package help.lixin.security.filter;

import help.lixin.security.captcha.ICaptchaValidateCallback;
import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.core.log.LogMessage;
import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.web.filter.OncePerRequestFilter;

/* loaded from: input_file:help/lixin/security/filter/CaptchaValidateFilter.class */
public class CaptchaValidateFilter extends OncePerRequestFilter implements InitializingBean {
    private static final String DEFAULT_CAPTCHA = "captcha";
    private static final AntPathRequestMatcher DEFAULT_ANT_PATH_REQUEST_MATCHER = new AntPathRequestMatcher("/login", "POST");
    private final AuthenticationFailureHandler authenticationFailureHandlerCallback;
    private final ICaptchaValidateCallback captchaValidateCallback;
    private String captcha = DEFAULT_CAPTCHA;
    private AntPathRequestMatcher loginMatcher = DEFAULT_ANT_PATH_REQUEST_MATCHER;

    public CaptchaValidateFilter(ICaptchaValidateCallback iCaptchaValidateCallback, AuthenticationFailureHandler authenticationFailureHandler) {
        this.captchaValidateCallback = iCaptchaValidateCallback;
        this.authenticationFailureHandlerCallback = authenticationFailureHandler;
    }

    public void setCaptcha(String str) {
        this.captcha = str;
    }

    public String getCaptcha() {
        return this.captcha;
    }

    public void setLoginMatcher(AntPathRequestMatcher antPathRequestMatcher) {
        this.loginMatcher = antPathRequestMatcher;
    }

    public AntPathRequestMatcher getLoginMatcher() {
        return this.loginMatcher;
    }

    protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException, IOException {
        if (!requiresAuthentication(httpServletRequest, httpServletResponse)) {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
        } else if (checkCaptcha(httpServletRequest, httpServletResponse)) {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
        }
    }

    protected boolean checkCaptcha(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        if (!httpServletRequest.getMethod().equals("POST")) {
            this.authenticationFailureHandlerCallback.onAuthenticationFailure(httpServletRequest, httpServletResponse, new AuthenticationServiceException("Authentication method not supported: " + httpServletRequest.getMethod()));
            return false;
        }
        String obtainCaptcha = obtainCaptcha(httpServletRequest);
        if (null == obtainCaptcha) {
            this.authenticationFailureHandlerCallback.onAuthenticationFailure(httpServletRequest, httpServletResponse, new AuthenticationServiceException("验证码不能为空"));
            return false;
        }
        boolean validate = this.captchaValidateCallback.validate(obtainCaptcha);
        if (validate) {
            return validate;
        }
        this.authenticationFailureHandlerCallback.onAuthenticationFailure(httpServletRequest, httpServletResponse, new AuthenticationServiceException("验证码错误"));
        return false;
    }

    protected String obtainCaptcha(HttpServletRequest httpServletRequest) {
        return httpServletRequest.getParameter(getCaptcha());
    }

    protected boolean requiresAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        if (getLoginMatcher().matches(httpServletRequest)) {
            return true;
        }
        if (!this.logger.isTraceEnabled()) {
            return false;
        }
        this.logger.trace(LogMessage.format("Did not match request to %s", getLoginMatcher()));
        return false;
    }
}
