package help.lixin.security.filter;

import help.lixin.security.captcha.ICaptchaService;
import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.core.log.LogMessage;
import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.web.filter.OncePerRequestFilter;

/* loaded from: input_file:help/lixin/security/filter/CaptchaFilter.class */
public class CaptchaFilter extends OncePerRequestFilter implements InitializingBean {
    private static final AntPathRequestMatcher DEFAULT_ANT_PATH_REQUEST_MATCHER = new AntPathRequestMatcher("/login", "POST");
    private AuthenticationFailureHandler authenticationFailureHandlerCallback;
    private ICaptchaService captchaService;

    public CaptchaFilter(ICaptchaService iCaptchaService, AuthenticationFailureHandler authenticationFailureHandler) {
        this.captchaService = iCaptchaService;
        this.authenticationFailureHandlerCallback = authenticationFailureHandler;
    }

    public void setCaptchaService(ICaptchaService iCaptchaService) {
        this.captchaService = iCaptchaService;
    }

    public void setAuthenticationFailureHandlerCallback(AuthenticationFailureHandler authenticationFailureHandler) {
        this.authenticationFailureHandlerCallback = authenticationFailureHandler;
    }

    protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException, IOException {
        if (!requiresAuthentication(httpServletRequest, httpServletResponse)) {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
        } else if (checkCaptcha(httpServletRequest, httpServletResponse)) {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
        }
    }

    public boolean checkCaptcha(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        if (!httpServletRequest.getMethod().equals("POST")) {
            this.authenticationFailureHandlerCallback.onAuthenticationFailure(httpServletRequest, httpServletResponse, new AuthenticationServiceException("Authentication method not supported: " + httpServletRequest.getMethod()));
        }
        String obtainCaptcha = obtainCaptcha(httpServletRequest);
        if (null == obtainCaptcha) {
            this.authenticationFailureHandlerCallback.onAuthenticationFailure(httpServletRequest, httpServletResponse, new AuthenticationServiceException("验证码不能为空"));
        }
        boolean validate = this.captchaService.validate(obtainCaptcha);
        if (!validate) {
            this.authenticationFailureHandlerCallback.onAuthenticationFailure(httpServletRequest, httpServletResponse, new AuthenticationServiceException("验证码错误"));
        }
        return validate;
    }

    protected String obtainCaptcha(HttpServletRequest httpServletRequest) {
        return httpServletRequest.getParameter("captcha");
    }

    protected boolean requiresAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        if (DEFAULT_ANT_PATH_REQUEST_MATCHER.matches(httpServletRequest)) {
            return true;
        }
        if (!this.logger.isTraceEnabled()) {
            return false;
        }
        this.logger.trace(LogMessage.format("Did not match request to %s", DEFAULT_ANT_PATH_REQUEST_MATCHER));
        return false;
    }
}
