package com.supwisdom.eams.security.springmvc.exceptionhandler;

import com.supwisdom.eams.infras.shiro.UnauthorizedDataAccessException;
import com.supwisdom.eams.security.log.AuthzFailLogger;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.exception.ExceptionUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authz.AuthorizationException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.stereotype.Component;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.handler.AbstractHandlerExceptionResolver;

@Component
/* loaded from: input_file:com/supwisdom/eams/security/springmvc/exceptionhandler/ShiroExceptionHandler.class */
public class ShiroExceptionHandler extends AbstractHandlerExceptionResolver {
    private AuthzFailLogger authzFailLogger;

    protected ModelAndView doResolveException(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj, Exception exc) {
        if (exc instanceof AuthenticationException) {
            handleAuthenticationException((AuthenticationException) exc, httpServletResponse);
            return null;
        }
        if (exc instanceof UnauthorizedDataAccessException) {
            handleUnauthorizedDataAccessException((UnauthorizedDataAccessException) exc, httpServletResponse);
            return null;
        }
        if (!(exc instanceof AuthorizationException)) {
            return null;
        }
        handleAuthorizationException((AuthorizationException) exc, httpServletResponse);
        return null;
    }

    protected void handleAuthenticationException(AuthenticationException authenticationException, HttpServletResponse httpServletResponse) {
        this.authzFailLogger.logFail("未登陆访问", authenticationException.getMessage(), ExceptionUtils.getStackTrace(authenticationException));
        httpServletResponse.setStatus(HttpStatus.FORBIDDEN.value());
    }

    protected void handleAuthorizationException(AuthorizationException authorizationException, HttpServletResponse httpServletResponse) {
        this.authzFailLogger.logFail("无功能权限", authorizationException.getMessage(), ExceptionUtils.getStackTrace(authorizationException));
        httpServletResponse.setStatus(HttpStatus.UNAUTHORIZED.value());
    }

    protected void handleUnauthorizedDataAccessException(UnauthorizedDataAccessException unauthorizedDataAccessException, HttpServletResponse httpServletResponse) {
        this.authzFailLogger.logFail("无数据权限", unauthorizedDataAccessException.getMessage(), ExceptionUtils.getStackTrace(unauthorizedDataAccessException));
        httpServletResponse.setStatus(HttpStatus.UNAUTHORIZED.value());
    }

    @Autowired
    public void setAuthzFailLogger(AuthzFailLogger authzFailLogger) {
        this.authzFailLogger = authzFailLogger;
    }
}
