package com.diboot.iam.jwt;

import com.diboot.core.util.JSON;
import com.diboot.core.util.V;
import com.diboot.core.vo.JsonResult;
import com.diboot.core.vo.Status;
import com.diboot.iam.util.JwtUtils;
import io.jsonwebtoken.Claims;
import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.shiro.web.filter.authc.BasicHttpAuthenticationFilter;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.http.HttpStatus;

/* loaded from: input_file:com/diboot/iam/jwt/DefaultJwtAuthFilter.class */
public class DefaultJwtAuthFilter extends BasicHttpAuthenticationFilter {
    private static final Logger log = LoggerFactory.getLogger(DefaultJwtAuthFilter.class);

    protected boolean isAccessAllowed(ServletRequest servletRequest, ServletResponse servletResponse, Object obj) {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        Claims claimsFromRequest = JwtUtils.getClaimsFromRequest(httpServletRequest);
        if (V.isEmpty(claimsFromRequest)) {
            return false;
        }
        if (!V.notEmpty(claimsFromRequest.getSubject())) {
            log.debug("Token验证失败！url=" + httpServletRequest.getRequestURI());
            return false;
        }
        log.debug("Token验证成功！account={}, url={}", claimsFromRequest.getSubject(), httpServletRequest.getRequestURI());
        String generateNewTokenIfRequired = JwtUtils.generateNewTokenIfRequired(claimsFromRequest);
        if (generateNewTokenIfRequired == null) {
            return true;
        }
        JwtUtils.addTokenToResponseHeader((HttpServletResponse) servletResponse, generateNewTokenIfRequired);
        log.debug("返回新的token: {}", generateNewTokenIfRequired);
        return true;
    }

    protected boolean onAccessDenied(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        log.debug("Token认证失败： onAccessDenied。url={}", ((HttpServletRequest) servletRequest).getRequestURI());
        responseJson((HttpServletResponse) servletResponse, new JsonResult(Status.FAIL_INVALID_TOKEN));
        return false;
    }

    protected void responseJson(HttpServletResponse httpServletResponse, JsonResult jsonResult) {
        httpServletResponse.setStatus(HttpStatus.OK.value());
        httpServletResponse.setContentType("application/json");
        httpServletResponse.setCharacterEncoding("UTF-8");
        try {
            PrintWriter writer = httpServletResponse.getWriter();
            Throwable th = null;
            try {
                try {
                    writer.write(JSON.stringify(jsonResult));
                    writer.flush();
                    if (writer != null) {
                        if (0 != 0) {
                            try {
                                writer.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            writer.close();
                        }
                    }
                } finally {
                }
            } catch (Throwable th3) {
                th = th3;
                throw th3;
            }
        } catch (IOException e) {
            log.error("处理异步请求异常", e);
        }
    }
}
