package org.molgenis.security.twofactor.service;

import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import org.jboss.aerogear.security.otp.Totp;
import org.molgenis.security.core.utils.SecurityUtils;
import org.molgenis.security.twofactor.exceptions.InvalidVerificationCodeException;
import org.molgenis.settings.AppSettings;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Service;
import org.springframework.util.StringUtils;

@Service
/* loaded from: input_file:org/molgenis/security/twofactor/service/OtpServiceImpl.class */
public class OtpServiceImpl implements OtpService {
    private static final Logger LOG = LoggerFactory.getLogger(OtpServiceImpl.class);
    private final AppSettings appSettings;

    public OtpServiceImpl(AppSettings appSettings) {
        this.appSettings = appSettings;
    }

    @Override // org.molgenis.security.twofactor.service.OtpService
    public boolean tryVerificationCode(String str, String str2) {
        if (!StringUtils.hasText(str2)) {
            throw new InvalidVerificationCodeException("Two factor authentication secret key is not available");
        }
        if (str == null) {
            throw new InvalidVerificationCodeException("Verificationcode is mandatory");
        }
        Totp totp = new Totp(str2);
        if (isValidLong(str) && totp.verify(str)) {
            return true;
        }
        throw new InvalidVerificationCodeException("Invalid verification code entered");
    }

    @Override // org.molgenis.security.twofactor.service.OtpService
    public String getAuthenticatorURI(String str) {
        String currentUsername = SecurityUtils.getCurrentUsername();
        String title = this.appSettings.getTitle();
        if (currentUsername == null) {
            LOG.error("User is not available");
            throw new IllegalStateException("User is not available");
        }
        try {
            return String.format("otpauth://totp/%s?secret=%s&issuer=%s", URLEncoder.encode(title + ":" + currentUsername, "UTF-8").replace("+", "%20"), URLEncoder.encode(str.replace(" ", "").toUpperCase(), "UTF-8").replace("+", "%20"), URLEncoder.encode(title, "UTF-8").replace("+", "%20"));
        } catch (UnsupportedEncodingException e) {
            throw new IllegalStateException(e);
        }
    }

    private boolean isValidLong(String str) {
        try {
            Long.parseLong(str);
            return true;
        } catch (NumberFormatException e) {
            return false;
        }
    }
}
