package org.spincast.core.filters;

import com.google.common.collect.Sets;
import com.google.common.net.HttpHeaders;
import java.io.File;
import java.net.URI;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.slf4j.Marker;
import org.spincast.core.cookies.ICookie;
import org.spincast.core.exceptions.SkipRemainingHandlersException;
import org.spincast.core.exchange.IRequestContext;
import org.spincast.core.routing.HttpMethod;
import org.spincast.core.utils.SpincastStatics;
import org.spincast.shaded.org.apache.commons.io.FileUtils;
import org.spincast.shaded.org.apache.commons.lang3.StringUtils;

/* loaded from: input_file:org/spincast/core/filters/SpincastFilters.class */
public class SpincastFilters<R extends IRequestContext<?>> implements ISpincastFilters<R> {
    protected final Logger logger = LoggerFactory.getLogger((Class<?>) SpincastFilters.class);

    @Override // org.spincast.core.filters.ISpincastFilters
    public void saveGeneratedResource(R r, String str) {
        try {
            File file = new File(str);
            if (file.exists()) {
                this.logger.info("The resource already exists. We don't save it here.");
                return;
            }
            if (200 != r.response().getStatusCode()) {
                this.logger.info("Nothing will be saved since the response code is not 200");
            } else if (r.response().isHeadersSent()) {
                this.logger.warn("Headers sent, we can't save a copy of the generated resource! You will have to make sure that you save the generated resource by yourself, otherwise, a new version will be generated for each request!");
            } else {
                FileUtils.writeByteArrayToFile(file, r.response().getUnsentBytes());
            }
        } catch (Exception e) {
            this.logger.error("Unable to save the generated resource '" + str + "' :\n" + SpincastStatics.getStackTrace(e));
        }
    }

    @Override // org.spincast.core.filters.ISpincastFilters
    public void addSecurityHeaders(R r) {
        r.response().addHeaderValue(HttpHeaders.X_FRAME_OPTIONS, "SAMEORIGIN");
        r.response().addHeaderValue("x-content-type-options", "nosniff");
    }

    @Override // org.spincast.core.filters.ISpincastFilters
    public void cors(R r) {
        cors(r, Sets.newHashSet(Marker.ANY_MARKER), null, Sets.newHashSet(Marker.ANY_MARKER), true, Sets.newHashSet(HttpMethod.values()), getCorsDefaultMaxAgeInSeconds());
    }

    @Override // org.spincast.core.filters.ISpincastFilters
    public void cors(R r, Set<String> set) {
        cors(r, set, null, Sets.newHashSet(Marker.ANY_MARKER), true, Sets.newHashSet(HttpMethod.values()), getCorsDefaultMaxAgeInSeconds());
    }

    @Override // org.spincast.core.filters.ISpincastFilters
    public void cors(R r, Set<String> set, Set<String> set2) {
        cors(r, set, set2, Sets.newHashSet(Marker.ANY_MARKER), true, Sets.newHashSet(HttpMethod.values()), getCorsDefaultMaxAgeInSeconds());
    }

    @Override // org.spincast.core.filters.ISpincastFilters
    public void cors(R r, Set<String> set, Set<String> set2, Set<String> set3) {
        cors(r, set, set2, set3, true, Sets.newHashSet(HttpMethod.values()), getCorsDefaultMaxAgeInSeconds());
    }

    @Override // org.spincast.core.filters.ISpincastFilters
    public void cors(R r, Set<String> set, Set<String> set2, Set<String> set3, boolean z) {
        cors(r, set, set2, set3, z, Sets.newHashSet(HttpMethod.values()), getCorsDefaultMaxAgeInSeconds());
    }

    @Override // org.spincast.core.filters.ISpincastFilters
    public void cors(R r, Set<String> set, Set<String> set2, Set<String> set3, boolean z, Set<HttpMethod> set4) {
        cors(r, set, set2, set3, z, set4, getCorsDefaultMaxAgeInSeconds());
    }

    @Override // org.spincast.core.filters.ISpincastFilters
    public void cors(R r, Set<String> set, Set<String> set2, Set<String> set3, boolean z, Set<HttpMethod> set4, int i) {
        String headerFirst = r.request().getHeaderFirst("Origin");
        if (headerFirst == null) {
            return;
        }
        String headerFirst2 = r.request().getHeaderFirst("Host");
        if (headerFirst2 != null) {
            try {
                if (headerFirst2.equals(new URI(headerFirst).getHost())) {
                    return;
                }
            } catch (Exception e) {
                throw SpincastStatics.runtimize(e);
            }
        }
        if (r.response().isHeadersSent()) {
            String str = "Headers already sent: if this is a cors request, it will fail. The request URL is: " + r.request().getFullUrl();
            if (r.request().getHeaderFirst(HttpHeaders.ACCESS_CONTROL_REQUEST_METHOD) != null) {
                this.logger.error(str);
                return;
            } else {
                this.logger.info(str);
                return;
            }
        }
        HashSet hashSet = new HashSet();
        if (set == null) {
            set = new HashSet();
        }
        for (String str2 : set) {
            if (str2 != null) {
                hashSet.add(str2.toLowerCase().trim());
            }
        }
        HashSet hashSet2 = new HashSet();
        if (set2 == null) {
            set2 = new HashSet();
        }
        for (String str3 : set2) {
            if (str3 != null) {
                hashSet2.add(str3.toLowerCase().trim());
            }
        }
        HashSet hashSet3 = new HashSet();
        if (set3 == null) {
            set3 = new HashSet();
        }
        for (String str4 : set3) {
            if (str4 != null) {
                hashSet3.add(str4.toLowerCase().trim());
            }
        }
        if (set4 == null) {
            set4 = new HashSet();
        }
        set4.add(HttpMethod.OPTIONS);
        if (!isCorsOriginValid(r, hashSet)) {
            this.logger.info("Invalid origin for a cors request : " + headerFirst);
            r.response().resetEverything();
            r.response().setStatusCode(200);
            throw new SkipRemainingHandlersException();
        }
        if (!isPreflightRequest(r)) {
            corsCore(r, set, z);
            corsAddExtraHeadersAllowedToBeRead(r, set2);
            return;
        }
        r.response().resetEverything();
        r.response().setStatusCode(200);
        boolean z2 = true;
        if (!isCorsRequestMethodHeaderValid(r, set4)) {
            this.logger.info("Invalid 'Access-Control-Allow-Methods' cors header received : " + r.request().getHeaderFirst(HttpHeaders.ACCESS_CONTROL_REQUEST_METHOD));
            z2 = false;
        }
        if (z2 && !isCorsRequestedHeadersToBeSentValid(r, hashSet3)) {
            this.logger.info("Invalid 'Access-Control-Request-Headers' cors header received : " + r.request().getHeaderFirst(HttpHeaders.ACCESS_CONTROL_REQUEST_HEADERS));
            z2 = false;
        }
        if (z2) {
            corsCore(r, set, z);
            corsAddAllowMethods(r, set4);
            corsAddExtraHeadersAllowedToBeSent(r, set3);
            corsAddMaxAge(r, i);
        }
        throw new SkipRemainingHandlersException();
    }

    protected int getCorsDefaultMaxAgeInSeconds() {
        return 86400;
    }

    protected boolean isCorsOriginValid(R r, Set<String> set) {
        return set.contains(Marker.ANY_MARKER) || set.contains(r.request().getHeaderFirst("Origin").toLowerCase());
    }

    protected void corsCore(R r, Set<String> set, boolean z) {
        corsAddAlloweOrigin(r, set);
        if (z) {
            corsAddAllowCookies(r);
        }
    }

    protected boolean isCorsRequestMethodHeaderValid(R r, Set<HttpMethod> set) {
        String headerFirst;
        String[] split;
        if (set == null || set.size() == 0 || (headerFirst = r.request().getHeaderFirst(HttpHeaders.ACCESS_CONTROL_REQUEST_METHOD)) == null || (split = StringUtils.split(headerFirst, ",")) == null || split.length == 0) {
            return false;
        }
        for (String str : split) {
            HttpMethod fromStringValue = HttpMethod.fromStringValue(str);
            if (fromStringValue == null || !set.contains(fromStringValue)) {
                return false;
            }
        }
        return true;
    }

    protected boolean isCorsRequestedHeadersToBeSentValid(R r, Set<String> set) {
        String[] split;
        String headerFirst = r.request().getHeaderFirst(HttpHeaders.ACCESS_CONTROL_REQUEST_HEADERS);
        if (headerFirst == null || (split = StringUtils.split(headerFirst, ",")) == null || split.length == 0 || set.contains(Marker.ANY_MARKER)) {
            return true;
        }
        if (set == null || set.size() == 0) {
            return false;
        }
        for (String str : split) {
            if (!set.contains(str.toLowerCase().trim())) {
                return false;
            }
        }
        return true;
    }

    protected boolean isPreflightRequest(R r) {
        return r.request().getHttpMethod() == HttpMethod.OPTIONS && r.request().getHeaderFirst(HttpHeaders.ACCESS_CONTROL_REQUEST_METHOD) != null;
    }

    protected void corsAddExtraHeadersAllowedToBeRead(R r, Set<String> set) {
        String str = "";
        if (set != null && set.size() > 0) {
            str = StringUtils.join(set, ",");
        }
        r.response().addHeaderValue(HttpHeaders.ACCESS_CONTROL_EXPOSE_HEADERS, str);
    }

    protected void corsAddExtraHeadersAllowedToBeSent(R r, Set<String> set) {
        String str = "";
        if (set == null || set.size() <= 0) {
            Set<String> defaultHeadersAllowedToBeSent = getDefaultHeadersAllowedToBeSent();
            if (defaultHeadersAllowedToBeSent != null && defaultHeadersAllowedToBeSent.size() > 0) {
                str = StringUtils.join(defaultHeadersAllowedToBeSent, ",");
            }
        } else if (set.contains(Marker.ANY_MARKER)) {
            String headerFirst = r.request().getHeaderFirst(HttpHeaders.ACCESS_CONTROL_REQUEST_HEADERS);
            if (!StringUtils.isBlank(headerFirst)) {
                str = headerFirst;
            }
        } else {
            str = StringUtils.join(set, ",");
        }
        r.response().addHeaderValue(HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS, str);
    }

    protected Set<String> getDefaultHeadersAllowedToBeSent() {
        return null;
    }

    protected void corsAddMaxAge(R r, int i) {
        if (i > 0) {
            r.response().addHeaderValue(HttpHeaders.ACCESS_CONTROL_MAX_AGE, String.valueOf(i));
        }
    }

    protected void corsAddAllowMethods(R r, Set<HttpMethod> set) {
        if (set == null || set.size() == 0) {
            return;
        }
        r.response().addHeaderValue(HttpHeaders.ACCESS_CONTROL_ALLOW_METHODS, StringUtils.join(set, ","));
    }

    protected void corsAddAllowCookies(R r) {
        r.response().addHeaderValue(HttpHeaders.ACCESS_CONTROL_ALLOW_CREDENTIALS, "true");
    }

    protected void corsAddAlloweOrigin(R r, Set<String> set) {
        String headerFirst;
        if (set == null || set.size() == 0) {
            return;
        }
        Map<String, ICookie> cookies = r.cookies().getCookies();
        if ((cookies != null && cookies.size() > 0) || !set.contains(Marker.ANY_MARKER)) {
            headerFirst = r.request().getHeaderFirst("Origin");
            r.response().addHeaderValue("Vary", "Origin");
        } else {
            headerFirst = Marker.ANY_MARKER;
        }
        r.response().addHeaderValue(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN, headerFirst);
    }
}
