package org.apache.shiro.web.filter.authc;

import java.io.IOException;
import java.util.Arrays;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.UnauthenticatedException;
import org.apache.shiro.subject.Subject;

/* JADX WARN: Classes with same name are omitted:
  input_file:WEB-INF/lib/shiro-all-1.3.2.jar:org/apache/shiro/web/filter/authc/AuthenticatingFilter.class
 */
/* loaded from: input_file:WEB-INF/lib/shiro-web-1.3.2.jar:org/apache/shiro/web/filter/authc/AuthenticatingFilter.class */
public abstract class AuthenticatingFilter extends AuthenticationFilter {
    public static final String PERMISSIVE = "permissive";

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean executeLogin(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        AuthenticationToken createToken = createToken(servletRequest, servletResponse);
        if (createToken == null) {
            throw new IllegalStateException("createToken method implementation returned null. A valid non-null AuthenticationToken must be created in order to execute a login attempt.");
        }
        try {
            Subject subject = getSubject(servletRequest, servletResponse);
            subject.login(createToken);
            return onLoginSuccess(createToken, subject, servletRequest, servletResponse);
        } catch (AuthenticationException e) {
            return onLoginFailure(createToken, e, servletRequest, servletResponse);
        }
    }

    protected abstract AuthenticationToken createToken(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception;

    /* JADX INFO: Access modifiers changed from: protected */
    public AuthenticationToken createToken(String str, String str2, ServletRequest servletRequest, ServletResponse servletResponse) {
        return createToken(str, str2, isRememberMe(servletRequest), getHost(servletRequest));
    }

    protected AuthenticationToken createToken(String str, String str2, boolean z, String str3) {
        return new UsernamePasswordToken(str, str2, z, str3);
    }

    protected boolean onLoginSuccess(AuthenticationToken authenticationToken, Subject subject, ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        return true;
    }

    protected boolean onLoginFailure(AuthenticationToken authenticationToken, AuthenticationException authenticationException, ServletRequest servletRequest, ServletResponse servletResponse) {
        return false;
    }

    protected String getHost(ServletRequest servletRequest) {
        return servletRequest.getRemoteHost();
    }

    protected boolean isRememberMe(ServletRequest servletRequest) {
        return false;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apache.shiro.web.filter.authc.AuthenticationFilter, org.apache.shiro.web.filter.AccessControlFilter
    public boolean isAccessAllowed(ServletRequest servletRequest, ServletResponse servletResponse, Object obj) {
        return super.isAccessAllowed(servletRequest, servletResponse, obj) || (!isLoginRequest(servletRequest, servletResponse) && isPermissive(obj));
    }

    protected boolean isPermissive(Object obj) {
        return obj != null && Arrays.binarySearch((String[]) obj, PERMISSIVE) >= 0;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apache.shiro.web.servlet.AdviceFilter
    public void cleanup(ServletRequest servletRequest, ServletResponse servletResponse, Exception exc) throws ServletException, IOException {
        if ((exc instanceof UnauthenticatedException) || ((exc instanceof ServletException) && (exc.getCause() instanceof UnauthenticatedException))) {
            try {
                onAccessDenied(servletRequest, servletResponse);
                exc = null;
            } catch (Exception e) {
                exc = e;
            }
        }
        super.cleanup(servletRequest, servletResponse, exc);
    }
}
