package net.coding.chenxiaobo.shiro.filter;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import net.coding.chenxiaobo.shiro.exception.CaptchaNotMatchException;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.util.StringUtils;
import org.apache.shiro.web.filter.authc.FormAuthenticationFilter;
import org.apache.shiro.web.util.WebUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:net/coding/chenxiaobo/shiro/filter/CaptchaAuthenticationFilter.class */
public class CaptchaAuthenticationFilter extends FormAuthenticationFilter {
    private static final Logger LOGGER = LoggerFactory.getLogger(CaptchaAuthenticationFilter.class);
    public static final String DEFAULT_CAPTCHA_PARAM = "captcha";
    private static final String DEFAULT_LOGIN_FAILURE_COUNT_KEY_ATTRIBUTE = "LOGIN_FAILURE_COUNT";
    private static final int DEFAULT_ALLOW_FAILURE_COUNT = 1;
    private String captchaParam = DEFAULT_CAPTCHA_PARAM;
    private String sessionCaptchaKeyAttribute = DEFAULT_CAPTCHA_PARAM;
    private String loginFailureCountKeyAttribute = DEFAULT_LOGIN_FAILURE_COUNT_KEY_ATTRIBUTE;
    private int allowFailureCount = DEFAULT_ALLOW_FAILURE_COUNT;

    protected boolean executeLogin(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        Session session = SecurityUtils.getSubject().getSession();
        Integer num = (Integer) session.getAttribute(getLoginFailureCountKeyAttribute());
        if (num == null) {
            num = Integer.valueOf(DEFAULT_ALLOW_FAILURE_COUNT);
            session.setAttribute(getLoginFailureCountKeyAttribute(), num);
        }
        if (num.intValue() > getAllowFailureCount().intValue()) {
            String str = (String) session.getAttribute(getSessionCaptchaKeyAttribute());
            if (!StringUtils.hasText(str)) {
                throw new AuthenticationException("验证码错误，当前 session 的 attribute 为[" + getSessionCaptchaKeyAttribute() + "]的值为\"\"或 null");
            }
            String captcha = getCaptcha(servletRequest);
            if (!StringUtils.hasText(captcha)) {
                return onLoginFailure(createToken(servletRequest, servletResponse), new CaptchaNotMatchException("登录提交的验证码为 \"\" 或 null 值"), servletRequest, servletResponse);
            }
            if (!str.equalsIgnoreCase(captcha)) {
                return onLoginFailure(createToken(servletRequest, servletResponse), new CaptchaNotMatchException("验证码不正确[" + captcha.toLowerCase() + " != " + str.toLowerCase() + "]"), servletRequest, servletResponse);
            }
        }
        return super.executeLogin(servletRequest, servletResponse);
    }

    protected boolean onLoginFailure(AuthenticationToken authenticationToken, AuthenticationException authenticationException, ServletRequest servletRequest, ServletResponse servletResponse) {
        Session session = SecurityUtils.getSubject().getSession();
        session.setAttribute(getLoginFailureCountKeyAttribute(), Integer.valueOf(((Integer) session.getAttribute(getLoginFailureCountKeyAttribute())).intValue() + DEFAULT_ALLOW_FAILURE_COUNT));
        LOGGER.error("登录错误", authenticationException);
        return super.onLoginFailure(authenticationToken, authenticationException, servletRequest, servletResponse);
    }

    protected boolean onLoginSuccess(AuthenticationToken authenticationToken, Subject subject, ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        subject.getSession().removeAttribute(getLoginFailureCountKeyAttribute());
        return super.onLoginSuccess(authenticationToken, subject, servletRequest, servletResponse);
    }

    public void setCaptchaParam(String str) {
        this.captchaParam = str;
    }

    public String getCaptchaParam() {
        return this.captchaParam;
    }

    public void setSessionCaptchaKeyAttribute(String str) {
        this.sessionCaptchaKeyAttribute = str;
    }

    public String getSessionCaptchaKeyAttribute() {
        return this.sessionCaptchaKeyAttribute;
    }

    public String getLoginFailureCountKeyAttribute() {
        return this.loginFailureCountKeyAttribute;
    }

    public void setLoginFailureCountKeyAttribute(String str) {
        this.loginFailureCountKeyAttribute = str;
    }

    public String getCaptcha(ServletRequest servletRequest) {
        return WebUtils.getCleanParam(servletRequest, getCaptchaParam());
    }

    public Integer getAllowFailureCount() {
        return Integer.valueOf(this.allowFailureCount);
    }

    public void setAllowFailureCount(Integer num) {
        this.allowFailureCount = num.intValue();
    }
}
