package com.github.alanger.shiroext.web;

import java.io.IOException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.codec.Base64;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.filter.authc.FormAuthenticationFilter;
import org.apache.shiro.web.util.WebUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/github/alanger/shiroext/web/FormAuthcFilter.class */
public class FormAuthcFilter extends FormAuthenticationFilter implements ISilent {
    private final Logger log = LoggerFactory.getLogger(getClass());
    private boolean silent = false;
    private boolean base64 = false;

    @Override // com.github.alanger.shiroext.web.ISilent
    public boolean isSilent() {
        return this.silent;
    }

    @Override // com.github.alanger.shiroext.web.ISilent
    public void setSilent(boolean z) {
        this.silent = z;
    }

    public boolean isBase64() {
        return this.base64;
    }

    public void setBase64(boolean z) {
        this.base64 = z;
    }

    protected void setFailureAttribute(ServletRequest servletRequest, AuthenticationException authenticationException) {
        servletRequest.setAttribute(getFailureKeyAttribute(), authenticationException.getCause() != null ? authenticationException.getCause().getMessage() : authenticationException.getMessage());
    }

    protected boolean onLoginSuccess(AuthenticationToken authenticationToken, Subject subject, ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        if (isSilent()) {
            WebUtils.toHttp(servletResponse).setStatus(200);
            return true;
        }
        if (isSilent() || !Utils.isXMLHttpRequest(servletRequest)) {
            issueSuccessRedirect(servletRequest, servletResponse);
            return false;
        }
        WebUtils.toHttp(servletResponse).sendError(200);
        return false;
    }

    protected boolean onLoginFailure(AuthenticationToken authenticationToken, AuthenticationException authenticationException, ServletRequest servletRequest, ServletResponse servletResponse) {
        if (this.log.isDebugEnabled()) {
            this.log.debug("Authentication exception", authenticationException);
        }
        setFailureAttribute(servletRequest, authenticationException);
        if (isSilent() || !Utils.isXMLHttpRequest(servletRequest)) {
            WebUtils.toHttp(servletResponse).setStatus(401);
            return true;
        }
        try {
            WebUtils.toHttp(servletResponse).sendError(401, authenticationException.getMessage());
            return false;
        } catch (IOException e) {
            WebUtils.toHttp(servletResponse).setStatus(401);
            return false;
        }
    }

    protected boolean onAccessDenied(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        if (isLoginRequest(servletRequest, servletResponse)) {
            if (isLoginSubmission(servletRequest, servletResponse)) {
                if (this.log.isTraceEnabled()) {
                    this.log.trace("Login submission detected.  Attempting to execute login.");
                }
                return executeLogin(servletRequest, servletResponse);
            }
            if (!this.log.isTraceEnabled()) {
                return true;
            }
            this.log.trace("Login page view.");
            return true;
        }
        if (this.log.isTraceEnabled()) {
            this.log.trace("Attempting to access a path which requires authentication.  Forwarding to the Authentication url [{}]", getLoginUrl());
        }
        if (isSilent()) {
            WebUtils.toHttp(servletResponse).setStatus(401);
            return true;
        }
        if (isSilent() || !Utils.isXMLHttpRequest(servletRequest)) {
            saveRequestAndRedirectToLogin(servletRequest, servletResponse);
            return false;
        }
        WebUtils.toHttp(servletResponse).sendError(401);
        return false;
    }

    protected AuthenticationToken createToken(ServletRequest servletRequest, ServletResponse servletResponse) {
        String username = getUsername(servletRequest);
        String password = getPassword(servletRequest);
        if (isBase64()) {
            username = Base64.decodeToString(username);
            password = Base64.decodeToString(password);
        }
        return createToken(username, password, servletRequest, servletResponse);
    }
}
