package com.examstack.portal.security.filter;

import com.examstack.common.domain.exam.Exam;
import com.examstack.common.domain.exam.ExamHistory;
import com.examstack.common.util.StandardPasswordEncoderForSha1;
import com.examstack.portal.security.UserInfo;
import com.examstack.portal.service.ExamService;
import java.util.Date;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.log4j.Logger;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.propertyeditors.CustomBooleanEditor;
import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.util.StringUtils;

/* loaded from: input_file:WEB-INF/classes/com/examstack/portal/security/filter/AuthenticationFilter.class */
public class AuthenticationFilter extends UsernamePasswordAuthenticationFilter {
    public static final String VALIDATE_CODE = "validate_code";
    public static final String USERNAME = "j_username";
    public static final String PASSWORD = "j_password";
    public static final String SERI_NO = "j_seri_no";
    public static final String FLAG = "j_flag";
    private static Logger log = Logger.getLogger(AuthenticationFilter.class);

    @Autowired
    public ExamService examService;

    @Override // org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter, org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
    public Authentication attemptAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws AuthenticationException {
        String obtainSeriNoParameter = obtainSeriNoParameter(httpServletRequest);
        String obtainUsername = obtainUsername(httpServletRequest);
        String obtainPassword = obtainPassword(httpServletRequest);
        String obtainFlagParameter = obtainFlagParameter(httpServletRequest);
        log.info(new StandardPasswordEncoderForSha1().encode(obtainPassword + "{" + obtainUsername + "}"));
        if (!httpServletRequest.getMethod().equals("POST")) {
            throw new AuthenticationServiceException("Authentication method not supported: " + httpServletRequest.getMethod());
        }
        if (obtainSeriNoParameter == null || "".equals(obtainSeriNoParameter)) {
            if (CustomBooleanEditor.VALUE_1.equals(obtainFlagParameter)) {
                throw new AuthenticationServiceException("准考证号码错误！");
            }
            if (!"".equals(obtainUsername) && "".equals(obtainPassword)) {
                throw new AuthenticationServiceException("请输入密码！");
            }
            UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken(obtainUsername, obtainPassword);
            setDetails(httpServletRequest, usernamePasswordAuthenticationToken);
            try {
                Authentication authenticate = getAuthenticationManager().authenticate(usernamePasswordAuthenticationToken);
                if (((UserInfo) authenticate.getPrincipal()).getRolesName().contains("ROLE_STUDENT")) {
                    return authenticate;
                }
                throw new AuthenticationServiceException("管理用户请从后台管理页面登录！");
            } catch (Exception e) {
                throw new AuthenticationServiceException("用户名密码错误！");
            }
        }
        ExamHistory userExamHistBySeriNo = this.examService.getUserExamHistBySeriNo(obtainSeriNoParameter, 1);
        if (userExamHistBySeriNo == null) {
            throw new AuthenticationServiceException("准考证号码错误！");
        }
        String userName = userExamHistBySeriNo.getUserName();
        Exam examById = this.examService.getExamById(userExamHistBySeriNo.getExamId());
        if (examById.getApproved() == 0) {
            throw new AuthenticationServiceException("无法参加一个未审核通过的考试！");
        }
        Date date = new Date();
        if (examById.getEffTime().after(date) || examById.getExpTime().before(date)) {
            throw new AuthenticationServiceException("不在考试时间范围内，不允许使用准考证！");
        }
        if (userExamHistBySeriNo.getApproved() == 0) {
            throw new AuthenticationServiceException("考试申请未审核，请联系管理员！");
        }
        if (userExamHistBySeriNo.getApproved() == 2) {
            throw new AuthenticationServiceException("考试申请审核未通过，不能参加考试！");
        }
        UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken2 = new UsernamePasswordAuthenticationToken(userName, "");
        setDetails(httpServletRequest, usernamePasswordAuthenticationToken2);
        Authentication authentication = null;
        try {
            authentication = getAuthenticationManager().authenticate(usernamePasswordAuthenticationToken2);
            UserInfo userInfo = (UserInfo) authentication.getPrincipal();
            userInfo.setHistId(userExamHistBySeriNo.getHistId());
            userInfo.setExamId(userExamHistBySeriNo.getExamId());
            userInfo.setExamPaperId(userExamHistBySeriNo.getExamPaperId());
        } catch (Exception e2) {
            e2.printStackTrace();
        }
        return authentication;
    }

    protected void checkValidateCode(HttpServletRequest httpServletRequest) {
        String obtainSessionValidateCode = obtainSessionValidateCode(httpServletRequest.getSession());
        String obtainValidateCodeParameter = obtainValidateCodeParameter(httpServletRequest);
        if (StringUtils.isEmpty(obtainValidateCodeParameter) || !obtainSessionValidateCode.equalsIgnoreCase(obtainValidateCodeParameter)) {
            throw new AuthenticationServiceException("验证码错误！");
        }
    }

    protected String obtainSeriNoParameter(HttpServletRequest httpServletRequest) {
        String parameter = httpServletRequest.getParameter(SERI_NO);
        return null == parameter ? "" : parameter.toString().trim().toUpperCase();
    }

    protected String obtainFlagParameter(HttpServletRequest httpServletRequest) {
        String parameter = httpServletRequest.getParameter(FLAG);
        return null == parameter ? "" : parameter.toString().trim().toUpperCase();
    }

    protected String obtainValidateCodeParameter(HttpServletRequest httpServletRequest) {
        String parameter = httpServletRequest.getParameter(VALIDATE_CODE);
        return null == parameter ? "" : parameter.toString().trim().toUpperCase();
    }

    protected String obtainSessionValidateCode(HttpSession httpSession) {
        return null;
    }

    @Override // org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter
    protected String obtainPassword(HttpServletRequest httpServletRequest) {
        String parameter = httpServletRequest.getParameter("j_password");
        return null == parameter ? "" : parameter.toString();
    }

    @Override // org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter
    protected String obtainUsername(HttpServletRequest httpServletRequest) {
        String parameter = httpServletRequest.getParameter("j_username");
        return null == parameter ? "" : parameter.toString().trim().toLowerCase();
    }
}
