package net.n2oapp.security.admin.sso.keycloak;

import java.util.Set;
import net.n2oapp.security.admin.api.provider.SsoUserRoleProvider;
import net.n2oapp.security.admin.impl.provider.SimpleSsoUserRoleProvider;
import net.n2oapp.security.admin.sso.keycloak.synchronization.UserSynchronizeJob;
import org.quartz.CronScheduleBuilder;
import org.quartz.JobBuilder;
import org.quartz.JobDataMap;
import org.quartz.JobDetail;
import org.quartz.JobKey;
import org.quartz.Scheduler;
import org.quartz.SchedulerException;
import org.quartz.TriggerBuilder;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.DependsOn;
import org.springframework.scheduling.quartz.SchedulerFactoryBean;
import org.springframework.security.oauth2.client.OAuth2RestOperations;
import org.springframework.security.oauth2.client.OAuth2RestTemplate;
import org.springframework.security.oauth2.client.token.grant.client.ClientCredentialsResourceDetails;
import org.springframework.transaction.PlatformTransactionManager;
import org.springframework.transaction.support.TransactionTemplate;
import org.springframework.web.client.RestOperations;

@DependsOn({"liquibase"})
@EnableConfigurationProperties({AdminSsoKeycloakProperties.class})
@Configuration
/* loaded from: input_file:net/n2oapp/security/admin/sso/keycloak/SsoKeycloakConfiguration.class */
public class SsoKeycloakConfiguration {
    public static final String USER_SYNCHRONIZE_JOB_DETAIL = "User_Synchronize_Job_Detail";
    private static final String USER_SYNCHRONIZE_TRIGGER = "User_Synchronize_Trigger";

    @Autowired
    private AdminSsoKeycloakProperties properties;

    @Bean
    @ConditionalOnExpression("${access.keycloak.sync-persistence-enabled:true}")
    SsoUserRoleProvider ssoUserRoleProvider(AdminSsoKeycloakProperties adminSsoKeycloakProperties) {
        return new KeycloakSsoUserRoleProvider(adminSsoKeycloakProperties);
    }

    @Bean
    @ConditionalOnExpression("${access.keycloak.sync-persistence-enabled:false}")
    SsoUserRoleProvider ssoUserRoleProvider() {
        return new SimpleSsoUserRoleProvider();
    }

    @Bean
    KeycloakRestRoleService keycloakRestRoleService(AdminSsoKeycloakProperties adminSsoKeycloakProperties, @Qualifier("keycloakRestTemplate") RestOperations restOperations) {
        return new KeycloakRestRoleService(adminSsoKeycloakProperties, restOperations);
    }

    @Bean
    KeycloakRestUserService keycloakRestUserService(AdminSsoKeycloakProperties adminSsoKeycloakProperties, @Qualifier("keycloakRestTemplate") RestOperations restOperations, KeycloakRestRoleService keycloakRestRoleService) {
        return new KeycloakRestUserService(adminSsoKeycloakProperties, restOperations, keycloakRestRoleService);
    }

    @Bean
    OAuth2RestOperations keycloakRestTemplate(AdminSsoKeycloakProperties adminSsoKeycloakProperties) {
        ClientCredentialsResourceDetails clientCredentialsResourceDetails = new ClientCredentialsResourceDetails();
        clientCredentialsResourceDetails.setClientId(adminSsoKeycloakProperties.getAdminClientId());
        clientCredentialsResourceDetails.setClientSecret(adminSsoKeycloakProperties.getAdminClientSecret());
        clientCredentialsResourceDetails.setAccessTokenUri(String.format("%s/realms/%s/protocol/openid-connect/token", adminSsoKeycloakProperties.getServerUrl(), adminSsoKeycloakProperties.getRealm()));
        return new OAuth2RestTemplate(clientCredentialsResourceDetails);
    }

    @Bean
    public TransactionTemplate transactionTemplate(PlatformTransactionManager platformTransactionManager) {
        return new TransactionTemplate(platformTransactionManager);
    }

    @ConditionalOnMissingBean
    @Bean
    public Scheduler scheduler(SchedulerFactoryBean schedulerFactoryBean) throws SchedulerException {
        Scheduler scheduler = schedulerFactoryBean.getScheduler();
        if (this.properties.getSynchronizeEnabled().booleanValue()) {
            JobDetail build = JobBuilder.newJob().ofType(UserSynchronizeJob.class).storeDurably().withIdentity("User_Synchronize_Job_Detail").usingJobData(new JobDataMap()).build();
            scheduler.scheduleJob(build, Set.of(TriggerBuilder.newTrigger().forJob(build).withIdentity(USER_SYNCHRONIZE_TRIGGER).withSchedule(CronScheduleBuilder.cronSchedule(this.properties.getSynchronizeFrequency())).build()), true);
        } else {
            scheduler.deleteJob(new JobKey("User_Synchronize_Job_Detail"));
        }
        return scheduler;
    }
}
