package com.zonet.core.common.security;

import com.zonet.core.common.bean.CommonUserBean;
import com.zonet.core.common.exceptionadapter.ServiceException;
import com.zonet.core.common.systemparameter.SysParameter;
import com.zonet.core.common.util.CommonUtil;
import com.zonet.core.common.util.loggerutil.LoggerUtil;
import flexjson.JSONSerializer;
import java.io.IOException;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.StringUtils;
import org.springframework.security.Authentication;
import org.springframework.security.AuthenticationException;
import org.springframework.security.BadCredentialsException;
import org.springframework.security.ui.webapp.AuthenticationProcessingFilter;

/* loaded from: classes.dex */
public class UserAuthenticationProcessingFilter extends AuthenticationProcessingFilter {
    protected final LoggerUtil log = LoggerUtil.getLogger(getClass());
    private SecurityService securityService;

    private boolean isAjaxRequest(HttpServletRequest httpServletRequest) {
        String header = httpServletRequest.getHeader("x-requested-with");
        return StringUtils.isNotEmpty(header) && header.equals("XMLHttpRequest");
    }

    public Authentication attemptAuthentication(HttpServletRequest httpServletRequest) throws AuthenticationException {
        String parameter = httpServletRequest.getParameter("j_captcha");
        if (CommonUtil.empty(parameter)) {
            parameter = "";
        }
        String str = (String) httpServletRequest.getSession().getAttribute("KAPTCHA_SESSION_KEY");
        if (CommonUtil.empty(str)) {
            str = "";
        }
        if ("true".equalsIgnoreCase(SysParameter.paraMap.get("security_nocredentials")) || parameter.equals(str)) {
            return super.attemptAuthentication(httpServletRequest);
        }
        throw new BadCredentialsException(this.messages.getMessage("AbstractUserDetailsAuthenticationProvider.badCredentials", "Bad credentials"));
    }

    public SecurityService getSecurityService() {
        return this.securityService;
    }

    protected void onSuccessfulAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) throws IOException {
        try {
            CommonUserBean findUserBean = this.securityService.findUserBean(obtainUsername(httpServletRequest), true);
            findUserBean.parseClientInfo(httpServletRequest);
            this.log.debug("onSuccessfulAuthentication得到用户ID:" + findUserBean.getId());
            List<Map> findRightListByUserId = this.securityService.findRightListByUserId(findUserBean.getId());
            HashMap hashMap = new HashMap();
            Iterator<Map> it = findRightListByUserId.iterator();
            while (it.hasNext()) {
                hashMap.put((String) it.next().get("rightKey"), Boolean.TRUE);
            }
            findUserBean.setFunKeyMap(hashMap);
            httpServletRequest.getSession().setAttribute(CommonUserBean.BEAN_NAME, findUserBean);
        } catch (ServiceException e) {
            this.log.error("登录验证成功后处理发生错误.");
        }
    }

    protected void onUnsuccessfulAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationException authenticationException) throws IOException {
    }

    protected void sendRedirect(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) throws IOException {
        if (!isAjaxRequest(httpServletRequest)) {
            super.sendRedirect(httpServletRequest, httpServletResponse, str);
            return;
        }
        HashMap hashMap = new HashMap();
        hashMap.put("success", Boolean.valueOf(str.equals(determineTargetUrl(httpServletRequest))));
        hashMap.put("redirectUrl", str);
        httpServletResponse.setCharacterEncoding("UTF-8");
        httpServletResponse.getWriter().print(new JSONSerializer().serialize(hashMap));
    }

    public void setSecurityService(SecurityService securityService) {
        this.securityService = securityService;
    }
}
