package org.keycloak.hash;

import org.jboss.logging.Logger;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.PasswordPolicy;
import org.keycloak.models.RealmModel;
import org.keycloak.models.UserCredentialValueModel;

/* loaded from: input_file:wildfly-10.1.0.Final/modules/system/add-ons/keycloak/org/keycloak/keycloak-server-spi/main/keycloak-server-spi-2.1.0.Final.jar:org/keycloak/hash/PasswordHashManager.class */
public class PasswordHashManager {
    private static final Logger log = Logger.getLogger((Class<?>) PasswordHashManager.class);

    public static UserCredentialValueModel encode(KeycloakSession keycloakSession, RealmModel realmModel, String str) {
        return encode(keycloakSession, realmModel.getPasswordPolicy(), str);
    }

    public static UserCredentialValueModel encode(KeycloakSession keycloakSession, PasswordPolicy passwordPolicy, String str) {
        PasswordHashProvider passwordHashProvider = (PasswordHashProvider) keycloakSession.getProvider(PasswordHashProvider.class, passwordPolicy.getHashAlgorithm());
        if (passwordHashProvider == null) {
            log.warnv("Could not find hash provider {0} from password policy, using default provider {1}", passwordPolicy.getHashAlgorithm(), "pbkdf2");
            passwordHashProvider = (PasswordHashProvider) keycloakSession.getProvider(PasswordHashProvider.class, "pbkdf2");
        }
        return passwordHashProvider.encode(str, passwordPolicy.getHashIterations());
    }

    public static boolean verify(KeycloakSession keycloakSession, RealmModel realmModel, String str, UserCredentialValueModel userCredentialValueModel) {
        return verify(keycloakSession, realmModel.getPasswordPolicy(), str, userCredentialValueModel);
    }

    public static boolean verify(KeycloakSession keycloakSession, PasswordPolicy passwordPolicy, String str, UserCredentialValueModel userCredentialValueModel) {
        String algorithm = userCredentialValueModel.getAlgorithm() != null ? userCredentialValueModel.getAlgorithm() : passwordPolicy.getHashAlgorithm();
        PasswordHashProvider passwordHashProvider = (PasswordHashProvider) keycloakSession.getProvider(PasswordHashProvider.class, algorithm);
        if (passwordHashProvider != null) {
            return passwordHashProvider.verify(str, userCredentialValueModel);
        }
        log.warnv("Could not find hash provider {0} for password", algorithm);
        return false;
    }
}
