package org.keycloak.services.util;

import java.net.URI;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.ws.rs.core.Response;
import org.jboss.logging.Logger;
import org.jboss.resteasy.spi.HttpRequest;
import org.keycloak.models.KeycloakSession;
import org.keycloak.sessions.AuthenticationSessionModel;
import org.keycloak.theme.BrowserSecurityHeaderSetup;
import org.keycloak.utils.MediaType;

/* loaded from: input_file:org/keycloak/services/util/BrowserHistoryHelper.class */
public abstract class BrowserHistoryHelper {
    public static final String SHOULD_UPDATE_BROWSER_HISTORY = "SHOULD_UPDATE_BROWSER_HISTORY";
    protected static final Logger logger = Logger.getLogger(BrowserHistoryHelper.class);

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/keycloak/services/util/BrowserHistoryHelper$JavascriptHistoryReplace.class */
    public static class JavascriptHistoryReplace extends BrowserHistoryHelper {
        private static final Pattern HEAD_END_PATTERN = Pattern.compile("</[hH][eE][aA][dD]>");

        private JavascriptHistoryReplace() {
        }

        @Override // org.keycloak.services.util.BrowserHistoryHelper
        public Response saveResponseAndRedirect(KeycloakSession keycloakSession, AuthenticationSessionModel authenticationSessionModel, Response response, boolean z, HttpRequest httpRequest) {
            if (!shouldReplaceBrowserHistory(z, httpRequest)) {
                return response;
            }
            Object entity = response.getEntity();
            if (entity == null || !(entity instanceof String)) {
                return response;
            }
            return Response.fromResponse(response).entity(responseWithJavascript((String) entity, new AuthenticationFlowURLHelper(keycloakSession, keycloakSession.getContext().getRealm(), keycloakSession.getContext().getUri()).getLastExecutionUrl(authenticationSessionModel).toString())).build();
        }

        @Override // org.keycloak.services.util.BrowserHistoryHelper
        public Response loadSavedResponse(KeycloakSession keycloakSession, AuthenticationSessionModel authenticationSessionModel) {
            return null;
        }

        private String responseWithJavascript(String str, String str2) {
            Matcher matcher = HEAD_END_PATTERN.matcher(str);
            if (!matcher.find()) {
                return str;
            }
            int start = matcher.start();
            return str.substring(0, start) + getJavascriptText(str2) + str.substring(start);
        }

        private String getJavascriptText(String str) {
            return "<SCRIPT> if (typeof history.replaceState === 'function') {" + ("  history.replaceState({}, \"some title\", \"" + str + "\");") + " }</SCRIPT>";
        }
    }

    /* loaded from: input_file:org/keycloak/services/util/BrowserHistoryHelper$NoOpHelper.class */
    private static class NoOpHelper extends BrowserHistoryHelper {
        private NoOpHelper() {
        }

        @Override // org.keycloak.services.util.BrowserHistoryHelper
        public Response saveResponseAndRedirect(KeycloakSession keycloakSession, AuthenticationSessionModel authenticationSessionModel, Response response, boolean z, HttpRequest httpRequest) {
            return response;
        }

        @Override // org.keycloak.services.util.BrowserHistoryHelper
        public Response loadSavedResponse(KeycloakSession keycloakSession, AuthenticationSessionModel authenticationSessionModel) {
            return null;
        }
    }

    /* loaded from: input_file:org/keycloak/services/util/BrowserHistoryHelper$RedirectAfterPostHelper.class */
    private static class RedirectAfterPostHelper extends BrowserHistoryHelper {
        private static final String CACHED_RESPONSE = "cached.response";

        private RedirectAfterPostHelper() {
        }

        @Override // org.keycloak.services.util.BrowserHistoryHelper
        public Response saveResponseAndRedirect(KeycloakSession keycloakSession, AuthenticationSessionModel authenticationSessionModel, Response response, boolean z, HttpRequest httpRequest) {
            if (!shouldReplaceBrowserHistory(z, httpRequest)) {
                return response;
            }
            if (response.getStatus() == 200) {
                Object entity = response.getEntity();
                if (entity instanceof String) {
                    authenticationSessionModel.setAuthNote(CACHED_RESPONSE, (String) entity);
                    URI lastExecutionUrl = new AuthenticationFlowURLHelper(keycloakSession, keycloakSession.getContext().getRealm(), keycloakSession.getContext().getUri()).getLastExecutionUrl(authenticationSessionModel);
                    if (logger.isTraceEnabled()) {
                        logger.tracef("Saved response challenge and redirect to %s", lastExecutionUrl);
                    }
                    return Response.status(302).location(lastExecutionUrl).build();
                }
            }
            return response;
        }

        @Override // org.keycloak.services.util.BrowserHistoryHelper
        public Response loadSavedResponse(KeycloakSession keycloakSession, AuthenticationSessionModel authenticationSessionModel) {
            String authNote = authenticationSessionModel.getAuthNote(CACHED_RESPONSE);
            if (authNote == null) {
                return null;
            }
            authenticationSessionModel.removeAuthNote(CACHED_RESPONSE);
            if (logger.isTraceEnabled()) {
                logger.tracef("Restored previously saved request", new Object[0]);
            }
            Response.ResponseBuilder entity = Response.status(200).type(MediaType.TEXT_HTML_UTF_8).entity(authNote);
            BrowserSecurityHeaderSetup.headers(entity, keycloakSession.getContext().getRealm());
            return entity.build();
        }
    }

    public abstract Response saveResponseAndRedirect(KeycloakSession keycloakSession, AuthenticationSessionModel authenticationSessionModel, Response response, boolean z, HttpRequest httpRequest);

    public abstract Response loadSavedResponse(KeycloakSession keycloakSession, AuthenticationSessionModel authenticationSessionModel);

    protected boolean shouldReplaceBrowserHistory(boolean z, HttpRequest httpRequest) {
        if (z) {
            return true;
        }
        Boolean bool = (Boolean) httpRequest.getAttribute(SHOULD_UPDATE_BROWSER_HISTORY);
        return bool != null && bool.booleanValue();
    }

    public static BrowserHistoryHelper getInstance() {
        return new JavascriptHistoryReplace();
    }
}
