package io.bdeploy.jersey;

import com.google.common.net.HttpHeaders;
import jakarta.ws.rs.HttpMethod;
import jakarta.ws.rs.container.ContainerRequestContext;
import jakarta.ws.rs.container.ContainerRequestFilter;
import jakarta.ws.rs.container.ContainerResponseContext;
import jakarta.ws.rs.container.ContainerResponseFilter;
import jakarta.ws.rs.container.PreMatching;
import jakarta.ws.rs.core.Response;
import jakarta.ws.rs.ext.Provider;
import java.io.IOException;

@PreMatching
@Provider
/* loaded from: input_file:io/bdeploy/jersey/JerseyCorsFilter.class */
public class JerseyCorsFilter implements ContainerResponseFilter, ContainerRequestFilter {
    @Override // jakarta.ws.rs.container.ContainerRequestFilter
    public void filter(ContainerRequestContext containerRequestContext) throws IOException {
        if (isPreflightRequest(containerRequestContext)) {
            containerRequestContext.abortWith(Response.ok().build());
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static boolean isPreflightRequest(ContainerRequestContext containerRequestContext) {
        return containerRequestContext.getHeaderString("Origin") != null && containerRequestContext.getMethod().equalsIgnoreCase(HttpMethod.OPTIONS);
    }

    @Override // jakarta.ws.rs.container.ContainerResponseFilter
    public void filter(ContainerRequestContext containerRequestContext, ContainerResponseContext containerResponseContext) throws IOException {
        String headerString = containerRequestContext.getHeaderString("Origin");
        if (headerString != null && headerString.contains("localhost")) {
            if (isPreflightRequest(containerRequestContext)) {
                containerResponseContext.getHeaders().add(HttpHeaders.ACCESS_CONTROL_ALLOW_CREDENTIALS, "true");
                containerResponseContext.getHeaders().add(HttpHeaders.ACCESS_CONTROL_ALLOW_METHODS, "GET, POST, PUT, DELETE, OPTIONS, HEAD");
                containerResponseContext.getHeaders().add(HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS, "X-Requested-With, Authorization, Accept-Version, Content-Type, Content-MD5, CSRF-Token, X-No-Global-Error-Handling, ignoreLoadingBar, X-Proxy-Activity-Scope, X-On-Behalf-Of");
            }
            containerResponseContext.getHeaders().add(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, headerString);
        }
    }
}
