package io.tiklab.gateway.boot.starter.cors;

import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.core.annotation.Order;
import org.springframework.stereotype.Component;
import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.RequestMethod;

@Component
@Order(-10)
/* loaded from: input_file:io/tiklab/gateway/boot/starter/cors/CorsFilter.class */
public class CorsFilter implements Filter {
    private static Logger logger = LoggerFactory.getLogger(CorsFilter.class);
    static String[] allowHeaderArr = {"Origin", "No-Cache", "X-Requested-With", "If-Modified-Since", "Pragma", "Last-Modified", "Cache-Control", "Expires", "Content-Type", "X-E4M-With", "userId", "token", "ticket", "appKey", "appSecret", "system", "version", "client", "tenant"};
    static String allowHeader = null;

    public void init(FilterConfig filterConfig) throws ServletException {
        allowHeader = getAllowHeaders();
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        String str = servletRequest.getRemoteHost() + ":" + servletRequest.getRemotePort();
        String header = httpServletRequest.getHeader("fromGateway");
        if (StringUtils.isEmpty(header) || !"true".equals(header)) {
            httpServletResponse.setHeader("Access-Control-Allow-Origin", "*");
            httpServletResponse.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
            httpServletResponse.setHeader("Access-Control-Max-Age", "3600");
            httpServletResponse.setHeader("Access-Control-Allow-Headers", allowHeader);
            httpServletResponse.setHeader("Access-Control-Allow-Credentials", "true");
            httpServletResponse.setHeader("Access-Control-Allow-Private-Network", "true");
            if (RequestMethod.OPTIONS.name().equalsIgnoreCase(httpServletRequest.getMethod())) {
                return;
            }
        }
        filterChain.doFilter(servletRequest, servletResponse);
    }

    public void destroy() {
    }

    String getAllowHeaders() {
        if (allowHeader != null) {
            return allowHeader;
        }
        StringBuilder sb = new StringBuilder();
        for (int i = 0; i < allowHeaderArr.length; i++) {
            sb.append(allowHeaderArr[i]);
            if (i < allowHeaderArr.length - 1) {
                sb.append(",");
            }
        }
        allowHeader = sb.toString();
        return allowHeader;
    }
}
