package ec.gob.senescyt.sniese.commons.security.shiro;

import ec.gob.senescyt.sniese.commons.filters.comandos.AutenticacionCommand;
import ec.gob.senescyt.sniese.commons.filters.comandos.AutenticacionCommandFactory;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.web.filter.authc.AuthenticationFilter;
import org.apache.shiro.web.util.WebUtils;

/* loaded from: input_file:ec/gob/senescyt/sniese/commons/security/shiro/AutenticacionTokenFilter.class */
public class AutenticacionTokenFilter extends AuthenticationFilter {
    private final AutenticacionCommandFactory fabrica = new AutenticacionCommandFactory();
    private static final String CREDENCIALES_INCORRECTAS = "Credenciales incorrectas";
    private static final String METODO_OPTIONS = "OPTIONS";

    protected boolean isAccessAllowed(ServletRequest servletRequest, ServletResponse servletResponse, Object obj) {
        HttpServletRequest http = WebUtils.toHttp(servletRequest);
        if (http.getMethod().equals(METODO_OPTIONS)) {
            return true;
        }
        return ejecutarAutenticacion(this.fabrica.crearComando(http.getHeader("Authorization")));
    }

    protected boolean onAccessDenied(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        httpServletResponse.setStatus(401);
        httpServletResponse.setHeader("Access-Control-Allow-Origin", "*");
        httpServletResponse.setHeader("Access-Control-Allow-Credentials", "true");
        httpServletResponse.getWriter().print(CREDENCIALES_INCORRECTAS);
        return false;
    }

    private boolean ejecutarAutenticacion(AutenticacionCommand autenticacionCommand) {
        try {
            autenticacionCommand.ejecutar();
            return true;
        } catch (AuthenticationException e) {
            return false;
        }
    }
}
