package com.dynfi.security;

import com.dynfi.services.UserService;
import com.dynfi.storage.entities.User;
import dev.samstevens.totp.code.DefaultCodeGenerator;
import dev.samstevens.totp.code.DefaultCodeVerifier;
import dev.samstevens.totp.time.SystemTimeProvider;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authc.credential.CredentialsMatcher;
import org.mindrot.jbcrypt.BCrypt;

/* loaded from: input_file:com/dynfi/security/BcryptCredentialsMatcher.class */
public class BcryptCredentialsMatcher implements CredentialsMatcher {
    private final UserService userService;

    public BcryptCredentialsMatcher(UserService userService) {
        this.userService = userService;
    }

    @Override // org.apache.shiro.authc.credential.CredentialsMatcher
    public boolean doCredentialsMatch(AuthenticationToken authenticationToken, AuthenticationInfo authenticationInfo) {
        if (authenticationToken instanceof UsernamePasswordToken) {
            return BCrypt.checkpw(new String(((UsernamePasswordToken) authenticationToken).getPassword()), (String) authenticationInfo.getCredentials());
        }
        if (!(authenticationToken instanceof JwtOneTimePasswordToken)) {
            return authenticationToken instanceof JwtToken;
        }
        User byLogin = this.userService.getByLogin(authenticationInfo.getPrincipals().getPrimaryPrincipal().toString());
        if (byLogin == null) {
            return false;
        }
        return new DefaultCodeVerifier(new DefaultCodeGenerator(), new SystemTimeProvider()).isValidCode(byLogin.getTwoFactorAuthSecret(), ((JwtOneTimePasswordToken) authenticationToken).getOneTimePassword());
    }
}
