package com.anji.plus.gaea.security.security;

import com.alibaba.fastjson.JSONObject;
import com.anji.captcha.model.vo.CaptchaVO;
import com.anji.captcha.service.CaptchaService;
import com.anji.plus.gaea.cache.CacheHelper;
import com.anji.plus.gaea.exception.BusinessExceptionBuilder;
import com.anji.plus.gaea.holder.UserContentHolder;
import com.anji.plus.gaea.security.code.UserResponseCode;
import com.anji.plus.gaea.security.handler.GaeaFilterExceptionHandler;
import com.anji.plus.gaea.security.security.extension.UserDetailsServiceHelper;
import com.anji.plus.gaea.security.utils.SecurityUtils;
import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.util.CollectionUtils;

/* loaded from: input_file:com/anji/plus/gaea/security/security/GaeaUsernamePasswordAuthenticationFilter.class */
public class GaeaUsernamePasswordAuthenticationFilter extends UsernamePasswordAuthenticationFilter {
    private Logger logger = LoggerFactory.getLogger(GaeaUsernamePasswordAuthenticationFilter.class);

    @Value("${aj.captcha.login.second.check:true}")
    protected boolean captchaSecondCheck;
    public static final String GAEA_SECURITY_CAPTCHA = "captchaVerification";
    public static final String GAEA_NEED_CAPTCHA = "captcha";

    @Autowired
    protected UserDetailsServiceHelper userDetailsServiceHelper;

    @Autowired
    protected CaptchaService captchaService;

    @Autowired
    protected CacheHelper cacheHelper;

    @Autowired
    protected GaeaFilterExceptionHandler gaeaFilterExceptionHandler;

    public GaeaUsernamePasswordAuthenticationFilter(AuthenticationManager authenticationManager, AuthenticationSuccessHandler authenticationSuccessHandler, AuthenticationFailureHandler authenticationFailureHandler) {
        super.setAuthenticationManager(authenticationManager);
        super.setAuthenticationSuccessHandler(authenticationSuccessHandler);
        super.setAuthenticationFailureHandler(authenticationFailureHandler);
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        super.doFilter(servletRequest, servletResponse, filterChain);
        UserContentHolder.clearContext();
        SecurityUtils.loginInfoThreadLocal.remove();
    }

    public Authentication attemptAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws AuthenticationException {
        String obtainUsername = obtainUsername(httpServletRequest);
        if (!this.userDetailsServiceHelper.isMultiLogin(obtainUsername).booleanValue() && !CollectionUtils.isEmpty(this.cacheHelper.keys("system:login:token:" + obtainUsername + ":*"))) {
            this.gaeaFilterExceptionHandler.handler(httpServletRequest, httpServletResponse, BusinessExceptionBuilder.build(UserResponseCode.NOT_LOGIN_MULTI));
            return null;
        }
        if (this.captchaSecondCheck && StringUtils.isNotBlank(httpServletRequest.getHeader(GAEA_NEED_CAPTCHA))) {
            JSONObject requestBody = SecurityUtils.getRequestBody(httpServletRequest);
            if (requestBody == null) {
                this.gaeaFilterExceptionHandler.handler(httpServletRequest, httpServletResponse, BusinessExceptionBuilder.build(UserResponseCode.REQUEST_BODY_ERROR));
                return null;
            }
            if (StringUtils.isBlank(requestBody.getString(GAEA_SECURITY_CAPTCHA))) {
                this.gaeaFilterExceptionHandler.handler(httpServletRequest, httpServletResponse, BusinessExceptionBuilder.build(UserResponseCode.CAPTCHA_ERROR));
                return null;
            }
            String string = requestBody.getString(GAEA_SECURITY_CAPTCHA);
            CaptchaVO captchaVO = new CaptchaVO();
            captchaVO.setCaptchaVerification(string);
            if (!this.captchaService.verification(captchaVO).isSuccess()) {
                this.gaeaFilterExceptionHandler.handler(httpServletRequest, httpServletResponse, BusinessExceptionBuilder.build(UserResponseCode.CAPTCHA_ERROR));
                return null;
            }
        }
        return super.attemptAuthentication(httpServletRequest, httpServletResponse);
    }

    protected String obtainUsername(HttpServletRequest httpServletRequest) {
        String string;
        JSONObject requestBody = SecurityUtils.getRequestBody(httpServletRequest);
        if (requestBody == null || (string = requestBody.getString("username")) == null) {
            return null;
        }
        String lowerCase = string.toLowerCase();
        UserContentHolder.getContext().setUsername(lowerCase);
        return lowerCase;
    }

    protected String obtainPassword(HttpServletRequest httpServletRequest) {
        JSONObject requestBody = SecurityUtils.getRequestBody(httpServletRequest);
        if (requestBody == null) {
            return null;
        }
        return requestBody.getString("password");
    }
}
