package com.predic8.membrane.core.interceptor.authentication.session.totp;

import com.predic8.membrane.core.interceptor.authentication.session.totp.PasscodeGenerator;
import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/service-proxy-core-5.7.1.jar:com/predic8/membrane/core/interceptor/authentication/session/totp/OtpProvider.class */
public class OtpProvider {
    private static Logger log = LoggerFactory.getLogger(OtpProvider.class.getName());
    private static final int PIN_LENGTH = 6;
    public static final int DEFAULT_INTERVAL = 30;
    private final TotpCounter mTotpCounter;

    public String getNextCode(String str, long j) {
        return computePin(str, this.mTotpCounter.getValueAtTime(j / 1000));
    }

    public OtpProvider() {
        this(30);
    }

    public OtpProvider(int i) {
        this.mTotpCounter = new TotpCounter(i);
    }

    private static byte[] decodeKey(String str) {
        return Base32String.decode(str);
    }

    static PasscodeGenerator.Signer getSigningOracle(String str) {
        try {
            byte[] decodeKey = decodeKey(str);
            Mac mac = Mac.getInstance("HMACSHA1");
            mac.init(new SecretKeySpec(decodeKey, ""));
            return bArr -> {
                return mac.doFinal(bArr);
            };
        } catch (InvalidKeyException | NoSuchAlgorithmException e) {
            log.error("", e);
            return null;
        }
    }

    private String computePin(String str, long j) {
        if (str == null || str.length() == 0) {
            throw new RuntimeException("Null or empty secret");
        }
        try {
            return new PasscodeGenerator(getSigningOracle(str), 6).generateResponseCode(j);
        } catch (GeneralSecurityException e) {
            throw new RuntimeException("Crypto failure", e);
        }
    }

    public boolean verifyCode(String str, long j, String str2, int i) {
        long valueAtTime = this.mTotpCounter.getValueAtTime(j / 1000);
        for (int i2 = -i; i2 <= i; i2++) {
            if (str2.equals(computePin(str, valueAtTime + i2))) {
                return true;
            }
        }
        return false;
    }
}
