package org.keycloak.authentication;

import java.net.URI;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import javax.ws.rs.core.MultivaluedMap;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriInfo;
import org.jboss.resteasy.spi.HttpRequest;
import org.keycloak.common.ClientConnection;
import org.keycloak.events.EventBuilder;
import org.keycloak.forms.login.LoginFormsProvider;
import org.keycloak.models.AuthenticationExecutionModel;
import org.keycloak.models.AuthenticatorConfigModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.utils.FormMessage;
import org.keycloak.services.resources.LoginActionsService;
import org.keycloak.sessions.AuthenticationSessionModel;
import org.keycloak.sessions.CommonClientSessionModel;

/* loaded from: input_file:org/keycloak/authentication/FormAuthenticationFlow.class */
public class FormAuthenticationFlow implements AuthenticationFlow {
    AuthenticationProcessor processor;
    AuthenticationExecutionModel formExecution;
    private final List<AuthenticationExecutionModel> formActionExecutions;
    private final FormAuthenticator formAuthenticator;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/keycloak/authentication/FormAuthenticationFlow$FormContextImpl.class */
    public class FormContextImpl implements FormContext {
        AuthenticationExecutionModel executionModel;
        AuthenticatorConfigModel authenticatorConfig;

        private FormContextImpl(AuthenticationExecutionModel authenticationExecutionModel) {
            this.executionModel = authenticationExecutionModel;
        }

        public EventBuilder newEvent() {
            return FormAuthenticationFlow.this.processor.newEvent();
        }

        public EventBuilder getEvent() {
            return FormAuthenticationFlow.this.processor.getEvent();
        }

        public AuthenticationExecutionModel getExecution() {
            return this.executionModel;
        }

        public AuthenticatorConfigModel getAuthenticatorConfig() {
            if (this.executionModel.getAuthenticatorConfig() == null) {
                return null;
            }
            if (this.authenticatorConfig != null) {
                return this.authenticatorConfig;
            }
            this.authenticatorConfig = getRealm().getAuthenticatorConfigById(this.executionModel.getAuthenticatorConfig());
            return this.authenticatorConfig;
        }

        public UserModel getUser() {
            return getAuthenticationSession().getAuthenticatedUser();
        }

        public void setUser(UserModel userModel) {
            FormAuthenticationFlow.this.processor.setAutheticatedUser(userModel);
        }

        public RealmModel getRealm() {
            return FormAuthenticationFlow.this.processor.getRealm();
        }

        public AuthenticationSessionModel getAuthenticationSession() {
            return FormAuthenticationFlow.this.processor.getAuthenticationSession();
        }

        public ClientConnection getConnection() {
            return FormAuthenticationFlow.this.processor.getConnection();
        }

        public UriInfo getUriInfo() {
            return FormAuthenticationFlow.this.processor.getUriInfo();
        }

        public KeycloakSession getSession() {
            return FormAuthenticationFlow.this.processor.getSession();
        }

        public HttpRequest getHttpRequest() {
            return FormAuthenticationFlow.this.processor.getRequest();
        }
    }

    /* loaded from: input_file:org/keycloak/authentication/FormAuthenticationFlow$ValidationContextImpl.class */
    private class ValidationContextImpl extends FormContextImpl implements ValidationContext {
        FormAction action;
        String error;
        boolean excludeOthers;
        boolean success;
        List<FormMessage> errors;
        MultivaluedMap<String, String> formData;

        private ValidationContextImpl(AuthenticationExecutionModel authenticationExecutionModel, FormAction formAction) {
            super(authenticationExecutionModel);
            this.errors = null;
            this.formData = null;
            this.action = formAction;
        }

        public void validationError(MultivaluedMap<String, String> multivaluedMap, List<FormMessage> list) {
            this.errors = list;
            this.formData = multivaluedMap;
        }

        public void error(String str) {
            this.error = str;
        }

        public void success() {
            this.success = true;
        }

        public void excludeOtherErrors() {
            this.excludeOthers = true;
        }
    }

    public FormAuthenticationFlow(AuthenticationProcessor authenticationProcessor, AuthenticationExecutionModel authenticationExecutionModel) {
        this.processor = authenticationProcessor;
        this.formExecution = authenticationExecutionModel;
        this.formActionExecutions = authenticationProcessor.getRealm().getAuthenticationExecutions(authenticationExecutionModel.getFlowId());
        this.formAuthenticator = authenticationProcessor.getSession().getProvider(FormAuthenticator.class, authenticationExecutionModel.getAuthenticator());
    }

    public Response processAction(String str) {
        if (!str.equals(this.formExecution.getId())) {
            throw new AuthenticationFlowException("action is not current execution", AuthenticationFlowError.INTERNAL_ERROR);
        }
        HashMap hashMap = new HashMap();
        LinkedList linkedList = new LinkedList();
        LinkedList<ValidationContextImpl> linkedList2 = new LinkedList();
        LinkedList<ValidationContextImpl> linkedList3 = new LinkedList();
        for (AuthenticationExecutionModel authenticationExecutionModel : this.formActionExecutions) {
            if (authenticationExecutionModel.isEnabled()) {
                FormActionFactory providerFactory = this.processor.getSession().getKeycloakSessionFactory().getProviderFactory(FormAction.class, authenticationExecutionModel.getAuthenticator());
                FormAction create = providerFactory.create(this.processor.getSession());
                UserModel authenticatedUser = this.processor.getAuthenticationSession().getAuthenticatedUser();
                if (create.requiresUser() && authenticatedUser == null) {
                    throw new AuthenticationFlowException("form action: " + this.formExecution.getAuthenticator() + " requires user", AuthenticationFlowError.UNKNOWN_USER);
                }
                if (create.requiresUser() && authenticatedUser != null && !create.configuredFor(this.processor.getSession(), this.processor.getRealm(), authenticatedUser)) {
                    if (authenticationExecutionModel.isRequired()) {
                        if (!providerFactory.isUserSetupAllowed()) {
                            throw new AuthenticationFlowException(AuthenticationFlowError.CREDENTIAL_SETUP_REQUIRED);
                        }
                        AuthenticationProcessor.logger.debugv("authenticator SETUP_REQUIRED: {0}", this.formExecution.getAuthenticator());
                        hashMap.put(authenticationExecutionModel.getId(), CommonClientSessionModel.ExecutionStatus.SETUP_REQUIRED);
                        linkedList.add(create);
                    } else if (authenticationExecutionModel.isConditional()) {
                        hashMap.put(authenticationExecutionModel.getId(), CommonClientSessionModel.ExecutionStatus.SKIPPED);
                    }
                }
                ValidationContextImpl validationContextImpl = new ValidationContextImpl(authenticationExecutionModel, create);
                create.validate(validationContextImpl);
                if (validationContextImpl.success) {
                    hashMap.put(authenticationExecutionModel.getId(), CommonClientSessionModel.ExecutionStatus.SUCCESS);
                    linkedList2.add(validationContextImpl);
                } else {
                    hashMap.put(authenticationExecutionModel.getId(), CommonClientSessionModel.ExecutionStatus.CHALLENGED);
                    linkedList3.add(validationContextImpl);
                }
            } else {
                hashMap.put(authenticationExecutionModel.getId(), CommonClientSessionModel.ExecutionStatus.SKIPPED);
            }
        }
        if (linkedList3.isEmpty()) {
            for (ValidationContextImpl validationContextImpl2 : linkedList2) {
                validationContextImpl2.action.success(validationContextImpl2);
            }
            for (Map.Entry entry : hashMap.entrySet()) {
                this.processor.getAuthenticationSession().setExecutionStatus((String) entry.getKey(), (CommonClientSessionModel.ExecutionStatus) entry.getValue());
            }
            Iterator it = linkedList.iterator();
            while (it.hasNext()) {
                ((FormAction) it.next()).setRequiredActions(this.processor.getSession(), this.processor.getRealm(), this.processor.getAuthenticationSession().getAuthenticatedUser());
            }
            this.processor.getAuthenticationSession().setExecutionStatus(str, CommonClientSessionModel.ExecutionStatus.SUCCESS);
            this.processor.getAuthenticationSession().removeAuthNote(AuthenticationProcessor.CURRENT_AUTHENTICATION_EXECUTION);
            return null;
        }
        this.processor.logFailure();
        LinkedList linkedList4 = new LinkedList();
        HashSet hashSet = new HashSet();
        for (ValidationContextImpl validationContextImpl3 : linkedList3) {
            for (FormMessage formMessage : validationContextImpl3.errors) {
                if (!hashSet.contains(formMessage.getField())) {
                    if (validationContextImpl3.excludeOthers) {
                        hashSet.clear();
                        linkedList4.clear();
                    }
                    hashSet.add(formMessage.getField());
                    linkedList4.add(formMessage);
                    if (validationContextImpl3.excludeOthers) {
                        break;
                    }
                }
            }
        }
        ValidationContextImpl validationContextImpl4 = (ValidationContextImpl) linkedList3.get(0);
        validationContextImpl4.getEvent().error(validationContextImpl4.error);
        return renderForm(validationContextImpl4.formData, linkedList4);
    }

    public URI getActionUrl(String str, String str2) {
        return LoginActionsService.registrationFormProcessor(this.processor.getUriInfo()).queryParam(LoginActionsService.SESSION_CODE, new Object[]{str2}).queryParam("execution", new Object[]{str}).queryParam("client_id", new Object[]{this.processor.getAuthenticationSession().getClient().getClientId()}).queryParam("tab_id", new Object[]{this.processor.getAuthenticationSession().getTabId()}).build(new Object[]{this.processor.getRealm().getName()});
    }

    public Response processFlow() {
        return renderForm(null, null);
    }

    public Response renderForm(MultivaluedMap<String, String> multivaluedMap, List<FormMessage> list) {
        String id = this.formExecution.getId();
        this.processor.getAuthenticationSession().setAuthNote(AuthenticationProcessor.CURRENT_AUTHENTICATION_EXECUTION, id);
        String generateCode = this.processor.generateCode();
        LoginFormsProvider errors = this.processor.getSession().getProvider(LoginFormsProvider.class).setAuthenticationSession(this.processor.getAuthenticationSession()).setActionUri(getActionUrl(id, generateCode)).setExecution(id).setClientSessionCode(generateCode).setFormData(multivaluedMap).setErrors(list);
        for (AuthenticationExecutionModel authenticationExecutionModel : this.formActionExecutions) {
            if (authenticationExecutionModel.isEnabled()) {
                this.processor.getSession().getProvider(FormAction.class, authenticationExecutionModel.getAuthenticator()).buildPage(new FormContextImpl(authenticationExecutionModel), errors);
            }
        }
        return this.formAuthenticator.render(new FormContextImpl(this.formExecution), errors);
    }

    public boolean isSuccessful() {
        return false;
    }
}
