Untitled

public EpiResponseDTO<?> verifyOtp(VerifyOTPRequest verifyOTPRequest) {
    // Retrieve session details and cache frequently used values
    String sessionId = authService.getTxnRefNo();
    UserSessionDetails userSessionDetails = userSessionDetailsService.getSessionDetails(sessionId);
    String codMandateRefNo = userSessionDetails.getCodMandateRefNo();
    TransactionParamsRequest transactionParamsRequest = userSessionDetails.getPayload();
    String customerId = authService.getCustomerId(); // Cache customer ID
    MerchantType merchantType = authService.getMerchantType(); // Cache merchant type
    OtpDetails otpDetails = userSessionDetails.getOtpDetails();
    String phoneNumber = otpDetails.getPhoneNumber();

    // Call OTP service and handle response
    VerifyOtpResponseDTO verifyOtpResponseDTO = callOtpService(verifyOTPRequest, customerId);
    String statusCode = verifyOtpResponseDTO.getResponseString().getStatusCode();

    // Validate OTP service response
    if (!verifyOtpResponseDTO.getStatus().getReplyText().equalsIgnoreCase(OBP_REPLY_TEXT_DEFAULT)) {
        log.error("Error in verifying OTP: {}", verifyOtpResponseDTO.getStatus().getReplyText());
        throw new ValidationException(GenericErrorCode.GENERIC_ERROR);
    }

    // Handle OTP verification result based on status code
    return switch (statusCode) {
        case OBP_SUCCESS_STATUS_CODE ->
                handleSuccess(userSessionDetails, transactionParamsRequest, customerId, merchantType, codMandateRefNo);
        case OBP_INVALID_OTP_STATUS_CODE -> {
            handleInvalidOtp(phoneNumber, customerId);
            throw new ValidationException(ErrorCode.INVALID_OTP_ATTEMPT);
        }
        case OBP_BLOCKED_OTP_STATUS_CODE ->
                handleBlockedOtp(userSessionDetails, transactionParamsRequest, customerId, merchantType, codMandateRefNo);
        case OBP_OTP_EXPIRY_STATUS_CODE ->
                handleOtpExpiry(userSessionDetails, transactionParamsRequest, customerId, merchantType, codMandateRefNo);
        default -> {
            log.error("Error in verifying OTP: {}, {}", verifyOtpResponseDTO.getResponseString().getErrorDetail(), statusCode);
            throw new ValidationException(GenericErrorCode.GENERIC_ERROR);
        }
    };
}

/**
 * Calls the OTP service to verify the OTP.
 */
private VerifyOtpResponseDTO callOtpService(VerifyOTPRequest verifyOTPRequest, String customerId) {
    VerifyOtpRequestDTO verifyOtpRequestDTO = otpUtils.getVerifyOtpDTO(verifyOTPRequest, customerId);

    VerifyOtpObpRequest verifyOtpObpRequest = VerifyOtpObpRequest.builder()
            .verifyOtpRequestDTO(verifyOtpRequestDTO)
            .sessionContext(CommonObpDTO.SessionContext.builder()
                    .channel(channelId)
                    .bankCode(otpProperties.getBankCode())
                    .userId(otpProperties.getUserId())
                    .transactionBranch(otpProperties.getTransactionBranch())
                    .transactingPartyCode(otpProperties.getTransactingPartyCode())
                    .externalReferenceNo(String.valueOf(Instant.now().getEpochSecond()))
                    .build())
            .build();

    return otpClient.verifyOtp(verifyOtpObpRequest);
}

/**
 * Handles successful OTP verification.
 */
private EpiResponseDTO<VerifyOTPResponse> handleSuccess(UserSessionDetails userSessionDetails, TransactionParamsRequest transactionParamsRequest, String customerId, MerchantType merchantType, String codMandateRefNo) {
    if (merchantType == MerchantType.NACH) {
        onlineMandateService.notifyOnlineMandate("", "", userSessionDetails.getMerchant().getMerchantCode(),
                customerId, codMandateRefNo,
                transactionParamsRequest.getMerchantRefNo());
    }
    EpiResponseDTO<VerifyOTPResponse> verifyOTPResponseEpiResponseDTO = new EpiResponseDTO<>();
    verifyOTPResponseEpiResponseDTO.setBody(new VerifyOTPResponse(true));
    log.info("OTP Verification successful for customer ID: {}", customerId);
    return verifyOTPResponseEpiResponseDTO;
}

/**
 * Handles invalid OTP attempts.
 */
private void handleInvalidOtp(String phoneNumber, String customerId) {
    log.info("Invalid OTP entered by user: {}", customerId);
    String formattedAlertTemplate = getFormattedIncorrectAlertTemplate();
    publishAlert(phoneNumber, MessageType.SMS, formattedAlertTemplate, AlertType.OTP);
}

/**
 * Handles blocked OTP scenarios.
 */
private EpiResponseDTO<?> handleBlockedOtp(UserSessionDetails userSessionDetails, TransactionParamsRequest transactionParamsRequest, String customerId, MerchantType merchantType, String codMandateRefNo) {
    log.info("OTP for user: {} blocked after 3 incorrect attempts", customerId);
    if (merchantType == MerchantType.NACH || merchantType == MerchantType.TIN) {
        String onlineMandateErrorCode = getOnlineMandateErrorCode(merchantType);
        onlineMandateService.notifyOnlineMandate(onlineMandateErrorCode,
                "OTP blocked after maximum retry attempts", userSessionDetails.getMerchant().getMerchantCode(),
                customerId,
                codMandateRefNo,
                transactionParamsRequest.getMerchantRefNo());
    }
    return sessionTerminationService.terminateUserSession(KillSessionType.OTP_FAIL, ErrorCode.BLOCKED_OTP);
}

/**
 * Handles expired OTP scenarios.
 */
private EpiResponseDTO<?> handleOtpExpiry(UserSessionDetails userSessionDetails, TransactionParamsRequest transactionParamsRequest, String customerId, MerchantType merchantType, String codMandateRefNo) {
    log.info("OTP for customer ID: {} has expired", customerId);
    String errorCode = ErrorCode.OTP_EXPIRED;
    if (merchantType == MerchantType.NACH || merchantType == MerchantType.TIN) {
        String onlineMandateErrorCode = getOnlineMandateErrorCode(merchantType);
        onlineMandateService.notifyOnlineMandate(onlineMandateErrorCode,
                "OTP Expired", userSessionDetails.getMerchant().getMerchantCode(),
                customerId,
                codMandateRefNo,
                transactionParamsRequest.getMerchantRefNo());
        errorCode = ErrorCode.NACH_OTP_EXPIRY;
    }
    return sessionTerminationService.terminateUserSession(KillSessionType.OTP_FAIL, errorCode);
}

/**
 * Retrieves the online mandate error code based on the merchant type.
 */
private String getOnlineMandateErrorCode(MerchantType merchantType) {
    String appGenKey;
    String subParamKey;

    if (merchantType == MerchantType.NACH) {
        appGenKey = AppGen.NACH_OTP_EXPIRED_EN009.getParamKey();
        subParamKey = AppGen.NACH_OTP_EXPIRED_EN009.getSubParamKey();
    } else { // MerchantType.TIN
        appGenKey = AppGen.TIN_TIN_204.getParamKey();
        subParamKey = AppGen.TIN_TIN_204.getSubParamKey();
    }

    return genericCacheManager.getCacheValue(EpiCacheTypes.APP_GEN, CacheConstants.getAppGenPrimaryKey(appGenKey, subParamKey), AdminConfig.class).getParamValue();
}