package org.jboss.aerogear.unifiedpush.rest.security;

import java.util.Calendar;
import java.util.Date;
import javax.ejb.Stateless;
import javax.inject.Inject;
import javax.ws.rs.Consumes;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.core.Response;
import org.jboss.aerogear.security.authz.Secure;
import org.jboss.aerogear.unifiedpush.users.Developer;
import org.jboss.aerogear.unifiedpush.users.UserRoles;
import org.picketlink.idm.IdentityManagementException;
import org.picketlink.idm.IdentityManager;
import org.picketlink.idm.PartitionManager;
import org.picketlink.idm.RelationshipManager;
import org.picketlink.idm.credential.Password;
import org.picketlink.idm.model.basic.BasicModel;
import org.picketlink.idm.model.basic.Role;
import org.picketlink.idm.model.basic.User;

@Path("/auth")
@Stateless
/* loaded from: input_file:WEB-INF/classes/org/jboss/aerogear/unifiedpush/rest/security/AdminEndpoint.class */
public class AdminEndpoint {

    @Inject
    private PartitionManager partitionManager;
    private IdentityManager identityManager;
    private RelationshipManager relationshipManager;

    @Path("/enroll")
    @Consumes({"application/json"})
    @Secure({UserRoles.ADMIN})
    @POST
    @Produces({"application/json"})
    public Response enroll(Developer developer) {
        try {
            this.identityManager = this.partitionManager.createIdentityManager();
            this.relationshipManager = this.partitionManager.createRelationshipManager();
            User user = new User(developer.getLoginName());
            this.identityManager.add(user);
            this.identityManager.updateCredential(user, new Password(developer.getPassword().toCharArray()), new Date(), expirationDate().getTime());
            grantRoles(user, BasicModel.getRole(this.identityManager, UserRoles.DEVELOPER));
            developer.setId(((User) this.identityManager.createIdentityQuery(User.class).setParameter(User.LOGIN_NAME, user.getLoginName()).getResultList().get(0)).getId());
            return Response.ok(developer).build();
        } catch (IdentityManagementException e) {
            return Response.status(Response.Status.BAD_REQUEST).entity("Credential not available").build();
        }
    }

    private void grantRoles(User user, Role role) {
        BasicModel.grantRole(this.relationshipManager, user, role);
    }

    private Calendar expirationDate() {
        Calendar calendar = Calendar.getInstance();
        calendar.add(12, -5);
        return calendar;
    }
}
