package io.apicurio.registry.utils.tests;

import dasniko.testcontainers.keycloak.KeycloakContainer;
import io.quarkus.test.common.QuarkusTestResourceLifecycleManager;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import org.keycloak.admin.client.Keycloak;
import org.keycloak.admin.client.KeycloakBuilder;
import org.keycloak.representations.idm.CredentialRepresentation;
import org.keycloak.representations.idm.RoleRepresentation;
import org.keycloak.representations.idm.UserRepresentation;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:io/apicurio/registry/utils/tests/KeycloakTestResource.class */
public class KeycloakTestResource implements QuarkusTestResourceLifecycleManager {
    private static final Logger log = LoggerFactory.getLogger(KeycloakTestResource.class);
    private KeycloakContainer container;
    String testUsername = "sr-test-user";
    String testPassword = "sr-test-password";

    public Map<String, String> start() {
        log.info("Starting Keycloak Test Container");
        this.container = new KeycloakContainer().withRealmImportFile("test-realm.json");
        this.container.start();
        HashMap hashMap = new HashMap();
        hashMap.put("registry.keycloak.url", this.container.getAuthServerUrl());
        hashMap.put("registry.keycloak.realm", "registry");
        hashMap.put("registry.auth.enabled", "true");
        hashMap.put("registry.auth.client-secret", "test1");
        hashMap.put("registry.auth.role-based-authorization", "true");
        hashMap.put("registry.auth.owner-only-authorization", "true");
        hashMap.put("registry.auth.admin-override.enabled", "true");
        createTestUser();
        return hashMap;
    }

    private void createTestUser() {
        Keycloak build = KeycloakBuilder.builder().serverUrl(this.container.getAuthServerUrl()).realm("master").clientId("admin-cli").username(this.container.getAdminUsername()).password(this.container.getAdminPassword()).build();
        UserRepresentation userRepresentation = new UserRepresentation();
        userRepresentation.setUsername(this.testUsername);
        userRepresentation.setEnabled(true);
        userRepresentation.setEmailVerified(true);
        CredentialRepresentation credentialRepresentation = new CredentialRepresentation();
        credentialRepresentation.setType("password");
        credentialRepresentation.setValue(this.testPassword);
        credentialRepresentation.setTemporary(false);
        userRepresentation.setCredentials(Collections.singletonList(credentialRepresentation));
        build.realm("registry").users().create(userRepresentation);
        RoleRepresentation representation = build.realm("registry").roles().get("sr-admin").toRepresentation();
        build.realm("registry").users().get(((UserRepresentation) build.realm("registry").users().search(this.testUsername).get(0)).getId()).roles().realmLevel().add(List.of(representation));
    }

    public void stop() {
        log.info("Stopping Keycloak Test Container");
        this.container.stop();
        this.container.close();
    }
}
