package com.github.bootfastconfig.security.interceptor;

import com.github.bootfastconfig.result.L18nResultCode;
import com.github.bootfastconfig.result.ResultCode;
import com.github.bootfastconfig.security.config.SecurityPropertiesCounfig;
import com.github.bootfastconfig.security.exception.ServiceAuthenticationException;
import com.github.bootfastconfig.security.model.constant.Constant;
import com.github.bootfastconfig.security.model.dto.ImageCode;
import com.github.bootfastconfig.security.model.enu.AuthenticationMessageEnum;
import java.io.IOException;
import java.time.LocalDateTime;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.commons.lang3.StringUtils;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.ServletRequestBindingException;
import org.springframework.web.bind.ServletRequestUtils;
import org.springframework.web.filter.OncePerRequestFilter;

/* loaded from: input_file:com/github/bootfastconfig/security/interceptor/ValidateCodeFilter.class */
public class ValidateCodeFilter extends OncePerRequestFilter {
    private static final Logger log = LogManager.getLogger(ValidateCodeFilter.class);

    @Autowired
    private FoilureHander foilureHander;

    protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException, IOException {
        if (StringUtils.equals(SecurityPropertiesCounfig.processingUrl, httpServletRequest.getRequestURI()) && StringUtils.equalsIgnoreCase(httpServletRequest.getMethod(), "post")) {
            try {
                inspect(httpServletRequest);
            } catch (ServiceAuthenticationException e) {
                this.foilureHander.onAuthenticationFailure(httpServletRequest, httpServletResponse, e);
                return;
            }
        }
        filterChain.doFilter(httpServletRequest, httpServletResponse);
    }

    private void inspect(HttpServletRequest httpServletRequest) throws ServiceAuthenticationException {
        HttpSession session = httpServletRequest.getSession(false);
        if (session == null) {
            throw new ServiceAuthenticationException((ResultCode) new L18nResultCode(AuthenticationMessageEnum.SECURITY004));
        }
        ImageCode imageCode = (ImageCode) session.getAttribute(Constant.SESSION_CAPTCHA_COD);
        try {
            String stringParameter = ServletRequestUtils.getStringParameter(httpServletRequest, Constant.IMAGE_COD);
            session.removeAttribute(Constant.SESSION_CAPTCHA_COD);
            if (StringUtils.isBlank(stringParameter)) {
                throw new ServiceAuthenticationException((ResultCode) new L18nResultCode(AuthenticationMessageEnum.SECURITY005));
            }
            if (imageCode == null) {
                throw new ServiceAuthenticationException((ResultCode) new L18nResultCode(AuthenticationMessageEnum.SECURITY006));
            }
            if (LocalDateTime.now().isAfter(imageCode.getTime())) {
                throw new ServiceAuthenticationException((ResultCode) new L18nResultCode(AuthenticationMessageEnum.SECURITY007));
            }
            if (!StringUtils.equalsIgnoreCase(imageCode.getCode(), stringParameter)) {
                throw new ServiceAuthenticationException((ResultCode) new L18nResultCode(AuthenticationMessageEnum.SECURITY008));
            }
        } catch (ServletRequestBindingException e) {
            log.error("ValidateCodeFilter**inspect***getStringParameter*获取验证码失败", e);
            throw new ServiceAuthenticationException((ResultCode) new L18nResultCode(AuthenticationMessageEnum.SECURITY003), (Throwable) e);
        }
    }
}
