package org.keycloak.services.resources.admin;

import jakarta.ws.rs.Consumes;
import jakarta.ws.rs.GET;
import jakarta.ws.rs.PUT;
import jakarta.ws.rs.Path;
import jakarta.ws.rs.Produces;
import jakarta.ws.rs.core.Response;
import java.util.Collections;
import java.util.Comparator;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.function.Function;
import java.util.stream.Collectors;
import org.eclipse.microprofile.openapi.annotations.Operation;
import org.eclipse.microprofile.openapi.annotations.extensions.Extension;
import org.eclipse.microprofile.openapi.annotations.media.Content;
import org.eclipse.microprofile.openapi.annotations.media.Schema;
import org.eclipse.microprofile.openapi.annotations.parameters.RequestBody;
import org.eclipse.microprofile.openapi.annotations.responses.APIResponse;
import org.eclipse.microprofile.openapi.annotations.tags.Tag;
import org.keycloak.component.ComponentValidationException;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.provider.ConfiguredProvider;
import org.keycloak.representations.idm.UserProfileAttributeGroupMetadata;
import org.keycloak.representations.idm.UserProfileAttributeMetadata;
import org.keycloak.representations.idm.UserProfileMetadata;
import org.keycloak.representations.userprofile.config.UPConfig;
import org.keycloak.representations.userprofile.config.UPGroup;
import org.keycloak.services.ErrorResponse;
import org.keycloak.services.resources.KeycloakOpenAPI;
import org.keycloak.services.resources.admin.permissions.AdminPermissionEvaluator;
import org.keycloak.userprofile.AttributeMetadata;
import org.keycloak.userprofile.UserProfile;
import org.keycloak.userprofile.UserProfileContext;
import org.keycloak.userprofile.UserProfileProvider;
import org.keycloak.utils.MediaType;
import org.keycloak.validate.Validators;

@Extension(name = KeycloakOpenAPI.Profiles.ADMIN, value = "")
/* loaded from: input_file:org/keycloak/services/resources/admin/UserProfileResource.class */
public class UserProfileResource {
    protected final KeycloakSession session;
    protected final RealmModel realm;
    private final AdminPermissionEvaluator auth;

    public UserProfileResource(KeycloakSession keycloakSession, AdminPermissionEvaluator adminPermissionEvaluator) {
        this.session = keycloakSession;
        this.realm = keycloakSession.getContext().getRealm();
        this.auth = adminPermissionEvaluator;
    }

    @Produces({MediaType.APPLICATION_JSON})
    @Tag(name = KeycloakOpenAPI.Admin.Tags.USERS)
    @Operation(description = "Get the configuration for the user profile")
    @GET
    public UPConfig getConfiguration() {
        this.auth.requireAnyAdminRole();
        return this.session.getProvider(UserProfileProvider.class).getConfiguration();
    }

    @Produces({MediaType.APPLICATION_JSON})
    @Tag(name = KeycloakOpenAPI.Admin.Tags.USERS)
    @Operation(description = "Get the UserProfileMetadata from the configuration")
    @GET
    @Path("/metadata")
    public UserProfileMetadata getMetadata() {
        this.auth.requireAnyAdminRole();
        return createUserProfileMetadata(this.session, this.session.getProvider(UserProfileProvider.class).create(UserProfileContext.USER_API, Collections.emptyMap()));
    }

    @Produces({MediaType.APPLICATION_JSON})
    @Tag(name = KeycloakOpenAPI.Admin.Tags.USERS)
    @Operation(description = "Set the configuration for the user profile")
    @APIResponse(responseCode = "200", content = {@Content(schema = @Schema(implementation = UPConfig.class))})
    @PUT
    @Consumes({MediaType.APPLICATION_JSON})
    public Response update(@RequestBody(content = {@Content(schema = @Schema(implementation = UPConfig.class))}) String str) {
        this.auth.realm().requireManageRealm();
        UserProfileProvider provider = this.session.getProvider(UserProfileProvider.class);
        try {
            provider.setConfiguration(str);
            return Response.ok(provider.getConfiguration()).type(MediaType.APPLICATION_JSON).build();
        } catch (ComponentValidationException e) {
            throw ErrorResponse.error(e.getMessage(), Response.Status.BAD_REQUEST);
        }
    }

    public static UserProfileMetadata createUserProfileMetadata(KeycloakSession keycloakSession, UserProfile userProfile) {
        Map readable = userProfile.getAttributes().getReadable();
        if (readable == null) {
            return null;
        }
        return new UserProfileMetadata((List) readable.keySet().stream().map(str -> {
            return userProfile.getAttributes().getMetadata(str);
        }).filter((v0) -> {
            return Objects.nonNull(v0);
        }).sorted(Comparator.comparingInt((v0) -> {
            return v0.getGuiOrder();
        })).map(attributeMetadata -> {
            return toRestMetadata(attributeMetadata, keycloakSession, userProfile);
        }).collect(Collectors.toList()), (List) keycloakSession.getProvider(UserProfileProvider.class).getConfiguration().getGroups().stream().map(new Function<UPGroup, UserProfileAttributeGroupMetadata>() { // from class: org.keycloak.services.resources.admin.UserProfileResource.1
            @Override // java.util.function.Function
            public UserProfileAttributeGroupMetadata apply(UPGroup uPGroup) {
                return new UserProfileAttributeGroupMetadata(uPGroup.getName(), uPGroup.getDisplayHeader(), uPGroup.getDisplayDescription(), uPGroup.getAnnotations());
            }
        }).collect(Collectors.toList()));
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static UserProfileAttributeMetadata toRestMetadata(AttributeMetadata attributeMetadata, KeycloakSession keycloakSession, UserProfile userProfile) {
        String str = null;
        if (attributeMetadata.getAttributeGroupMetadata() != null) {
            str = attributeMetadata.getAttributeGroupMetadata().getName();
        }
        return new UserProfileAttributeMetadata(attributeMetadata.getName(), attributeMetadata.getAttributeDisplayName(), userProfile.getAttributes().isRequired(attributeMetadata.getName()), userProfile.getAttributes().isReadOnly(attributeMetadata.getName()), str, attributeMetadata.getAnnotations(), toValidatorMetadata(attributeMetadata, keycloakSession));
    }

    private static Map<String, Map<String, Object>> toValidatorMetadata(AttributeMetadata attributeMetadata, KeycloakSession keycloakSession) {
        if (attributeMetadata.getValidators() == null) {
            return null;
        }
        return (Map) attributeMetadata.getValidators().stream().filter(attributeValidatorMetadata -> {
            return Validators.validator(keycloakSession, attributeValidatorMetadata.getValidatorId()) instanceof ConfiguredProvider;
        }).collect(Collectors.toMap((v0) -> {
            return v0.getValidatorId();
        }, (v0) -> {
            return v0.getValidatorConfig();
        }));
    }
}
