package hu.icellmobilsoft.coffee.module.totp.impl;

import hu.icellmobilsoft.coffee.cdi.logger.AppLogger;
import hu.icellmobilsoft.coffee.cdi.logger.ThisLogger;
import hu.icellmobilsoft.coffee.dto.exception.BaseException;
import hu.icellmobilsoft.coffee.dto.exception.BusinessException;
import hu.icellmobilsoft.coffee.dto.exception.TechnicalException;
import hu.icellmobilsoft.coffee.dto.exception.enums.CoffeeFaultType;
import hu.icellmobilsoft.coffee.module.totp.TOtpGenerator;
import hu.icellmobilsoft.coffee.module.totp.TOtpVerifier;
import hu.icellmobilsoft.coffee.module.totp.config.TOtpConfig;
import hu.icellmobilsoft.coffee.module.totp.enums.TOtpAlgorithm;
import javax.enterprise.context.Dependent;
import javax.inject.Inject;
import org.apache.commons.lang3.ObjectUtils;
import org.apache.commons.lang3.StringUtils;

@Dependent
/* loaded from: input_file:hu/icellmobilsoft/coffee/module/totp/impl/DefaultTOtpVerifierImpl.class */
public class DefaultTOtpVerifierImpl implements TOtpVerifier {

    @Inject
    @ThisLogger
    private AppLogger log;

    @Inject
    private TOtpConfig otpConfig;

    @Inject
    private TOtpGenerator totpGenerator;
    private static final String LOG_MESSAGE_VERIFICATION_FAILED = "OTP verification failed! client.otp: [{0}], server.otp: [{1}], server.timestamp: [{2}]";
    private static final String LOG_MESSAGE_EXTRA_VERIFICATION_FAILED = "OTP verification failed in extra time window: [{0}]! client.otp: [{1}], server.otp: [{2}], server.timestamp: [{3}]";
    private static final String LOG_MESSAGE_INVALID_PASSWORD = "Invalid password has been given [{0}]";
    private static final String EXCEPTION_MESSAGE_INVALID_PASSWORD = "OTP authentication failed, invalid password";

    @Override // hu.icellmobilsoft.coffee.module.totp.TOtpVerifier
    public void verify(byte[] bArr, String str, long j, TOtpAlgorithm tOtpAlgorithm) throws BaseException {
        if (ObjectUtils.isEmpty(bArr) || StringUtils.isBlank(str) || tOtpAlgorithm == null) {
            throw new TechnicalException(CoffeeFaultType.WRONG_OR_MISSING_PARAMETERS, "otp.verify parameters cannot be null or empty");
        }
        String generatePassword = this.totpGenerator.generatePassword(bArr, j, str.length(), tOtpAlgorithm);
        if (StringUtils.equals(generatePassword, str)) {
            return;
        }
        this.log.debug(LOG_MESSAGE_VERIFICATION_FAILED, new Object[]{str, generatePassword, Long.valueOf(j)});
        if (verifyOTPInAdditionalWindow(bArr, j, str, tOtpAlgorithm)) {
            return;
        }
        this.log.debug(LOG_MESSAGE_INVALID_PASSWORD, new Object[]{str});
        throw new BusinessException(CoffeeFaultType.INVALID_ONE_TIME_PASSWORD, EXCEPTION_MESSAGE_INVALID_PASSWORD);
    }

    @Override // hu.icellmobilsoft.coffee.module.totp.TOtpVerifier
    public void verify(byte[] bArr, String str, long j) throws BaseException {
        verify(bArr, str, j, this.otpConfig.getHashAlgorithm());
    }

    @Override // hu.icellmobilsoft.coffee.module.totp.TOtpVerifier
    public boolean verifyOTPInAdditionalWindow(byte[] bArr, long j, String str, TOtpAlgorithm tOtpAlgorithm) throws BaseException {
        for (int i = 0; i < this.otpConfig.getVerifyAdditionalWindowsCount().intValue(); i++) {
            Long valueOf = Long.valueOf(j - ((i + 1) * this.otpConfig.getTimestep().intValue()));
            String generatePassword = this.totpGenerator.generatePassword(bArr, valueOf.longValue(), str.length(), tOtpAlgorithm);
            if (StringUtils.equals(str, generatePassword)) {
                return true;
            }
            this.log.debug(LOG_MESSAGE_EXTRA_VERIFICATION_FAILED, new Object[]{String.valueOf(i + 1), str, generatePassword, valueOf});
            Long valueOf2 = Long.valueOf(j + ((i + 1) * this.otpConfig.getTimestep().intValue()));
            String generatePassword2 = this.totpGenerator.generatePassword(bArr, valueOf2.longValue(), str.length(), tOtpAlgorithm);
            if (StringUtils.equals(str, generatePassword2)) {
                return true;
            }
            this.log.debug(LOG_MESSAGE_EXTRA_VERIFICATION_FAILED, new Object[]{String.valueOf(-(i + 1)), str, generatePassword2, valueOf2});
        }
        return false;
    }
}
