package com.jxwk.auth.web.shiro.filter;

import com.jxwk.auth.web.shiro.exception.CaptchaErrorException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.filter.authc.FormAuthenticationFilter;
import org.apache.shiro.web.util.WebUtils;

/* loaded from: input_file:com/jxwk/auth/web/shiro/filter/CaptchaAuthenticationFilter.class */
public class CaptchaAuthenticationFilter extends FormAuthenticationFilter {
    public static final String DEFAULT_CAPTCHA_PARAM = "captcha";
    private static final String DEFAULT_LOGIN_INCORRECT_NUMBER_KEY_ATTRIBUTE = "incorrectNumber";
    private String captchaParam = DEFAULT_CAPTCHA_PARAM;
    private String sessionCaptchaKeyAttribute = DEFAULT_CAPTCHA_PARAM;
    private String loginIncorrectNumberKeyAttribute = DEFAULT_LOGIN_INCORRECT_NUMBER_KEY_ATTRIBUTE;
    private Integer allowIncorrectNumber = 1;

    protected boolean executeLogin(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        Session createSessionIfNull = createSessionIfNull();
        Integer num = (Integer) createSessionIfNull.getAttribute(getLoginIncorrectNumberKeyAttribute());
        if (num == null) {
            num = new Integer(1);
            createSessionIfNull.setAttribute(getLoginIncorrectNumberKeyAttribute(), num);
        }
        if (num.intValue() > getAllowIncorrectNumber().intValue()) {
            String str = (String) createSessionIfNull.getAttribute(getSessionCaptchaKeyAttribute());
            String captcha = getCaptcha(servletRequest);
            if (StringUtils.isEmpty(captcha) || !StringUtils.equals(str, captcha.toLowerCase())) {
                return onLoginFailure(createToken(servletRequest, servletResponse), new CaptchaErrorException("验证码不正确"), servletRequest, servletResponse);
            }
        }
        return super.executeLogin(servletRequest, servletResponse);
    }

    protected void setFailureAttribute(ServletRequest servletRequest, AuthenticationException authenticationException) {
        if (authenticationException instanceof IncorrectCredentialsException) {
            servletRequest.setAttribute(getFailureKeyAttribute(), "登录帐号密码不正确");
        } else if (authenticationException instanceof CaptchaErrorException) {
            servletRequest.setAttribute(getFailureKeyAttribute(), "验证码不正确");
        } else {
            servletRequest.setAttribute(getFailureKeyAttribute(), authenticationException.getMessage());
        }
    }

    protected boolean onLoginFailure(AuthenticationToken authenticationToken, AuthenticationException authenticationException, ServletRequest servletRequest, ServletResponse servletResponse) {
        Session session = getSession();
        session.setAttribute(getLoginIncorrectNumberKeyAttribute(), Integer.valueOf(((Integer) session.getAttribute(getLoginIncorrectNumberKeyAttribute())).intValue() + 1));
        return super.onLoginFailure(authenticationToken, authenticationException, servletRequest, servletResponse);
    }

    protected boolean onLoginSuccess(AuthenticationToken authenticationToken, Subject subject, ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        Session session = getSession();
        session.removeAttribute(getLoginIncorrectNumberKeyAttribute());
        session.setAttribute("current_user", subject.getPrincipal());
        return super.onLoginSuccess(authenticationToken, subject, servletRequest, servletResponse);
    }

    public void setCaptchaParam(String str) {
        this.captchaParam = str;
    }

    public String getCaptchaParam() {
        return this.captchaParam;
    }

    public void setSessionCaptchaKeyAttribute(String str) {
        this.sessionCaptchaKeyAttribute = str;
    }

    public String getSessionCaptchaKeyAttribute() {
        return this.sessionCaptchaKeyAttribute;
    }

    public String getLoginIncorrectNumberKeyAttribute() {
        return this.loginIncorrectNumberKeyAttribute;
    }

    public void setLoginIncorrectNumberKeyAttribute(String str) {
        this.loginIncorrectNumberKeyAttribute = str;
    }

    public String getCaptcha(ServletRequest servletRequest) {
        return WebUtils.getCleanParam(servletRequest, getCaptchaParam());
    }

    public Integer getAllowIncorrectNumber() {
        return this.allowIncorrectNumber;
    }

    public void setAllowIncorrectNumber(Integer num) {
        this.allowIncorrectNumber = num;
    }

    public static Session createSessionIfNull() {
        Session session = getSession();
        if (session == null) {
            session = getSession(true);
        }
        return session;
    }

    public static Session getSession() {
        return getSession(false);
    }

    public static Session getSession(boolean z) {
        return SecurityUtils.getSubject().getSession(z);
    }
}
