package org.keycloak.authentication.authenticators.browser;

import java.io.IOException;
import java.util.Arrays;
import java.util.List;
import org.jboss.logging.Logger;
import org.keycloak.Config;
import org.keycloak.authentication.Authenticator;
import org.keycloak.authentication.AuthenticatorFactory;
import org.keycloak.common.Profile;
import org.keycloak.common.util.StreamUtil;
import org.keycloak.models.AuthenticationExecutionModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.KeycloakSessionFactory;
import org.keycloak.provider.EnvironmentDependentProviderFactory;
import org.keycloak.provider.ProviderConfigProperty;

/* loaded from: input_file:BOOT-INF/lib/keycloak-services-8.0.0.jar:org/keycloak/authentication/authenticators/browser/ScriptBasedAuthenticatorFactory.class */
public class ScriptBasedAuthenticatorFactory implements AuthenticatorFactory, EnvironmentDependentProviderFactory {
    public static final String PROVIDER_ID = "auth-script-based";
    private static final Logger LOGGER = Logger.getLogger((Class<?>) ScriptBasedAuthenticatorFactory.class);
    static final AuthenticationExecutionModel.Requirement[] REQUIREMENT_CHOICES = {AuthenticationExecutionModel.Requirement.REQUIRED, AuthenticationExecutionModel.Requirement.ALTERNATIVE, AuthenticationExecutionModel.Requirement.DISABLED};
    static final ScriptBasedAuthenticator SINGLETON = new ScriptBasedAuthenticator();

    /* JADX WARN: Can't rename method to resolve collision */
    @Override // org.keycloak.provider.ProviderFactory
    /* renamed from: create */
    public Authenticator create2(KeycloakSession keycloakSession) {
        return SINGLETON;
    }

    @Override // org.keycloak.provider.ProviderFactory
    public void init(Config.Scope scope) {
    }

    @Override // org.keycloak.provider.ProviderFactory
    public void postInit(KeycloakSessionFactory keycloakSessionFactory) {
    }

    @Override // org.keycloak.provider.ProviderFactory
    public void close() {
    }

    @Override // org.keycloak.provider.ProviderFactory
    public String getId() {
        return PROVIDER_ID;
    }

    @Override // org.keycloak.authentication.ConfigurableAuthenticatorFactory
    public String getReferenceCategory() {
        return "script";
    }

    public boolean isConfigurable() {
        return true;
    }

    public boolean isUserSetupAllowed() {
        return true;
    }

    @Override // org.keycloak.authentication.ConfigurableAuthenticatorFactory
    public AuthenticationExecutionModel.Requirement[] getRequirementChoices() {
        return REQUIREMENT_CHOICES;
    }

    public String getDisplayType() {
        return ProviderConfigProperty.SCRIPT_TYPE;
    }

    public String getHelpText() {
        return "Script based authentication. Allows to define custom authentication logic via JavaScript.";
    }

    @Override // org.keycloak.provider.ConfiguredProvider
    public List<ProviderConfigProperty> getConfigProperties() {
        ProviderConfigProperty providerConfigProperty = new ProviderConfigProperty();
        providerConfigProperty.setType("String");
        providerConfigProperty.setName("scriptName");
        providerConfigProperty.setLabel("Script Name");
        providerConfigProperty.setHelpText("The name of the script used to authenticate.");
        ProviderConfigProperty providerConfigProperty2 = new ProviderConfigProperty();
        providerConfigProperty2.setType("String");
        providerConfigProperty2.setName("scriptDescription");
        providerConfigProperty2.setLabel("Script Description");
        providerConfigProperty2.setHelpText("The description of the script used to authenticate.");
        ProviderConfigProperty providerConfigProperty3 = new ProviderConfigProperty();
        providerConfigProperty3.setType(ProviderConfigProperty.SCRIPT_TYPE);
        providerConfigProperty3.setName("scriptCode");
        providerConfigProperty3.setLabel("Script Source");
        String str = "//enter your script code here";
        try {
            str = StreamUtil.readString(getClass().getResourceAsStream("/scripts/authenticator-template.js"));
        } catch (IOException e) {
            LOGGER.warn(e);
        }
        providerConfigProperty3.setDefaultValue(str);
        providerConfigProperty3.setHelpText("The script used to authenticate. Scripts must at least define a function with the name 'authenticate(context)' that accepts a context (AuthenticationFlowContext) parameter.\nThis authenticator exposes the following additional variables: 'script', 'realm', 'user', 'session', 'authenticationSession', 'httpRequest', 'LOG'");
        return Arrays.asList(providerConfigProperty, providerConfigProperty2, providerConfigProperty3);
    }

    public boolean isSupported() {
        return Profile.isFeatureEnabled(Profile.Feature.SCRIPTS) && Profile.isFeatureEnabled(Profile.Feature.UPLOAD_SCRIPTS);
    }
}
