package org.keycloak.login.freemarker;

import java.io.IOException;
import java.net.URI;
import java.text.MessageFormat;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.LinkedList;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.Properties;
import java.util.concurrent.TimeUnit;
import javax.ws.rs.core.MultivaluedMap;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriBuilder;
import javax.ws.rs.core.UriInfo;
import org.jboss.logging.Logger;
import org.jboss.resteasy.specimpl.MultivaluedMapImpl;
import org.keycloak.email.EmailException;
import org.keycloak.email.EmailProvider;
import org.keycloak.freemarker.BrowserSecurityHeaderSetup;
import org.keycloak.freemarker.FreeMarkerException;
import org.keycloak.freemarker.FreeMarkerUtil;
import org.keycloak.freemarker.LocaleHelper;
import org.keycloak.freemarker.Theme;
import org.keycloak.freemarker.ThemeProvider;
import org.keycloak.freemarker.beans.AdvancedMessageFormatterMethod;
import org.keycloak.freemarker.beans.LocaleBean;
import org.keycloak.freemarker.beans.MessageBean;
import org.keycloak.freemarker.beans.MessageFormatterMethod;
import org.keycloak.freemarker.beans.MessageType;
import org.keycloak.freemarker.beans.MessagesPerFieldBean;
import org.keycloak.login.LoginFormsPages;
import org.keycloak.login.LoginFormsProvider;
import org.keycloak.login.freemarker.model.ClientBean;
import org.keycloak.login.freemarker.model.CodeBean;
import org.keycloak.login.freemarker.model.IdentityProviderBean;
import org.keycloak.login.freemarker.model.LoginBean;
import org.keycloak.login.freemarker.model.OAuthGrantBean;
import org.keycloak.login.freemarker.model.ProfileBean;
import org.keycloak.login.freemarker.model.RealmBean;
import org.keycloak.login.freemarker.model.RegisterBean;
import org.keycloak.login.freemarker.model.RequiredActionUrlFormatterMethod;
import org.keycloak.login.freemarker.model.TotpBean;
import org.keycloak.login.freemarker.model.UrlBean;
import org.keycloak.models.ClientModel;
import org.keycloak.models.ClientSessionModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.ProtocolMapperModel;
import org.keycloak.models.RealmModel;
import org.keycloak.models.RoleModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.utils.FormMessage;
import org.keycloak.services.Urls;

/* loaded from: input_file:org/keycloak/login/freemarker/FreeMarkerLoginFormsProvider.class */
public class FreeMarkerLoginFormsProvider implements LoginFormsProvider {
    private static final Logger logger = Logger.getLogger(FreeMarkerLoginFormsProvider.class);
    private String accessCode;
    private Response.Status status;
    private List<RoleModel> realmRolesRequested;
    private MultivaluedMap<String, RoleModel> resourceRolesRequested;
    private List<ProtocolMapperModel> protocolMappersRequested;
    private MultivaluedMap<String, String> queryParams;
    private String accessRequestMessage;
    private URI actionUri;
    private MultivaluedMap<String, String> formData;
    private KeycloakSession session;
    private FreeMarkerUtil freeMarker;
    private UserModel user;
    private ClientSessionModel clientSession;
    private Map<String, String> httpResponseHeaders = new HashMap();
    private List<FormMessage> messages = null;
    private MessageType messageType = MessageType.ERROR;
    private final Map<String, Object> attributes = new HashMap();

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: org.keycloak.login.freemarker.FreeMarkerLoginFormsProvider$1, reason: invalid class name */
    /* loaded from: input_file:org/keycloak/login/freemarker/FreeMarkerLoginFormsProvider$1.class */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$org$keycloak$models$UserModel$RequiredAction;
        static final /* synthetic */ int[] $SwitchMap$org$keycloak$login$LoginFormsPages = new int[LoginFormsPages.values().length];

        static {
            try {
                $SwitchMap$org$keycloak$login$LoginFormsPages[LoginFormsPages.LOGIN.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$org$keycloak$login$LoginFormsPages[LoginFormsPages.REGISTER.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$org$keycloak$login$LoginFormsPages[LoginFormsPages.LOGIN_CONFIG_TOTP.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$org$keycloak$login$LoginFormsPages[LoginFormsPages.LOGIN_UPDATE_PROFILE.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
            try {
                $SwitchMap$org$keycloak$login$LoginFormsPages[LoginFormsPages.OAUTH_GRANT.ordinal()] = 5;
            } catch (NoSuchFieldError e5) {
            }
            try {
                $SwitchMap$org$keycloak$login$LoginFormsPages[LoginFormsPages.CODE.ordinal()] = 6;
            } catch (NoSuchFieldError e6) {
            }
            $SwitchMap$org$keycloak$models$UserModel$RequiredAction = new int[UserModel.RequiredAction.values().length];
            try {
                $SwitchMap$org$keycloak$models$UserModel$RequiredAction[UserModel.RequiredAction.CONFIGURE_TOTP.ordinal()] = 1;
            } catch (NoSuchFieldError e7) {
            }
            try {
                $SwitchMap$org$keycloak$models$UserModel$RequiredAction[UserModel.RequiredAction.UPDATE_PROFILE.ordinal()] = 2;
            } catch (NoSuchFieldError e8) {
            }
            try {
                $SwitchMap$org$keycloak$models$UserModel$RequiredAction[UserModel.RequiredAction.UPDATE_PASSWORD.ordinal()] = 3;
            } catch (NoSuchFieldError e9) {
            }
            try {
                $SwitchMap$org$keycloak$models$UserModel$RequiredAction[UserModel.RequiredAction.VERIFY_EMAIL.ordinal()] = 4;
            } catch (NoSuchFieldError e10) {
            }
        }
    }

    public FreeMarkerLoginFormsProvider(KeycloakSession keycloakSession, FreeMarkerUtil freeMarkerUtil) {
        this.session = keycloakSession;
        this.freeMarker = freeMarkerUtil;
        this.attributes.put("scripts", new LinkedList());
    }

    public void addScript(String str) {
        ((List) this.attributes.get("scripts")).add(str);
    }

    public Response createResponse(UserModel.RequiredAction requiredAction) {
        String str;
        LoginFormsPages loginFormsPages;
        RealmModel realm = this.session.getContext().getRealm();
        UriInfo uri = this.session.getContext().getUri();
        switch (AnonymousClass1.$SwitchMap$org$keycloak$models$UserModel$RequiredAction[requiredAction.ordinal()]) {
            case 1:
                str = "configureTotpMessage";
                loginFormsPages = LoginFormsPages.LOGIN_CONFIG_TOTP;
                break;
            case 2:
                str = "updateProfileMessage";
                loginFormsPages = LoginFormsPages.LOGIN_UPDATE_PROFILE;
                break;
            case 3:
                str = "updatePasswordMessage";
                loginFormsPages = LoginFormsPages.LOGIN_UPDATE_PASSWORD;
                break;
            case 4:
                try {
                    UriBuilder loginActionEmailVerificationBuilder = Urls.loginActionEmailVerificationBuilder(uri.getBaseUri());
                    loginActionEmailVerificationBuilder.queryParam("key", new Object[]{this.accessCode});
                    this.session.getProvider(EmailProvider.class).setRealm(realm).setUser(this.user).sendVerifyEmail(loginActionEmailVerificationBuilder.build(new Object[]{realm.getName()}).toString(), TimeUnit.SECONDS.toMinutes(realm.getAccessCodeLifespanUserAction()));
                    str = "verifyEmailMessage";
                    loginFormsPages = LoginFormsPages.LOGIN_VERIFY_EMAIL;
                    break;
                } catch (EmailException e) {
                    logger.error("Failed to send verification email", e);
                    return m4setError("emailSendErrorMessage", new Object[0]).createErrorPage();
                }
            default:
                return Response.serverError().build();
        }
        if (this.messages == null) {
            setMessage(MessageType.WARNING, str, new Object[0]);
        }
        return createResponse(loginFormsPages);
    }

    private Response createResponse(LoginFormsPages loginFormsPages) {
        Properties properties;
        UriBuilder path;
        RealmModel realm = this.session.getContext().getRealm();
        ClientModel client = this.session.getContext().getClient();
        UriInfo uri = this.session.getContext().getUri();
        MultivaluedMap<String, String> multivaluedMapImpl = this.queryParams != null ? this.queryParams : new MultivaluedMapImpl<>();
        UriBuilder fromUri = UriBuilder.fromUri(uri.getBaseUri().getPath());
        for (String str : multivaluedMapImpl.keySet()) {
            Object[] array = ((List) multivaluedMapImpl.get(str)).toArray();
            if (array.length != 1 || array[0] != null) {
                fromUri.replaceQueryParam(str, array);
            }
        }
        if (this.accessCode != null) {
            fromUri.replaceQueryParam("code", new Object[]{this.accessCode});
        }
        try {
            Theme theme = this.session.getProvider(ThemeProvider.class, "extending").getTheme(realm.getLoginTheme(), Theme.Type.LOGIN);
            try {
                this.attributes.put("properties", theme.getProperties());
            } catch (IOException e) {
                logger.warn("Failed to load properties", e);
            }
            Locale locale = LocaleHelper.getLocale(realm, this.user, uri, this.session.getContext().getRequestHeaders());
            try {
                properties = theme.getMessages(locale);
                this.attributes.put("msg", new MessageFormatterMethod(locale, properties));
            } catch (IOException e2) {
                logger.warn("Failed to load messages", e2);
                properties = new Properties();
            }
            MessagesPerFieldBean messagesPerFieldBean = new MessagesPerFieldBean();
            if (this.messages != null) {
                MessageBean messageBean = new MessageBean((String) null, this.messageType);
                for (FormMessage formMessage : this.messages) {
                    String formatMessage = formatMessage(formMessage, properties, locale);
                    if (formatMessage != null) {
                        messageBean.appendSummaryLine(formatMessage);
                        messagesPerFieldBean.addMessage(formMessage.getField(), formatMessage, this.messageType);
                    }
                }
                this.attributes.put("message", messageBean);
            }
            this.attributes.put("messagesPerField", messagesPerFieldBean);
            if (loginFormsPages == LoginFormsPages.OAUTH_GRANT) {
                fromUri.replaceQuery((String) null);
            }
            URI build = fromUri.build(new Object[0]);
            this.attributes.put("requiredActionUrl", new RequiredActionUrlFormatterMethod(realm, build));
            if (realm != null && this.user != null && this.session != null) {
                this.attributes.put("authenticatorConfigured", new AuthenticatorConfiguredMethod(realm, this.user, this.session));
            }
            if (realm != null) {
                this.attributes.put("realm", new RealmBean(realm));
                this.attributes.put("social", new IdentityProviderBean(realm, build, uri));
                this.attributes.put("url", new UrlBean(realm, theme, build, this.actionUri));
                if (realm.isInternationalizationEnabled()) {
                    switch (AnonymousClass1.$SwitchMap$org$keycloak$login$LoginFormsPages[loginFormsPages.ordinal()]) {
                        case 1:
                            path = UriBuilder.fromUri(Urls.realmLoginPage(build, realm.getName()));
                            break;
                        case 2:
                            path = UriBuilder.fromUri(Urls.realmRegisterPage(build, realm.getName()));
                            break;
                        default:
                            path = UriBuilder.fromUri(build).path(uri.getPath());
                            break;
                    }
                    this.attributes.put("locale", new LocaleBean(realm, locale, path, properties));
                }
            }
            if (client != null) {
                this.attributes.put("client", new ClientBean(client));
            }
            this.attributes.put("login", new LoginBean(this.formData));
            switch (AnonymousClass1.$SwitchMap$org$keycloak$login$LoginFormsPages[loginFormsPages.ordinal()]) {
                case 2:
                    this.attributes.put("register", new RegisterBean(this.formData));
                    break;
                case 3:
                    this.attributes.put("totp", new TotpBean(realm, this.user, build));
                    break;
                case 4:
                    this.attributes.put("user", new ProfileBean(this.user, this.formData));
                    break;
                case 5:
                    this.attributes.put("oauth", new OAuthGrantBean(this.accessCode, this.clientSession, client, this.realmRolesRequested, this.resourceRolesRequested, this.protocolMappersRequested, this.accessRequestMessage));
                    this.attributes.put("advancedMsg", new AdvancedMessageFormatterMethod(locale, properties));
                    break;
                case 6:
                    this.attributes.put("code", new CodeBean(this.accessCode, this.messageType == MessageType.ERROR ? getFirstMessageUnformatted() : null));
                    break;
            }
            if (this.status == null) {
                this.status = Response.Status.OK;
            }
            try {
                Response.ResponseBuilder entity = Response.status(this.status).type("text/html").entity(this.freeMarker.processTemplate(this.attributes, Templates.getTemplate(loginFormsPages), theme));
                BrowserSecurityHeaderSetup.headers(entity, realm);
                for (Map.Entry<String, String> entry : this.httpResponseHeaders.entrySet()) {
                    entity.header(entry.getKey(), entry.getValue());
                }
                LocaleHelper.updateLocaleCookie(entity, locale, realm, uri, Urls.localeCookiePath(build, realm.getName()));
                return entity.build();
            } catch (FreeMarkerException e3) {
                logger.error("Failed to process template", e3);
                return Response.serverError().build();
            }
        } catch (IOException e4) {
            logger.error("Failed to create theme", e4);
            return Response.serverError().build();
        }
    }

    public Response createForm(String str) {
        Properties properties;
        RealmModel realm = this.session.getContext().getRealm();
        ClientModel client = this.session.getContext().getClient();
        UriInfo uri = this.session.getContext().getUri();
        MultivaluedMap<String, String> multivaluedMapImpl = this.queryParams != null ? this.queryParams : new MultivaluedMapImpl<>();
        UriBuilder fromUri = UriBuilder.fromUri(uri.getBaseUri().getPath());
        for (String str2 : multivaluedMapImpl.keySet()) {
            Object[] array = ((List) multivaluedMapImpl.get(str2)).toArray();
            if (array.length != 1 || array[0] != null) {
                fromUri.replaceQueryParam(str2, array);
            }
        }
        if (this.accessCode != null) {
            fromUri.replaceQueryParam("code", new Object[]{this.accessCode});
        }
        URI build = fromUri.build(new Object[0]);
        try {
            Theme theme = this.session.getProvider(ThemeProvider.class, "extending").getTheme(realm.getLoginTheme(), Theme.Type.LOGIN);
            try {
                this.attributes.put("properties", theme.getProperties());
            } catch (IOException e) {
                logger.warn("Failed to load properties", e);
            }
            if (client != null) {
                this.attributes.put("client", new ClientBean(client));
            }
            Locale locale = LocaleHelper.getLocale(realm, this.user, uri, this.session.getContext().getRequestHeaders());
            try {
                properties = theme.getMessages(locale);
                this.attributes.put("msg", new MessageFormatterMethod(locale, properties));
            } catch (IOException e2) {
                logger.warn("Failed to load messages", e2);
                properties = new Properties();
            }
            MessagesPerFieldBean messagesPerFieldBean = new MessagesPerFieldBean();
            if (this.messages != null) {
                MessageBean messageBean = new MessageBean((String) null, this.messageType);
                for (FormMessage formMessage : this.messages) {
                    String formatMessage = formatMessage(formMessage, properties, locale);
                    if (formatMessage != null) {
                        messageBean.appendSummaryLine(formatMessage);
                        messagesPerFieldBean.addMessage(formMessage.getField(), formatMessage, this.messageType);
                    }
                }
                this.attributes.put("message", messageBean);
            }
            this.attributes.put("messagesPerField", messagesPerFieldBean);
            if (this.status == null) {
                this.status = Response.Status.OK;
            }
            if (realm != null) {
                this.attributes.put("realm", new RealmBean(realm));
                this.attributes.put("social", new IdentityProviderBean(realm, build, uri));
                this.attributes.put("url", new UrlBean(realm, theme, build, this.actionUri));
                this.attributes.put("requiredActionUrl", new RequiredActionUrlFormatterMethod(realm, build));
                if (realm.isInternationalizationEnabled()) {
                    this.attributes.put("locale", new LocaleBean(realm, locale, UriBuilder.fromUri(build).path(uri.getPath()), properties));
                }
            }
            if (realm != null && this.user != null && this.session != null) {
                this.attributes.put("authenticatorConfigured", new AuthenticatorConfiguredMethod(realm, this.user, this.session));
            }
            try {
                Response.ResponseBuilder entity = Response.status(this.status).type("text/html").entity(this.freeMarker.processTemplate(this.attributes, str, theme));
                BrowserSecurityHeaderSetup.headers(entity, realm);
                for (Map.Entry<String, String> entry : this.httpResponseHeaders.entrySet()) {
                    entity.header(entry.getKey(), entry.getValue());
                }
                LocaleHelper.updateLocaleCookie(entity, locale, realm, uri, Urls.localeCookiePath(build, realm.getName()));
                return entity.build();
            } catch (FreeMarkerException e3) {
                logger.error("Failed to process template", e3);
                return Response.serverError().build();
            }
        } catch (IOException e4) {
            logger.error("Failed to create theme", e4);
            return Response.serverError().build();
        }
    }

    public Response createLogin() {
        return createResponse(LoginFormsPages.LOGIN);
    }

    public Response createPasswordReset() {
        return createResponse(LoginFormsPages.LOGIN_RESET_PASSWORD);
    }

    public Response createLoginTotp() {
        return createResponse(LoginFormsPages.LOGIN_TOTP);
    }

    public Response createRegistration() {
        return createResponse(LoginFormsPages.REGISTER);
    }

    public Response createInfoPage() {
        return createResponse(LoginFormsPages.INFO);
    }

    public Response createErrorPage() {
        if (this.status == null) {
            this.status = Response.Status.INTERNAL_SERVER_ERROR;
        }
        return createResponse(LoginFormsPages.ERROR);
    }

    public Response createOAuthGrant(ClientSessionModel clientSessionModel) {
        this.clientSession = clientSessionModel;
        return createResponse(LoginFormsPages.OAUTH_GRANT);
    }

    public Response createCode() {
        return createResponse(LoginFormsPages.CODE);
    }

    protected void setMessage(MessageType messageType, String str, Object... objArr) {
        this.messageType = messageType;
        this.messages = new ArrayList();
        this.messages.add(new FormMessage((String) null, str, objArr));
    }

    protected String getFirstMessageUnformatted() {
        if (this.messages == null || this.messages.isEmpty()) {
            return null;
        }
        return this.messages.get(0).getMessage();
    }

    protected String formatMessage(FormMessage formMessage, Properties properties, Locale locale) {
        if (formMessage == null) {
            return null;
        }
        return properties.containsKey(formMessage.getMessage()) ? new MessageFormat(properties.getProperty(formMessage.getMessage()), locale).format(formMessage.getParameters()) : formMessage.getMessage();
    }

    /* renamed from: setError, reason: merged with bridge method [inline-methods] */
    public FreeMarkerLoginFormsProvider m4setError(String str, Object... objArr) {
        setMessage(MessageType.ERROR, str, objArr);
        return this;
    }

    public LoginFormsProvider setErrors(List<FormMessage> list) {
        if (list == null) {
            return this;
        }
        this.messageType = MessageType.ERROR;
        this.messages = new ArrayList(list);
        return this;
    }

    public LoginFormsProvider addError(FormMessage formMessage) {
        if (this.messageType != MessageType.ERROR) {
            this.messageType = null;
            this.messages = null;
        }
        if (this.messages == null) {
            this.messageType = MessageType.ERROR;
            this.messages = new LinkedList();
        }
        this.messages.add(formMessage);
        return this;
    }

    public LoginFormsProvider addSuccess(FormMessage formMessage) {
        if (this.messageType != MessageType.SUCCESS) {
            this.messageType = null;
            this.messages = null;
        }
        if (this.messages == null) {
            this.messageType = MessageType.SUCCESS;
            this.messages = new LinkedList();
        }
        this.messages.add(formMessage);
        return this;
    }

    /* renamed from: setSuccess, reason: merged with bridge method [inline-methods] */
    public FreeMarkerLoginFormsProvider m3setSuccess(String str, Object... objArr) {
        setMessage(MessageType.SUCCESS, str, objArr);
        return this;
    }

    /* renamed from: setUser, reason: merged with bridge method [inline-methods] */
    public FreeMarkerLoginFormsProvider m2setUser(UserModel userModel) {
        this.user = userModel;
        return this;
    }

    public FreeMarkerLoginFormsProvider setFormData(MultivaluedMap<String, String> multivaluedMap) {
        this.formData = multivaluedMap;
        return this;
    }

    public LoginFormsProvider setClientSessionCode(String str) {
        this.accessCode = str;
        return this;
    }

    public LoginFormsProvider setAccessRequest(List<RoleModel> list, MultivaluedMap<String, RoleModel> multivaluedMap, List<ProtocolMapperModel> list2) {
        this.realmRolesRequested = list;
        this.resourceRolesRequested = multivaluedMap;
        this.protocolMappersRequested = list2;
        return this;
    }

    public LoginFormsProvider setAccessRequest(String str) {
        this.accessRequestMessage = str;
        return this;
    }

    public LoginFormsProvider setAttribute(String str, Object obj) {
        this.attributes.put(str, obj);
        return this;
    }

    public LoginFormsProvider setStatus(Response.Status status) {
        this.status = status;
        return this;
    }

    public LoginFormsProvider setActionUri(URI uri) {
        this.actionUri = uri;
        return this;
    }

    public LoginFormsProvider setResponseHeader(String str, String str2) {
        this.httpResponseHeaders.put(str, str2);
        return this;
    }

    public void close() {
    }

    /* renamed from: setFormData, reason: collision with other method in class */
    public /* bridge */ /* synthetic */ LoginFormsProvider m1setFormData(MultivaluedMap multivaluedMap) {
        return setFormData((MultivaluedMap<String, String>) multivaluedMap);
    }
}
