package no.kantega.security.api.impl.twofactorauth.dbbackend;

import java.security.SecureRandom;
import java.util.Calendar;
import java.util.Date;
import no.kantega.security.api.identity.Identity;
import no.kantega.security.api.twofactorauth.DefaultLoginToken;
import no.kantega.security.api.twofactorauth.LoginToken;
import no.kantega.security.api.twofactorauth.LoginTokenManager;
import no.kantega.security.api.twofactorauth.LoginTokenVerification;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.dao.IncorrectResultSizeDataAccessException;
import org.springframework.jdbc.core.support.JdbcDaoSupport;

/* loaded from: input_file:no/kantega/security/api/impl/twofactorauth/dbbackend/DBLoginTokenManager.class */
public class DBLoginTokenManager extends JdbcDaoSupport implements LoginTokenManager {
    private final Logger log = LoggerFactory.getLogger(getClass());
    private int tokenValidityMinutes = 5;
    private int tokenLength = 5;
    private SecureRandom random = new SecureRandom();

    public LoginToken generateLoginToken(Identity identity) {
        this.log.info("Generating LoginToken for " + identity.getDomain() + ":" + identity.getUserId());
        deleteLoginTokensForIdentity(identity);
        LoginToken createToken = createToken();
        getJdbcTemplate().update("insert into twofactorauthtoken (domain, userid, token, expiredate)  values(?,?,?,?)", new Object[]{identity.getDomain(), identity.getUserId(), createToken.getToken(), tokenExpireDate()});
        return createToken;
    }

    public void deleteLoginTokensForIdentity(Identity identity) {
        getJdbcTemplate().update("delete from twofactorauthtoken where domain = ? and userid = ?", new Object[]{identity.getDomain(), identity.getUserId()});
    }

    public LoginTokenVerification verifyLoginToken(Identity identity, LoginToken loginToken) {
        this.log.info("Verifying LoginToken for " + identity.getDomain() + ":" + identity.getUserId());
        LoginTokenVerification loginTokenVerification = LoginTokenVerification.INVALID;
        try {
            if (((Date) getJdbcTemplate().queryForObject("select expiredate from twofactorauthtoken where domain=? and userid=? and token=?", Date.class, new Object[]{identity.getDomain(), identity.getUserId(), loginToken.getToken()})).before(new Date())) {
                this.log.info("LoginToken for " + identity.getDomain() + ":" + identity.getUserId() + " was expired");
                loginTokenVerification = LoginTokenVerification.EXPIRED;
            } else {
                loginTokenVerification = LoginTokenVerification.VALID;
            }
            deleteLoginTokensForIdentity(identity);
        } catch (IncorrectResultSizeDataAccessException e) {
            this.log.info(identity.getDomain() + ":" + identity.getUserId() + " entered unknown token");
        }
        return loginTokenVerification;
    }

    private LoginToken createToken() {
        StringBuilder sb = new StringBuilder();
        for (int i = 0; i < this.tokenLength; i++) {
            sb.append(this.random.nextInt(10));
        }
        return new DefaultLoginToken(sb.toString());
    }

    private Date tokenExpireDate() {
        Calendar calendar = Calendar.getInstance();
        calendar.add(12, this.tokenValidityMinutes);
        return calendar.getTime();
    }

    public void setTokenValidityMinutes(int i) {
        this.tokenValidityMinutes = i;
    }
}
