package org.keycloak.test.framework.oauth;

import com.nimbusds.oauth2.sdk.AuthorizationCode;
import com.nimbusds.oauth2.sdk.AuthorizationCodeGrant;
import com.nimbusds.oauth2.sdk.AuthorizationRequest;
import com.nimbusds.oauth2.sdk.ClientCredentialsGrant;
import com.nimbusds.oauth2.sdk.GeneralException;
import com.nimbusds.oauth2.sdk.ResponseType;
import com.nimbusds.oauth2.sdk.TokenIntrospectionRequest;
import com.nimbusds.oauth2.sdk.TokenIntrospectionResponse;
import com.nimbusds.oauth2.sdk.TokenRequest;
import com.nimbusds.oauth2.sdk.TokenResponse;
import com.nimbusds.oauth2.sdk.TokenRevocationRequest;
import com.nimbusds.oauth2.sdk.auth.ClientAuthentication;
import com.nimbusds.oauth2.sdk.auth.ClientSecretBasic;
import com.nimbusds.oauth2.sdk.auth.Secret;
import com.nimbusds.oauth2.sdk.http.HTTPResponse;
import com.nimbusds.oauth2.sdk.id.ClientID;
import com.nimbusds.oauth2.sdk.id.Issuer;
import com.nimbusds.oauth2.sdk.id.State;
import com.nimbusds.oauth2.sdk.token.AccessToken;
import com.nimbusds.openid.connect.sdk.op.OIDCProviderMetadata;
import java.io.IOException;
import java.net.URI;
import java.net.URL;
import java.util.List;
import org.keycloak.representations.idm.ClientRepresentation;
import org.keycloak.test.framework.realm.ClientConfig;
import org.keycloak.test.framework.realm.ManagedClient;
import org.keycloak.test.framework.realm.ManagedRealm;
import org.keycloak.test.framework.util.ApiUtil;

/* loaded from: input_file:org/keycloak/test/framework/oauth/OAuthClient.class */
public class OAuthClient {
    private final ManagedRealm realm;
    private final ManagedClient client;
    private final OAuthCallbackServer callbackServer = new OAuthCallbackServer();
    private OIDCProviderMetadata oidcProviderMetadata;

    public OAuthClient(ManagedRealm managedRealm, ClientConfig clientConfig) {
        this.realm = managedRealm;
        this.client = registerClient(clientConfig);
    }

    private ManagedClient registerClient(ClientConfig clientConfig) {
        ClientRepresentation representation = clientConfig.getRepresentation();
        String handleCreatedResponse = ApiUtil.handleCreatedResponse(this.realm.admin().clients().create(representation));
        representation.setId(handleCreatedResponse);
        return new ManagedClient(representation, this.realm.admin().clients().get(handleCreatedResponse));
    }

    public TokenResponse clientCredentialGrant() throws IOException, GeneralException {
        ClientCredentialsGrant clientCredentialsGrant = new ClientCredentialsGrant();
        return TokenResponse.parse(new TokenRequest(getOIDCProviderMetadata().getTokenEndpointURI(), getClientAuthentication(), clientCredentialsGrant).toHTTPRequest().send());
    }

    public TokenResponse tokenRequest(AuthorizationCode authorizationCode) throws IOException, GeneralException {
        AuthorizationCodeGrant authorizationCodeGrant = new AuthorizationCodeGrant(authorizationCode, this.callbackServer.getRedirectionUri());
        return TokenResponse.parse(new TokenRequest(getOIDCProviderMetadata().getTokenEndpointURI(), getClientAuthentication(), authorizationCodeGrant).toHTTPRequest().send());
    }

    public TokenIntrospectionResponse introspection(AccessToken accessToken) throws IOException, GeneralException {
        return TokenIntrospectionResponse.parse(new TokenIntrospectionRequest(getOIDCProviderMetadata().getIntrospectionEndpointURI(), getClientAuthentication(), accessToken).toHTTPRequest().send());
    }

    public HTTPResponse revokeAccessToken(AccessToken accessToken) throws GeneralException, IOException {
        return new TokenRevocationRequest(getOIDCProviderMetadata().getRevocationEndpointURI(), getClientAuthentication(), accessToken).toHTTPRequest().send();
    }

    public URL authorizationRequest() throws IOException, GeneralException {
        return new AuthorizationRequest.Builder(new ResponseType(new ResponseType.Value[]{ResponseType.Value.CODE}), new ClientID(this.client.getClientId())).state(new State()).redirectionURI(this.callbackServer.getRedirectionUri()).endpointURI(getOIDCProviderMetadata().getAuthorizationEndpointURI()).build().toURI().toURL();
    }

    public List<URI> getCallbacks() {
        return this.callbackServer.getCallbacks();
    }

    public void close() {
        this.client.admin().remove();
        this.callbackServer.close();
    }

    private ClientAuthentication getClientAuthentication() {
        return new ClientSecretBasic(new ClientID(this.client.getClientId()), new Secret(this.client.getSecret()));
    }

    private OIDCProviderMetadata getOIDCProviderMetadata() throws GeneralException, IOException {
        if (this.oidcProviderMetadata == null) {
            this.oidcProviderMetadata = OIDCProviderMetadata.resolve(new Issuer(this.realm.getBaseUrl()));
        }
        return this.oidcProviderMetadata;
    }
}
