package org.keycloak.protocol.oidc;

import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper;
import java.io.InvalidObjectException;
import java.security.MessageDigest;
import java.text.SimpleDateFormat;
import java.util.HashMap;
import java.util.Objects;
import org.keycloak.common.util.Time;
import org.keycloak.models.ClientModel;
import org.keycloak.models.delegate.ClientModelLazyDelegate;
import org.keycloak.representations.idm.ClientRepresentation;
import org.keycloak.utils.StringUtil;

/* loaded from: input_file:org/keycloak/protocol/oidc/OIDCClientSecretConfigWrapper.class */
public class OIDCClientSecretConfigWrapper extends AbstractClientConfigWrapper {

    /* loaded from: input_file:org/keycloak/protocol/oidc/OIDCClientSecretConfigWrapper$ReadOnlyRotatedSecretClientModel.class */
    public class ReadOnlyRotatedSecretClientModel extends ClientModelLazyDelegate {
        private ReadOnlyRotatedSecretClientModel(ClientModel clientModel) {
            super(() -> {
                return clientModel;
            });
        }

        public String getSecret() {
            return OIDCClientSecretConfigWrapper.this.getClientRotatedSecret();
        }
    }

    private OIDCClientSecretConfigWrapper(ClientModel clientModel, ClientRepresentation clientRepresentation) {
        super(clientModel, clientRepresentation);
    }

    public static OIDCClientSecretConfigWrapper fromClientModel(ClientModel clientModel) {
        return new OIDCClientSecretConfigWrapper(clientModel, null);
    }

    public static OIDCClientSecretConfigWrapper fromClientRepresentation(ClientRepresentation clientRepresentation) {
        return new OIDCClientSecretConfigWrapper(null, clientRepresentation);
    }

    public String getSecret() {
        return this.clientModel != null ? this.clientModel.getSecret() : this.clientRep.getSecret();
    }

    public String getId() {
        return this.clientModel != null ? this.clientModel.getId() : this.clientRep.getId();
    }

    public String getName() {
        return this.clientModel != null ? this.clientModel.getName() : this.clientRep.getName();
    }

    public void removeClientSecretRotationInfo() {
        setAttribute("client.secret.expiration.time", null);
        setAttribute("client.secret.remaining.expiration.time", null);
        removeClientSecretRotated();
    }

    public void removeClientSecretRotated() {
        if (hasRotatedSecret()) {
            setAttribute("client.secret.rotated", null);
            setAttribute("client.secret.rotated.creation.time", null);
            setAttribute("client.secret.rotated.expiration.time", null);
        }
    }

    public int getClientSecretCreationTime() {
        String attribute = getAttribute("client.secret.creation.time");
        if (StringUtil.isBlank(attribute)) {
            return 0;
        }
        return Integer.parseInt(attribute);
    }

    public void setClientSecretCreationTime(int i) {
        setAttribute("client.secret.creation.time", String.valueOf(i));
    }

    public boolean hasRotatedSecret() {
        return StringUtil.isNotBlank(getAttribute("client.secret.rotated")) && StringUtil.isNotBlank(getAttribute("client.secret.rotated.creation.time"));
    }

    public String getClientRotatedSecret() {
        return getAttribute("client.secret.rotated");
    }

    public void setClientRotatedSecret(String str) {
        setAttribute("client.secret.rotated", str);
    }

    public int getClientRotatedSecretCreationTime() {
        String attribute = getAttribute("client.secret.rotated.creation.time");
        if (StringUtil.isNotBlank(attribute)) {
            return Integer.parseInt(attribute);
        }
        return 0;
    }

    public void setClientRotatedSecretCreationTime(Integer num) {
        setAttribute("client.secret.rotated.creation.time", num != null ? String.valueOf(num) : null);
    }

    public void setClientSecretCreationTime() {
        setClientSecretCreationTime(Time.currentTime());
    }

    public void setClientRotatedSecretCreationTime() {
        setClientRotatedSecretCreationTime(Integer.valueOf(Time.currentTime()));
    }

    public void updateClientRepresentationAttributes(ClientRepresentation clientRepresentation) {
        clientRepresentation.getAttributes().put("client.secret.rotated", getAttribute("client.secret.rotated"));
        clientRepresentation.getAttributes().put("client.secret.creation.time", getAttribute("client.secret.creation.time"));
        clientRepresentation.getAttributes().put("client.secret.expiration.time", getAttribute("client.secret.expiration.time"));
        clientRepresentation.getAttributes().put("client.secret.rotated.creation.time", getAttribute("client.secret.rotated.creation.time"));
        clientRepresentation.getAttributes().put("client.secret.rotated.expiration.time", getAttribute("client.secret.rotated.expiration.time"));
    }

    public boolean hasClientSecretExpirationTime() {
        return getClientSecretExpirationTime() > 0;
    }

    public int getClientSecretExpirationTime() {
        String attribute = getAttribute("client.secret.expiration.time");
        if (attribute == null) {
            return 0;
        }
        return Integer.parseInt(attribute);
    }

    public void setClientSecretExpirationTime(Integer num) {
        setAttribute("client.secret.expiration.time", num != null ? String.valueOf(num) : null);
    }

    public boolean isClientSecretExpired() {
        return hasClientSecretExpirationTime() && getClientSecretExpirationTime() < Time.currentTime();
    }

    public int getClientRotatedSecretExpirationTime() {
        if (hasClientRotatedSecretExpirationTime()) {
            return Integer.valueOf(getAttribute("client.secret.rotated.expiration.time")).intValue();
        }
        return 0;
    }

    public void setClientRotatedSecretExpirationTime(Integer num) {
        setAttribute("client.secret.rotated.expiration.time", num != null ? String.valueOf(num) : null);
    }

    public boolean hasClientRotatedSecretExpirationTime() {
        return StringUtil.isNotBlank(getAttribute("client.secret.rotated.expiration.time"));
    }

    public boolean isClientRotatedSecretExpired() {
        return !hasClientRotatedSecretExpirationTime() || getClientRotatedSecretExpirationTime() < Time.currentTime();
    }

    public boolean validateRotatedSecret(String str) {
        if (!hasRotatedSecret() || isClientRotatedSecretExpired()) {
            return false;
        }
        return MessageDigest.isEqual(str.getBytes(), getClientRotatedSecret().getBytes());
    }

    public String toJson() {
        ObjectMapper objectMapper = new ObjectMapper();
        HashMap hashMap = new HashMap();
        try {
            SimpleDateFormat simpleDateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.SSSXXX");
            hashMap.put("clientId", getId());
            hashMap.put("clientName", getName());
            hashMap.put("secretCreationTimeSeconds", Integer.valueOf(getClientSecretCreationTime()));
            hashMap.put("secretCreationTime", simpleDateFormat.format(Time.toDate(getClientSecretCreationTime())));
            hashMap.put("secretExpirationTimeSeconds", Integer.valueOf(getClientSecretExpirationTime()));
            hashMap.put("secretExpirationTime", simpleDateFormat.format(Time.toDate(getClientSecretExpirationTime())));
            hashMap.put("rotatedSecretCreationTimeSeconds", Integer.valueOf(getClientRotatedSecretCreationTime()));
            hashMap.put("rotatedSecretCreationTime", simpleDateFormat.format(Time.toDate(getClientRotatedSecretCreationTime())));
            hashMap.put("rotatedSecretExpirationTimeSeconds", Integer.valueOf(getClientRotatedSecretExpirationTime()));
            hashMap.put("rotatedSecretExpirationTime", simpleDateFormat.format(Time.toDate(getClientRotatedSecretExpirationTime())));
            return objectMapper.writeValueAsString(hashMap);
        } catch (JsonProcessingException e) {
            return "";
        }
    }

    public ReadOnlyRotatedSecretClientModel toRotatedClientModel() throws InvalidObjectException {
        if (Objects.isNull(this.clientModel)) {
            throw new InvalidObjectException(getClass().getCanonicalName() + " does not have an attribute of type " + ClientModel.class.getCanonicalName());
        }
        return new ReadOnlyRotatedSecretClientModel(this.clientModel);
    }
}
