package cn.org.faster.framework.shiro;

import cn.hutool.extra.servlet.ServletUtil;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.web.filter.authc.AuthenticatingFilter;
import org.apache.shiro.web.util.WebUtils;
import org.springframework.http.HttpStatus;
import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.RequestMethod;

/* loaded from: input_file:cn/org/faster/framework/shiro/ShiroFilter.class */
public class ShiroFilter extends AuthenticatingFilter {
    protected AuthenticationToken createToken(ServletRequest servletRequest, ServletResponse servletResponse) {
        Cookie cookie;
        String header = ((HttpServletRequest) servletRequest).getHeader("Auth-Token");
        if (StringUtils.isEmpty(header) && (cookie = ServletUtil.getCookie((HttpServletRequest) servletRequest, "Auth-Token")) != null) {
            header = cookie.getValue();
        }
        final String str = header;
        return new AuthenticationToken() { // from class: cn.org.faster.framework.shiro.ShiroFilter.1
            public Object getPrincipal() {
                return str;
            }

            public Object getCredentials() {
                return str;
            }
        };
    }

    protected boolean onAccessDenied(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        return executeLogin(servletRequest, servletResponse);
    }

    protected boolean onLoginFailure(AuthenticationToken authenticationToken, AuthenticationException authenticationException, ServletRequest servletRequest, ServletResponse servletResponse) {
        return true;
    }

    protected boolean preHandle(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        httpServletResponse.setHeader("Access-Control-Allow-Origin", ((HttpServletRequest) servletRequest).getHeader("origin"));
        httpServletResponse.setHeader("Access-Control-Allow-Methods", "GET,HEAD,POST,PUT,PATCH,DELETE,OPTIONS,TRACE");
        String header = ((HttpServletRequest) servletRequest).getHeader("Access-Control-Request-Headers");
        if (!StringUtils.isEmpty(header)) {
            httpServletResponse.setHeader("Access-Control-Allow-Headers", header);
        }
        httpServletResponse.setHeader("Access-Control-Allow-Credentials", "true");
        if (!RequestMethod.OPTIONS.name().equals(WebUtils.toHttp(servletRequest).getMethod())) {
            return super.preHandle(servletRequest, servletResponse);
        }
        httpServletResponse.setStatus(HttpStatus.OK.value());
        return false;
    }
}
