package org.forgerock.openam.authentication.modules.fr.oath;

import com.sun.identity.authentication.spi.AuthLoginException;
import com.sun.identity.shared.debug.Debug;
import java.io.IOException;
import java.security.SecureRandom;
import java.util.Collections;
import java.util.List;
import javax.annotation.Nonnull;
import javax.inject.Inject;
import javax.inject.Named;
import javax.xml.bind.DatatypeConverter;
import org.forgerock.openam.core.rest.devices.DeviceJsonUtils;
import org.forgerock.openam.core.rest.devices.oath.OathDeviceSettings;
import org.forgerock.openam.core.rest.devices.oath.OathDevicesDao;
import org.forgerock.util.Reject;

/* loaded from: input_file:org/forgerock/openam/authentication/modules/fr/oath/OathMaker.class */
final class OathMaker {
    private static final int MIN_SHARED_SECRET_BYTE_LENGTH = 8;
    private static final String DEVICE_NAME = "OATH Device";
    private static final long INITIAL_LAST_LOGIN_TIME = 0;
    private static final int INITIAL_COUNTER_VALUE = 0;
    private final SecureRandom secureRandom;
    private final OathDevicesDao devicesDao;
    private final Debug debug;
    private final DeviceJsonUtils<OathDeviceSettings> jsonUtils;

    @Inject
    OathMaker(@Nonnull OathDevicesDao oathDevicesDao, @Nonnull @Named("amAuthOATH") Debug debug, @Nonnull SecureRandom secureRandom, @Nonnull DeviceJsonUtils<OathDeviceSettings> deviceJsonUtils) {
        Reject.ifNull(new Object[]{oathDevicesDao, debug, secureRandom});
        this.devicesDao = oathDevicesDao;
        this.debug = debug;
        this.secureRandom = secureRandom;
        this.jsonUtils = deviceJsonUtils;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public OathDeviceSettings createDeviceProfile(int i) {
        Reject.ifFalse(i >= 0, "minSharedSecretLength must not be negative");
        byte[] bArr = new byte[Math.max(MIN_SHARED_SECRET_BYTE_LENGTH, (int) Math.ceil(i / 2.0d))];
        this.secureRandom.nextBytes(bArr);
        return new OathDeviceSettings(DatatypeConverter.printHexBinary(bArr), DEVICE_NAME, INITIAL_LAST_LOGIN_TIME, INITIAL_COUNTER_VALUE);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void saveDeviceProfile(@Nonnull String str, @Nonnull String str2, @Nonnull OathDeviceSettings oathDeviceSettings) throws AuthLoginException {
        Reject.ifNull(new Object[]{str, str2, oathDeviceSettings});
        try {
            this.devicesDao.saveDeviceProfiles(str, str2, this.jsonUtils.toJsonValues(Collections.singletonList(oathDeviceSettings)));
        } catch (IOException e) {
            this.debug.error("OathMaker.createDeviceProfile(): Unable to save device profile for user {} in realm {}", new Object[]{str, str2, e});
            throw new AuthLoginException(e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public List<OathDeviceSettings> getDeviceProfiles(@Nonnull String str, @Nonnull String str2) throws IOException {
        return this.jsonUtils.toDeviceSettingValues(this.devicesDao.getDeviceProfiles(str, str2));
    }
}
