package zipkin.server.internal;

import io.undertow.server.HandlerWrapper;
import io.undertow.server.HttpHandler;
import io.undertow.server.HttpServerExchange;
import io.undertow.util.HeaderMap;
import io.undertow.util.HttpString;
import java.util.Arrays;
import java.util.List;
import java.util.logging.Level;
import java.util.logging.Logger;

/* loaded from: input_file:zipkin/server/internal/CorsHandler.class */
final class CorsHandler implements HttpHandler, HandlerWrapper {
    private static Logger logger = Logger.getLogger(CorsHandler.class.getName());
    static final HttpString OPTIONS = HttpString.tryFromString("OPTIONS");
    static final HttpString ORIGIN = HttpString.tryFromString("origin");
    static final HttpString VARY = HttpString.tryFromString("vary");
    static final HttpString ACCESS_CONTROL_ALLOW_METHODS = HttpString.tryFromString("access-control-allow-methods");
    static final HttpString ACCESS_CONTROL_ALLOW_HEADERS = HttpString.tryFromString("access-control-allow-headers");
    static final HttpString ACCESS_CONTROL_ALLOW_ORIGIN = HttpString.tryFromString("access-control-allow-origin");
    static final HttpString ACCESS_CONTROL_REQUEST_METHOD = HttpString.tryFromString("access-control-request-method");
    static final HttpString ACCESS_CONTROL_REQUEST_HEADERS = HttpString.tryFromString("access-control-request-headers");
    final List<String> allowedOrigins;
    final List<String> allowedHeaders = Arrays.asList("accept", "content-type", "content-encoding", "origin");
    final boolean wildcardOrigin;
    HttpHandler next;

    /* JADX INFO: Access modifiers changed from: package-private */
    public CorsHandler(String str) {
        this.allowedOrigins = Arrays.asList(str.split(","));
        this.wildcardOrigin = this.allowedOrigins.contains("*");
    }

    public void handleRequest(HttpServerExchange httpServerExchange) throws Exception {
        if (isPreflightRequest(httpServerExchange)) {
            handlePreflight(httpServerExchange);
            httpServerExchange.getResponseSender().close();
        } else if (validateOrigin(httpServerExchange)) {
            this.next.handleRequest(httpServerExchange);
        } else {
            httpServerExchange.setStatusCode(403).getResponseSender().send("CORS error\n");
        }
    }

    void handlePreflight(HttpServerExchange httpServerExchange) {
        HeaderMap requestHeaders = httpServerExchange.getRequestHeaders();
        String first = requestHeaders.getFirst(ORIGIN);
        String first2 = requestHeaders.getFirst(ACCESS_CONTROL_REQUEST_METHOD);
        String first3 = requestHeaders.getFirst(ACCESS_CONTROL_REQUEST_HEADERS);
        HeaderMap responseHeaders = httpServerExchange.getResponseHeaders();
        responseHeaders.put(VARY, "origin,access-control-request-method,access-control-request-headers");
        if (("POST".equals(first2) || "GET".equals(first2)) && requestedHeadersAllowed(first3) && setOrigin(first, responseHeaders)) {
            responseHeaders.put(ACCESS_CONTROL_ALLOW_METHODS, first2);
            if (first3 != null) {
                responseHeaders.put(ACCESS_CONTROL_ALLOW_HEADERS, first3);
            }
        }
    }

    boolean requestedHeadersAllowed(String str) {
        if (str == null) {
            return true;
        }
        StringBuilder sb = new StringBuilder();
        int length = str.length();
        for (int i = 0; i < length; i++) {
            char charAt = str.charAt(i);
            if (charAt != ' ') {
                if (charAt >= 'A' && charAt <= 'Z') {
                    charAt = (char) (charAt + ' ');
                }
                if (charAt != ',') {
                    sb.append(charAt);
                }
                if (charAt == ',' || i + 1 == length) {
                    String sb2 = sb.toString();
                    if (!this.allowedHeaders.contains(sb2)) {
                        if (!logger.isLoggable(Level.FINE)) {
                            return false;
                        }
                        logger.fine(sb2 + " is not an allowed header: " + this.allowedHeaders);
                        return false;
                    }
                    sb.setLength(0);
                }
            }
        }
        return true;
    }

    boolean validateOrigin(HttpServerExchange httpServerExchange) {
        HeaderMap responseHeaders = httpServerExchange.getResponseHeaders();
        responseHeaders.put(VARY, "origin");
        String first = httpServerExchange.getRequestHeaders().getFirst(ORIGIN);
        if (first == null) {
            return true;
        }
        return setOrigin(first, responseHeaders);
    }

    private static boolean isPreflightRequest(HttpServerExchange httpServerExchange) {
        HeaderMap requestHeaders = httpServerExchange.getRequestHeaders();
        return httpServerExchange.getRequestMethod().equals(OPTIONS) && requestHeaders.contains(ORIGIN) && requestHeaders.contains(ACCESS_CONTROL_REQUEST_METHOD);
    }

    private boolean setOrigin(String str, HeaderMap headerMap) {
        if ("null".equals(str)) {
            headerMap.put(ACCESS_CONTROL_ALLOW_ORIGIN, "null");
            return true;
        }
        if (this.wildcardOrigin) {
            headerMap.put(ACCESS_CONTROL_ALLOW_ORIGIN, "*");
            return true;
        }
        if (this.allowedOrigins.contains(str)) {
            headerMap.put(ACCESS_CONTROL_ALLOW_ORIGIN, str);
            return true;
        }
        if (!logger.isLoggable(Level.FINE)) {
            return false;
        }
        logger.fine(str + " is not an allowed origin: " + this.allowedOrigins);
        return false;
    }

    public HttpHandler wrap(HttpHandler httpHandler) {
        this.next = httpHandler;
        return this;
    }
}
