package com.axelor.auth;

import com.fasterxml.jackson.databind.ObjectMapper;
import java.io.IOException;
import java.util.Map;
import javax.inject.Inject;
import javax.inject.Named;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.web.filter.authc.FormAuthenticationFilter;
import org.apache.shiro.web.util.WebUtils;

/* loaded from: input_file:com/axelor/auth/AuthFilter.class */
public class AuthFilter extends FormAuthenticationFilter {

    @Inject
    @Named("app.loginUrl")
    private String loginUrl;

    public String getLoginUrl() {
        return this.loginUrl != null ? this.loginUrl : super.getLoginUrl();
    }

    private boolean isRootWithoutSlash(ServletRequest servletRequest) {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        String contextPath = WebUtils.getContextPath(httpServletRequest);
        String requestUri = WebUtils.getRequestUri(httpServletRequest);
        return (contextPath == null || requestUri == null || requestUri.endsWith("/") || contextPath.length() != requestUri.length()) ? false : true;
    }

    public void doFilterInternal(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws ServletException, IOException {
        if (!SecurityUtils.getSubject().isAuthenticated() && isRootWithoutSlash(servletRequest)) {
            WebUtils.issueRedirect(servletRequest, servletResponse, "/");
            return;
        }
        if (isLoginRequest(servletRequest, servletResponse) && SecurityUtils.getSubject().isAuthenticated()) {
            if (isXHR(servletRequest) && isLoginSubmission(servletRequest, servletResponse)) {
                WebUtils.toHttp(servletResponse).setStatus(200);
                return;
            }
            WebUtils.issueRedirect(servletRequest, servletResponse, "/");
        }
        super.doFilterInternal(servletRequest, servletResponse, filterChain);
    }

    protected boolean onAccessDenied(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        servletRequest.setCharacterEncoding("UTF-8");
        if (!isXHR(servletRequest)) {
            return super.onAccessDenied(servletRequest, servletResponse);
        }
        int i = 401;
        if (isLoginRequest(servletRequest, servletResponse) && isLoginSubmission(servletRequest, servletResponse) && doLogin(servletRequest, servletResponse)) {
            i = 200;
        }
        ((HttpServletResponse) servletResponse).setStatus(i);
        return false;
    }

    private boolean doLogin(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        Map map = (Map) new ObjectMapper().readValue(servletRequest.getInputStream(), Map.class);
        try {
            getSubject(servletRequest, servletResponse).login(createToken((String) map.get("username"), (String) map.get("password"), servletRequest, servletResponse));
            return true;
        } catch (AuthenticationException e) {
            return false;
        }
    }

    private boolean isXHR(ServletRequest servletRequest) {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        return "XMLHttpRequest".equals(httpServletRequest.getHeader("X-Requested-With")) || "application/json".equals(httpServletRequest.getHeader("Accept")) || "application/json".equals(httpServletRequest.getHeader("Content-Type"));
    }
}
