package org.jsets.shiro.filter.stateless;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.util.WebUtils;
import org.jsets.shiro.config.MessageConfig;
import org.jsets.shiro.util.Commons;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/jsets/shiro/filter/stateless/HmacPermsFilter.class */
public class HmacPermsFilter extends StatelessFilter {
    private static final Logger LOGGER = LoggerFactory.getLogger(HmacPermsFilter.class);

    protected boolean isAccessAllowed(ServletRequest servletRequest, ServletResponse servletResponse, Object obj) throws Exception {
        Subject subject = getSubject(servletRequest, servletResponse);
        if ((null != subject && subject.isAuthenticated()) || !isHmacSubmission(servletRequest)) {
            return false;
        }
        AuthenticationToken createHmacToken = createHmacToken(servletRequest, servletResponse);
        try {
            Subject subject2 = getSubject(servletRequest, servletResponse);
            subject2.login(createHmacToken);
            return checkPerms(subject2, obj);
        } catch (AuthenticationException e) {
            LOGGER.error(servletRequest.getRemoteHost() + " HMAC鉴权  " + e.getMessage());
            Commons.restFailed(WebUtils.toHttp(servletResponse), MessageConfig.REST_CODE_AUTH_UNAUTHORIZED, e.getMessage());
            return false;
        }
    }
}
