package org.apache.shiro.spring.boot.jwt.authz;

import com.alibaba.fastjson.JSONObject;
import com.alibaba.fastjson.serializer.SerializerFeature;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import org.apache.commons.lang3.exception.ExceptionUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.biz.authc.AuthcResponse;
import org.apache.shiro.biz.authc.AuthcResponseCode;
import org.apache.shiro.biz.authz.AuthorizationFailureHandler;
import org.apache.shiro.biz.utils.SubjectUtils;
import org.apache.shiro.biz.utils.WebUtils;
import org.apache.shiro.spring.boot.jwt.ShiroJwtMessageSource;
import org.apache.shiro.spring.boot.jwt.authc.JwtAuthenticationFailureHandler;
import org.apache.shiro.spring.boot.jwt.exception.ExpiredJwtException;
import org.apache.shiro.spring.boot.jwt.exception.IncorrectJwtException;
import org.apache.shiro.spring.boot.jwt.exception.InvalidJwtToken;
import org.apache.shiro.spring.boot.jwt.exception.NotObtainedJwtException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.context.support.MessageSourceAccessor;

/* loaded from: input_file:org/apache/shiro/spring/boot/jwt/authz/JwtAuthorizationFailureHandler.class */
public class JwtAuthorizationFailureHandler implements AuthorizationFailureHandler {
    protected MessageSourceAccessor messages = ShiroJwtMessageSource.getAccessor();
    private static final Logger LOG = LoggerFactory.getLogger(JwtAuthenticationFailureHandler.class);

    public boolean supports(AuthenticationException authenticationException) {
        return SubjectUtils.isAssignableFrom(authenticationException.getClass(), new Class[]{ExpiredJwtException.class, IncorrectJwtException.class, InvalidJwtToken.class, NotObtainedJwtException.class});
    }

    public boolean onAuthorizationFailure(Object obj, AuthenticationException authenticationException, ServletRequest servletRequest, ServletResponse servletResponse) throws IOException {
        if (LOG.isDebugEnabled()) {
            LOG.debug(ExceptionUtils.getRootCauseMessage(authenticationException));
        }
        try {
            WebUtils.toHttp(servletResponse).setStatus(200);
            servletResponse.setContentType("application/json");
            servletResponse.setCharacterEncoding(StandardCharsets.UTF_8.name());
            if (authenticationException instanceof ExpiredJwtException) {
                JSONObject.writeJSONString(servletResponse.getOutputStream(), AuthcResponse.error(AuthcResponseCode.SC_AUTHZ_TOKEN_EXPIRED.getCode(), this.messages.getMessage(AuthcResponseCode.SC_AUTHZ_TOKEN_EXPIRED.getMsgKey(), authenticationException.getMessage())), new SerializerFeature[0]);
            } else if (authenticationException instanceof IncorrectJwtException) {
                JSONObject.writeJSONString(servletResponse.getOutputStream(), AuthcResponse.error(AuthcResponseCode.SC_AUTHZ_TOKEN_INCORRECT.getCode(), this.messages.getMessage(AuthcResponseCode.SC_AUTHZ_TOKEN_INCORRECT.getMsgKey(), authenticationException.getMessage())), new SerializerFeature[0]);
            } else if (authenticationException instanceof InvalidJwtToken) {
                JSONObject.writeJSONString(servletResponse.getOutputStream(), AuthcResponse.error(AuthcResponseCode.SC_AUTHZ_TOKEN_INVALID.getCode(), this.messages.getMessage(AuthcResponseCode.SC_AUTHZ_TOKEN_INVALID.getMsgKey(), authenticationException.getMessage())), new SerializerFeature[0]);
            } else if (authenticationException instanceof NotObtainedJwtException) {
                JSONObject.writeJSONString(servletResponse.getOutputStream(), AuthcResponse.error(AuthcResponseCode.SC_AUTHZ_TOKEN_REQUIRED.getCode(), this.messages.getMessage(AuthcResponseCode.SC_AUTHZ_TOKEN_REQUIRED.getMsgKey(), authenticationException.getMessage())), new SerializerFeature[0]);
            } else {
                JSONObject.writeJSONString(servletResponse.getOutputStream(), AuthcResponse.error(AuthcResponseCode.SC_AUTHC_FAIL.getCode(), this.messages.getMessage(AuthcResponseCode.SC_AUTHC_FAIL.getMsgKey())), new SerializerFeature[0]);
            }
            return false;
        } catch (Exception e) {
            LOG.error(e.getMessage());
            JSONObject.writeJSONString(servletResponse.getOutputStream(), AuthcResponse.error("Unauthentication."), new SerializerFeature[0]);
            return false;
        }
    }

    public int getOrder() {
        return 2147483646;
    }
}
