package org.usergrid.rest.utils;

import com.sun.jersey.spi.container.ContainerRequest;
import com.sun.jersey.spi.container.ContainerResponse;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:usergrid-rest-0.0.27.1-classes.jar:org/usergrid/rest/utils/CORSUtils.class */
public class CORSUtils {
    private static final String ACCESS_CONTROL_ALLOW_ORIGIN = "Access-Control-Allow-Origin";
    private static final String ACCESS_CONTROL_ALLOW_CREDENTIALS = "Access-Control-Allow-Credentials";
    private static final String ACCESS_CONTROL_ALLOW_METHODS = "Access-Control-Allow-Methods";
    private static final String ACCESS_CONTROL_ALLOW_HEADERS = "Access-Control-Allow-Headers";
    private static final String ACCESS_CONTROL_REQUEST_METHOD = "access-control-request-method";
    private static final String ACCESS_CONTROL_REQUEST_HEADERS = "access-control-request-headers";
    private static final String ORIGIN_HEADER = "origin";
    private static final String REFERER_HEADER = "referer";

    public static void allowAllOrigins(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        if (httpServletRequest.getHeader(ACCESS_CONTROL_REQUEST_METHOD) != null) {
            Enumeration headers = httpServletRequest.getHeaders(ACCESS_CONTROL_REQUEST_METHOD);
            while (headers.hasMoreElements()) {
                httpServletResponse.addHeader("Access-Control-Allow-Methods", (String) headers.nextElement());
            }
        }
        if (httpServletRequest.getHeader(ACCESS_CONTROL_REQUEST_HEADERS) != null) {
            Enumeration headers2 = httpServletRequest.getHeaders(ACCESS_CONTROL_REQUEST_HEADERS);
            while (headers2.hasMoreElements()) {
                httpServletResponse.addHeader("Access-Control-Allow-Headers", (String) headers2.nextElement());
            }
        }
        boolean z = false;
        if (httpServletRequest.getHeader(ORIGIN_HEADER) != null) {
            Enumeration headers3 = httpServletRequest.getHeaders(ORIGIN_HEADER);
            while (headers3.hasMoreElements()) {
                String str = (String) headers3.nextElement();
                if (str != null) {
                    z = true;
                    httpServletResponse.addHeader("Access-Control-Allow-Origin", str);
                }
            }
        }
        if (z) {
            httpServletResponse.addHeader("Access-Control-Allow-Credentials", "true");
            return;
        }
        String origin = getOrigin(httpServletRequest);
        if (origin == null) {
            httpServletResponse.addHeader("Access-Control-Allow-Origin", "*");
        } else {
            httpServletResponse.addHeader("Access-Control-Allow-Credentials", "true");
            httpServletResponse.addHeader("Access-Control-Allow-Origin", origin);
        }
    }

    public static ContainerResponse allowAllOrigins(ContainerRequest containerRequest, ContainerResponse containerResponse) {
        if (containerRequest.getRequestHeaders().containsKey(ACCESS_CONTROL_REQUEST_METHOD)) {
            Iterator it = ((List) containerRequest.getRequestHeaders().get(ACCESS_CONTROL_REQUEST_METHOD)).iterator();
            while (it.hasNext()) {
                containerResponse.getHttpHeaders().add("Access-Control-Allow-Methods", (String) it.next());
            }
        }
        if (containerRequest.getRequestHeaders().containsKey(ACCESS_CONTROL_REQUEST_HEADERS)) {
            Iterator it2 = ((List) containerRequest.getRequestHeaders().get(ACCESS_CONTROL_REQUEST_HEADERS)).iterator();
            while (it2.hasNext()) {
                containerResponse.getHttpHeaders().add("Access-Control-Allow-Headers", (String) it2.next());
            }
        }
        boolean z = false;
        if (containerRequest.getRequestHeaders().containsKey(ORIGIN_HEADER)) {
            for (String str : (List) containerRequest.getRequestHeaders().get(ORIGIN_HEADER)) {
                if (str != null) {
                    z = true;
                    containerResponse.getHttpHeaders().add("Access-Control-Allow-Origin", str);
                }
            }
        }
        if (z) {
            containerResponse.getHttpHeaders().add("Access-Control-Allow-Credentials", "true");
        } else {
            String origin = getOrigin(containerRequest);
            if (origin != null) {
                containerResponse.getHttpHeaders().add("Access-Control-Allow-Credentials", "true");
                containerResponse.getHttpHeaders().add("Access-Control-Allow-Origin", origin);
            } else {
                containerResponse.getHttpHeaders().add("Access-Control-Allow-Origin", "*");
            }
        }
        return containerResponse;
    }

    public static String getOrigin(String str, String str2) {
        int indexOf;
        if (str != null && !"null".equalsIgnoreCase(str)) {
            return str;
        }
        if (str2 == null || !str2.startsWith("http") || (indexOf = str2.indexOf("//")) == -1) {
            return null;
        }
        int indexOf2 = str2.indexOf(47, indexOf + 2);
        return indexOf2 != -1 ? str2.substring(0, indexOf2) : str2;
    }

    public static String getOrigin(HttpServletRequest httpServletRequest) {
        return getOrigin(httpServletRequest.getHeader(ORIGIN_HEADER), httpServletRequest.getHeader(REFERER_HEADER));
    }

    public static String getOrigin(ContainerRequest containerRequest) {
        return getOrigin(containerRequest.getRequestHeaders().getFirst(ORIGIN_HEADER), containerRequest.getRequestHeaders().getFirst(REFERER_HEADER));
    }
}
