package org.craftercms.commons.web;

import java.io.IOException;
import java.util.Arrays;
import java.util.Enumeration;
import java.util.LinkedList;
import java.util.List;
import java.util.Objects;
import java.util.stream.Collectors;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.apache.http.HttpStatus;
import org.springframework.http.HttpHeaders;
import org.springframework.util.CollectionUtils;
import org.springframework.web.cors.CorsUtils;
import org.springframework.web.filter.OncePerRequestFilter;

/* loaded from: input_file:WEB-INF/lib/crafter-commons-utilities-3.1.5E.jar:org/craftercms/commons/web/CORSFilter.class */
public class CORSFilter extends OncePerRequestFilter {
    public static final String ALL = "*";
    private String allowOrigins;
    private String allowMethods;
    private String maxAge;
    private String allowHeaders;
    private String allowCredentials;
    private boolean disableCORS = false;

    public void setAllowOrigins(String str) {
        this.allowOrigins = str;
    }

    public void setAllowMethods(String str) {
        this.allowMethods = str;
    }

    public void setMaxAge(String str) {
        this.maxAge = str;
    }

    public void setAllowHeaders(String str) {
        this.allowHeaders = str;
    }

    public void setAllowCredentials(String str) {
        this.allowCredentials = str;
    }

    public String getAllowOrigins() {
        return this.allowOrigins;
    }

    public String getAllowMethods() {
        return this.allowMethods;
    }

    public String getMaxAge() {
        return this.maxAge;
    }

    public String getAllowHeaders() {
        return this.allowHeaders;
    }

    public String getAllowCredentials() {
        return this.allowCredentials;
    }

    public void setDisableCORS(boolean z) {
        this.disableCORS = z;
    }

    public boolean isDisableCORS() {
        return this.disableCORS;
    }

    @Override // org.springframework.web.filter.OncePerRequestFilter
    protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException, IOException {
        boolean isPreFlightRequest = CorsUtils.isPreFlightRequest(httpServletRequest);
        String checkOrigin = checkOrigin(httpServletRequest.getHeader(HttpHeaders.ORIGIN));
        String checkMethod = checkMethod(isPreFlightRequest ? httpServletRequest.getHeader(HttpHeaders.ACCESS_CONTROL_REQUEST_METHOD) : httpServletRequest.getMethod());
        String checkHeaders = checkHeaders(getRequestHeaders(httpServletRequest, isPreFlightRequest));
        if (StringUtils.isEmpty(checkOrigin) || StringUtils.isEmpty(checkMethod) || (isPreFlightRequest && StringUtils.isEmpty(checkHeaders))) {
            rejectRequest(httpServletResponse);
            return;
        }
        httpServletResponse.addHeader("Vary", HttpHeaders.ORIGIN);
        httpServletResponse.addHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, checkOrigin);
        if (isPreFlightRequest) {
            httpServletResponse.addHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_METHODS, this.allowMethods);
            httpServletResponse.addHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS, getAllowHeaders());
        }
        httpServletResponse.addHeader(HttpHeaders.ACCESS_CONTROL_MAX_AGE, getMaxAge());
        httpServletResponse.addHeader(HttpHeaders.ACCESS_CONTROL_ALLOW_CREDENTIALS, getAllowCredentials());
        filterChain.doFilter(httpServletRequest, httpServletResponse);
    }

    @Override // org.springframework.web.filter.OncePerRequestFilter
    protected boolean shouldNotFilter(HttpServletRequest httpServletRequest) {
        return isDisableCORS() || !CorsUtils.isCorsRequest(httpServletRequest);
    }

    protected String checkOrigin(String str) {
        if (StringUtils.isEmpty(str) || StringUtils.isEmpty(getAllowOrigins())) {
            return null;
        }
        if (getAllowOrigins().equals("*")) {
            return Boolean.parseBoolean(getAllowCredentials()) ? str : "*";
        }
        for (String str2 : getAllowOrigins().split(",")) {
            if (str2.equalsIgnoreCase(str)) {
                return str;
            }
        }
        return null;
    }

    protected String checkMethod(String str) {
        String allowMethods = getAllowMethods();
        if (StringUtils.isEmpty(str) || StringUtils.isEmpty(allowMethods)) {
            return null;
        }
        if ("*".equals(allowMethods)) {
            return str;
        }
        if (allowMethods.toLowerCase().contains(str.toLowerCase())) {
            return allowMethods;
        }
        return null;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v15, types: [java.util.List] */
    protected List<String> getRequestHeaders(HttpServletRequest httpServletRequest, boolean z) {
        LinkedList linkedList = new LinkedList();
        if (z) {
            String header = httpServletRequest.getHeader(HttpHeaders.ACCESS_CONTROL_REQUEST_HEADERS);
            if (StringUtils.isNotEmpty(header)) {
                linkedList = Arrays.asList(header.split(","));
            }
        } else {
            Enumeration headerNames = httpServletRequest.getHeaderNames();
            while (headerNames.hasMoreElements()) {
                linkedList.add(headerNames.nextElement());
            }
        }
        return linkedList;
    }

    protected String checkHeaders(List<String> list) {
        String allowHeaders = getAllowHeaders();
        if (CollectionUtils.isEmpty(list) || StringUtils.isEmpty(allowHeaders)) {
            return null;
        }
        return String.join(",", (List) list.stream().filter((v0) -> {
            return StringUtils.isNotEmpty(v0);
        }).map(StringUtils::trim).map(str -> {
            if ("*".equals(allowHeaders) || allowHeaders.toLowerCase().contains(str.toLowerCase())) {
                return str;
            }
            return null;
        }).filter((v0) -> {
            return Objects.nonNull(v0);
        }).collect(Collectors.toList()));
    }

    protected void rejectRequest(HttpServletResponse httpServletResponse) throws IOException {
        httpServletResponse.setStatus(HttpStatus.SC_FORBIDDEN);
        httpServletResponse.getWriter().write("Invalid CORS request");
        httpServletResponse.flushBuffer();
    }

    @Override // org.springframework.web.filter.GenericFilterBean, org.springframework.beans.factory.DisposableBean
    public void destroy() {
    }
}
