package cool.mtc.security.auth.password;

import com.fasterxml.jackson.databind.ObjectMapper;
import cool.mtc.core.result.ResultConstant;
import cool.mtc.core.util.StringUtil;
import cool.mtc.security.SecurityProperties;
import cool.mtc.security.exception.AuthException;
import cool.mtc.security.service.SecurityService;
import java.io.IOException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.http.HttpMethod;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;

/* loaded from: input_file:cool/mtc/security/auth/password/PasswordAuthFilter.class */
public class PasswordAuthFilter extends AbstractAuthenticationProcessingFilter {
    private static final ObjectMapper MAPPER = new ObjectMapper();
    private final SecurityService securityService;

    public PasswordAuthFilter(SecurityProperties securityProperties, SecurityService securityService) {
        super(new AntPathRequestMatcher(securityProperties.getLoginUrlByPassword(), HttpMethod.POST.name()));
        this.securityService = securityService;
    }

    public Authentication attemptAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws AuthenticationException {
        PasswordAuthForm handleCheckParams = handleCheckParams(httpServletRequest);
        if (this.securityService.isVerifyCodeError(handleCheckParams.getVerifyCode())) {
            throw new AuthException(ResultConstant.A0130, "login.verify_code.error");
        }
        PasswordAuthToken passwordAuthToken = new PasswordAuthToken(handleCheckParams.getUsername(), handleCheckParams.getPassword());
        setDetails(httpServletRequest, passwordAuthToken);
        return super.getAuthenticationManager().authenticate(passwordAuthToken);
    }

    private PasswordAuthForm handleCheckParams(HttpServletRequest httpServletRequest) {
        try {
            PasswordAuthForm passwordAuthForm = (PasswordAuthForm) MAPPER.readValue(httpServletRequest.getInputStream(), PasswordAuthForm.class);
            if (StringUtil.isEmpty(passwordAuthForm.getUsername())) {
                throw new AuthException(ResultConstant.A0410, "login.username.required");
            }
            if (StringUtil.isEmpty(passwordAuthForm.getPassword())) {
                throw new AuthException(ResultConstant.A0410, "login.password.required");
            }
            return passwordAuthForm;
        } catch (IOException e) {
            throw new AuthException(ResultConstant.A0402, "login.param.error");
        }
    }

    private void setDetails(HttpServletRequest httpServletRequest, PasswordAuthToken passwordAuthToken) {
        passwordAuthToken.setDetails(this.authenticationDetailsSource.buildDetails(httpServletRequest));
    }
}
