package io.imunity.otp;

import java.net.URISyntaxException;
import java.net.URLEncoder;
import java.nio.charset.StandardCharsets;
import java.security.SecureRandom;
import java.util.Optional;
import org.apache.commons.codec.binary.Base32;
import org.apache.hc.core5.net.URIBuilder;

/* loaded from: input_file:io/imunity/otp/TOTPKeyGenerator.class */
public class TOTPKeyGenerator {
    public static final String SECRET_URI_PARAM = "secret";
    public static final String ISSUER_URI_PARAM = "issuer";
    public static final String ALGORITHM_URI_PARAM = "algorithm";
    public static final String DIGITS_URI_PARAM = "digits";
    public static final String PERIOD_URI_PARAM = "period";
    public static final String IMAGE_URI_PARAM = "image";
    private static final SecureRandom RNG = new SecureRandom();
    private static final Base32 BASE32_ENCODER = new Base32();

    public static String generateTOTPURI(String str, String str2, String str3, OTPGenerationParams oTPGenerationParams, Optional<String> optional) {
        if (str3.contains(":")) {
            throw new IllegalArgumentException("Issuer can not contain colon");
        }
        if (str2.contains(":")) {
            throw new IllegalArgumentException("Label can not contain colon");
        }
        try {
            URIBuilder uRIBuilder = new URIBuilder("otpauth://totp/" + URLEncoder.encode(str3, StandardCharsets.UTF_8).replace("+", "%20") + ":" + URLEncoder.encode(str2, StandardCharsets.UTF_8).replace("+", "%20"));
            uRIBuilder.addParameter(SECRET_URI_PARAM, str);
            uRIBuilder.addParameter(ISSUER_URI_PARAM, str3);
            uRIBuilder.addParameter(ALGORITHM_URI_PARAM, oTPGenerationParams.hashFunction.toString());
            uRIBuilder.addParameter(DIGITS_URI_PARAM, String.valueOf(oTPGenerationParams.codeLength));
            uRIBuilder.addParameter(PERIOD_URI_PARAM, String.valueOf(oTPGenerationParams.timeStepSeconds));
            optional.ifPresent(str4 -> {
                uRIBuilder.addParameter(IMAGE_URI_PARAM, str4);
            });
            return uRIBuilder.build().toASCIIString();
        } catch (URISyntaxException e) {
            throw new IllegalArgumentException("Can not encode OTP URI", e);
        }
    }

    public static String generateRandomBase32EncodedKey(HashFunction hashFunction) {
        byte[] bArr = new byte[hashFunction.bitLength / 8];
        RNG.nextBytes(bArr);
        return BASE32_ENCODER.encodeAsString(bArr);
    }
}
