package org.keycloak.login.freemarker;

import java.io.IOException;
import java.net.URI;
import java.util.HashMap;
import java.util.List;
import java.util.Properties;
import java.util.concurrent.TimeUnit;
import javax.ws.rs.core.MultivaluedMap;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriBuilder;
import javax.ws.rs.core.UriInfo;
import org.jboss.logging.Logger;
import org.jboss.resteasy.specimpl.MultivaluedMapImpl;
import org.keycloak.OAuth2Constants;
import org.keycloak.email.EmailException;
import org.keycloak.email.EmailProvider;
import org.keycloak.freemarker.BrowserSecurityHeaderSetup;
import org.keycloak.freemarker.FreeMarkerException;
import org.keycloak.freemarker.FreeMarkerUtil;
import org.keycloak.freemarker.Theme;
import org.keycloak.freemarker.ThemeProvider;
import org.keycloak.login.LoginFormsPages;
import org.keycloak.login.LoginFormsProvider;
import org.keycloak.login.freemarker.model.ClientBean;
import org.keycloak.login.freemarker.model.CodeBean;
import org.keycloak.login.freemarker.model.LoginBean;
import org.keycloak.login.freemarker.model.MessageBean;
import org.keycloak.login.freemarker.model.OAuthGrantBean;
import org.keycloak.login.freemarker.model.ProfileBean;
import org.keycloak.login.freemarker.model.RealmBean;
import org.keycloak.login.freemarker.model.RegisterBean;
import org.keycloak.login.freemarker.model.SocialBean;
import org.keycloak.login.freemarker.model.TotpBean;
import org.keycloak.login.freemarker.model.UrlBean;
import org.keycloak.models.ClientModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.models.RoleModel;
import org.keycloak.models.UserModel;
import org.keycloak.services.messages.Messages;
import org.keycloak.services.resources.flows.Urls;

/* loaded from: input_file:WEB-INF/lib/keycloak-login-freemarker-1.1.0.Final.jar:org/keycloak/login/freemarker/FreeMarkerLoginFormsProvider.class */
public class FreeMarkerLoginFormsProvider implements LoginFormsProvider {
    private static final Logger logger = Logger.getLogger((Class<?>) FreeMarkerLoginFormsProvider.class);
    private String message;
    private String accessCode;
    private List<RoleModel> realmRolesRequested;
    private MultivaluedMap<String, RoleModel> resourceRolesRequested;
    private MultivaluedMap<String, String> queryParams;
    private MultivaluedMap<String, String> formData;
    private KeycloakSession session;
    private FreeMarkerUtil freeMarker;
    private RealmModel realm;
    private UserModel user;
    private ClientModel client;
    private UriInfo uriInfo;
    private Response.Status status = Response.Status.OK;
    private MessageType messageType = MessageType.ERROR;

    /* loaded from: input_file:WEB-INF/lib/keycloak-login-freemarker-1.1.0.Final.jar:org/keycloak/login/freemarker/FreeMarkerLoginFormsProvider$MessageType.class */
    public enum MessageType {
        SUCCESS,
        WARNING,
        ERROR
    }

    public FreeMarkerLoginFormsProvider(KeycloakSession keycloakSession, FreeMarkerUtil freeMarkerUtil) {
        this.session = keycloakSession;
        this.freeMarker = freeMarkerUtil;
    }

    @Override // org.keycloak.login.LoginFormsProvider
    public LoginFormsProvider setRealm(RealmModel realmModel) {
        this.realm = realmModel;
        return this;
    }

    @Override // org.keycloak.login.LoginFormsProvider
    public LoginFormsProvider setUriInfo(UriInfo uriInfo) {
        this.uriInfo = uriInfo;
        return this;
    }

    @Override // org.keycloak.login.LoginFormsProvider
    public Response createResponse(UserModel.RequiredAction requiredAction) {
        String str;
        LoginFormsPages loginFormsPages;
        switch (requiredAction) {
            case CONFIGURE_TOTP:
                str = Messages.ACTION_WARN_TOTP;
                loginFormsPages = LoginFormsPages.LOGIN_CONFIG_TOTP;
                break;
            case UPDATE_PROFILE:
                str = Messages.ACTION_WARN_PROFILE;
                loginFormsPages = LoginFormsPages.LOGIN_UPDATE_PROFILE;
                break;
            case UPDATE_PASSWORD:
                str = Messages.ACTION_WARN_PASSWD;
                loginFormsPages = LoginFormsPages.LOGIN_UPDATE_PASSWORD;
                break;
            case VERIFY_EMAIL:
                try {
                    UriBuilder loginActionEmailVerificationBuilder = Urls.loginActionEmailVerificationBuilder(this.uriInfo.getBaseUri());
                    loginActionEmailVerificationBuilder.queryParam("key", new Object[]{this.accessCode});
                    ((EmailProvider) this.session.getProvider(EmailProvider.class)).setRealm(this.realm).setUser(this.user).sendVerifyEmail(loginActionEmailVerificationBuilder.build(new Object[]{this.realm.getName()}).toString(), TimeUnit.SECONDS.toMinutes(this.realm.getAccessCodeLifespanUserAction()));
                    str = Messages.ACTION_WARN_EMAIL;
                    loginFormsPages = LoginFormsPages.LOGIN_VERIFY_EMAIL;
                    break;
                } catch (EmailException e) {
                    logger.error("Failed to send verification email", e);
                    return setError("emailSendError").createErrorPage();
                }
            default:
                return Response.serverError().build();
        }
        if (this.message == null) {
            setWarning(str);
        }
        return createResponse(loginFormsPages);
    }

    private Response createResponse(LoginFormsPages loginFormsPages) {
        Properties properties;
        MultivaluedMap<String, String> multivaluedMapImpl = this.queryParams != null ? this.queryParams : new MultivaluedMapImpl<>();
        UriBuilder fromUri = UriBuilder.fromUri(this.uriInfo.getBaseUri().getPath());
        for (String str : multivaluedMapImpl.keySet()) {
            Object[] array = ((List) multivaluedMapImpl.get(str)).toArray();
            if (array.length != 1 || array[0] != null) {
                fromUri.replaceQueryParam(str, array);
            }
        }
        if (this.accessCode != null) {
            fromUri.replaceQueryParam(OAuth2Constants.CODE, new Object[]{this.accessCode});
        }
        HashMap hashMap = new HashMap();
        try {
            Theme theme = ((ThemeProvider) this.session.getProvider(ThemeProvider.class, "extending")).getTheme(this.realm.getLoginTheme(), Theme.Type.LOGIN);
            try {
                hashMap.put("properties", theme.getProperties());
            } catch (IOException e) {
                logger.warn("Failed to load properties", e);
            }
            try {
                properties = theme.getMessages();
                hashMap.put("rb", properties);
            } catch (IOException e2) {
                logger.warn("Failed to load messages", e2);
                properties = new Properties();
            }
            if (this.message != null) {
                hashMap.put("message", new MessageBean(properties.containsKey(this.message) ? properties.getProperty(this.message) : this.message, this.messageType));
            }
            if (loginFormsPages == LoginFormsPages.OAUTH_GRANT) {
                fromUri.replaceQuery((String) null);
            }
            URI build = fromUri.build(new Object[0]);
            if (this.realm != null) {
                hashMap.put("realm", new RealmBean(this.realm));
                hashMap.put("social", new SocialBean(this.realm, build));
                hashMap.put("url", new UrlBean(this.realm, theme, build));
            }
            if (this.client != null) {
                hashMap.put("client", new ClientBean(this.client));
            }
            hashMap.put("login", new LoginBean(this.formData));
            switch (loginFormsPages) {
                case LOGIN_CONFIG_TOTP:
                    hashMap.put("totp", new TotpBean(this.realm, this.user, build));
                    break;
                case LOGIN_UPDATE_PROFILE:
                    hashMap.put("user", new ProfileBean(this.user));
                    break;
                case REGISTER:
                    hashMap.put("register", new RegisterBean(this.formData));
                    break;
                case OAUTH_GRANT:
                    hashMap.put("oauth", new OAuthGrantBean(this.accessCode, this.client, this.realmRolesRequested, this.resourceRolesRequested));
                    break;
                case CODE:
                    hashMap.put(OAuth2Constants.CODE, new CodeBean(this.accessCode, this.messageType == MessageType.ERROR ? this.message : null));
                    break;
            }
            try {
                Response.ResponseBuilder entity = Response.status(this.status).type("text/html").entity(this.freeMarker.processTemplate(hashMap, Templates.getTemplate(loginFormsPages), theme));
                BrowserSecurityHeaderSetup.headers(entity, this.realm);
                return entity.build();
            } catch (FreeMarkerException e3) {
                logger.error("Failed to process template", e3);
                return Response.serverError().build();
            }
        } catch (IOException e4) {
            logger.error("Failed to create theme", e4);
            return Response.serverError().build();
        }
    }

    @Override // org.keycloak.login.LoginFormsProvider
    public Response createLogin() {
        return createResponse(LoginFormsPages.LOGIN);
    }

    @Override // org.keycloak.login.LoginFormsProvider
    public Response createPasswordReset() {
        return createResponse(LoginFormsPages.LOGIN_RESET_PASSWORD);
    }

    @Override // org.keycloak.login.LoginFormsProvider
    public Response createLoginTotp() {
        return createResponse(LoginFormsPages.LOGIN_TOTP);
    }

    @Override // org.keycloak.login.LoginFormsProvider
    public Response createRegistration() {
        return createResponse(LoginFormsPages.REGISTER);
    }

    @Override // org.keycloak.login.LoginFormsProvider
    public Response createErrorPage() {
        setStatus(Response.Status.INTERNAL_SERVER_ERROR);
        return createResponse(LoginFormsPages.ERROR);
    }

    @Override // org.keycloak.login.LoginFormsProvider
    public Response createOAuthGrant() {
        return createResponse(LoginFormsPages.OAUTH_GRANT);
    }

    @Override // org.keycloak.login.LoginFormsProvider
    public Response createCode() {
        return createResponse(LoginFormsPages.CODE);
    }

    @Override // org.keycloak.login.LoginFormsProvider
    public FreeMarkerLoginFormsProvider setError(String str) {
        this.message = str;
        this.messageType = MessageType.ERROR;
        return this;
    }

    @Override // org.keycloak.login.LoginFormsProvider
    public FreeMarkerLoginFormsProvider setSuccess(String str) {
        this.message = str;
        this.messageType = MessageType.SUCCESS;
        return this;
    }

    @Override // org.keycloak.login.LoginFormsProvider
    public FreeMarkerLoginFormsProvider setWarning(String str) {
        this.message = str;
        this.messageType = MessageType.WARNING;
        return this;
    }

    @Override // org.keycloak.login.LoginFormsProvider
    public FreeMarkerLoginFormsProvider setUser(UserModel userModel) {
        this.user = userModel;
        return this;
    }

    @Override // org.keycloak.login.LoginFormsProvider
    public FreeMarkerLoginFormsProvider setClient(ClientModel clientModel) {
        this.client = clientModel;
        return this;
    }

    @Override // org.keycloak.login.LoginFormsProvider
    public FreeMarkerLoginFormsProvider setFormData(MultivaluedMap<String, String> multivaluedMap) {
        this.formData = multivaluedMap;
        return this;
    }

    @Override // org.keycloak.login.LoginFormsProvider
    public LoginFormsProvider setClientSessionCode(String str) {
        this.accessCode = str;
        return this;
    }

    @Override // org.keycloak.login.LoginFormsProvider
    public LoginFormsProvider setAccessRequest(List<RoleModel> list, MultivaluedMap<String, RoleModel> multivaluedMap) {
        this.realmRolesRequested = list;
        this.resourceRolesRequested = multivaluedMap;
        return this;
    }

    @Override // org.keycloak.login.LoginFormsProvider
    public LoginFormsProvider setStatus(Response.Status status) {
        this.status = status;
        return this;
    }

    @Override // org.keycloak.login.LoginFormsProvider
    public LoginFormsProvider setQueryParams(MultivaluedMap<String, String> multivaluedMap) {
        this.queryParams = multivaluedMap;
        return this;
    }

    @Override // org.keycloak.provider.Provider
    public void close() {
    }

    @Override // org.keycloak.login.LoginFormsProvider
    public /* bridge */ /* synthetic */ LoginFormsProvider setFormData(MultivaluedMap multivaluedMap) {
        return setFormData((MultivaluedMap<String, String>) multivaluedMap);
    }
}
