package io.quarkus.oidc.deployment.devservices;

import io.quarkus.deployment.Capabilities;
import io.quarkus.deployment.IsDevelopment;
import io.quarkus.deployment.annotations.BuildProducer;
import io.quarkus.deployment.annotations.BuildStep;
import io.quarkus.deployment.annotations.Consume;
import io.quarkus.deployment.builditem.CuratedApplicationShutdownBuildItem;
import io.quarkus.deployment.builditem.RuntimeConfigSetupCompleteBuildItem;
import io.quarkus.deployment.pkg.builditem.CurateOutcomeBuildItem;
import io.quarkus.devconsole.spi.DevConsoleRouteBuildItem;
import io.quarkus.devconsole.spi.DevConsoleRuntimeTemplateInfoBuildItem;
import io.quarkus.devconsole.spi.DevConsoleTemplateInfoBuildItem;
import io.quarkus.oidc.deployment.OidcBuildTimeConfig;
import io.quarkus.runtime.configuration.ConfigUtils;
import io.vertx.core.Vertx;
import io.vertx.core.http.HttpHeaders;
import io.vertx.core.json.JsonObject;
import io.vertx.mutiny.ext.web.client.HttpResponse;
import io.vertx.mutiny.ext.web.client.WebClient;
import java.util.Set;
import org.eclipse.microprofile.config.ConfigProvider;
import org.jboss.logging.Logger;

/* loaded from: input_file:io/quarkus/oidc/deployment/devservices/OidcDevConsoleProcessor.class */
public class OidcDevConsoleProcessor extends AbstractDevConsoleProcessor {
    static volatile Vertx vertxInstance;
    private static final String TENANT_ENABLED_CONFIG_KEY = "quarkus.oidc.tenant-enabled";
    private static final String DISCOVERY_ENABLED_CONFIG_KEY = "quarkus.oidc.discovery-enabled";
    private static final String AUTH_SERVER_URL_CONFIG_KEY = "quarkus.oidc.auth-server-url";
    private static final String APP_TYPE_CONFIG_KEY = "quarkus.oidc.application-type";
    private static final String SERVICE_APP_TYPE = "service";
    private static final String KEYCLOAK = "Keycloak";
    private static final String AZURE = "Azure";
    OidcBuildTimeConfig oidcConfig;
    private static final Logger LOG = Logger.getLogger(OidcDevConsoleProcessor.class);
    private static final Set<String> OTHER_PROVIDERS = Set.of("Auth0", "Okta", "Google");

    @BuildStep(onlyIf = {IsDevelopment.class})
    @Consume(RuntimeConfigSetupCompleteBuildItem.class)
    void prepareOidcDevConsole(BuildProducer<DevConsoleTemplateInfoBuildItem> buildProducer, BuildProducer<DevConsoleRuntimeTemplateInfoBuildItem> buildProducer2, CuratedApplicationShutdownBuildItem curatedApplicationShutdownBuildItem, BuildProducer<DevConsoleRouteBuildItem> buildProducer3, Capabilities capabilities, CurateOutcomeBuildItem curateOutcomeBuildItem) {
        if (isOidcTenantEnabled() && isAuthServerUrlSet() && isClientIdSet()) {
            if (vertxInstance == null) {
                vertxInstance = Vertx.vertx();
                curatedApplicationShutdownBuildItem.addCloseTask(new Runnable() { // from class: io.quarkus.oidc.deployment.devservices.OidcDevConsoleProcessor.1
                    @Override // java.lang.Runnable
                    public void run() {
                        if (OidcDevConsoleProcessor.vertxInstance != null) {
                            try {
                                OidcDevConsoleProcessor.vertxInstance.close();
                            } catch (Throwable th) {
                                OidcDevConsoleProcessor.LOG.error("Failed to close Vertx instance", th);
                            }
                        }
                        OidcDevConsoleProcessor.vertxInstance = null;
                    }
                }, true);
            }
            try {
                String configProperty = getConfigProperty(AUTH_SERVER_URL_CONFIG_KEY);
                JsonObject jsonObject = null;
                if (isDiscoveryEnabled()) {
                    jsonObject = discoverMetadata(configProperty);
                    if (jsonObject == null) {
                        return;
                    }
                }
                String tryToGetProviderName = tryToGetProviderName(configProperty);
                if (KEYCLOAK.equals(tryToGetProviderName)) {
                    buildProducer.produce(new DevConsoleTemplateInfoBuildItem("keycloakAdminUrl", configProperty.substring(0, configProperty.indexOf("/realms/"))));
                }
                produceDevConsoleTemplateItems(capabilities, buildProducer, buildProducer2, curateOutcomeBuildItem, tryToGetProviderName, getApplicationType(), this.oidcConfig.devui.grant.type.isPresent() ? this.oidcConfig.devui.grant.type.get().getGrantType() : "code", jsonObject != null ? jsonObject.getString("authorization_endpoint") : null, jsonObject != null ? jsonObject.getString("token_endpoint") : null, jsonObject != null ? jsonObject.getString("end_session_endpoint") : null, jsonObject != null ? jsonObject.containsKey("introspection_endpoint") || jsonObject.containsKey("userinfo_endpoint") : false);
                produceDevConsoleRouteItems(buildProducer3, new OidcTestServiceHandler(vertxInstance, this.oidcConfig.devui.webClientTimeout), new OidcAuthorizationCodePostHandler(vertxInstance, this.oidcConfig.devui.webClientTimeout, this.oidcConfig.devui.grantOptions), new OidcPasswordClientCredHandler(vertxInstance, this.oidcConfig.devui.webClientTimeout, this.oidcConfig.devui.grantOptions));
            } catch (Exception e) {
            }
        }
    }

    private String tryToGetProviderName(String str) {
        if (str.contains("/realms/")) {
            return KEYCLOAK;
        }
        if (str.contains("microsoft")) {
            return AZURE;
        }
        for (String str2 : OTHER_PROVIDERS) {
            if (str.contains(str2.toLowerCase())) {
                return str2;
            }
        }
        return null;
    }

    private JsonObject discoverMetadata(String str) {
        WebClient createWebClient = OidcDevServicesUtils.createWebClient(vertxInstance);
        try {
            try {
                String str2 = str + "/.well-known/openid-configuration";
                LOG.infof("OIDC Dev Console: discovering the provider metadata at %s", str2);
                HttpResponse httpResponse = (HttpResponse) createWebClient.getAbs(str2).putHeader(HttpHeaders.ACCEPT.toString(), "application/json").send().await().indefinitely();
                if (httpResponse.statusCode() == 200) {
                    JsonObject bodyAsJsonObject = httpResponse.bodyAsJsonObject();
                    createWebClient.close();
                    return bodyAsJsonObject;
                }
                LOG.errorf("OIDC metadata discovery failed: %s", httpResponse.bodyAsString());
                createWebClient.close();
                return null;
            } catch (Throwable th) {
                LOG.infof("OIDC metadata can not be discovered: %s", th.toString());
                createWebClient.close();
                return null;
            }
        } catch (Throwable th2) {
            createWebClient.close();
            throw th2;
        }
    }

    private String getConfigProperty(String str) {
        return (String) ConfigProvider.getConfig().getValue(str, String.class);
    }

    private static boolean isOidcTenantEnabled() {
        return getBooleanProperty(TENANT_ENABLED_CONFIG_KEY);
    }

    private static boolean isDiscoveryEnabled() {
        return getBooleanProperty(DISCOVERY_ENABLED_CONFIG_KEY);
    }

    private static boolean getBooleanProperty(String str) {
        return ((Boolean) ConfigProvider.getConfig().getOptionalValue(str, Boolean.class).orElse(true)).booleanValue();
    }

    private static boolean isClientIdSet() {
        return ConfigUtils.isPropertyPresent("quarkus.oidc.client-id");
    }

    private static boolean isAuthServerUrlSet() {
        return ConfigUtils.isPropertyPresent(AUTH_SERVER_URL_CONFIG_KEY);
    }

    private static String getApplicationType() {
        return (String) ConfigProvider.getConfig().getOptionalValue(APP_TYPE_CONFIG_KEY, String.class).orElse(SERVICE_APP_TYPE);
    }
}
