package org.keycloak.services.resources;

import com.fasterxml.jackson.core.type.TypeReference;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.util.HashSet;
import java.util.List;
import java.util.NoSuchElementException;
import java.util.ServiceLoader;
import java.util.Set;
import java.util.concurrent.atomic.AtomicBoolean;
import javax.transaction.SystemException;
import javax.transaction.Transaction;
import javax.ws.rs.core.Application;
import org.jboss.logging.Logger;
import org.keycloak.Config;
import org.keycloak.common.Profile;
import org.keycloak.common.crypto.CryptoIntegration;
import org.keycloak.common.util.Resteasy;
import org.keycloak.config.ConfigProviderFactory;
import org.keycloak.exportimport.ExportImportManager;
import org.keycloak.exportimport.Strategy;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.KeycloakSessionFactory;
import org.keycloak.models.KeycloakSessionTask;
import org.keycloak.models.ModelDuplicateException;
import org.keycloak.models.RealmModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.UserProvider;
import org.keycloak.models.locking.GlobalLockProvider;
import org.keycloak.models.utils.KeycloakModelUtils;
import org.keycloak.models.utils.PostMigrationEvent;
import org.keycloak.models.utils.RepresentationToModel;
import org.keycloak.platform.Platform;
import org.keycloak.platform.PlatformProvider;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.representations.idm.UserRepresentation;
import org.keycloak.services.DefaultKeycloakSessionFactory;
import org.keycloak.services.ServicesLogger;
import org.keycloak.services.error.KcUnrecognizedPropertyExceptionHandler;
import org.keycloak.services.error.KeycloakErrorHandler;
import org.keycloak.services.filters.KeycloakSecurityHeadersFilter;
import org.keycloak.services.managers.ApplianceBootstrap;
import org.keycloak.services.managers.RealmManager;
import org.keycloak.services.resources.admin.AdminRoot;
import org.keycloak.services.util.ObjectMapperResolver;
import org.keycloak.transaction.JtaTransactionManagerLookup;
import org.keycloak.util.JsonSerialization;

/* loaded from: input_file:org/keycloak/services/resources/KeycloakApplication.class */
public class KeycloakApplication extends Application {
    public static final AtomicBoolean BOOTSTRAP_ADMIN_USER = new AtomicBoolean(false);
    private static final Logger logger = Logger.getLogger(KeycloakApplication.class);
    protected final PlatformProvider platform = Platform.getPlatform();
    protected Set<Object> singletons = new HashSet();
    protected Set<Class<?>> classes = new HashSet();
    private static KeycloakSessionFactory sessionFactory;

    public KeycloakApplication() {
        try {
            logger.debugv("PlatformProvider: {0}", this.platform.getClass().getName());
            logger.debugv("RestEasy provider: {0}", Resteasy.getProvider().getClass().getName());
            CryptoIntegration.init(KeycloakApplication.class.getClassLoader());
            loadConfig();
            this.singletons.add(new RobotsResource());
            this.singletons.add(new RealmsResource());
            if (Profile.isFeatureEnabled(Profile.Feature.ADMIN_API)) {
                this.singletons.add(new AdminRoot());
            }
            this.classes.add(ThemeResource.class);
            if (Profile.isFeatureEnabled(Profile.Feature.JS_ADAPTER)) {
                this.classes.add(JsResource.class);
            }
            this.classes.add(KeycloakSecurityHeadersFilter.class);
            this.classes.add(KeycloakErrorHandler.class);
            this.classes.add(KcUnrecognizedPropertyExceptionHandler.class);
            this.singletons.add(new ObjectMapperResolver());
            this.singletons.add(new WelcomeResource());
            this.platform.onStartup(this::startup);
            this.platform.onShutdown(this::shutdown);
        } catch (Throwable th) {
            this.platform.exit(th);
        }
    }

    protected void startup() {
        sessionFactory = createSessionFactory();
        final ExportImportManager[] exportImportManagerArr = new ExportImportManager[1];
        if (Boolean.getBoolean("keycloak.globalLock.forceUnlock")) {
            KeycloakModelUtils.runJobInTransaction(sessionFactory, new KeycloakSessionTask() { // from class: org.keycloak.services.resources.KeycloakApplication.1
                public void run(KeycloakSession keycloakSession) {
                    keycloakSession.getProvider(GlobalLockProvider.class).forceReleaseAllLocks();
                }
            });
        }
        KeycloakModelUtils.runJobInTransaction(sessionFactory, new KeycloakSessionTask() { // from class: org.keycloak.services.resources.KeycloakApplication.2
            public void run(KeycloakSession keycloakSession) {
                exportImportManagerArr[0] = (ExportImportManager) keycloakSession.getProvider(GlobalLockProvider.class).withLock("keycloak-boot", keycloakSession2 -> {
                    return KeycloakApplication.this.bootstrap();
                });
            }
        });
        if (exportImportManagerArr[0].isRunExport()) {
            exportImportManagerArr[0].runExport();
        }
        KeycloakModelUtils.runJobInTransaction(sessionFactory, new KeycloakSessionTask() { // from class: org.keycloak.services.resources.KeycloakApplication.3
            public void run(KeycloakSession keycloakSession) {
                KeycloakApplication.BOOTSTRAP_ADMIN_USER.set(new ApplianceBootstrap(keycloakSession).isNoMasterUser());
            }
        });
        sessionFactory.publish(new PostMigrationEvent(sessionFactory));
    }

    protected void shutdown() {
        if (sessionFactory != null) {
            sessionFactory.close();
        }
    }

    protected ExportImportManager bootstrap() {
        final ExportImportManager[] exportImportManagerArr = new ExportImportManager[1];
        logger.debug("bootstrap");
        KeycloakModelUtils.runJobInTransaction(sessionFactory, new KeycloakSessionTask() { // from class: org.keycloak.services.resources.KeycloakApplication.4
            public void run(KeycloakSession keycloakSession) {
                JtaTransactionManagerLookup providerFactory = KeycloakApplication.sessionFactory.getProviderFactory(JtaTransactionManagerLookup.class);
                if (providerFactory != null && providerFactory.getTransactionManager() != null) {
                    try {
                        Transaction transaction = providerFactory.getTransactionManager().getTransaction();
                        KeycloakApplication.logger.debugv("bootstrap current transaction? {0}", Boolean.valueOf(transaction != null));
                        if (transaction != null) {
                            KeycloakApplication.logger.debugv("bootstrap current transaction status? {0}", Integer.valueOf(transaction.getStatus()));
                        }
                    } catch (SystemException e) {
                        throw new RuntimeException((Throwable) e);
                    }
                }
                ApplianceBootstrap applianceBootstrap = new ApplianceBootstrap(keycloakSession);
                exportImportManagerArr[0] = new ExportImportManager(keycloakSession);
                boolean isNewInstall = applianceBootstrap.isNewInstall();
                if (exportImportManagerArr[0].isRunImport() && exportImportManagerArr[0].isImportMasterIncluded()) {
                    isNewInstall = false;
                }
                if (isNewInstall) {
                    applianceBootstrap.createMasterRealm();
                }
            }
        });
        if (exportImportManagerArr[0].isRunImport()) {
            exportImportManagerArr[0].runImport();
        } else {
            importRealms(exportImportManagerArr[0]);
        }
        importAddUser();
        return exportImportManagerArr[0];
    }

    protected void loadConfig() {
        try {
            ConfigProviderFactory configProviderFactory = (ConfigProviderFactory) ServiceLoader.load(ConfigProviderFactory.class, KeycloakApplication.class.getClassLoader()).iterator().next();
            logger.debugv("ConfigProvider: {0}", configProviderFactory.getClass().getName());
            Config.init(configProviderFactory.create().orElseThrow(() -> {
                return new RuntimeException("Failed to load Keycloak configuration");
            }));
        } catch (NoSuchElementException e) {
            throw new RuntimeException("No valid ConfigProvider found");
        }
    }

    protected KeycloakSessionFactory createSessionFactory() {
        DefaultKeycloakSessionFactory defaultKeycloakSessionFactory = new DefaultKeycloakSessionFactory();
        defaultKeycloakSessionFactory.init();
        return defaultKeycloakSessionFactory;
    }

    public static KeycloakSessionFactory getSessionFactory() {
        return sessionFactory;
    }

    public Set<Class<?>> getClasses() {
        return this.classes;
    }

    public Set<Object> getSingletons() {
        return this.singletons;
    }

    public void importRealms(ExportImportManager exportImportManager) {
        String property = System.getProperty("keycloak.import");
        if (property != null) {
            try {
                exportImportManager.runImportAtStartup(property, Strategy.IGNORE_EXISTING);
            } catch (IOException e) {
                throw new RuntimeException("Failed to import realms", e);
            }
        }
    }

    public void importRealm(RealmRepresentation realmRepresentation, String str) {
        boolean z = false;
        try {
            KeycloakSession create = sessionFactory.create();
            try {
                create.getTransactionManager().begin();
                try {
                    RealmManager realmManager = new RealmManager(create);
                    if (realmRepresentation.getId() != null && realmManager.getRealm(realmRepresentation.getId()) != null) {
                        ServicesLogger.LOGGER.realmExists(realmRepresentation.getRealm(), str);
                        z = true;
                    }
                    if (realmManager.getRealmByName(realmRepresentation.getRealm()) != null) {
                        ServicesLogger.LOGGER.realmExists(realmRepresentation.getRealm(), str);
                        z = true;
                    }
                    if (!z) {
                        ServicesLogger.LOGGER.importedRealm(realmManager.importRealm(realmRepresentation).getName(), str);
                    }
                    if (create != null) {
                        create.close();
                    }
                } catch (Throwable th) {
                    create.getTransactionManager().setRollbackOnly();
                    throw th;
                }
            } finally {
            }
        } catch (Throwable th2) {
            if (z) {
                return;
            }
            ServicesLogger.LOGGER.unableToImportRealm(th2, realmRepresentation.getRealm(), str);
        }
    }

    public void importAddUser() {
        String property = System.getProperty("jboss.server.config.dir");
        if (property != null) {
            File file = new File(property + File.separator + "keycloak-add-user.json");
            if (file.isFile()) {
                ServicesLogger.LOGGER.imprtingUsersFrom(file);
                try {
                    for (RealmRepresentation realmRepresentation : (List) JsonSerialization.readValue(new FileInputStream(file), new TypeReference<List<RealmRepresentation>>() { // from class: org.keycloak.services.resources.KeycloakApplication.5
                    })) {
                        for (UserRepresentation userRepresentation : realmRepresentation.getUsers()) {
                            try {
                                KeycloakModelUtils.runJobInTransaction(sessionFactory, keycloakSession -> {
                                    RealmModel realmByName = keycloakSession.realms().getRealmByName(realmRepresentation.getRealm());
                                    if (realmByName == null) {
                                        ServicesLogger.LOGGER.addUserFailedRealmNotFound(userRepresentation.getUsername(), realmRepresentation.getRealm());
                                    }
                                    UserProvider users = keycloakSession.users();
                                    if (users.getUserByUsername(realmByName, userRepresentation.getUsername()) != null) {
                                        ServicesLogger.LOGGER.notCreatingExistingUser(userRepresentation.getUsername());
                                        return;
                                    }
                                    UserModel addUser = users.addUser(realmByName, userRepresentation.getUsername());
                                    addUser.setEnabled(userRepresentation.isEnabled().booleanValue());
                                    RepresentationToModel.createCredentials(userRepresentation, keycloakSession, realmByName, addUser, false);
                                    RepresentationToModel.createRoleMappings(userRepresentation, addUser, realmByName);
                                    ServicesLogger.LOGGER.addUserSuccess(userRepresentation.getUsername(), realmRepresentation.getRealm());
                                });
                            } catch (ModelDuplicateException e) {
                                ServicesLogger.LOGGER.addUserFailedUserExists(userRepresentation.getUsername(), realmRepresentation.getRealm());
                            } catch (Throwable th) {
                                ServicesLogger.LOGGER.addUserFailed(th, userRepresentation.getUsername(), realmRepresentation.getRealm());
                            }
                        }
                    }
                    if (file.delete()) {
                        return;
                    }
                    ServicesLogger.LOGGER.failedToDeleteFile(file.getAbsolutePath());
                } catch (IOException e2) {
                    ServicesLogger.LOGGER.failedToLoadUsers(e2);
                }
            }
        }
    }
}
