package dev.getelements.elements.servlet.security;

import dev.getelements.elements.sdk.model.util.URIs;
import jakarta.inject.Inject;
import jakarta.inject.Named;
import jakarta.servlet.Filter;
import jakarta.servlet.FilterChain;
import jakarta.servlet.FilterConfig;
import jakarta.servlet.ServletException;
import jakarta.servlet.ServletRequest;
import jakarta.servlet.ServletResponse;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
import java.util.HashSet;
import java.util.Set;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:dev/getelements/elements/servlet/security/HttpServletCORSFilter.class */
public class HttpServletCORSFilter implements Filter {
    private static final Logger logger = LoggerFactory.getLogger(HttpServletCORSFilter.class);
    public static final String INTERCEPT = "intercept";
    public static final String INTERCEPT_RESPONSE_CODE = "intercept.response.code";
    private final Set<URI> allowedOrigins = new HashSet();
    private ServletFilterProcessor<HttpServletRequest, HttpServletResponse> processor = this::proceedNormally;

    public void init(FilterConfig filterConfig) throws ServletException {
        if (Boolean.parseBoolean(filterConfig.getInitParameter(INTERCEPT))) {
            String initParameter = filterConfig.getInitParameter(INTERCEPT_RESPONSE_CODE);
            if (initParameter == null) {
                logger.info("Using default intercept response code {}", 204);
                this.processor = (httpServletRequest, httpServletResponse, filterChain) -> {
                    proceedWithIntercept(httpServletRequest, httpServletResponse, filterChain, 204);
                };
                return;
            }
            try {
                int parseInt = Integer.parseInt(initParameter);
                logger.info("Using intercept response code {}", Integer.valueOf(parseInt));
                this.processor = (httpServletRequest2, httpServletResponse2, filterChain2) -> {
                    proceedWithIntercept(httpServletRequest2, httpServletResponse2, filterChain2, parseInt);
                };
            } catch (NumberFormatException e) {
                logger.warn("Invalid intercept response code {}", initParameter);
                this.processor = (httpServletRequest3, httpServletResponse3, filterChain3) -> {
                    proceedWithIntercept(httpServletRequest3, httpServletResponse3, filterChain3, 204);
                };
            }
        }
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        String header = httpServletRequest.getHeader("Origin");
        if (header == null) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        try {
            URI uri = new URI(header);
            if (isWildcard() || getAllowedOrigins().contains(uri)) {
                httpServletResponse.setHeader("Access-Control-Allow-Origin", header);
                httpServletResponse.setHeader("Access-Control-Allow-Headers", "X-HTTP-Method-Override, Content-Type, SocialEngine-SessionSecret, Elements-SessionSecret, Authorization");
                httpServletResponse.setHeader("Access-Control-Allow-Credentials", "true");
                httpServletResponse.setHeader("Access-Control-Allow-Methods", "GET, POST, PUT, PATCH, DELETE");
            }
            this.processor.process(httpServletRequest, httpServletResponse, filterChain);
        } catch (URISyntaxException e) {
            logger.info("Caught bad Origin header {}", header, e);
            filterChain.doFilter(servletRequest, servletResponse);
        }
    }

    private void proceedNormally(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws IOException, ServletException {
        filterChain.doFilter(httpServletRequest, httpServletResponse);
    }

    private void proceedWithIntercept(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain, int i) throws IOException, ServletException {
        if ("OPTIONS".equals(httpServletRequest.getMethod())) {
            httpServletResponse.setStatus(i);
        } else {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
        }
    }

    private boolean isWildcard() {
        return getAllowedOrigins().stream().anyMatch(uri -> {
            return "*".equals(uri.toString());
        });
    }

    public void destroy() {
    }

    public Set<URI> getAllowedOrigins() {
        return this.allowedOrigins;
    }

    @Inject
    public void addDocServeOrigins(@Named("dev.getelements.elements.doc.url") URI uri) throws URISyntaxException {
        this.allowedOrigins.add(URIs.originFor(uri));
    }

    @Inject
    public void addAllowedOrigins(@Named("dev.getelements.elements.cors.allowed.origins") Set<URI> set) {
        this.allowedOrigins.addAll(set);
    }
}
