package io.phasetwo.service.auth;

import com.google.auto.service.AutoService;
import io.phasetwo.service.Orgs;
import java.util.Map;
import org.jboss.logging.Logger;
import org.keycloak.authentication.AuthenticationFlowContext;
import org.keycloak.authentication.Authenticator;
import org.keycloak.authentication.AuthenticatorFactory;
import org.keycloak.broker.provider.BrokeredIdentityContext;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.KeycloakSessionFactory;
import org.keycloak.models.RealmModel;

@AutoService({AuthenticatorFactory.class})
/* loaded from: input_file:io/phasetwo/service/auth/OrgNoteAuthenticatorFactory.class */
public class OrgNoteAuthenticatorFactory extends BaseAuthenticatorFactory implements DefaultAuthenticator {
    private static final Logger log = Logger.getLogger(OrgNoteAuthenticatorFactory.class);
    public static final String PROVIDER_ID = "ext-auth-org-note";

    public OrgNoteAuthenticatorFactory() {
        super(PROVIDER_ID);
    }

    public void authenticate(AuthenticationFlowContext authenticationFlowContext) {
        log.info("OrgNoteAuthenticatorFactory.authenticate");
        setNote(authenticationFlowContext);
    }

    public void action(AuthenticationFlowContext authenticationFlowContext) {
        log.info("OrgNoteAuthenticatorFactory.action");
    }

    private void setNote(AuthenticationFlowContext authenticationFlowContext) {
        PostOrgAuthFlow.setStatus(authenticationFlowContext);
        BrokeredIdentityContext brokeredIdentityContext = PostOrgAuthFlow.getBrokeredIdentityContext(authenticationFlowContext);
        if (PostOrgAuthFlow.brokeredIdpEnabled(authenticationFlowContext, brokeredIdentityContext)) {
            Map config = brokeredIdentityContext.getIdpConfig().getConfig();
            if (config == null || !config.containsKey(Orgs.ORG_OWNER_CONFIG_KEY)) {
                log.infof("No organization owns IdP %s", brokeredIdentityContext.getIdpConfig().getAlias());
                return;
            }
            log.infof("Set auth/session note %s = %s for IdP %s", Orgs.FIELD_ORG_ID, config.get(Orgs.ORG_OWNER_CONFIG_KEY), brokeredIdentityContext.getIdpConfig().getAlias());
            authenticationFlowContext.getAuthenticationSession().setAuthNote(Orgs.FIELD_ORG_ID, (String) config.get(Orgs.ORG_OWNER_CONFIG_KEY));
            authenticationFlowContext.getAuthenticationSession().setUserSessionNote(Orgs.FIELD_ORG_ID, (String) config.get(Orgs.ORG_OWNER_CONFIG_KEY));
        }
    }

    @Override // io.phasetwo.service.auth.DefaultAuthenticator
    public boolean requiresUser() {
        return true;
    }

    @Override // io.phasetwo.service.auth.BaseAuthenticatorFactory
    /* renamed from: create */
    public Authenticator mo5create(KeycloakSession keycloakSession) {
        return this;
    }

    @Override // io.phasetwo.service.auth.BaseAuthenticatorFactory
    public boolean isUserSetupAllowed() {
        return false;
    }

    @Override // io.phasetwo.service.auth.BaseAuthenticatorFactory
    public String getHelpText() {
        return "Sets an auth and user session notes of the org_id if an organization-owned IdP was used to log in. Use only in Post Login Flows.";
    }

    @Override // io.phasetwo.service.auth.BaseAuthenticatorFactory
    public String getDisplayType() {
        return "Org To Auth/Session Note";
    }

    @Override // io.phasetwo.service.auth.BaseAuthenticatorFactory
    public String getReferenceCategory() {
        return "Post Broker";
    }

    @Override // io.phasetwo.service.auth.BaseAuthenticatorFactory
    public void postInit(KeycloakSessionFactory keycloakSessionFactory) {
        keycloakSessionFactory.register(providerEvent -> {
            if (providerEvent instanceof RealmModel.RealmPostCreateEvent) {
                PostOrgAuthFlow.realmPostCreate((RealmModel.RealmPostCreateEvent) providerEvent, PROVIDER_ID);
            }
        });
    }
}
