package org.keycloak.authentication.authenticators.browser;

import javax.ws.rs.core.MultivaluedMap;
import javax.ws.rs.core.Response;
import org.jboss.resteasy.specimpl.MultivaluedMapImpl;
import org.keycloak.authentication.AuthenticationProcessor;
import org.keycloak.authentication.Authenticator;
import org.keycloak.authentication.AuthenticatorContext;
import org.keycloak.login.LoginFormsProvider;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.models.UserModel;
import org.keycloak.protocol.LoginProtocol;
import org.keycloak.protocol.oidc.OIDCLoginProtocol;
import org.keycloak.services.managers.AuthenticationManager;

/* loaded from: input_file:org/keycloak/authentication/authenticators/browser/UsernamePasswordForm.class */
public class UsernamePasswordForm extends AbstractFormAuthenticator implements Authenticator {
    @Override // org.keycloak.authentication.authenticators.browser.AbstractFormAuthenticator, org.keycloak.authentication.Authenticator
    public void action(AuthenticatorContext authenticatorContext) {
        MultivaluedMap<String, String> decodedFormParameters = authenticatorContext.getHttpRequest().getDecodedFormParameters();
        if (!decodedFormParameters.containsKey("cancel")) {
            if (validateForm(authenticatorContext, decodedFormParameters)) {
                authenticatorContext.success();
            }
        } else {
            authenticatorContext.getEvent().error("rejected_by_user");
            LoginProtocol loginProtocol = (LoginProtocol) authenticatorContext.getSession().getProvider(LoginProtocol.class, authenticatorContext.getClientSession().getAuthMethod());
            loginProtocol.setRealm(authenticatorContext.getRealm()).setHttpHeaders(authenticatorContext.getHttpRequest().getHttpHeaders()).setUriInfo(authenticatorContext.getUriInfo());
            authenticatorContext.forceChallenge(loginProtocol.cancelLogin(authenticatorContext.getClientSession()));
        }
    }

    protected boolean validateForm(AuthenticatorContext authenticatorContext, MultivaluedMap<String, String> multivaluedMap) {
        return validateUser(authenticatorContext, multivaluedMap) && validatePassword(authenticatorContext, multivaluedMap);
    }

    @Override // org.keycloak.authentication.Authenticator
    public void authenticate(AuthenticatorContext authenticatorContext) {
        MultivaluedMapImpl multivaluedMapImpl = new MultivaluedMapImpl();
        String note = authenticatorContext.getClientSession().getNote(OIDCLoginProtocol.LOGIN_HINT_PARAM);
        String rememberMeUsername = AuthenticationManager.getRememberMeUsername(authenticatorContext.getRealm(), authenticatorContext.getHttpRequest().getHttpHeaders());
        if (note != null || rememberMeUsername != null) {
            if (note != null) {
                multivaluedMapImpl.add("username", note);
            } else {
                multivaluedMapImpl.add("username", rememberMeUsername);
                multivaluedMapImpl.add("rememberMe", "on");
            }
        }
        Response challenge = challenge(authenticatorContext, multivaluedMapImpl);
        authenticatorContext.getClientSession().setNote(AuthenticationProcessor.CURRENT_AUTHENTICATION_EXECUTION, authenticatorContext.getExecution().getId());
        authenticatorContext.challenge(challenge);
    }

    @Override // org.keycloak.authentication.Authenticator
    public boolean requiresUser() {
        return false;
    }

    protected Response challenge(AuthenticatorContext authenticatorContext, MultivaluedMap<String, String> multivaluedMap) {
        LoginFormsProvider loginForm = loginForm(authenticatorContext);
        if (multivaluedMap.size() > 0) {
            loginForm.setFormData(multivaluedMap);
        }
        return loginForm.createLogin();
    }

    @Override // org.keycloak.authentication.Authenticator
    public boolean configuredFor(KeycloakSession keycloakSession, RealmModel realmModel, UserModel userModel) {
        return true;
    }

    @Override // org.keycloak.authentication.Authenticator
    public void setRequiredActions(KeycloakSession keycloakSession, RealmModel realmModel, UserModel userModel) {
    }

    @Override // org.keycloak.authentication.authenticators.browser.AbstractFormAuthenticator
    public void close() {
    }
}
