package org.keycloak.forms.login.freemarker;

import jakarta.ws.rs.core.MultivaluedHashMap;
import jakarta.ws.rs.core.MultivaluedMap;
import jakarta.ws.rs.core.Response;
import jakarta.ws.rs.core.UriBuilder;
import jakarta.ws.rs.core.UriInfo;
import java.io.IOException;
import java.net.URI;
import java.text.MessageFormat;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.LinkedList;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.Objects;
import java.util.Optional;
import java.util.Properties;
import java.util.function.Function;
import java.util.stream.Stream;
import org.jboss.logging.Logger;
import org.keycloak.authentication.AuthenticationFlowContext;
import org.keycloak.authentication.AuthenticationProcessor;
import org.keycloak.authentication.authenticators.browser.AbstractUsernameFormAuthenticator;
import org.keycloak.authentication.authenticators.browser.OTPFormAuthenticator;
import org.keycloak.authentication.authenticators.client.X509ClientAuthenticator;
import org.keycloak.authentication.requiredactions.util.UpdateProfileContext;
import org.keycloak.authentication.requiredactions.util.UserUpdateProfileContext;
import org.keycloak.broker.provider.BrokeredIdentityContext;
import org.keycloak.common.Profile;
import org.keycloak.common.util.ObjectUtil;
import org.keycloak.forms.login.LoginFormsPages;
import org.keycloak.forms.login.LoginFormsProvider;
import org.keycloak.forms.login.MessageType;
import org.keycloak.forms.login.freemarker.model.AuthenticationContextBean;
import org.keycloak.forms.login.freemarker.model.AuthenticationSessionBean;
import org.keycloak.forms.login.freemarker.model.ClientBean;
import org.keycloak.forms.login.freemarker.model.CodeBean;
import org.keycloak.forms.login.freemarker.model.EmailBean;
import org.keycloak.forms.login.freemarker.model.FrontChannelLogoutBean;
import org.keycloak.forms.login.freemarker.model.IdentityProviderBean;
import org.keycloak.forms.login.freemarker.model.IdpReviewProfileBean;
import org.keycloak.forms.login.freemarker.model.LoginBean;
import org.keycloak.forms.login.freemarker.model.LogoutConfirmBean;
import org.keycloak.forms.login.freemarker.model.OAuthGrantBean;
import org.keycloak.forms.login.freemarker.model.OrganizationBean;
import org.keycloak.forms.login.freemarker.model.ProfileBean;
import org.keycloak.forms.login.freemarker.model.RealmBean;
import org.keycloak.forms.login.freemarker.model.RecoveryAuthnCodeInputLoginBean;
import org.keycloak.forms.login.freemarker.model.RecoveryAuthnCodesBean;
import org.keycloak.forms.login.freemarker.model.RegisterBean;
import org.keycloak.forms.login.freemarker.model.RequiredActionUrlFormatterMethod;
import org.keycloak.forms.login.freemarker.model.SAMLPostFormBean;
import org.keycloak.forms.login.freemarker.model.TotpBean;
import org.keycloak.forms.login.freemarker.model.TotpLoginBean;
import org.keycloak.forms.login.freemarker.model.UrlBean;
import org.keycloak.forms.login.freemarker.model.VerifyProfileBean;
import org.keycloak.forms.login.freemarker.model.X509ConfirmBean;
import org.keycloak.models.ClientModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.OrganizationModel;
import org.keycloak.models.RealmModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.utils.FormMessage;
import org.keycloak.organization.forms.login.freemarker.model.OrganizationAwareIdentityProviderBean;
import org.keycloak.organization.utils.Organizations;
import org.keycloak.protocol.ProtocolMapperUtils;
import org.keycloak.protocol.oidc.OIDCLoginProtocol;
import org.keycloak.protocol.oidc.OIDCLoginProtocolFactory;
import org.keycloak.rar.AuthorizationDetails;
import org.keycloak.representations.idm.OAuth2ErrorRepresentation;
import org.keycloak.services.Urls;
import org.keycloak.services.messages.Messages;
import org.keycloak.services.resources.LoginActionsService;
import org.keycloak.services.util.DPoPUtil;
import org.keycloak.services.validation.Validation;
import org.keycloak.sessions.AuthenticationSessionModel;
import org.keycloak.sessions.CommonClientSessionModel;
import org.keycloak.theme.FreeMarkerException;
import org.keycloak.theme.Theme;
import org.keycloak.theme.beans.AdvancedMessageFormatterMethod;
import org.keycloak.theme.beans.LocaleBean;
import org.keycloak.theme.beans.MessageBean;
import org.keycloak.theme.beans.MessageFormatterMethod;
import org.keycloak.theme.beans.MessagesPerFieldBean;
import org.keycloak.theme.freemarker.FreeMarkerProvider;
import org.keycloak.userprofile.DeclarativeUserProfileProviderFactory;
import org.keycloak.userprofile.UserProfileContext;
import org.keycloak.userprofile.config.UPConfigUtils;
import org.keycloak.utils.MediaType;
import org.keycloak.utils.MediaTypeMatcher;

/* loaded from: input_file:org/keycloak/forms/login/freemarker/FreeMarkerLoginFormsProvider.class */
public class FreeMarkerLoginFormsProvider implements LoginFormsProvider {
    private static final Logger logger = Logger.getLogger(FreeMarkerLoginFormsProvider.class);
    protected String accessCode;
    protected Response.Status status;
    protected List<AuthorizationDetails> clientScopesRequested;
    protected URI actionUri;
    protected String execution;
    protected AuthenticationFlowContext context;
    protected MultivaluedMap<String, String> formData;
    protected KeycloakSession session;
    protected AuthenticationSessionModel authenticationSession;
    protected RealmModel realm;
    protected ClientModel client;
    protected UriInfo uriInfo;
    protected FreeMarkerProvider freeMarker;
    protected UserModel user;
    private Function<Map<String, Object>, Map<String, Object>> attributeMapper;
    protected Map<String, String> httpResponseHeaders = new HashMap();
    protected List<FormMessage> messages = null;
    protected MessageType messageType = MessageType.ERROR;
    protected boolean detachedAuthSession = false;
    protected final Map<String, Object> attributes = new HashMap();

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: org.keycloak.forms.login.freemarker.FreeMarkerLoginFormsProvider$1, reason: invalid class name */
    /* loaded from: input_file:org/keycloak/forms/login/freemarker/FreeMarkerLoginFormsProvider$1.class */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$org$keycloak$models$UserModel$RequiredAction;
        static final /* synthetic */ int[] $SwitchMap$org$keycloak$forms$login$LoginFormsPages = new int[LoginFormsPages.values().length];

        static {
            try {
                $SwitchMap$org$keycloak$forms$login$LoginFormsPages[LoginFormsPages.LOGIN_CONFIG_TOTP.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$org$keycloak$forms$login$LoginFormsPages[LoginFormsPages.LOGIN_RECOVERY_AUTHN_CODES_CONFIG.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$org$keycloak$forms$login$LoginFormsPages[LoginFormsPages.LOGIN_RECOVERY_AUTHN_CODES_INPUT.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$org$keycloak$forms$login$LoginFormsPages[LoginFormsPages.LOGIN_UPDATE_PROFILE.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
            try {
                $SwitchMap$org$keycloak$forms$login$LoginFormsPages[LoginFormsPages.UPDATE_EMAIL.ordinal()] = 5;
            } catch (NoSuchFieldError e5) {
            }
            try {
                $SwitchMap$org$keycloak$forms$login$LoginFormsPages[LoginFormsPages.LOGIN_IDP_LINK_CONFIRM.ordinal()] = 6;
            } catch (NoSuchFieldError e6) {
            }
            try {
                $SwitchMap$org$keycloak$forms$login$LoginFormsPages[LoginFormsPages.LOGIN_IDP_LINK_CONFIRM_OVERRIDE.ordinal()] = 7;
            } catch (NoSuchFieldError e7) {
            }
            try {
                $SwitchMap$org$keycloak$forms$login$LoginFormsPages[LoginFormsPages.LOGIN_IDP_LINK_EMAIL.ordinal()] = 8;
            } catch (NoSuchFieldError e8) {
            }
            try {
                $SwitchMap$org$keycloak$forms$login$LoginFormsPages[LoginFormsPages.LOGIN_TOTP.ordinal()] = 9;
            } catch (NoSuchFieldError e9) {
            }
            try {
                $SwitchMap$org$keycloak$forms$login$LoginFormsPages[LoginFormsPages.LOGIN_RESET_OTP.ordinal()] = 10;
            } catch (NoSuchFieldError e10) {
            }
            try {
                $SwitchMap$org$keycloak$forms$login$LoginFormsPages[LoginFormsPages.REGISTER.ordinal()] = 11;
            } catch (NoSuchFieldError e11) {
            }
            try {
                $SwitchMap$org$keycloak$forms$login$LoginFormsPages[LoginFormsPages.OAUTH_GRANT.ordinal()] = 12;
            } catch (NoSuchFieldError e12) {
            }
            try {
                $SwitchMap$org$keycloak$forms$login$LoginFormsPages[LoginFormsPages.CODE.ordinal()] = 13;
            } catch (NoSuchFieldError e13) {
            }
            try {
                $SwitchMap$org$keycloak$forms$login$LoginFormsPages[LoginFormsPages.X509_CONFIRM.ordinal()] = 14;
            } catch (NoSuchFieldError e14) {
            }
            try {
                $SwitchMap$org$keycloak$forms$login$LoginFormsPages[LoginFormsPages.SAML_POST_FORM.ordinal()] = 15;
            } catch (NoSuchFieldError e15) {
            }
            try {
                $SwitchMap$org$keycloak$forms$login$LoginFormsPages[LoginFormsPages.IDP_REVIEW_USER_PROFILE.ordinal()] = 16;
            } catch (NoSuchFieldError e16) {
            }
            try {
                $SwitchMap$org$keycloak$forms$login$LoginFormsPages[LoginFormsPages.FRONTCHANNEL_LOGOUT.ordinal()] = 17;
            } catch (NoSuchFieldError e17) {
            }
            try {
                $SwitchMap$org$keycloak$forms$login$LoginFormsPages[LoginFormsPages.LOGOUT_CONFIRM.ordinal()] = 18;
            } catch (NoSuchFieldError e18) {
            }
            try {
                $SwitchMap$org$keycloak$forms$login$LoginFormsPages[LoginFormsPages.LOGIN.ordinal()] = 19;
            } catch (NoSuchFieldError e19) {
            }
            try {
                $SwitchMap$org$keycloak$forms$login$LoginFormsPages[LoginFormsPages.LOGIN_USERNAME.ordinal()] = 20;
            } catch (NoSuchFieldError e20) {
            }
            try {
                $SwitchMap$org$keycloak$forms$login$LoginFormsPages[LoginFormsPages.INFO.ordinal()] = 21;
            } catch (NoSuchFieldError e21) {
            }
            try {
                $SwitchMap$org$keycloak$forms$login$LoginFormsPages[LoginFormsPages.ERROR.ordinal()] = 22;
            } catch (NoSuchFieldError e22) {
            }
            $SwitchMap$org$keycloak$models$UserModel$RequiredAction = new int[UserModel.RequiredAction.values().length];
            try {
                $SwitchMap$org$keycloak$models$UserModel$RequiredAction[UserModel.RequiredAction.CONFIGURE_TOTP.ordinal()] = 1;
            } catch (NoSuchFieldError e23) {
            }
            try {
                $SwitchMap$org$keycloak$models$UserModel$RequiredAction[UserModel.RequiredAction.CONFIGURE_RECOVERY_AUTHN_CODES.ordinal()] = 2;
            } catch (NoSuchFieldError e24) {
            }
            try {
                $SwitchMap$org$keycloak$models$UserModel$RequiredAction[UserModel.RequiredAction.UPDATE_PROFILE.ordinal()] = 3;
            } catch (NoSuchFieldError e25) {
            }
            try {
                $SwitchMap$org$keycloak$models$UserModel$RequiredAction[UserModel.RequiredAction.UPDATE_EMAIL.ordinal()] = 4;
            } catch (NoSuchFieldError e26) {
            }
            try {
                $SwitchMap$org$keycloak$models$UserModel$RequiredAction[UserModel.RequiredAction.UPDATE_PASSWORD.ordinal()] = 5;
            } catch (NoSuchFieldError e27) {
            }
            try {
                $SwitchMap$org$keycloak$models$UserModel$RequiredAction[UserModel.RequiredAction.VERIFY_EMAIL.ordinal()] = 6;
            } catch (NoSuchFieldError e28) {
            }
            try {
                $SwitchMap$org$keycloak$models$UserModel$RequiredAction[UserModel.RequiredAction.VERIFY_PROFILE.ordinal()] = 7;
            } catch (NoSuchFieldError e29) {
            }
        }
    }

    public FreeMarkerLoginFormsProvider(KeycloakSession keycloakSession) {
        this.session = keycloakSession;
        this.freeMarker = (FreeMarkerProvider) keycloakSession.getProvider(FreeMarkerProvider.class);
        this.attributes.put("scripts", new LinkedList());
        this.realm = keycloakSession.getContext().getRealm();
        this.client = keycloakSession.getContext().getClient();
        this.uriInfo = keycloakSession.getContext().getUri();
    }

    public void addScript(String str) {
        ((List) this.attributes.get("scripts")).add(str);
    }

    public Response createResponse(UserModel.RequiredAction requiredAction) {
        String str;
        LoginFormsPages loginFormsPages;
        switch (AnonymousClass1.$SwitchMap$org$keycloak$models$UserModel$RequiredAction[requiredAction.ordinal()]) {
            case DeclarativeUserProfileProviderFactory.PROVIDER_PRIORITY /* 1 */:
                str = Messages.CONFIGURE_TOTP;
                loginFormsPages = LoginFormsPages.LOGIN_CONFIG_TOTP;
                break;
            case DPoPUtil.DEFAULT_ALLOWED_CLOCK_SKEW /* 2 */:
                str = Messages.CONFIGURE_BACKUP_CODES;
                loginFormsPages = LoginFormsPages.LOGIN_RECOVERY_AUTHN_CODES_CONFIG;
                break;
            case 3:
                this.attributes.put("updateProfileCtx", new UserUpdateProfileContext(this.realm, this.user));
                str = Messages.UPDATE_PROFILE;
                loginFormsPages = LoginFormsPages.LOGIN_UPDATE_PROFILE;
                break;
            case 4:
                this.attributes.put(UPConfigUtils.ROLE_USER, new ProfileBean(new UserUpdateProfileContext(this.realm, this.user), this.formData));
                str = Messages.UPDATE_EMAIL;
                loginFormsPages = LoginFormsPages.UPDATE_EMAIL;
                break;
            case 5:
                Stream filter = this.user.getRequiredActionsStream().filter((v0) -> {
                    return Objects.nonNull(v0);
                });
                String requiredAction2 = UserModel.RequiredAction.UPDATE_PASSWORD.toString();
                Objects.requireNonNull(requiredAction2);
                str = filter.anyMatch((v1) -> {
                    return r1.contains(v1);
                }) ? Messages.UPDATE_PASSWORD : Messages.RESET_PASSWORD;
                loginFormsPages = LoginFormsPages.LOGIN_UPDATE_PASSWORD;
                break;
            case 6:
                this.attributes.put(UPConfigUtils.ROLE_USER, new ProfileBean(new UserUpdateProfileContext(this.realm, this.user), this.formData));
                str = Messages.VERIFY_EMAIL;
                loginFormsPages = LoginFormsPages.LOGIN_VERIFY_EMAIL;
                break;
            case 7:
                this.attributes.put("updateProfileCtx", new UserUpdateProfileContext(this.realm, this.user));
                str = Messages.UPDATE_PROFILE;
                loginFormsPages = LoginFormsPages.LOGIN_UPDATE_PROFILE;
                break;
            default:
                return Response.serverError().build();
        }
        if (this.messages == null) {
            setMessage(MessageType.WARNING, str, new Object[0]);
        }
        return createResponse(loginFormsPages);
    }

    protected Response createResponse(LoginFormsPages loginFormsPages) {
        try {
            Theme theme = getTheme();
            Locale resolveLocale = this.session.getContext().resolveLocale(this.user);
            Properties handleThemeResources = handleThemeResources(theme, resolveLocale);
            handleMessages(resolveLocale, handleThemeResources);
            createCommonAttributes(theme, resolveLocale, handleThemeResources, prepareBaseUriBuilder(loginFormsPages == LoginFormsPages.OAUTH_GRANT), loginFormsPages);
            this.attributes.put(OIDCLoginProtocol.PROMPT_VALUE_LOGIN, new LoginBean(this.formData));
            if (this.status != null) {
                this.attributes.put("statusCode", Integer.valueOf(this.status.getStatusCode()));
            }
            if (!isDetachedAuthenticationSession() && (CommonClientSessionModel.Action.AUTHENTICATE.name().equals(this.authenticationSession.getAction()) || CommonClientSessionModel.Action.REQUIRED_ACTIONS.name().equals(this.authenticationSession.getAction()) || CommonClientSessionModel.Action.OAUTH_GRANT.name().equals(this.authenticationSession.getAction()))) {
                setAttribute("authenticationSession", new AuthenticationSessionBean(this.authenticationSession.getParentSession().getId(), this.authenticationSession.getTabId()));
            }
            switch (AnonymousClass1.$SwitchMap$org$keycloak$forms$login$LoginFormsPages[loginFormsPages.ordinal()]) {
                case DeclarativeUserProfileProviderFactory.PROVIDER_PRIORITY /* 1 */:
                    TotpBean totpBean = new TotpBean(this.session, this.realm, this.user, getTotpUriBuilder(), this.authenticationSession.getAuthNote("TOTP_SECRET_KEY"));
                    this.authenticationSession.setAuthNote("TOTP_SECRET_KEY", totpBean.getTotpSecret());
                    this.attributes.put(Validation.FIELD_OTP_CODE, totpBean);
                    break;
                case DPoPUtil.DEFAULT_ALLOWED_CLOCK_SKEW /* 2 */:
                    this.attributes.put("recoveryAuthnCodesConfigBean", new RecoveryAuthnCodesBean());
                    break;
                case 3:
                    this.attributes.put("recoveryAuthnCodesInputBean", new RecoveryAuthnCodeInputLoginBean(this.session, this.realm, this.user));
                    break;
                case 4:
                    this.attributes.put(OIDCLoginProtocolFactory.PROFILE_CLAIM, new VerifyProfileBean(this.user, this.formData, this.session));
                    this.attributes.put(UPConfigUtils.ROLE_USER, new ProfileBean((UpdateProfileContext) this.attributes.get("updateProfileCtx"), this.formData));
                    break;
                case 5:
                    EmailBean emailBean = new EmailBean(this.user, this.formData, this.session);
                    this.attributes.put(OIDCLoginProtocolFactory.PROFILE_CLAIM, emailBean);
                    this.attributes.put("email", emailBean);
                    break;
                case 6:
                case 7:
                case 8:
                    BrokeredIdentityContext brokeredIdentityContext = (BrokeredIdentityContext) this.attributes.get("identityProviderBrokerCtx");
                    String capitalize = ObjectUtil.capitalize(brokeredIdentityContext.getIdpConfig().getAlias());
                    String str = capitalize;
                    if (!ObjectUtil.isBlank(brokeredIdentityContext.getIdpConfig().getDisplayName())) {
                        str = brokeredIdentityContext.getIdpConfig().getDisplayName();
                    }
                    this.attributes.put("brokerContext", brokeredIdentityContext);
                    this.attributes.put("idpAlias", capitalize);
                    this.attributes.put("idpDisplayName", str);
                    break;
                case 9:
                    this.attributes.put("otpLogin", new TotpLoginBean(this.session, this.realm, this.user, (String) this.attributes.get(OTPFormAuthenticator.SELECTED_OTP_CREDENTIAL_ID)));
                    break;
                case 10:
                    this.attributes.put("configuredOtpCredentials", new TotpLoginBean(this.session, this.realm, this.user, (String) this.attributes.get(OTPFormAuthenticator.SELECTED_OTP_CREDENTIAL_ID)));
                    break;
                case 11:
                    RegisterBean registerBean = new RegisterBean(this.formData, this.session);
                    this.attributes.put("register", registerBean);
                    this.attributes.put(OIDCLoginProtocolFactory.PROFILE_CLAIM, registerBean);
                    break;
                case 12:
                    this.attributes.put("oauth", new OAuthGrantBean(this.accessCode, this.client, this.clientScopesRequested));
                    break;
                case 13:
                    this.attributes.remove("message");
                    this.attributes.put("code", new CodeBean(this.accessCode, this.messageType == MessageType.ERROR ? getFirstMessageUnformatted() : null));
                    break;
                case 14:
                    this.attributes.put(X509ClientAuthenticator.ATTR_PREFIX, new X509ConfirmBean(this.formData));
                    break;
                case 15:
                    this.attributes.put("samlPost", new SAMLPostFormBean(this.formData));
                    break;
                case 16:
                    UpdateProfileContext updateProfileContext = (UpdateProfileContext) this.attributes.get("updateProfileCtx");
                    this.attributes.put(OIDCLoginProtocolFactory.PROFILE_CLAIM, new IdpReviewProfileBean(updateProfileContext, this.formData, this.session));
                    this.attributes.put(UPConfigUtils.ROLE_USER, new ProfileBean(updateProfileContext, this.formData));
                    break;
                case 17:
                    this.attributes.put("logout", new FrontChannelLogoutBean(this.session));
                    break;
                case 18:
                    this.attributes.put("logoutConfirm", new LogoutConfirmBean(this.accessCode, this.authenticationSession));
                    break;
            }
            return processTemplate(theme, Templates.getTemplate(loginFormsPages), resolveLocale);
        } catch (IOException e) {
            logger.error("Failed to create theme", e);
            return Response.serverError().build();
        }
    }

    private UriBuilder getTotpUriBuilder() {
        return this.uriInfo.getBaseUriBuilder().path(this.uriInfo.getPath()).replaceQuery(this.uriInfo.getRequestUri().getQuery());
    }

    public Response createForm(String str) {
        try {
            Theme theme = getTheme();
            Locale resolveLocale = this.session.getContext().resolveLocale(this.user);
            Properties handleThemeResources = handleThemeResources(theme, resolveLocale);
            handleMessages(resolveLocale, handleThemeResources);
            createCommonAttributes(theme, resolveLocale, handleThemeResources, prepareBaseUriBuilder(false), null);
            return processTemplate(theme, str, resolveLocale);
        } catch (IOException e) {
            logger.error("Failed to create theme", e);
            return Response.serverError().build();
        }
    }

    protected UriBuilder prepareBaseUriBuilder(boolean z) {
        UriBuilder fromUri = UriBuilder.fromUri(this.uriInfo.getBaseUri().getPath());
        if (z) {
            fromUri.replaceQuery((String) null);
        }
        if (this.client != null) {
            fromUri.queryParam("client_id", new Object[]{this.client.getClientId()});
        }
        if (this.authenticationSession != null) {
            fromUri.queryParam("tab_id", new Object[]{this.authenticationSession.getTabId()});
            String action = this.authenticationSession.getAction();
            if (!CommonClientSessionModel.Action.LOGGING_OUT.name().equals(action) && !CommonClientSessionModel.Action.LOGGED_OUT.name().equals(action)) {
                fromUri.queryParam("client_data", new Object[]{AuthenticationProcessor.getClientData(this.session, this.authenticationSession)});
            }
        }
        return fromUri;
    }

    protected Theme getTheme() throws IOException {
        return this.session.theme().getTheme(Theme.Type.LOGIN);
    }

    protected Properties handleThemeResources(Theme theme, Locale locale) {
        Properties properties;
        try {
            properties = theme.getEnhancedMessages(this.realm, locale);
            HashMap hashMap = new HashMap(this.attributes);
            hashMap.putAll(properties);
            this.attributes.put("msg", new MessageFormatterMethod(locale, hashMap));
            this.attributes.put("advancedMsg", new AdvancedMessageFormatterMethod(locale, properties));
        } catch (IOException e) {
            logger.warn("Failed to load messages", e);
            properties = new Properties();
        }
        try {
            this.attributes.put("properties", theme.getProperties());
        } catch (IOException e2) {
            logger.warn("Failed to load properties", e2);
        }
        return properties;
    }

    protected void handleMessages(Locale locale, Properties properties) {
        MessagesPerFieldBean messagesPerFieldBean = new MessagesPerFieldBean();
        if (this.messages != null) {
            MessageBean messageBean = new MessageBean(null, this.messageType);
            for (FormMessage formMessage : this.messages) {
                String formatMessage = formatMessage(formMessage, properties, locale);
                if (formatMessage != null) {
                    messageBean.appendSummaryLine(formatMessage);
                    messagesPerFieldBean.addMessage(formMessage.getField(), formatMessage, this.messageType);
                }
            }
            this.attributes.put("message", messageBean);
        } else {
            this.attributes.remove("message");
        }
        this.attributes.put("messagesPerField", messagesPerFieldBean);
    }

    public String getMessage(String str) {
        return formatMessage(new FormMessage((String) null, str));
    }

    /* JADX WARN: Can't fix incorrect switch cases order, some code will duplicate */
    /* JADX WARN: Failed to find 'out' block for switch in B:19:0x0132. Please report as an issue. */
    protected void createCommonAttributes(Theme theme, Locale locale, Properties properties, UriBuilder uriBuilder, LoginFormsPages loginFormsPages) {
        OrganizationModel resolveOrganization;
        UriBuilder path;
        URI build = uriBuilder.build(new Object[0]);
        if (this.accessCode != null) {
            uriBuilder.queryParam(LoginActionsService.SESSION_CODE, new Object[]{this.accessCode});
        }
        URI build2 = uriBuilder.build(new Object[0]);
        if (this.client != null) {
            this.attributes.put("client", new ClientBean(this.session, this.client));
        }
        if (this.realm != null) {
            this.attributes.put("realm", new RealmBean(this.realm));
            IdentityProviderBean identityProviderBean = new IdentityProviderBean(this.session, this.realm, build2, this.context);
            if (Profile.isFeatureEnabled(Profile.Feature.ORGANIZATION) && this.realm.isOrganizationsEnabled()) {
                identityProviderBean = new OrganizationAwareIdentityProviderBean(identityProviderBean);
            }
            this.attributes.put("social", identityProviderBean);
            this.attributes.put("url", new UrlBean(this.realm, theme, build, this.actionUri));
            this.attributes.put("requiredActionUrl", new RequiredActionUrlFormatterMethod(this.realm, build));
            this.attributes.put("auth", new AuthenticationContextBean(this.context, loginFormsPages));
            setAttribute("execution", this.execution);
            if (this.realm.isInternationalizationEnabled()) {
                if (loginFormsPages != null) {
                    switch (AnonymousClass1.$SwitchMap$org$keycloak$forms$login$LoginFormsPages[loginFormsPages.ordinal()]) {
                        case 11:
                            path = UriBuilder.fromUri(Urls.realmRegisterPage(build, this.realm.getName()));
                            break;
                        case 12:
                        case 13:
                        case 15:
                        case 16:
                        case 17:
                        default:
                            path = UriBuilder.fromUri(build).path(this.uriInfo.getPath());
                            break;
                        case 14:
                        case 19:
                        case ProtocolMapperUtils.PRIORITY_HARDCODED_ROLE_MAPPER /* 20 */:
                            path = UriBuilder.fromUri(Urls.realmLoginPage(build, this.realm.getName()));
                            break;
                        case 18:
                            path = UriBuilder.fromUri(Urls.logoutConfirm(build, this.realm.getName()));
                            break;
                        case 21:
                        case 22:
                            if (isDetachedAuthenticationSession()) {
                                FormMessage firstMessage = getFirstMessage();
                                if (firstMessage != null) {
                                    path = UriBuilder.fromUri(Urls.loginActionsDetachedInfo(build, this.realm.getName())).queryParam(DetachedInfoStateChecker.STATE_CHECKER_PARAM, new Object[]{new DetachedInfoStateChecker(this.session, this.realm).generateAndSetCookie(firstMessage.getMessage(), this.messageType.toString(), this.status == null ? null : Integer.valueOf(this.status.getStatusCode()), this.client == null ? null : this.client.getId(), firstMessage.getParameters()).getRenderedUrlState()});
                                    break;
                                } else {
                                    throw new IllegalStateException("Not able to create info/error page with detached authentication session as no info/error message available");
                                }
                            }
                            path = UriBuilder.fromUri(build).path(this.uriInfo.getPath());
                            break;
                    }
                } else {
                    path = UriBuilder.fromUri(build).path(this.uriInfo.getPath());
                }
                if (this.execution != null) {
                    path.queryParam("execution", new Object[]{this.execution});
                }
                if (this.authenticationSession != null && this.authenticationSession.getAuthNote("key") != null) {
                    path.queryParam("key", new Object[]{this.authenticationSession.getAuthNote("key")});
                }
                this.attributes.put(OIDCLoginProtocolFactory.LOCALE, new LocaleBean(this.realm, locale, path, properties));
            }
            if (Profile.isFeatureEnabled(Profile.Feature.ORGANIZATION) && (resolveOrganization = Organizations.resolveOrganization(this.session, this.user)) != null) {
                this.attributes.put("org", new OrganizationBean(resolveOrganization, this.user));
            }
        }
        if (this.realm != null && this.user != null && this.session != null) {
            this.attributes.put("authenticatorConfigured", new AuthenticatorConfiguredMethod(this.realm, this.user, this.session));
        }
        if (this.authenticationSession == null || this.authenticationSession.getClientNote("kc_action_executing") == null || Boolean.TRUE.toString().equals(this.authenticationSession.getClientNote("kc_action_enforced"))) {
            return;
        }
        this.attributes.put("isAppInitiatedAction", true);
    }

    protected Response processTemplate(Theme theme, String str, Locale locale) {
        try {
            Response.ResponseBuilder entity = Response.status(this.status == null ? Response.Status.OK : this.status).type(MediaType.TEXT_HTML_UTF_8_TYPE).language(locale).entity(this.freeMarker.processTemplate((Map) ((Function) Optional.ofNullable(this.attributeMapper).orElse(Function.identity())).apply(this.attributes), str, theme));
            for (Map.Entry<String, String> entry : this.httpResponseHeaders.entrySet()) {
                entity.header(entry.getKey(), entry.getValue());
            }
            return entity.build();
        } catch (FreeMarkerException e) {
            logger.error("Failed to process template", e);
            return Response.serverError().build();
        }
    }

    public Response createLoginUsernamePassword() {
        return createResponse(LoginFormsPages.LOGIN);
    }

    public Response createLoginUsername() {
        return createResponse(LoginFormsPages.LOGIN_USERNAME);
    }

    public Response createLoginPassword() {
        return createResponse(LoginFormsPages.LOGIN_PASSWORD);
    }

    public Response createPasswordReset() {
        String clientNote = this.authenticationSession.getClientNote("login_hint");
        if (clientNote != null && !clientNote.isEmpty()) {
            this.authenticationSession.setAuthNote(AbstractUsernameFormAuthenticator.ATTEMPTED_USERNAME, clientNote);
        }
        return createResponse(LoginFormsPages.LOGIN_RESET_PASSWORD);
    }

    public Response createOtpReset() {
        return createResponse(LoginFormsPages.LOGIN_RESET_OTP);
    }

    public Response createLoginTotp() {
        return createResponse(LoginFormsPages.LOGIN_TOTP);
    }

    public Response createLoginRecoveryAuthnCode() {
        return createResponse(LoginFormsPages.LOGIN_RECOVERY_AUTHN_CODES_INPUT);
    }

    public Response createLoginWebAuthn() {
        return createResponse(LoginFormsPages.LOGIN_WEBAUTHN);
    }

    public Response createRegistration() {
        String clientNote = this.authenticationSession.getClientNote("login_hint");
        if (clientNote != null && !clientNote.isEmpty()) {
            if (this.formData == null) {
                this.formData = new MultivaluedHashMap();
            }
            if (this.realm.isRegistrationEmailAsUsername()) {
                String str = (String) this.formData.getFirst("email");
                if (str == null || str.trim().isEmpty()) {
                    this.formData.putSingle("email", clientNote);
                }
            } else {
                String str2 = (String) this.formData.getFirst("username");
                if (str2 == null || str2.trim().isEmpty()) {
                    this.formData.putSingle("username", clientNote);
                }
            }
        }
        return createResponse(LoginFormsPages.REGISTER);
    }

    public Response createInfoPage() {
        return createResponse(LoginFormsPages.INFO);
    }

    public Response createUpdateProfilePage() {
        if (this.messageType != MessageType.ERROR) {
            setMessage(MessageType.WARNING, Messages.UPDATE_PROFILE, new Object[0]);
        }
        UpdateProfileContext updateProfileContext = (UpdateProfileContext) this.attributes.get("updateProfileCtx");
        return (updateProfileContext == null || updateProfileContext.getUserProfileContext() != UserProfileContext.IDP_REVIEW) ? createResponse(LoginFormsPages.LOGIN_UPDATE_PROFILE) : createResponse(LoginFormsPages.IDP_REVIEW_USER_PROFILE);
    }

    public Response createIdpLinkConfirmLinkPage() {
        return createResponse(LoginFormsPages.LOGIN_IDP_LINK_CONFIRM);
    }

    public Response createIdpLinkConfirmOverrideLinkPage() {
        return createResponse(LoginFormsPages.LOGIN_IDP_LINK_CONFIRM_OVERRIDE);
    }

    public Response createLoginExpiredPage() {
        return createResponse(LoginFormsPages.LOGIN_PAGE_EXPIRED);
    }

    public Response createIdpLinkEmailPage() {
        BrokeredIdentityContext brokeredIdentityContext = (BrokeredIdentityContext) this.attributes.get("identityProviderBrokerCtx");
        String capitalize = ObjectUtil.capitalize(brokeredIdentityContext.getIdpConfig().getAlias());
        if (!ObjectUtil.isBlank(brokeredIdentityContext.getIdpConfig().getDisplayName())) {
            capitalize = brokeredIdentityContext.getIdpConfig().getDisplayName();
        }
        setMessage(MessageType.WARNING, Messages.LINK_IDP, capitalize);
        return createResponse(LoginFormsPages.LOGIN_IDP_LINK_EMAIL);
    }

    public Response createErrorPage(Response.Status status) {
        if (!MediaTypeMatcher.isJsonRequest(this.session.getContext().getRequestHeaders())) {
            this.status = status;
            return createResponse(LoginFormsPages.ERROR);
        }
        OAuth2ErrorRepresentation oAuth2ErrorRepresentation = new OAuth2ErrorRepresentation();
        oAuth2ErrorRepresentation.setError(formatMessage(getFirstMessage()));
        return Response.status(status).type(MediaType.APPLICATION_JSON_TYPE).entity(oAuth2ErrorRepresentation).build();
    }

    public Response createWebAuthnErrorPage() {
        return createResponse(LoginFormsPages.ERROR_WEBAUTHN);
    }

    public Response createOAuthGrant() {
        return createResponse(LoginFormsPages.OAUTH_GRANT);
    }

    public Response createSelectAuthenticator() {
        return createResponse(LoginFormsPages.LOGIN_SELECT_AUTHENTICATOR);
    }

    public Response createOAuth2DeviceVerifyUserCodePage() {
        return createResponse(LoginFormsPages.LOGIN_OAUTH2_DEVICE_VERIFY_USER_CODE);
    }

    public Response createCode() {
        return createResponse(LoginFormsPages.CODE);
    }

    public Response createX509ConfirmPage() {
        return createResponse(LoginFormsPages.X509_CONFIRM);
    }

    public Response createSamlPostForm() {
        return createResponse(LoginFormsPages.SAML_POST_FORM);
    }

    public Response createFrontChannelLogoutPage() {
        return createResponse(LoginFormsPages.FRONTCHANNEL_LOGOUT);
    }

    public Response createLogoutConfirmPage() {
        return createResponse(LoginFormsPages.LOGOUT_CONFIRM);
    }

    public LoginFormsProvider setMessage(MessageType messageType, String str, Object... objArr) {
        this.messageType = messageType;
        this.messages = new ArrayList();
        this.messages.add(new FormMessage((String) null, str, objArr));
        return this;
    }

    private FormMessage getFirstMessage() {
        if (this.messages == null || this.messages.isEmpty()) {
            return null;
        }
        return this.messages.get(0);
    }

    protected String getFirstMessageUnformatted() {
        FormMessage firstMessage = getFirstMessage();
        if (firstMessage == null) {
            return null;
        }
        return firstMessage.getMessage();
    }

    protected String formatMessage(FormMessage formMessage) {
        try {
            Theme theme = getTheme();
            Locale resolveLocale = this.session.getContext().resolveLocale(this.user);
            return formatMessage(formMessage, handleThemeResources(theme, resolveLocale), resolveLocale);
        } catch (IOException e) {
            logger.error("Failed to create theme", e);
            throw new RuntimeException("Failed to create theme");
        }
    }

    protected String formatMessage(FormMessage formMessage, Properties properties, Locale locale) {
        if (formMessage == null) {
            return null;
        }
        return properties.containsKey(formMessage.getMessage()) ? new MessageFormat(properties.getProperty(formMessage.getMessage()), locale).format(formMessage.getParameters()) : formMessage.getMessage();
    }

    /* renamed from: setError, reason: merged with bridge method [inline-methods] */
    public FreeMarkerLoginFormsProvider m274setError(String str, Object... objArr) {
        setMessage(MessageType.ERROR, str, objArr);
        return this;
    }

    public LoginFormsProvider setErrors(List<FormMessage> list) {
        if (list == null) {
            return this;
        }
        this.messageType = MessageType.ERROR;
        this.messages = new ArrayList(list);
        return this;
    }

    public LoginFormsProvider addError(FormMessage formMessage) {
        if (this.messageType != MessageType.ERROR) {
            this.messageType = null;
            this.messages = null;
        }
        if (this.messages == null) {
            this.messageType = MessageType.ERROR;
            this.messages = new LinkedList();
        }
        this.messages.add(formMessage);
        return this;
    }

    public LoginFormsProvider addSuccess(FormMessage formMessage) {
        if (this.messageType != MessageType.SUCCESS) {
            this.messageType = null;
            this.messages = null;
        }
        if (this.messages == null) {
            this.messageType = MessageType.SUCCESS;
            this.messages = new LinkedList();
        }
        this.messages.add(formMessage);
        return this;
    }

    /* renamed from: setSuccess, reason: merged with bridge method [inline-methods] */
    public FreeMarkerLoginFormsProvider m273setSuccess(String str, Object... objArr) {
        setMessage(MessageType.SUCCESS, str, objArr);
        return this;
    }

    /* renamed from: setInfo, reason: merged with bridge method [inline-methods] */
    public FreeMarkerLoginFormsProvider m272setInfo(String str, Object... objArr) {
        setMessage(MessageType.INFO, str, objArr);
        return this;
    }

    public LoginFormsProvider setDetachedAuthSession() {
        this.detachedAuthSession = true;
        return this;
    }

    private boolean isDetachedAuthenticationSession() {
        return this.detachedAuthSession || this.authenticationSession == null;
    }

    public LoginFormsProvider setAuthenticationSession(AuthenticationSessionModel authenticationSessionModel) {
        this.authenticationSession = authenticationSessionModel;
        return this;
    }

    /* renamed from: setUser, reason: merged with bridge method [inline-methods] */
    public FreeMarkerLoginFormsProvider m271setUser(UserModel userModel) {
        this.user = userModel;
        return this;
    }

    public FreeMarkerLoginFormsProvider setFormData(MultivaluedMap<String, String> multivaluedMap) {
        this.formData = multivaluedMap;
        return this;
    }

    public LoginFormsProvider setClientSessionCode(String str) {
        this.accessCode = str;
        return this;
    }

    public LoginFormsProvider setAccessRequest(List<AuthorizationDetails> list) {
        this.clientScopesRequested = list;
        return this;
    }

    public LoginFormsProvider setAttribute(String str, Object obj) {
        if (obj == null) {
            this.attributes.remove(str);
        } else {
            this.attributes.put(str, obj);
        }
        return this;
    }

    public LoginFormsProvider setStatus(Response.Status status) {
        this.status = status;
        return this;
    }

    public LoginFormsProvider setActionUri(URI uri) {
        this.actionUri = uri;
        return this;
    }

    public LoginFormsProvider setExecution(String str) {
        this.execution = str;
        return this;
    }

    public LoginFormsProvider setResponseHeader(String str, String str2) {
        this.httpResponseHeaders.put(str, str2);
        return this;
    }

    public LoginFormsProvider setAuthContext(AuthenticationFlowContext authenticationFlowContext) {
        this.context = authenticationFlowContext;
        return this;
    }

    public LoginFormsProvider setAttributeMapper(Function<Map<String, Object>, Map<String, Object>> function) {
        this.attributeMapper = function;
        return this;
    }

    public void close() {
    }

    /* renamed from: setFormData, reason: collision with other method in class */
    public /* bridge */ /* synthetic */ LoginFormsProvider m270setFormData(MultivaluedMap multivaluedMap) {
        return setFormData((MultivaluedMap<String, String>) multivaluedMap);
    }
}
