package org.xdi.oxauth.service.fido.u2f;

import com.unboundid.ldap.sdk.Filter;
import java.util.ArrayList;
import java.util.Date;
import java.util.List;
import javax.ejb.Stateless;
import javax.inject.Inject;
import javax.inject.Named;
import org.gluu.site.ldap.persistence.BatchOperation;
import org.gluu.site.ldap.persistence.LdapEntryManager;
import org.slf4j.Logger;
import org.xdi.ldap.model.SearchScope;
import org.xdi.ldap.model.SimpleBranch;
import org.xdi.oxauth.model.config.StaticConfiguration;
import org.xdi.oxauth.model.fido.u2f.DeviceRegistration;
import org.xdi.oxauth.model.fido.u2f.DeviceRegistrationStatus;
import org.xdi.oxauth.model.util.Base64Util;
import org.xdi.oxauth.service.UserService;
import org.xdi.util.StringHelper;

@Stateless
@Named
/* loaded from: input_file:org/xdi/oxauth/service/fido/u2f/DeviceRegistrationService.class */
public class DeviceRegistrationService {

    @Inject
    private Logger log;

    @Inject
    private LdapEntryManager ldapEntryManager;

    @Inject
    private UserService userService;

    @Inject
    private StaticConfiguration staticConfiguration;

    public void addBranch(String str) {
        SimpleBranch simpleBranch = new SimpleBranch();
        simpleBranch.setOrganizationalUnitName("fido");
        simpleBranch.setDn(getBaseDnForU2fUserDevices(str));
        this.ldapEntryManager.persist(simpleBranch);
    }

    public boolean containsBranch(String str) {
        return this.ldapEntryManager.contains(SimpleBranch.class, getBaseDnForU2fUserDevices(str));
    }

    public void prepareBranch(String str) {
        if (containsBranch(str)) {
            return;
        }
        addBranch(str);
    }

    public DeviceRegistration findUserDeviceRegistration(String str, String str2, String... strArr) {
        prepareBranch(str);
        return (DeviceRegistration) this.ldapEntryManager.find(DeviceRegistration.class, getDnForU2fDevice(str, str2), strArr);
    }

    public List<DeviceRegistration> findUserDeviceRegistrations(String str, String str2, String... strArr) {
        prepareBranch(str);
        return this.ldapEntryManager.findEntries(getBaseDnForU2fUserDevices(str), DeviceRegistration.class, strArr, Filter.createEqualityFilter("oxApplication", str2));
    }

    public List<DeviceRegistration> findDeviceRegistrationsByKeyHandle(String str, String str2, String... strArr) {
        if (StringHelper.isEmpty(str) || StringHelper.isEmpty(str2)) {
            return new ArrayList(0);
        }
        byte[] base64urldecode = Base64Util.base64urldecode(str2);
        return this.ldapEntryManager.findEntries(this.userService.getDnForUser(null), DeviceRegistration.class, strArr, Filter.createANDFilter(new Filter[]{Filter.createEqualityFilter("objectClass", "oxDeviceRegistration"), Filter.createEqualityFilter("oxDeviceHashCode", String.valueOf(getKeyHandleHashCode(base64urldecode))), Filter.createEqualityFilter("oxApplication", str), Filter.createEqualityFilter("oxDeviceKeyHandle", str2)}));
    }

    public DeviceRegistration findOneStepUserDeviceRegistration(String str, String... strArr) {
        return (DeviceRegistration) this.ldapEntryManager.find(DeviceRegistration.class, getDnForOneStepU2fDevice(str));
    }

    public void addUserDeviceRegistration(String str, DeviceRegistration deviceRegistration) {
        prepareBranch(str);
        this.ldapEntryManager.persist(deviceRegistration);
    }

    public boolean attachUserDeviceRegistration(String str, String str2) {
        DeviceRegistration deviceRegistration = (DeviceRegistration) this.ldapEntryManager.find(DeviceRegistration.class, getDnForOneStepU2fDevice(str2));
        if (deviceRegistration == null) {
            return false;
        }
        removeUserDeviceRegistration(deviceRegistration);
        deviceRegistration.setDn(getDnForU2fDevice(str, deviceRegistration.getId()));
        addUserDeviceRegistration(str, deviceRegistration);
        return true;
    }

    public void addOneStepDeviceRegistration(DeviceRegistration deviceRegistration) {
        this.ldapEntryManager.persist(deviceRegistration);
    }

    public void updateDeviceRegistration(String str, DeviceRegistration deviceRegistration) {
        prepareBranch(str);
        this.ldapEntryManager.merge(deviceRegistration);
    }

    public void disableUserDeviceRegistration(DeviceRegistration deviceRegistration) {
        deviceRegistration.setStatus(DeviceRegistrationStatus.COMPROMISED);
        this.ldapEntryManager.merge(deviceRegistration);
    }

    public void removeUserDeviceRegistration(DeviceRegistration deviceRegistration) {
        this.ldapEntryManager.remove(deviceRegistration);
    }

    public List<DeviceRegistration> getExpiredDeviceRegistrations(BatchOperation<DeviceRegistration> batchOperation, Date date) {
        return this.ldapEntryManager.findEntries(getDnForOneStepU2fDevice(null), DeviceRegistration.class, Filter.createLessOrEqualFilter("creationDate", this.ldapEntryManager.encodeGeneralizedTime(date)), SearchScope.SUB, (String[]) null, batchOperation, 0, 25, 25);
    }

    public int getCountDeviceRegistrations(String str) {
        return this.ldapEntryManager.countEntries(this.userService.getDnForUser(null), DeviceRegistration.class, Filter.createANDFilter(new Filter[]{Filter.createEqualityFilter("oxApplication", str), Filter.createEqualityFilter("oxStatus", DeviceRegistrationStatus.ACTIVE.getValue())}));
    }

    public String getDnForU2fDevice(String str, String str2) {
        String baseDnForU2fUserDevices = getBaseDnForU2fUserDevices(str);
        return StringHelper.isEmpty(str2) ? baseDnForU2fUserDevices : String.format("oxId=%s,%s", str2, baseDnForU2fUserDevices);
    }

    public String getBaseDnForU2fUserDevices(String str) {
        return String.format("ou=fido,%s", this.userService.getDnForUser(str));
    }

    public String getDnForOneStepU2fDevice(String str) {
        String u2fBase = this.staticConfiguration.getBaseDn().getU2fBase();
        return StringHelper.isEmpty(str) ? String.format("ou=registered_devices,%s", u2fBase) : String.format("oxid=%s,ou=registered_devices,%s", str, u2fBase);
    }

    public int getKeyHandleHashCode(byte[] bArr) {
        int i = 0;
        for (int i2 = 0; i2 < bArr.length; i2++) {
            i += bArr[i2] * i2;
        }
        return i;
    }
}
