package info.elexis.security.authentication.dao;

import info.elexis.security.core.userdetails.OtpUser;
import info.elexis.security.web.authentication.OtpWebAuthenticationDetails;
import org.jboss.aerogear.security.otp.Totp;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;

/* loaded from: input_file:lib/openid.war:WEB-INF/classes/info/elexis/security/authentication/dao/OtpDaoAuthenticationProvider.class */
public class OtpDaoAuthenticationProvider extends DaoAuthenticationProvider {
    @Override // org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider, org.springframework.security.authentication.AuthenticationProvider
    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        if (authentication.getDetails() instanceof OtpWebAuthenticationDetails) {
            String otpToken = ((OtpWebAuthenticationDetails) authentication.getDetails()).getOtpToken();
            String name = authentication.getPrincipal() == null ? "NONE_PROVIDED" : authentication.getName();
            OtpUser otpUser = (OtpUser) getUserDetailsService().loadUserByUsername(name);
            if (otpUser == null) {
                this.logger.debug("User '" + name + "' not found");
                throw new BadCredentialsException(this.messages.getMessage("AbstractUserDetailsAuthenticationProvider.badCredentials", "Bad credentials"));
            }
            Totp totp = new Totp(otpUser.getTotpSecret());
            if (!isValidLong(otpToken) || !totp.verify(otpToken)) {
                throw new BadCredentialsException(this.messages.getMessage("AbstractUserDetailsAuthenticationProvider.badCredentials", "Bad credentials"));
            }
        }
        return super.authenticate(authentication);
    }

    private boolean isValidLong(String str) {
        try {
            Long.parseLong(str);
            return true;
        } catch (NumberFormatException e) {
            return false;
        }
    }
}
