package com.jeesuite.security;

import com.jeesuite.springweb.CurrentRuntimeContext;
import com.jeesuite.springweb.exception.ForbiddenAccessException;
import com.jeesuite.springweb.exception.UnauthorizedException;
import com.jeesuite.springweb.utils.WebUtils;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:com/jeesuite/security/SecurityDelegatingFilter.class */
public class SecurityDelegatingFilter implements Filter {
    private static final String MSG_401_UNAUTHORIZED = "{\"code\": 401,\"msg\":\"401 Unauthorized\"}";
    private static String MSG_403_FORBIDDEN = "{\"code\": 403,\"msg\":\"403 Forbidden\"}";

    public void init(FilterConfig filterConfig) throws ServletException {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        CurrentRuntimeContext.init(httpServletRequest, httpServletResponse);
        try {
            SecurityDelegating.doAuthorization();
            filterChain.doFilter(servletRequest, servletResponse);
        } catch (UnauthorizedException e) {
            if (WebUtils.isAjax(httpServletRequest)) {
                WebUtils.responseOutJson(httpServletResponse, MSG_401_UNAUTHORIZED);
            } else if (SecurityDelegating.getSecurityDecision()._401_Error_Page() == null) {
                WebUtils.responseOutHtml(httpServletResponse, "401 Unauthorized");
            } else {
                httpServletResponse.sendRedirect(String.valueOf(WebUtils.getBaseUrl(httpServletRequest)) + SecurityDelegating.getSecurityDecision()._401_Error_Page());
            }
        } catch (ForbiddenAccessException e2) {
            if (WebUtils.isAjax(httpServletRequest)) {
                WebUtils.responseOutJson(httpServletResponse, MSG_403_FORBIDDEN);
            } else if (SecurityDelegating.getSecurityDecision()._403_Error_Page() == null) {
                WebUtils.responseOutHtml(httpServletResponse, "403 Forbidden");
            } else {
                httpServletResponse.sendRedirect(String.valueOf(WebUtils.getBaseUrl(httpServletRequest)) + SecurityDelegating.getSecurityDecision()._403_Error_Page());
            }
        }
    }

    public void destroy() {
    }
}
