package pl.edu.icm.unity.stdext.credential;

import com.fasterxml.jackson.databind.node.ObjectNode;
import java.time.Duration;
import java.time.LocalDateTime;
import java.time.temporal.TemporalAmount;
import java.util.HashMap;
import java.util.Locale;
import org.apache.logging.log4j.Logger;
import pl.edu.icm.unity.JsonUtil;
import pl.edu.icm.unity.base.utils.Log;
import pl.edu.icm.unity.engine.api.authn.AuthenticationSubject;
import pl.edu.icm.unity.engine.api.authn.CredentialReset;
import pl.edu.icm.unity.engine.api.authn.EntityWithCredential;
import pl.edu.icm.unity.engine.api.authn.local.CredentialHelper;
import pl.edu.icm.unity.engine.api.authn.local.LocalCredentialVerificator;
import pl.edu.icm.unity.engine.api.identity.IdentityResolver;
import pl.edu.icm.unity.engine.api.msg.LocaleHelper;
import pl.edu.icm.unity.engine.api.notification.NotificationProducer;
import pl.edu.icm.unity.engine.api.utils.CodeGenerator;
import pl.edu.icm.unity.exceptions.EngineException;
import pl.edu.icm.unity.exceptions.IllegalIdentityValueException;
import pl.edu.icm.unity.exceptions.TooManyAttempts;
import pl.edu.icm.unity.exceptions.WrongArgumentException;
import pl.edu.icm.unity.types.basic.EntityParam;

/* loaded from: input_file:pl/edu/icm/unity/stdext/credential/CredentialResetBase.class */
public abstract class CredentialResetBase implements CredentialReset {
    protected static final int MAX_ANSWER_ATTEMPTS = 2;
    private static final int MAX_RESENDS = 3;
    private Duration maxCodeValidity;
    private NotificationProducer notificationProducer;
    private IdentityResolver identityResolver;
    private CredentialHelper credentialHelper;
    private LocalCredentialVerificator localCredentialHandler;
    protected EntityWithCredential resolved;
    private String credentialId;
    private ObjectNode completeCredentialConfiguration;
    private String codeSent;
    private LocalDateTime codeValidityEnd;
    private int dynamicAnswerAttempts = 0;
    private int codeSendingAttempts = 0;
    private AuthenticationSubject requestedSubject;
    private static final Logger log = Log.getLogger("unity.server.authn", CredentialResetBase.class);
    public static final Duration DEFAULT_MAX_CODE_VALIDITY = Duration.ofMinutes(30);

    public CredentialResetBase(NotificationProducer notificationProducer, IdentityResolver identityResolver, LocalCredentialVerificator localCredentialVerificator, CredentialHelper credentialHelper, String str, ObjectNode objectNode, Duration duration) {
        this.notificationProducer = notificationProducer;
        this.credentialHelper = credentialHelper;
        this.identityResolver = identityResolver;
        this.credentialId = str;
        this.localCredentialHandler = localCredentialVerificator;
        this.completeCredentialConfiguration = objectNode;
        this.maxCodeValidity = duration;
    }

    public void setSubject(AuthenticationSubject authenticationSubject, String[] strArr) {
        this.requestedSubject = authenticationSubject;
        try {
            this.resolved = this.identityResolver.resolveSubject(authenticationSubject, strArr, this.credentialId);
        } catch (IllegalIdentityValueException e) {
        } catch (Exception e2) {
            log.error("Exception when trying to resolve identity", e2);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean checkSubject() {
        return (this.resolved == null || this.resolved.getCredentialValue() == null) ? false : true;
    }

    public Long getEntityId() {
        return Long.valueOf(this.resolved.getEntityId());
    }

    public String getSettings() {
        return getCredentialSettings();
    }

    protected abstract String getCredentialSettings();

    /* JADX INFO: Access modifiers changed from: protected */
    public AuthenticationSubject getRequestedSubject() {
        return this.requestedSubject;
    }

    public String getSecurityQuestion() {
        return null;
    }

    public void verifyStaticData(String str) throws WrongArgumentException, IllegalIdentityValueException, TooManyAttempts {
    }

    private void createCode(boolean z) {
        int codeLength = getCodeLength();
        if (z) {
            this.codeSent = CodeGenerator.generateNumberCode(codeLength);
        } else {
            this.codeSent = CodeGenerator.generateMixedCharCode(codeLength);
        }
        this.codeValidityEnd = LocalDateTime.now().plus((TemporalAmount) this.maxCodeValidity);
    }

    protected abstract int getCodeLength();

    public void sendCode(String str, boolean z) throws EngineException {
        if (!checkSubject()) {
            throw new IllegalIdentityValueException("Identity was not resolved or has no credential set");
        }
        if (this.codeSendingAttempts >= MAX_RESENDS) {
            throw new TooManyAttempts();
        }
        this.codeSendingAttempts++;
        if (this.codeSent == null) {
            createCode(z);
        }
        String displayedUserName = this.identityResolver.getDisplayedUserName(new EntityParam(Long.valueOf(this.resolved.getEntityId())));
        HashMap hashMap = new HashMap();
        hashMap.put("code", this.codeSent);
        hashMap.put("user", displayedUserName);
        Locale locale = LocaleHelper.getLocale((Locale) null);
        this.notificationProducer.sendNotification(new EntityParam(Long.valueOf(this.resolved.getEntityId())), str, hashMap, locale == null ? null : locale.toString(), displayedUserName, true);
    }

    public String getSentCode() {
        return this.codeSent;
    }

    public void verifyDynamicData(String str) throws WrongArgumentException, TooManyAttempts {
        if (this.dynamicAnswerAttempts >= MAX_ANSWER_ATTEMPTS) {
            throw new TooManyAttempts();
        }
        this.dynamicAnswerAttempts++;
        if (LocalDateTime.now().isAfter(this.codeValidityEnd)) {
            throw new TooManyAttempts();
        }
        if (this.codeSent == null || !this.codeSent.equals(str)) {
            throw new WrongArgumentException("The code is invalid");
        }
        this.dynamicAnswerAttempts = 0;
        this.codeSendingAttempts = 0;
        this.codeSent = null;
    }

    public String getCredentialConfiguration() {
        return JsonUtil.toJsonString(this.completeCredentialConfiguration);
    }

    public void updateCredential(String str) throws EngineException {
        if (!checkSubject()) {
            throw new IllegalStateException("Identity was not resolved.");
        }
        this.credentialHelper.setCredential(this.resolved.getEntityId(), this.credentialId, str, this.localCredentialHandler);
    }
}
