package org.apache.shiro.biz.web.filter.authc;

import com.alibaba.fastjson.JSONObject;
import com.alibaba.fastjson.serializer.SerializerFeature;
import java.util.Iterator;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.biz.authc.AuthcResponse;
import org.apache.shiro.biz.authc.AuthenticationSuccessHandler;
import org.apache.shiro.biz.utils.WebUtils;
import org.apache.shiro.biz.web.filter.authc.listener.LoginListener;
import org.apache.shiro.biz.web.servlet.http.HttpStatus;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.util.CollectionUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/shiro/biz/web/filter/authc/TrustableRestAuthenticatingFilter.class */
public class TrustableRestAuthenticatingFilter extends AbstractTrustableAuthenticatingFilter {
    private static final Logger LOG = LoggerFactory.getLogger(TrustableRestAuthenticatingFilter.class);

    protected boolean onAccessDenied(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        if (!isLoginRequest(servletRequest, servletResponse)) {
            String str = "Attempting to access a path which requires authentication.  Request the Authentication url [" + getLoginUrl() + "]";
            if (LOG.isTraceEnabled()) {
                LOG.trace(str);
            }
            WebUtils.toHttp(servletResponse).setStatus(HttpStatus.SC_BAD_REQUEST);
            servletResponse.setContentType("application/json;charset=UTF-8");
            JSONObject.writeJSONString(servletResponse.getWriter(), AuthcResponse.fail(str), new SerializerFeature[0]);
            return false;
        }
        if (isLoginSubmission(servletRequest, servletResponse)) {
            if (LOG.isTraceEnabled()) {
                LOG.trace("Login submission detected.  Attempting to execute login.");
            }
            return executeLogin(servletRequest, servletResponse);
        }
        String str2 = "Authentication url [" + getLoginUrl() + "] Not Http Post request.";
        if (LOG.isTraceEnabled()) {
            LOG.trace(str2);
        }
        WebUtils.toHttp(servletResponse).setStatus(HttpStatus.SC_BAD_REQUEST);
        servletResponse.setContentType("application/json;charset=UTF-8");
        JSONObject.writeJSONString(servletResponse.getWriter(), AuthcResponse.fail(str2), new SerializerFeature[0]);
        return false;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apache.shiro.biz.web.filter.authc.AbstractAuthenticatingFilter
    public boolean onLoginSuccess(AuthenticationToken authenticationToken, Subject subject, ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        if (getLoginListeners() != null && getLoginListeners().size() > 0) {
            Iterator<LoginListener> it = getLoginListeners().iterator();
            while (it.hasNext()) {
                it.next().onSuccess(authenticationToken, subject, servletRequest, servletResponse);
            }
        }
        if (CollectionUtils.isEmpty(getSuccessHandlers())) {
            writeSuccessString(authenticationToken, subject, servletRequest, servletResponse);
            return false;
        }
        boolean z = false;
        Iterator<AuthenticationSuccessHandler> it2 = getSuccessHandlers().iterator();
        while (true) {
            if (!it2.hasNext()) {
                break;
            }
            AuthenticationSuccessHandler next = it2.next();
            if (next != null && next.supports(authenticationToken)) {
                next.onAuthenticationSuccess(authenticationToken, servletRequest, servletResponse, subject);
                z = true;
                break;
            }
        }
        if (z) {
            return false;
        }
        writeSuccessString(authenticationToken, subject, servletRequest, servletResponse);
        return false;
    }
}
