package io.jans.configapi.filters;

import io.jans.configapi.model.configuration.CorsConfiguration;
import jakarta.inject.Inject;
import jakarta.servlet.Filter;
import jakarta.servlet.FilterChain;
import jakarta.servlet.ServletException;
import jakarta.servlet.ServletRequest;
import jakarta.servlet.ServletResponse;
import jakarta.servlet.annotation.WebFilter;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.regex.Pattern;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;

@WebFilter(filterName = "CorsFilter", asyncSupported = true, urlPatterns = {"*"})
/* loaded from: input_file:io/jans/configapi/filters/CorsFilter.class */
public class CorsFilter implements Filter {

    @Inject
    private Logger log;

    @Inject
    private CorsConfiguration corsConfiguration;
    private static final Pattern COMMA_SEPARATED_SPLIT_REGEX = Pattern.compile("\\s*,\\s*");
    public static final String ACCESS_CONTROL_REQUEST_METHOD = "Access-Control-Request-Method";
    public static final String ACCESS_CONTROL_ALLOW_HEADERS = "Access-Control-Allow-Headers";
    public static final String ACCESS_CONTROL_REQUEST_HEADERS = "Access-Control-Request-Headers";
    public static final String ACCESS_CONTROL_ALLOW_ORIGIN = "Access-Control-Allow-Origin";
    public static final String ACCESS_CONTROL_ALLOW_CREDENTIALS = "Access-Control-Allow-Credentials";
    public static final String ACCESS_CONTROL_EXPOSE_HEADERS = "Access-Control-Expose-Headers";
    public static final String ACCESS_CONTROL_ALLOW_METHODS = "Access-Control-Allow-Methods";
    public static final String ACCESS_CONTROL_MAX_AGE = "Access-Control-Max-Age";
    public static final String RESPONSE_HEADER_ACCESS_CONTROL_ALLOW_HEADERS = "Access-Control-Allow-Headers";

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        this.log.debug("CorsFilter::doFilter() - corsConfiguration:{}", this.corsConfiguration);
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        String header = httpServletRequest.getHeader("Origin");
        this.log.debug("CorsFilter::doFilter() - origin:{}", header);
        if (this.corsConfiguration == null || StringUtils.isBlank(header) || !this.corsConfiguration.isEnabled()) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        String header2 = httpServletRequest.getHeader(ACCESS_CONTROL_REQUEST_METHOD);
        this.log.debug("CorsFilter::doFilter() - requestedMethods:{}", header2);
        processMethods(httpServletResponse, header2);
        String header3 = httpServletRequest.getHeader(ACCESS_CONTROL_REQUEST_HEADERS);
        this.log.debug("CorsFilter::doFilter() -  requestedHeaders:{}", header3);
        if (StringUtils.isNotBlank(header3)) {
            processRequestedHeaders(httpServletResponse, header3);
        }
        this.log.debug("CorsFilter::doFilter() - corsConfiguration.getAllowedOrigins():{} ", this.corsConfiguration.getAllowedOrigins());
        boolean z = this.corsConfiguration.getAllowedOrigins() == null || this.corsConfiguration.getAllowedOrigins().isEmpty() || this.corsConfiguration.isOriginAllowed(header);
        this.log.debug("CorsFilter::doFilter() - allowOrigin:{} ", Boolean.valueOf(z));
        if (z) {
            this.log.debug("CorsFilter::doFilter() - setting allowOrigin");
            httpServletResponse.addHeader(ACCESS_CONTROL_ALLOW_ORIGIN, header);
        }
        this.log.debug("CorsFilter::doFilter() - corsConfiguration.isSupportsCredentials():{} ", Boolean.valueOf(this.corsConfiguration.isSupportsCredentials()));
        boolean z2 = this.corsConfiguration.isSupportsCredentials() || !(this.corsConfiguration.getAllowedOrigins() == null || !this.corsConfiguration.isOriginAllowed(header) || this.corsConfiguration.getAllowedOrigins().contains("*"));
        this.log.debug("CorsFilter::doFilter() - allowCredentials:{} ", Boolean.valueOf(z2));
        httpServletResponse.addHeader(ACCESS_CONTROL_ALLOW_CREDENTIALS, String.valueOf(z2));
        this.log.debug("CorsFilter::doFilter() - corsConfiguration.getExposedHeaders():{}", this.corsConfiguration.getExposedHeaders());
        Collection exposedHeaders = this.corsConfiguration.getExposedHeaders();
        this.log.debug("CorsFilter::doFilter() - exposedHeaders:{}", exposedHeaders);
        if (exposedHeaders != null && !exposedHeaders.isEmpty()) {
            this.log.debug("CorsFilter::doFilter() - setting exposedHeaders ");
            httpServletResponse.addHeader(ACCESS_CONTROL_EXPOSE_HEADERS, String.join(",", exposedHeaders));
        }
        this.log.debug("CorsFilter::doFilter() - request.getMethod():{} , corsConfiguration.getPreflightMaxAge():{}", httpServletRequest.getMethod(), Long.valueOf(this.corsConfiguration.getPreflightMaxAge()));
        if (!"OPTIONS".equals(httpServletRequest.getMethod())) {
            this.log.debug("CorsFilter::doFilter() - chaining request ");
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        this.log.debug("CorsFilter::doFilter() - OPTIONS method");
        if ((header3 == null && header2 == null) || this.corsConfiguration.getPreflightMaxAge() == 0) {
            return;
        }
        this.log.debug("CorsFilter::doFilter() - setting PreflightMaxAge ");
        httpServletResponse.addHeader(ACCESS_CONTROL_MAX_AGE, String.valueOf(this.corsConfiguration.getPreflightMaxAge()));
    }

    private void processRequestedHeaders(HttpServletResponse httpServletResponse, String str) {
        this.log.debug(" CorsFilter::processRequestedHeaders() - allowHeadersValue:{} , corsConfiguration.getAllowedHttpHeaders():{}", str, this.corsConfiguration.getAllowedHttpHeaders());
        if (this.corsConfiguration.getAllowedHttpHeaders() == null || this.corsConfiguration.getAllowedHttpHeaders().isEmpty()) {
            httpServletResponse.addHeader("Access-Control-Allow-Headers", str);
            return;
        }
        ArrayList arrayList = new ArrayList();
        for (String str2 : COMMA_SEPARATED_SPLIT_REGEX.split(str)) {
            arrayList.add(str2.toLowerCase());
        }
        this.log.debug("CorsFilter::processRequestedHeaders() - requestedHeaders:{}, corsConfiguration.getAllowedHttpHeaders():{}", arrayList, this.corsConfiguration.getAllowedHttpHeaders());
        ArrayList arrayList2 = new ArrayList();
        for (String str3 : this.corsConfiguration.getAllowedHttpHeaders()) {
            this.log.debug("CorsFilter::processRequestedHeaders() - configHeader:{}", str3);
            if (arrayList.contains(str3.toLowerCase())) {
                arrayList2.add(str3);
            }
        }
        this.log.debug("CorsFilter::processRequestedHeaders() - validRequestedHeaders:{}", arrayList2);
        if (arrayList2.isEmpty()) {
            return;
        }
        httpServletResponse.addHeader("Access-Control-Allow-Headers", String.join(",", arrayList2));
    }

    private void processMethods(HttpServletResponse httpServletResponse, String str) {
        this.log.debug(" CorsFilter::processMethods() - allowMethodsValue:{} , corsConfiguration.getAllowedHttpMethods():{} ", str, this.corsConfiguration.getAllowedHttpMethods());
        if (StringUtils.isBlank(str)) {
            return;
        }
        if (this.corsConfiguration.getAllowedHttpMethods() == null || this.corsConfiguration.getAllowedHttpMethods().isEmpty()) {
            httpServletResponse.addHeader(ACCESS_CONTROL_ALLOW_METHODS, str);
            return;
        }
        ArrayList arrayList = new ArrayList();
        for (String str2 : COMMA_SEPARATED_SPLIT_REGEX.split(str)) {
            this.log.debug(" CorsFilter::processMethods() - requestedMethod:{}", str2);
            arrayList.add(str2.toLowerCase());
        }
        this.log.debug(" CorsFilter::processMethods() - requestedMethods:{} , corsConfiguration.getAllowedHttpMethods():{}", arrayList, this.corsConfiguration.getAllowedHttpMethods());
        ArrayList arrayList2 = new ArrayList();
        for (String str3 : this.corsConfiguration.getAllowedHttpMethods()) {
            this.log.debug(" CorsFilter::processMethods() - configMethod:{}", str3);
            if (arrayList.contains(str3.toLowerCase())) {
                this.log.debug(" CorsFilter::processMethods() - validRequestedMethods");
                arrayList2.add(str3);
            }
        }
        this.log.debug(" CorsFilter::processMethods() - validRequestedMethods:{}", arrayList2);
        if (arrayList2.isEmpty()) {
            return;
        }
        httpServletResponse.addHeader(ACCESS_CONTROL_ALLOW_METHODS, String.join(",", arrayList2));
    }
}
