package org.keycloak.models;

import java.io.Serializable;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.util.HashMap;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import org.jboss.logging.Logger;
import org.keycloak.models.utils.Base32;
import org.keycloak.models.utils.HmacOTP;

/* loaded from: input_file:BOOT-INF/lib/keycloak-server-spi-8.0.0.jar:org/keycloak/models/OTPPolicy.class */
public class OTPPolicy implements Serializable {
    protected String type;
    protected String algorithm;
    protected int initialCounter;
    protected int digits;
    protected int lookAheadWindow;
    protected int period;
    public static OTPPolicy DEFAULT_POLICY;
    protected static final Logger logger = Logger.getLogger((Class<?>) OTPPolicy.class);
    private static final Map<String, String> algToKeyUriAlg = new HashMap();
    private static final OtpApp[] allApplications = {new FreeOTP(), new GoogleAuthenticator()};

    /* loaded from: input_file:BOOT-INF/lib/keycloak-server-spi-8.0.0.jar:org/keycloak/models/OTPPolicy$FreeOTP.class */
    public static class FreeOTP implements OtpApp {
        @Override // org.keycloak.models.OTPPolicy.OtpApp
        public String getName() {
            return "FreeOTP";
        }

        @Override // org.keycloak.models.OTPPolicy.OtpApp
        public boolean supports(OTPPolicy oTPPolicy) {
            return true;
        }
    }

    /* loaded from: input_file:BOOT-INF/lib/keycloak-server-spi-8.0.0.jar:org/keycloak/models/OTPPolicy$GoogleAuthenticator.class */
    public static class GoogleAuthenticator implements OtpApp {
        @Override // org.keycloak.models.OTPPolicy.OtpApp
        public String getName() {
            return "Google Authenticator";
        }

        @Override // org.keycloak.models.OTPPolicy.OtpApp
        public boolean supports(OTPPolicy oTPPolicy) {
            return oTPPolicy.digits == 6 && oTPPolicy.getAlgorithm().equals("HmacSHA1") && oTPPolicy.getType().equals("totp") && oTPPolicy.getPeriod() == 30;
        }
    }

    /* loaded from: input_file:BOOT-INF/lib/keycloak-server-spi-8.0.0.jar:org/keycloak/models/OTPPolicy$OtpApp.class */
    public interface OtpApp {
        String getName();

        boolean supports(OTPPolicy oTPPolicy);
    }

    public OTPPolicy() {
    }

    public OTPPolicy(String str, String str2, int i, int i2, int i3, int i4) {
        this.type = str;
        this.algorithm = str2;
        this.initialCounter = i;
        this.digits = i2;
        this.lookAheadWindow = i3;
        this.period = i4;
    }

    public String getAlgorithmKey() {
        return algToKeyUriAlg.containsKey(this.algorithm) ? algToKeyUriAlg.get(this.algorithm) : this.algorithm;
    }

    public String getType() {
        return this.type;
    }

    public void setType(String str) {
        this.type = str;
    }

    public String getAlgorithm() {
        return this.algorithm;
    }

    public void setAlgorithm(String str) {
        this.algorithm = str;
    }

    public int getInitialCounter() {
        return this.initialCounter;
    }

    public void setInitialCounter(int i) {
        this.initialCounter = i;
    }

    public int getDigits() {
        return this.digits;
    }

    public void setDigits(int i) {
        this.digits = i;
    }

    public int getLookAheadWindow() {
        return this.lookAheadWindow;
    }

    public void setLookAheadWindow(int i) {
        this.lookAheadWindow = i;
    }

    public int getPeriod() {
        return this.period;
    }

    public void setPeriod(int i) {
        this.period = i;
    }

    public String getKeyURI(RealmModel realmModel, UserModel userModel, String str) {
        try {
            String name = (realmModel.getDisplayName() == null || realmModel.getDisplayName().isEmpty()) ? realmModel.getName() : realmModel.getDisplayName();
            String encode = URLEncoder.encode(userModel.getUsername(), "UTF-8");
            String replaceAll = URLEncoder.encode(name, "UTF-8").replaceAll("\\+", "%20");
            String str2 = replaceAll + ":" + encode;
            String str3 = "secret=" + Base32.encode(str.getBytes()) + "&digits=" + this.digits + "&algorithm=" + algToKeyUriAlg.get(this.algorithm) + "&issuer=" + replaceAll;
            if (this.type.equals("hotp")) {
                str3 = str3 + "&counter=" + this.initialCounter;
            } else if (this.type.equals("totp")) {
                str3 = str3 + "&period=" + this.period;
            }
            return "otpauth://" + this.type + "/" + str2 + "?" + str3;
        } catch (UnsupportedEncodingException e) {
            throw new RuntimeException(e);
        }
    }

    public List<String> getSupportedApplications() {
        LinkedList linkedList = new LinkedList();
        for (OtpApp otpApp : allApplications) {
            if (otpApp.supports(this)) {
                linkedList.add(otpApp.getName());
            }
        }
        return linkedList;
    }

    static {
        algToKeyUriAlg.put("HmacSHA1", "SHA1");
        algToKeyUriAlg.put(HmacOTP.HMAC_SHA256, "SHA256");
        algToKeyUriAlg.put(HmacOTP.HMAC_SHA512, "SHA512");
        DEFAULT_POLICY = new OTPPolicy("totp", "HmacSHA1", 0, 6, 1, 30);
    }
}
