package org.keycloak.protocol;

import javax.ws.rs.core.Context;
import javax.ws.rs.core.HttpHeaders;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriInfo;
import org.jboss.resteasy.spi.HttpRequest;
import org.keycloak.authentication.AuthenticationProcessor;
import org.keycloak.common.ClientConnection;
import org.keycloak.events.EventBuilder;
import org.keycloak.models.AuthenticationFlowModel;
import org.keycloak.models.ClientSessionModel;
import org.keycloak.models.IdentityProviderModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.protocol.LoginProtocol;
import org.keycloak.services.ServicesLogger;
import org.keycloak.services.Urls;
import org.keycloak.services.managers.AuthenticationManager;
import org.keycloak.services.managers.ClientSessionCode;
import org.keycloak.services.resources.LoginActionsService;

/* loaded from: input_file:org/keycloak/protocol/AuthorizationEndpointBase.class */
public abstract class AuthorizationEndpointBase {
    private static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
    protected RealmModel realm;
    protected EventBuilder event;
    protected AuthenticationManager authManager;

    @Context
    protected UriInfo uriInfo;

    @Context
    protected HttpHeaders headers;

    @Context
    protected HttpRequest request;

    @Context
    protected KeycloakSession session;

    @Context
    protected ClientConnection clientConnection;

    public AuthorizationEndpointBase(RealmModel realmModel, EventBuilder eventBuilder) {
        this.realm = realmModel;
        this.event = eventBuilder;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public AuthenticationProcessor createProcessor(ClientSessionModel clientSessionModel, String str, String str2) {
        AuthenticationProcessor authenticationProcessor = new AuthenticationProcessor();
        authenticationProcessor.setClientSession(clientSessionModel).setFlowPath(str2).setFlowId(str).setBrowserFlow(true).setConnection(this.clientConnection).setEventBuilder(this.event).setRealm(this.realm).setSession(this.session).setUriInfo(this.uriInfo).setRequest(this.request);
        return authenticationProcessor;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Response handleBrowserAuthenticationRequest(ClientSessionModel clientSessionModel, LoginProtocol loginProtocol, boolean z, boolean z2) {
        for (IdentityProviderModel identityProviderModel : this.realm.getIdentityProviders()) {
            if (identityProviderModel.isAuthenticateByDefault()) {
                return buildRedirectToIdentityProvider(identityProviderModel.getAlias(), new ClientSessionCode(this.realm, clientSessionModel).getCode());
            }
        }
        AuthenticationProcessor createProcessor = createProcessor(clientSessionModel, getAuthenticationFlow().getId(), LoginActionsService.AUTHENTICATE_PATH);
        this.event.detail("code_id", clientSessionModel.getId());
        if (!z) {
            try {
                RestartLoginCookie.setRestartCookie(this.realm, this.clientConnection, this.uriInfo, clientSessionModel);
                return z2 ? createProcessor.redirectToFlow() : createProcessor.authenticate();
            } catch (Exception e) {
                return createProcessor.handleBrowserException(e);
            }
        }
        try {
            if (createProcessor.authenticateOnly() != null) {
                Response sendError = loginProtocol.sendError(clientSessionModel, LoginProtocol.Error.PASSIVE_LOGIN_REQUIRED);
                this.session.sessions().removeClientSession(this.realm, clientSessionModel);
                return sendError;
            }
            createProcessor.attachSession();
            if (!createProcessor.isActionRequired()) {
                return createProcessor.finishAuthentication(loginProtocol);
            }
            Response sendError2 = loginProtocol.sendError(clientSessionModel, LoginProtocol.Error.PASSIVE_INTERACTION_REQUIRED);
            this.session.sessions().removeClientSession(this.realm, clientSessionModel);
            return sendError2;
        } catch (Exception e2) {
            return createProcessor.handleBrowserException(e2);
        }
    }

    protected AuthenticationFlowModel getAuthenticationFlow() {
        return this.realm.getBrowserFlow();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Response buildRedirectToIdentityProvider(String str, String str2) {
        logger.debug("Automatically redirect to identity provider: " + str);
        return Response.temporaryRedirect(Urls.identityProviderAuthnRequest(this.uriInfo.getBaseUri(), str, this.realm.getName(), str2)).build();
    }
}
