package org.wso2.carbon.identity.smsotp.common;

import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper;
import java.io.IOException;
import java.util.HashMap;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.identity.application.authentication.framework.store.SessionDataStore;
import org.wso2.carbon.identity.event.IdentityEventException;
import org.wso2.carbon.identity.event.event.Event;
import org.wso2.carbon.identity.governance.service.notification.NotificationChannels;
import org.wso2.carbon.identity.recovery.internal.IdentityRecoveryServiceDataHolder;
import org.wso2.carbon.identity.smsotp.common.constant.Constants;
import org.wso2.carbon.identity.smsotp.common.dto.FailureReasonDTO;
import org.wso2.carbon.identity.smsotp.common.dto.GenerationResponseDTO;
import org.wso2.carbon.identity.smsotp.common.dto.SessionDTO;
import org.wso2.carbon.identity.smsotp.common.dto.ValidationResponseDTO;
import org.wso2.carbon.identity.smsotp.common.exception.SMSOTPException;
import org.wso2.carbon.identity.smsotp.common.exception.SMSOTPServerException;
import org.wso2.carbon.identity.smsotp.common.internal.SMSOTPServiceDataHolder;
import org.wso2.carbon.identity.smsotp.common.util.OneTimePasswordUtils;
import org.wso2.carbon.identity.smsotp.common.util.Utils;
import org.wso2.carbon.user.api.UserStoreException;
import org.wso2.carbon.user.core.common.User;
import org.wso2.carbon.user.core.constants.UserCoreErrorConstants;

/* loaded from: input_file:org/wso2/carbon/identity/smsotp/common/SMSOTPServiceImpl.class */
public class SMSOTPServiceImpl implements SMSOTPService {
    private static final Log log = LogFactory.getLog(SMSOTPService.class);

    @Override // org.wso2.carbon.identity.smsotp.common.SMSOTPService
    public GenerationResponseDTO generateSMSOTP(String str) throws SMSOTPException {
        if (StringUtils.isBlank(str)) {
            throw Utils.handleClientException(Constants.ErrorMessage.CLIENT_EMPTY_USER_ID, null);
        }
        boolean isTriggerNotification = SMSOTPServiceDataHolder.getConfigs().isTriggerNotification();
        try {
            User userWithID = SMSOTPServiceDataHolder.getInstance().getRealmService().getTenantUserRealm(getTenantId()).getUserStoreManager().getUserWithID(str, isTriggerNotification ? new String[]{NotificationChannels.SMS_CHANNEL.getClaimUri()} : null, "default");
            if (SMSOTPServiceDataHolder.getConfigs().isResendThrottlingEnabled()) {
                shouldThrottle(str);
            }
            String mobileNumber = isTriggerNotification ? getMobileNumber(userWithID) : null;
            if (isTriggerNotification && StringUtils.isBlank(mobileNumber)) {
                throw Utils.handleClientException(Constants.ErrorMessage.CLIENT_BLANK_MOBILE_NUMBER, userWithID.getUserID());
            }
            SessionDTO issueOTP = issueOTP(userWithID);
            GenerationResponseDTO generationResponseDTO = new GenerationResponseDTO();
            if (!isTriggerNotification) {
                generationResponseDTO.setSmsOTP(issueOTP.getOtp());
            }
            generationResponseDTO.setTransactionId(issueOTP.getTransactionId());
            return generationResponseDTO;
        } catch (UserStoreException e) {
            if (UserCoreErrorConstants.ErrorMessages.ERROR_CODE_NON_EXISTING_USER.getCode().equals(e.getErrorCode())) {
                throw Utils.handleClientException(Constants.ErrorMessage.CLIENT_INVALID_USER_ID, str);
            }
            throw Utils.handleServerException(Constants.ErrorMessage.SERVER_USER_STORE_MANAGER_ERROR, String.format("Error while retrieving user for the Id : %s.", str), e);
        }
    }

    @Override // org.wso2.carbon.identity.smsotp.common.SMSOTPService
    public ValidationResponseDTO validateSMSOTP(String str, String str2, String str3) throws SMSOTPException {
        if (StringUtils.isBlank(str) || StringUtils.isBlank(str2) || StringUtils.isBlank(str3)) {
            throw Utils.handleClientException(Constants.ErrorMessage.CLIENT_MANDATORY_VALIDATION_PARAMETERS_EMPTY, StringUtils.isBlank(str) ? "transactionId" : StringUtils.isBlank(str2) ? "userId" : "smsOTP");
        }
        boolean isShowFailureReason = SMSOTPServiceDataHolder.getConfigs().isShowFailureReason();
        String hash = Utils.getHash(str2);
        String str4 = (String) SessionDataStore.getInstance().getSessionData(hash, Constants.SESSION_TYPE_OTP);
        if (StringUtils.isBlank(str4)) {
            if (log.isDebugEnabled()) {
                log.debug(String.format("No OTP session found for the user : %s.", str2));
            }
            return new ValidationResponseDTO(str2, false, isShowFailureReason ? new FailureReasonDTO(Constants.ErrorMessage.CLIENT_NO_OTP_FOR_USER, str2) : null);
        }
        try {
            ValidationResponseDTO isValid = isValid((SessionDTO) new ObjectMapper().readValue(str4, SessionDTO.class), str3, str2, str, isShowFailureReason);
            if (!isValid.isValid()) {
                return isValid;
            }
            SessionDataStore.getInstance().clearSessionData(hash, Constants.SESSION_TYPE_OTP);
            return new ValidationResponseDTO(str2, true);
        } catch (IOException e) {
            throw Utils.handleServerException(Constants.ErrorMessage.SERVER_JSON_SESSION_MAPPER_ERROR, null, e);
        }
    }

    private ValidationResponseDTO isValid(SessionDTO sessionDTO, String str, String str2, String str3, boolean z) {
        if (!StringUtils.equals(str, sessionDTO.getOtp())) {
            if (log.isDebugEnabled()) {
                log.debug(String.format("Invalid OTP provided for the user : %s.", str2));
            }
            return new ValidationResponseDTO(str2, false, z ? new FailureReasonDTO(Constants.ErrorMessage.CLIENT_OTP_VALIDATION_FAILED, str2) : null);
        }
        if (System.currentTimeMillis() > sessionDTO.getExpiryTime()) {
            if (log.isDebugEnabled()) {
                log.debug(String.format("Expired OTP provided for the user : %s.", str2));
            }
            return new ValidationResponseDTO(str2, false, z ? new FailureReasonDTO(Constants.ErrorMessage.CLIENT_EXPIRED_OTP, str2) : null);
        }
        if (StringUtils.equals(str3, sessionDTO.getTransactionId())) {
            return new ValidationResponseDTO(str2, true);
        }
        if (log.isDebugEnabled()) {
            log.debug(String.format("Provided transaction Id doesn't match. User : %s.", str2));
        }
        return new ValidationResponseDTO(str2, false, z ? new FailureReasonDTO(Constants.ErrorMessage.CLIENT_INVALID_TRANSACTION_ID, str3) : null);
    }

    private SessionDTO issueOTP(User user) throws SMSOTPException {
        boolean isTriggerNotification = SMSOTPServiceDataHolder.getConfigs().isTriggerNotification();
        SessionDTO sessionDTO = null;
        if (SMSOTPServiceDataHolder.getConfigs().isResendSameOtp()) {
            sessionDTO = getPreviousValidOTPSession(user);
            if (sessionDTO != null) {
                String hash = Utils.getHash(user.getUserID());
                SessionDataStore.getInstance().clearSessionData(hash, Constants.SESSION_TYPE_OTP);
                sessionDTO.setGeneratedTime(System.currentTimeMillis());
                persistOTPSession(sessionDTO, hash);
            }
        }
        if (sessionDTO == null) {
            sessionDTO = generateNewOTP(user);
        }
        if (isTriggerNotification) {
            triggerNotification(user, sessionDTO.getOtp());
        }
        return sessionDTO;
    }

    private SessionDTO generateNewOTP(User user) throws SMSOTPServerException {
        boolean isAlphaNumericOTP = SMSOTPServiceDataHolder.getConfigs().isAlphaNumericOTP();
        int otpLength = SMSOTPServiceDataHolder.getConfigs().getOtpLength();
        int otpValidityPeriod = SMSOTPServiceDataHolder.getConfigs().getOtpValidityPeriod();
        String createTransactionId = Utils.createTransactionId();
        String generateOTP = OneTimePasswordUtils.generateOTP(createTransactionId, String.valueOf(2), otpLength, isAlphaNumericOTP);
        SessionDTO sessionDTO = new SessionDTO();
        sessionDTO.setOtp(generateOTP);
        sessionDTO.setGeneratedTime(System.currentTimeMillis());
        sessionDTO.setExpiryTime(sessionDTO.getGeneratedTime() + otpValidityPeriod);
        sessionDTO.setTransactionId(createTransactionId);
        sessionDTO.setFullQualifiedUserName(user.getFullQualifiedUsername());
        sessionDTO.setUserId(user.getUserID());
        persistOTPSession(sessionDTO, Utils.getHash(user.getUserID()));
        return sessionDTO;
    }

    private void persistOTPSession(SessionDTO sessionDTO, String str) throws SMSOTPServerException {
        try {
            SessionDataStore.getInstance().storeSessionData(str, Constants.SESSION_TYPE_OTP, new ObjectMapper().writeValueAsString(sessionDTO), getTenantId());
            if (log.isDebugEnabled()) {
                log.debug(String.format("Successfully persisted the OTP for the user Id: %s.", sessionDTO.getUserId()));
            }
        } catch (JsonProcessingException e) {
            throw Utils.handleServerException(Constants.ErrorMessage.SERVER_SESSION_JSON_MAPPER_ERROR, e.getMessage(), e);
        }
    }

    private void triggerNotification(User user, String str) throws SMSOTPException {
        if (log.isDebugEnabled()) {
            log.debug(String.format("Sending SMS OTP notification to user Id: %s.", user.getUserID()));
        }
        HashMap hashMap = new HashMap();
        hashMap.put("user-name", user.getUsername());
        hashMap.put("userstore-domain", user.getUserStoreDomain());
        hashMap.put("tenant-domain", user.getTenantDomain());
        hashMap.put("notification-channel", NotificationChannels.SMS_CHANNEL.getChannelType());
        hashMap.put("TEMPLATE_TYPE", Constants.SMS_OTP_NOTIFICATION_TEMPLATE);
        hashMap.put("send-to", getMobileNumber(user));
        hashMap.put("confirmation-code", str);
        try {
            IdentityRecoveryServiceDataHolder.getInstance().getIdentityEventService().handleEvent(new Event("TRIGGER_SMS_NOTIFICATION", hashMap));
        } catch (IdentityEventException e) {
            throw Utils.handleServerException(Constants.ErrorMessage.SERVER_NOTIFICATION_SENDING_ERROR, user.getUserID(), e);
        }
    }

    private SessionDTO getPreviousValidOTPSession(User user) throws SMSOTPException {
        String str = (String) SessionDataStore.getInstance().getSessionData(Utils.getHash(user.getUserID()), Constants.SESSION_TYPE_OTP);
        if (StringUtils.isBlank(str)) {
            if (!log.isDebugEnabled()) {
                return null;
            }
            log.debug(String.format("No valid sessions found for the user Id: %s.", user.getUserID()));
            return null;
        }
        try {
            SessionDTO sessionDTO = (SessionDTO) new ObjectMapper().readValue(str, SessionDTO.class);
            if (System.currentTimeMillis() - sessionDTO.getGeneratedTime() < ((long) SMSOTPServiceDataHolder.getConfigs().getOtpRenewalInterval())) {
                return sessionDTO;
            }
            return null;
        } catch (IOException e) {
            throw Utils.handleServerException(Constants.ErrorMessage.SERVER_JSON_SESSION_MAPPER_ERROR, null, e);
        }
    }

    private void shouldThrottle(String str) throws SMSOTPException {
        String str2 = (String) SessionDataStore.getInstance().getSessionData(Utils.getHash(str), Constants.SESSION_TYPE_OTP);
        if (StringUtils.isBlank(str2)) {
            return;
        }
        try {
            long currentTimeMillis = System.currentTimeMillis() - ((SessionDTO) new ObjectMapper().readValue(str2, SessionDTO.class)).getGeneratedTime();
            int resendThrottleInterval = SMSOTPServiceDataHolder.getConfigs().getResendThrottleInterval();
            if (currentTimeMillis < resendThrottleInterval) {
                throw Utils.handleClientException(Constants.ErrorMessage.CLIENT_SLOW_DOWN_RESEND, String.valueOf((resendThrottleInterval - currentTimeMillis) / 1000));
            }
        } catch (IOException e) {
            throw Utils.handleServerException(Constants.ErrorMessage.SERVER_JSON_SESSION_MAPPER_ERROR, null, e);
        }
    }

    private String getMobileNumber(User user) {
        return (String) user.getAttributes().get(NotificationChannels.SMS_CHANNEL.getClaimUri());
    }

    private int getTenantId() {
        return PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
    }
}
