package pl.edu.icm.unity.stdext.credential.sms;

import java.util.HashMap;
import java.util.Locale;
import org.apache.logging.log4j.Logger;
import org.springframework.beans.factory.ObjectFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import pl.edu.icm.unity.JsonUtil;
import pl.edu.icm.unity.base.utils.Log;
import pl.edu.icm.unity.engine.api.authn.AuthenticatedEntity;
import pl.edu.icm.unity.engine.api.authn.AuthenticationResult;
import pl.edu.icm.unity.engine.api.authn.AuthenticationSubject;
import pl.edu.icm.unity.engine.api.authn.EntityWithCredential;
import pl.edu.icm.unity.engine.api.authn.LocalAuthenticationResult;
import pl.edu.icm.unity.engine.api.authn.local.AbstractLocalCredentialVerificatorFactory;
import pl.edu.icm.unity.engine.api.authn.local.AbstractLocalVerificator;
import pl.edu.icm.unity.engine.api.authn.local.CredentialHelper;
import pl.edu.icm.unity.engine.api.confirmation.SMSCode;
import pl.edu.icm.unity.engine.api.msg.LocaleHelper;
import pl.edu.icm.unity.engine.api.notification.NotificationProducer;
import pl.edu.icm.unity.engine.api.utils.CodeGenerator;
import pl.edu.icm.unity.engine.api.utils.PrototypeComponent;
import pl.edu.icm.unity.exceptions.EngineException;
import pl.edu.icm.unity.exceptions.IllegalCredentialException;
import pl.edu.icm.unity.exceptions.InternalException;
import pl.edu.icm.unity.stdext.identity.EmailIdentity;
import pl.edu.icm.unity.stdext.identity.UsernameIdentity;
import pl.edu.icm.unity.types.authn.CredentialPublicInformation;
import pl.edu.icm.unity.types.authn.LocalCredentialState;
import pl.edu.icm.unity.types.basic.EntityParam;

@PrototypeComponent
/* loaded from: input_file:pl/edu/icm/unity/stdext/credential/sms/SMSVerificator.class */
public class SMSVerificator extends AbstractLocalVerificator implements SMSExchange {
    public static final String NAME = "sms";
    public static final String DESC = "Verifies sms";
    private SMSCredential credential;
    private NotificationProducer notificationProducer;
    private CredentialHelper credentialHelper;
    private AuthnSMSCounter smslimitCache;
    private static final Logger log = Log.getLogger("unity.server.authn", SMSVerificator.class);
    public static final String[] IDENTITY_TYPES = {UsernameIdentity.ID, EmailIdentity.ID};

    @Component
    /* loaded from: input_file:pl/edu/icm/unity/stdext/credential/sms/SMSVerificator$Factory.class */
    public static class Factory extends AbstractLocalCredentialVerificatorFactory {
        @Autowired
        public Factory(ObjectFactory<SMSVerificator> objectFactory) {
            super(SMSVerificator.NAME, SMSVerificator.DESC, false, objectFactory);
        }
    }

    @Autowired
    public SMSVerificator(NotificationProducer notificationProducer, CredentialHelper credentialHelper, AuthnSMSCounter authnSMSCounter) {
        super(NAME, DESC, SMSExchange.ID, true);
        this.credential = new SMSCredential();
        this.notificationProducer = notificationProducer;
        this.credentialHelper = credentialHelper;
        this.smslimitCache = authnSMSCounter;
    }

    public String prepareCredential(String str, String str2, boolean z) throws IllegalCredentialException, InternalException {
        return SMSCredentialDBState.toJson(this.credential, str, System.currentTimeMillis());
    }

    public CredentialPublicInformation checkCredentialState(String str) throws InternalException {
        SMSCredentialDBState fromJson = SMSCredentialDBState.fromJson(str);
        if (fromJson.getValue() == null || fromJson.getValue().isEmpty()) {
            return new CredentialPublicInformation(LocalCredentialState.notSet, "");
        }
        return new CredentialPublicInformation(LocalCredentialState.correct, new SMSCredentialExtraInfo(fromJson.getTime(), fromJson.getValue()).toJson());
    }

    public String invalidate(String str) {
        throw new IllegalStateException("This credential doesn't support invalidation");
    }

    public String getSerializedConfiguration() throws InternalException {
        return JsonUtil.serialize(this.credential.getSerializedConfiguration());
    }

    public void setSerializedConfiguration(String str) throws InternalException {
        this.credential.setSerializedConfiguration(JsonUtil.parse(str));
    }

    @Override // pl.edu.icm.unity.stdext.credential.sms.SMSExchange
    public SMSCode sendCode(AuthenticationSubject authenticationSubject, boolean z) throws EngineException {
        if (isAuthSMSLimitExceeded(authenticationSubject)) {
            if (!z) {
                log.warn("Authn sms limit to the user " + authenticationSubject + " is exceeded, skipping send authn sms");
                return null;
            }
            log.warn("Forcing sending authn sms code to the user " + authenticationSubject + ", but authn sms limit is exceeded");
        }
        this.smslimitCache.incValue(authenticationSubject);
        try {
            EntityWithCredential resolveSubject = this.identityResolver.resolveSubject(authenticationSubject, IDENTITY_TYPES, this.credentialName);
            String credentialValue = resolveSubject.getCredentialValue();
            if (credentialValue == null) {
                log.info("The user {} does not have {} credential defined, skipping sending authentication code", authenticationSubject, this.credentialName);
                return null;
            }
            SMSCredentialDBState fromJson = SMSCredentialDBState.fromJson(credentialValue);
            String generateNumberCode = CodeGenerator.generateNumberCode(this.credential.getCodeLength());
            HashMap hashMap = new HashMap();
            hashMap.put("code", generateNumberCode);
            hashMap.put("user", this.identityResolver.getDisplayedUserName(new EntityParam(Long.valueOf(resolveSubject.getEntityId()))));
            Locale locale = LocaleHelper.getLocale((Locale) null);
            this.notificationProducer.sendNotification(fromJson.getValue(), this.credential.getMessageTemplate(), hashMap, locale == null ? null : locale.toString());
            return new SMSCode(System.currentTimeMillis() + (this.credential.getValidityTime() * 60 * 1000), generateNumberCode, fromJson.getValue());
        } catch (Exception e) {
            log.info("The user for sms authN can not be found: " + authenticationSubject, e);
            return null;
        }
    }

    @Override // pl.edu.icm.unity.stdext.credential.sms.SMSExchange
    public AuthenticationResult verifyCode(SMSCode sMSCode, String str, AuthenticationSubject authenticationSubject) {
        return verifyCodeInternal(sMSCode, str, authenticationSubject);
    }

    private AuthenticationResult verifyCodeInternal(SMSCode sMSCode, String str, AuthenticationSubject authenticationSubject) {
        if (sMSCode == null) {
            return getGenericError();
        }
        try {
            EntityWithCredential resolveSubject = this.identityResolver.resolveSubject(authenticationSubject, IDENTITY_TYPES, this.credentialName);
            if (System.currentTimeMillis() > sMSCode.getValidTo()) {
                log.info("SMS code provided by " + authenticationSubject + " is invalid");
                return getGenericError();
            }
            if (str == null || !sMSCode.getValue().equals(str)) {
                log.info("SMS code provided by " + authenticationSubject + " is incorrect");
                return getGenericError();
            }
            AuthenticatedEntity authenticatedEntity = new AuthenticatedEntity(Long.valueOf(resolveSubject.getEntityId()), authenticationSubject, (String) null);
            this.smslimitCache.reset(authenticationSubject);
            return LocalAuthenticationResult.successful(authenticatedEntity);
        } catch (Exception e) {
            log.info("The user for sms authN can not be found: " + authenticationSubject, e);
            return getGenericError();
        }
    }

    private static AuthenticationResult getGenericError() {
        return LocalAuthenticationResult.failed(new AuthenticationResult.ResolvableError("WebSMSRetrieval.wrongCode", new Object[0]));
    }

    @Override // pl.edu.icm.unity.stdext.credential.sms.SMSExchange
    public SMSCredentialResetImpl getSMSCredentialResetBackend() {
        return new SMSCredentialResetImpl(this.notificationProducer, this.identityResolver, this, this.credentialHelper, this.credentialName, this.credential.getSerializedConfiguration(), this.credential.getRecoverySettings());
    }

    @Override // pl.edu.icm.unity.stdext.credential.sms.SMSExchange
    public boolean isAuthSMSLimitExceeded(AuthenticationSubject authenticationSubject) {
        return this.smslimitCache.getValue(authenticationSubject) >= this.credential.getAuthnSMSLimit();
    }

    public boolean isCredentialSet(EntityParam entityParam) throws EngineException {
        return this.credentialHelper.isCredentialSet(entityParam, this.credentialName);
    }

    public boolean isCredentialDefinitionChagneOutdatingCredentials(String str) {
        return false;
    }
}
