package org.thingsboard.server.service.security.auth.mfa.provider.impl;

import java.beans.ConstructorProperties;
import java.io.Serializable;
import java.util.concurrent.TimeUnit;
import org.springframework.cache.Cache;
import org.springframework.cache.CacheManager;
import org.thingsboard.server.common.data.StringUtils;
import org.thingsboard.server.common.data.exception.ThingsboardException;
import org.thingsboard.server.common.data.security.model.mfa.account.OtpBasedTwoFaAccountConfig;
import org.thingsboard.server.common.data.security.model.mfa.provider.OtpBasedTwoFaProviderConfig;
import org.thingsboard.server.service.security.auth.mfa.provider.TwoFaProvider;
import org.thingsboard.server.service.security.model.SecurityUser;

/* loaded from: input_file:org/thingsboard/server/service/security/auth/mfa/provider/impl/OtpBasedTwoFaProvider.class */
public abstract class OtpBasedTwoFaProvider<C extends OtpBasedTwoFaProviderConfig, A extends OtpBasedTwoFaAccountConfig> implements TwoFaProvider<C, A> {
    private final Cache verificationCodesCache;

    /* loaded from: input_file:org/thingsboard/server/service/security/auth/mfa/provider/impl/OtpBasedTwoFaProvider$Otp.class */
    public static class Otp implements Serializable {
        private final long timestamp;
        private final String value;
        private final OtpBasedTwoFaAccountConfig accountConfig;

        @ConstructorProperties({"timestamp", "value", "accountConfig"})
        public Otp(long j, String str, OtpBasedTwoFaAccountConfig otpBasedTwoFaAccountConfig) {
            this.timestamp = j;
            this.value = str;
            this.accountConfig = otpBasedTwoFaAccountConfig;
        }

        public long getTimestamp() {
            return this.timestamp;
        }

        public String getValue() {
            return this.value;
        }

        public OtpBasedTwoFaAccountConfig getAccountConfig() {
            return this.accountConfig;
        }

        public boolean equals(Object obj) {
            if (obj == this) {
                return true;
            }
            if (!(obj instanceof Otp)) {
                return false;
            }
            Otp otp = (Otp) obj;
            if (!otp.canEqual(this) || getTimestamp() != otp.getTimestamp()) {
                return false;
            }
            String value = getValue();
            String value2 = otp.getValue();
            if (value == null) {
                if (value2 != null) {
                    return false;
                }
            } else if (!value.equals(value2)) {
                return false;
            }
            OtpBasedTwoFaAccountConfig accountConfig = getAccountConfig();
            OtpBasedTwoFaAccountConfig accountConfig2 = otp.getAccountConfig();
            return accountConfig == null ? accountConfig2 == null : accountConfig.equals(accountConfig2);
        }

        protected boolean canEqual(Object obj) {
            return obj instanceof Otp;
        }

        public int hashCode() {
            long timestamp = getTimestamp();
            int i = (1 * 59) + ((int) ((timestamp >>> 32) ^ timestamp));
            String value = getValue();
            int hashCode = (i * 59) + (value == null ? 43 : value.hashCode());
            OtpBasedTwoFaAccountConfig accountConfig = getAccountConfig();
            return (hashCode * 59) + (accountConfig == null ? 43 : accountConfig.hashCode());
        }

        public String toString() {
            long timestamp = getTimestamp();
            String value = getValue();
            String.valueOf(getAccountConfig());
            return "OtpBasedTwoFaProvider.Otp(timestamp=" + timestamp + ", value=" + timestamp + ", accountConfig=" + value + ")";
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public OtpBasedTwoFaProvider(CacheManager cacheManager) {
        this.verificationCodesCache = cacheManager.getCache("twoFaVerificationCodes");
    }

    @Override // org.thingsboard.server.service.security.auth.mfa.provider.TwoFaProvider
    public final void prepareVerificationCode(SecurityUser securityUser, C c, A a) throws ThingsboardException {
        String randomNumeric = StringUtils.randomNumeric(6);
        sendVerificationCode(securityUser, randomNumeric, c, a);
        this.verificationCodesCache.put(securityUser.getId(), new Otp(System.currentTimeMillis(), randomNumeric, a));
    }

    protected abstract void sendVerificationCode(SecurityUser securityUser, String str, C c, A a) throws ThingsboardException;

    @Override // org.thingsboard.server.service.security.auth.mfa.provider.TwoFaProvider
    public final boolean checkVerificationCode(SecurityUser securityUser, String str, C c, A a) {
        Otp otp = (Otp) this.verificationCodesCache.get(securityUser.getId(), Otp.class);
        if (otp == null) {
            return false;
        }
        if (System.currentTimeMillis() - otp.getTimestamp() > TimeUnit.SECONDS.toMillis(c.getVerificationCodeLifetime())) {
            this.verificationCodesCache.evict(securityUser.getId());
            return false;
        }
        if (!str.equals(otp.getValue()) || !a.equals(otp.getAccountConfig())) {
            return false;
        }
        this.verificationCodesCache.evict(securityUser.getId());
        return true;
    }
}
