package org.apache.shiro.cas;

import java.io.IOException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.filter.authc.AuthenticatingFilter;
import org.apache.shiro.web.util.WebUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/shiro-cas-1.2.0.jar:org/apache/shiro/cas/CasFilter.class */
public class CasFilter extends AuthenticatingFilter {
    private static Logger logger = LoggerFactory.getLogger(CasFilter.class);
    private static final String TICKET_PARAMETER = "ticket";
    private String failureUrl;

    @Override // org.apache.shiro.web.filter.authc.AuthenticatingFilter
    protected AuthenticationToken createToken(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        return new CasToken(((HttpServletRequest) servletRequest).getParameter(TICKET_PARAMETER));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apache.shiro.web.filter.AccessControlFilter
    public boolean onAccessDenied(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        return executeLogin(servletRequest, servletResponse);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apache.shiro.web.filter.authc.AuthenticatingFilter, org.apache.shiro.web.filter.authc.AuthenticationFilter, org.apache.shiro.web.filter.AccessControlFilter
    public boolean isAccessAllowed(ServletRequest servletRequest, ServletResponse servletResponse, Object obj) {
        return false;
    }

    @Override // org.apache.shiro.web.filter.authc.AuthenticatingFilter
    protected boolean onLoginSuccess(AuthenticationToken authenticationToken, Subject subject, ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        issueSuccessRedirect(servletRequest, servletResponse);
        return false;
    }

    @Override // org.apache.shiro.web.filter.authc.AuthenticatingFilter
    protected boolean onLoginFailure(AuthenticationToken authenticationToken, AuthenticationException authenticationException, ServletRequest servletRequest, ServletResponse servletResponse) {
        Subject subject = getSubject(servletRequest, servletResponse);
        if (subject.isAuthenticated() || subject.isRemembered()) {
            try {
                issueSuccessRedirect(servletRequest, servletResponse);
                return false;
            } catch (Exception e) {
                logger.error("Cannot redirect to the default success url", (Throwable) e);
                return false;
            }
        }
        try {
            WebUtils.issueRedirect(servletRequest, servletResponse, this.failureUrl);
            return false;
        } catch (IOException e2) {
            logger.error("Cannot redirect to failure url : {}", this.failureUrl, e2);
            return false;
        }
    }

    public void setFailureUrl(String str) {
        this.failureUrl = str;
    }
}
