package org.apache.shiro.spring.boot.qrcode.authc;

import com.alibaba.fastjson.JSONObject;
import com.alibaba.fastjson.serializer.SerializerFeature;
import java.nio.charset.StandardCharsets;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.biz.authc.AuthcResponse;
import org.apache.shiro.biz.utils.WebUtils;
import org.apache.shiro.biz.web.filter.authc.AbstractTrustableAuthenticatingFilter;
import org.apache.shiro.subject.Subject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/shiro/spring/boot/qrcode/authc/QrcodeAuthenticatingFilter.class */
public class QrcodeAuthenticatingFilter extends AbstractTrustableAuthenticatingFilter {
    private static final Logger log = LoggerFactory.getLogger(QrcodeAuthenticatingFilter.class);

    protected boolean isAccessAllowed(ServletRequest servletRequest, ServletResponse servletResponse, Object obj) {
        if (!isSessionStateless()) {
            return super.isAccessAllowed(servletRequest, servletResponse, obj);
        }
        AuthenticationToken createToken = createToken(servletRequest, servletResponse);
        try {
            Subject subject = getSubject(servletRequest, servletResponse);
            subject.login(createToken);
            return onAccessSuccess(createToken, subject, servletRequest, servletResponse);
        } catch (AuthenticationException e) {
            return onAccessFailure(createToken, e, servletRequest, servletResponse);
        }
    }

    protected boolean onAccessDenied(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        if (!isLoginRequest(servletRequest, servletResponse)) {
            if (log.isTraceEnabled()) {
                log.trace("Attempting to access a path which requires authentication. ");
            }
            if (!WebUtils.isAjaxRequest(servletRequest)) {
                saveRequestAndRedirectToLogin(servletRequest, servletResponse);
                return false;
            }
            WebUtils.toHttp(servletResponse).setStatus(200);
            servletResponse.setContentType("application/json");
            servletResponse.setCharacterEncoding(StandardCharsets.UTF_8.name());
            JSONObject.writeJSONString(servletResponse.getWriter(), AuthcResponse.fail(401, "Attempting to access a path which requires authentication. "), new SerializerFeature[0]);
            return false;
        }
        if (isLoginSubmission(servletRequest, servletResponse)) {
            if (log.isTraceEnabled()) {
                log.trace("Login submission detected.  Attempting to execute login.");
            }
            return executeLogin(servletRequest, servletResponse);
        }
        String str = "Authentication url [" + getLoginUrl() + "] Not Http Post request.";
        if (log.isTraceEnabled()) {
            log.trace(str);
        }
        WebUtils.toHttp(servletResponse).setStatus(200);
        servletResponse.setContentType("application/json");
        servletResponse.setCharacterEncoding(StandardCharsets.UTF_8.name());
        JSONObject.writeJSONString(servletResponse.getWriter(), AuthcResponse.fail(400, str), new SerializerFeature[0]);
        return false;
    }
}
