package xyz.migoo.framework.security.core.service;

import cn.hutool.core.util.StrUtil;
import com.google.common.base.Strings;
import jakarta.annotation.Resource;
import jakarta.servlet.http.HttpServletRequest;
import org.springframework.stereotype.Component;
import xyz.migoo.framework.common.exception.ErrorCode;
import xyz.migoo.framework.common.exception.util.ServiceExceptionUtil;
import xyz.migoo.framework.security.config.SecurityProperties;
import xyz.migoo.framework.security.core.LoginUser;
import xyz.migoo.framework.security.core.service.dto.AuthenticatorDTO;
import xyz.migoo.framework.security.core.util.GoogleAuthenticator;
import xyz.migoo.framework.security.core.util.SecurityFrameworkUtils;

@Component
/* loaded from: input_file:xyz/migoo/framework/security/core/service/SecurityAuthenticatorService.class */
public class SecurityAuthenticatorService {

    @Resource
    private SecuritySessionAuthService loginUserService;

    @Resource
    private SecurityProperties properties;

    public void verify(HttpServletRequest httpServletRequest) {
        String parameter = httpServletRequest.getParameter("_code");
        String obtainAuthorization = SecurityFrameworkUtils.obtainAuthorization(httpServletRequest, this.properties.getTokenHeader());
        LoginUser loginUser = this.loginUserService.getLoginUser(!Strings.isNullOrEmpty(obtainAuthorization) ? obtainAuthorization : httpServletRequest.getParameter("_token"));
        if (loginUser.isRequiredVerifyAuthenticator()) {
            if (StrUtil.isBlankIfStr(parameter) || !GoogleAuthenticator.verify(loginUser.getSecurityCode(), parameter)) {
                throw ServiceExceptionUtil.get(new ErrorCode(999, "身份验证失败!"));
            }
        }
    }

    public AuthenticatorDTO generate(String str, String str2) {
        String generateSecretKey = GoogleAuthenticator.generateSecretKey();
        return new AuthenticatorDTO(generateSecretKey, String.format("otpauth://totp/%s@%s%%3Fsecret%%3D%s&issuer=%s", str, str2, generateSecretKey, str));
    }
}
