package org.apache.shiro.web.filter.authc;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.filter.AccessControlFilter;
import org.apache.shiro.web.util.WebUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/shiro/web/filter/authc/FormAuthenticationFilter.class */
public class FormAuthenticationFilter extends AuthenticatingFilter {
    public static final String DEFAULT_ERROR_KEY_ATTRIBUTE_NAME = "shiroLoginFailure";
    public static final String DEFAULT_USERNAME_PARAM = "username";
    public static final String DEFAULT_PASSWORD_PARAM = "password";
    public static final String DEFAULT_REMEMBER_ME_PARAM = "rememberMe";
    private static final Logger log = LoggerFactory.getLogger((Class<?>) FormAuthenticationFilter.class);
    private String usernameParam = DEFAULT_USERNAME_PARAM;
    private String passwordParam = "password";
    private String rememberMeParam = "rememberMe";
    private String failureKeyAttribute = DEFAULT_ERROR_KEY_ATTRIBUTE_NAME;

    public FormAuthenticationFilter() {
        setLoginUrl(AccessControlFilter.DEFAULT_LOGIN_URL);
    }

    @Override // org.apache.shiro.web.filter.AccessControlFilter
    public void setLoginUrl(String str) {
        String loginUrl = getLoginUrl();
        if (loginUrl != null) {
            this.appliedPaths.remove(loginUrl);
        }
        super.setLoginUrl(str);
        if (log.isTraceEnabled()) {
            log.trace("Adding login url to applied paths.");
        }
        this.appliedPaths.put(getLoginUrl(), null);
    }

    public String getUsernameParam() {
        return this.usernameParam;
    }

    public void setUsernameParam(String str) {
        this.usernameParam = str;
    }

    public String getPasswordParam() {
        return this.passwordParam;
    }

    public void setPasswordParam(String str) {
        this.passwordParam = str;
    }

    public String getRememberMeParam() {
        return this.rememberMeParam;
    }

    public void setRememberMeParam(String str) {
        this.rememberMeParam = str;
    }

    public String getFailureKeyAttribute() {
        return this.failureKeyAttribute;
    }

    public void setFailureKeyAttribute(String str) {
        this.failureKeyAttribute = str;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apache.shiro.web.filter.AccessControlFilter
    public boolean onAccessDenied(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        if (!isLoginRequest(servletRequest, servletResponse)) {
            if (log.isTraceEnabled()) {
                log.trace("Attempting to access a path which requires authentication.  Forwarding to the Authentication url [" + getLoginUrl() + "]");
            }
            saveRequestAndRedirectToLogin(servletRequest, servletResponse);
            return false;
        }
        if (isLoginSubmission(servletRequest, servletResponse)) {
            if (log.isTraceEnabled()) {
                log.trace("Login submission detected.  Attempting to execute login.");
            }
            return executeLogin(servletRequest, servletResponse);
        }
        if (!log.isTraceEnabled()) {
            return true;
        }
        log.trace("Login page view.");
        return true;
    }

    protected boolean isLoginSubmission(ServletRequest servletRequest, ServletResponse servletResponse) {
        return (servletRequest instanceof HttpServletRequest) && WebUtils.toHttp(servletRequest).getMethod().equalsIgnoreCase("POST");
    }

    @Override // org.apache.shiro.web.filter.authc.AuthenticatingFilter
    protected AuthenticationToken createToken(ServletRequest servletRequest, ServletResponse servletResponse) {
        return createToken(getUsername(servletRequest), getPassword(servletRequest), servletRequest, servletResponse);
    }

    @Override // org.apache.shiro.web.filter.authc.AuthenticatingFilter
    protected boolean isRememberMe(ServletRequest servletRequest) {
        return WebUtils.isTrue(servletRequest, getRememberMeParam());
    }

    @Override // org.apache.shiro.web.filter.authc.AuthenticatingFilter
    protected boolean onLoginSuccess(AuthenticationToken authenticationToken, Subject subject, ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        issueSuccessRedirect(servletRequest, servletResponse);
        return false;
    }

    @Override // org.apache.shiro.web.filter.authc.AuthenticatingFilter
    protected boolean onLoginFailure(AuthenticationToken authenticationToken, AuthenticationException authenticationException, ServletRequest servletRequest, ServletResponse servletResponse) {
        if (log.isDebugEnabled()) {
            log.debug("Authentication exception", (Throwable) authenticationException);
        }
        setFailureAttribute(servletRequest, authenticationException);
        return true;
    }

    protected void setFailureAttribute(ServletRequest servletRequest, AuthenticationException authenticationException) {
        servletRequest.setAttribute(getFailureKeyAttribute(), authenticationException.getClass().getName());
    }

    protected String getUsername(ServletRequest servletRequest) {
        return WebUtils.getCleanParam(servletRequest, getUsernameParam());
    }

    protected String getPassword(ServletRequest servletRequest) {
        return WebUtils.getCleanParam(servletRequest, getPasswordParam());
    }
}
