package com.iteaj.izone.web.shiro;

import javax.servlet.FilterConfig;
import javax.servlet.ServletContext;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.web.filter.AccessControlFilter;
import org.springframework.web.context.ServletContextAware;

/* loaded from: input_file:com/iteaj/izone/web/shiro/AjaxFilter.class */
public class AjaxFilter extends AccessControlFilter implements ServletContextAware {
    private boolean isAjax = false;

    protected boolean isAccessAllowed(ServletRequest servletRequest, ServletResponse servletResponse, Object obj) {
        String header;
        try {
            if (isLoginRequest(servletRequest, servletResponse) || SecurityUtils.getSubject().isAuthenticated() || !(servletRequest instanceof HttpServletRequest) || !(servletResponse instanceof HttpServletResponse) || (header = ((HttpServletRequest) servletRequest).getHeader("x-requested-with")) == null || !header.equalsIgnoreCase("XMLHttpRequest")) {
                return true;
            }
            this.isAjax = true;
            return false;
        } catch (Exception e) {
            e.printStackTrace();
            return true;
        }
    }

    public void setServletContext(ServletContext servletContext) {
        super.setServletContext(servletContext);
    }

    public FilterConfig getFilterConfig() {
        return new NameableFilterConfig("ajax", getServletContext());
    }

    protected boolean onAccessDenied(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        if (!this.isAjax) {
            return true;
        }
        ((HttpServletResponse) servletResponse).sendError(401, getLoginUrl());
        this.isAjax = false;
        return false;
    }
}
