package io.gravitee.am.factor.sms.provider;

import com.google.i18n.phonenumbers.NumberParseException;
import com.google.i18n.phonenumbers.PhoneNumberUtil;
import com.google.i18n.phonenumbers.Phonenumber;
import io.gravitee.am.factor.api.Enrollment;
import io.gravitee.am.factor.api.FactorContext;
import io.gravitee.am.factor.api.OTPFactorProvider;
import io.gravitee.am.factor.sms.SMSFactorConfiguration;
import io.gravitee.am.factor.utils.SharedSecret;
import io.gravitee.am.gateway.handler.manager.resource.ResourceManager;
import io.gravitee.am.gateway.handler.root.service.user.UserService;
import io.gravitee.am.identityprovider.api.DefaultUser;
import io.gravitee.am.model.factor.EnrolledFactor;
import io.gravitee.am.model.factor.EnrolledFactorChannel;
import io.gravitee.am.repository.exceptions.TechnicalException;
import io.gravitee.am.resource.api.Message;
import io.gravitee.am.resource.api.MessageResourceProvider;
import io.gravitee.am.resource.api.mfa.MFAChallenge;
import io.gravitee.am.resource.api.mfa.MFALink;
import io.gravitee.am.resource.api.mfa.MFAResourceProvider;
import io.gravitee.am.resource.api.mfa.MFAType;
import io.reactivex.rxjava3.core.Completable;
import io.reactivex.rxjava3.core.Single;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.time.Instant;
import java.util.Iterator;
import java.util.Locale;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;

/* loaded from: input_file:io/gravitee/am/factor/sms/provider/SMSFactorProvider.class */
public class SMSFactorProvider extends OTPFactorProvider {
    private static final Logger logger = LoggerFactory.getLogger(SMSFactorProvider.class);

    @Autowired
    private SMSFactorConfiguration configuration;

    public Completable verify(FactorContext factorContext) {
        String str = (String) factorContext.getData("code", String.class);
        EnrolledFactor enrolledFactor = (EnrolledFactor) factorContext.getData("enrolledFactor", EnrolledFactor.class);
        MFAResourceProvider resourceProvider = ((ResourceManager) factorContext.getComponent(ResourceManager.class)).getResourceProvider(this.configuration.getGraviteeResource());
        return resourceProvider instanceof MFAResourceProvider ? resourceProvider.verify(new MFAChallenge(enrolledFactor.getChannel().getTarget(), str, factorContext)) : resourceProvider instanceof MessageResourceProvider ? verifyOTP(enrolledFactor, this.configuration.getReturnDigits(), str) : Completable.error(new TechnicalException("Resource referenced can't be used for MultiFactor Authentication  with type SMS"));
    }

    public Single<Enrollment> enroll(FactorContext factorContext) {
        return Single.defer(() -> {
            Enrollment enrollment = new Enrollment(this.configuration.countries());
            if (!isMFAResourceProvider(factorContext)) {
                enrollment.setKey(SharedSecret.generate());
            }
            return Single.just(enrollment);
        });
    }

    public boolean needChallengeSending() {
        return true;
    }

    public Completable sendChallenge(FactorContext factorContext) {
        EnrolledFactor enrolledFactor = (EnrolledFactor) factorContext.getData("enrolledFactor", EnrolledFactor.class);
        MFAResourceProvider resourceProvider = ((ResourceManager) factorContext.getComponent(ResourceManager.class)).getResourceProvider(this.configuration.getGraviteeResource());
        UserService userService = (UserService) factorContext.getComponent(UserService.class);
        if (resourceProvider instanceof MFAResourceProvider) {
            return resourceProvider.send(new MFALink(MFAType.SMS, enrolledFactor.getChannel().getTarget(), factorContext));
        }
        if (!(resourceProvider instanceof MessageResourceProvider)) {
            return Completable.error(new TechnicalException("Resource referenced can't be used for MultiFactor Authentication with type SMS"));
        }
        try {
            if (enrolledFactor.getSecurity() != null && enrolledFactor.getSecurity().getData("EXPIRATION_EPOCH", Long.class) != null && Instant.now().isAfter(Instant.ofEpochMilli(((Long) enrolledFactor.getSecurity().getData("EXPIRATION_EPOCH", Long.class)).longValue()))) {
                incrementMovingFactor(enrolledFactor);
            }
            factorContext.getTemplateValues().put("code", generateOTP(enrolledFactor, this.configuration.getReturnDigits()));
            Message message = new Message();
            message.setTarget(enrolledFactor.getChannel().getTarget());
            message.setContent((String) factorContext.getTemplateEngine().getValue(this.configuration.getMessageBody(), String.class));
            return ((MessageResourceProvider) resourceProvider).sendMessage(message).andThen(Single.defer(() -> {
                enrolledFactor.getSecurity().putData("EXPIRATION_EPOCH", Long.valueOf(Instant.now().plusSeconds(this.configuration.getExpiresAfter()).toEpochMilli()));
                return userService.addFactor(factorContext.getUser().getId(), enrolledFactor, new DefaultUser(factorContext.getUser()));
            })).ignoreElement();
        } catch (InvalidKeyException | NoSuchAlgorithmException e) {
            logger.error("Code generation fails", e);
            return Completable.error(new TechnicalException("Code can't be sent"));
        } catch (Exception e2) {
            logger.error("SMS templating fails", e2);
            return Completable.error(new TechnicalException("SMS can't be sent"));
        }
    }

    public boolean useVariableFactorSecurity(FactorContext factorContext) {
        return !isMFAResourceProvider(factorContext);
    }

    public boolean checkSecurityFactor(EnrolledFactor enrolledFactor) {
        boolean z = false;
        if (enrolledFactor != null) {
            EnrolledFactorChannel channel = enrolledFactor.getChannel();
            if (channel == null || channel.getTarget() == null) {
                logger.warn("No phone number in form");
            } else {
                PhoneNumberUtil phoneNumberUtil = PhoneNumberUtil.getInstance();
                try {
                    Phonenumber.PhoneNumber parse = phoneNumberUtil.parse(channel.getTarget(), Phonenumber.PhoneNumber.CountryCodeSource.UNSPECIFIED.name());
                    Iterator<String> it = this.configuration.countries().iterator();
                    while (true) {
                        if (!it.hasNext()) {
                            break;
                        }
                        if (phoneNumberUtil.isValidNumberForRegion(parse, it.next().toUpperCase(Locale.ROOT))) {
                            z = true;
                            break;
                        }
                    }
                    if (!z) {
                        logger.warn("Invalid phone number");
                    }
                } catch (NumberParseException e) {
                    logger.warn("Invalid phone number", e);
                }
            }
        }
        return z;
    }

    private boolean isMFAResourceProvider(FactorContext factorContext) {
        return ((ResourceManager) factorContext.getComponent(ResourceManager.class)).getResourceProvider(this.configuration.getGraviteeResource()) instanceof MFAResourceProvider;
    }
}
