package org.keycloak.authentication.picketlink;

import java.util.Collections;
import java.util.List;
import java.util.Map;
import org.jboss.logging.Logger;
import org.keycloak.authentication.AuthProviderStatus;
import org.keycloak.authentication.AuthUser;
import org.keycloak.authentication.AuthenticationProvider;
import org.keycloak.authentication.AuthenticationProviderException;
import org.keycloak.models.RealmModel;
import org.keycloak.picketlink.IdentityManagerProvider;
import org.picketlink.idm.IdentityManagementException;
import org.picketlink.idm.IdentityManager;
import org.picketlink.idm.credential.Credentials;
import org.picketlink.idm.credential.Password;
import org.picketlink.idm.credential.UsernamePasswordCredentials;
import org.picketlink.idm.model.basic.BasicModel;
import org.picketlink.idm.model.basic.User;

/* loaded from: input_file:org/keycloak/authentication/picketlink/PicketlinkAuthenticationProvider.class */
public class PicketlinkAuthenticationProvider implements AuthenticationProvider {
    private static final Logger logger = Logger.getLogger(PicketlinkAuthenticationProvider.class);
    private final IdentityManagerProvider identityManagerProvider;

    public PicketlinkAuthenticationProvider(IdentityManagerProvider identityManagerProvider) {
        this.identityManagerProvider = identityManagerProvider;
    }

    public String getName() {
        return "picketlink";
    }

    public List<String> getAvailableOptions() {
        return Collections.EMPTY_LIST;
    }

    public AuthUser getUser(RealmModel realmModel, Map<String, String> map, String str) throws AuthenticationProviderException {
        try {
            User user = BasicModel.getUser(getIdentityManager(realmModel), str);
            if (user == null) {
                return null;
            }
            return new AuthUser(user.getId(), user.getLoginName(), getName()).setName(user.getFirstName(), user.getLastName()).setEmail(user.getEmail()).setProviderName(getName());
        } catch (IdentityManagementException e) {
            throw convertIDMException(e);
        }
    }

    public String registerUser(RealmModel realmModel, Map<String, String> map, String str) throws AuthenticationProviderException {
        IdentityManager identityManager = getIdentityManager(realmModel);
        try {
            User user = new User(str);
            identityManager.add(user);
            return user.getId();
        } catch (IdentityManagementException e) {
            throw convertIDMException(e);
        }
    }

    public AuthProviderStatus validatePassword(RealmModel realmModel, Map<String, String> map, String str, String str2) throws AuthenticationProviderException {
        IdentityManager identityManager = getIdentityManager(realmModel);
        try {
            UsernamePasswordCredentials usernamePasswordCredentials = new UsernamePasswordCredentials();
            usernamePasswordCredentials.setUsername(str);
            usernamePasswordCredentials.setPassword(new Password(str2.toCharArray()));
            identityManager.validateCredentials(usernamePasswordCredentials);
            return usernamePasswordCredentials.getStatus() == Credentials.Status.VALID ? AuthProviderStatus.SUCCESS : AuthProviderStatus.INVALID_CREDENTIALS;
        } catch (IdentityManagementException e) {
            throw convertIDMException(e);
        }
    }

    public boolean updateCredential(RealmModel realmModel, Map<String, String> map, String str, String str2) throws AuthenticationProviderException {
        IdentityManager identityManager = getIdentityManager(realmModel);
        try {
            User user = BasicModel.getUser(identityManager, str);
            if (user == null) {
                logger.debugf("User '%s' doesn't exists. Skip password update", str);
                return false;
            }
            identityManager.updateCredential(user, new Password(str2.toCharArray()));
            return true;
        } catch (IdentityManagementException e) {
            throw convertIDMException(e);
        }
    }

    public void close() {
    }

    public IdentityManager getIdentityManager(RealmModel realmModel) throws AuthenticationProviderException {
        return this.identityManagerProvider.getIdentityManager(realmModel);
    }

    private AuthenticationProviderException convertIDMException(IdentityManagementException identityManagementException) {
        IdentityManagementException identityManagementException2 = identityManagementException;
        while (true) {
            IdentityManagementException identityManagementException3 = identityManagementException2;
            if (identityManagementException3.getCause() == null) {
                return new AuthenticationProviderException(identityManagementException3.getMessage(), identityManagementException);
            }
            identityManagementException2 = identityManagementException3.getCause();
        }
    }
}
