package com.inet.authentication.twofactor.server.email;

import com.inet.authentication.LoginProcessor;
import com.inet.authentication.twofactor.TwoFactorAuthenticationServerPlugin;
import com.inet.http.ClientMessageException;
import com.inet.http.servlet.SessionStore;
import com.inet.id.GUID;
import com.inet.lib.util.StringFunctions;
import com.inet.usersandgroups.UsersAndGroups;
import com.inet.usersandgroups.api.ui.fields.EmailAddressHelper;
import com.inet.usersandgroups.api.user.UserAccount;
import java.security.SecureRandom;
import java.util.List;
import javax.annotation.SuppressFBWarnings;
import javax.mail.MessagingException;

/* loaded from: input_file:com/inet/authentication/twofactor/server/email/a.class */
public class a implements com.inet.authentication.twofactor.api.a {
    public String getExtensionName() {
        return "email";
    }

    @Override // com.inet.authentication.twofactor.api.a
    public String a() {
        return TwoFactorAuthenticationServerPlugin.MSG.getMsg("twofactor.email.displayname", new Object[0]);
    }

    @Override // com.inet.authentication.twofactor.api.a
    public boolean a(UserAccount userAccount) {
        return EmailAddressHelper.get().isAvailable(userAccount.getID());
    }

    @Override // com.inet.authentication.twofactor.api.a
    public String a(GUID guid) {
        return "";
    }

    @Override // com.inet.authentication.twofactor.api.a
    @SuppressFBWarnings(value = {"TRUST_BOUNDARY_VIOLATION"}, justification = "data are save")
    public String a(UserAccount userAccount, String str) {
        List validEmailAddressesFrom = EmailAddressHelper.get().getValidEmailAddressesFrom((String) userAccount.getValue(UsersAndGroups.FIELD_EMAIL));
        if (validEmailAddressesFrom.isEmpty()) {
            throw new ClientMessageException(TwoFactorAuthenticationServerPlugin.MSG.getMsg("twofactor.email.error.nomailaddress", new Object[0]));
        }
        byte[] bArr = new byte[20];
        new SecureRandom().nextBytes(bArr);
        String substring = com.inet.authentication.twofactor.server.totp.a.a(bArr).substring(0, 6);
        SessionStore.getHttpSession().setAttribute("email.security.key", substring + "," + System.currentTimeMillis());
        try {
            new b(validEmailAddressesFrom, userAccount.getDisplayName(), substring).send();
            return StringFunctions.encodeHTML(TwoFactorAuthenticationServerPlugin.MSG.getMsg("twofactor.email.instructions1", new Object[0]), false) + " <b>" + StringFunctions.encodeHTML(String.join(";", validEmailAddressesFrom), false) + "</b><br><br>" + StringFunctions.encodeHTML(TwoFactorAuthenticationServerPlugin.MSG.getMsg("twofactor.email.instructions2", new Object[0]), false) + " <b>" + StringFunctions.encodeHTML(b.c(), false) + "</b><br>" + StringFunctions.encodeHTML(TwoFactorAuthenticationServerPlugin.MSG.getMsg("twofactor.email.instructions3", new Object[0]), false);
        } catch (MessagingException e) {
            LoginProcessor.LOGGER.error(e);
            throw new ClientMessageException(TwoFactorAuthenticationServerPlugin.MSG.getMsg("twofactor.email.error.sending", new Object[0]));
        }
    }

    @Override // com.inet.authentication.twofactor.api.a
    public boolean a(String str, String str2) {
        String str3 = (String) SessionStore.getHttpSession().getAttribute("email.security.key");
        if (str3 == null) {
            return false;
        }
        String[] split = str3.split(",");
        String str4 = split[0];
        return Long.parseLong(split[1]) + 900000 >= System.currentTimeMillis() && str4 != null && str4.equalsIgnoreCase(str);
    }
}
