package org.keycloak.authentication.authenticators;

import javax.ws.rs.core.MultivaluedMap;
import javax.ws.rs.core.Response;
import org.jboss.resteasy.specimpl.MultivaluedMapImpl;
import org.keycloak.authentication.AuthenticationProcessor;
import org.keycloak.authentication.Authenticator;
import org.keycloak.authentication.AuthenticatorContext;
import org.keycloak.login.LoginFormsProvider;
import org.keycloak.models.AuthenticatorModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.utils.KeycloakModelUtils;
import org.keycloak.protocol.LoginProtocol;
import org.keycloak.protocol.oidc.OIDCLoginProtocol;
import org.keycloak.services.managers.AuthenticationManager;

/* loaded from: input_file:org/keycloak/authentication/authenticators/LoginFormUsernameAuthenticator.class */
public class LoginFormUsernameAuthenticator extends AbstractFormAuthenticator implements Authenticator {
    public static final String FORM_USERNAME = "FORM_USERNAME";
    protected AuthenticatorModel model;

    public LoginFormUsernameAuthenticator(AuthenticatorModel authenticatorModel) {
        this.model = authenticatorModel;
    }

    public void authenticate(AuthenticatorContext authenticatorContext) {
        if (isAction(authenticatorContext, AbstractFormAuthenticator.REGISTRATION_FORM_ACTION) && authenticatorContext.getUser() != null) {
            authenticatorContext.success();
            return;
        }
        if (isAction(authenticatorContext, AbstractFormAuthenticator.LOGIN_FORM_ACTION)) {
            MultivaluedMap<String, String> decodedFormParameters = authenticatorContext.getHttpRequest().getDecodedFormParameters();
            if (!decodedFormParameters.containsKey("cancel")) {
                validateUser(authenticatorContext, decodedFormParameters);
                return;
            }
            authenticatorContext.getEvent().error("rejected_by_user");
            LoginProtocol loginProtocol = (LoginProtocol) authenticatorContext.getSession().getProvider(LoginProtocol.class, authenticatorContext.getClientSession().getAuthMethod());
            loginProtocol.setRealm(authenticatorContext.getRealm()).setHttpHeaders(authenticatorContext.getHttpRequest().getHttpHeaders()).setUriInfo(authenticatorContext.getUriInfo());
            authenticatorContext.challenge(loginProtocol.cancelLogin(authenticatorContext.getClientSession()));
            return;
        }
        MultivaluedMapImpl multivaluedMapImpl = new MultivaluedMapImpl();
        String note = authenticatorContext.getClientSession().getNote(OIDCLoginProtocol.LOGIN_HINT_PARAM);
        String rememberMeUsername = AuthenticationManager.getRememberMeUsername(authenticatorContext.getRealm(), authenticatorContext.getHttpRequest().getHttpHeaders());
        if (note != null || rememberMeUsername != null) {
            if (note != null) {
                multivaluedMapImpl.add("username", note);
            } else {
                multivaluedMapImpl.add("username", rememberMeUsername);
                multivaluedMapImpl.add("rememberMe", "on");
            }
        }
        authenticatorContext.challenge(challenge(authenticatorContext, multivaluedMapImpl));
    }

    public boolean requiresUser() {
        return false;
    }

    protected Response challenge(AuthenticatorContext authenticatorContext, MultivaluedMap<String, String> multivaluedMap) {
        LoginFormsProvider loginForm = loginForm(authenticatorContext);
        if (multivaluedMap.size() > 0) {
            loginForm.setFormData(multivaluedMap);
        }
        return loginForm.createLogin();
    }

    public void validateUser(AuthenticatorContext authenticatorContext, MultivaluedMap<String, String> multivaluedMap) {
        String str = (String) multivaluedMap.getFirst("username");
        if (str == null) {
            authenticatorContext.getEvent().error("user_not_found");
            authenticatorContext.failureChallenge(AuthenticationProcessor.Error.INVALID_USER, invalidUser(authenticatorContext));
            return;
        }
        authenticatorContext.getEvent().detail("username", str);
        authenticatorContext.getClientSession().setNote(FORM_USERNAME, str);
        UserModel findUserByNameOrEmail = KeycloakModelUtils.findUserByNameOrEmail(authenticatorContext.getSession(), authenticatorContext.getRealm(), str);
        if (invalidUser(authenticatorContext, findUserByNameOrEmail)) {
            return;
        }
        String str2 = (String) multivaluedMap.getFirst("rememberMe");
        if (str2 != null && str2.equalsIgnoreCase("on")) {
            authenticatorContext.getClientSession().setNote("remember_me", "true");
            authenticatorContext.getEvent().detail("remember_me", "true");
        }
        authenticatorContext.setUser(findUserByNameOrEmail);
        authenticatorContext.success();
    }

    public boolean configuredFor(KeycloakSession keycloakSession, RealmModel realmModel, UserModel userModel) {
        return true;
    }

    public String getRequiredAction() {
        return null;
    }

    public void close() {
    }
}
