package io.vertx.ext.web.handler.impl;

import com.hazelcast.client.impl.protocol.EventMessageConst;
import io.vertx.core.http.HttpHeaders;
import io.vertx.core.http.HttpMethod;
import io.vertx.core.http.HttpServerRequest;
import io.vertx.core.http.HttpServerResponse;
import io.vertx.ext.web.RoutingContext;
import io.vertx.ext.web.handler.CorsHandler;
import java.util.Collection;
import java.util.LinkedHashSet;
import java.util.Objects;
import java.util.Set;
import java.util.regex.Pattern;

/* loaded from: input_file:io/vertx/ext/web/handler/impl/CorsHandlerImpl.class */
public class CorsHandlerImpl implements CorsHandler {
    private final Pattern allowedOrigin;
    private String allowedMethodsString;
    private String allowedHeadersString;
    private String exposedHeadersString;
    private boolean allowCredentials;
    private String maxAgeSeconds;
    private final Set<HttpMethod> allowedMethods = new LinkedHashSet();
    private final Set<String> allowedHeaders = new LinkedHashSet();
    private final Set<String> exposedHeaders = new LinkedHashSet();

    public CorsHandlerImpl(String str) {
        Objects.requireNonNull(str);
        if ("*".equals(str)) {
            this.allowedOrigin = null;
        } else {
            this.allowedOrigin = Pattern.compile(str);
        }
    }

    @Override // io.vertx.ext.web.handler.CorsHandler
    public CorsHandler allowedMethod(HttpMethod httpMethod) {
        this.allowedMethods.add(httpMethod);
        this.allowedMethodsString = join(this.allowedMethods);
        return this;
    }

    @Override // io.vertx.ext.web.handler.CorsHandler
    public CorsHandler allowedMethods(Set<HttpMethod> set) {
        this.allowedMethods.addAll(set);
        this.allowedMethodsString = join(this.allowedMethods);
        return this;
    }

    @Override // io.vertx.ext.web.handler.CorsHandler
    public CorsHandler allowedHeader(String str) {
        this.allowedHeaders.add(str);
        this.allowedHeadersString = join(this.allowedHeaders);
        return this;
    }

    @Override // io.vertx.ext.web.handler.CorsHandler
    public CorsHandler allowedHeaders(Set<String> set) {
        this.allowedHeaders.addAll(set);
        this.allowedHeadersString = join(this.allowedHeaders);
        return this;
    }

    @Override // io.vertx.ext.web.handler.CorsHandler
    public CorsHandler exposedHeader(String str) {
        this.exposedHeaders.add(str);
        this.exposedHeadersString = join(this.exposedHeaders);
        return this;
    }

    @Override // io.vertx.ext.web.handler.CorsHandler
    public CorsHandler exposedHeaders(Set<String> set) {
        this.exposedHeaders.addAll(set);
        this.exposedHeadersString = join(this.exposedHeaders);
        return this;
    }

    @Override // io.vertx.ext.web.handler.CorsHandler
    public CorsHandler allowCredentials(boolean z) {
        this.allowCredentials = z;
        return this;
    }

    @Override // io.vertx.ext.web.handler.CorsHandler
    public CorsHandler maxAgeSeconds(int i) {
        this.maxAgeSeconds = i == -1 ? null : String.valueOf(i);
        return this;
    }

    @Override // io.vertx.core.Handler
    public void handle(RoutingContext routingContext) {
        HttpServerRequest request = routingContext.request();
        HttpServerResponse response = routingContext.response();
        String str = routingContext.request().headers().get(HttpHeaders.ORIGIN);
        if (str == null) {
            routingContext.next();
            return;
        }
        if (!isValidOrigin(str)) {
            sendInvalid(request.response());
            return;
        }
        String str2 = request.headers().get(HttpHeaders.ACCESS_CONTROL_REQUEST_METHOD);
        if (request.method() != HttpMethod.OPTIONS || str2 == null) {
            addCredentialsAndOriginHeader(response, str);
            if (this.exposedHeadersString != null) {
                response.putHeader(HttpHeaders.ACCESS_CONTROL_EXPOSE_HEADERS, this.exposedHeadersString);
            }
            routingContext.next();
            return;
        }
        addCredentialsAndOriginHeader(response, str);
        if (this.allowedMethodsString != null) {
            response.putHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_METHODS, this.allowedMethodsString);
        }
        if (this.allowedHeadersString != null) {
            response.putHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS, this.allowedHeadersString);
        }
        if (this.maxAgeSeconds != null) {
            response.putHeader(HttpHeaders.ACCESS_CONTROL_MAX_AGE, this.maxAgeSeconds);
        }
        response.setStatusCode(EventMessageConst.EVENT_ITEM).end();
    }

    private void addCredentialsAndOriginHeader(HttpServerResponse httpServerResponse, String str) {
        if (!this.allowCredentials) {
            httpServerResponse.putHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, getAllowedOrigin(str));
        } else {
            httpServerResponse.putHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_CREDENTIALS, "true");
            httpServerResponse.putHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, str);
        }
    }

    private void sendInvalid(HttpServerResponse httpServerResponse) {
        httpServerResponse.setStatusCode(403).setStatusMessage("CORS Rejected - Invalid origin").end();
    }

    private boolean isValidOrigin(String str) {
        if (this.allowedOrigin == null) {
            return true;
        }
        return this.allowedOrigin.matcher(str).matches();
    }

    private String getAllowedOrigin(String str) {
        return this.allowedOrigin == null ? "*" : str;
    }

    private String join(Collection<?> collection) {
        if (collection == null || collection.isEmpty()) {
            return null;
        }
        StringBuilder sb = new StringBuilder();
        boolean z = true;
        for (Object obj : collection) {
            if (!z) {
                sb.append(',');
            }
            sb.append(obj);
            z = false;
        }
        return sb.toString();
    }
}
