package org.keycloak.protocol.oid4vc;

import jakarta.ws.rs.Consumes;
import jakarta.ws.rs.DELETE;
import jakarta.ws.rs.POST;
import jakarta.ws.rs.PUT;
import jakarta.ws.rs.Path;
import jakarta.ws.rs.PathParam;
import jakarta.ws.rs.Produces;
import jakarta.ws.rs.core.Response;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
import java.util.Objects;
import java.util.Optional;
import java.util.UUID;
import java.util.stream.Collectors;
import org.jboss.logging.Logger;
import org.keycloak.models.KeycloakSession;
import org.keycloak.protocol.oid4vc.issuance.OID4VCIssuerWellKnownProvider;
import org.keycloak.protocol.oid4vc.model.OID4VCClient;
import org.keycloak.protocol.oid4vc.model.SupportedCredentialConfiguration;
import org.keycloak.representations.idm.ClientRepresentation;
import org.keycloak.services.ErrorResponseException;
import org.keycloak.services.clientregistration.AbstractClientRegistrationProvider;
import org.keycloak.services.clientregistration.DefaultClientRegistrationContext;
import org.keycloak.utils.MediaType;

/* loaded from: input_file:org/keycloak/protocol/oid4vc/OID4VCClientRegistrationProvider.class */
public class OID4VCClientRegistrationProvider extends AbstractClientRegistrationProvider {
    private static final Logger LOGGER = Logger.getLogger(OID4VCClientRegistrationProvider.class);

    public OID4VCClientRegistrationProvider(KeycloakSession keycloakSession) {
        super(keycloakSession);
    }

    @POST
    @Produces({MediaType.APPLICATION_JSON})
    @Consumes({MediaType.APPLICATION_JSON})
    public Response createOID4VCClient(OID4VCClient oID4VCClient) {
        ClientRepresentation clientRepresentation = toClientRepresentation(oID4VCClient);
        validate(clientRepresentation);
        ClientRepresentation create = create(new DefaultClientRegistrationContext(this.session, clientRepresentation, this));
        return Response.created(this.session.getContext().getUri().getAbsolutePathBuilder().path(create.getClientId()).build(new Object[0])).entity(create).build();
    }

    @Produces({MediaType.APPLICATION_JSON})
    @PUT
    @Path("{clientId}")
    @Consumes({MediaType.APPLICATION_JSON})
    public Response updateOID4VCClient(@PathParam("clientId") String str, OID4VCClient oID4VCClient) {
        oID4VCClient.setClientDid(str);
        ClientRepresentation clientRepresentation = toClientRepresentation(oID4VCClient);
        validate(clientRepresentation);
        return Response.ok(update(str, new DefaultClientRegistrationContext(this.session, clientRepresentation, this))).build();
    }

    @DELETE
    @Path("{clientId}")
    public Response deleteOID4VCClient(@PathParam("clientId") String str) {
        delete(str);
        return Response.noContent().build();
    }

    public static void validate(ClientRepresentation clientRepresentation) {
        String clientId = clientRepresentation.getClientId();
        if (clientId == null) {
            throw new ErrorResponseException("no_did", "A client did needs to be configured for OID4VC clients", Response.Status.BAD_REQUEST);
        }
        if (!clientId.startsWith("did:")) {
            throw new ErrorResponseException("invalid_did", "The client id is not a did.", Response.Status.BAD_REQUEST);
        }
    }

    protected static ClientRepresentation toClientRepresentation(OID4VCClient oID4VCClient) {
        ClientRepresentation clientRepresentation = new ClientRepresentation();
        clientRepresentation.setProtocol(OID4VCLoginProtocolFactory.PROTOCOL_ID);
        clientRepresentation.setId((String) Optional.ofNullable(oID4VCClient.getId()).orElse(UUID.randomUUID().toString()));
        clientRepresentation.setClientId(oID4VCClient.getClientDid());
        Optional ofNullable = Optional.ofNullable(oID4VCClient.getDescription());
        Objects.requireNonNull(clientRepresentation);
        ofNullable.ifPresent(clientRepresentation::setDescription);
        Optional ofNullable2 = Optional.ofNullable(oID4VCClient.getName());
        Objects.requireNonNull(clientRepresentation);
        ofNullable2.ifPresent(clientRepresentation::setName);
        Map map = (Map) oID4VCClient.getSupportedVCTypes().stream().map((v0) -> {
            return v0.toDotNotation();
        }).flatMap(map2 -> {
            return map2.entrySet().stream();
        }).collect(Collectors.toMap(entry -> {
            return "vc." + ((String) entry.getKey());
        }, (v0) -> {
            return v0.getValue();
        }, (str, str2) -> {
            return str;
        }));
        if (!map.isEmpty()) {
            clientRepresentation.setAttributes(map);
        }
        LOGGER.debugf("Generated client representation {}.", clientRepresentation);
        return clientRepresentation;
    }

    public static OID4VCClient fromClientAttributes(String str, Map<String, String> map) {
        OID4VCClient clientDid = new OID4VCClient().setClientDid(str);
        HashSet hashSet = new HashSet();
        HashMap hashMap = new HashMap();
        map.entrySet().forEach(entry -> {
            if (((String) entry.getKey()).startsWith(OID4VCIssuerWellKnownProvider.VC_KEY)) {
                String substring = ((String) entry.getKey()).substring("vc.".length());
                hashSet.add(substring.split("\\.")[0]);
                hashMap.put(substring, (String) entry.getValue());
            }
        });
        return clientDid.setSupportedVCTypes(hashSet.stream().map(str2 -> {
            return SupportedCredentialConfiguration.fromDotNotation(str2, hashMap);
        }).toList());
    }
}
