package Security;

import AccuServerBase.ServerCore;
import AccuServerBase.ServerObject;
import AccuServerBase.UserSecurityHandlerBase;
import POSDataObjects.POSDataContainer;
import POSDataObjects.User;
import POSDataObjects.UserSecureCodes;
import POSDataObjects.UserSession;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.spec.InvalidKeySpecException;
import java.sql.Timestamp;
import java.util.Arrays;
import java.util.Date;
import java.util.Hashtable;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import org.apache.commons.lang.time.DateUtils;

/* loaded from: classes.dex */
public class UserSecurityHandler implements ServerObject, UserSecurityHandlerBase {
    ServerCore core = null;

    public boolean authenticate(String str, byte[] bArr, byte[] bArr2) throws NoSuchAlgorithmException, InvalidKeySpecException {
        return Arrays.equals(bArr, getEncryptedPassword(str, bArr2));
    }

    @Override // AccuServerBase.UserSecurityHandlerBase
    public String createNewPasscodes(User user, User user2, String str, String str2) {
        String str3;
        this.core.getUserSession(user.id);
        if (!isStrongPasscode(str2)) {
            return this.core.getLiteral("Passcode Not Strong");
        }
        UserSecureCodes userSecureCodes = this.core.getUserSecureCodes(user2.id);
        try {
            if (!isEmpty(userSecureCodes.digest) && !authenticate(str, userSecureCodes.digest, userSecureCodes.salt)) {
                str3 = this.core.getLiteral("Old Passcode Incorrect");
            } else if (isUsed(str2, userSecureCodes)) {
                str3 = this.core.getLiteral("Passcode Previously Used");
            } else {
                byte[] generateSalt = generateSalt();
                byte[] encryptedPassword = getEncryptedPassword(str2, generateSalt);
                userSecureCodes.thirdSalt = userSecureCodes.secondSalt;
                userSecureCodes.thirdDigest = userSecureCodes.secondDigest;
                userSecureCodes.secondSalt = userSecureCodes.previousSalt;
                userSecureCodes.secondDigest = userSecureCodes.previousDigest;
                userSecureCodes.previousSalt = userSecureCodes.salt;
                userSecureCodes.previousDigest = userSecureCodes.digest;
                userSecureCodes.digest = encryptedPassword;
                userSecureCodes.salt = generateSalt;
                userSecureCodes.changed = new Timestamp(new Date().getTime());
                str3 = this.core.updateUserSecureCodes(user2.id, userSecureCodes) ? "OK" : "Failed";
            }
            return str3;
        } catch (Exception e) {
            this.core.raiseException(e);
            return "Failed";
        }
    }

    @Override // AccuServerBase.UserSecurityHandlerBase
    public byte[] createUserSession(User user, String str) {
        User user2 = null;
        byte[] bArr = null;
        try {
            UserSession userSession = this.core.getUserSession(user.id);
            if (userSession == null) {
                userSession = new UserSession(user.id);
            }
            POSDataContainer userList = this.core.getUserList();
            if (userList != null) {
                int size = userList.size();
                int i = 0;
                while (true) {
                    if (i >= size) {
                        break;
                    }
                    User user3 = (User) userList.get(i);
                    if (user3.id.equalsIgnoreCase(user.id)) {
                        user2 = user3;
                        break;
                    }
                    i++;
                }
            }
            UserSecureCodes userSecureCodes = this.core.getUserSecureCodes(user.id);
            if (userSecureCodes.changed == null) {
                bArr = "SESSION PASSCODE UNDEFINED".getBytes("UTF-8");
            } else {
                Date date = new Date();
                if ((date.getTime() - userSecureCodes.changed.getTime()) / DateUtils.MILLIS_PER_DAY > 90) {
                    return "SESSION PASSCODE EXPIRED".getBytes("UTF-8");
                }
                if (userSecureCodes.locked != null) {
                    if (date.getTime() - userSecureCodes.locked.getTime() < 1800000) {
                        return "USER LOGIN LOCKED".getBytes("UTF-8");
                    }
                    userSecureCodes.locked = null;
                    this.core.updateUserSecureCodes(user.id, userSecureCodes);
                    user2.loginAttempts = 0;
                    this.core.setUserList(userList);
                }
                if (authenticate(str, userSecureCodes.digest, userSecureCodes.salt)) {
                    bArr = getSessionToken();
                    userSession.setToken(bArr);
                    this.core.addUserSession(userSession);
                    userSecureCodes.locked = null;
                    this.core.updateUserSecureCodes(user.id, userSecureCodes);
                    user2.loginAttempts = 0;
                    this.core.setUserList(userList);
                } else {
                    if (user2 != null) {
                        int i2 = user2.loginAttempts + 1;
                        user2.loginAttempts = i2;
                        if (i2 > 6) {
                            userSecureCodes.locked = new Timestamp(new Date().getTime());
                            this.core.updateUserSecureCodes(user.id, userSecureCodes);
                            this.core.setUserList(userList);
                            return "USER LOGIN LOCKED".getBytes("UTF-8");
                        }
                    }
                    this.core.updateUserSecureCodes(user.id, userSecureCodes);
                    this.core.setUserList(userList);
                }
            }
        } catch (Exception e) {
            this.core.raiseException(e);
            bArr = null;
        }
        return bArr;
    }

    public byte[] generateSalt() throws NoSuchAlgorithmException {
        byte[] bArr = new byte[8];
        SecureRandom.getInstance("SHA1PRNG").nextBytes(bArr);
        return bArr;
    }

    public byte[] getEncryptedPassword(String str, byte[] bArr) throws NoSuchAlgorithmException, InvalidKeySpecException {
        return SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1").generateSecret(new PBEKeySpec(str.toCharArray(), bArr, 20000, 160)).getEncoded();
    }

    public byte[] getSessionToken() throws NoSuchAlgorithmException, InvalidKeySpecException {
        return SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1").generateSecret(new PBEKeySpec(("" + new Date().getTime()).toCharArray(), generateSalt(), 2000, 160)).getEncoded();
    }

    public int getType() {
        return 19;
    }

    @Override // AccuServerBase.ServerObject
    public void initialize(ServerCore serverCore, Hashtable hashtable) {
        this.core = serverCore;
        serverCore.setUserSessionHandler(this);
    }

    public boolean isEmpty(byte[] bArr) {
        return bArr == null || bArr.length < 3;
    }

    public boolean isStrongPasscode(String str) {
        if (str == null) {
            return false;
        }
        if (str == null || str.isEmpty() || str.length() < 7) {
        }
        boolean z = false;
        boolean z2 = false;
        boolean z3 = false;
        boolean z4 = false;
        for (int i = 0; i < str.length(); i++) {
            char charAt = str.charAt(i);
            if (Character.isDigit(charAt)) {
                z3 = true;
            }
            if (Character.isUpperCase(charAt)) {
                z = true;
            }
            if (Character.isLowerCase(charAt)) {
                z2 = true;
            }
            if ("!@#$%^&*()?><[]{}/`~:;".indexOf(charAt) > -1) {
                z4 = true;
            }
        }
        return z && z2 && z3 && z4;
    }

    public boolean isUsed(String str, UserSecureCodes userSecureCodes) throws InvalidKeySpecException, NoSuchAlgorithmException {
        boolean z = false;
        if (!isEmpty(userSecureCodes.digest) && !isEmpty(userSecureCodes.salt) && authenticate(str, userSecureCodes.digest, userSecureCodes.salt)) {
            z = true;
        }
        if (!isEmpty(userSecureCodes.previousDigest) && !isEmpty(userSecureCodes.previousSalt) && authenticate(str, userSecureCodes.previousDigest, userSecureCodes.previousSalt)) {
            z = true;
        }
        if (!isEmpty(userSecureCodes.secondDigest) && !isEmpty(userSecureCodes.secondSalt) && authenticate(str, userSecureCodes.secondDigest, userSecureCodes.secondSalt)) {
            z = true;
        }
        if (isEmpty(userSecureCodes.thirdDigest) || isEmpty(userSecureCodes.thirdSalt) || !authenticate(str, userSecureCodes.thirdDigest, userSecureCodes.thirdSalt)) {
            return z;
        }
        return true;
    }

    @Override // AccuServerBase.ServerObject
    public void output(String str) {
    }

    @Override // AccuServerBase.UserSecurityHandlerBase
    public boolean sessionIsValid(User user) {
        UserSession userSession = this.core.getUserSession(user.id);
        return userSession != null && userSession.isValid();
    }

    @Override // AccuServerBase.UserSecurityHandlerBase
    public boolean sessionIsValid(User user, String str) {
        UserSession userSession = this.core.getUserSession(user.id);
        if (userSession != null && userSession.isValid()) {
            return Arrays.equals(str.getBytes(), userSession.getToken());
        }
        return false;
    }
}
