package com.kdgc.framework.modules.security.shiro;

import com.kdgc.framework.modules.security.shiro.FwAuthenticationToken;
import com.kdgc.framework.modules.security.utils.Cryptos;
import com.kdgc.framework.modules.utils.JSONUtil;
import com.kdgc.framework.modules.utils.StringUtils;
import com.kdgc.framework.web.common.ResponseData;
import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.filter.authc.AuthenticatingFilter;
import org.apache.shiro.web.util.WebUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/kdgc/framework/modules/security/shiro/FwTokenFilter.class */
public class FwTokenFilter extends AuthenticatingFilter {
    private static final Logger log = LoggerFactory.getLogger(FwTokenFilter.class);
    private static final String LOGIN_TOKEN = "token";
    public static final String DEFAULT_USERNAME_PARAM = "username";
    public static final String DEFAULT_PASSWORD_PARAM = "password";
    private String authUrl;

    protected AuthenticationToken createToken(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        boolean isRememberMe = isRememberMe(servletRequest);
        if (isLoginSubmission(servletRequest, servletResponse)) {
            return new FwAuthenticationToken(WebUtils.getCleanParam(servletRequest, DEFAULT_USERNAME_PARAM), WebUtils.getCleanParam(servletRequest, DEFAULT_PASSWORD_PARAM), null, null, isRememberMe, null, FwAuthenticationToken.ModeEnum.password);
        }
        String aesDecryptByKey = Cryptos.aesDecryptByKey(WebUtils.getCleanParam(servletRequest, LOGIN_TOKEN));
        if (StringUtils.isNotBlank(aesDecryptByKey)) {
            return new FwAuthenticationToken(aesDecryptByKey, null, null, null, isRememberMe, null, FwAuthenticationToken.ModeEnum.agent);
        }
        return null;
    }

    protected boolean onAccessDenied(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        if (isLoginRequest(servletRequest, servletResponse)) {
            return executeLogin(servletRequest, servletResponse);
        }
        if (log.isTraceEnabled()) {
            log.trace("Attempting to access a path which requires authentication.  Forwarding to the Authentication url [" + getLoginUrl() + "]");
        }
        saveRequestAndRedirectToLogin(servletRequest, servletResponse);
        return false;
    }

    protected void saveRequestAndRedirectToLogin(ServletRequest servletRequest, ServletResponse servletResponse) throws IOException {
        saveRequest(servletRequest);
        redirectToSSO(servletRequest, servletResponse);
    }

    protected boolean isLoginSubmission(ServletRequest servletRequest, ServletResponse servletResponse) {
        return (servletRequest instanceof HttpServletRequest) && WebUtils.toHttp(servletRequest).getMethod().equalsIgnoreCase("POST");
    }

    private void redirectToSSO(ServletRequest servletRequest, ServletResponse servletResponse) throws IOException {
        WebUtils.issueRedirect(servletRequest, servletResponse, this.authUrl);
    }

    protected boolean onLoginSuccess(AuthenticationToken authenticationToken, Subject subject, ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        if (!isLoginSubmission(servletRequest, servletResponse)) {
            issueSuccessRedirect(servletRequest, servletResponse);
            return false;
        }
        servletResponse.setCharacterEncoding("UTF-8");
        PrintWriter writer = servletResponse.getWriter();
        writer.println(JSONUtil.toJSon(ResponseData.SUCCESS_NO_DATA));
        writer.flush();
        writer.close();
        return false;
    }

    public String getAuthUrl() {
        return this.authUrl;
    }

    public void setAuthUrl(String str) {
        this.authUrl = str;
    }
}
