package net.interus.keycloak.tokencode.impl;

import java.time.Instant;
import java.util.Date;
import java.util.concurrent.TimeUnit;
import javax.persistence.EntityManager;
import javax.persistence.NoResultException;
import javax.persistence.TemporalType;
import net.interus.keycloak.tokencode.TokenCodeProperties;
import net.interus.keycloak.tokencode.TokenCodeService;
import net.interus.keycloak.tokencode.TokenCodeType;
import net.interus.keycloak.tokencode.delegation.SendingDelegator;
import net.interus.keycloak.tokencode.delegation.ValidatingDelegator;
import net.interus.keycloak.tokencode.exception.SendingFailure;
import net.interus.keycloak.tokencode.exception.ValidatingFailure;
import net.interus.keycloak.tokencode.jpa.TokenCodeEntity;
import net.interus.keycloak.tokencode.jpa.representations.TokenCodeRepresentation;
import net.interus.keycloak.tokencode.relay.Link;
import net.interus.keycloak.tokencode.relay.MediaType;
import net.interus.keycloak.tokencode.relay.Message;
import net.interus.keycloak.tokencode.relay.MessageSender;
import org.jboss.logging.Logger;
import org.keycloak.connections.jpa.JpaConnectionProvider;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.models.UserModel;

/* loaded from: input_file:net/interus/keycloak/tokencode/impl/TokenCodeServiceImpl.class */
public class TokenCodeServiceImpl implements TokenCodeService, ValidatingDelegator, SendingDelegator {
    private static final Logger logger = Logger.getLogger(TokenCodeServiceImpl.class);
    protected final KeycloakSession session;
    protected final EntityManager entityManager;
    protected final RealmModel realm;
    private final TokenCodeProperties properties;
    private TokenCodeService.OnUserConfirmedListener userConfirmedListener;

    public TokenCodeServiceImpl(KeycloakSession keycloakSession, TokenCodeProperties tokenCodeProperties) {
        this.session = keycloakSession;
        this.entityManager = keycloakSession.getProvider(JpaConnectionProvider.class).getEntityManager();
        this.realm = keycloakSession.getContext().getRealm();
        this.properties = tokenCodeProperties;
    }

    private TokenCodeRepresentation _ongoingProcess(String str, TokenCodeType tokenCodeType, String str2) {
        logger.info(String.format("ongoingProcess, realm: %s, uri: %s, tokenCodeType: %s, credentialType: %s", this.realm.getId(), str, tokenCodeType.name(), str2));
        try {
            TokenCodeEntity tokenCodeEntity = (TokenCodeEntity) this.entityManager.createNamedQuery("ongoingProcess", TokenCodeEntity.class).setParameter("realmId", this.realm.getId()).setParameter("uri", str).setParameter("credentialType", str2).setParameter("confirmed", false).setParameter("now", Date.from(Instant.now()), TemporalType.TIMESTAMP).setMaxResults(1).getSingleResult();
            if (tokenCodeEntity == null) {
                return null;
            }
            TokenCodeRepresentation tokenCodeRepresentation = new TokenCodeRepresentation();
            tokenCodeRepresentation.setId(tokenCodeEntity.getId());
            tokenCodeRepresentation.setRealmId(tokenCodeEntity.getRealmId());
            tokenCodeRepresentation.setUri(tokenCodeEntity.getUri());
            tokenCodeRepresentation.setCode(tokenCodeEntity.getCode());
            tokenCodeRepresentation.setMediaType(tokenCodeEntity.getMediaType());
            tokenCodeRepresentation.setType(tokenCodeEntity.getType());
            tokenCodeRepresentation.setCredentialType(tokenCodeEntity.getCredentialType());
            tokenCodeRepresentation.setCredentialData(tokenCodeEntity.getCredentialData());
            tokenCodeRepresentation.setCreatedAt(tokenCodeEntity.getCreatedAt());
            tokenCodeRepresentation.setExpiresAt(tokenCodeEntity.getExpiresAt());
            tokenCodeRepresentation.setConfirmed(tokenCodeEntity.getConfirmed());
            tokenCodeRepresentation.setByWhom(tokenCodeEntity.getByWhom());
            return tokenCodeRepresentation;
        } catch (NoResultException e) {
            return null;
        }
    }

    private boolean _isAbusing(String str, TokenCodeType tokenCodeType, String str2, int i) {
        return this.entityManager.createNamedQuery("processesSince", TokenCodeEntity.class).setParameter("realmId", this.realm.getId()).setParameter("uri", str).setParameter("type", tokenCodeType.name()).setParameter("credentialType", str2).setParameter("date", new Date(System.currentTimeMillis() - TimeUnit.HOURS.toMillis(1L)), TemporalType.TIMESTAMP).getResultList().size() > i;
    }

    @Override // net.interus.keycloak.tokencode.TokenCodeService
    public int sendCode(String str, TokenCodeType tokenCodeType, String str2, String str3) throws SendingFailure {
        return _sendCode(str, str, tokenCodeType, MediaType.SMS, str2, str3, null, null, null);
    }

    @Override // net.interus.keycloak.tokencode.TokenCodeService
    public int sendCode(String str, TokenCodeType tokenCodeType, String str2, String str3, SendingDelegator sendingDelegator) throws SendingFailure {
        return _sendCode(str, str, tokenCodeType, MediaType.SMS, str2, str3, null, null, sendingDelegator);
    }

    @Override // net.interus.keycloak.tokencode.TokenCodeService
    public int sendCode(String str, String str2, TokenCodeType tokenCodeType, String str3, String str4) throws SendingFailure {
        return _sendCode(str, str2, tokenCodeType, MediaType.SMS, str3, str4, null, null, null);
    }

    @Override // net.interus.keycloak.tokencode.TokenCodeService
    public int sendCode(String str, String str2, TokenCodeType tokenCodeType, MediaType mediaType, String str3, String str4, Message message) throws SendingFailure {
        return _sendCode(str, str2, tokenCodeType, mediaType, str3, str4, message, null, null);
    }

    @Override // net.interus.keycloak.tokencode.TokenCodeService
    public int sendCode(String str, String str2, TokenCodeType tokenCodeType, MediaType mediaType, String str3, String str4, Message message, Integer num) throws SendingFailure {
        return _sendCode(str, str2, tokenCodeType, mediaType, str3, str4, message, num, null);
    }

    private int _sendCode(String str, String str2, TokenCodeType tokenCodeType, MediaType mediaType, String str3, String str4, Message message, Integer num, SendingDelegator sendingDelegator) throws SendingFailure {
        if (str == null) {
            throw new SendingFailure(400, "request_fail", "no parameter: uri");
        }
        if (str2 == null) {
            throw new SendingFailure(400, "request_fail", "no parameter: toAddress");
        }
        if (_isAbusing(str, tokenCodeType, str3, this.properties.getHourMaximum().intValue())) {
            throw new SendingFailure(403, "request_fail", "Requested the maximum number(" + this.properties.getHourMaximum() + ") of messages the last hour");
        }
        TokenCodeRepresentation _ongoingProcess = _ongoingProcess(str, tokenCodeType, str3);
        if (_ongoingProcess == null) {
            _ongoingProcess = TokenCodeRepresentation.valueOf(this.realm.getId(), str, str2, tokenCodeType, mediaType, str3, str4);
            logger.info(String.format("Generate new token", new Object[0]));
        } else {
            int time = ((int) (_ongoingProcess.getExpiresAt().getTime() - Instant.now().toEpochMilli())) / 1000;
            if (_ongoingProcess.getMediaType().equalsIgnoreCase(mediaType.getLabel()) || time < 5) {
                logger.info(String.format("Revert ongoing token code & Generate new one %s media type for %s", mediaType.getLabel(), str));
                TokenCodeEntity tokenCodeEntity = (TokenCodeEntity) this.entityManager.find(TokenCodeEntity.class, _ongoingProcess.getId());
                tokenCodeEntity.setConfirmed(true);
                this.entityManager.persist(tokenCodeEntity);
                _ongoingProcess = TokenCodeRepresentation.valueOf(this.realm.getId(), str, str2, tokenCodeType, mediaType, str3, str4);
            } else {
                logger.info(String.format("Reuse ongoing token code If media type changed %s media type for %s", mediaType.getLabel(), str));
                TokenCodeEntity tokenCodeEntity2 = (TokenCodeEntity) this.entityManager.find(TokenCodeEntity.class, _ongoingProcess.getId());
                tokenCodeEntity2.setToAddress(str2);
                tokenCodeEntity2.setMediaType(mediaType.getLabel());
                tokenCodeEntity2.setCredentialData(str4);
                this.entityManager.persist(tokenCodeEntity2);
                _ongoingProcess.setToAddress(str2);
                _ongoingProcess.setMediaType(mediaType.getLabel());
                _ongoingProcess.setCredentialData(str4);
                num = Integer.valueOf(time);
            }
        }
        if (message != null) {
            message.putDictionary("$tokenCode", _ongoingProcess.getCode());
            message.macro();
            Link link = message.getLink();
            if (link == null) {
                message.clearDictionary().putDictionary("$link.fallback", link.getFallback()).putDictionary("$link.app", link.getApp()).macro();
                message.shortUrlBody();
            } else if (message.hasBodyLink()) {
                message.clearDictionary().putDictionary("$link.url", link.fillFallbackAndAppToUrl().shortenUrl().getUrl()).macro();
            } else {
                link.encodeFallbackAndApp().fillFallbackAndAppToUrl();
            }
        }
        if (sendingDelegator == null) {
            sendingDelegator = this;
        }
        if (!sendingDelegator.onSending(_ongoingProcess, message)) {
            logger.warn(String.format("Message sending to %s failed with %s", str2, str));
            throw new SendingFailure(403, "request_fail", "Message sending failed");
        }
        if (num == null) {
            num = this.properties.getExpiresIn();
        }
        _persistCode(_ongoingProcess, message, num.intValue());
        return num.intValue();
    }

    @Override // net.interus.keycloak.tokencode.TokenCodeService
    public boolean sendMessage(String str, MediaType mediaType, Message message) throws SendingFailure {
        Link link;
        if (str == null) {
            throw new SendingFailure(400, "request_fail", "no parameter: toAddress");
        }
        if (message != null && (link = message.getLink()) != null) {
            link.encodeFallbackAndApp();
            if (link.getUrl() == null) {
                message.clearDictionary().putDictionary("$link.fallback", link.getFallback()).putDictionary("$link.app", link.getApp()).macro();
                message.shortUrlBody();
            } else if (message.hasBodyLink()) {
                message.clearDictionary().putDictionary("$link.url", link.fillFallbackAndAppToUrl().shortenUrl().getUrl()).macro();
            } else {
                link.encodeFallbackAndApp().fillFallbackAndAppToUrl();
            }
        }
        if (_sendMessage(str, mediaType, message)) {
            return true;
        }
        logger.warn(String.format("Message sending to %s failed", str));
        throw new SendingFailure(403, "request_fail", " Message sending failed");
    }

    @Override // net.interus.keycloak.tokencode.delegation.SendingDelegator
    public boolean onSending(TokenCodeRepresentation tokenCodeRepresentation, Message message) throws SendingFailure {
        return _sendMessage(tokenCodeRepresentation.getToAddress(), MediaType.valueOf(tokenCodeRepresentation.getMediaType()), message);
    }

    public boolean _sendMessage(String str, MediaType mediaType, Message message) throws SendingFailure {
        String str2;
        if (mediaType == MediaType.SMS || mediaType == MediaType.LMS) {
            str2 = (String) this.session.listProviderIds(MessageSender.class).stream().filter(str3 -> {
                return str3.equals(this.properties.getSmsSenderId());
            }).findFirst().orElseThrow(() -> {
                return new SendingFailure(400, "not_support_media_type", "not found send provider: " + mediaType.getLabel());
            });
        } else if (mediaType == MediaType.PUSH_NOTIFICATION) {
            str2 = (String) this.session.listProviderIds(MessageSender.class).stream().filter(str4 -> {
                return str4.equals(this.properties.getPushNotificationSenderId());
            }).findFirst().orElseThrow(() -> {
                return new SendingFailure(400, "not_support_media_type", "not found send provider: " + mediaType.getLabel());
            });
        } else {
            if (mediaType != MediaType.BIZTALK) {
                throw new SendingFailure(400, "not_support_media_type", "not support media type: " + mediaType.getLabel());
            }
            str2 = (String) this.session.listProviderIds(MessageSender.class).stream().filter(str5 -> {
                return str5.equals(this.properties.getBiztalkSenderId());
            }).findFirst().orElseThrow(() -> {
                return new SendingFailure(400, "not_support_media_type", "not found send provider: " + mediaType.getLabel());
            });
        }
        return ((MessageSender) this.session.getProvider(MessageSender.class, str2)).process(str, message);
    }

    private void _persistCode(TokenCodeRepresentation tokenCodeRepresentation, Message message, int i) {
        logger.info(String.format("PersistCode, tokenCode: %s, tokenExpiresIn: %d", tokenCodeRepresentation.toString(), Integer.valueOf(i)));
        Instant now = Instant.now();
        logger.info(String.format(" createdAt: %s, expiresAt: %s", Date.from(now), Date.from(now.plusSeconds(i))));
        TokenCodeEntity tokenCodeEntity = new TokenCodeEntity();
        tokenCodeEntity.setId(tokenCodeRepresentation.getId());
        tokenCodeEntity.setRealmId(tokenCodeRepresentation.getRealmId());
        tokenCodeEntity.setMediaType(tokenCodeRepresentation.getMediaType());
        tokenCodeEntity.setType(tokenCodeRepresentation.getType());
        tokenCodeEntity.setUri(tokenCodeRepresentation.getUri());
        tokenCodeEntity.setFromAddress(tokenCodeRepresentation.getFromAddress());
        tokenCodeEntity.setToAddress(tokenCodeRepresentation.getToAddress());
        tokenCodeEntity.setCode(tokenCodeRepresentation.getCode());
        tokenCodeEntity.setCredentialType(tokenCodeRepresentation.getCredentialType());
        tokenCodeEntity.setCredentialData(tokenCodeRepresentation.getCredentialData());
        if (message != null) {
            tokenCodeEntity.setComparativeData(message.toString());
        }
        tokenCodeEntity.setCreatedAt(Date.from(now));
        tokenCodeEntity.setExpiresAt(Date.from(now.plusSeconds(i)));
        tokenCodeEntity.setConfirmed(tokenCodeRepresentation.getConfirmed());
        this.entityManager.persist(tokenCodeEntity);
    }

    @Override // net.interus.keycloak.tokencode.TokenCodeService
    public boolean validateCode(String str, String str2, TokenCodeType tokenCodeType, String str3, String str4, UserModel userModel) throws ValidatingFailure {
        return validateCode(str, str2, tokenCodeType, str3, str4, userModel, null);
    }

    @Override // net.interus.keycloak.tokencode.TokenCodeService
    public boolean validateCode(String str, String str2, TokenCodeType tokenCodeType, String str3, String str4, UserModel userModel, ValidatingDelegator validatingDelegator) throws ValidatingFailure {
        return _validateCode(str, str2, tokenCodeType, str3, str4, userModel, validatingDelegator);
    }

    private boolean _validateCode(String str, String str2, TokenCodeType tokenCodeType, String str3, String str4, UserModel userModel, ValidatingDelegator validatingDelegator) throws ValidatingFailure {
        logger.info(String.format("Validate %s , phone: %s, code: %s", tokenCodeType, str, str2));
        TokenCodeRepresentation _ongoingProcess = _ongoingProcess(str, tokenCodeType, str3);
        if (_ongoingProcess == null) {
            return false;
        }
        _ongoingProcess.setSecretData(str4);
        logger.info(String.format("Check Confirmed %s %s", _ongoingProcess.getId(), _ongoingProcess.getConfirmed()));
        if (validatingDelegator == null) {
            validatingDelegator = this;
        }
        if (!validatingDelegator.onValidating(_ongoingProcess, str2)) {
            return false;
        }
        TokenCodeEntity tokenCodeEntity = (TokenCodeEntity) this.entityManager.find(TokenCodeEntity.class, _ongoingProcess.getId());
        tokenCodeEntity.setConfirmed(true);
        if (userModel != null) {
            tokenCodeEntity.setByWhom(userModel.getId());
        }
        this.entityManager.persist(tokenCodeEntity);
        logger.info(String.format("- persist confirmed", new Object[0]));
        if (userModel == null || this.userConfirmedListener == null) {
            return true;
        }
        this.userConfirmedListener.onUserConfirmed(this.session, _ongoingProcess, userModel);
        logger.info(String.format("- user confirmed", new Object[0]));
        return true;
    }

    @Override // net.interus.keycloak.tokencode.delegation.ValidatingDelegator
    public boolean onValidating(TokenCodeRepresentation tokenCodeRepresentation, String str) {
        if (TokenCodeType.OTP_SAFE.name().equalsIgnoreCase(tokenCodeRepresentation.getType())) {
            logger.info(String.format("Validating compare ( %s | %s ) equals %s temporarily allowed", tokenCodeRepresentation.getCode(), str, Boolean.valueOf(tokenCodeRepresentation.getCode().equals(str))));
            return true;
        }
        logger.info(String.format("Validating compare ( %s | %s ) equals %s ", tokenCodeRepresentation.getCode(), str, Boolean.valueOf(tokenCodeRepresentation.getCode().equals(str))));
        return tokenCodeRepresentation.getCode().equals(str);
    }

    public void close() {
    }

    @Override // net.interus.keycloak.tokencode.TokenCodeService
    public void setOnUserConfirmedListener(TokenCodeService.OnUserConfirmedListener onUserConfirmedListener) {
        this.userConfirmedListener = onUserConfirmedListener;
    }
}
