package org.keycloak.authentication.authenticators.broker;

import javax.ws.rs.core.MultivaluedMap;
import javax.ws.rs.core.Response;
import org.keycloak.authentication.AuthenticationFlowContext;
import org.keycloak.authentication.AuthenticationFlowError;
import org.keycloak.authentication.AuthenticationFlowException;
import org.keycloak.authentication.authenticators.broker.util.SerializedBrokeredIdentityContext;
import org.keycloak.authentication.authenticators.browser.UsernamePasswordForm;
import org.keycloak.forms.login.LoginFormsProvider;
import org.keycloak.models.UserModel;
import org.keycloak.services.messages.Messages;

/* loaded from: input_file:org/keycloak/authentication/authenticators/broker/IdpUsernamePasswordForm.class */
public class IdpUsernamePasswordForm extends UsernamePasswordForm {
    @Override // org.keycloak.authentication.authenticators.browser.UsernamePasswordForm
    protected Response challenge(AuthenticationFlowContext authenticationFlowContext, MultivaluedMap<String, String> multivaluedMap) {
        return setupForm(authenticationFlowContext, multivaluedMap, AbstractIdpAuthenticator.getExistingUser(authenticationFlowContext.getSession(), authenticationFlowContext.getRealm(), authenticationFlowContext.getAuthenticationSession())).setStatus(Response.Status.OK).createLoginUsernamePassword();
    }

    @Override // org.keycloak.authentication.authenticators.browser.UsernamePasswordForm
    protected boolean validateForm(AuthenticationFlowContext authenticationFlowContext, MultivaluedMap<String, String> multivaluedMap) {
        UserModel existingUser = AbstractIdpAuthenticator.getExistingUser(authenticationFlowContext.getSession(), authenticationFlowContext.getRealm(), authenticationFlowContext.getAuthenticationSession());
        authenticationFlowContext.setUser(existingUser);
        setupForm(authenticationFlowContext, multivaluedMap, existingUser);
        return validatePassword(authenticationFlowContext, existingUser, multivaluedMap);
    }

    protected LoginFormsProvider setupForm(AuthenticationFlowContext authenticationFlowContext, MultivaluedMap<String, String> multivaluedMap, UserModel userModel) {
        SerializedBrokeredIdentityContext readFromAuthenticationSession = SerializedBrokeredIdentityContext.readFromAuthenticationSession(authenticationFlowContext.getAuthenticationSession(), AbstractIdpAuthenticator.BROKERED_CONTEXT_NOTE);
        if (readFromAuthenticationSession == null) {
            throw new AuthenticationFlowException("Not found serialized context in clientSession", AuthenticationFlowError.IDENTITY_PROVIDER_ERROR);
        }
        multivaluedMap.add("username", userModel.getUsername());
        return authenticationFlowContext.form().setFormData(multivaluedMap).setAttribute("usernameEditDisabled", true).setInfo(Messages.FEDERATED_IDENTITY_CONFIRM_REAUTHENTICATE_MESSAGE, new Object[]{userModel.getUsername(), readFromAuthenticationSession.getIdentityProviderId()});
    }
}
