package org.september.taurus.web.filter;

import com.alibaba.fastjson.JSON;
import java.io.IOException;
import java.lang.reflect.Method;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.shiro.web.filter.authc.FormAuthenticationFilter;
import org.apache.shiro.web.util.WebUtils;
import org.september.taurus.aop.annotation.PublicMethod;
import org.september.taurus.common.log.LogHelper;
import org.september.taurus.util.Const;
import org.september.taurus.web.model.ResponseVo;
import org.springframework.beans.factory.BeanFactoryUtils;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerMapping;
import org.springframework.web.servlet.mvc.method.RequestMappingInfo;
import org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping;

/* loaded from: input_file:org/september/taurus/web/filter/AnnotationCheckedFilter.class */
public class AnnotationCheckedFilter extends FormAuthenticationFilter {
    protected final LogHelper logHelper = LogHelper.getLogger(getClass());
    private static List<String> publicUrlList = new ArrayList();

    protected boolean onAccessDenied(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        if ("OPTIONS".equals(httpServletRequest.getMethod())) {
            return true;
        }
        if (!isLoginRequest(servletRequest, servletResponse)) {
            handleNoAuthorizationRequest(servletRequest, servletResponse);
            return false;
        }
        if (isXhr(httpServletRequest)) {
            return false;
        }
        return executeLogin(servletRequest, servletResponse);
    }

    private void handleNoAuthorizationRequest(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        if (isXhr((HttpServletRequest) servletRequest)) {
            responseAjax(httpServletResponse, ResponseVo.BUILDER().setCode(-1).setDesc("未登录或缺少访问权限"));
        } else {
            saveRequestAndRedirectToLogin(servletRequest, servletResponse);
        }
    }

    protected boolean isAccessAllowed(ServletRequest servletRequest, ServletResponse servletResponse, Object obj) {
        if (isPublicMethod(WebUtils.toHttp(servletRequest))) {
            return true;
        }
        return super.isAccessAllowed(servletRequest, servletResponse, obj);
    }

    private boolean isPublicMethod(HttpServletRequest httpServletRequest) {
        if (publicUrlList.contains(httpServletRequest.getRequestURI())) {
            return true;
        }
        if (httpServletRequest.getSession().getServletContext() == null) {
            return false;
        }
        for (RequestMappingHandlerMapping requestMappingHandlerMapping : BeanFactoryUtils.beansOfTypeIncludingAncestors(Const.Web_Application_context, HandlerMapping.class, true, false).values()) {
            if (requestMappingHandlerMapping instanceof RequestMappingHandlerMapping) {
                for (Map.Entry entry : requestMappingHandlerMapping.getHandlerMethods().entrySet()) {
                    RequestMappingInfo requestMappingInfo = (RequestMappingInfo) entry.getKey();
                    Method method = ((HandlerMethod) entry.getValue()).getMethod();
                    PublicMethod publicMethod = (PublicMethod) method.getDeclaringClass().getAnnotation(PublicMethod.class);
                    if (publicMethod == null) {
                        publicMethod = (PublicMethod) method.getAnnotation(PublicMethod.class);
                    }
                    if (publicMethod != null) {
                        String str = String.valueOf(httpServletRequest.getContextPath()) + ((String) requestMappingInfo.getPatternsCondition().getPatterns().iterator().next());
                        if (str.equals(httpServletRequest.getRequestURI())) {
                            System.out.println("public method : " + str);
                            publicUrlList.add(httpServletRequest.getRequestURI());
                            return true;
                        }
                    }
                }
            }
        }
        return false;
    }

    private void responseAjax(HttpServletResponse httpServletResponse, Object obj) {
        try {
            try {
                httpServletResponse.setHeader("Content-type", "text/json;charset=UTF-8");
                httpServletResponse.getOutputStream().write(JSON.toJSONString(obj).getBytes("UTF-8"));
                httpServletResponse.getOutputStream().flush();
                try {
                    httpServletResponse.getOutputStream().close();
                } catch (IOException e) {
                    this.logHelper.getBuilder().error("写流关闭失败", e);
                }
            } catch (IOException e2) {
                this.logHelper.getBuilder().error("Ajax返回值异常", e2);
            }
        } finally {
            try {
                httpServletResponse.getOutputStream().close();
            } catch (IOException e3) {
                this.logHelper.getBuilder().error("写流关闭失败", e3);
            }
        }
    }

    private static boolean isXhr(HttpServletRequest httpServletRequest) {
        return httpServletRequest.getHeader("X-Requested-With") != null;
    }
}
