package org.keycloak.testsuite.utils.arquillian;

import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.util.Arrays;
import java.util.Collection;
import java.util.Optional;
import org.jboss.logging.Logger;
import org.jboss.shrinkwrap.api.Archive;
import org.jboss.shrinkwrap.api.asset.Asset;
import org.jboss.shrinkwrap.api.asset.StringAsset;
import org.jboss.shrinkwrap.api.spec.WebArchive;
import org.keycloak.representations.adapters.config.AdapterConfig;
import org.keycloak.testsuite.util.ServerURLs;
import org.keycloak.testsuite.utils.io.IOUtil;
import org.keycloak.util.JsonSerialization;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.NodeList;

/* loaded from: input_file:org/keycloak/testsuite/utils/arquillian/DeploymentArchiveProcessorUtils.class */
public class DeploymentArchiveProcessorUtils {
    private static final String AUTH_SERVER_REPLACED_URL = "http://localhost:8080";
    public static final String WEBXML_PATH = "/WEB-INF/web.xml";
    public static final String ADAPTER_CONFIG_PATH = "/WEB-INF/keycloak.json";
    public static final String ADAPTER_CONFIG_PATH_JS = "/keycloak.json";
    public static final String JBOSS_DEPLOYMENT_XML_PATH = "/WEB-INF/jboss-deployment-structure.xml";
    public static final String TRUSTSTORE_PASSWORD = "secret";
    private static final Logger log = Logger.getLogger(DeploymentArchiveProcessorUtils.class);
    private static final boolean AUTH_SERVER_SSL_REQUIRED = Boolean.parseBoolean(System.getProperty("auth.server.ssl.required"));
    private static final boolean APP_SERVER_SSL_REQUIRED = Boolean.parseBoolean(System.getProperty("app.server.ssl.required"));
    public static final String SAML_ADAPTER_CONFIG_PATH = "/WEB-INF/keycloak-saml.xml";
    public static final String SAML_ADAPTER_CONFIG_PATH_TENANT1 = "/WEB-INF/classes/tenant1-keycloak-saml.xml";
    public static final String SAML_ADAPTER_CONFIG_PATH_TENANT2 = "/WEB-INF/classes/tenant2-keycloak-saml.xml";
    public static final Collection<String> SAML_CONFIGS = Arrays.asList(SAML_ADAPTER_CONFIG_PATH, SAML_ADAPTER_CONFIG_PATH_TENANT1, SAML_ADAPTER_CONFIG_PATH_TENANT2);

    public static boolean checkRunOnServerDeployment(Archive<?> archive) {
        return archive.getName().equals("run-on-server-classes.war");
    }

    public static void modifyOIDCAdapterConfig(Archive<?> archive, String str) {
        try {
            AdapterConfig adapterConfig = (AdapterConfig) IOUtil.loadJson(archive.get(str).getAsset().openStream(), AdapterConfig.class);
            adapterConfig.setAuthServerUrl(getAuthServerUrl());
            if (APP_SERVER_SSL_REQUIRED) {
                adapterConfig.setSslRequired("all");
            }
            if (AUTH_SERVER_SSL_REQUIRED) {
                String str2 = str.contains("WEB-INF") ? "classpath:keycloak.truststore" : "keycloak.truststore";
                adapterConfig.setTruststore(str2);
                adapterConfig.setTruststorePassword(TRUSTSTORE_PASSWORD);
                File file = new File(System.getProperty("dependency.keystore.root", "") + "/keycloak.truststore");
                if (!file.exists()) {
                    file = new File(DeploymentArchiveProcessorUtils.class.getResource("/keystore/keycloak.truststore").getFile());
                }
                ((WebArchive) archive).addAsResource(file);
                log.debugf("Adding Truststore to the deployment, path %s, password %s, adapter path %s", file.getAbsolutePath(), TRUSTSTORE_PASSWORD, str2);
            }
            archive.add(new StringAsset(JsonSerialization.writeValueAsPrettyString(adapterConfig)), str);
        } catch (IOException e) {
            log.error("Cannot serialize adapter config to JSON.", e);
        }
    }

    public static void modifySAMLAdapterConfig(Archive<?> archive, String str) {
        Document loadXML = IOUtil.loadXML(archive.get(str).getAsset().openStream());
        modifySAMLDocument(loadXML);
        archive.add(new StringAsset(IOUtil.documentToString(loadXML)), str);
        File file = new File(System.getProperty("dependency.keystore.root", "") + "/keycloak.truststore");
        if (!file.exists()) {
            file = new File(DeploymentArchiveProcessorUtils.class.getResource("/keystore/keycloak.truststore").getFile());
        }
        ((WebArchive) archive).addAsResource(file);
    }

    public static void modifySAMLDocument(Document document) {
        IOUtil.modifyDocElementAttribute(document, "SingleSignOnService", "bindingUrl", AUTH_SERVER_REPLACED_URL, ServerURLs.getAuthServerContextRoot());
        IOUtil.modifyDocElementAttribute(document, "SingleLogoutService", "postBindingUrl", AUTH_SERVER_REPLACED_URL, ServerURLs.getAuthServerContextRoot());
        IOUtil.modifyDocElementAttribute(document, "SingleLogoutService", "redirectBindingUrl", AUTH_SERVER_REPLACED_URL, ServerURLs.getAuthServerContextRoot());
        IOUtil.modifyDocElementAttribute(document, "SingleSignOnService", "assertionConsumerServiceUrl", AUTH_SERVER_REPLACED_URL, ServerURLs.getAppServerContextRoot());
        IOUtil.modifyDocElementAttribute(document, "SP", "logoutPage", AUTH_SERVER_REPLACED_URL, ServerURLs.getAppServerContextRoot());
    }

    public static void useJakartaEEServletClass(Archive<?> archive, String str) {
        try {
            InputStream openStream = ((Asset) Optional.ofNullable(archive.get(str)).map((v0) -> {
                return v0.getAsset();
            }).orElseThrow(() -> {
                return new IllegalArgumentException(String.format("Cannot find '%s' config path", str));
            })).openStream();
            try {
                Document loadXML = IOUtil.loadXML(openStream);
                NodeList elementsByTagName = loadXML.getElementsByTagName("servlet");
                if (elementsByTagName.getLength() == 1) {
                    int length = loadXML.getElementsByTagName("servlet-class").getLength();
                    if (length == 0) {
                        Element createElement = loadXML.createElement("servlet-class");
                        createElement.setTextContent("jakarta.ws.rs.core.Application");
                        elementsByTagName.item(0).appendChild(createElement);
                        log.infof("Appending '%s' tag with Jakarta application class to '%s'\n", "servlet-class", archive.getName());
                    } else {
                        if (length != 1) {
                            log.error(String.format("Invalid count of '%s' tags for '%s'\n", "servlet-class", archive.getName()));
                            if (openStream != null) {
                                openStream.close();
                                return;
                            }
                            return;
                        }
                        IOUtil.modifyDocElementValue(loadXML, "servlet-class", "javax.ws.rs.core.Application", "jakarta.ws.rs.core.Application");
                        log.infof("Modifying 'servlet-class' tag to use Jakarta application class in '%s'\n", "servlet-class", archive.getName());
                    }
                    archive.add(new StringAsset(IOUtil.documentToString(loadXML)), str);
                }
                if (openStream != null) {
                    openStream.close();
                }
            } finally {
            }
        } catch (IOException e) {
            throw new RuntimeException(e);
        }
    }

    private static String getAuthServerUrl() {
        return String.format("%s://%s:%s/auth", AUTH_SERVER_SSL_REQUIRED ? "https" : "http", System.getProperty("auth.server.host", "localhost"), AUTH_SERVER_SSL_REQUIRED ? System.getProperty("auth.server.https.port", "8443") : System.getProperty("auth.server.http.port", "8180"));
    }
}
