package it.geosolutions.geostore.services.rest.security.keycloak;

import it.geosolutions.geostore.services.rest.utils.GeoStoreContext;
import org.keycloak.adapters.KeycloakDeployment;
import org.keycloak.adapters.OAuthRequestAuthenticator;
import org.keycloak.adapters.OIDCAuthenticationError;
import org.keycloak.adapters.RequestAuthenticator;
import org.keycloak.adapters.spi.AdapterSessionStore;
import org.keycloak.adapters.spi.AuthChallenge;
import org.keycloak.adapters.spi.HttpFacade;

/* loaded from: input_file:WEB-INF/lib/geostore-rest-impl-1.9.0.jar:it/geosolutions/geostore/services/rest/security/keycloak/GeoStoreOAuthAuthenticator.class */
public class GeoStoreOAuthAuthenticator extends OAuthRequestAuthenticator {
    public GeoStoreOAuthAuthenticator(RequestAuthenticator requestAuthenticator, HttpFacade httpFacade, KeycloakDeployment keycloakDeployment, int i, AdapterSessionStore adapterSessionStore) {
        super(requestAuthenticator, httpFacade, keycloakDeployment, i, adapterSessionStore);
    }

    @Override // org.keycloak.adapters.OAuthRequestAuthenticator
    protected AuthChallenge loginRedirect() {
        final String stateCode = getStateCode();
        final String redirectUri = getRedirectUri(stateCode);
        return redirectUri == null ? challenge(403, OIDCAuthenticationError.Reason.NO_REDIRECT_URI, null) : new AuthChallenge() { // from class: it.geosolutions.geostore.services.rest.security.keycloak.GeoStoreOAuthAuthenticator.1
            @Override // org.keycloak.adapters.spi.AuthChallenge
            public int getResponseCode() {
                return 0;
            }

            @Override // org.keycloak.adapters.spi.AuthChallenge
            public boolean challenge(HttpFacade httpFacade) {
                GeoStoreOAuthAuthenticator.this.tokenStore.saveRequest();
                httpFacade.getResponse().setStatus(302);
                httpFacade.getResponse().setCookie(GeoStoreOAuthAuthenticator.this.deployment.getStateCookieName(), stateCode, null, null, -1, GeoStoreOAuthAuthenticator.this.deployment.getSslRequired().isRequired(GeoStoreOAuthAuthenticator.this.facade.getRequest().getRemoteAddr()), true);
                httpFacade.getResponse().setHeader("Location", redirectUri);
                return true;
            }
        };
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.keycloak.adapters.OAuthRequestAuthenticator
    public String stripOauthParametersFromRedirect() {
        String stripOauthParametersFromRedirect = super.stripOauthParametersFromRedirect();
        KeyCloakConfiguration keyCloakConfiguration = (KeyCloakConfiguration) GeoStoreContext.bean(KeyCloakConfiguration.class);
        return keyCloakConfiguration.getForceConfiguredRedirectURI().booleanValue() ? keyCloakConfiguration.getRedirectUri() : stripOauthParametersFromRedirect;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.keycloak.adapters.OAuthRequestAuthenticator
    public String getRequestUrl() {
        String redirectUri = ((KeyCloakConfiguration) GeoStoreContext.bean(KeyCloakConfiguration.class)).getRedirectUri();
        return (redirectUri == null || "".equals(redirectUri)) ? super.getRequestUrl() : redirectUri;
    }
}
