package wf.garnier.testcontainers.dexidp;

import com.github.dockerjava.api.command.InspectContainerResponse;
import com.google.protobuf.ByteString;
import io.grpc.ManagedChannel;
import io.grpc.ManagedChannelBuilder;
import jakarta.validation.constraints.NotBlank;
import jakarta.validation.constraints.NotNull;
import java.io.IOException;
import java.lang.invoke.MethodHandles;
import java.lang.invoke.MethodType;
import java.lang.runtime.ObjectMethods;
import java.time.Duration;
import java.util.ArrayList;
import java.util.Collections;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.UUID;
import javax.annotation.Nullable;
import org.testcontainers.containers.Container;
import org.testcontainers.containers.GenericContainer;
import org.testcontainers.containers.wait.strategy.Wait;
import org.testcontainers.utility.DockerImageName;
import wf.garnier.testcontainers.dexidp.grpc.DexGrpc;
import wf.garnier.testcontainers.dexidp.grpc.DexGrpcApi;

/* loaded from: input_file:wf/garnier/testcontainers/dexidp/DexContainer.class */
public class DexContainer extends GenericContainer<DexContainer> {
    public static final DockerImageName DEFAULT_IMAGE_NAME = DockerImageName.parse("dexidp/dex");
    public static final String DEFAULT_TAG = "v2.37.0";
    private static final int DEX_HTTP_PORT = 5556;
    private static final int DEX_GRPC_PORT = 5557;
    private static final String DEX_CONFIG_FILE = "/var/dex/dex.yml";
    private final Map<String, Client> clients;
    private Map<String, User> users;
    private boolean isStarted;
    private DexGrpc.DexBlockingStub grpcStub;
    private ManagedChannel channel;

    /* loaded from: input_file:wf/garnier/testcontainers/dexidp/DexContainer$Client.class */
    public static final class Client extends Record {

        @NotNull
        @NotBlank
        private final String clientId;

        @NotNull
        @NotBlank
        private final String clientSecret;

        @NotNull
        @NotBlank
        private final String redirectUri;

        public Client(@NotNull @NotBlank String str, @NotNull @NotBlank String str2, @NotNull @NotBlank String str3) {
            Validation.assertNotBlank(str, "clientId");
            Validation.assertNotBlank(str2, "clientSecret");
            Validation.assertNotBlank(str3, "redirectUri");
            this.clientId = str;
            this.clientSecret = str2;
            this.redirectUri = str3;
        }

        @Override // java.lang.Record
        public final String toString() {
            return (String) ObjectMethods.bootstrap(MethodHandles.lookup(), "toString", MethodType.methodType(String.class, Client.class), Client.class, "clientId;clientSecret;redirectUri", "FIELD:Lwf/garnier/testcontainers/dexidp/DexContainer$Client;->clientId:Ljava/lang/String;", "FIELD:Lwf/garnier/testcontainers/dexidp/DexContainer$Client;->clientSecret:Ljava/lang/String;", "FIELD:Lwf/garnier/testcontainers/dexidp/DexContainer$Client;->redirectUri:Ljava/lang/String;").dynamicInvoker().invoke(this) /* invoke-custom */;
        }

        @Override // java.lang.Record
        public final int hashCode() {
            return (int) ObjectMethods.bootstrap(MethodHandles.lookup(), "hashCode", MethodType.methodType(Integer.TYPE, Client.class), Client.class, "clientId;clientSecret;redirectUri", "FIELD:Lwf/garnier/testcontainers/dexidp/DexContainer$Client;->clientId:Ljava/lang/String;", "FIELD:Lwf/garnier/testcontainers/dexidp/DexContainer$Client;->clientSecret:Ljava/lang/String;", "FIELD:Lwf/garnier/testcontainers/dexidp/DexContainer$Client;->redirectUri:Ljava/lang/String;").dynamicInvoker().invoke(this) /* invoke-custom */;
        }

        @Override // java.lang.Record
        public final boolean equals(Object obj) {
            return (boolean) ObjectMethods.bootstrap(MethodHandles.lookup(), "equals", MethodType.methodType(Boolean.TYPE, Client.class, Object.class), Client.class, "clientId;clientSecret;redirectUri", "FIELD:Lwf/garnier/testcontainers/dexidp/DexContainer$Client;->clientId:Ljava/lang/String;", "FIELD:Lwf/garnier/testcontainers/dexidp/DexContainer$Client;->clientSecret:Ljava/lang/String;", "FIELD:Lwf/garnier/testcontainers/dexidp/DexContainer$Client;->redirectUri:Ljava/lang/String;").dynamicInvoker().invoke(this, obj) /* invoke-custom */;
        }

        @NotNull
        @NotBlank
        public String clientId() {
            return this.clientId;
        }

        @NotNull
        @NotBlank
        public String clientSecret() {
            return this.clientSecret;
        }

        @NotNull
        @NotBlank
        public String redirectUri() {
            return this.redirectUri;
        }
    }

    /* loaded from: input_file:wf/garnier/testcontainers/dexidp/DexContainer$User.class */
    public static final class User {
        private final String username;
        private final String email;
        private final String clearTextPassword;
        private final String bcryptPassword;
        private final String uuid;

        public User(@NotNull @NotBlank String str, @NotNull @NotBlank String str2, @NotNull @NotBlank String str3) {
            Validation.assertNotBlank(str, "username");
            Validation.assertNotBlank(str2, "email");
            Validation.assertNotBlank(str3, "clearTextPassword");
            this.username = str;
            this.email = str2;
            this.clearTextPassword = str3;
            this.bcryptPassword = BCrypt.hashpw(str3, BCrypt.gensalt());
            this.uuid = UUID.randomUUID().toString();
        }

        public String username() {
            return this.username;
        }

        public String email() {
            return this.email;
        }

        public String clearTextPassword() {
            return this.clearTextPassword;
        }

        public String bcryptPassword() {
            return this.bcryptPassword;
        }

        private String uuid() {
            return this.uuid;
        }

        public int hashCode() {
            return Objects.hash(this.username, this.clearTextPassword);
        }

        public boolean equals(Object obj) {
            if (this == obj) {
                return true;
            }
            if (obj == null || getClass() != obj.getClass()) {
                return false;
            }
            User user = (User) obj;
            return Objects.equals(this.username, user.username) && Objects.equals(this.email, user.email) && Objects.equals(this.clearTextPassword, user.clearTextPassword) && Objects.equals(this.bcryptPassword, user.bcryptPassword) && Objects.equals(this.uuid, user.uuid);
        }

        public String toString() {
            return "User{username='" + this.username + "', email='" + this.email + "', clearTextPassword='" + this.clearTextPassword + "', bcryptPassword='" + this.bcryptPassword + "', uuid='" + this.uuid + "'}";
        }
    }

    public DexContainer(DockerImageName dockerImageName) {
        super(dockerImageName);
        this.clients = new LinkedHashMap();
        this.users = new LinkedHashMap();
        this.isStarted = false;
        this.grpcStub = null;
        addExposedPort(Integer.valueOf(DEX_HTTP_PORT));
        addExposedPort(Integer.valueOf(DEX_GRPC_PORT));
        waitingFor(Wait.forHttp("/dex/.well-known/openid-configuration").forPort(DEX_HTTP_PORT).withStartupTimeout(Duration.ofSeconds(10L)));
        withCommand(new String[]{"/bin/sh", "-c", "while [[ ! -f %s ]]; do sleep 1; echo \"Waiting for configuration file...\"; done;\ndex serve %s\n".formatted(DEX_CONFIG_FILE, DEX_CONFIG_FILE)});
    }

    protected void containerIsStarting(InspectContainerResponse inspectContainerResponse) {
        try {
            Container.ExecResult execInContainer = execInContainer(new String[]{"/bin/sh", "-c", "echo '%s' > %s".formatted(configuration(), DEX_CONFIG_FILE)});
            if (execInContainer.getExitCode() != 0) {
                throw new RuntimeException("Could not write config file in container. Result details: " + execInContainer);
            }
        } catch (IOException | InterruptedException e) {
            throw new RuntimeException("Could not write config file in container", e);
        }
    }

    protected void containerIsStarted(InspectContainerResponse inspectContainerResponse) {
        this.isStarted = true;
        this.channel = ManagedChannelBuilder.forAddress(getHost(), getMappedPort(DEX_GRPC_PORT).intValue()).usePlaintext().build();
        this.grpcStub = DexGrpc.newBlockingStub(this.channel);
        if (this.clients.isEmpty()) {
            Client client = new Client("example-app", "ZXhhbXBsZS1hcHAtc2VjcmV0", "http://127.0.0.1:5555/callback");
            this.clients.put(client.clientId(), client);
        }
        this.clients.values().forEach(this::registerClient);
        if (this.users.isEmpty()) {
            User user = new User("admin", "admin@example.com", "password");
            this.users.put(user.email(), user);
        }
        this.users.values().forEach(this::registerUser);
    }

    protected void containerIsStopping(InspectContainerResponse inspectContainerResponse) {
        if (!this.channel.isShutdown()) {
            this.channel.shutdown();
        }
        this.grpcStub = null;
        this.channel = null;
    }

    public String getIssuerUri() {
        if (this.isStarted) {
            return templateIssuerUri();
        }
        throw new IllegalStateException("Issuer URI can only be obtained after the container has started.");
    }

    private String templateIssuerUri() {
        return "http://%s:%s/dex".formatted(getHost(), getMappedPort(DEX_HTTP_PORT));
    }

    protected String configuration() {
        return "issuer: %s\nstorage:\n  type: sqlite3\n  config:\n    file: /etc/dex/dex.db\nweb:\n  http: 0.0.0.0:%s\ngrpc:\n  addr: 0.0.0.0:%s\nenablePasswordDB: true\noauth2:\n    skipApprovalScreen: true\n".formatted(templateIssuerUri(), Integer.valueOf(DEX_HTTP_PORT), Integer.valueOf(DEX_GRPC_PORT));
    }

    public DexContainer withClient(Client client) {
        if (this.isStarted) {
            unregisterClient(client.clientId());
            registerClient(client);
        }
        this.clients.put(client.clientId(), client);
        return self();
    }

    public Client getClient() {
        return getClients().get(0);
    }

    public Client getClient(String str) {
        return this.clients.get(str);
    }

    public List<Client> getClients() {
        return Collections.unmodifiableList(new ArrayList(this.clients.values()));
    }

    @Nullable
    public Client removeClient(String str) {
        if (this.isStarted) {
            unregisterClient(str);
        }
        return this.clients.remove(str);
    }

    private void registerClient(Client client) {
        this.grpcStub.createClient((DexGrpcApi.CreateClientReq) DexGrpcApi.CreateClientReq.newBuilder().setClient(DexGrpcApi.Client.newBuilder().setId(client.clientId()).setSecret(client.clientSecret()).addRedirectUris(client.redirectUri())).build());
    }

    private void unregisterClient(String str) {
        this.grpcStub.deleteClient((DexGrpcApi.DeleteClientReq) DexGrpcApi.DeleteClientReq.newBuilder().setId(str).build());
    }

    public DexContainer withUser(User user) {
        if (this.isStarted) {
            unregisterUser(user.email());
            registerUser(user);
        }
        this.users.put(user.email(), user);
        return self();
    }

    public User getUser() {
        return getUsers().get(0);
    }

    public User getUser(String str) {
        return this.users.get(str);
    }

    public List<User> getUsers() {
        return Collections.unmodifiableList(new ArrayList(this.users.values()));
    }

    public User removeUser(String str) {
        if (this.isStarted) {
            unregisterUser(str);
        }
        return this.users.remove(str);
    }

    private void registerUser(User user) {
        this.grpcStub.createPassword((DexGrpcApi.CreatePasswordReq) DexGrpcApi.CreatePasswordReq.newBuilder().setPassword(DexGrpcApi.Password.newBuilder().setEmail(user.email()).setUserId(user.uuid()).setHash(ByteString.copyFromUtf8(user.bcryptPassword())).setUsername(user.username())).build());
    }

    private void unregisterUser(String str) {
        this.grpcStub.deletePassword((DexGrpcApi.DeletePasswordReq) DexGrpcApi.DeletePasswordReq.newBuilder().setEmail(str).build());
    }
}
