package com.github.dinuta.estuary.testrunner.api;

import com.github.dinuta.estuary.testrunner.constants.EnvConstants;
import com.github.dinuta.estuary.testrunner.constants.HeaderConstants;
import java.io.IOException;
import java.util.UUID;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletResponse;
import org.apache.catalina.connector.RequestFacade;
import org.springframework.http.HttpStatus;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:com/github/dinuta/estuary/testrunner/api/ApiOriginFilter.class */
public class ApiOriginFilter implements Filter {
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        httpServletResponse.addHeader("Access-Control-Allow-Origin", "*");
        httpServletResponse.addHeader("Access-Control-Allow-Methods", "GET, POST, DELETE, PUT");
        httpServletResponse.addHeader("Access-Control-Allow-Headers", "Content-Type");
        String header = ((RequestFacade) servletRequest).getHeader(HeaderConstants.TOKEN);
        String header2 = ((RequestFacade) servletRequest).getHeader(HeaderConstants.X_REQUEST_ID);
        if (header2 == null) {
            header2 = UUID.randomUUID().toString();
        }
        httpServletResponse.addHeader(HeaderConstants.X_REQUEST_ID, header2);
        if (!String.valueOf(header).equals(String.valueOf(System.getenv(EnvConstants.HTTP_AUTH_TOKEN)))) {
            httpServletResponse.sendError(HttpStatus.UNAUTHORIZED.value());
        }
        filterChain.doFilter(servletRequest, servletResponse);
    }

    public void destroy() {
    }

    public void init(FilterConfig filterConfig) throws ServletException {
    }
}
