package de.denktmit.testsupport.spring;

import jakarta.ws.rs.core.Response;
import java.util.Collections;
import java.util.List;
import org.keycloak.admin.client.CreatedResponseUtil;
import org.keycloak.admin.client.Keycloak;
import org.keycloak.admin.client.KeycloakBuilder;
import org.keycloak.admin.client.resource.RealmResource;
import org.keycloak.admin.client.resource.UserResource;
import org.keycloak.admin.client.resource.UsersResource;
import org.keycloak.representations.idm.ClientRepresentation;
import org.keycloak.representations.idm.CredentialRepresentation;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.representations.idm.RoleRepresentation;
import org.keycloak.representations.idm.UserRepresentation;
import org.springframework.boot.test.util.TestPropertyValues;
import org.springframework.context.ApplicationContextInitializer;
import org.springframework.context.ConfigurableApplicationContext;

/* loaded from: input_file:de/denktmit/testsupport/spring/KeycloakTestContextInitializer.class */
public class KeycloakTestContextInitializer implements ApplicationContextInitializer<ConfigurableApplicationContext> {
    private Config config = new Config();

    /* loaded from: input_file:de/denktmit/testsupport/spring/KeycloakTestContextInitializer$Config.class */
    public static class Config {
        public static String URI_SCHEMA = "http";
        public static String DEFAULT_HOST = "localhost";
        public static int DEFAULT_PORT = 18080;
        public static String DEFAULT_ADMIN_USERNAME = "admin";
        public static String DEFAULT_ADMIN_PASSWORD = "admin";
        public static String DEFAULT_MASTER_REALM = "master";
        public static String DEFAULT_ADMIN_CLIENT_ID = "admin-cli";
        public static String TEST_CLIENT_ID = "sb-client";
        public static String TEST_CLIENT_SECRET = "ad0be000-0000-4000-a000-000000000000";
        public static String TEST_REALM_NAME = "sandbox";
        public static String TEST_USER_ROLE = "sb-manager";
        public static String TEST_USER_ROLE_DESCRIPTION = "sandbox manager";
        public static String TEST_ADMIN_USERNAME = "sb-admin";
        public static String TEST_ADMIN_PASSWORD = "ThisIsHow2ConnectAnAdmin!";
        private String keycloakUriSchema;
        private String keycloakHost;
        private int keycloakPort;
        private String keycloakAdminName;
        private String keycloakAdminPassword;
        private String keycloakAddress;
        private String keycloakMasterRealm;
        private String keycloakAdminClientId;
        private String testClientId;
        private String testClientSecret;
        private String testRealmName;
        private String testUserRole;
        private String testUserRoleDescription;
        private String testAdminUsername;
        private String testAdminPassword;

        public Config() {
            this.keycloakUriSchema = System.getenv("KEYCLOAK_HOST_URI_SCHEMA") != null ? System.getenv("KEYCLOAK_HOST_URI_SCHEMA") : URI_SCHEMA;
            this.keycloakHost = System.getenv("KEYCLOAK_HOST") != null ? System.getenv("KEYCLOAK_HOST") : DEFAULT_HOST;
            this.keycloakPort = System.getenv("KEYCLOAK_PORT") != null ? Integer.parseInt(System.getenv("KEYCLOAK_PORT")) : DEFAULT_PORT;
            this.keycloakAdminName = System.getenv("KEYCLOAK_USER") != null ? System.getenv("KEYCLOAK_USER") : DEFAULT_ADMIN_USERNAME;
            this.keycloakAdminPassword = System.getenv("KEYCLOAK_PASSWORD") != null ? System.getenv("KEYCLOAK_PASSWORD") : DEFAULT_ADMIN_PASSWORD;
            this.keycloakAddress = this.keycloakUriSchema + "://" + this.keycloakHost + ":" + this.keycloakPort;
            this.keycloakMasterRealm = System.getenv("KEYCLOAK_MASTER_REALM") != null ? System.getenv("KEYCLOAK_MASTER_REALM") : DEFAULT_MASTER_REALM;
            this.keycloakAdminClientId = System.getenv("KEYCLOAK_ADMIN_CLIENT_ID") != null ? System.getenv("KEYCLOAK_ADMIN_CLIENT_ID") : DEFAULT_ADMIN_CLIENT_ID;
            this.testClientId = System.getenv("KEYCLOAK_TEST_CLIENT_ID") != null ? System.getenv("KEYCLOAK_TEST_CLIENT_ID") : TEST_CLIENT_ID;
            this.testClientSecret = System.getenv("KEYCLOAK_TEST_CLIENT_SECRET") != null ? System.getenv("KEYCLOAK_TEST_CLIENT_SECRET") : TEST_CLIENT_SECRET;
            this.testRealmName = System.getenv("KEYCLOAK_TEST_REALM_NAME") != null ? System.getenv("KEYCLOAK_TEST_REALM_NAME") : TEST_REALM_NAME;
            this.testUserRole = System.getenv("KEYCLOAK_TEST_USER_ROLE") != null ? System.getenv("KEYCLOAK_TEST_USER_ROLE") : TEST_USER_ROLE;
            this.testUserRoleDescription = System.getenv("KEYCLOAK_TEST_USER_ROLE_DESCRIPTION") != null ? System.getenv("KEYCLOAK_TEST_USER_ROLE_DESCRIPTION") : TEST_USER_ROLE_DESCRIPTION;
            this.testAdminUsername = System.getenv("KEYCLOAK_TEST_ADMIN_USERNAME") != null ? System.getenv("KEYCLOAK_TEST_ADMIN_USERNAME") : TEST_ADMIN_USERNAME;
            this.testAdminPassword = System.getenv("KEYCLOAK_TEST_ADMIN_PASSWORD") != null ? System.getenv("KEYCLOAK_TEST_ADMIN_PASSWORD") : TEST_ADMIN_PASSWORD;
        }

        public String getKeycloakUriSchema() {
            return this.keycloakUriSchema;
        }

        public String getKeycloakHost() {
            return this.keycloakHost;
        }

        public int getKeycloakPort() {
            return this.keycloakPort;
        }

        public String getKeycloakAdminName() {
            return this.keycloakAdminName;
        }

        public String getKeycloakAdminPassword() {
            return this.keycloakAdminPassword;
        }

        public String getKeycloakAddress() {
            return this.keycloakAddress;
        }

        public String getKeycloakMasterRealm() {
            return this.keycloakMasterRealm;
        }

        public String getKeycloakAdminClientId() {
            return this.keycloakAdminClientId;
        }

        public String getTestClientId() {
            return this.testClientId;
        }

        public String getTestClientSecret() {
            return this.testClientSecret;
        }

        public String getTestRealmName() {
            return this.testRealmName;
        }

        public String getTestUserRole() {
            return this.testUserRole;
        }

        public String getTestUserRoleDescription() {
            return this.testUserRoleDescription;
        }

        public String getTestAdminUsername() {
            return this.testAdminUsername;
        }

        public String getTestAdminPassword() {
            return this.testAdminPassword;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:de/denktmit/testsupport/spring/KeycloakTestContextInitializer$KeycloakSession.class */
    public static class KeycloakSession {
        private final Config ic;
        private Keycloak keycloakAdminClient;
        private RealmResource realm;
        private UsersResource users;

        public KeycloakSession(Config config) {
            this.ic = config;
        }

        private void connectAdminClient() {
            this.keycloakAdminClient = KeycloakBuilder.builder().serverUrl(this.ic.keycloakAddress).realm(this.ic.keycloakMasterRealm).clientId(this.ic.keycloakAdminClientId).username(this.ic.keycloakAdminName).password(this.ic.keycloakAdminPassword).build();
        }

        private void createSandboxRealm() {
            deleteRealmIfExists();
            this.keycloakAdminClient.realms().create(new RealmRepresentation() { // from class: de.denktmit.testsupport.spring.KeycloakTestContextInitializer.KeycloakSession.1
                {
                    setRealm(KeycloakSession.this.ic.testRealmName);
                    setEnabled(true);
                }
            });
            this.realm = this.keycloakAdminClient.realm(this.ic.testRealmName);
            this.users = this.realm.users();
        }

        private void deleteRealmIfExists() {
            this.keycloakAdminClient.realms().findAll().stream().filter(realmRepresentation -> {
                return realmRepresentation.getRealm().equals(this.ic.testRealmName);
            }).findFirst().ifPresent(realmRepresentation2 -> {
                this.keycloakAdminClient.realm(this.ic.testRealmName).remove();
            });
        }

        private void createSandboxRealmClient() {
            this.realm.clients().create(new ClientRepresentation() { // from class: de.denktmit.testsupport.spring.KeycloakTestContextInitializer.KeycloakSession.2
                {
                    setId(KeycloakSession.this.ic.testClientId);
                    setSecret(KeycloakSession.this.ic.testClientSecret);
                    setRedirectUris(List.of("*"));
                    setWebOrigins(List.of("*"));
                    setProtocol("openid-connect");
                }
            });
        }

        private void setupNewUser() {
            deleteUserIfExists();
            UserResource userResource = this.users.get(CreatedResponseUtil.getCreatedId(createUser()));
            setUserPassword(userResource);
            createRole(userResource);
        }

        private void deleteUserIfExists() {
            this.users.list().stream().filter(userRepresentation -> {
                return userRepresentation.getUsername().equals(this.ic.testAdminUsername);
            }).findFirst().ifPresent(userRepresentation2 -> {
                this.users.delete(userRepresentation2.getId());
            });
        }

        private Response createUser() {
            return this.users.create(new UserRepresentation() { // from class: de.denktmit.testsupport.spring.KeycloakTestContextInitializer.KeycloakSession.3
                {
                    setEnabled(true);
                    setUsername(KeycloakSession.this.ic.testAdminUsername);
                    setFirstName("JUnit");
                    setLastName("Tester");
                    setEmail("junit+tester1@denktmit.de");
                    setAttributes(Collections.singletonMap("origin", List.of("demo")));
                }
            });
        }

        private void setUserPassword(UserResource userResource) {
            userResource.resetPassword(new CredentialRepresentation() { // from class: de.denktmit.testsupport.spring.KeycloakTestContextInitializer.KeycloakSession.4
                {
                    setTemporary(false);
                    setType("password");
                    setValue(KeycloakSession.this.ic.testAdminPassword);
                }
            });
        }

        private void createRole(UserResource... userResourceArr) {
            deleteRoleIfExists();
            this.realm.roles().create(new RoleRepresentation(this.ic.testUserRole, this.ic.testUserRoleDescription, false));
            RoleRepresentation representation = this.realm.roles().get(this.ic.testUserRole).toRepresentation();
            for (UserResource userResource : userResourceArr) {
                userResource.roles().realmLevel().add(Collections.singletonList(representation));
            }
        }

        private void deleteRoleIfExists() {
            this.realm.roles().list().stream().filter(roleRepresentation -> {
                return roleRepresentation.getName().equals(this.ic.testUserRole);
            }).findFirst().ifPresent(roleRepresentation2 -> {
                this.realm.roles().deleteRole(roleRepresentation2.getName());
            });
        }
    }

    public void initialize(ConfigurableApplicationContext configurableApplicationContext) {
        setupKeycloak(this.config);
        TestPropertyValues.of(new String[]{"spring.security.oauth2.client.provider.keycloak.issuer-uri=http://" + this.config.keycloakAddress + "/auth/realms/" + this.config.testRealmName, "spring.security.oauth2.client.registration.keycloak.client-id=" + this.config.testClientId, "spring.security.oauth2.client.registration.keycloak.client-secret=" + this.config.testClientSecret}).applyTo(configurableApplicationContext.getEnvironment());
    }

    private void setupKeycloak(Config config) {
        KeycloakSession keycloakSession = new KeycloakSession(config);
        keycloakSession.connectAdminClient();
        keycloakSession.createSandboxRealm();
        keycloakSession.createSandboxRealmClient();
        keycloakSession.setupNewUser();
    }

    public Config getConfig() {
        return this.config;
    }
}
