package de.governikus.autent.eudiwallet.keycloak.endpoints.discovery;

import de.governikus.autent.eudiwallet.keycloak.constants.Constants;
import de.governikus.autent.eudiwallet.keycloak.constants.StaticContext;
import de.governikus.autent.eudiwallet.keycloak.constants.UtilityMethods;
import de.governikus.autent.eudiwallet.keycloak.database.ClientScopeRepository;
import de.governikus.autent.eudiwallet.keycloak.models.CredentialConfigurationId;
import de.governikus.autent.eudiwallet.keycloak.provider.mapper.WalletCredentialProtocolMapper;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Optional;
import java.util.stream.Collectors;
import org.apache.commons.lang3.tuple.Pair;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.KeycloakSessionFactory;
import org.keycloak.models.ProtocolMapperModel;
import org.keycloak.protocol.ProtocolMapper;
import org.keycloak.protocol.oid4vc.model.Claims;
import org.keycloak.protocol.oid4vc.model.ProofTypeJWT;
import org.keycloak.protocol.oid4vc.model.ProofTypesSupported;

/* loaded from: input_file:de/governikus/autent/eudiwallet/keycloak/endpoints/discovery/WalletOid4VcCredentialMetadataLoader.class */
public class WalletOid4VcCredentialMetadataLoader {
    public static Map<String, CredentialConfigurationId> loadSupportedCredentialsMetadata(KeycloakSession keycloakSession) {
        List<String> supportedVcFormats = StaticContext.getSupportedVcFormats();
        KeycloakSessionFactory keycloakSessionFactory = keycloakSession.getKeycloakSessionFactory();
        ProofTypesSupported proofTypesSupported = new ProofTypesSupported();
        ProofTypeJWT proofTypeJWT = new ProofTypeJWT();
        proofTypeJWT.setProofSigningAlgValuesSupported(StaticContext.getProofTypeSignatureAlgorithms());
        proofTypesSupported.setJwt(proofTypeJWT);
        return (Map) ClientScopeRepository.getVcClientScopes(keycloakSession).flatMap(clientScopeModel -> {
            Claims claims = new Claims();
            Claims claims2 = new Claims();
            clientScopeModel.getProtocolMappersStream().map(protocolMapperModel -> {
                ProtocolMapper providerFactory = keycloakSessionFactory.getProviderFactory(ProtocolMapper.class, protocolMapperModel.getProtocolMapper());
                if (providerFactory instanceof WalletCredentialProtocolMapper) {
                    return Pair.of(protocolMapperModel, providerFactory);
                }
                return null;
            }).filter((v0) -> {
                return Objects.nonNull(v0);
            }).forEach(pair -> {
                ProtocolMapperModel protocolMapperModel2 = (ProtocolMapperModel) pair.getLeft();
                WalletCredentialProtocolMapper walletCredentialProtocolMapper = (WalletCredentialProtocolMapper) pair.getRight();
                ClaimRecord addMetadataToClaim = walletCredentialProtocolMapper.addMetadataToClaim(protocolMapperModel2);
                if (walletCredentialProtocolMapper.isIssuanceMapper(protocolMapperModel2)) {
                    claims.put(addMetadataToClaim.claimName(), addMetadataToClaim.claim());
                }
                if (walletCredentialProtocolMapper.isPresentationMapper(protocolMapperModel2)) {
                    claims2.put(addMetadataToClaim.claimName(), addMetadataToClaim.claim());
                }
            });
            return supportedVcFormats.stream().map(str -> {
                CredentialConfigurationId credentialConfigurationId = new CredentialConfigurationId();
                String str = (Constants.SEED_CREDENTIAL_IDENTIFIER.equals(clientScopeModel.getName()) && "jwt_vc_json".equals(str)) ? "seed_credential" : str;
                String credentialConfigurationId2 = UtilityMethods.toCredentialConfigurationId(clientScopeModel.getName(), str);
                credentialConfigurationId.setFormat(str);
                credentialConfigurationId.setScope(clientScopeModel.getName());
                String str2 = (String) Optional.ofNullable((String) clientScopeModel.getAttributes().get(UtilityMethods.getVctOverride(str))).orElse(clientScopeModel.getName());
                if (str.equals("mso_mdoc_authenticated_channel")) {
                    credentialConfigurationId.setDocumentType(str2);
                    credentialConfigurationId.setVct(str2);
                } else {
                    credentialConfigurationId.setVct(str2);
                }
                credentialConfigurationId.setProofTypesSupported(proofTypesSupported);
                if (StaticContext.getIssuanceFormats().contains(str)) {
                    List<String> clientScopeSupportedSignatureAlgorithms = UtilityMethods.getClientScopeSupportedSignatureAlgorithms(keycloakSession, clientScopeModel);
                    credentialConfigurationId.setClaims(claims);
                    credentialConfigurationId.setCredentialSigningAlgValuesSupported(new ArrayList(clientScopeSupportedSignatureAlgorithms));
                } else {
                    credentialConfigurationId.setClaims(claims2);
                    credentialConfigurationId.setCredentialSigningAlgValuesSupported(StaticContext.getPresentationSupportedSigAlgorithms());
                }
                return Pair.of(credentialConfigurationId2, credentialConfigurationId);
            });
        }).collect(Collectors.toMap((v0) -> {
            return v0.getLeft();
        }, (v0) -> {
            return v0.getRight();
        }));
    }
}
