package org.keycloak.adapters.undertow;

import io.undertow.security.api.SecurityContext;
import io.undertow.server.HttpServerExchange;
import io.undertow.server.session.Session;
import io.undertow.util.Sessions;
import org.keycloak.KeycloakPrincipal;
import org.keycloak.adapters.AdapterTokenStore;
import org.keycloak.adapters.KeycloakDeployment;
import org.keycloak.adapters.OAuthRequestAuthenticator;
import org.keycloak.adapters.RefreshableKeycloakSecurityContext;
import org.keycloak.adapters.RequestAuthenticator;
import org.keycloak.adapters.spi.HttpFacade;

/* loaded from: input_file:BOOT-INF/lib/spring-boot-container-bundle-10.0.1.jar:org/keycloak/adapters/undertow/AbstractUndertowRequestAuthenticator.class */
public abstract class AbstractUndertowRequestAuthenticator extends RequestAuthenticator {
    protected SecurityContext securityContext;
    protected HttpServerExchange exchange;

    public AbstractUndertowRequestAuthenticator(HttpFacade httpFacade, KeycloakDeployment keycloakDeployment, int i, SecurityContext securityContext, HttpServerExchange httpServerExchange, AdapterTokenStore adapterTokenStore) {
        super(httpFacade, keycloakDeployment, adapterTokenStore, i);
        this.securityContext = securityContext;
        this.exchange = httpServerExchange;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void propagateKeycloakContext(KeycloakUndertowAccount keycloakUndertowAccount) {
        this.exchange.putAttachment(OIDCUndertowHttpFacade.KEYCLOAK_SECURITY_CONTEXT_KEY, keycloakUndertowAccount.getKeycloakSecurityContext());
    }

    @Override // org.keycloak.adapters.RequestAuthenticator
    protected OAuthRequestAuthenticator createOAuthAuthenticator() {
        return new OAuthRequestAuthenticator(this, this.facade, this.deployment, this.sslRedirectPort, this.tokenStore);
    }

    @Override // org.keycloak.adapters.RequestAuthenticator
    protected void completeOAuthAuthentication(KeycloakPrincipal<RefreshableKeycloakSecurityContext> keycloakPrincipal) {
        KeycloakUndertowAccount createAccount = createAccount(keycloakPrincipal);
        this.securityContext.authenticationComplete(createAccount, "KEYCLOAK", false);
        propagateKeycloakContext(createAccount);
        this.tokenStore.saveAccountInfo(createAccount);
    }

    @Override // org.keycloak.adapters.RequestAuthenticator
    protected void completeBearerAuthentication(KeycloakPrincipal<RefreshableKeycloakSecurityContext> keycloakPrincipal, String str) {
        KeycloakUndertowAccount createAccount = createAccount(keycloakPrincipal);
        this.securityContext.authenticationComplete(createAccount, str, false);
        propagateKeycloakContext(createAccount);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.keycloak.adapters.RequestAuthenticator
    public String changeHttpSessionId(boolean z) {
        if (z) {
            return Sessions.getOrCreateSession(this.exchange).getId();
        }
        Session session = Sessions.getSession(this.exchange);
        if (session != null) {
            return session.getId();
        }
        return null;
    }

    protected abstract KeycloakUndertowAccount createAccount(KeycloakPrincipal<RefreshableKeycloakSecurityContext> keycloakPrincipal);
}
