package com.nariit.pi6000.ua.filter;

import com.google.common.net.HttpHeaders;
import com.nariit.pi6000.framework.util.StringUtil;
import com.nariit.pi6000.ua.session.HttpSessionManager;
import com.nariit.pi6000.ua.util.WebUtil;
import io.dcloud.common.DHInterface.IFeature;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Component;

@Component
/* loaded from: classes3.dex */
public class AuthAccessFilter extends AccessControlFilter {
    static Logger log = LoggerFactory.getLogger(AuthAccessFilter.class);

    @Override // com.nariit.pi6000.ua.filter.AccessControlFilter
    protected boolean isAccessAllowed(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        if (isLoginRequest(servletRequest, servletResponse) || HttpSessionManager.isAuthc(servletRequest)) {
            return true;
        }
        log.info("AuthAccessFilter认证失败,{}  sid:{}", WebUtil.getPathWithinApplication((HttpServletRequest) servletRequest), HttpSessionManager.getSessionId(servletRequest));
        return false;
    }

    @Override // com.nariit.pi6000.ua.filter.AccessControlFilter
    protected boolean onAccessDenied(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        if (!StringUtil.equalsIgnoreCase(((HttpServletRequest) servletRequest).getHeader(HttpHeaders.X_REQUESTED_WITH), IFeature.F_XMLHTTPREQUEST)) {
            saveRequestAndRedirectToLogin(servletRequest, servletResponse);
            return false;
        }
        httpServletResponse.setHeader("sessionstate", "timeout");
        httpServletResponse.setHeader("redirecturl", this.ua.getRedirectUrl(servletRequest));
        return false;
    }
}
