package com.kanq.modules.sys.security.filter;

import com.kanq.common.utils.CookieUtils;
import com.kanq.common.utils.Encodes;
import com.kanq.common.utils.StringUtils;
import com.kanq.common.utils.UserAgentUtils;
import com.kanq.modules.sys.entity.SysUser;
import com.kanq.modules.sys.security.UserAuthenticationToken;
import com.kanq.modules.sys.security.realm.Principal;
import eu.bitwalker.useragentutils.DeviceType;
import java.util.Map;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.util.WebUtils;

/* loaded from: input_file:com/kanq/modules/sys/security/filter/FormAuthenticationFilter.class */
public class FormAuthenticationFilter extends org.apache.shiro.web.filter.authc.FormAuthenticationFilter {
    public static final String DEFAULT_CAPTCHA_PARAM = "validateCode";
    public static final String DEFAULT_MESSAGE_PARAM = "message";
    public static final String DEFAULT_LOGINTYPE_PARAM = "loginType";
    public static final String DEFAULT_TOKEN_PARAM = "token";
    public static final String DEFAULT_REMEMBER_TYPE_PARAM = "rememberType";
    public static final String DEFAULT_MOBILE_PARAM = "mobileLogin";
    public static final int DEFAULT_REMEMBER_MAXAGE = 2592000;
    public static final String DEFAULT_REDIRECT_URI = "redirect_uri";
    private String LoginTypeParam = DEFAULT_LOGINTYPE_PARAM;
    private String captchaParam = "validateCode";
    private String messageParam = DEFAULT_MESSAGE_PARAM;
    private String tokenParam = DEFAULT_TOKEN_PARAM;
    private String rememberType = DEFAULT_REMEMBER_TYPE_PARAM;
    private String mobileLoginParam = DEFAULT_MOBILE_PARAM;

    protected AuthenticationToken createToken(ServletRequest servletRequest, ServletResponse servletResponse) {
        String username = getUsername(servletRequest);
        String password = getPassword(servletRequest);
        if (password == null) {
            password = "";
        }
        setRememberParams(servletRequest, servletResponse);
        boolean isRememberMe = isRememberMe(servletRequest);
        String remoteAddr = StringUtils.getRemoteAddr((HttpServletRequest) servletRequest);
        String captcha = getCaptcha(servletRequest);
        String loginType = getLoginType(servletRequest);
        String token = getToken(servletRequest);
        DeviceType deviceType = UserAgentUtils.getDeviceType((HttpServletRequest) servletRequest);
        if (isMobileLogin(servletRequest)) {
            deviceType = DeviceType.MOBILE;
        }
        return new UserAuthenticationToken(username, password.toCharArray(), isRememberMe, remoteAddr, captcha, deviceType, loginType, token);
    }

    private void setRememberParams(ServletRequest servletRequest, ServletResponse servletResponse) {
        String username = getUsername(servletRequest);
        String password = getPassword(servletRequest);
        String cleanParam = WebUtils.getCleanParam(servletRequest, this.rememberType);
        if (!StringUtils.isNoneBlank(new CharSequence[]{cleanParam}) || !StringUtils.isNumeric(cleanParam)) {
            if (StringUtils.isNoneBlank(new CharSequence[]{username})) {
                CookieUtils.setCookie((HttpServletResponse) servletResponse, getUsernameParam(), username, DEFAULT_REMEMBER_MAXAGE);
            }
        } else if (StringUtils.toInteger(cleanParam).intValue() != 1) {
            if (StringUtils.isNoneBlank(new CharSequence[]{username})) {
                CookieUtils.setCookie((HttpServletResponse) servletResponse, getUsernameParam(), username, DEFAULT_REMEMBER_MAXAGE);
            }
        } else {
            if (StringUtils.isNoneBlank(new CharSequence[]{username})) {
                CookieUtils.setCookie((HttpServletResponse) servletResponse, getUsernameParam(), username, DEFAULT_REMEMBER_MAXAGE);
            }
            if (StringUtils.isNoneBlank(new CharSequence[]{password})) {
                CookieUtils.setCookie((HttpServletResponse) servletResponse, getPasswordParam(), password, DEFAULT_REMEMBER_MAXAGE);
            }
        }
    }

    public String getMobileLoginParam() {
        return this.mobileLoginParam;
    }

    protected boolean isMobileLogin(ServletRequest servletRequest) {
        return WebUtils.isTrue(servletRequest, getMobileLoginParam());
    }

    public String getTokenParam() {
        return this.tokenParam;
    }

    public void setTokenParam(String str) {
        this.tokenParam = str;
    }

    public String getCaptchaParam() {
        return this.captchaParam;
    }

    public String getLoginType() {
        return this.LoginTypeParam;
    }

    protected String getCaptcha(ServletRequest servletRequest) {
        return WebUtils.getCleanParam(servletRequest, getCaptchaParam());
    }

    protected String getLoginType(ServletRequest servletRequest) {
        return WebUtils.getCleanParam(servletRequest, getLoginType());
    }

    protected String getToken(ServletRequest servletRequest) {
        return WebUtils.getCleanParam(servletRequest, getTokenParam());
    }

    public String getMessageParam() {
        return this.messageParam;
    }

    protected void issueSuccessRedirect(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        String cleanParam = WebUtils.getCleanParam(servletRequest, DEFAULT_REDIRECT_URI);
        if (StringUtils.isNotBlank(cleanParam)) {
            WebUtils.issueRedirect(servletRequest, servletResponse, Encodes.urlDecode(cleanParam), (Map) null, true);
        } else {
            WebUtils.issueRedirect(servletRequest, servletResponse, getSuccessUrl(), (Map) null, true);
        }
    }

    protected boolean onLoginSuccess(AuthenticationToken authenticationToken, Subject subject, ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        issueSuccessRedirect(servletRequest, servletResponse);
        return false;
    }

    protected boolean onLoginFailure(AuthenticationToken authenticationToken, AuthenticationException authenticationException, ServletRequest servletRequest, ServletResponse servletResponse) {
        String str;
        String name = authenticationException.getClass().getName();
        if (IncorrectCredentialsException.class.getName().equals(name)) {
            str = "密码错误.";
        } else if (UnknownAccountException.class.getName().equals(name)) {
            str = "用户或密码错误, 请重试.";
        } else if (authenticationException.getMessage() == null || !StringUtils.startsWith(authenticationException.getMessage(), "msg:")) {
            str = "系统出现点问题，请稍后再试！";
            authenticationException.printStackTrace();
        } else {
            str = StringUtils.replace(authenticationException.getMessage(), "msg:", "");
        }
        servletRequest.setAttribute(getFailureKeyAttribute(), name);
        servletRequest.setAttribute(getMessageParam(), str);
        return true;
    }

    protected boolean isAccessAllowed(ServletRequest servletRequest, ServletResponse servletResponse, Object obj) {
        if (isLoginRequest(servletRequest, servletResponse) && isLoginSubmission(servletRequest, servletResponse)) {
            Subject subject = getSubject(servletRequest, servletResponse);
            Principal principal = (Principal) subject.getPrincipal();
            if (principal != null) {
                SysUser user = principal.getUser();
                String username = getUsername(servletRequest);
                String token = getToken(servletRequest);
                if (user == null || StringUtils.isBlank(user.getUsCode()) || user.getUsCode().equals(username) || StringUtils.isBlank(principal.getToken()) || principal.getToken().equals(token)) {
                    subject.logout();
                }
            }
        }
        return super.isAccessAllowed(servletRequest, servletResponse, obj);
    }
}
