package org.keycloak.authentication.forms;

import java.nio.charset.StandardCharsets;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import org.apache.http.client.entity.UrlEncodedFormEntity;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.message.BasicNameValuePair;
import org.apache.http.util.EntityUtils;
import org.jboss.logging.Logger;
import org.keycloak.authentication.ValidationContext;
import org.keycloak.connections.httpclient.HttpClientProvider;
import org.keycloak.keys.Attributes;
import org.keycloak.models.AuthenticationExecutionModel;
import org.keycloak.provider.ProviderConfigProperty;
import org.keycloak.provider.ProviderConfigurationBuilder;
import org.keycloak.services.ServicesLogger;
import org.keycloak.util.JsonSerialization;
import org.keycloak.utils.StringUtil;

/* loaded from: input_file:org/keycloak/authentication/forms/RegistrationRecaptcha.class */
public class RegistrationRecaptcha extends AbstractRegistrationRecaptcha {
    private static final Logger LOGGER = Logger.getLogger(RegistrationRecaptcha.class);
    public static final String PROVIDER_ID = "registration-recaptcha-action";
    public static final String SECRET_KEY = "secret.key";

    public String getDisplayType() {
        return "reCAPTCHA";
    }

    public String getHelpText() {
        return "Adds Google reCAPTCHA to the form.";
    }

    @Override // org.keycloak.authentication.forms.AbstractRegistrationRecaptcha
    public AuthenticationExecutionModel.Requirement[] getRequirementChoices() {
        return new AuthenticationExecutionModel.Requirement[]{AuthenticationExecutionModel.Requirement.REQUIRED, AuthenticationExecutionModel.Requirement.DISABLED};
    }

    @Override // org.keycloak.authentication.forms.AbstractRegistrationRecaptcha
    protected boolean validateConfig(Map<String, String> map) {
        return (StringUtil.isNullOrEmpty(map.get(AbstractRegistrationRecaptcha.SITE_KEY)) || StringUtil.isNullOrEmpty(map.get(SECRET_KEY))) ? false : true;
    }

    @Override // org.keycloak.authentication.forms.AbstractRegistrationRecaptcha
    protected boolean validate(ValidationContext validationContext, String str, Map<String, String> map) {
        LOGGER.trace("Verifying reCAPTCHA using non-enterprise API");
        CloseableHttpClient httpClient = validationContext.getSession().getProvider(HttpClientProvider.class).getHttpClient();
        HttpPost httpPost = new HttpPost("https://www." + getRecaptchaDomain(map) + "/recaptcha/api/siteverify");
        LinkedList linkedList = new LinkedList();
        linkedList.add(new BasicNameValuePair(Attributes.SECRET_KEY, map.get(SECRET_KEY)));
        linkedList.add(new BasicNameValuePair("response", str));
        linkedList.add(new BasicNameValuePair("remoteip", validationContext.getConnection().getRemoteAddr()));
        try {
            httpPost.setEntity(new UrlEncodedFormEntity(linkedList, StandardCharsets.UTF_8));
            CloseableHttpResponse execute = httpClient.execute(httpPost);
            try {
                try {
                    boolean equals = Boolean.TRUE.equals(((Map) JsonSerialization.readValue(execute.getEntity().getContent(), Map.class)).get("success"));
                    EntityUtils.consumeQuietly(execute.getEntity());
                    if (execute != null) {
                        execute.close();
                    }
                    return equals;
                } catch (Throwable th) {
                    EntityUtils.consumeQuietly(execute.getEntity());
                    throw th;
                }
            } finally {
            }
        } catch (Exception e) {
            ServicesLogger.LOGGER.recaptchaFailed(e);
            return false;
        }
    }

    @Override // org.keycloak.authentication.forms.AbstractRegistrationRecaptcha
    protected String getScriptUrl(Map<String, String> map, String str) {
        return "https://www." + getRecaptchaDomain(map) + "/recaptcha/api.js?hl=" + str;
    }

    public String getId() {
        return PROVIDER_ID;
    }

    @Override // org.keycloak.authentication.forms.AbstractRegistrationRecaptcha
    public List<ProviderConfigProperty> getConfigProperties() {
        List<ProviderConfigProperty> build = ProviderConfigurationBuilder.create().property().name(AbstractRegistrationRecaptcha.SITE_KEY).label("reCAPTCHA Site Key").helpText("The site key.").type("String").add().property().name(SECRET_KEY).label("reCAPTCHA Secret").helpText("The secret key.").type("String").secret(true).add().build();
        build.addAll(super.getConfigProperties());
        return build;
    }
}
