package cn.javaer.jany.spring.security;

import java.io.IOException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.util.StringUtils;

/* loaded from: input_file:cn/javaer/jany/spring/security/ForbiddenEntryPoint.class */
public class ForbiddenEntryPoint implements AuthenticationEntryPoint {
    private String redirectUrl;

    public ForbiddenEntryPoint() {
    }

    public ForbiddenEntryPoint(String str) {
        this.redirectUrl = str;
    }

    public void commence(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationException authenticationException) throws IOException {
        String header = httpServletRequest.getHeader("X-Requested-With");
        String header2 = httpServletRequest.getHeader("Accept");
        if ((header2 != null && header2.contains("application/json")) || "XMLHttpRequest".equals(header)) {
            httpServletResponse.setStatus(403);
            httpServletResponse.setContentType("application/json");
            httpServletResponse.getWriter().write("{\"error\":\"FORBIDDEN\"}");
        } else if (StringUtils.hasLength(this.redirectUrl)) {
            httpServletResponse.sendRedirect(this.redirectUrl);
        } else {
            httpServletResponse.sendError(403, "Access Denied");
        }
    }
}
