package org.ogema.impl.security.headers;

import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import org.ogema.accesscontrol.HttpConfig;

/* loaded from: input_file:org/ogema/impl/security/headers/HttpConfigImpl.class */
public class HttpConfigImpl implements HttpConfig {
    private static final String CORS_ALLOWED_ORIGIN_PROP = "org.ogema.webresourcemanager.allowedOrigin";
    private static final String CORS_ALLOW_CREDENTIALS_PROP = "org.ogema.webresourcemanager.allowCredentials";
    private static final String CORS_ALLOW_HEADERS_PROP = "org.ogema.webresourcemanager.allowHeaders";
    private static final String STATIC_REDIRECTS_PROP = "org.ogema.webresourcemanager.staticredirects";
    private static final String STATIC_URI_REDIRECTS_PROP = "org.ogema.webresourcemanager.staticuriredirects";
    static final HttpConfigImpl DEFAULT_CONFIG;
    private final String allowedOrigin;
    private final boolean allowCredentials;
    private final String allowedHeaders;
    private final Map<String, String> staticRedirects;
    private final Map<String, String> staticUriRedirects;
    private final Map<String, String> customHeaders;

    private static String getProperty(boolean z, final String str) {
        return z ? System.getProperty(str) : (String) AccessController.doPrivileged(new PrivilegedAction<String>() { // from class: org.ogema.impl.security.headers.HttpConfigImpl.1
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedAction
            public String run() {
                return System.getProperty(str);
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public HttpConfigImpl(String str, boolean z, String str2, String str3, String str4, Header[] headerArr) {
        this.allowedOrigin = (str == null || str.isEmpty()) ? null : str;
        this.allowCredentials = str == null ? false : z;
        this.allowedHeaders = (str == null || str2 == null || str2.isEmpty()) ? null : str2;
        this.staticRedirects = getRedirects(str3);
        this.staticUriRedirects = getRedirects(str4);
        if (headerArr == null || headerArr.length == 0) {
            this.customHeaders = null;
            return;
        }
        HashMap hashMap = new HashMap(headerArr.length);
        for (Header header : headerArr) {
            String key = header.key();
            String value = header.value();
            if (key != null && value != null) {
                hashMap.put(key, value);
            }
        }
        this.customHeaders = Collections.unmodifiableMap(hashMap);
    }

    public String getAllowedOrigin(HttpServletRequest httpServletRequest) {
        return this.allowedOrigin;
    }

    public boolean isAllowCredentials(HttpServletRequest httpServletRequest) {
        return this.allowCredentials;
    }

    public String getAllowedHeaders(HttpServletRequest httpServletRequest) {
        return this.allowedHeaders;
    }

    public Map<String, String> getRedirects() {
        return this.staticRedirects;
    }

    public Map<String, String> getUriRedirects() {
        return this.staticUriRedirects;
    }

    public Map<String, String> getCustomHeaders(HttpServletRequest httpServletRequest) {
        return this.customHeaders;
    }

    public String toString() {
        StringBuilder sb = new StringBuilder();
        sb.append("HeaderConfig[");
        if (this.allowedOrigin == null) {
            sb.append("CORS disabled");
        } else {
            sb.append("allowedOrigin: ").append(this.allowedOrigin).append(',').append(' ').append("allowCredentials: ").append(this.allowCredentials).append(',').append(' ').append("allowHeaders: ").append(this.allowedHeaders);
        }
        if (this.staticRedirects != null) {
            sb.append(", static redirects: ").append(this.staticRedirects);
        }
        if (this.staticUriRedirects != null) {
            sb.append(", static URI redirects: ").append(this.staticUriRedirects);
        }
        if (this.customHeaders != null) {
            sb.append(", custom headers: ").append(this.customHeaders);
        }
        sb.append(']');
        return sb.toString();
    }

    private static Map<String, String> getRedirects(String str) {
        if (str == null || str.isEmpty()) {
            return null;
        }
        String[] split = str.split(",");
        if (split.length % 2 != 0) {
            return null;
        }
        HashMap hashMap = new HashMap((int) ((split.length / 2) * 1.25d));
        for (int i = 0; i < split.length / 2; i++) {
            String trim = split[2 * i].trim();
            if (!trim.isEmpty()) {
                if (!trim.endsWith("/")) {
                    trim = trim + "/";
                }
                if (trim.charAt(0) != '/') {
                    trim = "/" + trim;
                }
                hashMap.put(trim, split[(2 * i) + 1].trim());
            }
        }
        return Collections.unmodifiableMap(hashMap);
    }

    static {
        boolean z = System.getSecurityManager() != null;
        String property = getProperty(z, CORS_ALLOWED_ORIGIN_PROP);
        DEFAULT_CONFIG = new HttpConfigImpl(property, property != null && "true".equalsIgnoreCase(getProperty(z, CORS_ALLOW_CREDENTIALS_PROP)), property == null ? null : getProperty(z, CORS_ALLOW_HEADERS_PROP), getProperty(z, STATIC_REDIRECTS_PROP), getProperty(z, STATIC_URI_REDIRECTS_PROP), null);
    }
}
