package com.manydesigns.portofino.dispatcher.security.jwt;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.filter.PathMatchingFilter;
import org.apache.shiro.web.util.WebUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/manydesigns/portofino/dispatcher/security/jwt/JWTFilter.class */
public abstract class JWTFilter extends PathMatchingFilter {
    private static final Logger logger = LoggerFactory.getLogger(JWTFilter.class);

    protected boolean onPreHandle(ServletRequest servletRequest, ServletResponse servletResponse, Object obj) throws Exception {
        Subject subject = SecurityUtils.getSubject();
        if (subject.isAuthenticated()) {
            subject.logout();
        }
        HttpServletRequest http = WebUtils.toHttp(servletRequest);
        HttpServletResponse http2 = WebUtils.toHttp(servletResponse);
        String token = getToken(http, http2, obj);
        if (token == null) {
            http2.setStatus(401);
            return false;
        }
        try {
            subject.login(new JSONWebToken(token));
            return true;
        } catch (AuthenticationException e) {
            logger.warn("Failed JWT authentication to " + ((Object) http.getRequestURL()), e);
            http2.setStatus(401);
            return false;
        }
    }

    protected abstract String getToken(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj);

    protected String getHost(ServletRequest servletRequest) {
        return servletRequest.getRemoteHost();
    }
}
