package org.eulerframework.web.module.authentication.filter;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.eulerframework.constant.EulerSysAttributes;
import org.eulerframework.web.module.authentication.util.Captcha;
import org.springframework.security.authentication.InternalAuthenticationServiceException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.util.StringUtils;

/* loaded from: input_file:org/eulerframework/web/module/authentication/filter/CaptchaUsernamePasswordAuthenticationFilter.class */
public class CaptchaUsernamePasswordAuthenticationFilter extends UsernamePasswordAuthenticationFilter {
    public static final String EULER_SECURITY_FORM_SMS_CODE_KEY = "smsCode";
    private String smsCodeParameter = EULER_SECURITY_FORM_SMS_CODE_KEY;
    private boolean enableCaptcha = true;

    public void setEnableCaptcha(boolean z) {
        this.enableCaptcha = z;
    }

    public Authentication attemptAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws AuthenticationException {
        String str = "";
        String str2 = "";
        if (this.enableCaptcha) {
            str = Captcha.getRealCaptcha(httpServletRequest);
            str2 = httpServletRequest.getParameter("captcha");
        }
        if (this.enableCaptcha && (!StringUtils.hasText(str) || !str.equalsIgnoreCase(str2))) {
            throw new InternalAuthenticationServiceException("captcha_error");
        }
        Authentication attemptAuthentication = super.attemptAuthentication(httpServletRequest, httpServletResponse);
        httpServletRequest.getSession().setAttribute(EulerSysAttributes.USER_INFO.value(), attemptAuthentication.getPrincipal());
        return attemptAuthentication;
    }

    protected String obtainPassword(HttpServletRequest httpServletRequest) {
        String obtainPassword = super.obtainPassword(httpServletRequest);
        if (obtainPassword == null) {
            obtainPassword = httpServletRequest.getParameter(this.smsCodeParameter);
        }
        return obtainPassword;
    }
}
