package dev.galasa.framework.api.common;

import java.io.PrintWriter;
import java.net.URI;
import java.net.URISyntaxException;
import java.util.ArrayList;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: input_file:dev/galasa/framework/api/common/ResponseBuilder.class */
public class ResponseBuilder {
    protected Log logger;
    private List<String> allowedOrigins;
    private final String ORIGIN_HEADER = "Origin";
    private final String CORS_ALLOW_ORIGIN_HEADER = "Access-Control-Allow-Origin";

    public ResponseBuilder() {
        this(new SystemEnvironment());
    }

    public ResponseBuilder(Environment environment) {
        this.logger = LogFactory.getLog(ResponseBuilder.class);
        this.ORIGIN_HEADER = "Origin";
        this.CORS_ALLOW_ORIGIN_HEADER = "Access-Control-Allow-Origin";
        this.allowedOrigins = getAllowedOriginsAsList(environment.getenv(EnvironmentVariables.GALASA_ALLOWED_ORIGINS));
    }

    public HttpServletResponse buildResponse(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, String str2, int i) {
        HttpServletResponse buildResponseHeaders = buildResponseHeaders(httpServletRequest, httpServletResponse, str, i);
        try {
            PrintWriter writer = buildResponseHeaders.getWriter();
            try {
                writer.print(str2);
                writer.flush();
                if (writer != null) {
                    writer.close();
                }
            } finally {
            }
        } catch (Exception e) {
            this.logger.warn("Failed to build response object. Ignoring.", e);
        }
        return buildResponseHeaders;
    }

    public HttpServletResponse buildResponseHeaders(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, int i) {
        httpServletResponse.setStatus(i);
        httpServletResponse.setContentType(str);
        String validateRequestOrigin = validateRequestOrigin(httpServletRequest);
        if (validateRequestOrigin != null) {
            httpServletResponse.addHeader("Access-Control-Allow-Origin", validateRequestOrigin);
        } else {
            this.logger.info("Not setting 'Access-Control-Allow-Origin' header");
        }
        return httpServletResponse;
    }

    private List<String> getAllowedOriginsAsList(String str) {
        ArrayList arrayList = new ArrayList();
        if (str != null) {
            for (String str2 : str.split(",")) {
                arrayList.add(str2.trim());
            }
        }
        return arrayList;
    }

    private String validateRequestOrigin(HttpServletRequest httpServletRequest) {
        String header = httpServletRequest.getHeader("Origin");
        if (header == null || !isOriginAllowed(header)) {
            this.logger.error("Request origin is not set or is not permitted to receive responses");
            header = null;
        }
        return header;
    }

    private boolean isOriginAllowed(String str) {
        boolean z = false;
        try {
            new URI(str);
            for (String str2 : this.allowedOrigins) {
                z = str2.startsWith("*") ? str.endsWith(str2.substring(1)) : str.equals(str2);
                if (z) {
                    break;
                }
            }
        } catch (URISyntaxException e) {
            this.logger.error("Invalid request origin provided");
            z = false;
        }
        return z;
    }
}
