package net.coding.chenxiaobo.shiro.filter;

import java.util.ArrayList;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import net.coding.chenxiaobo.shiro.exception.CaptchaNotMatchException;
import net.coding.chenxiaobo.shiro.exception.CaptchaTimeoutException;
import net.coding.chenxiaobo.shiro.filter.support.SimpleDisplayCaptchaCondition;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.util.StringUtils;
import org.apache.shiro.web.filter.authc.FormAuthenticationFilter;
import org.apache.shiro.web.util.WebUtils;

/* loaded from: input_file:net/coding/chenxiaobo/shiro/filter/CaptchaAuthenticationFilter.class */
public class CaptchaAuthenticationFilter extends FormAuthenticationFilter {
    public static final String DEFAULT_CAPTCHA_PARAM = "captcha";
    public static final String DEFAULT_SESSION_CAPTCHA_TIMEOUT_KEY_ATTRIBUTE_NAME = "captcha_timeout";
    private static final long DEFAULT_CAPTCHA_TIMEOUT_VALUE = 60000;
    private String captchaParam = DEFAULT_CAPTCHA_PARAM;
    private String sessionCaptchaKeyAttribute = DEFAULT_CAPTCHA_PARAM;
    private String sessionCaptchaTimeoutKeyAttribute = DEFAULT_SESSION_CAPTCHA_TIMEOUT_KEY_ATTRIBUTE_NAME;
    private long captchaTimeout = DEFAULT_CAPTCHA_TIMEOUT_VALUE;
    private List<DisplayCaptchaCondition> displayCaptchaConditions = new ArrayList();

    public CaptchaAuthenticationFilter() {
        this.displayCaptchaConditions.add(new SimpleDisplayCaptchaCondition());
    }

    protected boolean validDisplayCaptcha(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        Iterator<DisplayCaptchaCondition> it = this.displayCaptchaConditions.iterator();
        while (it.hasNext()) {
            if (it.next().isDisplay(servletRequest, servletResponse)) {
                return Boolean.FALSE.booleanValue();
            }
        }
        return Boolean.TRUE.booleanValue();
    }

    protected boolean executeLogin(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        if (validDisplayCaptcha(servletRequest, servletResponse)) {
            return super.executeLogin(servletRequest, servletResponse);
        }
        Session session = SecurityUtils.getSubject().getSession();
        String str = (String) session.getAttribute(getSessionCaptchaKeyAttribute());
        if (!StringUtils.hasText(str)) {
            throw new AuthenticationException("验证码错误，当前 session 的 attribute 为[" + getSessionCaptchaKeyAttribute() + "]的值为\"\"或 null");
        }
        if (System.currentTimeMillis() - ((Date) session.getAttribute(getSessionCaptchaTimeoutKeyAttribute())).getTime() > this.captchaTimeout) {
            return onLoginFailure(createToken(servletRequest, servletResponse), new CaptchaTimeoutException("验证码失效"), servletRequest, servletResponse);
        }
        String captcha = getCaptcha(servletRequest);
        return !StringUtils.hasText(captcha) ? onLoginFailure(createToken(servletRequest, servletResponse), new CaptchaNotMatchException("登录提交的验证码为 \"\" 或 null 值"), servletRequest, servletResponse) : !str.equalsIgnoreCase(captcha) ? onLoginFailure(createToken(servletRequest, servletResponse), new CaptchaNotMatchException("验证码不正确[" + captcha.toLowerCase() + " != " + str.toLowerCase() + "]"), servletRequest, servletResponse) : super.executeLogin(servletRequest, servletResponse);
    }

    protected boolean onLoginFailure(AuthenticationToken authenticationToken, AuthenticationException authenticationException, ServletRequest servletRequest, ServletResponse servletResponse) {
        Iterator<DisplayCaptchaCondition> it = this.displayCaptchaConditions.iterator();
        while (it.hasNext()) {
            it.next().loginFailure(authenticationToken, authenticationException, servletRequest, servletResponse);
        }
        return super.onLoginFailure(authenticationToken, authenticationException, servletRequest, servletResponse);
    }

    protected boolean onLoginSuccess(AuthenticationToken authenticationToken, Subject subject, ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        Iterator<DisplayCaptchaCondition> it = this.displayCaptchaConditions.iterator();
        while (it.hasNext()) {
            it.next().loginSuccess(authenticationToken, subject, servletRequest, servletResponse);
        }
        return super.onLoginSuccess(authenticationToken, subject, servletRequest, servletResponse);
    }

    public void setCaptchaParam(String str) {
        this.captchaParam = str;
    }

    public String getCaptchaParam() {
        return this.captchaParam;
    }

    public void setSessionCaptchaKeyAttribute(String str) {
        this.sessionCaptchaKeyAttribute = str;
    }

    public String getSessionCaptchaKeyAttribute() {
        return this.sessionCaptchaKeyAttribute;
    }

    public String getCaptcha(ServletRequest servletRequest) {
        return WebUtils.getCleanParam(servletRequest, getCaptchaParam());
    }

    public void setSessionCaptchaTimeoutKeyAttribute(String str) {
        this.sessionCaptchaTimeoutKeyAttribute = str;
    }

    public String getSessionCaptchaTimeoutKeyAttribute() {
        return this.sessionCaptchaTimeoutKeyAttribute;
    }

    public long getCaptchaTimeout() {
        return this.captchaTimeout;
    }

    public void setCaptchaTimeout(long j) {
        this.captchaTimeout = j;
    }

    public void setDisplayCaptchaConditions(List<DisplayCaptchaCondition> list) {
        this.displayCaptchaConditions = list;
    }
}
