package org.keycloak.services.resources.account;

import jakarta.ws.rs.DELETE;
import jakarta.ws.rs.GET;
import jakarta.ws.rs.Path;
import jakarta.ws.rs.PathParam;
import jakarta.ws.rs.Produces;
import jakarta.ws.rs.QueryParam;
import jakarta.ws.rs.core.Response;
import java.util.Collection;
import java.util.HashMap;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import org.jboss.resteasy.reactive.NoCache;
import org.keycloak.device.DeviceActivityManager;
import org.keycloak.models.ClientModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.UserSessionModel;
import org.keycloak.representations.account.ClientRepresentation;
import org.keycloak.representations.account.DeviceRepresentation;
import org.keycloak.representations.account.SessionRepresentation;
import org.keycloak.services.managers.Auth;
import org.keycloak.services.managers.AuthenticationManager;
import org.keycloak.utils.MediaType;

/* loaded from: input_file:org/keycloak/services/resources/account/SessionResource.class */
public class SessionResource {
    private final KeycloakSession session;
    private final Auth auth;
    private final RealmModel realm;
    private final UserModel user;

    public SessionResource(KeycloakSession keycloakSession, Auth auth) {
        this.session = keycloakSession;
        this.auth = auth;
        this.realm = auth.getRealm();
        this.user = auth.getUser();
    }

    @Produces({MediaType.APPLICATION_JSON})
    @NoCache
    @GET
    public Stream<SessionRepresentation> toRepresentation() {
        return this.session.sessions().getUserSessionsStream(this.realm, this.user).map(this::toRepresentation);
    }

    @Produces({MediaType.APPLICATION_JSON})
    @NoCache
    @Path("devices")
    @GET
    public Collection<DeviceRepresentation> devices() {
        HashMap hashMap = new HashMap();
        this.session.sessions().getUserSessionsStream(this.realm, this.user).forEach(userSessionModel -> {
            DeviceRepresentation attachedDevice = getAttachedDevice(userSessionModel);
            DeviceRepresentation deviceRepresentation = (DeviceRepresentation) hashMap.computeIfAbsent(attachedDevice.getOs() + attachedDevice.getOsVersion(), str -> {
                DeviceRepresentation deviceRepresentation2 = new DeviceRepresentation();
                deviceRepresentation2.setLastAccess(attachedDevice.getLastAccess());
                deviceRepresentation2.setOs(attachedDevice.getOs());
                deviceRepresentation2.setOsVersion(attachedDevice.getOsVersion());
                deviceRepresentation2.setDevice(attachedDevice.getDevice());
                deviceRepresentation2.setMobile(attachedDevice.isMobile());
                return deviceRepresentation2;
            });
            if (isCurrentSession(userSessionModel)) {
                deviceRepresentation.setCurrent(true);
            }
            if (deviceRepresentation.getLastAccess() == 0 || deviceRepresentation.getLastAccess() < userSessionModel.getLastSessionRefresh()) {
                deviceRepresentation.setLastAccess(userSessionModel.getLastSessionRefresh());
            }
            deviceRepresentation.addSession(createSessionRepresentation(userSessionModel, attachedDevice));
        });
        return hashMap.values();
    }

    @Produces({MediaType.APPLICATION_JSON})
    @NoCache
    @DELETE
    public Response logout(@QueryParam("current") boolean z) {
        this.auth.require("manage-account");
        ((List) this.session.sessions().getUserSessionsStream(this.realm, this.user).filter(userSessionModel -> {
            return z || !isCurrentSession(userSessionModel);
        }).collect(Collectors.toList())).forEach(userSessionModel2 -> {
            AuthenticationManager.backchannelLogout(this.session, userSessionModel2, true);
        });
        return Response.noContent().build();
    }

    @Produces({MediaType.APPLICATION_JSON})
    @NoCache
    @Path("/{id}")
    @DELETE
    public Response logout(@PathParam("id") String str) {
        this.auth.require("manage-account");
        UserSessionModel userSession = this.session.sessions().getUserSession(this.realm, str);
        if (userSession != null && userSession.getUser().equals(this.user)) {
            AuthenticationManager.backchannelLogout(this.session, userSession, true);
        }
        return Response.noContent().build();
    }

    private SessionRepresentation createSessionRepresentation(UserSessionModel userSessionModel, DeviceRepresentation deviceRepresentation) {
        SessionRepresentation sessionRepresentation = new SessionRepresentation();
        sessionRepresentation.setId(userSessionModel.getId());
        sessionRepresentation.setIpAddress(userSessionModel.getIpAddress());
        sessionRepresentation.setStarted(userSessionModel.getStarted());
        sessionRepresentation.setLastAccess(userSessionModel.getLastSessionRefresh());
        sessionRepresentation.setExpires(userSessionModel.getStarted() + ((!userSessionModel.isRememberMe() || this.realm.getSsoSessionMaxLifespanRememberMe() <= 0) ? this.realm.getSsoSessionMaxLifespan() : this.realm.getSsoSessionMaxLifespanRememberMe()));
        sessionRepresentation.setBrowser(deviceRepresentation.getBrowser());
        if (isCurrentSession(userSessionModel)) {
            sessionRepresentation.setCurrent(true);
        }
        sessionRepresentation.setClients(new LinkedList());
        Iterator it = userSessionModel.getAuthenticatedClientSessions().keySet().iterator();
        while (it.hasNext()) {
            ClientModel clientById = this.realm.getClientById((String) it.next());
            ClientRepresentation clientRepresentation = new ClientRepresentation();
            clientRepresentation.setClientId(clientById.getClientId());
            clientRepresentation.setClientName(clientById.getName());
            sessionRepresentation.getClients().add(clientRepresentation);
        }
        return sessionRepresentation;
    }

    private DeviceRepresentation getAttachedDevice(UserSessionModel userSessionModel) {
        DeviceRepresentation currentDevice = DeviceActivityManager.getCurrentDevice(userSessionModel);
        if (currentDevice == null) {
            currentDevice = DeviceRepresentation.unknown();
            currentDevice.setIpAddress(userSessionModel.getIpAddress());
        }
        return currentDevice;
    }

    private boolean isCurrentSession(UserSessionModel userSessionModel) {
        if (this.auth.getSession() == null) {
            return false;
        }
        return userSessionModel.getId().equals(this.auth.getSession().getId());
    }

    private SessionRepresentation toRepresentation(UserSessionModel userSessionModel) {
        return createSessionRepresentation(userSessionModel, getAttachedDevice(userSessionModel));
    }
}
