package io.gravitee.am.gateway.handler.common.vertx.web.handler.impl.internal;

import io.gravitee.am.common.factor.FactorType;
import io.gravitee.am.gateway.handler.common.factor.FactorManager;
import io.gravitee.am.gateway.handler.common.vertx.web.auth.user.User;
import io.gravitee.am.model.Domain;
import io.gravitee.am.model.ReferenceType;
import io.gravitee.am.model.login.LoginSettings;
import io.gravitee.am.model.oidc.Client;
import io.gravitee.am.service.CredentialService;
import io.vertx.core.Handler;
import io.vertx.rxjava3.ext.web.RoutingContext;
import io.vertx.rxjava3.ext.web.Session;

/* loaded from: input_file:io/gravitee/am/gateway/handler/common/vertx/web/handler/impl/internal/WebAuthnRegisterStep.class */
public class WebAuthnRegisterStep extends AuthenticationFlowStep {
    private final Domain domain;
    private final FactorManager factorManager;
    private final CredentialService credentialService;

    public WebAuthnRegisterStep(Domain domain, Handler<RoutingContext> handler, FactorManager factorManager, CredentialService credentialService) {
        super(handler);
        this.domain = domain;
        this.factorManager = factorManager;
        this.credentialService = credentialService;
    }

    @Override // io.gravitee.am.gateway.handler.common.vertx.web.handler.impl.internal.AuthenticationFlowStep
    public void execute(RoutingContext routingContext, AuthenticationFlowChain authenticationFlowChain) {
        if (isEnrollingFido2Factor(routingContext)) {
            this.credentialService.findByUserId(ReferenceType.DOMAIN, this.domain.getId(), ((User) routingContext.user().getDelegate()).getUser().getId()).toList().subscribe(list -> {
                if (list.isEmpty()) {
                    authenticationFlowChain.exit(this);
                } else {
                    authenticationFlowChain.doNext(routingContext);
                }
            });
            return;
        }
        Client client = (Client) routingContext.get("client");
        Session session = routingContext.session();
        LoginSettings loginSettings = LoginSettings.getInstance(this.domain, client);
        if (loginSettings == null || !loginSettings.isPasswordlessEnabled()) {
            authenticationFlowChain.doNext(routingContext);
            return;
        }
        if (Boolean.TRUE.equals(session.get("passwordlessAuthCompleted"))) {
            authenticationFlowChain.doNext(routingContext);
        } else if (Boolean.TRUE.equals(session.get("webAuthnRegistrationSkipped"))) {
            authenticationFlowChain.doNext(routingContext);
        } else {
            authenticationFlowChain.exit(this);
        }
    }

    private boolean isEnrollingFido2Factor(RoutingContext routingContext) {
        String str = (String) routingContext.session().get("enrolledFactorId");
        if (str != null) {
            return this.factorManager.getFactor(str).is(FactorType.FIDO2);
        }
        return false;
    }
}
