package dev.niubi.commons.security.captcha.image;

import dev.niubi.commons.security.captcha.exception.CaptchaAuthenticationException;
import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.context.support.MessageSourceAccessor;
import org.springframework.lang.Nullable;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.SpringSecurityMessageSource;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.security.web.util.matcher.RequestMatcher;
import org.springframework.util.Assert;
import org.springframework.web.filter.GenericFilterBean;

/* loaded from: input_file:dev/niubi/commons/security/captcha/image/ImageCaptchaVerifyFilter.class */
public class ImageCaptchaVerifyFilter extends GenericFilterBean {
    public static final String SPRING_SECURITY_FORM_VERIFY_CODE_KEY = "captcha";
    protected MessageSourceAccessor messages = SpringSecurityMessageSource.getAccessor();
    private String verifyCodeParameter = SPRING_SECURITY_FORM_VERIFY_CODE_KEY;
    private AuthenticationFailureHandler failureHandler = new SimpleUrlAuthenticationFailureHandler();
    private RequestMatcher requiresAuthenticationRequestMatcher = new AntPathRequestMatcher("/login", "POST");
    private ImageCaptchaValidator captchaValidator = new SessionImageCaptchaValidator();

    public void setVerifyCodeParameter(String str) {
        Assert.hasText(str, "verifyCode parameter must not be empty or null");
        this.verifyCodeParameter = str;
    }

    public void setFailureHandler(AuthenticationFailureHandler authenticationFailureHandler) {
        this.failureHandler = authenticationFailureHandler;
    }

    @Nullable
    protected String obtainVerifyCode(HttpServletRequest httpServletRequest) {
        return httpServletRequest.getParameter(this.verifyCodeParameter);
    }

    public void setCaptchaValidator(ImageCaptchaValidator imageCaptchaValidator) {
        this.captchaValidator = imageCaptchaValidator;
    }

    public final void setRequiresAuthenticationRequestMatcher(RequestMatcher requestMatcher) {
        Assert.notNull(requestMatcher, "requestMatcher cannot be null");
        this.requiresAuthenticationRequestMatcher = requestMatcher;
    }

    protected boolean requiresAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        return this.requiresAuthenticationRequestMatcher.matches(httpServletRequest);
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        if (!requiresAuthentication(httpServletRequest, httpServletResponse)) {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            return;
        }
        String obtainVerifyCode = obtainVerifyCode(httpServletRequest);
        if (obtainVerifyCode == null) {
            obtainVerifyCode = "";
        }
        try {
            if (!this.captchaValidator.valid(httpServletRequest, obtainVerifyCode)) {
                throw new CaptchaAuthenticationException(this.messages.getMessage("CaptchaUsernamePasswordAuthenticationFilter.verifyFailed", "验证码错误"));
            }
            filterChain.doFilter(httpServletRequest, httpServletResponse);
        } catch (CaptchaAuthenticationException e) {
            unsuccessfulAuthentication(httpServletRequest, httpServletResponse, e);
        }
    }

    protected void unsuccessfulAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationException authenticationException) throws IOException, ServletException {
        SecurityContextHolder.clearContext();
        if (this.logger.isDebugEnabled()) {
            this.logger.debug("Cleared security context due to exception", authenticationException);
        }
        httpServletRequest.setAttribute("SPRING_SECURITY_LAST_EXCEPTION", authenticationException);
        if (this.failureHandler != null) {
            this.failureHandler.onAuthenticationFailure(httpServletRequest, httpServletResponse, authenticationException);
        }
    }
}
