package org.njgzr.security.base.filter;

import com.alibaba.fastjson.JSON;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.lang3.math.NumberUtils;
import org.apache.shiro.authc.AccountException;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.DisabledAccountException;
import org.apache.shiro.authc.LockedAccountException;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.filter.authc.AuthenticatingFilter;
import org.apache.shiro.web.util.WebUtils;
import org.njgzr.security.base.AuthorizedUser;
import org.njgzr.security.base.CaptchaMode;
import org.njgzr.security.base.Contance;
import org.njgzr.security.base.Result;
import org.njgzr.security.base.token.UsernamePasswordWithCaptchaToken;
import org.njgzr.security.cache.LoginCacheService;
import org.njgzr.security.code.CaptchaRender;
import org.njgzr.security.code.CodeService;
import org.njgzr.security.event.LoginFailEvent;
import org.njgzr.security.event.LoginSuccessEvent;
import org.njgzr.security.interfaces.ConfigGetService;
import org.njgzr.security.service.JwtService;
import org.njgzr.security.utils.HttpResponseHelper;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.context.ApplicationContext;

/* loaded from: input_file:org/njgzr/security/base/filter/AjaxAuthenticationFilter.class */
public class AjaxAuthenticationFilter extends AuthenticatingFilter {
    private static final Logger log = LoggerFactory.getLogger(AjaxAuthenticationFilter.class);
    public static final String DEFAULT_USERNAME_PARAM = "username";
    public static final String DEFAULT_PASSWORD_PARAM = "password";
    public static final String DEFAULT_TERMINAL_TYPE_PARAM = "teminal";
    public static final String DEFAULT_CAPTCHA_PARAM = "captchaCode";
    private boolean enableCaptcha = false;
    private JwtService jwtService;
    private LoginCacheService loginCache;
    private ApplicationContext applicationContext;
    private ConfigGetService configGetService;
    private CodeService codeService;

    protected boolean onAccessDenied(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        if (!isLoginRequest(servletRequest, servletResponse)) {
            new HttpResponseHelper(servletResponse).responseJson(Result.fail("您尚未登录或登录时间过长,请重新登录!").toJson());
            return false;
        }
        if (isLoginSubmission(servletRequest, servletResponse)) {
            return executeLogin(servletRequest, servletResponse, m5createToken(servletRequest, servletResponse));
        }
        log.debug("Unsupport GET Login .");
        new HttpResponseHelper(servletResponse).responseJson(Result.fail("非法的登录请求!").toJson());
        return false;
    }

    protected boolean isLoginSubmission(ServletRequest servletRequest, ServletResponse servletResponse) {
        return (servletRequest instanceof HttpServletRequest) && WebUtils.toHttp(servletRequest).getMethod().equalsIgnoreCase("POST");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    /* renamed from: createToken, reason: merged with bridge method [inline-methods] */
    public UsernamePasswordWithCaptchaToken m5createToken(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        String contentType = servletRequest.getContentType();
        String loginUserNameParam = this.configGetService.loginUserNameParam();
        String loginPasswordParam = this.configGetService.loginPasswordParam();
        String captchaParam = this.configGetService.captchaParam();
        String str = StringUtils.isBlank(loginUserNameParam) ? DEFAULT_USERNAME_PARAM : loginUserNameParam;
        String str2 = StringUtils.isBlank(loginPasswordParam) ? DEFAULT_PASSWORD_PARAM : loginPasswordParam;
        String str3 = StringUtils.isBlank(captchaParam) ? DEFAULT_CAPTCHA_PARAM : captchaParam;
        if (contentType.contains("application/x-www-form-urlencoded")) {
            return new UsernamePasswordWithCaptchaToken(WebUtils.getCleanParam(servletRequest, str), WebUtils.getCleanParam(servletRequest, str2), WebUtils.getCleanParam(servletRequest, str3));
        }
        if (!contentType.contains("application/json")) {
            throw new RuntimeException("不支持的请求方式，Content-type:" + contentType);
        }
        String iOUtils = IOUtils.toString(servletRequest.getInputStream(), "utf-8");
        return new UsernamePasswordWithCaptchaToken(JSON.parseObject(iOUtils).getString(str), JSON.parseObject(iOUtils).getString(str2), JSON.parseObject(iOUtils).getString(str3));
    }

    protected boolean executeLogin(ServletRequest servletRequest, ServletResponse servletResponse, UsernamePasswordWithCaptchaToken usernamePasswordWithCaptchaToken) throws Exception {
        if (this.enableCaptcha && !validateCaptcha(servletRequest, servletResponse, usernamePasswordWithCaptchaToken)) {
            Result fail = Result.fail("", "验证码错误");
            fail.setData(new CaptchaMode(true));
            new HttpResponseHelper(servletResponse).responseJson(fail.toJson());
            return false;
        }
        if (usernamePasswordWithCaptchaToken == null) {
            throw new IllegalStateException("createToken method implementation returned null. A valid non-null AuthenticationToken must be created in order to execute a login attempt.");
        }
        try {
            Subject subject = getSubject(servletRequest, servletResponse);
            subject.login(usernamePasswordWithCaptchaToken);
            return onLoginSuccess(usernamePasswordWithCaptchaToken, subject, servletRequest, servletResponse);
        } catch (AuthenticationException e) {
            return onLoginFailure(usernamePasswordWithCaptchaToken, e, servletRequest, servletResponse);
        }
    }

    protected boolean onLoginSuccess(AuthenticationToken authenticationToken, Subject subject, ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        AuthorizedUser authorizedUser = (AuthorizedUser) subject.getPrincipal();
        String createToken = this.jwtService.createToken(authorizedUser.getLoginName(), NumberUtils.toInt(WebUtils.toHttp(servletRequest).getHeader(Contance.TERMINAL), 1));
        this.applicationContext.publishEvent(new LoginSuccessEvent(authorizedUser, WebUtils.toHttp(servletRequest), createToken, false));
        HttpResponseHelper httpResponseHelper = new HttpResponseHelper(servletResponse);
        httpResponseHelper.resposeJwtToken(createToken, this.configGetService.headerToken());
        httpResponseHelper.responseJson(Result.success(authorizedUser).toJson());
        return false;
    }

    protected boolean onLoginFailure(AuthenticationToken authenticationToken, AuthenticationException authenticationException, ServletRequest servletRequest, ServletResponse servletResponse) {
        Result fail = Result.fail("", "用户名或密码输入错误.");
        if (authenticationException instanceof LockedAccountException) {
            fail.setDesc("账号已被锁定.");
        } else if (authenticationException instanceof DisabledAccountException) {
            fail.setDesc("账号已过期失效.");
        } else if (authenticationException instanceof AccountException) {
            fail.setDesc(authenticationException.getMessage());
        }
        if (this.enableCaptcha) {
            fail.setData(new CaptchaMode(this.codeService.isCaptchaEnabled(authenticationToken.getPrincipal().toString())));
        }
        fail.setCode(401);
        this.applicationContext.publishEvent(new LoginFailEvent(authenticationToken.getPrincipal() + "", authenticationException));
        new HttpResponseHelper(servletResponse).responseJson(fail.toJson());
        return false;
    }

    public AjaxAuthenticationFilter(JwtService jwtService, LoginCacheService loginCacheService, ApplicationContext applicationContext, ConfigGetService configGetService, CodeService codeService) {
        this.jwtService = jwtService;
        this.loginCache = loginCacheService;
        this.applicationContext = applicationContext;
        this.configGetService = configGetService;
        this.codeService = codeService;
        setEnableCaptcha(configGetService.enableCaptcha());
    }

    public void setEnableCaptcha(boolean z) {
        this.enableCaptcha = z;
    }

    private boolean validateCaptcha(ServletRequest servletRequest, ServletResponse servletResponse, UsernamePasswordWithCaptchaToken usernamePasswordWithCaptchaToken) {
        if (this.codeService.isCaptchaEnabled(usernamePasswordWithCaptchaToken.getUsername())) {
            return CaptchaRender.validate2(usernamePasswordWithCaptchaToken.getCaptchaCode(), WebUtils.toHttp(servletRequest));
        }
        return true;
    }

    public boolean isEnableCaptcha() {
        return this.enableCaptcha;
    }

    public JwtService getJwtService() {
        return this.jwtService;
    }

    public LoginCacheService getLoginCache() {
        return this.loginCache;
    }

    public ApplicationContext getApplicationContext() {
        return this.applicationContext;
    }

    public ConfigGetService getConfigGetService() {
        return this.configGetService;
    }

    public CodeService getCodeService() {
        return this.codeService;
    }
}
