package org.keycloak.quarkus.runtime.cli.command;

import java.util.EnumSet;
import org.keycloak.common.util.IoUtils;
import org.keycloak.config.OptionCategory;
import org.keycloak.models.utils.KeycloakModelUtils;
import org.keycloak.quarkus.runtime.cli.PropertyException;
import org.keycloak.quarkus.runtime.integration.jaxrs.QuarkusKeycloakApplication;
import org.keycloak.services.resources.KeycloakApplication;
import picocli.CommandLine;

@CommandLine.Command(name = BootstrapAdminUser.NAME, header = {BootstrapAdminUser.HEADER}, description = {"%nAdd an admin user with a password"})
/* loaded from: input_file:org/keycloak/quarkus/runtime/cli/command/BootstrapAdminUser.class */
public class BootstrapAdminUser extends AbstractNonServerCommand {
    public static final String NAME = "user";
    public static final String HEADER = "Add an admin user with a password";

    @CommandLine.ArgGroup(exclusive = true, multiplicity = "0..1")
    UsernameOptions usernameOptions;

    @CommandLine.Option(paramLabel = "PASSWORD", names = {"--password:env"}, description = {"Environment variable name for the admin user password"})
    String passwordEnv;
    String password;
    String username;

    /* loaded from: input_file:org/keycloak/quarkus/runtime/cli/command/BootstrapAdminUser$UsernameOptions.class */
    static class UsernameOptions {

        @CommandLine.Option(paramLabel = "username", names = {"--username"}, description = {"Username of admin user, defaults to temp-admin"})
        String username;

        @CommandLine.Option(paramLabel = "USERNAME", names = {"--username:env"}, description = {"Environment variable name for the admin username"})
        String usernameEnv;

        UsernameOptions() {
        }
    }

    @Override // org.keycloak.quarkus.runtime.cli.command.AbstractCommand
    public String getName() {
        return NAME;
    }

    @Override // org.keycloak.quarkus.runtime.cli.command.AbstractStartCommand
    protected void doBeforeRun() {
        BootstrapAdmin bootstrapAdmin = (BootstrapAdmin) this.spec.commandLine().getParent().getCommand();
        if (this.usernameOptions != null) {
            if (this.usernameOptions.usernameEnv != null) {
                this.username = getFromEnv(this.usernameOptions.usernameEnv);
            } else {
                this.username = this.usernameOptions.username;
            }
        } else if (!bootstrapAdmin.noPrompt) {
            this.username = IoUtils.readLineFromConsole("username", "temp-admin");
        }
        if (this.passwordEnv != null) {
            this.password = getFromEnv(this.passwordEnv);
            return;
        }
        if (bootstrapAdmin.noPrompt) {
            throw new PropertyException("No password provided");
        }
        this.password = IoUtils.readPasswordFromConsole("password");
        if (!this.password.equals(IoUtils.readPasswordFromConsole("password again"))) {
            throw new PropertyException("Passwords do not match");
        }
        if (this.password.isBlank()) {
            throw new PropertyException("Password must not be blank");
        }
    }

    private String getFromEnv(String str) {
        String str2 = System.getenv(str);
        if (str2 == null) {
            throw new PropertyException(String.format("Environment variable %s not found", str));
        }
        return str2;
    }

    @Override // org.keycloak.quarkus.runtime.cli.command.AbstractNonServerCommand
    public void onStart(QuarkusKeycloakApplication quarkusKeycloakApplication) {
        KeycloakModelUtils.runJobInTransaction(KeycloakApplication.getSessionFactory(), keycloakSession -> {
            quarkusKeycloakApplication.createTemporaryMasterRealmAdminUser(this.username, this.password, keycloakSession);
        });
    }

    @Override // org.keycloak.quarkus.runtime.cli.command.AbstractStartCommand
    protected EnumSet<OptionCategory> excludedCategories() {
        return EnumSet.of(OptionCategory.IMPORT, OptionCategory.EXPORT, OptionCategory.BOOTSTRAP_ADMIN);
    }
}
