package org.keycloak.authentication.actiontoken;

import jakarta.ws.rs.core.Response;
import jakarta.ws.rs.core.UriBuilderException;
import jakarta.ws.rs.core.UriInfo;
import org.keycloak.authentication.AuthenticationProcessor;
import org.keycloak.common.ClientConnection;
import org.keycloak.events.EventBuilder;
import org.keycloak.http.HttpRequest;
import org.keycloak.models.AuthenticationFlowModel;
import org.keycloak.models.ClientModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.models.utils.SystemClientUtil;
import org.keycloak.representations.JsonWebToken;
import org.keycloak.services.Urls;
import org.keycloak.services.managers.AuthenticationSessionManager;
import org.keycloak.sessions.AuthenticationSessionModel;
import org.keycloak.sessions.CommonClientSessionModel;

/* loaded from: input_file:org/keycloak/authentication/actiontoken/ActionTokenContext.class */
public class ActionTokenContext<T extends JsonWebToken> {
    private final KeycloakSession session;
    private final RealmModel realm;
    private final UriInfo uriInfo;
    private final ClientConnection clientConnection;
    private final HttpRequest request;
    private EventBuilder event;
    private final ActionTokenHandler<T> handler;
    private AuthenticationSessionModel authenticationSession;
    private boolean authenticationSessionFresh;
    private String executionId;
    private String clientData;
    private final ProcessAuthenticateFlow processAuthenticateFlow;
    private final ProcessBrokerFlow processBrokerFlow;

    @FunctionalInterface
    /* loaded from: input_file:org/keycloak/authentication/actiontoken/ActionTokenContext$ProcessAuthenticateFlow.class */
    public interface ProcessAuthenticateFlow {
        Response processFlow(boolean z, String str, AuthenticationSessionModel authenticationSessionModel, String str2, AuthenticationFlowModel authenticationFlowModel, String str3, AuthenticationProcessor authenticationProcessor);
    }

    @FunctionalInterface
    /* loaded from: input_file:org/keycloak/authentication/actiontoken/ActionTokenContext$ProcessBrokerFlow.class */
    public interface ProcessBrokerFlow {
        Response brokerLoginFlow(String str, String str2, String str3, String str4, String str5, String str6, String str7);
    }

    public ActionTokenContext(KeycloakSession keycloakSession, RealmModel realmModel, UriInfo uriInfo, ClientConnection clientConnection, HttpRequest httpRequest, EventBuilder eventBuilder, ActionTokenHandler<T> actionTokenHandler, String str, String str2, ProcessAuthenticateFlow processAuthenticateFlow, ProcessBrokerFlow processBrokerFlow) {
        this.session = keycloakSession;
        this.realm = realmModel;
        this.uriInfo = uriInfo;
        this.clientConnection = clientConnection;
        this.request = httpRequest;
        this.event = eventBuilder;
        this.handler = actionTokenHandler;
        this.executionId = str;
        this.clientData = str2;
        this.processAuthenticateFlow = processAuthenticateFlow;
        this.processBrokerFlow = processBrokerFlow;
    }

    public EventBuilder getEvent() {
        return this.event;
    }

    public void setEvent(EventBuilder eventBuilder) {
        this.event = eventBuilder;
    }

    public KeycloakSession getSession() {
        return this.session;
    }

    public RealmModel getRealm() {
        return this.realm;
    }

    public UriInfo getUriInfo() {
        return this.uriInfo;
    }

    public ClientConnection getClientConnection() {
        return this.clientConnection;
    }

    public HttpRequest getRequest() {
        return this.request;
    }

    public AuthenticationSessionModel createAuthenticationSessionForClient(String str) throws UriBuilderException, IllegalArgumentException {
        AuthenticationSessionModel createAuthenticationSession = new AuthenticationSessionManager(this.session).createAuthenticationSession(this.realm, true).createAuthenticationSession(str != null ? this.realm.getClientByClientId(str) : SystemClientUtil.getSystemClient(this.realm));
        createAuthenticationSession.setAction(CommonClientSessionModel.Action.AUTHENTICATE.name());
        createAuthenticationSession.setProtocol("openid-connect");
        String uri = Urls.accountBase(this.uriInfo.getBaseUri()).path("/").build(new Object[]{this.realm.getName()}).toString();
        createAuthenticationSession.setRedirectUri(uri);
        createAuthenticationSession.setClientNote("redirect_uri", uri);
        createAuthenticationSession.setClientNote("response_type", "code");
        createAuthenticationSession.setClientNote("iss", Urls.realmIssuer(this.uriInfo.getBaseUri(), this.realm.getName()));
        return createAuthenticationSession;
    }

    public boolean isAuthenticationSessionFresh() {
        return this.authenticationSessionFresh;
    }

    public AuthenticationSessionModel getAuthenticationSession() {
        return this.authenticationSession;
    }

    public void setAuthenticationSession(AuthenticationSessionModel authenticationSessionModel, boolean z) {
        this.authenticationSession = authenticationSessionModel;
        this.authenticationSessionFresh = z;
        if (this.event != null) {
            ClientModel client = authenticationSessionModel == null ? null : authenticationSessionModel.getClient();
            this.event.client(client == null ? null : client.getClientId());
        }
    }

    public ActionTokenHandler<T> getHandler() {
        return this.handler;
    }

    public String getExecutionId() {
        return this.executionId;
    }

    public void setExecutionId(String str) {
        this.executionId = str;
    }

    public Response processFlow(boolean z, String str, AuthenticationFlowModel authenticationFlowModel, String str2, AuthenticationProcessor authenticationProcessor) {
        return this.processAuthenticateFlow.processFlow(z, getExecutionId(), getAuthenticationSession(), str, authenticationFlowModel, str2, authenticationProcessor);
    }

    public Response brokerFlow(String str, String str2, String str3) {
        return this.processBrokerFlow.brokerLoginFlow(str, str2, getExecutionId(), this.authenticationSession.getClient().getClientId(), this.authenticationSession.getTabId(), this.clientData, str3);
    }
}
