package com.fitbank.security;

import com.fitbank.common.ApplicationDates;
import com.fitbank.common.Helper;
import com.fitbank.common.crypto.Decrypt;
import com.fitbank.common.exception.FitbankCommitableException;
import com.fitbank.common.exception.FitbankException;
import com.fitbank.common.logger.FitbankLogger;
import com.fitbank.dto.management.Detail;
import com.fitbank.dto.management.Field;
import com.fitbank.hb.persistence.gene.Tsystemparametercompany;
import com.fitbank.hb.persistence.gene.TsystemparametercompanyKey;
import com.fitbank.hb.persistence.safe.Tpassworduser;
import com.fitbank.hb.persistence.safe.TpassworduserKey;
import com.fitbank.hb.persistence.safe.Tuser;
import com.fitbank.hb.persistence.safe.TuserKey;
import com.fitbank.hb.persistence.safe.Tusersesion;
import com.fitbank.hb.persistence.safe.TusersesionKey;
import com.fitbank.security.common.NotificationsHelper;
import com.fitbank.security.util.UserStatus;
import org.apache.commons.lang.StringUtils;

/* loaded from: input_file:com/fitbank/security/TransactionalPasswordUtil.class */
public class TransactionalPasswordUtil {
    private static final String TRANSACTIONAL_PASSWORD = "TRANSACTIONAL_PASSWORD";
    private static final TransactionalPasswordUtil INSTANCE = new TransactionalPasswordUtil();

    public TransactionalPasswordUtil getInstance() {
        return INSTANCE;
    }

    public static boolean verifyTransactionalPassword(String str, String str2) throws Exception {
        return getRealPassword(str2).compareTo(new Decrypt().decrypt(((Tpassworduser) Helper.getSession().get(Tpassworduser.class, new TpassworduserKey(str, ApplicationDates.DEFAULT_EXPIRY_TIMESTAMP))).getPasswordtransaccional())) == 0;
    }

    public static String getRealPassword(String str) throws Exception {
        StringBuilder sb = new StringBuilder();
        String substring = str.substring(0, 10);
        String substring2 = str.substring(10);
        for (int i = 0; i < substring2.length(); i++) {
            sb.append(substring.charAt(Character.digit(substring2.charAt(i), 10)));
        }
        return sb.toString();
    }

    public static void verifyTransactionalPassword(Detail detail) throws Exception {
        Field findFieldByName = detail.findFieldByName(TRANSACTIONAL_PASSWORD);
        if (findFieldByName == null) {
            throw new FitbankException("IB008", "PASSWORD TRANSACCIONAL NO ENVIADO", new Object[0]);
        }
        if (findFieldByName.getValue() == null || StringUtils.isEmpty(findFieldByName.getStringValue())) {
            Tpassworduser tpassworduser = (Tpassworduser) Helper.getBean(Tpassworduser.class, new TpassworduserKey(detail.getUser(), ApplicationDates.DEFAULT_EXPIRY_TIMESTAMP));
            if (tpassworduser == null || !StringUtils.isBlank(tpassworduser.getPasswordtransaccional())) {
                throw new FitbankException("IB008", "PASSWORD TRANSACCIONAL NO ENVIADO", new Object[0]);
            }
            return;
        }
        String stringValue = findFieldByName.getStringValue();
        Tpassworduser tpassworduser2 = (Tpassworduser) Helper.getBean(Tpassworduser.class, new TpassworduserKey(detail.getUser(), ApplicationDates.DEFAULT_EXPIRY_TIMESTAMP));
        if (tpassworduser2 == null || StringUtils.isBlank(tpassworduser2.getPasswordtransaccional())) {
            throw new FitbankException("IB009", "USUARIO NO TIENE DEFINIDO UN PASSWORD TRANSACCIONAL, FAVOR SOLICITARLO", new Object[0]);
        }
        if (tpassworduser2.getPasswordtransaccional().equals(stringValue)) {
            expirePasswordTries(detail);
        } else {
            NotificationsHelper.sendEmailWrongTransactionalPassword(detail);
            managePasswordTries(detail);
            throw new FitbankCommitableException("IB010", "PASSWORD TRANSACCIONAL INVALIDO", new Object[0]);
        }
    }

    private static void managePasswordTries(Detail detail) throws Exception {
        Tsystemparametercompany tsystemparametercompany = (Tsystemparametercompany) Helper.getBean(Tsystemparametercompany.class, new TsystemparametercompanyKey(detail.getCompany(), "MAXINT_NUMPAD", ApplicationDates.DEFAULT_EXPIRY_TIMESTAMP));
        int i = 3;
        if (tsystemparametercompany != null) {
            i = tsystemparametercompany.getValornumerico().intValue();
        }
        if (setMaxTimes(detail, i)) {
            Tuser tuser = (Tuser) Helper.getSession().get(Tuser.class, new TuserKey(detail.getUser(), ApplicationDates.DEFAULT_EXPIRY_TIMESTAMP));
            tuser.setCestatususuario(UserStatus.BLOQUEADO.getValue());
            Helper.saveOrUpdate(tuser);
            NotificationsHelper.sendEmailBlockedUserWrongTransPass(detail);
            throw new FitbankCommitableException("SEC013", "USUARIO BLOQUEADO, NUMERO MAXIMO DE INTENTOS EXCEDIDO", new Object[0]);
        }
    }

    private static boolean setMaxTimes(Detail detail, int i) throws Exception {
        Tusersesion tusersesion = (Tusersesion) Helper.getBean(Tusersesion.class, new TusersesionKey(detail.getUser(), ApplicationDates.DEFAULT_EXPIRY_TIMESTAMP, "INGRESOERRADO"));
        if (tusersesion == null) {
            Tusersesion tusersesion2 = new Tusersesion(new TusersesionKey(detail.getUser(), ApplicationDates.DEFAULT_EXPIRY_TIMESTAMP, "INGRESOERRADO"), ApplicationDates.getDBTimestamp(), detail.getTerminal());
            tusersesion2.setNumerointentos(1);
            Helper.saveOrUpdate(tusersesion2);
            return false;
        }
        int intValue = tusersesion.getNumerointentos().intValue() + 1;
        if (intValue >= i) {
            Helper.expire(tusersesion);
            return true;
        }
        tusersesion.setNumerointentos(Integer.valueOf(intValue));
        Helper.saveOrUpdate(tusersesion);
        return false;
    }

    private static void expirePasswordTries(Detail detail) {
        Tusersesion tusersesion = (Tusersesion) Helper.getBean(Tusersesion.class, new TusersesionKey(detail.getUser(), ApplicationDates.DEFAULT_EXPIRY_TIMESTAMP, "INGRESOERRADO"));
        if (tusersesion != null) {
            try {
                Helper.expire(tusersesion);
            } catch (Exception e) {
                FitbankLogger.getLogger().error("Imposible caducar registro de intentos errados para el usuario " + detail.getUser(), e);
            }
        }
    }
}
