package org.keycloak.authentication.authenticators.conditional;

import java.util.stream.Stream;
import org.jboss.logging.Logger;
import org.keycloak.authentication.AuthenticationFlowContext;
import org.keycloak.models.AuthenticationExecutionModel;
import org.keycloak.models.AuthenticationFlowModel;
import org.keycloak.models.AuthenticatorConfigModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.models.UserModel;
import org.keycloak.sessions.CommonClientSessionModel;

/* loaded from: input_file:org/keycloak/authentication/authenticators/conditional/ConditionalSubFlowExecutedAuthenticator.class */
public class ConditionalSubFlowExecutedAuthenticator implements ConditionalAuthenticator {
    protected static final ConditionalSubFlowExecutedAuthenticator SINGLETON = new ConditionalSubFlowExecutedAuthenticator();
    private static final Logger logger = Logger.getLogger(ConditionalSubFlowExecutedAuthenticator.class);

    @Override // org.keycloak.authentication.authenticators.conditional.ConditionalAuthenticator
    public boolean matchCondition(AuthenticationFlowContext authenticationFlowContext) {
        AuthenticatorConfigModel authenticatorConfig = authenticationFlowContext.getAuthenticatorConfig();
        if (authenticatorConfig == null || authenticatorConfig.getConfig() == null) {
            logger.warnf("No configuration defined for the conditional flow executed. Nothing executed.", new Object[0]);
            return false;
        }
        String str = (String) authenticatorConfig.getConfig().get(ConditionalSubFlowExecutedAuthenticatorFactory.FLOW_TO_CHECK);
        boolean z = !ConditionalSubFlowExecutedAuthenticatorFactory.CHECK_RESULT_NOT_EXECUTED.equals(authenticatorConfig.getConfig().get(ConditionalSubFlowExecutedAuthenticatorFactory.CHECK_RESULT));
        if (str == null) {
            logger.warnf("No flow configured in the option '%s'. Nothing executed.", ConditionalSubFlowExecutedAuthenticatorFactory.FLOW_TO_CHECK);
            return !z;
        }
        RealmModel realm = authenticationFlowContext.getRealm();
        AuthenticationFlowModel flowByAlias = realm.getFlowByAlias(str);
        if (flowByAlias == null) {
            logger.warnf("No flow '%s' defined in the realm. Nothing executed.", str);
            return !z;
        }
        AuthenticationExecutionModel locateExecutionFlowToCheck = locateExecutionFlowToCheck(realm, authenticationFlowContext.getTopLevelFlow().getId(), flowByAlias.getId());
        if (locateExecutionFlowToCheck == null) {
            logger.warnf("Cannot locate execution for flow '%s' in the top level flow '%s'. Nothing executed.", str, authenticationFlowContext.getTopLevelFlow().getAlias());
            return !z;
        }
        CommonClientSessionModel.ExecutionStatus executionStatus = (CommonClientSessionModel.ExecutionStatus) authenticationFlowContext.getAuthenticationSession().getExecutionStatus().get(locateExecutionFlowToCheck.getId());
        logger.tracef("The authentication status for the flow '%s' is %s", str, executionStatus);
        return z ? CommonClientSessionModel.ExecutionStatus.SUCCESS.equals(executionStatus) : !CommonClientSessionModel.ExecutionStatus.SUCCESS.equals(executionStatus);
    }

    public void action(AuthenticationFlowContext authenticationFlowContext) {
    }

    public boolean requiresUser() {
        return false;
    }

    public void setRequiredActions(KeycloakSession keycloakSession, RealmModel realmModel, UserModel userModel) {
    }

    public void close() {
    }

    private Stream<AuthenticationExecutionModel> flattened(RealmModel realmModel, AuthenticationExecutionModel authenticationExecutionModel) {
        return Stream.concat(Stream.of(authenticationExecutionModel), realmModel.getAuthenticationExecutionsStream(authenticationExecutionModel.getFlowId()).filter((v0) -> {
            return v0.isAuthenticatorFlow();
        }).flatMap(authenticationExecutionModel2 -> {
            return flattened(realmModel, authenticationExecutionModel2);
        }));
    }

    private AuthenticationExecutionModel locateExecutionFlowToCheck(RealmModel realmModel, String str, String str2) {
        return (AuthenticationExecutionModel) realmModel.getAuthenticationExecutionsStream(str).filter((v0) -> {
            return v0.isAuthenticatorFlow();
        }).flatMap(authenticationExecutionModel -> {
            return flattened(realmModel, authenticationExecutionModel);
        }).filter(authenticationExecutionModel2 -> {
            return str2.equals(authenticationExecutionModel2.getFlowId());
        }).findAny().orElse(null);
    }
}
