package org.keycloak.email;

import jakarta.mail.Address;
import jakarta.mail.MessagingException;
import jakarta.mail.Session;
import jakarta.mail.Transport;
import jakarta.mail.internet.AddressException;
import jakarta.mail.internet.InternetAddress;
import jakarta.mail.internet.MimeBodyPart;
import jakarta.mail.internet.MimeMessage;
import jakarta.mail.internet.MimeMultipart;
import jakarta.mail.internet.MimeUtility;
import java.io.UnsupportedEncodingException;
import java.nio.charset.StandardCharsets;
import java.util.Date;
import java.util.Map;
import java.util.Properties;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import org.jboss.logging.Logger;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.UserModel;
import org.keycloak.services.ServicesLogger;
import org.keycloak.services.resources.Cors;
import org.keycloak.truststore.HostnameVerificationPolicy;
import org.keycloak.truststore.JSSETruststoreConfigurator;
import org.keycloak.userprofile.config.UPConfigUtils;
import org.keycloak.utils.StringUtil;
import org.keycloak.vault.VaultStringSecret;

/* loaded from: input_file:org/keycloak/email/DefaultEmailSenderProvider.class */
public class DefaultEmailSenderProvider implements EmailSenderProvider {
    private static final Logger logger = Logger.getLogger(DefaultEmailSenderProvider.class);
    private static final String SUPPORTED_SSL_PROTOCOLS = getSupportedSslProtocols();
    private final KeycloakSession session;

    public DefaultEmailSenderProvider(KeycloakSession keycloakSession) {
        this.session = keycloakSession;
    }

    public void send(Map<String, String> map, UserModel userModel, String str, String str2, String str3) throws EmailException {
        send(map, retrieveEmailAddress(userModel), str, str2, str3);
    }

    public void send(Map<String, String> map, String str, String str2, String str3, String str4) throws EmailException {
        Transport transport = null;
        try {
            try {
                Properties properties = new Properties();
                if (map.containsKey("host")) {
                    properties.setProperty("mail.smtp.host", map.get("host"));
                }
                boolean equals = "true".equals(map.get("auth"));
                boolean equals2 = "true".equals(map.get("ssl"));
                boolean equals3 = "true".equals(map.get("starttls"));
                if (map.containsKey("port") && map.get("port") != null) {
                    properties.setProperty("mail.smtp.port", map.get("port"));
                }
                if (equals) {
                    properties.setProperty("mail.smtp.auth", "true");
                }
                if (equals2) {
                    properties.setProperty("mail.smtp.ssl.enable", "true");
                }
                if (equals3) {
                    properties.setProperty("mail.smtp.starttls.enable", "true");
                }
                if (equals2 || equals3) {
                    properties.put("mail.smtp.ssl.protocols", SUPPORTED_SSL_PROTOCOLS);
                    setupTruststore(properties);
                }
                properties.setProperty("mail.smtp.timeout", "10000");
                properties.setProperty("mail.smtp.connectiontimeout", "10000");
                String str5 = map.get("from");
                String str6 = map.get("fromDisplayName");
                String str7 = map.get("replyTo");
                String str8 = map.get("replyToDisplayName");
                String str9 = map.get("envelopeFrom");
                Session session = Session.getInstance(properties);
                MimeMultipart mimeMultipart = new MimeMultipart("alternative");
                if (str3 != null) {
                    MimeBodyPart mimeBodyPart = new MimeBodyPart();
                    mimeBodyPart.setText(str3, "UTF-8");
                    mimeMultipart.addBodyPart(mimeBodyPart);
                }
                if (str4 != null) {
                    MimeBodyPart mimeBodyPart2 = new MimeBodyPart();
                    mimeBodyPart2.setContent(str4, "text/html; charset=UTF-8");
                    mimeMultipart.addBodyPart(mimeBodyPart2);
                }
                MimeMessage mimeMessage = new MimeMessage(session);
                mimeMessage.setFrom(toInternetAddress(str5, str6));
                mimeMessage.setReplyTo(new Address[]{toInternetAddress(str5, str6)});
                if (StringUtil.isNotBlank(str7)) {
                    mimeMessage.setReplyTo(new Address[]{toInternetAddress(str7, str8)});
                }
                if (StringUtil.isNotBlank(str9)) {
                    properties.setProperty("mail.smtp.from", str9);
                }
                mimeMessage.setHeader("To", str);
                mimeMessage.setSubject(MimeUtility.encodeText(str2, StandardCharsets.UTF_8.name(), (String) null));
                mimeMessage.setContent(mimeMultipart);
                mimeMessage.saveChanges();
                mimeMessage.setSentDate(new Date());
                Transport transport2 = session.getTransport("smtp");
                if (equals) {
                    VaultStringSecret stringSecret = this.session.vault().getStringSecret(map.get("password"));
                    try {
                        transport2.connect(map.get(UPConfigUtils.ROLE_USER), (String) stringSecret.get().orElse(map.get("password")));
                        if (stringSecret != null) {
                            stringSecret.close();
                        }
                    } catch (Throwable th) {
                        if (stringSecret != null) {
                            try {
                                stringSecret.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        }
                        throw th;
                    }
                } else {
                    transport2.connect();
                }
                transport2.sendMessage(mimeMessage, new InternetAddress[]{new InternetAddress(str)});
                if (transport2 != null) {
                    try {
                        transport2.close();
                    } catch (MessagingException e) {
                        logger.warn("Failed to close transport", e);
                    }
                }
            } catch (Exception e2) {
                ServicesLogger.LOGGER.failedToSendEmail(e2);
                throw new EmailException(e2);
            }
        } catch (Throwable th3) {
            if (0 != 0) {
                try {
                    transport.close();
                } catch (MessagingException e3) {
                    logger.warn("Failed to close transport", e3);
                }
            }
            throw th3;
        }
    }

    protected InternetAddress toInternetAddress(String str, String str2) throws UnsupportedEncodingException, AddressException, EmailException {
        if (str == null || "".equals(str.trim())) {
            throw new EmailException("Please provide a valid address", (Throwable) null);
        }
        return (str2 == null || "".equals(str2.trim())) ? new InternetAddress(str) : new InternetAddress(str, str2, "utf-8");
    }

    protected String retrieveEmailAddress(UserModel userModel) {
        return userModel.getEmail();
    }

    private void setupTruststore(Properties properties) {
        JSSETruststoreConfigurator jSSETruststoreConfigurator = new JSSETruststoreConfigurator(this.session);
        SSLSocketFactory sSLSocketFactory = jSSETruststoreConfigurator.getSSLSocketFactory();
        if (sSLSocketFactory != null) {
            properties.put("mail.smtp.ssl.socketFactory", sSLSocketFactory);
            if (jSSETruststoreConfigurator.getProvider().getPolicy() == HostnameVerificationPolicy.ANY) {
                properties.setProperty("mail.smtp.ssl.trust", Cors.ACCESS_CONTROL_ALLOW_ORIGIN_WILDCARD);
                properties.put("mail.smtp.ssl.checkserveridentity", Boolean.FALSE.toString());
            }
        }
    }

    public void close() {
    }

    private static String getSupportedSslProtocols() {
        try {
            String[] protocols = SSLContext.getDefault().getSupportedSSLParameters().getProtocols();
            if (protocols != null) {
                return String.join(" ", protocols);
            }
            return null;
        } catch (Exception e) {
            logger.warn("Failed to get list of supported SSL protocols", e);
            return null;
        }
    }
}
