package org.gluu.oxauth.service.fido.u2f;

import javax.ejb.Stateless;
import javax.inject.Inject;
import javax.inject.Named;
import org.gluu.oxauth.model.common.SessionId;
import org.gluu.oxauth.model.common.User;
import org.gluu.oxauth.model.config.Constants;
import org.gluu.oxauth.service.SessionIdService;
import org.gluu.oxauth.service.UserService;
import org.gluu.util.StringHelper;
import org.slf4j.Logger;

@Stateless
@Named("u2fValidationService")
/* loaded from: input_file:org/gluu/oxauth/service/fido/u2f/ValidationService.class */
public class ValidationService {

    @Inject
    private Logger log;

    @Inject
    private SessionIdService sessionIdService;

    @Inject
    private UserService userService;

    public boolean isValidSessionId(String str, String str2) {
        if (str2 == null) {
            this.log.error("In two step authentication workflow session_id is mandatory");
            return false;
        }
        SessionId sessionId = this.sessionIdService.getSessionId(str2);
        if (sessionId == null) {
            this.log.error("Specified session_id '{}' is invalid", str2);
            return false;
        }
        if (StringHelper.equalsIgnoreCase(str, sessionId.getSessionAttributes().get(Constants.AUTHENTICATED_USER))) {
            return true;
        }
        this.log.error("Username '{}' and session_id '{}' don't match", str, str2);
        return false;
    }

    public boolean isValidEnrollmentCode(String str, String str2) {
        if (str2 == null) {
            this.log.error("In two step authentication workflow enrollment_code is mandatory");
            return false;
        }
        User user = this.userService.getUser(str, new String[]{"oxEnrollmentCode"});
        if (user == null) {
            this.log.error("Specified user_name '{}' is invalid", str);
            return false;
        }
        String attribute = user.getAttribute("oxEnrollmentCode");
        if (attribute == null) {
            this.log.error("Specified enrollment_code '{}' is invalid", str2);
            return false;
        }
        if (StringHelper.equalsIgnoreCase(attribute, str2)) {
            return true;
        }
        this.log.error("Username '{}' and enrollment_code '{}' don't match", str, str2);
        return false;
    }
}
