package org.keycloak.authentication.user.authenticators;

import java.util.regex.Pattern;
import net.interus.keycloak.phone.authenticators.BaseDirectGrantAuthenticator;
import org.keycloak.authentication.AuthenticationFlowContext;
import org.keycloak.authentication.residence.authenticators.AbstractUsernameFormAuthenticator;
import org.keycloak.models.AuthenticationExecutionModel;
import org.keycloak.models.ModelDuplicateException;
import org.keycloak.models.UserModel;
import org.keycloak.models.utils.KeycloakModelUtils;
import org.keycloak.services.ServicesLogger;
import org.keycloak.services.validation.Validation;

/* loaded from: input_file:org/keycloak/authentication/user/authenticators/PhoneNumberAsUsernameValidation.class */
public class PhoneNumberAsUsernameValidation extends BaseDirectGrantAuthenticator {
    public static final String PROVIDER_ID = "phone-number-as-username";

    public PhoneNumberAsUsernameValidation() {
        super(PROVIDER_ID, "[Dozn] Phone number as Username Validation", "Validates the phone number supplied as a 'username' form parameter in direct grant request");
    }

    public void authenticate(AuthenticationFlowContext authenticationFlowContext) {
        String retrievePhoneNumber = retrievePhoneNumber(authenticationFlowContext);
        if (Validation.isBlank(retrievePhoneNumber)) {
            invalidRequest(authenticationFlowContext, "Missing parameter: phoneNumber");
            return;
        }
        if (!isValidDigitsPhoneNumber(retrievePhoneNumber)) {
            invalidRequest(authenticationFlowContext, "Invalid parameter: phoneNumber");
            return;
        }
        authenticationFlowContext.getEvent().detail("username", retrievePhoneNumber);
        authenticationFlowContext.getAuthenticationSession().setAuthNote(AbstractUsernameFormAuthenticator.ATTEMPTED_USERNAME, retrievePhoneNumber);
        try {
            UserModel findUserByNameOrEmail = KeycloakModelUtils.findUserByNameOrEmail(authenticationFlowContext.getSession(), authenticationFlowContext.getRealm(), retrievePhoneNumber);
            if (findUserByNameOrEmail == null) {
                invalidNotFoundUser(authenticationFlowContext);
            } else if (!findUserByNameOrEmail.isEnabled()) {
                invalidUser(authenticationFlowContext, findUserByNameOrEmail, "User is now allowed");
            } else {
                authenticationFlowContext.setUser(findUserByNameOrEmail);
                authenticationFlowContext.success();
            }
        } catch (ModelDuplicateException e) {
            ServicesLogger.LOGGER.modelDuplicateException(e);
            invalidNotFoundUser(authenticationFlowContext);
        }
    }

    @Override // net.interus.keycloak.phone.authenticators.BaseDirectGrantAuthenticator
    public boolean isValidDigitsPhoneNumber(String str) {
        return Pattern.compile("^\\d{10}$|^\\d{11}$").matcher(str).matches();
    }

    public boolean requiresUser() {
        return false;
    }

    @Override // net.interus.keycloak.phone.authenticators.BaseDirectGrantAuthenticator
    public AuthenticationExecutionModel.Requirement[] getRequirementChoices() {
        return new AuthenticationExecutionModel.Requirement[]{AuthenticationExecutionModel.Requirement.REQUIRED, AuthenticationExecutionModel.Requirement.ALTERNATIVE};
    }
}
