package org.keycloak.authentication.residence.credentials;

import java.util.Optional;
import net.interus.keycloak.tokencode.exception.ValidatingFailure;
import org.jboss.logging.Logger;
import org.keycloak.authentication.identification.authenticators.PhoneIdentificationOtpValidation;
import org.keycloak.authentication.residence.integrated.APTComplexAdminVerifier;
import org.keycloak.common.util.Time;
import org.keycloak.credential.CredentialInput;
import org.keycloak.credential.CredentialInputValidator;
import org.keycloak.credential.CredentialModel;
import org.keycloak.credential.CredentialProvider;
import org.keycloak.credential.CredentialTypeMetadata;
import org.keycloak.credential.CredentialTypeMetadataContext;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.models.UserModel;

/* loaded from: input_file:org/keycloak/authentication/residence/credentials/ComplexAdminCredentialProvider.class */
public class ComplexAdminCredentialProvider implements CredentialProvider<ComplexAdminCredentialModel>, CredentialInputValidator {
    private static final Logger logger = Logger.getLogger(ComplexAdminCredentialProvider.class);
    private final KeycloakSession session;

    public ComplexAdminCredentialProvider(KeycloakSession keycloakSession) {
        this.session = keycloakSession;
    }

    public boolean supportsCredentialType(String str) {
        return getType().equals(str);
    }

    public boolean isConfiguredFor(RealmModel realmModel, UserModel userModel, String str) {
        return supportsCredentialType(str) && userModel.credentialManager().getStoredCredentialsByTypeStream(str).count() > 0;
    }

    public boolean isValid(RealmModel realmModel, UserModel userModel, CredentialInput credentialInput) {
        try {
            ComplexAdminCredentialModel verify = new APTComplexAdminVerifier().verify(userModel.getUsername(), credentialInput.getChallengeResponse());
            if (verify == null) {
                return false;
            }
            upsertCredential(realmModel, userModel, verify);
            return true;
        } catch (ValidatingFailure e) {
            e.printStackTrace();
            return false;
        }
    }

    public String getType() {
        return "complex-admin-name";
    }

    public CredentialModel upsertCredential(RealmModel realmModel, UserModel userModel, ComplexAdminCredentialModel complexAdminCredentialModel) {
        Optional findFirst = userModel.credentialManager().getStoredCredentialsByTypeStream(getType()).findFirst();
        if (!findFirst.isPresent()) {
            return createCredential(realmModel, userModel, complexAdminCredentialModel);
        }
        logger.info(String.format("Credential Model %s", ((CredentialModel) findFirst.get()).getCredentialData()));
        CredentialModel credentialModel = (CredentialModel) findFirst.get();
        credentialModel.setCredentialData(complexAdminCredentialModel.getCredentialData());
        logger.info(String.format("Credential update", new Object[0]));
        userModel.credentialManager().updateStoredCredential(ComplexAdminCredentialModel.createFromModel(credentialModel));
        logger.info(String.format("Credential updated", new Object[0]));
        return credentialModel;
    }

    public CredentialModel createCredential(RealmModel realmModel, UserModel userModel, ComplexAdminCredentialModel complexAdminCredentialModel) {
        if (complexAdminCredentialModel.getCreatedDate() == null) {
            complexAdminCredentialModel.setCreatedDate(Long.valueOf(Time.currentTimeMillis()));
        }
        logger.info(String.format("Credential create", new Object[0]));
        return userModel.credentialManager().createStoredCredential(complexAdminCredentialModel);
    }

    public boolean deleteCredential(RealmModel realmModel, UserModel userModel, String str) {
        return userModel.credentialManager().removeStoredCredentialById(str);
    }

    /* renamed from: getCredentialFromModel, reason: merged with bridge method [inline-methods] */
    public ComplexAdminCredentialModel m40getCredentialFromModel(CredentialModel credentialModel) {
        return ComplexAdminCredentialModel.createFromModel(credentialModel);
    }

    public CredentialTypeMetadata getCredentialTypeMetadata(CredentialTypeMetadataContext credentialTypeMetadataContext) {
        return CredentialTypeMetadata.builder().type(getType()).helpText("").category(CredentialTypeMetadata.Category.TWO_FACTOR).displayName(ComplexAdminCredentialProviderFactory.PROVIDER_ID).createAction(PhoneIdentificationOtpValidation.PROVIDER_ID).removeable(true).build(this.session);
    }
}
