package io.gravitee.am.factor.otp.provider;

import io.gravitee.am.common.exception.mfa.InvalidCodeException;
import io.gravitee.am.factor.api.Enrollment;
import io.gravitee.am.factor.api.FactorContext;
import io.gravitee.am.factor.api.FactorProvider;
import io.gravitee.am.factor.otp.OTPFactorConfiguration;
import io.gravitee.am.factor.otp.utils.QRCode;
import io.gravitee.am.factor.otp.utils.TOTP;
import io.gravitee.am.factor.utils.SharedSecret;
import io.gravitee.am.model.User;
import io.gravitee.am.model.factor.EnrolledFactor;
import io.gravitee.am.model.factor.EnrolledFactorSecurity;
import io.reactivex.rxjava3.core.Completable;
import io.reactivex.rxjava3.core.Maybe;
import io.reactivex.rxjava3.core.Single;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;

/* loaded from: input_file:io/gravitee/am/factor/otp/provider/OTPFactorProvider.class */
public class OTPFactorProvider implements FactorProvider {
    private static final Logger logger = LoggerFactory.getLogger(OTPFactorProvider.class);

    @Autowired
    private OTPFactorConfiguration otpFactorConfiguration;

    public Completable verify(FactorContext factorContext) {
        String str = (String) factorContext.getData("code", String.class);
        EnrolledFactor enrolledFactor = (EnrolledFactor) factorContext.getData("enrolledFactor", EnrolledFactor.class);
        return Completable.create(completableEmitter -> {
            try {
                if (!str.equals(TOTP.generateTOTP(SharedSecret.base32Str2Hex(enrolledFactor.getSecurity().getValue())))) {
                    completableEmitter.onError(new InvalidCodeException("Invalid 2FA Code"));
                }
                completableEmitter.onComplete();
            } catch (Exception e) {
                logger.error("An error occurs while validating 2FA code", e);
                completableEmitter.onError(new InvalidCodeException("Invalid 2FA Code"));
            }
        });
    }

    public Single<Enrollment> enroll(String str) {
        return Single.fromCallable(() -> {
            String generate = SharedSecret.generate();
            return new Enrollment(generate, QRCode.generate(QRCode.generateURI(generate, this.otpFactorConfiguration.getIssuer(), str), 200, 200));
        });
    }

    public boolean needChallengeSending() {
        return false;
    }

    public Completable sendChallenge(FactorContext factorContext) {
        return Completable.complete();
    }

    public boolean checkSecurityFactor(EnrolledFactor enrolledFactor) {
        EnrolledFactorSecurity security;
        boolean z = true;
        if (enrolledFactor != null && ((security = enrolledFactor.getSecurity()) == null || security.getValue() == null)) {
            logger.warn("No shared secret in form - did you forget to include shared secret value ?");
            z = false;
        }
        return z;
    }

    public Maybe<String> generateQrCode(User user, EnrolledFactor enrolledFactor) {
        return Maybe.fromCallable(() -> {
            return QRCode.generate(QRCode.generateURI(enrolledFactor.getSecurity().getValue(), this.otpFactorConfiguration.getIssuer(), user.getUsername()), 200, 200);
        });
    }
}
