package cn.wizzer.framework.shiro.filter;

import cn.wizzer.framework.shiro.interceptor.ShiroAnnotationsAuthorizingMethodInterceptor;
import java.io.IOException;
import java.lang.reflect.Method;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.aop.MethodInvocation;
import org.apache.shiro.authz.AuthorizationException;
import org.apache.shiro.authz.UnauthenticatedException;
import org.apache.shiro.authz.UnauthorizedException;
import org.nutz.ioc.Ioc;
import org.nutz.lang.Lang;
import org.nutz.log.Log;
import org.nutz.log.Logs;
import org.nutz.mvc.ActionContext;
import org.nutz.mvc.ActionFilter;
import org.nutz.mvc.View;
import org.nutz.mvc.view.DefaultViewMaker;
import org.nutz.mvc.view.ServerRedirectView;
import org.nutz.mvc.view.VoidView;

/* loaded from: input_file:cn/wizzer/framework/shiro/filter/ShiroActionFilter.class */
public class ShiroActionFilter implements ActionFilter {
    private static Log log = Logs.get();
    private View view;
    private View NOT_PERMISSION;

    public View match(final ActionContext actionContext) {
        try {
            log.debug("ShiroActionFilter..............");
            ShiroAnnotationsAuthorizingMethodInterceptor.DEFAULT_AUTH.assertAuthorized(new MethodInvocation() { // from class: cn.wizzer.framework.shiro.filter.ShiroActionFilter.1
                public Object proceed() throws Throwable {
                    throw Lang.noImplement();
                }

                public Object getThis() {
                    return actionContext.getModule();
                }

                public Method getMethod() {
                    return actionContext.getMethod();
                }

                public Object[] getArguments() {
                    return actionContext.getMethodArgs();
                }
            });
            return null;
        } catch (UnauthorizedException e) {
            return permissionFail(actionContext, e);
        } catch (AuthorizationException e2) {
            return permissionFail(actionContext, e2);
        } catch (UnauthenticatedException e3) {
            return whenAuthFail(actionContext, e3);
        }
    }

    public ShiroActionFilter() {
        this.view = new ServerRedirectView("/");
        this.NOT_PERMISSION = new ServerRedirectView("/platform/login");
    }

    public ShiroActionFilter(String str) {
        this.view = new ServerRedirectView("/");
        this.NOT_PERMISSION = new ServerRedirectView("/platform/login");
        if (!str.contains(":")) {
            this.view = new ServerRedirectView(str);
        } else {
            String[] split = str.split(":", 2);
            this.view = new DefaultViewMaker().make((Ioc) null, split[0], split[1]);
        }
    }

    private View whenAuthFail(ActionContext actionContext, AuthorizationException authorizationException) {
        HttpServletRequest request = actionContext.getRequest();
        HttpServletResponse response = actionContext.getResponse();
        String header = request.getHeader("X-Requested-With");
        if (!StringUtils.isNotBlank(header) || !header.equalsIgnoreCase("XMLHttpRequest")) {
            return this.view;
        }
        response.addHeader("loginStatus", "accessDenied");
        try {
            response.sendError(403);
        } catch (IOException e) {
            log.error(e.getMessage());
        }
        return new VoidView();
    }

    private View permissionFail(ActionContext actionContext, AuthorizationException authorizationException) {
        HttpServletRequest request = actionContext.getRequest();
        HttpServletResponse response = actionContext.getResponse();
        String header = request.getHeader("X-Requested-With");
        if (!StringUtils.isNotBlank(header) || !header.equalsIgnoreCase("XMLHttpRequest")) {
            return this.NOT_PERMISSION;
        }
        response.addHeader("loginStatus", "unauthorized");
        try {
            response.sendError(403);
        } catch (IOException e) {
            log.error(e.getMessage());
        }
        return new VoidView();
    }
}
