package org.sdase.commons.spring.boot.web.security.validation;

import org.apache.catalina.connector.Connector;
import org.sdase.commons.spring.boot.web.security.exception.InsecureConfigurationException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.boot.web.context.WebServerInitializedEvent;
import org.springframework.boot.web.embedded.tomcat.TomcatWebServer;
import org.springframework.boot.web.server.WebServer;
import org.springframework.context.ApplicationListener;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:org/sdase/commons/spring/boot/web/security/validation/HttpMethodsSecurityAdvice.class */
public class HttpMethodsSecurityAdvice implements ApplicationListener<WebServerInitializedEvent> {
    private static final Logger LOG = LoggerFactory.getLogger(HttpMethodsSecurityAdvice.class);

    public void onApplicationEvent(WebServerInitializedEvent webServerInitializedEvent) {
        assertWebServerDoesNotAllowTrace(webServerInitializedEvent.getWebServer());
    }

    private static void assertWebServerDoesNotAllowTrace(WebServer webServer) {
        if (!(webServer instanceof TomcatWebServer)) {
            LOG.warn("Security for web server of type {} is not supported yet.", webServer.getClass().getSimpleName());
            return;
        }
        for (Connector connector : ((TomcatWebServer) webServer).getTomcat().getService().findConnectors()) {
            assertTomcatDoesNotAllowTrace(connector);
        }
    }

    private static void assertTomcatDoesNotAllowTrace(Connector connector) {
        if (connector.getAllowTrace()) {
            throw new InsecureConfigurationException("The server accepts insecure methods.");
        }
    }
}
