package org.wso2.carbon.identity.application.authenticator.totp.services;

import java.util.HashMap;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.core.util.CryptoException;
import org.wso2.carbon.identity.application.authentication.framework.context.AuthenticationContext;
import org.wso2.carbon.identity.application.authentication.framework.exception.AuthenticationFailedException;
import org.wso2.carbon.identity.application.authenticator.totp.TOTPAuthenticatorConstants;
import org.wso2.carbon.identity.application.authenticator.totp.TOTPKeyGenerator;
import org.wso2.carbon.identity.application.authenticator.totp.exception.TOTPException;
import org.wso2.carbon.identity.application.authenticator.totp.util.TOTPAuthenticatorConfig;
import org.wso2.carbon.identity.application.authenticator.totp.util.TOTPAuthenticatorCredentials;
import org.wso2.carbon.identity.application.authenticator.totp.util.TOTPKeyRepresentation;
import org.wso2.carbon.identity.application.authenticator.totp.util.TOTPUtil;
import org.wso2.carbon.user.api.UserRealm;
import org.wso2.carbon.user.api.UserStoreException;
import org.wso2.carbon.utils.multitenancy.MultitenantUtils;

/* loaded from: input_file:org/wso2/carbon/identity/application/authenticator/totp/services/TOTPAdminService.class */
public class TOTPAdminService {
    private static final Log log = LogFactory.getLog(TOTPAdminService.class);

    public String initTOTP(String str, AuthenticationContext authenticationContext) throws TOTPException {
        return TOTPKeyGenerator.addTOTPClaimsAndRetrievingQRCodeURL(TOTPKeyGenerator.generateClaims(str, false, authenticationContext), str, authenticationContext);
    }

    public boolean resetTOTP(String str) throws TOTPException, AuthenticationFailedException {
        return TOTPKeyGenerator.resetLocal(str);
    }

    public String refreshSecretKey(String str, AuthenticationContext authenticationContext) throws TOTPException {
        return TOTPKeyGenerator.addTOTPClaimsAndRetrievingQRCodeURL(TOTPKeyGenerator.generateClaims(str, true, authenticationContext), str, authenticationContext);
    }

    public String retrieveSecretKey(String str, AuthenticationContext authenticationContext) throws TOTPException {
        String str2 = null;
        HashMap hashMap = new HashMap();
        try {
            UserRealm userRealm = TOTPUtil.getUserRealm(str);
            String tenantDomain = MultitenantUtils.getTenantDomain(str);
            String tenantAwareUsername = MultitenantUtils.getTenantAwareUsername(str);
            if (userRealm != null) {
                String str3 = (String) userRealm.getUserStoreManager().getUserClaimValues(tenantAwareUsername, new String[]{TOTPAuthenticatorConstants.SECRET_KEY_CLAIM_URL}, (String) null).get(TOTPAuthenticatorConstants.SECRET_KEY_CLAIM_URL);
                if (StringUtils.isEmpty(str3)) {
                    str2 = TOTPKeyGenerator.generateKey(tenantDomain, authenticationContext).getKey();
                    String encodingMethod = authenticationContext == null ? TOTPUtil.getEncodingMethod(tenantDomain) : TOTPUtil.getEncodingMethod(tenantDomain, authenticationContext);
                    hashMap.put(TOTPAuthenticatorConstants.SECRET_KEY_CLAIM_URL, TOTPUtil.encrypt(str2));
                    hashMap.put(TOTPAuthenticatorConstants.ENCODING_CLAIM_URL, encodingMethod);
                    TOTPKeyGenerator.addTOTPClaimsAndRetrievingQRCodeURL(hashMap, str, authenticationContext);
                } else {
                    str2 = TOTPUtil.decrypt(str3);
                }
            }
            return str2;
        } catch (AuthenticationFailedException e) {
            throw new TOTPException("TOTPAdminService cannot find the property value for encoding method", e);
        } catch (CryptoException e2) {
            throw new TOTPException("TOTPAdminService failed while decrypt the stored SecretKey ", e2);
        } catch (UserStoreException e3) {
            throw new TOTPException("TOTPAdminService failed while trying to get the user store manager from user realm of the user : " + ((String) null), e3);
        }
    }

    public boolean validateTOTP(String str, AuthenticationContext authenticationContext, int i) throws TOTPException {
        TOTPKeyRepresentation tOTPKeyRepresentation = TOTPKeyRepresentation.BASE32;
        String tenantDomain = MultitenantUtils.getTenantDomain(str);
        try {
            if (TOTPAuthenticatorConstants.BASE64.equals(authenticationContext == null ? TOTPUtil.getEncodingMethod(tenantDomain) : TOTPUtil.getEncodingMethod(tenantDomain, authenticationContext))) {
                tOTPKeyRepresentation = TOTPKeyRepresentation.BASE64;
            }
            TOTPAuthenticatorCredentials tOTPAuthenticatorCredentials = new TOTPAuthenticatorCredentials(new TOTPAuthenticatorConfig.TOTPAuthenticatorConfigBuilder().setKeyRepresentation(tOTPKeyRepresentation).build());
            String retrieveSecretKey = retrieveSecretKey(str, authenticationContext);
            if (log.isDebugEnabled()) {
                log.debug("Validating TOTP verification code for the user: " + str);
            }
            return tOTPAuthenticatorCredentials.authorize(retrieveSecretKey, i);
        } catch (AuthenticationFailedException e) {
            throw new TOTPException("TOTPTokenVerifier cannot find the property value for encodingMethod.", e);
        }
    }
}
