package org.keycloak.services.resources.admin;

import java.util.ArrayList;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Set;
import javax.ws.rs.Consumes;
import javax.ws.rs.DELETE;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import org.jboss.resteasy.annotations.cache.NoCache;
import org.jboss.resteasy.spi.NotFoundException;
import org.keycloak.events.admin.OperationType;
import org.keycloak.events.admin.ResourceType;
import org.keycloak.models.ClientModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.models.RoleModel;
import org.keycloak.models.ScopeContainerModel;
import org.keycloak.models.utils.KeycloakModelUtils;
import org.keycloak.models.utils.ModelToRepresentation;
import org.keycloak.representations.idm.RoleRepresentation;
import org.keycloak.utils.MediaType;

/* loaded from: input_file:org/keycloak/services/resources/admin/ScopeMappedClientResource.class */
public class ScopeMappedClientResource {
    protected RealmModel realm;
    private RealmAuth auth;
    protected ScopeContainerModel scopeContainer;
    protected KeycloakSession session;
    protected ClientModel scopedClient;
    protected AdminEventBuilder adminEvent;

    public ScopeMappedClientResource(RealmModel realmModel, RealmAuth realmAuth, ScopeContainerModel scopeContainerModel, KeycloakSession keycloakSession, ClientModel clientModel, AdminEventBuilder adminEventBuilder) {
        this.realm = realmModel;
        this.auth = realmAuth;
        this.scopeContainer = scopeContainerModel;
        this.session = keycloakSession;
        this.scopedClient = clientModel;
        this.adminEvent = adminEventBuilder.resource(ResourceType.CLIENT_SCOPE_MAPPING);
    }

    @GET
    @Produces({MediaType.APPLICATION_JSON})
    @NoCache
    public List<RoleRepresentation> getClientScopeMappings() {
        this.auth.requireView();
        if (this.scopeContainer == null) {
            throw new NotFoundException("Could not find client");
        }
        Set clientScopeMappings = KeycloakModelUtils.getClientScopeMappings(this.scopedClient, this.scopeContainer);
        ArrayList arrayList = new ArrayList();
        Iterator it = clientScopeMappings.iterator();
        while (it.hasNext()) {
            arrayList.add(ModelToRepresentation.toRepresentation((RoleModel) it.next()));
        }
        return arrayList;
    }

    @GET
    @Path("available")
    @NoCache
    @Produces({MediaType.APPLICATION_JSON})
    public List<RoleRepresentation> getAvailableClientScopeMappings() {
        this.auth.requireView();
        if (this.scopeContainer == null) {
            throw new NotFoundException("Could not find client");
        }
        return ScopeMappedResource.getAvailable(this.scopeContainer, this.scopedClient.getRoles());
    }

    @GET
    @Path("composite")
    @NoCache
    @Produces({MediaType.APPLICATION_JSON})
    public List<RoleRepresentation> getCompositeClientScopeMappings() {
        this.auth.requireView();
        if (this.scopeContainer == null) {
            throw new NotFoundException("Could not find client");
        }
        return ScopeMappedResource.getComposite(this.scopeContainer, this.scopedClient.getRoles());
    }

    @POST
    @Consumes({MediaType.APPLICATION_JSON})
    public void addClientScopeMapping(List<RoleRepresentation> list) {
        this.auth.requireManage();
        if (this.scopeContainer == null) {
            throw new NotFoundException("Could not find client");
        }
        Iterator<RoleRepresentation> it = list.iterator();
        while (it.hasNext()) {
            RoleModel role = this.scopedClient.getRole(it.next().getName());
            if (role == null) {
                throw new NotFoundException("Role not found");
            }
            this.scopeContainer.addScopeMapping(role);
        }
        this.adminEvent.operation(OperationType.CREATE).resourcePath(this.session.getContext().getUri()).representation(list).success();
    }

    @Consumes({MediaType.APPLICATION_JSON})
    @DELETE
    public void deleteClientScopeMapping(List<RoleRepresentation> list) {
        this.auth.requireManage();
        if (this.scopeContainer == null) {
            throw new NotFoundException("Could not find client");
        }
        if (list == null) {
            Set<RoleModel> clientScopeMappings = KeycloakModelUtils.getClientScopeMappings(this.scopedClient, this.scopeContainer);
            list = new LinkedList();
            for (RoleModel roleModel : clientScopeMappings) {
                this.scopeContainer.deleteScopeMapping(roleModel);
                list.add(ModelToRepresentation.toRepresentation(roleModel));
            }
        } else {
            Iterator<RoleRepresentation> it = list.iterator();
            while (it.hasNext()) {
                RoleModel role = this.scopedClient.getRole(it.next().getName());
                if (role == null) {
                    throw new NotFoundException("Role not found");
                }
                this.scopeContainer.deleteScopeMapping(role);
            }
        }
        this.adminEvent.operation(OperationType.DELETE).resourcePath(this.session.getContext().getUri()).representation(list).success();
    }
}
