package de.governikus.autent.eudiwallet.keycloak.constants;

import de.governikus.autent.eudiwallet.keycloak.constants.Constants;
import jakarta.persistence.EntityManager;
import java.io.ByteArrayInputStream;
import java.nio.charset.StandardCharsets;
import java.security.PublicKey;
import java.time.Instant;
import java.time.LocalDate;
import java.time.ZoneId;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.Objects;
import java.util.Optional;
import java.util.stream.Stream;
import org.apache.commons.lang3.StringUtils;
import org.keycloak.connections.jpa.JpaConnectionProvider;
import org.keycloak.crypto.KeyWrapper;
import org.keycloak.jose.jwk.JWK;
import org.keycloak.jose.jwk.JWKParser;
import org.keycloak.models.ClientScopeModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.util.JsonSerialization;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.yaml.snakeyaml.Yaml;

/* loaded from: input_file:de/governikus/autent/eudiwallet/keycloak/constants/UtilityMethods.class */
public final class UtilityMethods {
    private static final Logger log = LoggerFactory.getLogger(UtilityMethods.class);

    public static Optional<Instant> parseDateTime(String str) {
        try {
            return Optional.of(Instant.ofEpochMilli(Long.parseLong(str)));
        } catch (Exception e) {
            log.trace(e.getMessage(), e);
            try {
                return Optional.of(Instant.parse(str));
            } catch (Exception e2) {
                log.trace(e2.getMessage(), e2);
                try {
                    return Optional.of(LocalDate.parse(str).atStartOfDay(ZoneId.systemDefault()).toInstant());
                } catch (Exception e3) {
                    log.trace(e3.getMessage(), e3);
                    try {
                        return tryToParseToLocalDate(str).map(str2 -> {
                            return LocalDate.parse(str2).atStartOfDay(ZoneId.systemDefault()).toInstant();
                        });
                    } catch (Exception e4) {
                        log.trace(e4.getMessage(), e4);
                        return Optional.empty();
                    }
                }
            }
        }
    }

    private static Optional<String> tryToParseToLocalDate(String str) {
        String replaceAll = str.replaceAll("-", "");
        if (replaceAll.length() != 4 && replaceAll.length() != 6 && replaceAll.length() != 8) {
            return Optional.empty();
        }
        if (replaceAll.length() == 8) {
            replaceAll = new StringBuilder(replaceAll).insert(4, "-").insert(6, "-").toString();
        }
        return Optional.of(replaceAll.length() == 6 ? new StringBuilder(replaceAll + "-01").insert(4, "-").toString() : replaceAll + "-01-01");
    }

    public static KeyWrapper getPidProviderSigningKey(KeycloakSession keycloakSession, ClientScopeModel clientScopeModel) {
        return getPidProviderSigningKey(keycloakSession, clientScopeModel, null);
    }

    public static KeyWrapper getPidProviderSigningKey(KeycloakSession keycloakSession, ClientScopeModel clientScopeModel, String str) {
        String str2 = (String) Optional.ofNullable(clientScopeModel).map(clientScopeModel2 -> {
            return clientScopeModel2.getAttribute(Constants.ClientScopeAttributes.SIGNATURE_ALGORITHM);
        }).orElse(str);
        RealmModel realm = keycloakSession.getContext().getRealm();
        ArrayList arrayList = new ArrayList();
        return (KeyWrapper) keycloakSession.keys().getKeysStream(realm).filter(keyWrapper -> {
            return StringUtils.equals(str2, keyWrapper.getAlgorithm());
        }).findAny().orElseGet(() -> {
            return StaticContext.getIssuanceSupportedSignatureKeysOfRealm(keycloakSession).filter(keyWrapper2 -> {
                boolean contains = StaticContext.getPreferredSignatureAlgorithms().contains(keyWrapper2.getAlgorithm());
                if (!contains) {
                    arrayList.add(keyWrapper2);
                }
                return contains;
            }).findAny().orElseGet(() -> {
                if (arrayList.isEmpty()) {
                    throw new IllegalStateException(String.format("Could not find signature key for VerifiableCredential type '%s'", clientScopeModel.getName()));
                }
                return (KeyWrapper) arrayList.getFirst();
            });
        });
    }

    public static List<String> getClientScopeSupportedSignatureAlgorithms(KeycloakSession keycloakSession, ClientScopeModel clientScopeModel) {
        RealmModel realm = keycloakSession.getContext().getRealm();
        String attribute = clientScopeModel.getAttribute(Constants.ClientScopeAttributes.SIGNATURE_ALGORITHM);
        if (StringUtils.isBlank(attribute)) {
            List list = StaticContext.getIssuanceSupportedSignatureKeysOfRealm(keycloakSession).map((v0) -> {
                return v0.getAlgorithm();
            }).toList();
            Stream map = keycloakSession.keys().getKeysStream(realm).map((v0) -> {
                return v0.getAlgorithm();
            });
            Objects.requireNonNull(list);
            return map.filter((v1) -> {
                return r1.contains(v1);
            }).toList();
        }
        List<String> list2 = keycloakSession.keys().getKeysStream(realm).map((v0) -> {
            return v0.getAlgorithm();
        }).filter(str -> {
            return StringUtils.equals(attribute, str);
        }).distinct().toList();
        if (!list2.isEmpty()) {
            return list2;
        }
        List list3 = StaticContext.getIssuanceSupportedSignatureKeysOfRealm(keycloakSession).map((v0) -> {
            return v0.getAlgorithm();
        }).toList();
        Stream map2 = keycloakSession.keys().getKeysStream(realm).map((v0) -> {
            return v0.getAlgorithm();
        });
        Objects.requireNonNull(list3);
        return map2.filter((v1) -> {
            return r1.contains(v1);
        }).toList();
    }

    public static KeyWrapper getPidProviderSigningKeyByKid(KeycloakSession keycloakSession, String str) {
        return (KeyWrapper) keycloakSession.keys().getKeysStream(keycloakSession.getContext().getRealm()).filter(keyWrapper -> {
            return StringUtils.equals(str, keyWrapper.getKid());
        }).findAny().orElseThrow(() -> {
            return new IllegalStateException(String.format("Could not find signature key for kid type '%s'", str));
        });
    }

    public static <T> T yamlToObject(String str, Class<T> cls) {
        if (StringUtils.isBlank(str)) {
            return (T) JsonSerialization.mapper.convertValue(Collections.emptyMap(), cls);
        }
        return (T) JsonSerialization.mapper.convertValue((Map) new Yaml().load(new ByteArrayInputStream(str.getBytes(StandardCharsets.UTF_8))), cls);
    }

    public static String toCredentialConfigurationId(String str, String str2) {
        return String.format("%s_%s", str, str2.replaceAll("\\W", "_").toUpperCase(Locale.ROOT));
    }

    public static PublicKey getPublicKeyFromJwk(JWK jwk) {
        return JWKParser.create(jwk).toPublicKey();
    }

    public static EntityManager getEntityManager(KeycloakSession keycloakSession) {
        return keycloakSession.getProvider(JpaConnectionProvider.class).getEntityManager();
    }

    public static String getVctOverride(String str) {
        return "vc.vct.override." + str;
    }

    private UtilityMethods() {
        throw new UnsupportedOperationException("This is a utility class and cannot be instantiated");
    }
}
