package org.forgerock.openam.authentication.modules.fr.oath;

import com.sun.identity.idm.AMIdentity;
import java.net.URI;
import java.net.URISyntaxException;
import java.util.ArrayList;
import java.util.StringTokenizer;
import org.apache.commons.codec.DecoderException;
import org.apache.commons.codec.binary.Base32;
import org.apache.commons.codec.binary.Hex;
import org.forgerock.openam.utils.StringUtils;
import org.forgerock.util.Reject;

/* loaded from: input_file:org/forgerock/openam/authentication/modules/fr/oath/AuthenticatorAppRegistrationURIBuilder.class */
public class AuthenticatorAppRegistrationURIBuilder {
    private final AMIdentity id;
    private final String secretHex;
    private final int codeLength;
    private final String issuer;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/forgerock/openam/authentication/modules/fr/oath/AuthenticatorAppRegistrationURIBuilder$OTPType.class */
    public enum OTPType {
        HOTP("hotp"),
        TOTP("totp");

        private final String identifier;

        OTPType(String str) {
            this.identifier = str;
        }

        public String getIdentifier() {
            return this.identifier;
        }
    }

    public AuthenticatorAppRegistrationURIBuilder(AMIdentity aMIdentity, String str, int i, String str2) {
        Reject.ifNull(aMIdentity, "id cannot be null");
        Reject.ifNull(str, "secretHex cannot be null");
        Reject.ifTrue(StringUtils.isBlank(str2), "issuer cannot be empty");
        Reject.ifTrue(i < 6, "code length must be 6 or greater");
        if (str.length() == 0) {
            throw new IllegalArgumentException("secretHex cannot be an empty String.");
        }
        this.issuer = str2;
        this.id = aMIdentity;
        this.secretHex = str;
        this.codeLength = i;
    }

    public String getAuthenticatorAppRegistrationUriForHOTP(int i) throws DecoderException {
        return getAppRegistrationUri(OTPType.HOTP) + "&counter=" + i;
    }

    public String getAuthenticatorAppRegistrationUriForTOTP(int i) throws DecoderException {
        return getAppRegistrationUri(OTPType.TOTP) + "&period=" + i;
    }

    private String getAppRegistrationUri(OTPType oTPType) throws DecoderException {
        String str;
        String str2 = new String(new Base32().encode(Hex.decodeHex(this.secretHex.toCharArray())));
        String name = this.id.getName();
        try {
            str = new URI("otpauth", oTPType.getIdentifier(), "/" + this.issuer + ":" + name, "secret=" + str2 + "&issuer=" + this.issuer + "&digits=" + this.codeLength, null).toString();
        } catch (URISyntaxException e) {
            str = "otpauth://" + oTPType.getIdentifier() + "/" + this.issuer + ":" + name + "?secret=" + str2 + "&issuer=" + this.issuer + "&digits=" + this.codeLength;
        }
        return str;
    }

    private String extractHumanReadableRealmString(String str) {
        if (str == null || !str.contains("o=")) {
            return "";
        }
        ArrayList<String> arrayList = new ArrayList();
        StringTokenizer stringTokenizer = new StringTokenizer(str, ",");
        while (stringTokenizer.hasMoreTokens()) {
            arrayList.add(stringTokenizer.nextToken());
        }
        String str2 = "";
        for (String str3 : arrayList) {
            if (str3.contains("o=")) {
                str2 = str2 + "/" + str3.substring(str3.indexOf("=") + 1);
            }
        }
        return str2 + "/";
    }
}
