package com.github.kaizen4j.shiro.filter;

import com.github.kaizen4j.common.constant.HttpCodeEnum;
import com.github.kaizen4j.common.entity.CommonResponse;
import com.github.kaizen4j.common.util.JsonUtils;
import java.io.IOException;
import java.io.PrintWriter;
import java.nio.charset.StandardCharsets;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.ShiroException;
import org.apache.shiro.authz.AuthorizationException;
import org.apache.shiro.web.filter.AccessControlFilter;
import org.apache.shiro.web.util.WebUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/github/kaizen4j/shiro/filter/AuthorizationFilter.class */
public abstract class AuthorizationFilter extends AccessControlFilter {
    private static final Logger logger = LoggerFactory.getLogger(AuthorizationFilter.class);
    private static final String DEFAULT_ERROR_KEY_ATTRIBUTE_NAME = "shiroFailure";
    private String failureKeyAttribute = DEFAULT_ERROR_KEY_ATTRIBUTE_NAME;

    public boolean onPreHandle(ServletRequest servletRequest, ServletResponse servletResponse, Object obj) throws Exception {
        try {
            return super.onPreHandle(servletRequest, servletResponse, obj);
        } catch (AuthorizationException e) {
            setFailureAttribute(servletRequest, e);
            handleExceptionIfNecessary(servletRequest, servletResponse, e);
            return onAccessDenied(servletRequest, servletResponse);
        }
    }

    protected boolean onAccessDenied(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        WebUtils.saveRequest(servletRequest);
        return false;
    }

    public String getFailureKeyAttribute() {
        return this.failureKeyAttribute;
    }

    public void setFailureKeyAttribute(String str) {
        this.failureKeyAttribute = str;
    }

    protected void setFailureAttribute(ServletRequest servletRequest, AuthorizationException authorizationException) {
        servletRequest.setAttribute(getFailureKeyAttribute(), authorizationException.getClass().getName());
    }

    protected void handleExceptionIfNecessary(ServletRequest servletRequest, ServletResponse servletResponse, ShiroException shiroException) {
        HttpServletRequest http = WebUtils.toHttp(servletRequest);
        HttpServletResponse http2 = WebUtils.toHttp(servletResponse);
        if (!StringUtils.contains(http.getHeader("Content-Type"), "application/json")) {
            if (logger.isDebugEnabled()) {
                logger.debug("Http request ContentType not match 'application/json' then thrown exception");
            }
            throw shiroException;
        }
        CommonResponse accessDenied = CommonResponse.accessDenied();
        accessDenied.setError(shiroException.getMessage());
        writeResponse(http2, accessDenied);
    }

    protected void writeResponse(HttpServletResponse httpServletResponse, Object obj) {
        httpServletResponse.setCharacterEncoding(StandardCharsets.UTF_8.displayName());
        httpServletResponse.setContentType("application/json");
        try {
            PrintWriter writer = httpServletResponse.getWriter();
            try {
                writer.print(JsonUtils.toJson(obj));
                writer.flush();
                if (writer != null) {
                    writer.close();
                }
            } finally {
            }
        } catch (IOException e) {
            logger.error("PrintWriter response body '{}' thrown exception", JsonUtils.toJson(obj), e);
            httpServletResponse.setStatus(HttpCodeEnum.INTERNAL_SERVER_ERROR.getCode().intValue());
        }
    }
}
