package com.finstone.framework.security.shiro;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.util.WebUtils;

/* loaded from: input_file:com/finstone/framework/security/shiro/CaptchaFormAuthenticationFilter.class */
public class CaptchaFormAuthenticationFilter extends MutiTokenFormAuthenticationFilter {
    public static final String DEFAULT_CAPTCHA_SESSION = "com.finstone.framework.captcha";
    public static final String DEFAULT_CAPTCHA_PARAM = "captcha";
    private String captchaParam = DEFAULT_CAPTCHA_PARAM;
    private boolean enableCaptcha = false;

    public String getCaptchaParam() {
        return this.captchaParam;
    }

    protected String getCaptcha(ServletRequest servletRequest) {
        return WebUtils.getCleanParam(servletRequest, getCaptchaParam());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.finstone.framework.security.shiro.MutiTokenFormAuthenticationFilter
    /* renamed from: createToken */
    public CaptchaUsernamePasswordToken mo30createToken(ServletRequest servletRequest, ServletResponse servletResponse) {
        String username = getUsername(servletRequest);
        String password = getPassword(servletRequest);
        String captcha = getCaptcha(servletRequest);
        return new CaptchaUsernamePasswordToken(username, password != null ? password.toCharArray() : "".toCharArray(), isRememberMe(servletRequest), getHost(servletRequest), getParameterMap((HttpServletRequest) servletRequest), captcha);
    }

    protected boolean executeLogin(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        CaptchaUsernamePasswordToken mo30createToken = mo30createToken(servletRequest, servletResponse);
        try {
            if (this.enableCaptcha) {
                doCaptchaValidate((HttpServletRequest) servletRequest, mo30createToken);
            }
            Subject subject = getSubject(servletRequest, servletResponse);
            subject.login(mo30createToken);
            return onLoginSuccess(mo30createToken, subject, servletRequest, servletResponse);
        } catch (AuthenticationException e) {
            return onLoginFailure(mo30createToken, e, servletRequest, servletResponse);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void doCaptchaValidate(HttpServletRequest httpServletRequest, CaptchaUsernamePasswordToken captchaUsernamePasswordToken) {
        String str = (String) httpServletRequest.getSession().getAttribute(DEFAULT_CAPTCHA_SESSION);
        if (str != null && !str.equalsIgnoreCase(captchaUsernamePasswordToken.getCaptcha())) {
            throw new CaptchaIncorrectException("验证码错误！");
        }
    }

    public void setEnableCaptcha(boolean z) {
        this.enableCaptcha = z;
    }

    public boolean isEnableCaptcha() {
        return this.enableCaptcha;
    }
}
