package com.inet.authentication.twofactor.server.totp;

import com.google.zxing.BarcodeFormat;
import com.google.zxing.client.j2se.MatrixToImageWriter;
import com.google.zxing.common.BitMatrix;
import com.google.zxing.qrcode.QRCodeWriter;
import com.inet.authentication.twofactor.TwoFactorAuthenticationServerPlugin;
import com.inet.error.ErrorCode;
import com.inet.id.GUID;
import com.inet.lib.io.FastByteArrayOutputStream;
import com.inet.lib.util.EncodingFunctions;
import com.inet.lib.util.StringFunctions;
import com.inet.plugin.ApplicationDescription;
import com.inet.usersandgroups.api.user.UserAccount;
import java.nio.charset.StandardCharsets;
import java.security.SecureRandom;
import java.util.Base64;
import java.util.Objects;
import javax.annotation.Nonnull;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: input_file:com/inet/authentication/twofactor/server/totp/b.class */
public class b implements com.inet.authentication.twofactor.api.a {
    public String getExtensionName() {
        return "totp";
    }

    @Override // com.inet.authentication.twofactor.api.a
    public String a() {
        return TwoFactorAuthenticationServerPlugin.MSG.getMsg("twofactor.totp.displayname", new Object[0]);
    }

    @Override // com.inet.authentication.twofactor.api.a
    public boolean a(UserAccount userAccount) {
        return true;
    }

    @Override // com.inet.authentication.twofactor.api.a
    public String a(GUID guid) {
        byte[] bArr = new byte[20];
        new SecureRandom().nextBytes(bArr);
        return new String(bArr, StandardCharsets.ISO_8859_1);
    }

    @Override // com.inet.authentication.twofactor.api.a
    public String a(@Nonnull UserAccount userAccount, String str) {
        byte[] bytes = str.getBytes(StandardCharsets.ISO_8859_1);
        String a = a(userAccount, bytes);
        StringBuilder sb = new StringBuilder(StringFunctions.encodeHTML(TwoFactorAuthenticationServerPlugin.MSG.getMsg("twofactor.totp.instructions", new Object[0]), false) + "<br><br><center><strong>" + StringFunctions.encodeHTML(ApplicationDescription.get().getRemoteGuiInformation().getTitle(), false) + " (" + StringFunctions.encodeHTML(userAccount.getDisplayName(), false) + ")</strong><br><img src=\"data:image/png;base64,");
        try {
            BitMatrix encode = new QRCodeWriter().encode(a, BarcodeFormat.QR_CODE, 256, 256);
            FastByteArrayOutputStream fastByteArrayOutputStream = new FastByteArrayOutputStream();
            MatrixToImageWriter.writeToStream(encode, "png", fastByteArrayOutputStream);
            sb.append(Base64.getEncoder().encodeToString(fastByteArrayOutputStream.toByteArray()));
            sb.append("\"><br>");
            sb.append(StringFunctions.encodeHTML(a.a(bytes), false));
            sb.append("</center>");
        } catch (Exception e) {
            ErrorCode.throwAny(e);
        }
        return sb.toString();
    }

    @Override // com.inet.authentication.twofactor.api.a
    public boolean a(String str, String str2) {
        long currentTimeMillis = System.currentTimeMillis();
        byte[] bytes = str2.getBytes(StandardCharsets.ISO_8859_1);
        return Objects.equals(str, a(bytes, currentTimeMillis)) || Objects.equals(str, a(bytes, currentTimeMillis - 30000)) || Objects.equals(str, a(bytes, currentTimeMillis + 30000));
    }

    @Nonnull
    private String a(@Nonnull UserAccount userAccount, byte[] bArr) {
        StringBuilder sb = new StringBuilder("otpauth://totp/");
        sb.append(EncodingFunctions.encodeUrlPath(userAccount.getDisplayName()));
        sb.append("?secret=");
        sb.append(a.a(bArr));
        sb.append("&issuer=").append(EncodingFunctions.encodeUrlParameter(ApplicationDescription.get().getRemoteGuiInformation().getTitle()));
        return sb.toString();
    }

    private static String a(byte[] bArr, long j) {
        try {
            long j2 = j / 30000;
            byte[] bArr2 = {(byte) (j2 >>> 56), (byte) (j2 >>> 48), (byte) (j2 >>> 40), (byte) (j2 >>> 32), (byte) (j2 >>> 24), (byte) (j2 >>> 16), (byte) (j2 >>> 8), (byte) (j2 >>> 0)};
            Mac mac = Mac.getInstance("HmacSHA1");
            mac.init(new SecretKeySpec(bArr, "RAW"));
            byte[] doFinal = mac.doFinal(bArr2);
            int i = doFinal[doFinal.length - 1] & 15;
            String num = Integer.toString((((((doFinal[i] & Byte.MAX_VALUE) << 24) | ((doFinal[i + 1] & 255) << 16)) | ((doFinal[i + 2] & 255) << 8)) | (doFinal[i + 3] & 255)) % 1000000);
            while (num.length() < 6) {
                num = "0" + num;
            }
            return num;
        } catch (Exception e) {
            ErrorCode.throwAny(e);
            return null;
        }
    }
}
