package com.xdja.saps.view.system.auth.filter;

import com.xdja.saps.view.system.auth.config.SapsShiroConfig;
import com.xdja.saps.view.system.auth.service.IAuthService;
import com.xdja.saps.view.system.auth.utils.SessionUtils;
import java.io.IOException;
import java.io.Serializable;
import java.util.Deque;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletResponse;
import org.apache.shiro.cache.Cache;
import org.apache.shiro.cache.CacheManager;
import org.apache.shiro.session.mgt.SessionManager;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.filter.AccessControlFilter;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/xdja/saps/view/system/auth/filter/KickOutSessionFilter.class */
public class KickOutSessionFilter extends AccessControlFilter {
    private static final Logger log = LoggerFactory.getLogger(KickOutSessionFilter.class);
    private Cache<String, Deque<Serializable>> cache;
    private final boolean kickoutAfter = false;
    private final SessionManager sessionManager;
    private final IAuthService authService;

    public KickOutSessionFilter(CacheManager cacheManager, SessionManager sessionManager, IAuthService iAuthService) {
        this.cache = cacheManager.getCache(SapsShiroConfig.SHIRO_SESSION_KEY);
        this.sessionManager = sessionManager;
        this.authService = iAuthService;
    }

    protected boolean isAccessAllowed(ServletRequest servletRequest, ServletResponse servletResponse, Object obj) throws Exception {
        return false;
    }

    protected boolean onAccessDenied(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        Subject subject = getSubject(servletRequest, servletResponse);
        if (!subject.isAuthenticated() && !subject.isRemembered()) {
            return true;
        }
        SessionUtils.saveAndKickoutSession(this.cache, false, this.sessionManager, subject);
        if (subject.getSession().getAttribute("kickout") == null) {
            return true;
        }
        subject.logout();
        redirectUrl(servletRequest, servletResponse);
        return false;
    }

    private void redirectUrl(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        httpServletResponse.setHeader("sessionstatus", "timeout");
        httpServletResponse.setStatus(401);
        httpServletResponse.setContentType("application/json;charset=UTF-8");
        httpServletResponse.setHeader("Pragma", "No-cache");
        httpServletResponse.setHeader("Cache-Control", "no-cache");
        httpServletResponse.setDateHeader("Expires", 0L);
        try {
            servletResponse.getWriter().write(this.authService.unAuthenticationContent());
        } catch (IOException e) {
            log.error(String.format("Shiro自定义权限过滤器响应Ajax请求内容异常，原因：%s", e.getMessage()), e);
        }
    }
}
