package org.keycloak.federation.kerberos;

import java.util.List;
import org.jboss.logging.Logger;
import org.keycloak.Config;
import org.keycloak.common.Profile;
import org.keycloak.component.ComponentModel;
import org.keycloak.federation.kerberos.impl.KerberosServerSubjectAuthenticator;
import org.keycloak.federation.kerberos.impl.KerberosUsernamePasswordAuthenticator;
import org.keycloak.federation.kerberos.impl.SPNEGOAuthenticator;
import org.keycloak.models.AuthenticationExecutionModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.KeycloakSessionFactory;
import org.keycloak.models.RealmModel;
import org.keycloak.provider.EnvironmentDependentProviderFactory;
import org.keycloak.provider.ProviderConfigProperty;
import org.keycloak.provider.ProviderConfigurationBuilder;
import org.keycloak.storage.UserStorageProvider;
import org.keycloak.storage.UserStorageProviderFactory;
import org.keycloak.storage.UserStorageProviderModel;
import org.keycloak.utils.CredentialHelper;

/* loaded from: input_file:org/keycloak/federation/kerberos/KerberosFederationProviderFactory.class */
public class KerberosFederationProviderFactory implements UserStorageProviderFactory<KerberosFederationProvider>, EnvironmentDependentProviderFactory {
    public static final String PROVIDER_NAME = "kerberos";
    private static final Logger logger = Logger.getLogger(KerberosFederationProviderFactory.class);
    protected static final List<ProviderConfigProperty> configProperties = getConfigProps();

    /* renamed from: create, reason: merged with bridge method [inline-methods] and merged with bridge method [inline-methods] */
    public KerberosFederationProvider m3create(KeycloakSession keycloakSession, ComponentModel componentModel) {
        return new KerberosFederationProvider(keycloakSession, new UserStorageProviderModel(componentModel), this);
    }

    public String getId() {
        return PROVIDER_NAME;
    }

    public boolean isSupported() {
        return Profile.isFeatureEnabled(Profile.Feature.KERBEROS);
    }

    private static List<ProviderConfigProperty> getConfigProps() {
        return ProviderConfigurationBuilder.create().property().name("kerberosRealm").label("kerberos-realm").helpText("kerberos-realm.tooltip").type("String").add().property().name("serverPrincipal").label("server-principal").helpText("server-principal.tooltip").type("String").add().property().name("keyTab").label("keytab").helpText("keytab.tooltip").type("String").add().property().name("debug").label("debug").helpText("debug.tooltip").type("boolean").defaultValue("false").add().property().name("allowPasswordAuthentication").label("allow-password-authentication").helpText("allow-password-authentication.tooltip").type("boolean").defaultValue("false").add().property().name("editMode").label("edit-mode").helpText("edit-mode.tooltip").type("List").options(new String[]{UserStorageProvider.EditMode.READ_ONLY.toString(), UserStorageProvider.EditMode.UNSYNCED.toString()}).add().property().name("updateProfileFirstLogin").label("update-profile-first-login").helpText("update-profile-first-login.tooltip").type("boolean").defaultValue("false").add().build();
    }

    public List<ProviderConfigProperty> getConfigProperties() {
        return configProperties;
    }

    public void init(Config.Scope scope) {
    }

    public void postInit(KeycloakSessionFactory keycloakSessionFactory) {
    }

    public void close() {
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public SPNEGOAuthenticator createSPNEGOAuthenticator(String str, CommonKerberosConfig commonKerberosConfig) {
        return new SPNEGOAuthenticator(commonKerberosConfig, createKerberosSubjectAuthenticator(commonKerberosConfig), str);
    }

    protected KerberosServerSubjectAuthenticator createKerberosSubjectAuthenticator(CommonKerberosConfig commonKerberosConfig) {
        return new KerberosServerSubjectAuthenticator(commonKerberosConfig);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public KerberosUsernamePasswordAuthenticator createKerberosUsernamePasswordAuthenticator(CommonKerberosConfig commonKerberosConfig) {
        return new KerberosUsernamePasswordAuthenticator(commonKerberosConfig);
    }

    public void onCreate(KeycloakSession keycloakSession, RealmModel realmModel, ComponentModel componentModel) {
        CredentialHelper.setOrReplaceAuthenticationRequirement(keycloakSession, realmModel, PROVIDER_NAME, AuthenticationExecutionModel.Requirement.ALTERNATIVE, AuthenticationExecutionModel.Requirement.DISABLED);
    }

    public void onUpdate(KeycloakSession keycloakSession, RealmModel realmModel, ComponentModel componentModel, ComponentModel componentModel2) {
        CredentialHelper.setOrReplaceAuthenticationRequirement(keycloakSession, realmModel, PROVIDER_NAME, AuthenticationExecutionModel.Requirement.ALTERNATIVE, AuthenticationExecutionModel.Requirement.DISABLED);
    }

    public void preRemove(KeycloakSession keycloakSession, RealmModel realmModel, ComponentModel componentModel) {
        CredentialHelper.setOrReplaceAuthenticationRequirement(keycloakSession, realmModel, PROVIDER_NAME, AuthenticationExecutionModel.Requirement.DISABLED, (AuthenticationExecutionModel.Requirement) null);
    }
}
