package net.interus.keycloak.phone.authenticators;

import java.util.LinkedList;
import java.util.List;
import java.util.Optional;
import java.util.regex.Pattern;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.MultivaluedMap;
import javax.ws.rs.core.Response;
import net.interus.keycloak.phone.authenticators.failure.BruteForceOAuth2ErrorRepresentation;
import net.interus.keycloak.phone.authenticators.failure.UserGrantFailureRepresentation;
import org.keycloak.authentication.AuthenticationFlowContext;
import org.keycloak.authentication.AuthenticationFlowError;
import org.keycloak.authentication.authenticators.directgrant.AbstractDirectGrantAuthenticator;
import org.keycloak.authentication.authenticators.util.AuthenticatorUtils;
import org.keycloak.events.EventType;
import org.keycloak.models.AuthenticationExecutionModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.models.UserLoginFailureProvider;
import org.keycloak.models.UserModel;
import org.keycloak.provider.ProviderConfigProperty;
import org.keycloak.services.managers.BruteForceProtector;

/* loaded from: input_file:net/interus/keycloak/phone/authenticators/BaseDirectGrantAuthenticator.class */
public abstract class BaseDirectGrantAuthenticator extends AbstractDirectGrantAuthenticator {
    protected final String id;
    protected final String displayType;
    protected final String helpText;
    protected final String referenceCategory;

    public BaseDirectGrantAuthenticator(String str, String str2, String str3) {
        this(str, str2, str3, null);
    }

    public BaseDirectGrantAuthenticator(String str, String str2, String str3, String str4) {
        this.id = str;
        this.displayType = str2;
        this.helpText = str3;
        this.referenceCategory = str4;
    }

    public String getId() {
        return this.id;
    }

    public String getDisplayType() {
        return this.displayType;
    }

    public String getReferenceCategory() {
        return this.referenceCategory;
    }

    public String getHelpText() {
        return this.helpText;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String retrievePhoneNumber(AuthenticationFlowContext authenticationFlowContext) {
        return (String) authenticationFlowContext.getHttpRequest().getDecodedFormParameters().getFirst("phoneNumber");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String retrieveOtpCode(AuthenticationFlowContext authenticationFlowContext) {
        return (String) authenticationFlowContext.getHttpRequest().getDecodedFormParameters().getFirst(PhoneNumberFormKeys.FORM_OTP_CODE);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Optional<String> retrieve(AuthenticationFlowContext authenticationFlowContext, String str) {
        MultivaluedMap decodedFormParameters = authenticationFlowContext.getHttpRequest().getDecodedFormParameters();
        if (decodedFormParameters.getFirst(str) == null) {
            return Optional.empty();
        }
        authenticationFlowContext.getEvent().detail(str, (String) decodedFormParameters.getFirst(str));
        return Optional.of((String) decodedFormParameters.getFirst(str));
    }

    public boolean isValidDigitsPhoneNumber(String str) {
        return Pattern.compile("^\\d{10}$|^\\d{11}$").matcher(str).matches();
    }

    public boolean enabledUser(AuthenticationFlowContext authenticationFlowContext, UserModel userModel) {
        return userModel.isEnabled() && AuthenticatorUtils.getDisabledByBruteForceEventError(authenticationFlowContext.getProtector(), authenticationFlowContext.getSession(), authenticationFlowContext.getRealm(), userModel) == null;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void invalidRequest(AuthenticationFlowContext authenticationFlowContext, String str) {
        authenticationFlowContext.getEvent().error("invalid_request");
        authenticationFlowContext.failure(AuthenticationFlowError.INVALID_USER, errorResponse(Response.Status.UNAUTHORIZED.getStatusCode(), "invalid_request", str));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void invalidNotFoundUser(AuthenticationFlowContext authenticationFlowContext) {
        authenticationFlowContext.getEvent().event(EventType.LOGIN_ERROR).error("user_not_found");
        authenticationFlowContext.failure(AuthenticationFlowError.INVALID_USER, errorResponse(Response.Status.UNAUTHORIZED.getStatusCode(), "user_not_found", "Not found user"));
    }

    protected void invalidNotFoundUserSession(AuthenticationFlowContext authenticationFlowContext) {
        authenticationFlowContext.getEvent().error("user_session_not_found");
        authenticationFlowContext.failure(AuthenticationFlowError.INVALID_USER, errorResponse(Response.Status.UNAUTHORIZED.getStatusCode(), "user_session_not_found", "No auth session"));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void invalidUser(AuthenticationFlowContext authenticationFlowContext, UserModel userModel, String str) {
        authenticationFlowContext.getEvent().user(userModel).error("user_disabled");
        authenticationFlowContext.failure(AuthenticationFlowError.INVALID_CREDENTIALS, errorResponse(Response.Status.UNAUTHORIZED.getStatusCode(), "user_disabled", str));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void invalidUserWithGrantFailures(AuthenticationFlowContext authenticationFlowContext, UserModel userModel, String str) {
        authenticationFlowContext.getEvent().user(userModel).error(str);
        BruteForceOAuth2ErrorRepresentation bruteForceOAuth2ErrorRepresentation = new BruteForceOAuth2ErrorRepresentation();
        bruteForceOAuth2ErrorRepresentation.setError(str);
        bruteForceOAuth2ErrorRepresentation.setUserGrantFailure(failureUserGrant(authenticationFlowContext, userModel));
        bruteForceOAuth2ErrorRepresentation.setErrorDescription("시도 가능 횟수를 초과했습니다.\n잠시후 다시 시도해주세요.");
        Response build = Response.status(Response.Status.FORBIDDEN.getStatusCode()).entity(bruteForceOAuth2ErrorRepresentation).type(MediaType.APPLICATION_JSON_TYPE).build();
        authenticationFlowContext.failure(AuthenticationFlowError.INVALID_USER);
        authenticationFlowContext.forceChallenge(build);
    }

    protected void invalidUserCredentials(AuthenticationFlowContext authenticationFlowContext, UserModel userModel) {
        invalidUserCredentials(authenticationFlowContext, userModel, "Invalid user credentials");
    }

    protected void invalidUserCredentials(AuthenticationFlowContext authenticationFlowContext, UserModel userModel, String str) {
        authenticationFlowContext.getEvent().user(userModel).error("invalid_user_credentials");
        authenticationFlowContext.failure(AuthenticationFlowError.INVALID_CREDENTIALS, errorResponse(Response.Status.UNAUTHORIZED.getStatusCode(), "invalid_user_credentials", str));
    }

    protected void invalidUserCredentialsWithGrantFailures(AuthenticationFlowContext authenticationFlowContext, UserModel userModel) {
        invalidUserCredentialsWithGrantFailures(authenticationFlowContext, userModel, "");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void invalidUserCredentialsWithGrantFailures(AuthenticationFlowContext authenticationFlowContext, UserModel userModel, String str) {
        authenticationFlowContext.getEvent().user(userModel).error("invalid_user_credentials");
        BruteForceOAuth2ErrorRepresentation bruteForceOAuth2ErrorRepresentation = new BruteForceOAuth2ErrorRepresentation();
        bruteForceOAuth2ErrorRepresentation.setError("invalid_user_credentials");
        bruteForceOAuth2ErrorRepresentation.setUserGrantFailure(failureUserGrant(authenticationFlowContext, userModel));
        bruteForceOAuth2ErrorRepresentation.setErrorDescription(str);
        Response build = Response.status(Response.Status.UNAUTHORIZED.getStatusCode()).entity(bruteForceOAuth2ErrorRepresentation).type(MediaType.APPLICATION_JSON_TYPE).build();
        authenticationFlowContext.failure(AuthenticationFlowError.INVALID_CREDENTIALS);
        authenticationFlowContext.forceChallenge(build);
    }

    private UserGrantFailureRepresentation failureUserGrant(AuthenticationFlowContext authenticationFlowContext, UserModel userModel) {
        BruteForceProtector provider = authenticationFlowContext.getSession().getProvider(BruteForceProtector.class);
        if (provider == null) {
            return null;
        }
        provider.failedLogin(authenticationFlowContext.getRealm(), userModel, authenticationFlowContext.getConnection());
        return UserGrantFailureRepresentation.valueOf(authenticationFlowContext.getRealm(), authenticationFlowContext.getSession().loginFailures().getUserLoginFailure(authenticationFlowContext.getRealm(), userModel.getId()));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void resetUserLoginFailures(AuthenticationFlowContext authenticationFlowContext, UserModel userModel) {
        UserLoginFailureProvider loginFailures = authenticationFlowContext.getSession().loginFailures();
        if (authenticationFlowContext.getSession().loginFailures() != null) {
            loginFailures.removeUserLoginFailure(authenticationFlowContext.getRealm(), userModel.getId());
        }
    }

    public AuthenticationExecutionModel.Requirement[] getRequirementChoices() {
        return new AuthenticationExecutionModel.Requirement[]{AuthenticationExecutionModel.Requirement.REQUIRED, AuthenticationExecutionModel.Requirement.DISABLED};
    }

    public boolean isConfigurable() {
        return true;
    }

    public List<ProviderConfigProperty> getConfigProperties() {
        return new LinkedList();
    }

    public boolean isUserSetupAllowed() {
        return false;
    }

    public boolean configuredFor(KeycloakSession keycloakSession, RealmModel realmModel, UserModel userModel) {
        return true;
    }

    public void setRequiredActions(KeycloakSession keycloakSession, RealmModel realmModel, UserModel userModel) {
    }
}
