package io.quarkus.oidc.deployment.devservices.keycloak;

import io.quarkus.deployment.IsDockerWorking;
import io.quarkus.deployment.IsNormal;
import io.quarkus.deployment.annotations.BuildProducer;
import io.quarkus.deployment.annotations.BuildStep;
import io.quarkus.deployment.builditem.CuratedApplicationShutdownBuildItem;
import io.quarkus.deployment.builditem.DevServicesConfigResultBuildItem;
import io.quarkus.deployment.builditem.DevServicesSharedNetworkBuildItem;
import io.quarkus.deployment.builditem.LaunchModeBuildItem;
import io.quarkus.deployment.console.ConsoleInstalledBuildItem;
import io.quarkus.deployment.console.StartupLogCompressor;
import io.quarkus.deployment.dev.devservices.GlobalDevServicesConfig;
import io.quarkus.deployment.logging.LoggingSetupBuildItem;
import io.quarkus.devservices.common.ConfigureUtil;
import io.quarkus.devservices.common.ContainerAddress;
import io.quarkus.devservices.common.ContainerLocator;
import io.quarkus.oidc.deployment.OidcBuildStep;
import io.quarkus.oidc.deployment.devservices.OidcDevServicesBuildItem;
import io.quarkus.oidc.deployment.devservices.OidcDevServicesUtils;
import io.quarkus.runtime.LaunchMode;
import io.quarkus.runtime.configuration.ConfigUtils;
import io.vertx.core.Vertx;
import io.vertx.core.buffer.Buffer;
import io.vertx.core.http.HttpHeaders;
import io.vertx.core.json.JsonObject;
import io.vertx.mutiny.ext.web.client.HttpResponse;
import io.vertx.mutiny.ext.web.client.WebClient;
import java.io.Closeable;
import java.io.IOException;
import java.io.InputStream;
import java.io.UncheckedIOException;
import java.net.MalformedURLException;
import java.net.ServerSocket;
import java.net.URI;
import java.net.URL;
import java.nio.file.Files;
import java.nio.file.LinkOption;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.nio.file.attribute.FileTime;
import java.time.Duration;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Optional;
import java.util.OptionalInt;
import java.util.stream.Collectors;
import org.eclipse.microprofile.config.ConfigProvider;
import org.jboss.logging.Logger;
import org.keycloak.representations.idm.ClientRepresentation;
import org.keycloak.representations.idm.CredentialRepresentation;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.representations.idm.RoleRepresentation;
import org.keycloak.representations.idm.RolesRepresentation;
import org.keycloak.representations.idm.UserRepresentation;
import org.keycloak.util.JsonSerialization;
import org.testcontainers.containers.BindMode;
import org.testcontainers.containers.GenericContainer;
import org.testcontainers.containers.wait.strategy.Wait;
import org.testcontainers.utility.DockerImageName;

/* loaded from: input_file:io/quarkus/oidc/deployment/devservices/keycloak/KeycloakDevServicesProcessor.class */
public class KeycloakDevServicesProcessor {
    static volatile DevServicesConfig capturedDevServicesConfiguration;
    static volatile Vertx vertxInstance;
    private static final String CONFIG_PREFIX = "quarkus.oidc.";
    private static final String TENANT_ENABLED_CONFIG_KEY = "quarkus.oidc.tenant-enabled";
    private static final String AUTH_SERVER_URL_CONFIG_KEY = "quarkus.oidc.auth-server-url";
    private static final String CLIENT_AUTH_SERVER_URL_CONFIG_KEY = "client.quarkus.oidc.auth-server-url";
    private static final String APPLICATION_TYPE_CONFIG_KEY = "quarkus.oidc.application-type";
    private static final String CLIENT_ID_CONFIG_KEY = "quarkus.oidc.client-id";
    private static final String CLIENT_SECRET_CONFIG_KEY = "quarkus.oidc.credentials.secret";
    private static final String KEYCLOAK_URL_KEY = "keycloak.url";
    private static final String KEYCLOAK_REALM_KEY = "keycloak.realm";
    private static final String KEYCLOAK_X_IMAGE_NAME = "keycloak-x";
    private static final String KEYCLOAK_ADMIN_USER = "admin";
    private static final String KEYCLOAK_ADMIN_PASSWORD = "admin";
    private static final String KEYCLOAK_FRONTEND_URL = "KEYCLOAK_FRONTEND_URL";
    private static final String KEYCLOAK_WILDFLY_USER_PROP = "KEYCLOAK_USER";
    private static final String KEYCLOAK_WILDFLY_PASSWORD_PROP = "KEYCLOAK_PASSWORD";
    private static final String KEYCLOAK_WILDFLY_IMPORT_PROP = "KEYCLOAK_IMPORT";
    private static final String KEYCLOAK_WILDFLY_DB_VENDOR = "H2";
    private static final String KEYCLOAK_WILDFLY_VENDOR_PROP = "DB_VENDOR";
    private static final String KEYCLOAK_QUARKUS_ADMIN_PROP = "KEYCLOAK_ADMIN";
    private static final String KEYCLOAK_QUARKUS_ADMIN_PASSWORD_PROP = "KEYCLOAK_ADMIN_PASSWORD";
    private static final String JAVA_OPTS = "JAVA_OPTS";
    private static final String KEYCLOAK_DOCKER_REALM_PATH = "/tmp/realm.json";
    private static final String OIDC_USERS = "oidc.users";
    private static volatile List<Closeable> closeables;
    private static volatile String capturedKeycloakInternalURL;
    private static volatile String capturedKeycloakHostURL;
    private static volatile FileTime capturedRealmFileLastModifiedDate;
    private final IsDockerWorking isDockerWorking = new IsDockerWorking(true);
    private static volatile KeycloakDevServicesConfigBuildItem existingDevServiceConfig;
    private static final Logger LOG = Logger.getLogger(KeycloakDevServicesProcessor.class);
    private static final String DEV_SERVICE_LABEL = "quarkus-dev-service-keycloak";
    private static final int KEYCLOAK_PORT = 8080;
    private static final ContainerLocator keycloakDevModeContainerLocator = new ContainerLocator(DEV_SERVICE_LABEL, KEYCLOAK_PORT);
    private static volatile boolean first = true;

    /* loaded from: input_file:io/quarkus/oidc/deployment/devservices/keycloak/KeycloakDevServicesProcessor$QuarkusOidcContainer.class */
    private static class QuarkusOidcContainer extends GenericContainer {
        private final OptionalInt fixedExposedPort;
        private final boolean useSharedNetwork;
        private final Optional<String> configuredRealmName;
        private final Optional<String> realmPath;
        private final String containerLabelValue;
        private final Optional<String> javaOpts;
        private final boolean sharedContainer;
        private boolean realmFileExists;
        private String hostName;
        private String realmNameToUse;
        private final boolean keycloakX;

        public QuarkusOidcContainer(DockerImageName dockerImageName, OptionalInt optionalInt, boolean z, Optional<String> optional, Optional<String> optional2, String str, boolean z2, Optional<String> optional3) {
            super(dockerImageName);
            this.hostName = null;
            this.useSharedNetwork = z;
            this.configuredRealmName = optional;
            this.realmPath = optional2;
            this.containerLabelValue = str;
            this.sharedContainer = z2;
            this.javaOpts = optional3;
            this.keycloakX = KeycloakDevServicesProcessor.isKeycloakX(dockerImageName);
            if (z2 && optionalInt.isEmpty()) {
                optionalInt = OptionalInt.of(findRandomPort().intValue());
            }
            this.fixedExposedPort = optionalInt;
        }

        protected void configure() {
            super.configure();
            if (this.useSharedNetwork) {
                this.hostName = ConfigureUtil.configureSharedNetwork(this, "keycloak");
                addEnv(KeycloakDevServicesProcessor.KEYCLOAK_FRONTEND_URL, "http://localhost:" + this.fixedExposedPort.getAsInt());
            }
            if (this.fixedExposedPort.isPresent()) {
                addFixedExposedPort(this.fixedExposedPort.getAsInt(), KeycloakDevServicesProcessor.KEYCLOAK_PORT);
            } else {
                addExposedPort(Integer.valueOf(KeycloakDevServicesProcessor.KEYCLOAK_PORT));
            }
            if (this.sharedContainer && LaunchMode.current() == LaunchMode.DEVELOPMENT) {
                withLabel(KeycloakDevServicesProcessor.DEV_SERVICE_LABEL, this.containerLabelValue);
            }
            if (this.javaOpts.isPresent()) {
                addEnv(KeycloakDevServicesProcessor.JAVA_OPTS, this.javaOpts.get());
            }
            if (this.keycloakX) {
                addEnv(KeycloakDevServicesProcessor.KEYCLOAK_QUARKUS_ADMIN_PROP, "admin");
                addEnv(KeycloakDevServicesProcessor.KEYCLOAK_QUARKUS_ADMIN_PASSWORD_PROP, "admin");
                withCommand("--http-enabled=true");
            } else {
                addEnv(KeycloakDevServicesProcessor.KEYCLOAK_WILDFLY_USER_PROP, "admin");
                addEnv(KeycloakDevServicesProcessor.KEYCLOAK_WILDFLY_PASSWORD_PROP, "admin");
                addEnv(KeycloakDevServicesProcessor.KEYCLOAK_WILDFLY_VENDOR_PROP, KeycloakDevServicesProcessor.KEYCLOAK_WILDFLY_DB_VENDOR);
            }
            if (this.realmPath.isPresent()) {
                if (this.keycloakX) {
                    KeycloakDevServicesProcessor.LOG.infof("Auto-importing the realm file %s to Keycloak-X is currently not supported. Please select a DevUI 'Keycloak Admin' option, login to Keycloak as 'admin:admin' and import this realm file", this.realmPath.get());
                } else {
                    URL resource = Thread.currentThread().getContextClassLoader().getResource(this.realmPath.get());
                    if (resource != null) {
                        this.realmFileExists = true;
                        this.realmNameToUse = this.configuredRealmName.isPresent() ? null : getRealmNameFromRealmFile(resource, this.realmPath.get());
                        withClasspathResourceMapping(this.realmPath.get(), KeycloakDevServicesProcessor.KEYCLOAK_DOCKER_REALM_PATH, BindMode.READ_ONLY);
                    } else {
                        Path path = Paths.get(this.realmPath.get(), new String[0]);
                        if (Files.exists(path, new LinkOption[0])) {
                            this.realmFileExists = true;
                            withFileSystemBind(this.realmPath.get(), KeycloakDevServicesProcessor.KEYCLOAK_DOCKER_REALM_PATH, BindMode.READ_ONLY);
                            this.realmNameToUse = this.configuredRealmName.isPresent() ? null : getRealmNameFromRealmFile(path.toUri(), this.realmPath.get());
                        } else {
                            KeycloakDevServicesProcessor.LOG.debugf("Realm %s resource is not available", this.realmPath.get());
                        }
                    }
                }
            }
            if (this.realmFileExists && !this.keycloakX) {
                addEnv(KeycloakDevServicesProcessor.KEYCLOAK_WILDFLY_IMPORT_PROP, KeycloakDevServicesProcessor.KEYCLOAK_DOCKER_REALM_PATH);
            }
            KeycloakDevServicesProcessor.LOG.infof("Using %s powered Keycloak distribution", this.keycloakX ? "Quarkus" : "WildFly");
            super.setWaitStrategy(Wait.forLogMessage(".*Keycloak.*started.*", 1));
        }

        private Integer findRandomPort() {
            try {
                ServerSocket serverSocket = new ServerSocket(0);
                try {
                    Integer valueOf = Integer.valueOf(serverSocket.getLocalPort());
                    serverSocket.close();
                    return valueOf;
                } finally {
                }
            } catch (IOException e) {
                throw new UncheckedIOException(e);
            }
        }

        private String getRealmNameFromRealmFile(URI uri, String str) {
            try {
                return getRealmNameFromRealmFile(uri.toURL(), str);
            } catch (MalformedURLException e) {
                throw new RuntimeException(e);
            }
        }

        private String getRealmNameFromRealmFile(URL url, String str) {
            try {
                InputStream openStream = url.openStream();
                try {
                    String string = new JsonObject(Buffer.buffer(openStream.readAllBytes())).getString("realm");
                    if (openStream != null) {
                        openStream.close();
                    }
                    return string;
                } finally {
                }
            } catch (IOException e) {
                KeycloakDevServicesProcessor.LOG.errorf("Realm %s resource can not be opened: %s", str, e.getMessage());
                return null;
            }
        }

        public String getHost() {
            return this.useSharedNetwork ? this.hostName : super.getHost();
        }

        public int getPort() {
            return this.useSharedNetwork ? KeycloakDevServicesProcessor.KEYCLOAK_PORT : this.fixedExposedPort.isPresent() ? this.fixedExposedPort.getAsInt() : getFirstMappedPort().intValue();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:io/quarkus/oidc/deployment/devservices/keycloak/KeycloakDevServicesProcessor$StartResult.class */
    public static class StartResult {
        private final String internalURL;
        private final String hostURL;
        private final boolean createDefaultRealm;
        private final String realmNameToUse;
        private final Closeable closeable;

        public StartResult(String str, String str2, boolean z, String str3, Closeable closeable) {
            this.internalURL = str;
            this.hostURL = str2;
            this.createDefaultRealm = z;
            this.realmNameToUse = str3;
            this.closeable = closeable;
        }
    }

    @BuildStep(onlyIfNot = {IsNormal.class}, onlyIf = {OidcBuildStep.IsEnabled.class, GlobalDevServicesConfig.Enabled.class})
    public KeycloakDevServicesConfigBuildItem startKeycloakContainer(List<DevServicesSharedNetworkBuildItem> list, BuildProducer<DevServicesConfigResultBuildItem> buildProducer, Optional<OidcDevServicesBuildItem> optional, KeycloakBuildTimeConfig keycloakBuildTimeConfig, CuratedApplicationShutdownBuildItem curatedApplicationShutdownBuildItem, LaunchModeBuildItem launchModeBuildItem, Optional<ConsoleInstalledBuildItem> optional2, LoggingSetupBuildItem loggingSetupBuildItem, GlobalDevServicesConfig globalDevServicesConfig) {
        FileTime realmFileLastModifiedDate;
        if (optional.isPresent()) {
            return null;
        }
        DevServicesConfig devServicesConfig = keycloakBuildTimeConfig.devservices;
        if (closeables != null) {
            boolean z = !devServicesConfig.equals(capturedDevServicesConfiguration);
            if (!z && (realmFileLastModifiedDate = getRealmFileLastModifiedDate(devServicesConfig.realmPath)) != null && !realmFileLastModifiedDate.equals(capturedRealmFileLastModifiedDate)) {
                z = true;
                capturedRealmFileLastModifiedDate = realmFileLastModifiedDate;
            }
            if (!z) {
                return existingDevServiceConfig;
            }
            Iterator<Closeable> it = closeables.iterator();
            while (it.hasNext()) {
                try {
                    it.next().close();
                } catch (Throwable th) {
                    LOG.error("Failed to stop Keycloak container", th);
                }
            }
            closeables = null;
            capturedDevServicesConfiguration = null;
            capturedKeycloakInternalURL = null;
            existingDevServiceConfig = null;
        }
        capturedDevServicesConfiguration = devServicesConfig;
        StartupLogCompressor startupLogCompressor = new StartupLogCompressor((launchModeBuildItem.isTest() ? "(test) " : "") + "KeyCloak Dev Services Starting:", optional2, loggingSetupBuildItem);
        try {
            StartResult startContainer = startContainer(!list.isEmpty(), globalDevServicesConfig.timeout);
            if (startContainer == null) {
                startupLogCompressor.close();
                return null;
            }
            closeables = startContainer.closeable != null ? Collections.singletonList(startContainer.closeable) : null;
            if (first) {
                first = false;
                curatedApplicationShutdownBuildItem.addCloseTask(new Runnable() { // from class: io.quarkus.oidc.deployment.devservices.keycloak.KeycloakDevServicesProcessor.1
                    @Override // java.lang.Runnable
                    public void run() {
                        if (KeycloakDevServicesProcessor.closeables != null) {
                            Iterator<Closeable> it2 = KeycloakDevServicesProcessor.closeables.iterator();
                            while (it2.hasNext()) {
                                try {
                                    it2.next().close();
                                } catch (Throwable th2) {
                                    KeycloakDevServicesProcessor.LOG.error("Failed to stop Keycloak container", th2);
                                }
                            }
                        }
                        if (KeycloakDevServicesProcessor.vertxInstance != null) {
                            try {
                                KeycloakDevServicesProcessor.vertxInstance.close();
                            } catch (Throwable th3) {
                                KeycloakDevServicesProcessor.LOG.error("Failed to close Vertx instance", th3);
                            }
                        }
                        KeycloakDevServicesProcessor.first = true;
                        KeycloakDevServicesProcessor.closeables = null;
                        KeycloakDevServicesProcessor.capturedDevServicesConfiguration = null;
                        KeycloakDevServicesProcessor.vertxInstance = null;
                        KeycloakDevServicesProcessor.capturedRealmFileLastModifiedDate = null;
                    }
                }, true);
            }
            capturedKeycloakInternalURL = startContainer.internalURL;
            capturedKeycloakHostURL = startContainer.hostURL;
            if (vertxInstance == null) {
                vertxInstance = Vertx.vertx();
            }
            capturedRealmFileLastModifiedDate = getRealmFileLastModifiedDate(capturedDevServicesConfiguration.realmPath);
            startupLogCompressor.close();
            LOG.info("Dev Services for Keycloak started.");
            return prepareConfiguration(capturedDevServicesConfiguration.createRealm && startContainer.createDefaultRealm, startContainer.realmNameToUse, buildProducer);
        } catch (Throwable th2) {
            startupLogCompressor.closeAndDumpCaptured();
            throw new RuntimeException(th2);
        }
    }

    private String startURL(String str, Integer num, boolean z) {
        return "http://" + str + ":" + num + (z ? "" : "/auth");
    }

    private KeycloakDevServicesConfigBuildItem prepareConfiguration(boolean z, String str, BuildProducer<DevServicesConfigResultBuildItem> buildProducer) {
        String defaultRealmName = str != null ? str : getDefaultRealmName();
        String realmsURL = realmsURL(capturedKeycloakInternalURL, defaultRealmName);
        String realmsURL2 = capturedKeycloakHostURL != null ? realmsURL(capturedKeycloakHostURL, defaultRealmName) : realmsURL(capturedKeycloakInternalURL, defaultRealmName);
        String oidcClientId = getOidcClientId();
        String oidcClientSecret = getOidcClientSecret();
        String oidcApplicationType = getOidcApplicationType();
        Map<String, String> users = getUsers(capturedDevServicesConfiguration.users, z);
        if (z) {
            createRealm(capturedKeycloakInternalURL, users, oidcClientId, oidcClientSecret);
        }
        buildProducer.produce(new DevServicesConfigResultBuildItem(KEYCLOAK_URL_KEY, capturedKeycloakInternalURL));
        buildProducer.produce(new DevServicesConfigResultBuildItem(AUTH_SERVER_URL_CONFIG_KEY, realmsURL));
        buildProducer.produce(new DevServicesConfigResultBuildItem(CLIENT_AUTH_SERVER_URL_CONFIG_KEY, realmsURL2));
        buildProducer.produce(new DevServicesConfigResultBuildItem(APPLICATION_TYPE_CONFIG_KEY, oidcApplicationType));
        buildProducer.produce(new DevServicesConfigResultBuildItem(CLIENT_ID_CONFIG_KEY, oidcClientId));
        buildProducer.produce(new DevServicesConfigResultBuildItem(CLIENT_SECRET_CONFIG_KEY, oidcClientSecret));
        HashMap hashMap = new HashMap();
        hashMap.put(KEYCLOAK_URL_KEY, capturedKeycloakInternalURL);
        hashMap.put(KEYCLOAK_REALM_KEY, defaultRealmName);
        hashMap.put(AUTH_SERVER_URL_CONFIG_KEY, realmsURL);
        hashMap.put(APPLICATION_TYPE_CONFIG_KEY, oidcApplicationType);
        hashMap.put(CLIENT_ID_CONFIG_KEY, oidcClientId);
        hashMap.put(CLIENT_SECRET_CONFIG_KEY, oidcClientSecret);
        hashMap.put(OIDC_USERS, users);
        existingDevServiceConfig = new KeycloakDevServicesConfigBuildItem(hashMap);
        return existingDevServiceConfig;
    }

    private String realmsURL(String str, String str2) {
        return str + "/realms/" + str2;
    }

    private String getDefaultRealmName() {
        return capturedDevServicesConfiguration.realmName.orElse("quarkus");
    }

    private StartResult startContainer(boolean z, Optional<Duration> optional) {
        if (!capturedDevServicesConfiguration.enabled) {
            LOG.debug("Not starting Dev Services for Keycloak as it has been disabled in the config");
            return null;
        }
        if (!isOidcTenantEnabled()) {
            LOG.debug("Not starting Dev Services for Keycloak as 'quarkus.oidc.tenant.enabled' is false");
            return null;
        }
        if (ConfigUtils.isPropertyPresent(AUTH_SERVER_URL_CONFIG_KEY)) {
            LOG.debug("Not starting Dev Services for Keycloak as 'quarkus.oidc.auth-server-url' has been provided");
            return null;
        }
        if (!this.isDockerWorking.getAsBoolean()) {
            LOG.warn("Please configure 'quarkus.oidc.auth-server-url' or get a working docker instance");
            return null;
        }
        Optional locateContainer = keycloakDevModeContainerLocator.locateContainer(capturedDevServicesConfiguration.serviceName, capturedDevServicesConfiguration.shared, LaunchMode.current());
        String str = capturedDevServicesConfiguration.imageName;
        DockerImageName asCompatibleSubstituteFor = DockerImageName.parse(str).asCompatibleSubstituteFor(str);
        return (StartResult) locateContainer.map(containerAddress -> {
            return new StartResult(getSharedContainerUrl(containerAddress), getSharedContainerUrl(containerAddress), false, null, null);
        }).orElseGet(() -> {
            final QuarkusOidcContainer quarkusOidcContainer = new QuarkusOidcContainer(asCompatibleSubstituteFor, capturedDevServicesConfiguration.port, z, capturedDevServicesConfiguration.realmName, capturedDevServicesConfiguration.realmPath, capturedDevServicesConfiguration.serviceName, capturedDevServicesConfiguration.shared, capturedDevServicesConfiguration.javaOpts);
            Objects.requireNonNull(quarkusOidcContainer);
            optional.ifPresent(quarkusOidcContainer::withStartupTimeout);
            quarkusOidcContainer.start();
            return new StartResult(startURL(quarkusOidcContainer.getHost(), Integer.valueOf(quarkusOidcContainer.getPort()), quarkusOidcContainer.keycloakX), quarkusOidcContainer.useSharedNetwork ? startURL("localhost", Integer.valueOf(quarkusOidcContainer.fixedExposedPort.getAsInt()), quarkusOidcContainer.keycloakX) : null, !quarkusOidcContainer.realmFileExists, quarkusOidcContainer.realmNameToUse, new Closeable() { // from class: io.quarkus.oidc.deployment.devservices.keycloak.KeycloakDevServicesProcessor.2
                @Override // java.io.Closeable, java.lang.AutoCloseable
                public void close() {
                    quarkusOidcContainer.close();
                    KeycloakDevServicesProcessor.LOG.info("Dev Services for Keycloak shut down.");
                }
            });
        });
    }

    private static boolean isKeycloakX(DockerImageName dockerImageName) {
        return capturedDevServicesConfiguration.keycloakXImage.isPresent() ? capturedDevServicesConfiguration.keycloakXImage.get().booleanValue() : dockerImageName.getUnversionedPart().contains(KEYCLOAK_X_IMAGE_NAME);
    }

    private String getSharedContainerUrl(ContainerAddress containerAddress) {
        return "http://" + ("0.0.0.0".equals(containerAddress.getHost()) ? "localhost" : containerAddress.getHost()) + ":" + containerAddress.getPort();
    }

    private FileTime getRealmFileLastModifiedDate(Optional<String> optional) {
        if (!optional.isPresent()) {
            return null;
        }
        Path path = Paths.get(optional.get(), new String[0]);
        try {
            return Files.getLastModifiedTime(path, new LinkOption[0]);
        } catch (IOException e) {
            LOG.tracef("Unable to get the last modified date of the realm file %s", path);
            return null;
        }
    }

    private void createRealm(String str, Map<String, String> map, String str2, String str3) {
        RealmRepresentation createRealmRep = createRealmRep();
        createRealmRep.getClients().add(createClient(str2, str3));
        for (Map.Entry<String, String> entry : map.entrySet()) {
            createRealmRep.getUsers().add(createUser(entry.getKey(), entry.getValue(), getUserRoles(entry.getKey())));
        }
        WebClient createWebClient = OidcDevServicesUtils.createWebClient(vertxInstance);
        try {
            try {
                HttpResponse httpResponse = (HttpResponse) createWebClient.postAbs(str + "/admin/realms").putHeader(HttpHeaders.CONTENT_TYPE.toString(), "application/json").putHeader(HttpHeaders.AUTHORIZATION.toString(), "Bearer " + OidcDevServicesUtils.getPasswordAccessToken(createWebClient, str + "/realms/master/protocol/openid-connect/token", "admin-cli", null, "admin", "admin", null, capturedDevServicesConfiguration.webClienTimeout)).sendBuffer(io.vertx.mutiny.core.buffer.Buffer.buffer().appendString(JsonSerialization.writeValueAsString(createRealmRep))).await().atMost(capturedDevServicesConfiguration.webClienTimeout);
                if (httpResponse.statusCode() > 299) {
                    LOG.errorf("Realm %s can not be created %d - %s ", createRealmRep.getRealm(), Integer.valueOf(httpResponse.statusCode()), httpResponse.statusMessage());
                }
            } catch (Throwable th) {
                LOG.errorf("Realm %s can not be created: %s", createRealmRep.getRealm(), th.getMessage());
                createWebClient.close();
            }
        } finally {
            createWebClient.close();
        }
    }

    private Map<String, String> getUsers(Map<String, String> map, boolean z) {
        if (!map.isEmpty() || !z) {
            return map;
        }
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        linkedHashMap.put("alice", "alice");
        linkedHashMap.put("bob", "bob");
        return linkedHashMap;
    }

    private String[] getUserRoles(String str) {
        String str2 = capturedDevServicesConfiguration.roles.get(str);
        return str2 == null ? "alice".equals(str) ? new String[]{"admin", "user"} : new String[]{"user"} : str2.split(",");
    }

    private RealmRepresentation createRealmRep() {
        RealmRepresentation realmRepresentation = new RealmRepresentation();
        realmRepresentation.setRealm(getDefaultRealmName());
        realmRepresentation.setEnabled(true);
        realmRepresentation.setUsers(new ArrayList());
        realmRepresentation.setClients(new ArrayList());
        RolesRepresentation rolesRepresentation = new RolesRepresentation();
        rolesRepresentation.setRealm(new ArrayList());
        realmRepresentation.setRoles(rolesRepresentation);
        if (capturedDevServicesConfiguration.roles.isEmpty()) {
            realmRepresentation.getRoles().getRealm().add(new RoleRepresentation("user", (String) null, false));
            realmRepresentation.getRoles().getRealm().add(new RoleRepresentation("admin", (String) null, false));
        } else {
            Iterator it = ((List) capturedDevServicesConfiguration.roles.values().stream().distinct().collect(Collectors.toList())).iterator();
            while (it.hasNext()) {
                realmRepresentation.getRoles().getRealm().add(new RoleRepresentation((String) it.next(), (String) null, false));
            }
        }
        return realmRepresentation;
    }

    private ClientRepresentation createClient(String str, String str2) {
        ClientRepresentation clientRepresentation = new ClientRepresentation();
        clientRepresentation.setClientId(str);
        clientRepresentation.setRedirectUris(List.of("*"));
        clientRepresentation.setPublicClient(false);
        clientRepresentation.setSecret(str2);
        clientRepresentation.setDirectAccessGrantsEnabled(true);
        clientRepresentation.setServiceAccountsEnabled(true);
        clientRepresentation.setImplicitFlowEnabled(true);
        clientRepresentation.setEnabled(true);
        clientRepresentation.setRedirectUris(List.of("*"));
        clientRepresentation.setDefaultClientScopes(List.of("microprofile-jwt"));
        return clientRepresentation;
    }

    private UserRepresentation createUser(String str, String str2, String... strArr) {
        UserRepresentation userRepresentation = new UserRepresentation();
        userRepresentation.setUsername(str);
        userRepresentation.setEnabled(true);
        userRepresentation.setCredentials(new ArrayList());
        userRepresentation.setRealmRoles(List.of((Object[]) strArr));
        CredentialRepresentation credentialRepresentation = new CredentialRepresentation();
        credentialRepresentation.setType("password");
        credentialRepresentation.setValue(str2);
        credentialRepresentation.setTemporary(false);
        userRepresentation.getCredentials().add(credentialRepresentation);
        return userRepresentation;
    }

    private static boolean isOidcTenantEnabled() {
        return ((Boolean) ConfigProvider.getConfig().getOptionalValue(TENANT_ENABLED_CONFIG_KEY, Boolean.class).orElse(true)).booleanValue();
    }

    private static String getOidcApplicationType() {
        return (String) ConfigProvider.getConfig().getOptionalValue(APPLICATION_TYPE_CONFIG_KEY, String.class).orElse("service");
    }

    private static String getOidcClientId() {
        return (String) ConfigProvider.getConfig().getOptionalValue(CLIENT_ID_CONFIG_KEY, String.class).orElse("quarkus-app");
    }

    private static String getOidcClientSecret() {
        return (String) ConfigProvider.getConfig().getOptionalValue(CLIENT_SECRET_CONFIG_KEY, String.class).orElse("secret");
    }
}
