package de.governikus.autent.eudiwallet.keycloak.constants;

import com.authlete.cose.constants.COSEEllipticCurves;
import de.governikus.autent.eudiwallet.keycloak.endpoints.discovery.WalletOid4VcIssuerWellKnownEndpoint;
import de.governikus.autent.eudiwallet.keycloak.provider.credentialbuilder.OpenId4VciCredentialBuilderProvider;
import de.governikus.autent.eudiwallet.keycloak.provider.credentialbuilder.OpenId4VciCredentialBuilderProviderFactory;
import java.lang.reflect.Field;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import java.util.stream.Stream;
import org.apache.commons.lang3.StringUtils;
import org.keycloak.crypto.KeyWrapper;
import org.keycloak.crypto.SignatureProvider;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.KeycloakSessionFactory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:de/governikus/autent/eudiwallet/keycloak/constants/StaticContext.class */
public final class StaticContext {
    private static final Logger log = LoggerFactory.getLogger(StaticContext.class);
    private static final List<String> SUPPORTED_VC_FORMATS = new ArrayList();
    private static final Set<String> VC_PROTOCOL_MAPPERS = new HashSet();
    private static final List<String> PREFERRED_SIGNATURE_ALGORITHMS = List.of("ES256", "ES384", "ES512", COSEEllipticCurves.Ed25519_NAME, COSEEllipticCurves.Ed448_NAME, "EdDSA");
    private static final List<String> ALL_SUPPORTED_SIGNATURE_ALGORITHMS = new ArrayList();
    private static final List<String> ISSUANCE_SUPPORTED_SIG_ALGORITHMS = new ArrayList();
    private static final List<String> PRESENTATION_SUPPORTED_SIG_ALGORITHMS = new ArrayList();
    private static final List<String> PROOF_TYPE_SIG_ALGORITHMS = new ArrayList();
    private static final Set<String> ISSUANCE_FORMATS = new HashSet();

    public static String getIssuer(KeycloakSession keycloakSession) {
        return WalletOid4VcIssuerWellKnownEndpoint.getIssuer(keycloakSession.getContext());
    }

    public static void initializeStaticContext(KeycloakSessionFactory keycloakSessionFactory) {
        initializeSupportedVcFormats(keycloakSessionFactory);
        KeycloakSession create = keycloakSessionFactory.create();
        try {
            initializeSupportedSignatureAlgorithms(create);
            if (create != null) {
                create.close();
            }
        } catch (Throwable th) {
            if (create != null) {
                try {
                    create.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    private static void initializeSupportedVcFormats(KeycloakSessionFactory keycloakSessionFactory) {
        ISSUANCE_FORMATS.add("seed_credential");
        keycloakSessionFactory.getProviderFactoriesStream(OpenId4VciCredentialBuilderProvider.class).forEach(providerFactory -> {
            OpenId4VciCredentialBuilderProviderFactory openId4VciCredentialBuilderProviderFactory = (OpenId4VciCredentialBuilderProviderFactory) providerFactory;
            SUPPORTED_VC_FORMATS.add(openId4VciCredentialBuilderProviderFactory.getId());
            if (openId4VciCredentialBuilderProviderFactory.isIssuanceFormat()) {
                ISSUANCE_FORMATS.add(openId4VciCredentialBuilderProviderFactory.getId());
            }
        });
    }

    private static void initializeSupportedSignatureAlgorithms(KeycloakSession keycloakSession) {
        keycloakSession.getAllProviders(SignatureProvider.class).forEach(signatureProvider -> {
            try {
                Field declaredField = signatureProvider.getClass().getDeclaredField("algorithm");
                declaredField.setAccessible(true);
                String str = (String) declaredField.get(signatureProvider);
                ALL_SUPPORTED_SIGNATURE_ALGORITHMS.add(str);
                if (StringUtils.startsWith(str, "RS") || StringUtils.startsWith(str, "ES")) {
                    ISSUANCE_SUPPORTED_SIG_ALGORITHMS.add(str);
                    PROOF_TYPE_SIG_ALGORITHMS.add(str);
                } else if (StringUtils.startsWith(str, "HS")) {
                    PRESENTATION_SUPPORTED_SIG_ALGORITHMS.add(str);
                }
            } catch (Exception e) {
                log.trace("Failed to find signature-algorithm in class '{}'. Original error: {}", signatureProvider.getClass().getName(), e.getMessage());
            }
        });
    }

    public static Set<String> getVcProtocolMappers() {
        return VC_PROTOCOL_MAPPERS;
    }

    public static Stream<KeyWrapper> getIssuanceSupportedSignatureKeysOfRealm(KeycloakSession keycloakSession) {
        return keycloakSession.keys().getKeysStream(keycloakSession.getContext().getRealm()).filter(keyWrapper -> {
            return ISSUANCE_SUPPORTED_SIG_ALGORITHMS.contains(keyWrapper.getAlgorithm());
        }).distinct();
    }

    public static Set<String> getIssuanceFormats() {
        return ISSUANCE_FORMATS;
    }

    public static List<String> getPreferredSignatureAlgorithms() {
        return PREFERRED_SIGNATURE_ALGORITHMS;
    }

    public static List<String> getProofTypeSignatureAlgorithms() {
        return Collections.unmodifiableList(PROOF_TYPE_SIG_ALGORITHMS);
    }

    public static List<String> getPresentationSupportedSigAlgorithms() {
        return Collections.unmodifiableList(PRESENTATION_SUPPORTED_SIG_ALGORITHMS);
    }

    public static List<String> getAllSupportedSignatureAlgorithms() {
        return Collections.unmodifiableList(ALL_SUPPORTED_SIGNATURE_ALGORITHMS);
    }

    public static List<String> getSupportedVcFormats() {
        return Collections.unmodifiableList(SUPPORTED_VC_FORMATS);
    }

    private StaticContext() {
        throw new UnsupportedOperationException("This is a utility class and cannot be instantiated");
    }
}
