package org.eclipse.basyx.extensions.shared.authorization.internal;

import java.util.Optional;
import org.eclipse.basyx.vab.coder.json.connector.JSONConnector;
import org.eclipse.basyx.vab.protocol.api.IConnectorFactory;
import org.eclipse.basyx.vab.protocol.http.connector.HTTPConnector;
import org.eclipse.basyx.vab.protocol.http.server.JwtBearerTokenAuthenticationConfiguration;
import org.keycloak.admin.client.Keycloak;
import org.keycloak.admin.client.KeycloakBuilder;

/* loaded from: input_file:jars/basyx.sdk-1.3.0.jar:org/eclipse/basyx/extensions/shared/authorization/internal/KeycloakService.class */
public class KeycloakService {
    private final String serverUrl;
    private final String realm;
    private String clientId;
    private String clientSecret;
    private String userName;
    private String password;

    public KeycloakService(String str, String str2) {
        this.serverUrl = str;
        this.realm = str2;
    }

    public String getRealmUrl() {
        return this.serverUrl + "/realms/" + this.realm;
    }

    public String getCertsEndpoint() {
        return getRealmUrl() + "/protocol/openid-connect/certs";
    }

    public void setCredentials(String str, String str2, String str3, String str4) {
        this.clientId = str;
        this.clientSecret = str2;
        this.userName = str3;
        this.password = str4;
    }

    public IConnectorFactory createConnectorFactory() {
        return str -> {
            return new JSONConnector(new HTTPConnector(str, this::getTokenAsBearer));
        };
    }

    public JwtBearerTokenAuthenticationConfiguration createJwtBearerTokenAuthenticationConfiguration() {
        return JwtBearerTokenAuthenticationConfiguration.of(getRealmUrl(), getCertsEndpoint(), null);
    }

    public Keycloak getKeycloak() {
        return KeycloakBuilder.builder().serverUrl(this.serverUrl).realm(this.realm).grantType("password").clientId(this.clientId).clientSecret(this.clientSecret).username(this.userName).password(this.password).build();
    }

    public Optional<String> getTokenAsBearer() {
        return getToken().map(str -> {
            return "Bearer " + str;
        });
    }

    public Optional<String> getToken() {
        return Optional.ofNullable(getKeycloak().tokenManager().getAccessToken().getToken());
    }
}
