package com.humuson.tms.security;

import com.humuson.tms.common.UserLogCode;
import com.humuson.tms.common.util.Allow;
import com.humuson.tms.common.util.ShowObject;
import com.humuson.tms.common.util.TmsRSAUtil;
import com.humuson.tms.exception.UserExpirationDateException;
import com.humuson.tms.model.BaseApiDefiner;
import com.humuson.tms.service.account.UserLogInsertService;
import java.io.IOException;
import java.security.PrivateKey;
import java.util.HashMap;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.web.context.request.RequestContextHolder;

/* loaded from: input_file:com/humuson/tms/security/LoginFailureHandler.class */
public class LoginFailureHandler implements AuthenticationFailureHandler {
    private static final Logger log = LoggerFactory.getLogger(LoginFailureHandler.class);

    @Autowired
    UserLogInsertService userLogInsertService;

    @Autowired
    TmsRSAUtil tmsRSAUtil;

    public void onAuthenticationFailure(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationException authenticationException) throws IOException, ServletException {
        ShowObject.show(httpServletRequest.getParameterMap());
        log.info("AuthenticationException : {}", authenticationException);
        HttpSession session = RequestContextHolder.currentRequestAttributes().getRequest().getSession(true);
        PrivateKey privateKey = (PrivateKey) session.getAttribute("rsaPrivateKey");
        String str = "/login";
        if (authenticationException.getCause() instanceof UserExpirationDateException) {
            httpServletRequest.setAttribute("message", authenticationException.getCause().getMessage());
        } else if ((authenticationException instanceof AuthenticationServiceException) && authenticationException.getMessage().equals("USER_NOT_FOUND")) {
            httpServletRequest.setAttribute("message", "존재하지 않는 사용자입니다.");
        } else if ((authenticationException instanceof AuthenticationServiceException) && authenticationException.getMessage().equals("PWSSWORD_EDIT_DATE")) {
            String parameter = httpServletRequest.getParameter("j_username");
            try {
                parameter = this.tmsRSAUtil.decryptRsa(privateKey, parameter);
            } catch (Exception e) {
            }
            httpServletRequest.setAttribute("user_name", parameter);
            httpServletRequest.setAttribute("message", "비밀번호를 변경한지 3개월이 지났습니다. 비밀번호를 변경해 주십시오.");
            str = "/acc/expirePwdMgr";
        } else if ((authenticationException instanceof AuthenticationServiceException) && authenticationException.getMessage().equals("ADMIN_MODIFY_FLAG_Y")) {
            String parameter2 = httpServletRequest.getParameter("j_username");
            try {
                parameter2 = this.tmsRSAUtil.decryptRsa(privateKey, parameter2);
            } catch (Exception e2) {
            }
            httpServletRequest.setAttribute("user_name", parameter2);
            httpServletRequest.setAttribute("message", "최초 로그인이거나 관리자가 비밀번호를 변경하였습니다. 비밀번호를 변경해 주십시오.");
            str = "/acc/expirePwdMgr";
        } else if ((authenticationException instanceof AuthenticationServiceException) && authenticationException.getMessage().equals("LOCKED")) {
            httpServletRequest.setAttribute("message", "잠금 처리된 계정입니다. 관리자에게 문의해주세요.");
        } else if ((authenticationException instanceof AuthenticationServiceException) && authenticationException.getMessage().equals("NOT_PRIVATE_KEY")) {
            httpServletRequest.setAttribute("message", "잘못된  접근입니다.");
        } else if ((authenticationException instanceof AuthenticationServiceException) && authenticationException.getMessage().equals("PWDERR")) {
            HashMap hashMap = new HashMap();
            String header = httpServletRequest.getHeader("X-FORWARDED-FOR");
            String parameter3 = httpServletRequest.getParameter("j_username");
            try {
                parameter3 = this.tmsRSAUtil.decryptRsa(privateKey, parameter3);
            } catch (Exception e3) {
            }
            if (header == null) {
                header = httpServletRequest.getRemoteAddr();
            }
            hashMap.put("userId", parameter3);
            hashMap.put(BaseApiDefiner.API_RESULT_CODE, UserLogCode.CODE_LOGIN);
            hashMap.put("userIp", header);
            hashMap.put("targetInfo", "FAIL");
            this.userLogInsertService.userLogInsert(hashMap);
            int addLoginErrorCount = this.userLogInsertService.addLoginErrorCount(parameter3);
            if (addLoginErrorCount >= 5) {
                this.userLogInsertService.accountLockUpdate(parameter3, Allow.Y);
            }
            httpServletRequest.setAttribute("message", addLoginErrorCount + "회 로그인에 실패하였습니다.(5회 실패 시 잠김)");
        } else {
            httpServletRequest.setAttribute("message", "로그인에 실패하였습니다. 관리자에게 문의해주세요.");
        }
        session.removeAttribute("rsaPrivateKey");
        httpServletRequest.getRequestDispatcher(str).forward(httpServletRequest, httpServletResponse);
    }
}
