package com.cpi.framework.modules.security.shiro;

import com.cpi.framework.modules.utils.JSONUtil;
import com.cpi.framework.web.common.ResponseData;
import com.cpi.framework.web.common.utils.AjaxUtil;
import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.StringUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.filter.authc.FormAuthenticationFilter;
import org.apache.shiro.web.util.WebUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/cpi/framework/modules/security/shiro/FwFormAuthenticationFilter.class */
public class FwFormAuthenticationFilter extends FormAuthenticationFilter {
    private static final Logger LOGGER = LoggerFactory.getLogger(FwFormAuthenticationFilter.class);
    private static final String DEFAULT_CAPTCHA_ID_PARAM = "captchaId";
    private static final String DEFAULT_CAPTCHA_PARAM = "captcha";
    private static final String DEFAULT_COMPANY_ID_PARAM = "companyId";
    private String captchaIdParam = DEFAULT_CAPTCHA_ID_PARAM;
    private String captchaParam = DEFAULT_CAPTCHA_PARAM;
    private String companyIdParam = DEFAULT_COMPANY_ID_PARAM;

    protected AuthenticationToken createToken(ServletRequest servletRequest, ServletResponse servletResponse) {
        return new FwAuthenticationToken(getUsername(servletRequest), getPassword(servletRequest), getCaptchaId(servletRequest), getCaptcha(servletRequest), isRememberMe(servletRequest), getCompanyId(servletRequest));
    }

    protected boolean onLoginSuccess(AuthenticationToken authenticationToken, Subject subject, ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        if (!AjaxUtil.isAjaxRequest((HttpServletRequest) servletRequest)) {
            return super.onLoginSuccess(authenticationToken, subject, servletRequest, servletResponse);
        }
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        httpServletResponse.setCharacterEncoding("UTF-8");
        PrintWriter writer = httpServletResponse.getWriter();
        writer.println(JSONUtil.toJSon(ResponseData.SUCCESS_NO_DATA));
        writer.flush();
        writer.close();
        return false;
    }

    protected boolean onLoginFailure(AuthenticationToken authenticationToken, AuthenticationException authenticationException, ServletRequest servletRequest, ServletResponse servletResponse) {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        if (!AjaxUtil.isAjaxRequest(httpServletRequest)) {
            return super.onLoginFailure(authenticationToken, authenticationException, httpServletRequest, httpServletResponse);
        }
        try {
            httpServletResponse.setCharacterEncoding("UTF-8");
            PrintWriter writer = httpServletResponse.getWriter();
            String simpleName = authenticationException.getClass().getSimpleName();
            if ("IncorrectCredentialsException".equals(simpleName)) {
                writer.println(JSONUtil.toJSon(ResponseData.error("密码错误")));
            } else if ("UnknownAccountException".equals(simpleName)) {
                writer.println(JSONUtil.toJSon(ResponseData.error("账号不存在")));
            } else if ("LockedAccountException".equals(simpleName)) {
                writer.println(JSONUtil.toJSon(ResponseData.error("账号被锁定")));
            } else {
                writer.println(JSONUtil.toJSon(ResponseData.error("未知错误")));
            }
            writer.flush();
            writer.close();
            return false;
        } catch (IOException e) {
            LOGGER.error(e.getMessage());
            return false;
        }
    }

    protected boolean onAccessDenied(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        if (!AjaxUtil.isAjaxRequest(httpServletRequest)) {
            return super.onAccessDenied(httpServletRequest, httpServletResponse);
        }
        httpServletResponse.setCharacterEncoding("UTF-8");
        httpServletResponse.addHeader("loginStatus", "accessDenied");
        httpServletResponse.sendError(403);
        return false;
    }

    protected String getCaptchaId(ServletRequest servletRequest) {
        String cleanParam = WebUtils.getCleanParam(servletRequest, this.captchaIdParam);
        if (cleanParam == null) {
            cleanParam = ((HttpServletRequest) servletRequest).getSession().getId();
        }
        return cleanParam;
    }

    protected String getCaptcha(ServletRequest servletRequest) {
        return WebUtils.getCleanParam(servletRequest, this.captchaParam);
    }

    protected Long getCompanyId(ServletRequest servletRequest) {
        String cleanParam = WebUtils.getCleanParam(servletRequest, this.companyIdParam);
        if (StringUtils.isNotBlank(cleanParam)) {
            return Long.valueOf(cleanParam);
        }
        return null;
    }

    public String getCaptchaIdParam() {
        return this.captchaIdParam;
    }

    public void setCaptchaIdParam(String str) {
        this.captchaIdParam = str;
    }

    public String getCaptchaParam() {
        return this.captchaParam;
    }

    public void setCaptchaParam(String str) {
        this.captchaParam = str;
    }

    public String getCompanyIdParam() {
        return this.companyIdParam;
    }

    public void setCompanyIdParam(String str) {
        this.companyIdParam = str;
    }
}
