE, OAuth2Constants.CODE).queryParam(OAuth2Constants.CLIENT_ID, this.deployment.getResourceName()).queryParam(OAuth2Constants.REDIRECT_URI, str).queryParam(OAuth2Constants.SCOPE, OAuth2Constants.SCOPE_OPENID).build(new Object[0]).toString();
        ResteasyClient build = new ResteasyClientBuilder().disableTrustManager().build();
        try {
            Response response = build.target(uri).request().get();
            if (response.getStatus() != 401) {
                return false;
            }
            do {
                String headerString = response.getHeaderString("WWW-Authenticate");
                if (headerString == null) {
                    build.close();
                    return false;
                }
                if (!headerString.contains("X-Text-Form-Challenge")) {
                    build.close();
                    return false;
                }
                if (response.getMediaType() != null) {
                    System.console().writer().println((String) response.readEntity(String.class));
                }
                Matcher matcher = this.callbackPattern.matcher(headerString);
                if (!matcher.find()) {
                    build.close();
                    return false;
                }
                String group = matcher.group(1);
                Matcher matcher2 = this.paramPattern.matcher(headerString);
                Form form = new Form();
                while (matcher2.find()) {
                    String group2 = matcher2.group(1);
                    String group3 = matcher2.group(2);
                    form.param(group2, matcher2.group(3).trim().equals("true") ? new String(System.console().readPassword(group3, new Object[0])) : System.console().readLine(group3, new Object[0]));
                }
                response = build.target(group).request().post(Entity.form(form));
            } while (response.getStatus() == 401);
            if (response.getStatus() != 302) {
                build.close();
                return false;
            }
            Matcher matcher3 = this.codePattern.matcher(response.getLocation().toString());
            if (!matcher3.find()) {
                build.close();
                return false;
            }
            processCode(matcher3.group(1), str);
            build.close();
            return true;
        } finally {
            build.close();
        }
    }

    public String getTokenString() throws VerificationException, IOException, ServerRequest.HttpFailure {
        return this.tokenString;
    }

    public String getTokenString(long j, TimeUnit timeUnit) throws VerificationException, IOException, ServerRequest.HttpFailure {
        if ((this.token.getExpiration() * 1000) - timeUnit.toMillis(j) < System.currentTimeMillis()) {
            refreshToken();
        }
        return this.tokenString;
    }

    public void refreshToken() throws IOException, ServerRequest.HttpFailure, VerificationException {
        parseAccessToken(ServerRequest.invokeRefresh(this.deployment, this.refreshToken));
    }

    public void refreshToken(String str) throws IOException, ServerRequest.HttpFailure, VerificationException {
        parseAccessToken(ServerRequest.invokeRefresh(this.deployment, str));
    }

    private void parseAccessToken(AccessTokenResponse accessTokenResponse) throws VerificationException {
        this.tokenResponse = accessTokenResponse;
        this.tokenString = accessTokenResponse.getToken();
        this.refreshToken = accessTokenResponse.getRefreshToken();
        this.idTokenString = accessTokenResponse.getIdToken();
        this.token = AdapterRSATokenVerifier.verifyToken(this.tokenString, this.deployment);
        if (this.idTokenString != null) {
            try {
                this.idToken = (IDToken) new JWSInput(this.idTokenString).readJsonContent(IDToken.class);
            } catch (JWSInputException e) {
                throw new VerificationException();
            }
        }
    }

    public AccessToken getToken() {
        return this.token;
    }

    public IDToken getIdToken() {
        return this.idToken;
    }

    public String getIdTokenString() {
        return this.idTokenString;
    }

    public String getRefreshToken() {
        return this.refreshToken;
    }

    public AccessTokenResponse getTokenResponse() {
        return this.tokenResponse;
    }

    public boolean isDesktopSupported() {
        return Desktop.isDesktopSupported();
    }

    public KeycloakDeployment getDeployment() {
        return this.deployment;
    }

    private void processCode(String str, String str2) throws IOException, ServerRequest.HttpFailure, VerificationException {
        parseAccessToken(ServerRequest.invokeAccessCodeToToken(this.deployment, str, str2, null));
    }

    private String readCode(Reader reader) throws IOException {
        char c;
        StringBuilder sb = new StringBuilder();
        char[] cArr = new char[1];
        while (reader.read(cArr) != -1 && (c = cArr[0]) != ' ' && c != '\n' && c != '\r') {
            sb.append(c);
        }
        return sb.toString();
    }

    public static String readMasked(Reader reader) {
        MaskingThread maskingThread = new MaskingThread();
        new Thread(maskingThread).start();
        BufferedReader bufferedReader = new BufferedReader(reader);
        String str = JsonProperty.USE_DEFAULT_NAME;
        try {
            str = bufferedReader.readLine();
        } catch (IOException e) {
            e.printStackTrace();
        }
        maskingThread.stopMasking();
        return str;
    }

    private String readLine(Reader reader, boolean z) throws IOException {
        char c;
        if (z) {
            System.out.print(MinimalPrettyPrinter.DEFAULT_ROOT_VALUE_SEPARATOR);
            return readMasked(reader);
        }
        StringBuilder sb = new StringBuilder();
        char[] cArr = new char[1];
        while (reader.read(cArr) != -1 && (c = cArr[0]) != '\n' && c != '\r') {
            sb.append(c);
        }
        return sb.toString();
    }
}
