package org.noear.solon.extend.sureness.integration;

import com.usthe.sureness.mgt.SurenessSecurityManager;
import com.usthe.sureness.processor.exception.DisabledAccountException;
import com.usthe.sureness.processor.exception.ExcessiveAttemptsException;
import com.usthe.sureness.processor.exception.ExpiredCredentialsException;
import com.usthe.sureness.processor.exception.IncorrectCredentialsException;
import com.usthe.sureness.processor.exception.NeedDigestInfoException;
import com.usthe.sureness.processor.exception.UnauthorizedException;
import com.usthe.sureness.processor.exception.UnknownAccountException;
import com.usthe.sureness.subject.SubjectSum;
import com.usthe.sureness.util.SurenessContextHolder;
import java.util.Collections;
import java.util.Map;
import org.noear.solon.annotation.Component;
import org.noear.solon.core.handle.Context;
import org.noear.solon.core.handle.Filter;
import org.noear.solon.core.handle.FilterChain;
import org.noear.solon.core.handle.Result;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Component
/* loaded from: input_file:org/noear/solon/extend/sureness/integration/SurenessFilter.class */
public class SurenessFilter implements Filter {
    private static final Logger logger = LoggerFactory.getLogger(SurenessFilter.class);

    public void doFilter(Context context, FilterChain filterChain) throws Throwable {
        try {
            SubjectSum checkIn = SurenessSecurityManager.getInstance().checkIn(context);
            if (checkIn != null) {
                SurenessContextHolder.bindSubject(checkIn);
            }
            filterChain.doFilter(context);
        } catch (DisabledAccountException | ExcessiveAttemptsException e) {
            logger.debug("the account is disabled");
            responseWrite(context, 401, e.getMessage(), null);
        } catch (UnauthorizedException e2) {
            logger.debug("this account can not access this resource");
            responseWrite(context, 403, e2.getMessage(), null);
        } catch (RuntimeException e3) {
            logger.error("other exception happen: ", e3);
            responseWrite(context, 409, e3.getMessage(), null);
        } catch (IncorrectCredentialsException | UnknownAccountException | ExpiredCredentialsException e4) {
            logger.debug("this request is illegal");
            responseWrite(context, 401, e4.getMessage(), null);
        } catch (NeedDigestInfoException e5) {
            logger.debug("you should try once again with digest auth information");
            responseWrite(context, 401, "try once again with digest auth information", Collections.singletonMap("WWW-Authenticate", e5.getAuthenticate()));
        }
    }

    private void responseWrite(Context context, int i, String str, Map<String, String> map) throws Throwable {
        context.statusSet(i);
        if (map != null) {
            context.getClass();
            map.forEach(context::headerAdd);
        }
        context.render(Result.failure(str));
    }
}
