package org.gcube.service.idm.rest;

import com.fasterxml.jackson.core.JsonProcessingException;
import com.liferay.portal.util.PortletCategoryKeys;
import com.webcohesion.enunciate.metadata.rs.RequestHeader;
import com.webcohesion.enunciate.metadata.rs.RequestHeaders;
import jakarta.ws.rs.DefaultValue;
import jakarta.ws.rs.GET;
import jakarta.ws.rs.InternalServerErrorException;
import jakarta.ws.rs.NotFoundException;
import jakarta.ws.rs.POST;
import jakarta.ws.rs.Path;
import jakarta.ws.rs.PathParam;
import jakarta.ws.rs.Produces;
import jakarta.ws.rs.QueryParam;
import jakarta.ws.rs.core.Response;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import org.gcube.service.idm.IdMManager;
import org.gcube.service.idm.controller.AdminKeycloakController;
import org.gcube.service.idm.controller.AuthController;
import org.gcube.service.idm.controller.KCClientsController;
import org.gcube.service.idm.controller.KCGroupsController;
import org.gcube.service.idm.controller.KCRolesController;
import org.gcube.service.idm.controller.KCUserController;
import org.gcube.service.idm.keycloack.KkClientFactory;
import org.gcube.service.idm.serializers.IdmObjectSerializator;
import org.gcube.service.utils.beans.ResponseBean;
import org.gcube.service.utils.beans.ResponseBeanMap;
import org.gcube.smartgears.annotations.ManagedBy;
import org.keycloak.admin.client.resource.ClientResource;
import org.keycloak.admin.client.resource.RealmResource;
import org.keycloak.admin.client.resource.RoleResource;
import org.keycloak.admin.client.resource.RolesResource;
import org.keycloak.representations.idm.ClientRepresentation;
import org.keycloak.representations.idm.GroupRepresentation;
import org.keycloak.representations.idm.RoleRepresentation;
import org.keycloak.representations.idm.UserRepresentation;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@RequestHeaders({@RequestHeader(name = "Authorization", description = "Bearer token, see https://dev.d4science.org/how-to-access-resources"), @RequestHeader(name = "Content-Type", description = "application/json")})
@Path("clients")
@ManagedBy(IdMManager.class)
/* loaded from: input_file:WEB-INF/classes/org/gcube/service/idm/rest/ClientsAPI.class */
public class ClientsAPI {
    private static final Logger logger = LoggerFactory.getLogger(ClientsAPI.class);

    /* loaded from: input_file:WEB-INF/classes/org/gcube/service/idm/rest/ClientsAPI$ClientFromTemplateParams.class */
    public class ClientFromTemplateParams {
        String client_name;
        String client_id;
        String context;

        public ClientFromTemplateParams() {
        }
    }

    @Produces({"application/json;charset=UTF-8", "application/vnd.api+json"})
    @GET
    @Path("members")
    public Response clientMembers(@QueryParam("first") @DefaultValue("0") int i, @QueryParam("max") @DefaultValue("100") int i2, @QueryParam("format_users") @DefaultValue("username") KCUserController.REPR repr, @QueryParam("role") @DefaultValue("Member") String str, @QueryParam("client_id") String str2) {
        ResponseBean responseBean = new ResponseBean();
        if (str2 != null) {
            AuthController.checkIsRealmAdmin("The parameter can be used only by realm administrators: client_id");
        }
        responseBean.setResult(KCUserController.formatList(KCClientsController.getContextUsersByRole(str2, str, Integer.valueOf(i), Integer.valueOf(i2)), repr));
        try {
            responseBean.setSuccess(true);
            return Response.ok(IdmObjectSerializator.getSerializer().writeValueAsString(responseBean)).build();
        } catch (JsonProcessingException e) {
            e.printStackTrace();
            throw new InternalServerErrorException(e);
        }
    }

    @Produces({"application/json;charset=UTF-8", "application/vnd.api+json"})
    @GET
    @Path(PortletCategoryKeys.USERS)
    public Response clientUsers(@QueryParam("first") @DefaultValue("0") int i, @QueryParam("max") @DefaultValue("100") int i2, @QueryParam("format_users") @DefaultValue("username") KCUserController.REPR repr, @QueryParam("client_id") String str) {
        ResponseBean responseBean = new ResponseBean();
        if (str != null) {
            AuthController.checkIsRealmAdmin("The parameter can be used only by realm administrators: client_id");
        }
        responseBean.setResult(KCUserController.formatList(KCClientsController.getMemberGroupUsers(str, Integer.valueOf(i), Integer.valueOf(i2)), repr));
        try {
            responseBean.setSuccess(true);
            return Response.ok(IdmObjectSerializator.getSerializer().writeValueAsString(responseBean)).build();
        } catch (JsonProcessingException e) {
            e.printStackTrace();
            throw new InternalServerErrorException(e);
        }
    }

    @Produces({"application/json;charset=UTF-8", "application/vnd.api+json"})
    @GET
    @Path("info")
    public Response client(@QueryParam("format_client") @DefaultValue("compact") KCClientsController.REPR repr, @QueryParam("format_users") @DefaultValue("username") KCUserController.REPR repr2, @QueryParam("format_roles") @DefaultValue("compact") KCRolesController.REPR repr3, @QueryParam("format_groups") @DefaultValue("name") KCGroupsController.REPR repr4, @QueryParam("role") @DefaultValue("Member") List<String> list, @QueryParam("client_id") String str) {
        ClientResource clientResource;
        ClientRepresentation representation;
        List<RoleRepresentation> list2;
        ResponseBeanMap responseBeanMap = new ResponseBeanMap();
        if (str != null) {
            AuthController.checkIsRealmAdmin("The parameter can be used only by realm administrators: client_id");
        }
        boolean z = !repr4.equals(KCGroupsController.REPR.none);
        boolean z2 = !repr.equals(KCClientsController.REPR.none);
        boolean z3 = !repr2.equals(KCUserController.REPR.none);
        boolean z4 = !repr3.equals(KCRolesController.REPR.none);
        RealmResource kKRealm = KkClientFactory.getSingleton().getKKRealm();
        if (str == null) {
            clientResource = KkClientFactory.getSingleton().getKKClient();
            representation = clientResource.toRepresentation();
        } else {
            List<ClientRepresentation> findByClientId = kKRealm.clients().findByClientId(str);
            if (findByClientId.size() == 0) {
                throw new NotFoundException();
            }
            clientResource = kKRealm.clients().get(findByClientId.get(0).getId());
            representation = clientResource.toRepresentation();
        }
        if (z2) {
            responseBeanMap.putResult("client", KCClientsController.formatRepr(representation, repr));
        }
        if (repr.equals(KCClientsController.REPR.full)) {
            responseBeanMap.putResult("service_account_user", KCUserController.formatRepr(clientResource.getServiceAccountUser(), repr2));
        }
        HashMap hashMap = new HashMap();
        responseBeanMap.putResult("roles", hashMap);
        RolesResource roles = clientResource.roles();
        if (list == null || list.isEmpty() || list.contains("__all__")) {
            list2 = roles.list();
        } else {
            list2 = new ArrayList();
            for (String str2 : list) {
                try {
                    list2.add(roles.get(str2).toRepresentation());
                } catch (Exception unused) {
                    hashMap.put(str2, null);
                }
            }
        }
        for (RoleRepresentation roleRepresentation : list2) {
            String name = roleRepresentation.getName();
            RoleResource roleResource = roles.get(name);
            HashMap hashMap2 = new HashMap();
            hashMap.put(name, hashMap2);
            if (z4) {
                hashMap2.put("role", KCRolesController.formatRepr(roleRepresentation, repr3));
            }
            if (z3) {
                hashMap2.put("members", KCUserController.formatList(roleResource.getUserMembers(), repr2));
            }
            if (z) {
                HashMap hashMap3 = new HashMap();
                hashMap2.put("groups", hashMap3);
                for (GroupRepresentation groupRepresentation : clientResource.roles().get(name).getRoleGroupMembers()) {
                    HashMap hashMap4 = new HashMap();
                    hashMap3.put(groupRepresentation.getPath(), hashMap4);
                    hashMap4.put("group", KCGroupsController.formatRepr(groupRepresentation, repr4));
                    if (z3) {
                        hashMap4.put("members", KCUserController.formatList(kKRealm.groups().group(groupRepresentation.getId()).members(), repr2));
                    }
                }
            }
        }
        try {
            responseBeanMap.setSuccess(true);
            return Response.ok(IdmObjectSerializator.getSerializer().writeValueAsString(responseBeanMap)).build();
        } catch (JsonProcessingException e) {
            e.printStackTrace();
            throw new InternalServerErrorException(e);
        }
    }

    @POST
    @Produces({"application/json;charset=UTF-8", "application/vnd.api+json"})
    @Path("fromTemplate/{name}")
    public Response createClientFromTemplate(@PathParam("name") String str, ClientFromTemplateParams clientFromTemplateParams) {
        ResponseBeanMap responseBeanMap = new ResponseBeanMap();
        try {
            RealmResource kKRealm = KkClientFactory.getSingleton().getKKRealm();
            List<ClientRepresentation> findByClientId = kKRealm.clients().findByClientId(str);
            if (findByClientId.size() == 0) {
                throw new NotFoundException();
            }
            ClientResource clientResource = kKRealm.clients().get(findByClientId.get(0).getId());
            ClientRepresentation representation = clientResource.toRepresentation();
            UserRepresentation serviceAccountUser = clientResource.getServiceAccountUser();
            representation.setId(clientFromTemplateParams.client_id);
            representation.setName(clientFromTemplateParams.client_name);
            responseBeanMap.putResult("client", representation);
            responseBeanMap.putResult("service_account_user", serviceAccountUser);
            responseBeanMap.setSuccess(true);
            return Response.ok(IdmObjectSerializator.getSerializer().writeValueAsString(responseBeanMap)).build();
        } catch (JsonProcessingException e) {
            e.printStackTrace();
            throw new InternalServerErrorException(e);
        }
    }

    @POST
    @Produces({"application/json;charset=UTF-8", "application/vnd.api+json"})
    public Response createClientFromTemplate(ClientRepresentation clientRepresentation) {
        logger.info("received client {}", clientRepresentation);
        ResponseBeanMap responseBeanMap = new ResponseBeanMap();
        try {
            logger.info("received client {}", clientRepresentation);
            ClientRepresentation createClient = AdminKeycloakController.createClient(clientRepresentation);
            responseBeanMap.putResult("input", clientRepresentation);
            responseBeanMap.putResult("created", createClient);
            responseBeanMap.setSuccess(true);
            return Response.ok(IdmObjectSerializator.getSerializer().writeValueAsString(responseBeanMap)).build();
        } catch (JsonProcessingException e) {
            e.printStackTrace();
            throw new InternalServerErrorException(e);
        }
    }

    @POST
    @Produces({"application/json;charset=UTF-8", "application/vnd.api+json"})
    @Path("/")
    public Response createClient(ClientRepresentation clientRepresentation) {
        ResponseBeanMap responseBeanMap = new ResponseBeanMap();
        try {
            logger.info("received client {}", clientRepresentation);
            ClientRepresentation createClient = AdminKeycloakController.createClient(clientRepresentation);
            responseBeanMap.putResult("input", clientRepresentation);
            responseBeanMap.putResult("created", createClient);
            responseBeanMap.setSuccess(true);
            return Response.ok(IdmObjectSerializator.getSerializer().writeValueAsString(responseBeanMap)).build();
        } catch (JsonProcessingException e) {
            e.printStackTrace();
            throw new InternalServerErrorException(e);
        }
    }
}
